diff --git a/docs/ht/colors.json b/docs/ht/colors.json index b65d088..1919c8f 100644 --- a/docs/ht/colors.json +++ b/docs/ht/colors.json @@ -1 +1 @@ -{"colors":["#069622","#0bdd35","#14a25a","#1A3487","#234af8","#2369F5","#24B932","#2581c0","#2880b9","#2d40ff","#3bcbbf","#3d5891","#48afa8","#4C82B6","#5da690","#5e3c26","#65AA57","#69814C","#6cb7b6","#7274a6","#752A1D","#7F2390","#83D1B8","#86426F","#904807","#9255ee","#9e33ca","#a271c8","#a39762","#adc2dc","#b238fd","#b32f2c","#b57b5d","#bd2b79","#bebcfb","#d72dad","#da609d","#da752a","#ec8041","#ed46de","#f38147"]} \ No newline at end of file +{"colors":["#069622","#08bd4e","#0bdd35","#0e7bb1","#1033FB","#103CF7","#110EF0","#11509D","#118503","#11DDBC","#146213","#149CF9","#14a25a","#1571EC","#1575B1","#162AE3","#16509F","#1940B1","#1944d5","#199494","#19C03A","#19C7E3","#1A3291","#1A3487","#1AD1DD","#1BAB15","#1CD16A","#1D06FF","#1DBF68","#1DE25D","#1E246B","#1E3A0E","#1E53FF","#1E672D","#1FD740","#1FEA54","#1d2176","#2036A8","#20CD52","#20ae8c","#21C133","#2221BF","#228504","#22CAB9","#234af8","#2369F5","#23F7E6","#24147A","#242438","#24669E","#24B932","#24C680","#2581c0","#25C418","#274EB2","#275BF0","#27A9B6","#287546","#2880b9","#289531","#28C78F","#297437","#29A340","#29C7AD","#2A9838","#2A9A5D","#2B5A0D","#2BD2B0","#2C7F0B","#2DB307","#2EF0EE","#2F32EB","#2F9CAA","#2b7c3c","#2c0692","#2d40ff","#303C7C","#306E85","#30DD44","#315274","#3174DF","#31976C","#31E08C","#31E108","#3249E4","#324BEC","#34037B","#3423FA","#342C54","#344E50","#35B182","#35D4C1","#36035B","#3688BB","#36cfbe","#37839D","#38FF0B","#393825","#39D4EE","#3A2C83","#3B1173","#3BAB4D","#3C6738","#3C97A1","#3D3A6A","#3E8132","#3FB919","#3a8193","#3bab85","#3bcbbf","#3d5445","#3d5891","#403DFB","#40EA95","#410830","#4156B2","#41AD1C","#4205E6","#427d65","#434AC8","#437358","#438D2A","#43D116","#4436E2","#44A475","#450D1F","#453724","#45C6FE","#461010","#469713","#474B56","#476594","#481357","#488ffb","#489bc1","#48F690","#48afa8","#495959","#49F55B","#4A7EA5","#4AA3B6","#4B458E","#4B850D","#4C82B6","#4C9DB4","#4D4871","#4D8E74","#4DB418","#4DE4A4","#4DF821","#4E1FA0","#4F2970","#4a577c","#4a9747","#4a98fb","#50691E","#50F69A","#50acea","#514AA8","#514E34","#51B5C0","#51BEBE","#521660","#52E4BE","#52ECB0","#534B52","#53947B","#54BCE1","#54DC60","#55181A","#553877","#563D93","#57A2A4","#57C171","#5871A3","#58997C","#58A092","#58DE33","#592E4F","#593077","#5A45CC","#5AE573","#5C4752","#5CDEBA","#5D75D2","#5E6335","#5F0E63","#5F7E11","#5a2a68","#5da690","#5e3c26","#611AD0","#6138E7","#616EDC","#6170E2","#6204FD","#6257F2","#6269F3","#63AFA9","#63b4bd","#65AA57","#662439","#663B9B","#66b05f","#6712B2","#671306","#676786","#67F391","#688CDF","#69814C","#6AB10C","#6B9B00","#6C0C8C","#6C6CFF","#6D5F7C","#6DFC39","#6DFE9E","#6E5624","#6F6BCD","#6bced8","#6bdba4","#6cb7b6","#6ed899","#6f7b7d","#703240","#706068","#706BC0","#70BBD3","#70D3B0","#710D03","#7133F0","#716530","#71bae9","#7274a6","#728841","#72A052","#73DC80","#742C07","#74638B","#7497F0","#750E9B","#752A1D","#75C991","#75F681","#764756","#7685B9","#76BE51","#76FB39","#776B25","#78978B","#789F2A","#795c49","#79A9EC","#79f0a4","#7A430F","#7A5242","#7ABB83","#7AF422","#7B8000","#7C7111","#7CD352","#7CDC5D","#7D0796","#7DAE5E","#7DFC69","#7E3A90","#7EB696","#7F2390","#7F3CDA","#7fe968","#80B5DF","#80EF22","#8175BA","#820E47","#825A76","#826392","#8340AC","#8370db","#83A413","#83D1B8","#83D88F","#83E079","#844169","#8479B4","#848EFA","#84E032","#851a4b","#85fed9","#86426F","#869930","#870BF1","#87DE54","#886EB7","#88A6F3","#88E221","#89D2F2","#8A0DC4","#8A0E69","#8AFA3A","#8B8AD8","#8C31A4","#8CB480","#8CEBC4","#8D6A0A","#8D7C74","#8DC701","#8E370F","#8F0F6D","#8F1013","#8a3c43","#8d9a52","#904807","#90bd49","#9138bf","#91D140","#91F06A","#9255ee","#92da10","#938DD2","#93F97C","#9448C6","#947016","#9587E0","#965413","#96FD6E","#970C06","#978cf6","#97B799","#9895BA","#98ce92","#990c11","#9BF270","#9E7180","#9e33ca","#9ea9fb","#A89240","#A8C8F0","#B41FC0","#BA7D70","#C57700","#F1D7C0","#F67560","#F87C00","#a0b139","#a271c8","#a39762","#a466cb","#a833a8","#a9f396","#adc2dc","#ae0966","#af0be6","#b0b875","#b166e1","#b238fd","#b299f7","#b32f2c","#b57b5d","#b86887","#ba155c","#bd2b79","#bebcfb","#c0e155","#cc2b6f","#cea3ba","#d361df","#d57113","#d72dad","#d91a00","#da609d","#da752a","#dc97c2","#dcd935","#dd96d5","#df2108","#dfed61","#e09b70","#e3cdbb","#e45a61","#e6ad79","#e84cbc","#eb7c70","#ec8041","#ed46de","#eeb998","#efb456","#f0cce0","#f38147","#f3aa50","#f42ea3","#f53c55","#f6974f","#f76169","#f8b37d","#f9bb81","#fd6da2","#fdb565","#fe9076","#fe909e","#ff7f04","#ffffff"]} \ No newline at end of file diff --git a/docs/ht/conferences/DEFCON32/events.json b/docs/ht/conferences/DEFCON32/events.json index 2610baa..101e0ce 100644 --- a/docs/ht/conferences/DEFCON32/events.json +++ b/docs/ht/conferences/DEFCON32/events.json @@ -1 +1 @@ -[{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"DEF CON Closing Ceremonies & Awards","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-12T00:45:00Z","end_timestamp":{"seconds":1723423500,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1720319894,"nanoseconds":0},"speakers":[{"content_ids":[54523,54446,54436,54542,54574],"conference_id":133,"event_ids":[54809,54819,54896,54949,54915],"name":"Jeff \"The Dark Tangent\" Moss","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DEF CON Communications","title":""}],"pronouns":null,"links":[{"description":"","title":"Mastodon (@thedarktangent@defcon.social)","sort_order":0,"url":"https://defcon.social/@thedarktangent"},{"description":"","title":"Twitter (@thedarktangent)","sort_order":0,"url":"https://twitter.com/thedarktangent"}],"media":[{"hash_sha256":"f53ed4086958b3703d597c50fe74eef1800cf474aa3d17c0895bf89d6c05716f","filetype":"image/jpeg","hash_md5":"8104a1f4b82a4241208b7f6b9112ebf2","name":"thedarktangent_avatar.jpeg","hash_crc32c":"4ae7af86","asset_id":689,"filesize":2064,"sort_order":1,"url":"https://info.defcon.org/blobs/thedarktangent_avatar.jpeg","person_id":52629}],"id":52629,"title":"DEF CON Communications"}],"begin_tsz":"2024-08-11T22:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T02:38:14Z","links":[],"end":"2024-08-12T00:45:00.000-0000","id":54915,"tag_ids":[46166,46419],"village_id":null,"begin_timestamp":{"seconds":1723413600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":52629}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01:02 (Tracks 1-2)","hotel":"","short_name":"HW1-11-01:02 (Tracks 1-2)","id":46320},"spans_timebands":"N","begin":"2024-08-11T22:00:00.000-0000","updated":"2024-07-07T02:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this study, we delve into the darker aspects of railway technology, revealing how easily accessible domestic hardware tools can compromise the seemingly infallible robustness of signaling systems. We demonstrate how these accessible technologies can be utilized to devise strategies that potentially threaten train circulation in Spain. Our research presents a critical analysis of the vulnerabilities present in the railway signaling systems, highlighting the ease with which these systems can be tampered with, using tools that are readily available to the general public. Through a combination of theoretical insights and practical demonstrations, we offer a comprehensive overview of the risks associated with such vulnerabilities.\r\n\r\nOur findings aim to raise awareness among stakeholders in the railway industry, prompting a reevaluation of current security measures and encouraging the adoption of more stringent protections against such threats. This paper contributes to the ongoing discussion in the cybersecurity community, offering valuable insights into the potential risks facing modern transportation infrastructures and suggesting avenues for future research and development in railway system security.\r\n\r\nWe consider this work to be innovative on a type of system that has been present for over half a century in railway infrastructures. Therefore, the references provided are primarily about the operation of the systems and relevant news concerning them.\r\n\r\n1. [link](https://www.sepsamedha.com/on-board-systems/asfa/)\r\n2. [link](http://www.railway-technical.com/signalling/train-protection.html)\r\n3. [link](https://www.seguridadferroviaria.es/recursos_aesf/4CAB0E7F-4C5F-404A-A2DC-3E033FDD2BC9/144051/033ETASFAdigital2008.pdf)\r\n4. [link](https://www.linkedin.com/pulse/asfa-digital-sepsamedha/)\r\n5. [link](http://electronicapascual.com/blog/?p=3129)\r\n6. [link](https://en.wikipedia.org/wiki/Punktf%C3%B6rmige_Zugbeeinflussung)\r\n7. [link](https://en.wikipedia.org/wiki/Intermittent_inductive_automatic_train_stop)\r\n8. [link](https://en.wikipedia.org/wiki/Santiago_de_Compostela_derailment)\r\n9. [link](https://en.wikipedia.org/wiki/Contr%C3%B4le_de_vitesse_par_balises)\r\n10. [link](https://www.eldiario.es/sociedad/alvia-adif-renfe-asfa-digital_1_5758584.html)\r\n11. [link](https://www.diariodenavarra.es/noticias/navarra/2022/03/31/25-aniversario-accidente-tren-uharte-arakil-522467-300.html)\r\n12. [link](http://descargas.adif.es/ade/u18/GCN/NormativaTecnica.nsf/v0/E9811579073E406CC1257E81003BDD76/$FILE/ET%2003.365.008.6_2015.pdf?OpenElement)\r\n13. [link](http://descargas.adif.es/ade/u18/GCN/NormativaTecnica.nsf/v0/E875C349AD1DE569C125840B00379B26/$FILE/ET%2003.365.008.6%20ASFA%20Digital%20Embarcado+M1+M2.pdf?OpenElement)\r\n14. [link](https://www.youtube.com/watch?app=desktop&v=2zY_zlOoieE)\r\n\n\n\n","media":[],"title":"Abusing legacy railroad signaling systems","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T21:45:00Z","end_timestamp":{"seconds":1723412700,"nanoseconds":0},"android_description":"In this study, we delve into the darker aspects of railway technology, revealing how easily accessible domestic hardware tools can compromise the seemingly infallible robustness of signaling systems. We demonstrate how these accessible technologies can be utilized to devise strategies that potentially threaten train circulation in Spain. Our research presents a critical analysis of the vulnerabilities present in the railway signaling systems, highlighting the ease with which these systems can be tampered with, using tools that are readily available to the general public. Through a combination of theoretical insights and practical demonstrations, we offer a comprehensive overview of the risks associated with such vulnerabilities.\r\n\r\nOur findings aim to raise awareness among stakeholders in the railway industry, prompting a reevaluation of current security measures and encouraging the adoption of more stringent protections against such threats. This paper contributes to the ongoing discussion in the cybersecurity community, offering valuable insights into the potential risks facing modern transportation infrastructures and suggesting avenues for future research and development in railway system security.\r\n\r\nWe consider this work to be innovative on a type of system that has been present for over half a century in railway infrastructures. Therefore, the references provided are primarily about the operation of the systems and relevant news concerning them.\r\n\r\n1. [link](https://www.sepsamedha.com/on-board-systems/asfa/)\r\n2. [link](http://www.railway-technical.com/signalling/train-protection.html)\r\n3. [link](https://www.seguridadferroviaria.es/recursos_aesf/4CAB0E7F-4C5F-404A-A2DC-3E033FDD2BC9/144051/033ETASFAdigital2008.pdf)\r\n4. [link](https://www.linkedin.com/pulse/asfa-digital-sepsamedha/)\r\n5. [link](http://electronicapascual.com/blog/?p=3129)\r\n6. [link](https://en.wikipedia.org/wiki/Punktf%C3%B6rmige_Zugbeeinflussung)\r\n7. [link](https://en.wikipedia.org/wiki/Intermittent_inductive_automatic_train_stop)\r\n8. [link](https://en.wikipedia.org/wiki/Santiago_de_Compostela_derailment)\r\n9. [link](https://en.wikipedia.org/wiki/Contr%C3%B4le_de_vitesse_par_balises)\r\n10. [link](https://www.eldiario.es/sociedad/alvia-adif-renfe-asfa-digital_1_5758584.html)\r\n11. [link](https://www.diariodenavarra.es/noticias/navarra/2022/03/31/25-aniversario-accidente-tren-uharte-arakil-522467-300.html)\r\n12. [link](http://descargas.adif.es/ade/u18/GCN/NormativaTecnica.nsf/v0/E9811579073E406CC1257E81003BDD76/$FILE/ET%2003.365.008.6_2015.pdf?OpenElement)\r\n13. [link](http://descargas.adif.es/ade/u18/GCN/NormativaTecnica.nsf/v0/E875C349AD1DE569C125840B00379B26/$FILE/ET%2003.365.008.6%20ASFA%20Digital%20Embarcado+M1+M2.pdf?OpenElement)\r\n14. [link](https://www.youtube.com/watch?app=desktop&v=2zY_zlOoieE)","updated_timestamp":{"seconds":1720464040,"nanoseconds":0},"speakers":[{"content_ids":[54541],"conference_id":133,"event_ids":[54914],"name":"Gabriela (Gabs) Garcia","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/itsgabsgarcia/"},{"description":"","title":"Twitter (@constrainterror)","sort_order":0,"url":"https://twitter.com/constrainterror"}],"media":[],"id":54168},{"content_ids":[54541],"conference_id":133,"event_ids":[54914],"name":"David Meléndez","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Accenture","title":"R&D Enginner and Red Team Member, Innotec Security"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/david-melendez-cano/"},{"description":"","title":"Twitter (@TaiksonTexas)","sort_order":0,"url":"https://twitter.com/TaiksonTexas"}],"media":[],"id":54197,"title":"R&D Enginner and Red Team Member, Innotec Security at Accenture"}],"begin_tsz":"2024-08-11T21:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T18:40:40Z","links":[],"end":"2024-08-11T21:45:00.000-0000","id":54914,"tag_ids":[46166,46169,46419,46880],"village_id":null,"begin_timestamp":{"seconds":1723410000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":54197},{"tag_id":46167,"sort_order":4,"person_id":54168}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-11T21:00:00.000-0000","updated":"2024-07-08T18:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Many problems in our networks are simple problems that boil down to forgotten fundamentals. Kevin reviews the communication models and demonstrates a simple password capture.\n\n\n","media":[],"title":"Forgetting the Fundamentals? Data Communications: Physical and Logical Explanation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:55:00Z","end_timestamp":{"seconds":1723409700,"nanoseconds":0},"android_description":"Many problems in our networks are simple problems that boil down to forgotten fundamentals. Kevin reviews the communication models and demonstrates a simple password capture.","updated_timestamp":{"seconds":1722395907,"nanoseconds":0},"speakers":[{"content_ids":[55361],"conference_id":133,"event_ids":[55753],"name":"Kevin Manna","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55958}],"begin_tsz":"2024-08-11T20:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T03:18:27Z","links":[],"end":"2024-08-11T20:55:00.000-0000","id":55753,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723408200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55958}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-11T20:30:00.000-0000","updated":"2024-07-31T03:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Machine learning (ML) pipelines are vulnerable to model backdoors that compromise the integrity of the underlying system. Although many backdoor attacks limit the attack surface to the model, ML models are not standalone objects. Instead, they are artifacts built using a wide range of tools and embedded into pipelines with many interacting components. \r\n\r\nIn this talk, we introduce incubated ML exploits in which attackers inject model backdoors into ML pipelines using input-handling bugs in ML tools. Using a language-theoretic security (LangSec) framework, we systematically exploited ML model serialization bugs in popular tools to construct backdoors. In the process, we developed malicious artifacts such as polyglot and ambiguous files using ML model files. We also contributed to Fickling, a pickle security tool tailored for ML use cases. Finally, we formulated a set of guidelines for security researchers and ML practitioners. By chaining system security issues and model vulnerabilities, incubated ML exploits emerge as a new class of exploits that highlight the importance of a holistic approach to ML security.\r\n\r\n1. [link](https://langsec.org/papers/langsec-cwes-secdev2016.pdf)\r\n2. [link](https://arxiv.org/abs/2210.00108)\r\n3. [link](https://github.com/alkaet/LobotoMl)\r\n4. [link](https://github.com/trailofbits/fickling)\r\n5. [link](https://blog.trailofbits.com/2024/03/04/relishing-new-fickling-features-for-securing-ml-systems/)\r\n6. [link](https://blog.trailofbits.com/2023/11/15/assessing-the-security-posture-of-a-widely-used-vision-model-yolov7/)\r\n7. [link](https://moyix.net/badnets.pdf)\r\n8. [link](https://github.com/trailofbits/publications/blob/master/reviews/2023-03-eleutherai-huggingface-safetensors-securityreview.pdf)\r\n9. [link](https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/)\r\n10. [link](https://arxiv.org/abs/2204.06974)\r\n11. [link](https://arxiv.org/abs/2101.06896)\r\n\n\n\n","media":[],"title":"Incubated Machine Learning Exploits: Backdooring ML Pipelines Using Input-Handling Bugs","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T21:15:00Z","end_timestamp":{"seconds":1723410900,"nanoseconds":0},"android_description":"Machine learning (ML) pipelines are vulnerable to model backdoors that compromise the integrity of the underlying system. Although many backdoor attacks limit the attack surface to the model, ML models are not standalone objects. Instead, they are artifacts built using a wide range of tools and embedded into pipelines with many interacting components. \r\n\r\nIn this talk, we introduce incubated ML exploits in which attackers inject model backdoors into ML pipelines using input-handling bugs in ML tools. Using a language-theoretic security (LangSec) framework, we systematically exploited ML model serialization bugs in popular tools to construct backdoors. In the process, we developed malicious artifacts such as polyglot and ambiguous files using ML model files. We also contributed to Fickling, a pickle security tool tailored for ML use cases. Finally, we formulated a set of guidelines for security researchers and ML practitioners. By chaining system security issues and model vulnerabilities, incubated ML exploits emerge as a new class of exploits that highlight the importance of a holistic approach to ML security.\r\n\r\n1. [link](https://langsec.org/papers/langsec-cwes-secdev2016.pdf)\r\n2. [link](https://arxiv.org/abs/2210.00108)\r\n3. [link](https://github.com/alkaet/LobotoMl)\r\n4. [link](https://github.com/trailofbits/fickling)\r\n5. [link](https://blog.trailofbits.com/2024/03/04/relishing-new-fickling-features-for-securing-ml-systems/)\r\n6. [link](https://blog.trailofbits.com/2023/11/15/assessing-the-security-posture-of-a-widely-used-vision-model-yolov7/)\r\n7. [link](https://moyix.net/badnets.pdf)\r\n8. [link](https://github.com/trailofbits/publications/blob/master/reviews/2023-03-eleutherai-huggingface-safetensors-securityreview.pdf)\r\n9. [link](https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/)\r\n10. [link](https://arxiv.org/abs/2204.06974)\r\n11. [link](https://arxiv.org/abs/2101.06896)","updated_timestamp":{"seconds":1720464068,"nanoseconds":0},"speakers":[{"content_ids":[54540],"conference_id":133,"event_ids":[54913],"name":"Suha Sabi Hussain","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Trail of Bits","title":"Security Engineer, Machine Learning Assurance Team"}],"pronouns":"she/her","links":[{"description":"","title":"Twitter (@suhackerr)","sort_order":0,"url":"https://twitter.com/suhackerr"},{"description":"","title":"sshussain.me","sort_order":0,"url":"https://sshussain.me"}],"media":[],"id":54046,"title":"Security Engineer, Machine Learning Assurance Team at Trail of Bits"}],"begin_tsz":"2024-08-11T20:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T18:41:08Z","links":[],"end":"2024-08-11T21:15:00.000-0000","id":54913,"tag_ids":[46166,46419,46881],"village_id":null,"begin_timestamp":{"seconds":1723408200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54046}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-11T20:30:00.000-0000","updated":"2024-07-08T18:41:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Contest Closing Ceremonies and Awards","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T21:45:00Z","end_timestamp":{"seconds":1723412700,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1720319115,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T20:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T02:25:15Z","links":[],"end":"2024-08-11T21:45:00.000-0000","id":54911,"tag_ids":[46166,46419],"village_id":null,"begin_timestamp":{"seconds":1723408200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01:02 (Tracks 1-2)","hotel":"","short_name":"HW1-11-01:02 (Tracks 1-2)","id":46320},"spans_timebands":"N","begin":"2024-08-11T20:30:00.000-0000","updated":"2024-07-07T02:25:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In January 2021, I discovered that North Korean state-backed agents were targeting security researchers. A few people got hit, including me. They didn't get anything, but I was very frustrated by the inaction of law enforcement, intelligence agencies, and DoD. I decided I was going to see what I could do. Armed with my computer and a bunch of Takis I got to work mapping out NK's infrastructure. This talk will detail the methods and tools I used to bring down North Korea's internet for 9 days along with the architectural and other vulnerabilities I found that allowed for the attack. This presentation will cover the technical aspects of the attack, criticisms of the DoD and Intel Community, praise from the DoD and Intel Community and the implications of a small team of hackers, or just one dude, causing real-world impact. Attendees will gain insights into create methodologies for network exploitation and the ethical, practical, and resistance from the government to cyber guerrilla warfare, demonstrating the need for agile and responsive cyber capabilities in the modern world.\r\n\r\n1. Greenberg, Andy. \"The Hacker Who Took Down North Korea's Internet.\" Wired. [link](https://www.wired.com/story/p4x-north-korea-internet-hacker-identity-reveal/).\r\n2. Greenberg, Andy. \"North Korea Hacker Internet Outage.\" Wired. [link](https://www.wired.com/story/north-korea-hacker-internet-outage/).\r\n3. DEF CON 21 Talk: \"Conducting massive attacks with open source distributed computing\" [link](https://www.youtube.com/watch?v=8zLhb1RT8KI)\r\n4. DEF CON 29 Talk: \"WTF happened to that tool that was like Shodan but for web app vulns?\" [link](https://www.youtube.com/watch?v=DlS_sl4hTWg)\r\n5. DEF CON 21 Talk: \"The Dawn of Web 3.0: Website Mapping and Vulnerability Scanning\" [link](https://www.youtube.com/watch?v=yZ1xWwGYQF8).\r\n6. The Register: [link](https://www.theregister.com/2021/01/26/north_korea_targeted_me_0_day/)\r\n\n\n\n","media":[],"title":"Bringing Down North Korea","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T21:15:00Z","end_timestamp":{"seconds":1723410900,"nanoseconds":0},"android_description":"In January 2021, I discovered that North Korean state-backed agents were targeting security researchers. A few people got hit, including me. They didn't get anything, but I was very frustrated by the inaction of law enforcement, intelligence agencies, and DoD. I decided I was going to see what I could do. Armed with my computer and a bunch of Takis I got to work mapping out NK's infrastructure. This talk will detail the methods and tools I used to bring down North Korea's internet for 9 days along with the architectural and other vulnerabilities I found that allowed for the attack. This presentation will cover the technical aspects of the attack, criticisms of the DoD and Intel Community, praise from the DoD and Intel Community and the implications of a small team of hackers, or just one dude, causing real-world impact. Attendees will gain insights into create methodologies for network exploitation and the ethical, practical, and resistance from the government to cyber guerrilla warfare, demonstrating the need for agile and responsive cyber capabilities in the modern world.\r\n\r\n1. Greenberg, Andy. \"The Hacker Who Took Down North Korea's Internet.\" Wired. [link](https://www.wired.com/story/p4x-north-korea-internet-hacker-identity-reveal/).\r\n2. Greenberg, Andy. \"North Korea Hacker Internet Outage.\" Wired. [link](https://www.wired.com/story/north-korea-hacker-internet-outage/).\r\n3. DEF CON 21 Talk: \"Conducting massive attacks with open source distributed computing\" [link](https://www.youtube.com/watch?v=8zLhb1RT8KI)\r\n4. DEF CON 29 Talk: \"WTF happened to that tool that was like Shodan but for web app vulns?\" [link](https://www.youtube.com/watch?v=DlS_sl4hTWg)\r\n5. DEF CON 21 Talk: \"The Dawn of Web 3.0: Website Mapping and Vulnerability Scanning\" [link](https://www.youtube.com/watch?v=yZ1xWwGYQF8).\r\n6. The Register: [link](https://www.theregister.com/2021/01/26/north_korea_targeted_me_0_day/)","updated_timestamp":{"seconds":1720464091,"nanoseconds":0},"speakers":[{"content_ids":[54537],"conference_id":133,"event_ids":[54910],"name":"Alejandro Caceres","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Hyperion Gray","title":"Owner"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@_hyp3ri0n)","sort_order":0,"url":"https://twitter.com/_hyp3ri0n"},{"description":"","title":"Website","sort_order":0,"url":"https://hyperiongray.net"}],"media":[],"id":54062,"title":"Owner at Hyperion Gray"}],"begin_tsz":"2024-08-11T20:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T18:41:31Z","links":[],"end":"2024-08-11T21:15:00.000-0000","id":54910,"tag_ids":[46166,46169,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723408200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54062}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-11T20:30:00.000-0000","updated":"2024-07-08T18:41:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A convergência entre segurança física e cibernética ainda é pouco explorada em nossa região, muitas vezes devido à dificuldade de acesso a ferramentas específicas. Esta apresentação explora esse conceito e sua importância, ilustrando com casos reais de incidentes que exploraram sistemas de segurança física, detalhando como ocorreram e seus impactos.\r\n\r\nApresentaremos os fundamentos dos sistemas de controle de acesso, abordando arquitetura básica, protocolos de comunicação e tecnologias de credenciais. Em seguida, demonstraremos técnicas práticas de exploração:\r\n\r\n- Exploração da interface Wiegand: Mostraremos como explorar essa interface antiga e vulnerável, utilizando a versão DIY do BLE-Key, acessível e econômica.\r\n- Exploração de credenciais vulneráveis: Como iClass Legacy, PROX e MiFare Classic, usando ferramentas como ProxMark3 e Flipper Zero.\r\n- Exploração de credenciais \"seguras\": Demonstrando ataques de downgrade em credenciais HID Seos com Flipper Zero e um leitor HID Multiclass SE, usando um app desenvolvido por mim como alternativa econômica ao Seader.\r\n\n\n\n","media":[],"title":"Jeitinho Cibernético: A Convergência da Segurança no Brasil e América Latina","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"A convergência entre segurança física e cibernética ainda é pouco explorada em nossa região, muitas vezes devido à dificuldade de acesso a ferramentas específicas. Esta apresentação explora esse conceito e sua importância, ilustrando com casos reais de incidentes que exploraram sistemas de segurança física, detalhando como ocorreram e seus impactos.\r\n\r\nApresentaremos os fundamentos dos sistemas de controle de acesso, abordando arquitetura básica, protocolos de comunicação e tecnologias de credenciais. Em seguida, demonstraremos técnicas práticas de exploração:\r\n\r\n- Exploração da interface Wiegand: Mostraremos como explorar essa interface antiga e vulnerável, utilizando a versão DIY do BLE-Key, acessível e econômica.\r\n- Exploração de credenciais vulneráveis: Como iClass Legacy, PROX e MiFare Classic, usando ferramentas como ProxMark3 e Flipper Zero.\r\n- Exploração de credenciais \"seguras\": Demonstrando ataques de downgrade em credenciais HID Seos com Flipper Zero e um leitor HID Multiclass SE, usando um app desenvolvido por mim como alternativa econômica ao Seader.","updated_timestamp":{"seconds":1722701629,"nanoseconds":0},"speakers":[{"content_ids":[55979],"conference_id":133,"event_ids":[56595],"name":"Ueric Melo","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Privacy & Security Awareness Manager, LATAM and Caribbean at Genetec"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ueric-melo/"},{"description":"","title":"Twitter (@uericmelo)","sort_order":0,"url":"https://x.com/uericmelo"}],"media":[],"id":56312,"title":"Privacy & Security Awareness Manager, LATAM and Caribbean at Genetec"}],"begin_tsz":"2024-08-11T20:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T16:13:49Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":56595,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723406400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56312}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-11T20:00:00.000-0000","updated":"2024-08-03T16:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Career Development - The Human Element","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:25:00Z","end_timestamp":{"seconds":1723407900,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722395838,"nanoseconds":0},"speakers":[{"content_ids":[55360],"conference_id":133,"event_ids":[55752],"name":"Kirsten Renner","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SilverEdge Gov Solutions","title":"VP of Talent"}],"links":[],"pronouns":null,"media":[],"id":55959,"title":"VP of Talent at SilverEdge Gov Solutions"}],"begin_tsz":"2024-08-11T20:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T03:17:18Z","links":[],"end":"2024-08-11T20:25:00.000-0000","id":55752,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723406400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55959}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-11T20:00:00.000-0000","updated":"2024-07-31T03:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The nation is facing a shortage of approximately 500,000 good paying jobs in cyber.The problem is only going to continue to grow as the world becomes more digitized. This is a threat to our national security. The White House Office of the National Cyber Director (ONCD) is ensuring that as we build the cyber workforce the nation needs, we are reaching out to every community. Diversity is an essential element of the national cyber workforce. National Cyber Director (NCD) Harry Coker Jr., and his predecessor Kemba Walden, have both been leading our work to build the nations cyber workforce, one that is reflective of nation and its needs.\n\n\n","media":[],"title":"Expanding Pathways into the National Cyber Workforce","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"The nation is facing a shortage of approximately 500,000 good paying jobs in cyber.The problem is only going to continue to grow as the world becomes more digitized. This is a threat to our national security. The White House Office of the National Cyber Director (ONCD) is ensuring that as we build the cyber workforce the nation needs, we are reaching out to every community. Diversity is an essential element of the national cyber workforce. National Cyber Director (NCD) Harry Coker Jr., and his predecessor Kemba Walden, have both been leading our work to build the nations cyber workforce, one that is reflective of nation and its needs.","updated_timestamp":{"seconds":1721495432,"nanoseconds":0},"speakers":[{"content_ids":[55207],"conference_id":133,"event_ids":[55597],"name":"Ayan Islam","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ONCD, White House","title":""}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ayanislam/"}],"media":[],"id":55793,"title":"ONCD, White House"}],"begin_tsz":"2024-08-11T20:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-20T17:10:32Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":55597,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723406400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55793}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-11T20:00:00.000-0000","updated":"2024-07-20T17:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"On February 25, 1998, hip-hop group the Wu-Tang Clan made Grammy history… for all the wrong reasons. After losing in the Rap Album of the Year category, Wu-Tang member ODB stormed the stage, interrupting an acceptance speech to declare the now infamous phrase “Wu-Tang is for the children.” Anyone who has heard a song from Wu-Tang knows that despite ODB’s insistence, it is certainly not true. It appears that States may be taking this same approach when it comes to children's privacy and safety online. Despite these laws being for the protection of children, they often raise other unintended consequences. State legislatures around the country are debating new laws to protect children online. This year, Tennessee, Maryland, Virginia, Georgia, Utah, and Florida have passed legislation focused on children's privacy, usually through restrictions on social media use. While privacy advocates have championed these laws, they have been met with criticism and, in some instances, legal challenges. This is because in order to implement laws that apply to kids online, companies have to identify which users are kids—which requires the collection of sensitive personal information. Along with this privacy tension, there are First Amendment protection concerns that these laws limit online speech. This presentation will explore how youth privacy laws may not be protecting children in the ways that we hope by first discussing the attempts made by states to address youth privacy. Then, analyzing the unintended privacy consequences, focusing on how states are required to collect sensitive information that we are often trying to protect. Next, we will examine the First Amendment concerns using the example of the challenges to California’s Age Appropriate Design Code Act before finally discussing a path forward to protecting children.\n\n\n","media":[],"title":"Wu-Tang is for the Children: How States Laws Intended to Protect Children Raise Other Privacy and Legal Risks","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:30:00Z","end_timestamp":{"seconds":1723408200,"nanoseconds":0},"android_description":"On February 25, 1998, hip-hop group the Wu-Tang Clan made Grammy history… for all the wrong reasons. After losing in the Rap Album of the Year category, Wu-Tang member ODB stormed the stage, interrupting an acceptance speech to declare the now infamous phrase “Wu-Tang is for the children.” Anyone who has heard a song from Wu-Tang knows that despite ODB’s insistence, it is certainly not true. It appears that States may be taking this same approach when it comes to children's privacy and safety online. Despite these laws being for the protection of children, they often raise other unintended consequences. State legislatures around the country are debating new laws to protect children online. This year, Tennessee, Maryland, Virginia, Georgia, Utah, and Florida have passed legislation focused on children's privacy, usually through restrictions on social media use. While privacy advocates have championed these laws, they have been met with criticism and, in some instances, legal challenges. This is because in order to implement laws that apply to kids online, companies have to identify which users are kids—which requires the collection of sensitive personal information. Along with this privacy tension, there are First Amendment protection concerns that these laws limit online speech. This presentation will explore how youth privacy laws may not be protecting children in the ways that we hope by first discussing the attempts made by states to address youth privacy. Then, analyzing the unintended privacy consequences, focusing on how states are required to collect sensitive information that we are often trying to protect. Next, we will examine the First Amendment concerns using the example of the challenges to California’s Age Appropriate Design Code Act before finally discussing a path forward to protecting children.","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54655],"conference_id":133,"event_ids":[55028],"name":"Anthony Hendricks","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Crowe & Dunlevy","title":"Litigator"}],"pronouns":null,"links":[{"description":"","title":"Website","sort_order":0,"url":"https://www.anthonyjhendricks.com"}],"media":[],"id":54284,"title":"Litigator at Crowe & Dunlevy"}],"begin_tsz":"2024-08-11T20:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T20:30:00.000-0000","id":55028,"tag_ids":[46377,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723406400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54284}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-11T20:00:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AI assistants like ChatGPT are changing how we interact with technology. But what if someone could read your confidential chats? Imagine awkwardly asking your AI about a strange rash, or to edit an email, only to have that conversation exposed to someone on the net. In this talk we'll unveil a novel side-channel vulnerability in popular AI assistants and demonstrate how it can be used to read encrypted messages sent from AI Assistants.\r\n\r\nBefore our disclosure, major players like OpenAI, Microsoft, Cloudflare, Quora, and Notion were at risk. We'll reveal the technical details of this exploit and show real-world examples of intercepted conversations. This talk isn't just about the problem – learn how to identify this vulnerability in other AI assistants as well! We'll dissect network traffic, discuss attack models, and explore the far-reaching consequences of this discovery.\r\n\r\nReferences:\r\n1. Samuel Addington. Chatgpt: Cyber security threats and countermeasures. Available at SSRN 4425678, 2023.\r\n2. Benjamin Harsha, Robert Morton, Jeremiah Blocki, John Springer, and Melissa Dark. Bicycle attacks con- sidered harmful: Quantifying the damage of widespread password length leakage. Computers & Security, 100:102068, 2021.\r\n3. John V Monaco. What are you searching for? a remote keylogging attack on search engine autocomplete. In 28th USENIX Security Symposium (USENIX Security 19), pages 959–976, 2019.\r\n\n\n\n","media":[],"title":"Your AI Assistant has a Big Mouth: A New Side-Channel Attack","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T20:45:00Z","end_timestamp":{"seconds":1723409100,"nanoseconds":0},"android_description":"AI assistants like ChatGPT are changing how we interact with technology. But what if someone could read your confidential chats? Imagine awkwardly asking your AI about a strange rash, or to edit an email, only to have that conversation exposed to someone on the net. In this talk we'll unveil a novel side-channel vulnerability in popular AI assistants and demonstrate how it can be used to read encrypted messages sent from AI Assistants.\r\n\r\nBefore our disclosure, major players like OpenAI, Microsoft, Cloudflare, Quora, and Notion were at risk. We'll reveal the technical details of this exploit and show real-world examples of intercepted conversations. This talk isn't just about the problem – learn how to identify this vulnerability in other AI assistants as well! We'll dissect network traffic, discuss attack models, and explore the far-reaching consequences of this discovery.\r\n\r\nReferences:\r\n1. Samuel Addington. Chatgpt: Cyber security threats and countermeasures. Available at SSRN 4425678, 2023.\r\n2. Benjamin Harsha, Robert Morton, Jeremiah Blocki, John Springer, and Melissa Dark. Bicycle attacks con- sidered harmful: Quantifying the damage of widespread password length leakage. Computers & Security, 100:102068, 2021.\r\n3. John V Monaco. What are you searching for? a remote keylogging attack on search engine autocomplete. In 28th USENIX Security Symposium (USENIX Security 19), pages 959–976, 2019.","updated_timestamp":{"seconds":1721085590,"nanoseconds":0},"speakers":[{"content_ids":[54536],"conference_id":133,"event_ids":[54909],"name":"Yisroel Mirsky","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Ben-Gurion University","title":"Tenure-Track Lecturer and Zuckerman Faculty Scholar, Department of Software and Information Systems Engineering"}],"links":[],"pronouns":"he/him","media":[],"id":54120,"title":"Tenure-Track Lecturer and Zuckerman Faculty Scholar, Department of Software and Information Systems Engineering at Ben-Gurion University"},{"content_ids":[54536],"conference_id":133,"event_ids":[54909],"name":"Guy Amit","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"IBM Research","title":""},{"organization":"Ben-Gurion University of the Negev","title":"PhD Candidate Student, Department of Software and Information Systems Engineering"}],"links":[],"pronouns":null,"media":[],"id":54662,"title":"PhD Candidate Student, Department of Software and Information Systems Engineering at Ben-Gurion University of the Negev"},{"content_ids":[54536],"conference_id":133,"event_ids":[54909],"name":"Daniel Ayzenshteyn","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Ben-Gurion University of the Negev","title":"Researcher and Master's Degree Student, Department of Software and Information Systems Engineering"}],"links":[],"pronouns":null,"media":[],"id":54663,"title":"Researcher and Master's Degree Student, Department of Software and Information Systems Engineering at Ben-Gurion University of the Negev"},{"content_ids":[54536],"conference_id":133,"event_ids":[54909],"name":"Roy Weiss","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Ben-Gurion University of the Negev","title":"Researcher and Master's Degree Student, Department of Software and Information Systems Engineering"}],"links":[],"pronouns":null,"media":[],"id":54664,"title":"Researcher and Master's Degree Student, Department of Software and Information Systems Engineering at Ben-Gurion University of the Negev"}],"begin_tsz":"2024-08-11T20:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-15T23:19:50Z","links":[],"end":"2024-08-11T20:45:00.000-0000","id":54909,"tag_ids":[46166,46169,46419,46437,46438,46880],"village_id":null,"begin_timestamp":{"seconds":1723406400,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54120},{"tag_id":46167,"sort_order":4,"person_id":54664},{"tag_id":46167,"sort_order":6,"person_id":54663},{"tag_id":46167,"sort_order":8,"person_id":54662}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-11T20:00:00.000-0000","updated":"2024-07-15T23:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Closing Note","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T19:40:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55931,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723405200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-11T19:40:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"QOLOSSUS CONTEST Q-CTF Finals","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T19:30:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56447,"tag_ids":[46389,46641],"village_id":null,"begin_timestamp":{"seconds":1723404600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-11T19:30:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Exploit Prediction Scoring System (EPSS) provides efficient, data-driven vulnerability management data that uses current threat information from CVE and real-world exploit that helps understand the probability that a vulnerability will be exploited.\r\n\r\nThis talk will discuss the EPSS model in-depth and demonstrate how to implement EPSS for CI/CD pipelines and more traditional operating systems and application patching. \n\n\n","media":[],"title":"Using EPSS for Better Vulnerability Management","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The Exploit Prediction Scoring System (EPSS) provides efficient, data-driven vulnerability management data that uses current threat information from CVE and real-world exploit that helps understand the probability that a vulnerability will be exploited.\r\n\r\nThis talk will discuss the EPSS model in-depth and demonstrate how to implement EPSS for CI/CD pipelines and more traditional operating systems and application patching.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55725],"conference_id":133,"event_ids":[56256],"name":"jgamblin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56127}],"begin_tsz":"2024-08-11T19:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56256,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723404600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56127}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-11T19:30:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"World Wide War Drive Outbrief","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55443,55453,55461],"conference_id":133,"event_ids":[55868,55878,55886],"name":"RF Hackers","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@rfhackers"},{"description":"","title":"Website","sort_order":0,"url":"https://rfhackers.com/"}],"media":[],"id":55982},{"content_ids":[55461],"conference_id":133,"event_ids":[55886],"name":"WiGLE Staff","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@wiglenet"},{"description":"","title":"Website","sort_order":0,"url":"https://wigle.net/"}],"media":[],"id":55983}],"begin_tsz":"2024-08-11T19:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55886,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723404600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55982},{"tag_id":46167,"sort_order":4,"person_id":55983}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-11T19:30:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The presentation aims to discuss the existing biases in AI-assisted news reporting. It explores how AI has been integrated into news media over the years and the implications of its use, particularly in terms of misinformation and disinformation. The goal is to spark a discussion on the role of AI in news propagation and its impact on public perception and truth. Starting with a historical overview, this presentation highlights how AI has been used by outlets like Narrative Science, the Associated Press, and the Washington Post to automate news content. The talk emphasizes the distinction between misinformation and disinformation and discusses how AI can amplify existing biases if trained on biased data. The presentation also covers the shift in news consumption towards digital platforms, the rapid spread of misinformation, and the importance of diverse media sources to prevent echo chambers.\n\n\n","media":[],"title":"Exploring Bias in AI-Assisted News","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The presentation aims to discuss the existing biases in AI-assisted news reporting. It explores how AI has been integrated into news media over the years and the implications of its use, particularly in terms of misinformation and disinformation. The goal is to spark a discussion on the role of AI in news propagation and its impact on public perception and truth. Starting with a historical overview, this presentation highlights how AI has been used by outlets like Narrative Science, the Associated Press, and the Washington Post to automate news content. The talk emphasizes the distinction between misinformation and disinformation and discusses how AI can amplify existing biases if trained on biased data. The presentation also covers the shift in news consumption towards digital platforms, the rapid spread of misinformation, and the importance of diverse media sources to prevent echo chambers.","updated_timestamp":{"seconds":1721495411,"nanoseconds":0},"speakers":[{"content_ids":[55206,55186],"conference_id":133,"event_ids":[55576,55596],"name":"Sydney Johns","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Johns Hopkins Human Language Technology Center of Excellence","title":"Phd Student & Artificial Intelligence Researcher"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/sydney-johns/"}],"media":[],"id":55811,"title":"Phd Student & Artificial Intelligence Researcher at Johns Hopkins Human Language Technology Center of Excellence"}],"begin_tsz":"2024-08-11T19:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-20T17:10:11Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55596,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723404600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55811}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-11T19:30:00.000-0000","updated":"2024-07-20T17:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"ADS-B aircraft tracking has long been done with Raspberry Pi’s and SDRs. We set out to build our own receiver from the ground up, but without resorting to expensive and power-hungry SDR chips. Join us for a behind-the-scenes look as we walk through how we were able to (ab)use hardware to squeeze an entire Linux system, custom signal processing chain, and map visualizer into a chip that costs less than most microcontrollers.\n\n\n","media":[],"title":"Behind the Badge: How we used and abused hardware to create the AV badge for DC32","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"ADS-B aircraft tracking has long been done with Raspberry Pi’s and SDRs. We set out to build our own receiver from the ground up, but without resorting to expensive and power-hungry SDR chips. Join us for a behind-the-scenes look as we walk through how we were able to (ab)use hardware to squeeze an entire Linux system, custom signal processing chain, and map visualizer into a chip that costs less than most microcontrollers.","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54656],"conference_id":133,"event_ids":[55030],"name":"Robert Pafford","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54273},{"content_ids":[54656],"conference_id":133,"event_ids":[55030],"name":"Adam Batori","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54280}],"begin_tsz":"2024-08-11T19:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55030,"tag_ids":[46169,46366,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723404600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54280},{"tag_id":46167,"sort_order":1,"person_id":54273}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-11T19:30:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"From January to May 2024, a team of student researchers at Brigham Young University looked for 0days in a consumer-grade home router made by Vilo Living. By April 2024, they had found 9 zero days, 6 of which were critical. This presentation covers the process they went through from initial reconnaissance to hardware hacking to finding buffer overflows to reporting the bugs to the organization. Outline: Initial recon - OSINT on the company, previous vulnerabilities released (none), and black-box interactions with network services on the LAN Hardware hacking - identifying chips on the board, connecting to the UART interface, deciphering boot up info, dumping the flash memory (didn’t work), and observing reads/writes by the CPU to flash memory to obtain the firmware Cloud enumeration - discovering the AWS S3 buckets and IoT infrastructure, tracing cloud interactions (authenticating to the router remotely, retrieving MQTT certificates, etc.) Firmware enumeration - kernel + libc version, arch, how to emulate binaries on an x86 machine, compiling code to run on the router, what binary does what, etc. Vulnerability discovery - finishing reversing custom TCP protocol for mobile app->router interactions, searching for stack overflows, lack of authentication, command injection (and accidentally bricking 3 routers), info leaks, reviewing the 9 vulnerabilities we discovered, weaponizing and chaining some of the vulnerabilities, etc. Vendor disclosure - difficulty contacting the vendor in May 2024 with vulnerability details (they were almost dead), how the disclosure process went, filing for CVEs in June, publishing vuln details in August Conclusion - how stupid easy it is to hack IoT devices, how IoT vendors treat security issues, where future research can focus\n\n\n","media":[],"title":"Finding 0days in Vilo Home Routers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"From January to May 2024, a team of student researchers at Brigham Young University looked for 0days in a consumer-grade home router made by Vilo Living. By April 2024, they had found 9 zero days, 6 of which were critical. This presentation covers the process they went through from initial reconnaissance to hardware hacking to finding buffer overflows to reporting the bugs to the organization. Outline: Initial recon - OSINT on the company, previous vulnerabilities released (none), and black-box interactions with network services on the LAN Hardware hacking - identifying chips on the board, connecting to the UART interface, deciphering boot up info, dumping the flash memory (didn’t work), and observing reads/writes by the CPU to flash memory to obtain the firmware Cloud enumeration - discovering the AWS S3 buckets and IoT infrastructure, tracing cloud interactions (authenticating to the router remotely, retrieving MQTT certificates, etc.) Firmware enumeration - kernel + libc version, arch, how to emulate binaries on an x86 machine, compiling code to run on the router, what binary does what, etc. Vulnerability discovery - finishing reversing custom TCP protocol for mobile app->router interactions, searching for stack overflows, lack of authentication, command injection (and accidentally bricking 3 routers), info leaks, reviewing the 9 vulnerabilities we discovered, weaponizing and chaining some of the vulnerabilities, etc. Vendor disclosure - difficulty contacting the vendor in May 2024 with vulnerability details (they were almost dead), how the disclosure process went, filing for CVEs in June, publishing vuln details in August Conclusion - how stupid easy it is to hack IoT devices, how IoT vendors treat security issues, where future research can focus","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54654],"conference_id":133,"event_ids":[55027],"name":"Justin Mott","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Brigham Young University (BYU)","title":"Grad Student"}],"links":[],"pronouns":null,"media":[],"id":54310,"title":"Grad Student at Brigham Young University (BYU)"},{"content_ids":[54654],"conference_id":133,"event_ids":[55027],"name":"Ava Petersen","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Brigham Young University (BYU)","title":"Student"}],"links":[],"pronouns":null,"media":[],"id":54331,"title":"Student at Brigham Young University (BYU)"}],"begin_tsz":"2024-08-11T19:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55027,"tag_ids":[46383,46419,46437,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723404600,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54331},{"tag_id":46167,"sort_order":1,"person_id":54310}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-11T19:30:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Modern cars are a complex networks of computers put on four wheels. For security research, it is important to understand the car's internal network and exposed interfaces. But what else could you use this knowledge for? You probably guessed it from the title 🙂. So we developed a tool to turn our research car into a game controller.\r\n\r\nIn this talk, we present Vehicle-to-Game (V2G), a Python-based project that enables the usage of cars as game controllers. V2G can run either directly on a laptop or turn a Raspberry Pi Zero WH into a Bluetooth gamepad. In addition, V2G can either be used over the OBD2-diagnostic port or by directly accessing the internal CAN-busses of the car.\r\n\r\nOur project can be a great starting point if you always wanted to tinker around with your car or want to learn about the CAN bus or diagnostic communication (UDS). To make V2G work with your car, some reverse engineering of CAN messages or diagnostic communication will be required (as well as additional hardware to connect to the CAN bus). Otherwise, if you can get this running, you can be sure that you own a more expensive game controller than your neighbors.\r\n\r\nTools and hardware:\r\n1. General introduction into the CAN-bus and UDS: [link](https://www.csselectronics.com/pages/can-bus-simple-intro-tutorial)\r\n2. Tool for designing PCBs: [link](https://easyeda.com)\r\n3. Tool for making CAN messages readable: [link](https://www.savvycan.com/)\r\n4. Hardware for accessing CAN-bus and OBD: [link](https://www.peak-system.com/PCAN-USB.199.0.html)\r\n5. CAN utils: [link](https://github.com/linux-can/can-utils)\r\n6. CAN hat for Raspberry Pi: [link](https://www.waveshare.com/wiki/RS485_CAN_HAT)\r\n\r\nUsed libraries:\r\n1. [link](https://github.com/Heerkog/HIDpi) Many thanks for providing this great library and documentation for utilizing the Raspberry Pi as a Bluetooth device!\r\n2. [link](https://github.com/yannbouteiller/vgamepad)\r\n3. [link](https://github.com/hardbyte/python-can)\r\n\r\nMisc:\r\n1. Tesla DBC files: [link](https://github.com/joshwardell/model3dbc)\r\n2. ACSD website: [link](https://fbi.h-da.de/en/research/research-groups/applied-cyber-security-darmstadt)\r\n3. V2G Repository on GitHub (private until start of DEF CON): [link](https://github.com/Vehicle2Game/v2g)\r\n\n\n\n","media":[],"title":"Redefining V2G - How to use your vehicle as a game controller","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T20:15:00Z","end_timestamp":{"seconds":1723407300,"nanoseconds":0},"android_description":"Modern cars are a complex networks of computers put on four wheels. For security research, it is important to understand the car's internal network and exposed interfaces. But what else could you use this knowledge for? You probably guessed it from the title 🙂. So we developed a tool to turn our research car into a game controller.\r\n\r\nIn this talk, we present Vehicle-to-Game (V2G), a Python-based project that enables the usage of cars as game controllers. V2G can run either directly on a laptop or turn a Raspberry Pi Zero WH into a Bluetooth gamepad. In addition, V2G can either be used over the OBD2-diagnostic port or by directly accessing the internal CAN-busses of the car.\r\n\r\nOur project can be a great starting point if you always wanted to tinker around with your car or want to learn about the CAN bus or diagnostic communication (UDS). To make V2G work with your car, some reverse engineering of CAN messages or diagnostic communication will be required (as well as additional hardware to connect to the CAN bus). Otherwise, if you can get this running, you can be sure that you own a more expensive game controller than your neighbors.\r\n\r\nTools and hardware:\r\n1. General introduction into the CAN-bus and UDS: [link](https://www.csselectronics.com/pages/can-bus-simple-intro-tutorial)\r\n2. Tool for designing PCBs: [link](https://easyeda.com)\r\n3. Tool for making CAN messages readable: [link](https://www.savvycan.com/)\r\n4. Hardware for accessing CAN-bus and OBD: [link](https://www.peak-system.com/PCAN-USB.199.0.html)\r\n5. CAN utils: [link](https://github.com/linux-can/can-utils)\r\n6. CAN hat for Raspberry Pi: [link](https://www.waveshare.com/wiki/RS485_CAN_HAT)\r\n\r\nUsed libraries:\r\n1. [link](https://github.com/Heerkog/HIDpi) Many thanks for providing this great library and documentation for utilizing the Raspberry Pi as a Bluetooth device!\r\n2. [link](https://github.com/yannbouteiller/vgamepad)\r\n3. [link](https://github.com/hardbyte/python-can)\r\n\r\nMisc:\r\n1. Tesla DBC files: [link](https://github.com/joshwardell/model3dbc)\r\n2. ACSD website: [link](https://fbi.h-da.de/en/research/research-groups/applied-cyber-security-darmstadt)\r\n3. V2G Repository on GitHub (private until start of DEF CON): [link](https://github.com/Vehicle2Game/v2g)","updated_timestamp":{"seconds":1721092916,"nanoseconds":0},"speakers":[{"content_ids":[54535],"conference_id":133,"event_ids":[54908],"name":"Jannis Hamborg","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Darmstadt University of Applied Sciences","title":"PhD Student"}],"links":[],"pronouns":null,"media":[],"id":54097,"title":"PhD Student at Darmstadt University of Applied Sciences"},{"content_ids":[54535],"conference_id":133,"event_ids":[54908],"name":"Timm Lauser","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Darmstadt University of Applied Sciences","title":"PhD Student"}],"links":[],"pronouns":"he/him","media":[],"id":54124,"title":"PhD Student at Darmstadt University of Applied Sciences"}],"begin_tsz":"2024-08-11T19:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-16T01:21:56Z","links":[],"end":"2024-08-11T20:15:00.000-0000","id":54908,"tag_ids":[46166,46169,46419,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723404600,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54124},{"tag_id":46167,"sort_order":4,"person_id":54097}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-11T19:30:00.000-0000","updated":"2024-07-16T01:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As the successor to the iptables, nftables stands as a crucial network component within the Linux kernel, managing packet filtering and other network-related functionalities. With continuous development and changes, features designed to increase its efficiency, such as batch commit, anonymous chains/sets, and asynchronous garbage collection, have been implemented, which in turn has significantly increased its complexity and made it an attractive target for attackers in recent years.\r\n\r\nSince the announcement of the kernelCTF bug bounty, multiple nftables 0-day vulnerabilities have been reported and patched to enhance its security. However, if not careful enough, the security patch may not only mitigate the bug but also introduce new security issues unintentionally. By researching the structural changes in the nftables codebase, we successfully uncover new vulnerabilities despite the intense competition in kernelCTF. Also, we managed to speedrun the exploitation just before Google removed nftables from LTS instance, becoming the last LTS nftables exploitation.\r\n\r\nIn this presentation, we will share three nftables vulnerabilities we discovered in a storytelling fashion. We start with a brief introduction on how nftables works under the hood to familiarize attendees with the basics. After that, we dive into nftables internals and dissect three vulnerabilities discovered during our journey, two of which involved utilizing hard-to-exploit race conditions to pwn the flag. Alongside details of the exploitation, we will also share the roller-coaster story of kernelCTF experiences, filled with dramatic highs and lows, making it a tense and exhilarating journey.\r\n\r\n- Previous nf_tables research:\r\n- [link](https://research.nccgroup.com/2022/09/01/settlers-of-netlink-exploiting-a-limited-uaf-in-nf_tables-cve-2022-32250/)\r\n- [link](https://starlabs.sg/blog/2023/09-nftables-adventures-bug-hunting-and-n-day-exploitation/)\r\n- [link](https://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2023-4004_lts_cos_mitigation/docs/exploit.md)\r\n- Container escape:\r\n- [link](https://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2023-4622_lts/docs/exploit.md)\r\n- RCU related documentation:\r\n- [link](https://www.kernel.org/doc/Documentation/RCU/whatisRCU.txt)\r\n- [link](https://pdos.csail.mit.edu/6.828/2023/lec/rcu-faq.txt)\r\n\n\n\n","media":[],"title":"Clash, Burn, and Exploit: Manipulate Filters to Pwn kernelCTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T20:15:00Z","end_timestamp":{"seconds":1723407300,"nanoseconds":0},"android_description":"As the successor to the iptables, nftables stands as a crucial network component within the Linux kernel, managing packet filtering and other network-related functionalities. With continuous development and changes, features designed to increase its efficiency, such as batch commit, anonymous chains/sets, and asynchronous garbage collection, have been implemented, which in turn has significantly increased its complexity and made it an attractive target for attackers in recent years.\r\n\r\nSince the announcement of the kernelCTF bug bounty, multiple nftables 0-day vulnerabilities have been reported and patched to enhance its security. However, if not careful enough, the security patch may not only mitigate the bug but also introduce new security issues unintentionally. By researching the structural changes in the nftables codebase, we successfully uncover new vulnerabilities despite the intense competition in kernelCTF. Also, we managed to speedrun the exploitation just before Google removed nftables from LTS instance, becoming the last LTS nftables exploitation.\r\n\r\nIn this presentation, we will share three nftables vulnerabilities we discovered in a storytelling fashion. We start with a brief introduction on how nftables works under the hood to familiarize attendees with the basics. After that, we dive into nftables internals and dissect three vulnerabilities discovered during our journey, two of which involved utilizing hard-to-exploit race conditions to pwn the flag. Alongside details of the exploitation, we will also share the roller-coaster story of kernelCTF experiences, filled with dramatic highs and lows, making it a tense and exhilarating journey.\r\n\r\n- Previous nf_tables research:\r\n- [link](https://research.nccgroup.com/2022/09/01/settlers-of-netlink-exploiting-a-limited-uaf-in-nf_tables-cve-2022-32250/)\r\n- [link](https://starlabs.sg/blog/2023/09-nftables-adventures-bug-hunting-and-n-day-exploitation/)\r\n- [link](https://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2023-4004_lts_cos_mitigation/docs/exploit.md)\r\n- Container escape:\r\n- [link](https://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2023-4622_lts/docs/exploit.md)\r\n- RCU related documentation:\r\n- [link](https://www.kernel.org/doc/Documentation/RCU/whatisRCU.txt)\r\n- [link](https://pdos.csail.mit.edu/6.828/2023/lec/rcu-faq.txt)","updated_timestamp":{"seconds":1722098340,"nanoseconds":0},"speakers":[{"content_ids":[54534],"conference_id":133,"event_ids":[54907],"name":"Kuan-Ting \"HexRabbit\" Chen","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DEVCORE","title":"Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Blog","sort_order":0,"url":"https://blog.hexrabbit.io"},{"description":"","title":"Twitter (@h3xr4bb1t)","sort_order":0,"url":"https://twitter.com/h3xr4bb1t"}],"media":[],"id":54054,"title":"Security Researcher at DEVCORE"}],"begin_tsz":"2024-08-11T19:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-27T16:39:00Z","links":[],"end":"2024-08-11T20:15:00.000-0000","id":54907,"tag_ids":[46166,46169,46419,46437,46882],"village_id":null,"begin_timestamp":{"seconds":1723404600,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54054}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-11T19:30:00.000-0000","updated":"2024-07-27T16:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DARPA and ARPA-H joined forces for the AI Cyber Challenge (AIxCC), a two-year competition aimed at revolutionizing cybersecurity through AI-driven solutions. AIxCC asks the nation’s top talent in AI and cybersecurity to develop Cyber Reasoning Systems capable of automatically finding and fixing software vulnerabilities to secure critical software. In this talk, we are excited to announce the results of the Semifinals event. We will conduct a brief examination of the AI systems developed by the top teams by analyzing their strategies, discuss key innovations and methodologies employed, and discuss the overall impact of the competition on the cybersecurity landscape. The top-ranking teams will be eligible to win one of the $2 million in semifinal prizes, as well as a spot in the Finals competition at DEF CON 33.\n\n\n","media":[],"title":"AIxCC Closing Ceremonies","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T20:15:00Z","end_timestamp":{"seconds":1723407300,"nanoseconds":0},"android_description":"DARPA and ARPA-H joined forces for the AI Cyber Challenge (AIxCC), a two-year competition aimed at revolutionizing cybersecurity through AI-driven solutions. AIxCC asks the nation’s top talent in AI and cybersecurity to develop Cyber Reasoning Systems capable of automatically finding and fixing software vulnerabilities to secure critical software. In this talk, we are excited to announce the results of the Semifinals event. We will conduct a brief examination of the AI systems developed by the top teams by analyzing their strategies, discuss key innovations and methodologies employed, and discuss the overall impact of the competition on the cybersecurity landscape. The top-ranking teams will be eligible to win one of the $2 million in semifinal prizes, as well as a spot in the Finals competition at DEF CON 33.","updated_timestamp":{"seconds":1720307461,"nanoseconds":0},"speakers":[{"content_ids":[54533,54511],"conference_id":133,"event_ids":[54884,54906],"name":"Perri Adams","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Defense Advanced Research Projects Agency (DARPA)","title":"Special Assistant to the Director"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@perribus)","sort_order":0,"url":"https://twitter.com/perribus"}],"media":[],"id":54047,"title":"Special Assistant to the Director at Defense Advanced Research Projects Agency (DARPA)"},{"content_ids":[54533,55322,56132],"conference_id":133,"event_ids":[55714,56775,54906],"name":"Andrew Carney","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DARPA AI Cyber Challenge (AIxCC)","title":"Program Manager"},{"organization":"Advanced Research Projects Agency for Health (ARPA-H)","title":"Program Manager"}],"pronouns":null,"links":[{"description":"","title":"ARPA-H Profile","sort_order":0,"url":"https://arpa-h.gov/about/people/andrew-carney"}],"media":[],"id":54106,"title":"Program Manager at Advanced Research Projects Agency for Health (ARPA-H)"}],"begin_tsz":"2024-08-11T19:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-06T23:11:01Z","links":[],"end":"2024-08-11T20:15:00.000-0000","id":54906,"tag_ids":[46166,46419],"village_id":null,"begin_timestamp":{"seconds":1723404600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54106},{"tag_id":46167,"sort_order":4,"person_id":54047}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01:02 (Tracks 1-2)","hotel":"","short_name":"HW1-11-01:02 (Tracks 1-2)","id":46320},"spans_timebands":"N","begin":"2024-08-11T19:30:00.000-0000","updated":"2024-07-06T23:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Engineers can carefully build their networks, designing the traffic flow explicitly through well constructed controls, even following design best practices from the CSP themselves, only to be let down by unexpected subtleties in the exact way certain technologies operate.\n\nIn this talk, we will take a look at just such a case study concerning Transit Gateways (TGW) in AWS, where security consultants were able to communicate freely across an apparent network boundary. We will review how TGWs are attached to subnets, and how the documentation implies they should operate. Then we will examine why NACLs appeared to be having no effect on blocking traffic, and allowed an effectively flat network between two peered accounts.\n\nThis case study will demonstrate the importance and effectiveness of practical testing, either internally by the developers or with an external reviewer, in confirming – or in many cases quite the opposite – that the operation matches the design aims. It isn’t always easy to find that leak, but if there is a puddle of water on the floor then at least you know you need to start looking for the flaw. This talk will show through the TGW case study and a few other examples how we noticed the puddle, how we found the leak, how it was fixed, and how hopefully the same leak won’t spring twice.\n\n\n","media":[],"title":"Unexpected Leaks in AWS Transit Gateways","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:40:00Z","end_timestamp":{"seconds":1723405200,"nanoseconds":0},"android_description":"Engineers can carefully build their networks, designing the traffic flow explicitly through well constructed controls, even following design best practices from the CSP themselves, only to be let down by unexpected subtleties in the exact way certain technologies operate.\n\nIn this talk, we will take a look at just such a case study concerning Transit Gateways (TGW) in AWS, where security consultants were able to communicate freely across an apparent network boundary. We will review how TGWs are attached to subnets, and how the documentation implies they should operate. Then we will examine why NACLs appeared to be having no effect on blocking traffic, and allowed an effectively flat network between two peered accounts.\n\nThis case study will demonstrate the importance and effectiveness of practical testing, either internally by the developers or with an external reviewer, in confirming – or in many cases quite the opposite – that the operation matches the design aims. It isn’t always easy to find that leak, but if there is a puddle of water on the floor then at least you know you need to start looking for the flaw. This talk will show through the TGW case study and a few other examples how we noticed the puddle, how we found the leak, how it was fixed, and how hopefully the same leak won’t spring twice.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55501],"conference_id":133,"event_ids":[55930],"name":"William Taylor","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56023}],"begin_tsz":"2024-08-11T19:20:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-11T19:40:00.000-0000","id":55930,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723404000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56023}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-11T19:20:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"CPV: Program Committee Closing Remarks","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:30:00Z","end_timestamp":{"seconds":1723404600,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723400075,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-11T18:14:35Z","links":[],"end":"2024-08-11T19:30:00.000-0000","id":56883,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-08-11T18:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"After experiencing Def Con this year, it was apparent there was a lot of interest in Meshtastic but very little content available. This will cover some common questions I've been fielding throughout the conference, as well as a space to ask your own questions.\n\n\n","media":[],"title":"An ad-hoc talk about ad-hoc networking with Meshtastic","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:30:00Z","end_timestamp":{"seconds":1723404600,"nanoseconds":0},"android_description":"After experiencing Def Con this year, it was apparent there was a lot of interest in Meshtastic but very little content available. This will cover some common questions I've been fielding throughout the conference, as well as a space to ask your own questions.","updated_timestamp":{"seconds":1723389286,"nanoseconds":0},"speakers":[{"content_ids":[56224],"conference_id":133,"event_ids":[56881],"name":"Lucas \"N0OPS\" Gahler","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56621}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-11T15:14:46Z","links":[],"end":"2024-08-11T19:30:00.000-0000","id":56881,"tag_ids":[46380,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56621}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W321","hotel":"","short_name":"W321","id":46337},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-08-11T15:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Game Hacking Community Closing Talk & Awards Ceremony","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722815484,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-04T23:51:24Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56752,"tag_ids":[46402,46511],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-03","hotel":"","short_name":"HW4-01-03","id":46275},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-08-04T23:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We will be handing out the CTF Prizes and awards. Must be present to win!\n\n\n","media":[],"title":"DCNextGen Awards and Closing Ceremony","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"We will be handing out the CTF Prizes and awards. Must be present to win!","updated_timestamp":{"seconds":1722726317,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T23:05:17Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56617,"tag_ids":[46398,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-08-03T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Village closing ceremony\n\n\n","media":[],"title":"Village closing","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Village closing ceremony","updated_timestamp":{"seconds":1722715708,"nanoseconds":0},"speakers":[{"content_ids":[55981,55982,55983,55994],"conference_id":133,"event_ids":[56597,56598,56599,56600,56601,56602,56603,56604,56605,56616],"name":"Adversary Village Crew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56320}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T20:08:28Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56616,"tag_ids":[46367,46511],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56320}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-08-03T20:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Durante abril de 2024 el equipo GERT de Kaspersky detectó un nuevo grupo de ransomware aprovechando las funcionalidades de Microsoft para cifrar sistemas en infraestructuras comprometidas, usando scripts para disminuir defensas, deshabilitar parámetros críticos de sistemas Microsoft y finalmente usar el servicio Bitlocker de Microsoft, creando contraseñas individuales de cifrado por cada sistema, eliminando los rastros locales y enviando los datos mediante comunicaciones de comando y control para garantizar el descifrado y recibir el pago del rescate. Aunque el ataque fue dirigido a organizaciones en LATAM, fue identificado también en Jordania e Indonesia. Durante esta charla presentaremos los principales retos de recolectar evidencia en sistemas donde los discos fueron completamente cifrados y las propuestas de descifrado habilitadas una vez se obtuvo la muestra del malware construida de forma dirigida para las organizaciones afectadas. Se presentarán los mecanismos de descifrado disponibles frente a esta y otras amenazas similares y las técnicas usadas por los adversarios para comprometer las infraestructuras.\n\n\n","media":[],"title":"Abusando de Bitlocker para secuestrar información corporativa | Desde la intrusión hasta el descifrado (i)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Durante abril de 2024 el equipo GERT de Kaspersky detectó un nuevo grupo de ransomware aprovechando las funcionalidades de Microsoft para cifrar sistemas en infraestructuras comprometidas, usando scripts para disminuir defensas, deshabilitar parámetros críticos de sistemas Microsoft y finalmente usar el servicio Bitlocker de Microsoft, creando contraseñas individuales de cifrado por cada sistema, eliminando los rastros locales y enviando los datos mediante comunicaciones de comando y control para garantizar el descifrado y recibir el pago del rescate. Aunque el ataque fue dirigido a organizaciones en LATAM, fue identificado también en Jordania e Indonesia. Durante esta charla presentaremos los principales retos de recolectar evidencia en sistemas donde los discos fueron completamente cifrados y las propuestas de descifrado habilitadas una vez se obtuvo la muestra del malware construida de forma dirigida para las organizaciones afectadas. Se presentarán los mecanismos de descifrado disponibles frente a esta y otras amenazas similares y las técnicas usadas por los adversarios para comprometer las infraestructuras.","updated_timestamp":{"seconds":1722700538,"nanoseconds":0},"speakers":[{"content_ids":[55978],"conference_id":133,"event_ids":[56594],"name":"Eduardo Chavarro Ovalle","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Digital Forensic and Incident Response Group Manager Americas"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@echavarro)","sort_order":0,"url":"https://x.com/echavarro"},{"description":"","title":"co.linkedin.com/in/echavarro?trk=public_post_feed-actor-name","sort_order":0,"url":"https://co.linkedin.com/in/echavarro?trk=public_post_feed-actor-name"}],"media":[],"id":56311,"title":"Digital Forensic and Incident Response Group Manager Americas"}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T15:55:38Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56594,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56311}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to create a cute, squishy, Wi-Fi controllable LED cat lamp? In this workshop, we'll create a cute cat lamp featuring programmable IoT LED's, giving it custom light animations and Wi-Fi control! Your adorable cat lamp can be controlled over Wi-Fi with WLED, allowing you to control it with home automation software. You will create open source, Wi-Fi controlled LED art; learn basic soldering; and take home the remote-controlled Pusheen lamp of your dreams.\n\n\n","media":[],"title":"IoT Cat Lamp","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T20:30:00Z","end_timestamp":{"seconds":1723408200,"nanoseconds":0},"android_description":"Want to create a cute, squishy, Wi-Fi controllable LED cat lamp? In this workshop, we'll create a cute cat lamp featuring programmable IoT LED's, giving it custom light animations and Wi-Fi control! Your adorable cat lamp can be controlled over Wi-Fi with WLED, allowing you to control it with home automation software. You will create open source, Wi-Fi controlled LED art; learn basic soldering; and take home the remote-controlled Pusheen lamp of your dreams.","updated_timestamp":{"seconds":1722645221,"nanoseconds":0},"speakers":[{"content_ids":[55930,55931,55932,55933,55934,55935,55936,55937,55938,55939],"conference_id":133,"event_ids":[56521,56522,56523,56524,56525,56526,56527,56528,56529,56530],"name":"Kody K","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56287}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:41Z","links":[{"label":"Purchase/Pre-Register","type":"link","url":"https://retia.io/products/make-your-iot-wi-fi-connected-pursheen-cat-lamp-with-wled-10-30am-class"}],"end":"2024-08-11T20:30:00.000-0000","id":56530,"tag_ids":[46383,46429,46734],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56287}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We’re going over the results of the GRT and giving out some awards for our favorite reports. We want to hear from you about how it went and what you liked.\n\n\n","media":[],"title":"Generative Red Team 2 Readout & Acknowledgements","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"We’re going over the results of the GRT and giving out some awards for our favorite reports. We want to hear from you about how it went and what you liked.","updated_timestamp":{"seconds":1722625241,"nanoseconds":0},"speakers":[{"content_ids":[55875,55888],"conference_id":133,"event_ids":[56460,56473],"name":"Jerome Wynne","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56229},{"content_ids":[55875,55888],"conference_id":133,"event_ids":[56460,56473],"name":"Kent Wilson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56230},{"content_ids":[55875,55888],"conference_id":133,"event_ids":[56460,56473],"name":"Nicole DeCario","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56231},{"content_ids":[55875,55888],"conference_id":133,"event_ids":[56460,56473],"name":"Sean McGregor","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56232},{"content_ids":[55875,55876,55888],"conference_id":133,"event_ids":[56460,56473,56461],"name":"Sven Cattell","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"AI Village","title":"Founder"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@comathematician)","sort_order":0,"url":"https://x.com/comathematician"}],"media":[],"id":56233,"title":"Founder at AI Village"},{"content_ids":[55875,55888],"conference_id":133,"event_ids":[56460,56473],"name":"Will Pearce","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56234}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T19:00:41Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56473,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56233},{"tag_id":46167,"sort_order":4,"person_id":56234},{"tag_id":46167,"sort_order":6,"person_id":56229},{"tag_id":46167,"sort_order":8,"person_id":56232},{"tag_id":46167,"sort_order":10,"person_id":56231},{"tag_id":46167,"sort_order":12,"person_id":56230}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-08-02T19:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Policy and the Quantum: Where do we start?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":56446,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is a placeholder for BTV’s closing ceremonies!\n\n\nThis is a placeholder for BTV’s closing ceremonies!\r\nThis is a placeholder for BTV’s closing ceremonies!\r\nThis is a placeholder for BTV’s closing ceremonies!\r\nThis is a placeholder for BTV’s closing ceremonies!\r\nThis is a placeholder for BTV’s closing ceremonies!\r\nThis is a placeholder for BTV’s closing ceremonies!","media":[],"title":"Blue Team Village Closing Ceremonies","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T19:30:00Z","end_timestamp":{"seconds":1723404600,"nanoseconds":0},"android_description":"This is a placeholder for BTV’s closing ceremonies!\n\n\nThis is a placeholder for BTV’s closing ceremonies!\r\nThis is a placeholder for BTV’s closing ceremonies!\r\nThis is a placeholder for BTV’s closing ceremonies!\r\nThis is a placeholder for BTV’s closing ceremonies!\r\nThis is a placeholder for BTV’s closing ceremonies!\r\nThis is a placeholder for BTV’s closing ceremonies!","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-11T19:30:00.000-0000","id":56276,"tag_ids":[46373,46641],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for our annual group photo and voting session for the \"People's Choice Award\". Even though we don't have a contest, as a community we can still choose a favorite hat. We have to take the picture at 12:05 sharp so be there!\n\n\n","media":[],"title":"Hard Hat Brigade - Group Photo and People's Choice Award","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Join us for our annual group photo and voting session for the \"People's Choice Award\". Even though we don't have a contest, as a community we can still choose a favorite hat. We have to take the picture at 12:05 sharp so be there!","updated_timestamp":{"seconds":1721968589,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-26T04:36:29Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55792,"tag_ids":[46403,46641],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-02","hotel":"","short_name":"HW2-08-02","id":46261},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-07-26T04:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Building a foundation with the 5 critical controls","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722395816,"nanoseconds":0},"speakers":[{"content_ids":[55359],"conference_id":133,"event_ids":[55751],"name":"Dillon Lee","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55953}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T03:16:56Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55751,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55953}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-07-31T03:16:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Safety has been at the forefront of Civil Aviation since the formalization of DO-178, Software Considerations in Airborne Systems and Equipment Certification, in 1981. However, times have changed since then and we live in a world with seemingly limitless connectivity. DO-356A, Airworthiness Security Methods and Considerations, forms the cybersecurity bedrock in which aviation systems are designed and implemented. In this talk, participants will learn about how Safety and Security is applied to system design and how they interact with one another. Design Assurance Levels (DAL) and Security Assurance Levels (SAL) concepts are presented and explained what their purpose is. This talk is designed to appeal to the general cybersecurity community by introducing fundamentals of Safety analyses and discussing how Safety and Security interact with one another.\n\nThis talk will first touch upon fundamental documents that form the Certification basis for System Development (ARP4754B), System Safety (ARP4761A), and Security Considerations (DO-356A). From there, it walk through pieces that form a safety analysis and Design Assurance Level (DAL), walk through a system architecture under consideration, and learn about how Safety and requirements in a system can be used to inform the Threat Model for the system. From there, we end with a discussion on how Security Mitigations are assigned Security Assurance Level (SAL) and what this means for developers.\n\n\n\n","media":[],"title":"The Interplay between Safety and Security in Aviation Systems","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:30:00Z","end_timestamp":{"seconds":1723404600,"nanoseconds":0},"android_description":"Safety has been at the forefront of Civil Aviation since the formalization of DO-178, Software Considerations in Airborne Systems and Equipment Certification, in 1981. However, times have changed since then and we live in a world with seemingly limitless connectivity. DO-356A, Airworthiness Security Methods and Considerations, forms the cybersecurity bedrock in which aviation systems are designed and implemented. In this talk, participants will learn about how Safety and Security is applied to system design and how they interact with one another. Design Assurance Levels (DAL) and Security Assurance Levels (SAL) concepts are presented and explained what their purpose is. This talk is designed to appeal to the general cybersecurity community by introducing fundamentals of Safety analyses and discussing how Safety and Security interact with one another.\n\nThis talk will first touch upon fundamental documents that form the Certification basis for System Development (ARP4754B), System Safety (ARP4761A), and Security Considerations (DO-356A). From there, it walk through pieces that form a safety analysis and Design Assurance Level (DAL), walk through a system architecture under consideration, and learn about how Safety and requirements in a system can be used to inform the Threat Model for the system. From there, we end with a discussion on how Security Mitigations are assigned Security Assurance Level (SAL) and what this means for developers.","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54653],"conference_id":133,"event_ids":[55026],"name":"Lillian Ash Baker","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"The Boeing Company/Wisk Aero","title":"Product Security Engineer"}],"links":[],"pronouns":null,"media":[],"id":54360,"title":"Product Security Engineer at The Boeing Company/Wisk Aero"}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T19:30:00.000-0000","id":55026,"tag_ids":[46366,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54360}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Yes, anyone can hack IoT devices and I’ll show you how! It doesn’t matter if you’re an experienced pen tester in other fields, completely new to cybersecurity or just IoT curious, by the end of this talk you’ll have the knowledge to hack your first device. You might be thinking - but I thought IoT was complicated, required knowledge of hardware, and expensive tools. In this talk, I’m here to dispel those myths by directly showing you the methodology, tools and tactics you can use to go and hack an IoT device today (or maybe when you get home). I’ll cover what IoT devices are best for beginners, what tools you need (and don’t need), how to build a small toolkit for <$100, common tactics to get a foothold into IoT devices and how to find your first vulnerability or bug.\n\n\n","media":[],"title":"Anyone can hack IoT - a beginner’s guide to hacking your first IoT device","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Yes, anyone can hack IoT devices and I’ll show you how! It doesn’t matter if you’re an experienced pen tester in other fields, completely new to cybersecurity or just IoT curious, by the end of this talk you’ll have the knowledge to hack your first device. You might be thinking - but I thought IoT was complicated, required knowledge of hardware, and expensive tools. In this talk, I’m here to dispel those myths by directly showing you the methodology, tools and tactics you can use to go and hack an IoT device today (or maybe when you get home). I’ll cover what IoT devices are best for beginners, what tools you need (and don’t need), how to build a small toolkit for <$100, common tactics to get a foothold into IoT devices and how to find your first vulnerability or bug.","updated_timestamp":{"seconds":1720397153,"nanoseconds":0},"speakers":[{"content_ids":[54651],"conference_id":133,"event_ids":[55024],"name":"Andrew \"DigitalAndrew\" Bellini","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"TCM","title":"Instructor"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@d1gitalandrew)","sort_order":0,"url":"https://twitter.com/d1gitalandrew"}],"media":[],"id":54243,"title":"Instructor at TCM"}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T00:05:53Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55024,"tag_ids":[46169,46383,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54243}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-07-08T00:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The future of healthcare is precise, personalized, and involves point of care with a wide variety of applications. Each application has its own unique set of challenges that change based on risk and the stakeholders’ perspective. Foreseeing these challenges, in 2021 FDA issued the discussion paper 3D Printing Medical Devices at the Point of Care to expound upon pertinent challenges and request stakeholder feedback. Within this paper, the concept of the 3D Printing medical device production system (MDPS) as a medical device was presented. In this session, we will investigate the concept of the MDPS from the perspective of different stakeholders, the necessity of AI to make this in-hospital MDPS POC solution a reality, and the unique relationship the MDM and HDO must have to support the MDPS. \n\n\n","media":[],"title":"3DU: Homo (e)x Machina","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:30:00Z","end_timestamp":{"seconds":1723404600,"nanoseconds":0},"android_description":"The future of healthcare is precise, personalized, and involves point of care with a wide variety of applications. Each application has its own unique set of challenges that change based on risk and the stakeholders’ perspective. Foreseeing these challenges, in 2021 FDA issued the discussion paper 3D Printing Medical Devices at the Point of Care to expound upon pertinent challenges and request stakeholder feedback. Within this paper, the concept of the 3D Printing medical device production system (MDPS) as a medical device was presented. In this session, we will investigate the concept of the MDPS from the perspective of different stakeholders, the necessity of AI to make this in-hospital MDPS POC solution a reality, and the unique relationship the MDM and HDO must have to support the MDPS.","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54650],"conference_id":133,"event_ids":[55023],"name":"Lacey Harbour","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/lacey-harbour-smith-ms-rac-mb-ascp-34338b39"}],"media":[],"id":54245}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T19:30:00.000-0000","id":55023,"tag_ids":[46371,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54245}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Game Of Active Directory (GOAD) is a prebuilt vulnerable Active Directory (AD) environment primarily created for pentesters. Touting over 30 methods of attack, GOAD offers multiple paths to full AD takeover. But is that really how you win the game? Regardless of color, as security professions our goal should be to better secure environments. This talk walks through AD attack strategies, exploiting misconfigurations that ultimately pwn AD. Mitigations for these attacks are discussed and implemented, showcasing how they stop common attacks. Implementing these protections in your environment is truly how you win the Game Of Active Directory.\n\n\n","media":[],"title":"Winning the Game of Active Directory","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The Game Of Active Directory (GOAD) is a prebuilt vulnerable Active Directory (AD) environment primarily created for pentesters. Touting over 30 methods of attack, GOAD offers multiple paths to full AD takeover. But is that really how you win the game? Regardless of color, as security professions our goal should be to better secure environments. This talk walks through AD attack strategies, exploiting misconfigurations that ultimately pwn AD. Mitigations for these attacks are discussed and implemented, showcasing how they stop common attacks. Implementing these protections in your environment is truly how you win the Game Of Active Directory.","updated_timestamp":{"seconds":1720331869,"nanoseconds":0},"speakers":[{"content_ids":[54558,55492],"conference_id":133,"event_ids":[55921,54933],"name":"Brandon Colley","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Trimarc","title":"Senior Security Consultant"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@techBrandon)","sort_order":0,"url":"https://twitter.com/techBrandon"}],"media":[],"id":54256,"title":"Senior Security Consultant at Trimarc"}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T05:57:49Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":54933,"tag_ids":[46169,46385,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54256}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cari Farver did not disappear off the face of the Earth. She was murdered in cold blood, and her killer went on to impersonate her online, for over three years. The suspect hid their tracks with VPNs, proxies, and anonymizing apps. This talk will go behind the scenes of Netflix's \"Lover, Stalker, Killer\" to detail the open source software and bespoke methods used to prove a no-body homicide case based almost entirely on digital evidence.\r\n\r\nDateline NBC, S26E1 \"Scorned\" (2017)\r\nRule, Leslie. \"A Tangled Web: A Cyberstalker, a Deadly Obsession, and the Twisting Path to Justice\". Citadel Press, 2020.\r\nNetflix, \"Lover, Stalker, Killer\" (2024)\n\n\n","media":[],"title":"Solving the \"Lover, Stalker, Killer\" Murder with strings, grep, and Perl","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T19:20:00Z","end_timestamp":{"seconds":1723404000,"nanoseconds":0},"android_description":"Cari Farver did not disappear off the face of the Earth. She was murdered in cold blood, and her killer went on to impersonate her online, for over three years. The suspect hid their tracks with VPNs, proxies, and anonymizing apps. This talk will go behind the scenes of Netflix's \"Lover, Stalker, Killer\" to detail the open source software and bespoke methods used to prove a no-body homicide case based almost entirely on digital evidence.\r\n\r\nDateline NBC, S26E1 \"Scorned\" (2017)\r\nRule, Leslie. \"A Tangled Web: A Cyberstalker, a Deadly Obsession, and the Twisting Path to Justice\". Citadel Press, 2020.\r\nNetflix, \"Lover, Stalker, Killer\" (2024)","updated_timestamp":{"seconds":1720379966,"nanoseconds":0},"speakers":[{"content_ids":[54532],"conference_id":133,"event_ids":[54905],"name":"Anthony Kava","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/anthonykava"},{"description":"","title":"Website","sort_order":0,"url":"https://forensic.coffee"}],"media":[],"id":54159}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T19:19:26Z","links":[],"end":"2024-08-11T19:20:00.000-0000","id":54905,"tag_ids":[46166,46169,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54159}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-07-07T19:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This article reassesses complex cyberattack tactics, focusing specifically on existing security measures and emerging weaknesses. We begin our investigation by examining initial methods of deployment in contemporary attacks, including those that focus on simulated read-only filesystems and NTFS vulnerabilities. Since the improvements made to the Windows security architecture in 2011, which include the enforcement of Driver Signature Enforcement (DSE) and Hypervisor-protected Code Integrity (HVCI), the nature of cyber threats has changed, requiring new ways to carry out attacks.\r\n\r\nOur research presents a new method that takes advantage of previously uncovered weaknesses in emulated filesystems, allowing attackers to covertly install and maintain harmful programs. In addition, we uncover new NTFS vulnerabilities that enable attackers to conceal their presence and sustain persistence within victim systems. The study also investigates alternate methods for delivering and executing malware in usermode. In addition, we discuss several Indicators of Compromise (IOCs) to identify and detect these tactics.\r\n\r\n1. [link](https://www.rapid7.com/blog/post/2021/12/13/driver-based-attacks-past-and-present/)\r\n2. [link](https://msrc-blog.microsoft.com/2021/06/25/investigating-and-mitigating-malicious-drivers/)\r\n3. [link](https://www.welivesecurity.com/2022/01/11/signed-kernel-drivers-unguarded-gateway-windows-core/)\r\n4. [link](https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20presentations/Jacob%20Baines%20-%20Bring%20Your%20Own%20Print%20Driver%20Vulnerability.pdf)\r\n5. [link](https://github.com/eset/vulnerability-disclosures)\r\n6. [link](https://www.bleepingcomputer.com/news/security/github-comments-abused-to-push-malware-via-microsoft-repo-urls/)\r\n\n\n\n","media":[],"title":"DriverJack: Turning NTFS and Emulated Read-only Filesystems in an Infection and Persistence Vector","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T19:45:00Z","end_timestamp":{"seconds":1723405500,"nanoseconds":0},"android_description":"This article reassesses complex cyberattack tactics, focusing specifically on existing security measures and emerging weaknesses. We begin our investigation by examining initial methods of deployment in contemporary attacks, including those that focus on simulated read-only filesystems and NTFS vulnerabilities. Since the improvements made to the Windows security architecture in 2011, which include the enforcement of Driver Signature Enforcement (DSE) and Hypervisor-protected Code Integrity (HVCI), the nature of cyber threats has changed, requiring new ways to carry out attacks.\r\n\r\nOur research presents a new method that takes advantage of previously uncovered weaknesses in emulated filesystems, allowing attackers to covertly install and maintain harmful programs. In addition, we uncover new NTFS vulnerabilities that enable attackers to conceal their presence and sustain persistence within victim systems. The study also investigates alternate methods for delivering and executing malware in usermode. In addition, we discuss several Indicators of Compromise (IOCs) to identify and detect these tactics.\r\n\r\n1. [link](https://www.rapid7.com/blog/post/2021/12/13/driver-based-attacks-past-and-present/)\r\n2. [link](https://msrc-blog.microsoft.com/2021/06/25/investigating-and-mitigating-malicious-drivers/)\r\n3. [link](https://www.welivesecurity.com/2022/01/11/signed-kernel-drivers-unguarded-gateway-windows-core/)\r\n4. [link](https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20presentations/Jacob%20Baines%20-%20Bring%20Your%20Own%20Print%20Driver%20Vulnerability.pdf)\r\n5. [link](https://github.com/eset/vulnerability-disclosures)\r\n6. [link](https://www.bleepingcomputer.com/news/security/github-comments-abused-to-push-malware-via-microsoft-repo-urls/)","updated_timestamp":{"seconds":1722977019,"nanoseconds":0},"speakers":[{"content_ids":[54529],"conference_id":133,"event_ids":[54902],"name":"Alessandro Magnosi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Synack RT and Cobalt","title":"Independent Researcher"},{"organization":"BSI","title":"Managing Consultant and R&D Lead"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@klezVirus)","sort_order":0,"url":"https://twitter.com/klezVirus"},{"description":"","title":"klezvirus.github.io","sort_order":0,"url":"https://klezvirus.github.io"}],"media":[],"id":54193,"title":"Managing Consultant and R&D Lead at BSI"}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-06T20:43:39Z","links":[],"end":"2024-08-11T19:45:00.000-0000","id":54902,"tag_ids":[46166,46419,46437,46438,46880],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54193}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-08-06T20:43:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00\n\n\n","media":[],"title":"Friends of Bill W","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00","updated_timestamp":{"seconds":1718771079,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-06-19T04:24:39Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249486"}],"end":"2024-08-11T20:00:00.000-0000","id":54487,"tag_ids":[46364,46401],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W301","hotel":"","short_name":"W301","id":46295},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-06-19T04:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A lot of quantum algorithms offer a theoretical advantage over their classical counterparts. However, it is important to understand whether this advantage will be present once we run these algorithms to solve real-world problems on future scalable quantum computers. This talk discusses the factors that have to be taken into account when considering the performance of quantum algorithms in realistic conditions.\n\n\n","media":[],"title":"Understanding performance of quantum algorithms","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:15:00Z","end_timestamp":{"seconds":1723403700,"nanoseconds":0},"android_description":"A lot of quantum algorithms offer a theoretical advantage over their classical counterparts. However, it is important to understand whether this advantage will be present once we run these algorithms to solve real-world problems on future scalable quantum computers. This talk discusses the factors that have to be taken into account when considering the performance of quantum algorithms in realistic conditions.","updated_timestamp":{"seconds":1723400219,"nanoseconds":0},"speakers":[{"content_ids":[55841,56226],"conference_id":133,"event_ids":[56884,56428],"name":"Mariia Mykhailova","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56218}],"begin_tsz":"2024-08-11T18:45:00Z","timeband_id":1149,"updated_tsz":"2024-08-11T18:16:59Z","links":[],"end":"2024-08-11T19:15:00.000-0000","id":56884,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723401900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56218}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-11T18:45:00.000-0000","updated":"2024-08-11T18:16:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Are you really sure that the code executed inside your pipelines is secure? Join us as we explore how command injection in a single CI/CD pipeline component can create a major vulnerability in Google's flagship project, Bazel. \r\n\r\nOur research reveals a command injection vulnerability within Bazel GitHub Action, showcasing the potential compromise of the entire open-source project. Through live demonstrations, we illustrate how threat actors can exploit seemingly secure pipelines and tamper widely used repositories with malicious code.\r\n\r\nBy attending, you'll gain actionable insights into securing your CI/CD pipelines and learn practical strategies to protect your projects from similar vulnerabilities.\n\n\n","media":[],"title":"Your CI/CD Pipeline Is Vulnerable, But It's Not Your Fault","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:15:00Z","end_timestamp":{"seconds":1723403700,"nanoseconds":0},"android_description":"Are you really sure that the code executed inside your pipelines is secure? Join us as we explore how command injection in a single CI/CD pipeline component can create a major vulnerability in Google's flagship project, Bazel. \r\n\r\nOur research reveals a command injection vulnerability within Bazel GitHub Action, showcasing the potential compromise of the entire open-source project. Through live demonstrations, we illustrate how threat actors can exploit seemingly secure pipelines and tamper widely used repositories with malicious code.\r\n\r\nBy attending, you'll gain actionable insights into securing your CI/CD pipelines and learn practical strategies to protect your projects from similar vulnerabilities.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55724,55742],"conference_id":133,"event_ids":[56242,56255],"name":"Oreen Livni","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56075},{"content_ids":[55724,55742],"conference_id":133,"event_ids":[56242,56255],"name":"Elad Pticha","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56111}],"begin_tsz":"2024-08-11T18:45:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-11T19:15:00.000-0000","id":56255,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723401900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56111},{"tag_id":46167,"sort_order":1,"person_id":56075}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-11T18:45:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the rapidly evolving domain of cloud security, the ability to dynamically interact with cloud services is crucial for security teams. Understanding cloud APIs is key to effectively managing everything from administrative tasks to security operations. Security researchers often face the challenge of selecting from numerous API definitions. What if there was a system capable of autonomously selecting the right APIs and intelligently chaining them to achieve specific goals?\n\nIn this presentation, I will share insights from my research on LLM-based AI agents. These agents utilize LLMs as reasoning engines, enabling them to handle complex tasks in natural language and autonomously determine their next actions based on user input and previous interactions. I will explain how we can transform Microsoft Graph API definitions into schemas that align with LLM function-calling capabilities. This transformation allows an LLM to select the appropriate tools and supply the correct arguments for an AI agent to execute. By integrating generative AI with cybersecurity, we can automate tasks and discover new ways to chain APIs for various operations, significantly enhancing the capabilities of security researchers to innovate in security operations and automation.\n\n\n","media":[],"title":"The Rise of the Planet of the Agents: LLM-based AI Agents and Cloud Security APIs","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:20:00Z","end_timestamp":{"seconds":1723404000,"nanoseconds":0},"android_description":"In the rapidly evolving domain of cloud security, the ability to dynamically interact with cloud services is crucial for security teams. Understanding cloud APIs is key to effectively managing everything from administrative tasks to security operations. Security researchers often face the challenge of selecting from numerous API definitions. What if there was a system capable of autonomously selecting the right APIs and intelligently chaining them to achieve specific goals?\n\nIn this presentation, I will share insights from my research on LLM-based AI agents. These agents utilize LLMs as reasoning engines, enabling them to handle complex tasks in natural language and autonomously determine their next actions based on user input and previous interactions. I will explain how we can transform Microsoft Graph API definitions into schemas that align with LLM function-calling capabilities. This transformation allows an LLM to select the appropriate tools and supply the correct arguments for an AI agent to execute. By integrating generative AI with cybersecurity, we can automate tasks and discover new ways to chain APIs for various operations, significantly enhancing the capabilities of security researchers to innovate in security operations and automation.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55500],"conference_id":133,"event_ids":[55929],"name":"Roberto Rodriguez","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Cyb3rWard0g","sort_order":0,"url":"https://Cyb3rWard0g"}],"media":[],"id":56014}],"begin_tsz":"2024-08-11T18:45:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-11T19:20:00.000-0000","id":55929,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723401900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56014}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-11T18:45:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Are you getting stuck on solving ciphers in challenges? Not sure who or what Caesar is? What is \"polyalphabetic\" or \"transposition\"? Is this even relevant to modern day cryptography? Come on over for the Intro to Ciphers talk! Talk time: 5-15 minutes\n\n\n","media":[],"title":"CPV: Intro to Cyphers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:45:00Z","end_timestamp":{"seconds":1723401900,"nanoseconds":0},"android_description":"Are you getting stuck on solving ciphers in challenges? Not sure who or what Caesar is? What is \"polyalphabetic\" or \"transposition\"? Is this even relevant to modern day cryptography? Come on over for the Intro to Ciphers talk! Talk time: 5-15 minutes","updated_timestamp":{"seconds":1722725880,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T18:30:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T22:58:00Z","links":[],"end":"2024-08-11T18:45:00.000-0000","id":56882,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723401000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-11T18:30:00.000-0000","updated":"2024-08-03T22:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Fireside Chat on the importance of open-sourcing solutions and how AIxCC's approach can have a far-reaching, positive impact\nDavid A. Wheeler, Director of Open Source Supply Chain Security, Open Source Security Foundation (OpenSSF)\nJeff Diecks, Technical Project Manager - AIxCC, Open Source Security Foundation (Open SSF)\nChris Aniszczyk, CTO, Cloud Native Computing Foundation (CNCF)\n\n\n","media":[],"title":"From research to release: Transferring AIxCC results to open source software","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:15:00Z","end_timestamp":{"seconds":1723403700,"nanoseconds":0},"android_description":"Fireside Chat on the importance of open-sourcing solutions and how AIxCC's approach can have a far-reaching, positive impact\nDavid A. Wheeler, Director of Open Source Supply Chain Security, Open Source Security Foundation (OpenSSF)\nJeff Diecks, Technical Project Manager - AIxCC, Open Source Security Foundation (Open SSF)\nChris Aniszczyk, CTO, Cloud Native Computing Foundation (CNCF)","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[56141],"conference_id":133,"event_ids":[56784],"name":"Jeff Diecks","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/jeff-diecks/"},{"description":"","title":"Open Source Atlanta","sort_order":0,"url":"https://opensourceatlanta.com"}],"media":[],"id":56528},{"content_ids":[56141],"conference_id":133,"event_ids":[56784],"name":"Chris Aniszczyk","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cloud Native Computing Foundation (CNCF)","title":""}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/caniszczyk/"},{"description":"","title":"Mastodon (@cra@macaw.social)","sort_order":0,"url":"@cra@macaw.social"},{"description":"","title":"Twitter (@cra)","sort_order":0,"url":"https://x.com/cra"},{"description":"","title":"Website","sort_order":0,"url":"https://aniszczyk.org"}],"media":[],"id":56529,"title":"Cloud Native Computing Foundation (CNCF)"},{"content_ids":[56141],"conference_id":133,"event_ids":[56784],"name":"Dr. David A. Wheeler","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Open Source Security Foundation (OpenSSF)","title":"Director of Open Source Supply Chain Security"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/david-a-wheeler-27798688/"},{"description":"","title":"Mastodon (@davidawheeler@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@davidawheeler"},{"description":"","title":"Twitter (@drdavidawheeler)","sort_order":0,"url":"https://twitter.com/drdavidawheeler"},{"description":"","title":"Website","sort_order":0,"url":"https://dwheeler.com/dwheeler.html"}],"media":[],"id":56532,"title":"Director of Open Source Supply Chain Security at Open Source Security Foundation (OpenSSF)"}],"begin_tsz":"2024-08-11T18:30:00Z","timeband_id":1149,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-11T19:15:00.000-0000","id":56784,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723401000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56532},{"tag_id":46167,"sort_order":4,"person_id":56528},{"tag_id":46167,"sort_order":6,"person_id":56529}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-11T18:30:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Biometrics applied to PACS (Physical Access Control Systems) has been an hot-topic for a few years now. The spread of fingerprint or face recognition based access control and time attendance systems among corporate, industrial and military environments has surged. And with it, also the number of potential attack vectors has increased. In this talk, after a brief overview of the state of art of available PACS utilizing biometrics to authenticate and authorize users, we will investigate one technology among others (usually perceived less-invasive) that has been widely used in some specific fields (e.g. industrial plants, airports, food industry, etc.): the handpunch access control and time attendance systems. The handpunch PACS are based on the hand-geometry recognition. In this presentation we will have a look how this tech works and, in particular, we will focus our attention on reviewing some of existing handpunch devices: from a physical security POV until reversing the communication protocol. Moreover, during the presentation will be demonstrated how to remotely push a new super-admin user into it (i.e. persistent backdoor), how to dump existing users credentials and will be also released an opensource tool-suite: HandScan & HandPwner. Eventually, thanks the cooperation with Shodan’s creator, it has been confirmed that more than 1800 of these vulnerable devices were found exposed on the Internet. Finally, we will conclude the talk with practical and actionable countermeasures to prevent these attacks and how to harden these devices.\n\n\n","media":[],"title":"HandPwning: “Your Hand is your Passport. Verify me. Now let me in!”","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Biometrics applied to PACS (Physical Access Control Systems) has been an hot-topic for a few years now. The spread of fingerprint or face recognition based access control and time attendance systems among corporate, industrial and military environments has surged. And with it, also the number of potential attack vectors has increased. In this talk, after a brief overview of the state of art of available PACS utilizing biometrics to authenticate and authorize users, we will investigate one technology among others (usually perceived less-invasive) that has been widely used in some specific fields (e.g. industrial plants, airports, food industry, etc.): the handpunch access control and time attendance systems. The handpunch PACS are based on the hand-geometry recognition. In this presentation we will have a look how this tech works and, in particular, we will focus our attention on reviewing some of existing handpunch devices: from a physical security POV until reversing the communication protocol. Moreover, during the presentation will be demonstrated how to remotely push a new super-admin user into it (i.e. persistent backdoor), how to dump existing users credentials and will be also released an opensource tool-suite: HandScan & HandPwner. Eventually, thanks the cooperation with Shodan’s creator, it has been confirmed that more than 1800 of these vulnerable devices were found exposed on the Internet. Finally, we will conclude the talk with practical and actionable countermeasures to prevent these attacks and how to harden these devices.","updated_timestamp":{"seconds":1722564617,"nanoseconds":0},"speakers":[{"content_ids":[55343,55800],"conference_id":133,"event_ids":[55735,56349,56352],"name":"Luca \"CYBERANTANI\" Bongiorni","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"We Hack In Disguise (WHID)","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":55951,"title":"Founder at We Hack In Disguise (WHID)"}],"begin_tsz":"2024-08-11T18:30:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T02:10:17Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":56352,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723401000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55951}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-11T18:30:00.000-0000","updated":"2024-08-02T02:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ready to graduate from basic packet? This presentation dives headfirst into the advanced world of packet radio networking. We'll explore routing protocols like NETROM and ROSE, conquer the intricacies of setting up your own packet radio node, and delve into the world of HF packet communication.\n\n\n","media":[],"title":"Advanced Packet Radio Operation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Ready to graduate from basic packet? This presentation dives headfirst into the advanced world of packet radio networking. We'll explore routing protocols like NETROM and ROSE, conquer the intricacies of setting up your own packet radio node, and delve into the world of HF packet communication.","updated_timestamp":{"seconds":1722185820,"nanoseconds":0},"speakers":[{"content_ids":[55441,55442],"conference_id":133,"event_ids":[55866,55867],"name":"Jeremy","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55978}],"begin_tsz":"2024-08-11T18:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T16:57:00Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":55867,"tag_ids":[46169,46380,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723401000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":55978}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W321","hotel":"","short_name":"W321","id":46337},"spans_timebands":"N","begin":"2024-08-11T18:30:00.000-0000","updated":"2024-07-28T16:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come make a call in front of our soundproof booth. We provide everything, the target company, their phone number, and three objectives to gather (easy, medium, and hard). First come, first serve. \n\n\n","media":[],"title":"Cold Calls","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"Come make a call in front of our soundproof booth. We provide everything, the target company, their phone number, and three objectives to gather (easy, medium, and hard). First come, first serve.","updated_timestamp":{"seconds":1722103160,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T18:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-27T17:59:20Z","links":[{"label":"More Info","type":"link","url":"https://www.se.community/cold-calls/"}],"end":"2024-08-11T21:00:00.000-0000","id":55840,"tag_ids":[46393,46641],"village_id":null,"begin_timestamp":{"seconds":1723401000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-11T18:30:00.000-0000","updated":"2024-07-27T17:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"So your organization decided to follow the trend and switched to Kubernetes for hosting their applications. And this means that the mission for the SOC, has now changed from monitoring servers and networks, to building detective capability for a container orchestration platform. Where do you even start with for Kubernetes TTPs? What attack signatures should you alert upon, and what logs are there to look for in first place? \r\n\r\nA similar challenge arises for the offensive security practitioner: What strategies exist for performing continuous Kubernetes threat emulation? Infrastructure technologies have changed rapidly, and adversaries have adapted. Despite the novelty of attack surface, insider threats still remain relevant, and prevention alone is not enough to manage the risk posed to the modern enterprise. \r\n\r\nThis talk will explain the benefits of investing in a proactive approach to the security of your Kubernetes clusters through collaborative purple teams, and will provide a comprehensive guide for doing so – as informed by our latest research and experience in running attack simulations against large enterprises. Attendees will get up to speed with Kubernetes security monitoring concepts and will take away key advice for planning and executing successful attack detection exercises against containerized environments.\r\n\n\n\n","media":[],"title":"Kubernetes Attack Simulation: The Definitive Guide","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"So your organization decided to follow the trend and switched to Kubernetes for hosting their applications. And this means that the mission for the SOC, has now changed from monitoring servers and networks, to building detective capability for a container orchestration platform. Where do you even start with for Kubernetes TTPs? What attack signatures should you alert upon, and what logs are there to look for in first place? \r\n\r\nA similar challenge arises for the offensive security practitioner: What strategies exist for performing continuous Kubernetes threat emulation? Infrastructure technologies have changed rapidly, and adversaries have adapted. Despite the novelty of attack surface, insider threats still remain relevant, and prevention alone is not enough to manage the risk posed to the modern enterprise. \r\n\r\nThis talk will explain the benefits of investing in a proactive approach to the security of your Kubernetes clusters through collaborative purple teams, and will provide a comprehensive guide for doing so – as informed by our latest research and experience in running attack simulations against large enterprises. Attendees will get up to speed with Kubernetes security monitoring concepts and will take away key advice for planning and executing successful attack detection exercises against containerized environments.","updated_timestamp":{"seconds":1720397242,"nanoseconds":0},"speakers":[{"content_ids":[54649],"conference_id":133,"event_ids":[55022],"name":"Leo Tsaousis","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"WithSecure","title":"Senior Security Consultant"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/leonidastsaousis"},{"description":"","title":"Twitter (@LAripping)","sort_order":0,"url":"https://twitter.com/LAripping"}],"media":[],"id":54361,"title":"Senior Security Consultant at WithSecure"}],"begin_tsz":"2024-08-11T18:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T00:07:22Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":55022,"tag_ids":[46169,46367,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723401000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54361}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-11T18:30:00.000-0000","updated":"2024-07-08T00:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cybersecurity red teams have myriad ways of practicing their skills - from CTFs to certifications - but how do you train for physical red teaming? This talk will focus on leveling up your body - add new abilities to climb, sneak, jump, and become an unstoppable ninja while performing physical penetration tests. We’ll talk about which abilities you need, and how we train ourselves (and our staff) for performing at our peak for physical engagements. This will be complemented by plenty of war stories and lessons learned in the field for what abilities are most worth leveling up in, and comparisons between red teaming before and after our weight loss. We’ll then discuss different exercises and habits that the audience can start doing as soon as in your hotel room to improve your lives and your ability to break into buildings! \n\n\n","media":[],"title":"Fitness of Physical Red Teamers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Cybersecurity red teams have myriad ways of practicing their skills - from CTFs to certifications - but how do you train for physical red teaming? This talk will focus on leveling up your body - add new abilities to climb, sneak, jump, and become an unstoppable ninja while performing physical penetration tests. We’ll talk about which abilities you need, and how we train ourselves (and our staff) for performing at our peak for physical engagements. This will be complemented by plenty of war stories and lessons learned in the field for what abilities are most worth leveling up in, and comparisons between red teaming before and after our weight loss. We’ll then discuss different exercises and habits that the audience can start doing as soon as in your hotel room to improve your lives and your ability to break into buildings!","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54648],"conference_id":133,"event_ids":[55021],"name":"Lucas Rooyakkers","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GGR Security","title":"Red Teamer"}],"links":[],"pronouns":null,"media":[],"id":54309,"title":"Red Teamer at GGR Security"},{"content_ids":[54568,54648],"conference_id":133,"event_ids":[54943,55021],"name":"Billy Graydon","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GGR Security","title":"Principal"}],"links":[],"pronouns":null,"media":[],"id":54354,"title":"Principal at GGR Security"}],"begin_tsz":"2024-08-11T18:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":55021,"tag_ids":[46387,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723401000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54354},{"tag_id":46167,"sort_order":1,"person_id":54309}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-11T18:30:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Wardriving is cool, and airplanes are cool. What happens if we combine the two? Is it safe? Is it legal? How much WiFi is it possible to see from an airplane? How far does WiFi leak into the atmosphere? How far away can we see an access point? Can we catch a specific network at 1500 feet above the ground? How about 2500? We loaded up a small plane and flew around in circles to find out. This talk will share both our preparation and our results, including figuring out the best places to warfly, what equipment to use, and how to do it safely. We will present the flights we made, the data we gathered, how we analyzed it, and what we discovered. (Spoiler alert: flying a Cessna is a really, really non-stealthy way to collect information about wireless access points.)\n\n\n","media":[],"title":"Warflying in a Cessna","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Wardriving is cool, and airplanes are cool. What happens if we combine the two? Is it safe? Is it legal? How much WiFi is it possible to see from an airplane? How far does WiFi leak into the atmosphere? How far away can we see an access point? Can we catch a specific network at 1500 feet above the ground? How about 2500? We loaded up a small plane and flew around in circles to find out. This talk will share both our preparation and our results, including figuring out the best places to warfly, what equipment to use, and how to do it safely. We will present the flights we made, the data we gathered, how we analyzed it, and what we discovered. (Spoiler alert: flying a Cessna is a really, really non-stealthy way to collect information about wireless access points.)","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54647],"conference_id":133,"event_ids":[55020],"name":"Sean McKeever","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GRIMM","title":"Senior Security Researcher"}],"links":[],"pronouns":null,"media":[],"id":54295,"title":"Senior Security Researcher at GRIMM"},{"content_ids":[54647],"conference_id":133,"event_ids":[55020],"name":"Matt Thomassen","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"a financial organization","title":"Security Architect"}],"links":[],"pronouns":null,"media":[],"id":54337,"title":"Security Architect at a financial organization"}],"begin_tsz":"2024-08-11T18:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":55020,"tag_ids":[46169,46366,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723401000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54337},{"tag_id":46167,"sort_order":1,"person_id":54295}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-11T18:30:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Physical security is often overlooked in many organizational threat models. An increasing amount of physical security devices with smart components are being introduced to the market with widespread adoption. This creates an enticing attack surface for physical red teams.\r\n\r\nLockers and cabinets equipped with electronic smart locks can be found in many places such as offices, factories, hospitals, labs, and gyms. With remote and hybrid work increasing in popularity, shared use office setups becoming the default. Co-working spaces in offices are now commonplace with lockers being installed for employee device storage. People generally trust that their belongings will be secure in these lockers and entrust the locks with sensitive information, like their personal PIN.\r\n\r\nIs there a more stealthy way to get into lockers that don't involve using a crowbar?\r\n\r\nIn this talk we will analyze the vulnerabilities affecting locks manufactured by the \"global leader in keyless lock solutions,\" Digilock and Schulte-Schlagbaum AG (SAG). Both companies have been in the physical security industry for many decades. What went wrong in the development of these devices and how can these vulnerabilities be fixed? We will also discuss several other vendors operating in this space and compare findings.\r\n\r\nWe will demonstrate practical physical and side-channel attacks targeting locks that accept a standard PIN and RFID. Learn why it is poor practice to reuse the same secret PIN for lockers and safes and devices such as mobile phones and laptops (especially if they are stored inside the lockers).\n\n\n","media":[],"title":"Open sesame - or how vulnerable is your stuff in electronic lockers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T19:15:00Z","end_timestamp":{"seconds":1723403700,"nanoseconds":0},"android_description":"Physical security is often overlooked in many organizational threat models. An increasing amount of physical security devices with smart components are being introduced to the market with widespread adoption. This creates an enticing attack surface for physical red teams.\r\n\r\nLockers and cabinets equipped with electronic smart locks can be found in many places such as offices, factories, hospitals, labs, and gyms. With remote and hybrid work increasing in popularity, shared use office setups becoming the default. Co-working spaces in offices are now commonplace with lockers being installed for employee device storage. People generally trust that their belongings will be secure in these lockers and entrust the locks with sensitive information, like their personal PIN.\r\n\r\nIs there a more stealthy way to get into lockers that don't involve using a crowbar?\r\n\r\nIn this talk we will analyze the vulnerabilities affecting locks manufactured by the \"global leader in keyless lock solutions,\" Digilock and Schulte-Schlagbaum AG (SAG). Both companies have been in the physical security industry for many decades. What went wrong in the development of these devices and how can these vulnerabilities be fixed? We will also discuss several other vendors operating in this space and compare findings.\r\n\r\nWe will demonstrate practical physical and side-channel attacks targeting locks that accept a standard PIN and RFID. Learn why it is poor practice to reuse the same secret PIN for lockers and safes and devices such as mobile phones and laptops (especially if they are stored inside the lockers).","updated_timestamp":{"seconds":1722099311,"nanoseconds":0},"speakers":[{"content_ids":[54624,54441],"conference_id":133,"event_ids":[54814,54998],"name":"Braelynn","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Leviathan Security Group","title":"Security Consultant"}],"links":[],"pronouns":null,"media":[],"id":54131,"title":"Security Consultant at Leviathan Security Group"},{"content_ids":[54624,54441,54471],"conference_id":133,"event_ids":[54814,54844,54998],"name":"Dennis Giese","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Twitter (@dgi_DE)","sort_order":0,"url":"https://twitter.com/dgi_DE"},{"description":"","title":"Website","sort_order":0,"url":"https://dontvacuum.me"}],"media":[],"id":54142}],"begin_tsz":"2024-08-11T18:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-27T16:55:11Z","links":[],"end":"2024-08-11T19:15:00.000-0000","id":54814,"tag_ids":[46166,46169,46419,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723401000,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54142},{"tag_id":46167,"sort_order":4,"person_id":54131}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-11T18:30:00.000-0000","updated":"2024-07-27T16:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Azure Policy is a built-on service that helps creating security and compliance policies to enforce organizational standards in the cloud environment. It evaluates resources by comparing the properties of the resources and with the help of remediation tasks, it can fix or remediate any issues with those resources. Have you ever wondered if you could abuse or bend these policies? Can you do more than just listing the storage accounts with public access and not be in the logs? How about creating a backdoor?\n\nIn this talk I will answer these questions by talking about what Azure Policy is, how to write one, what the logs contain, what permission you need, what does resource enumeration could look like etc. At the end I will present a proof-of-concept solution to bend the Azure Policy and create a backdoor account in Azure.\n\n\n","media":[],"title":"Creating Azure Policy Compliant Backdoor","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:45:00Z","end_timestamp":{"seconds":1723401900,"nanoseconds":0},"android_description":"Azure Policy is a built-on service that helps creating security and compliance policies to enforce organizational standards in the cloud environment. It evaluates resources by comparing the properties of the resources and with the help of remediation tasks, it can fix or remediate any issues with those resources. Have you ever wondered if you could abuse or bend these policies? Can you do more than just listing the storage accounts with public access and not be in the logs? How about creating a backdoor?\n\nIn this talk I will answer these questions by talking about what Azure Policy is, how to write one, what the logs contain, what permission you need, what does resource enumeration could look like etc. At the end I will present a proof-of-concept solution to bend the Azure Policy and create a backdoor account in Azure.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55499],"conference_id":133,"event_ids":[55928],"name":"Viktor Gazdag","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"wucpi","sort_order":0,"url":"https://wucpi"}],"media":[],"id":56013}],"begin_tsz":"2024-08-11T18:10:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-11T18:45:00.000-0000","id":55928,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723399800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56013}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-11T18:10:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for a revealing exploration of open-source trust and its vulnerabilities. In this captivating activity, we will delve into the fascinating world of developer credibility and the unsettling phenomenon of faking GitHub contributions. With open source becoming an integral part of software development, we find ourselves relying on strangers to provide us with code. Trust is often based on factors like the number of stars on a package or the credibility of the package’s maintainer on GitHub. However, what if I told you that all of this could be convincingly spoofed?\n\n\n","media":[],"title":"Activity: Hacking Developers’ Trust – Faking GitHub Contribution by Checkmarx","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Join us for a revealing exploration of open-source trust and its vulnerabilities. In this captivating activity, we will delve into the fascinating world of developer credibility and the unsettling phenomenon of faking GitHub contributions. With open source becoming an integral part of software development, we find ourselves relying on strangers to provide us with code. Trust is often based on factors like the number of stars on a package or the credibility of the package’s maintainer on GitHub. However, what if I told you that all of this could be convincingly spoofed?","updated_timestamp":{"seconds":1723007375,"nanoseconds":0},"speakers":[{"content_ids":[55713,56163],"conference_id":133,"event_ids":[56807,56814,56239],"name":"Ori Ron","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56076},{"content_ids":[55713,56163],"conference_id":133,"event_ids":[56807,56814,56239],"name":"Tal Folkman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56087},{"content_ids":[56163,56167],"conference_id":133,"event_ids":[56807,56811,56814,56823],"name":"Mário Leitão-Teixeira","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56550}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-07T05:09:35Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56814,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56087},{"tag_id":46167,"sort_order":4,"person_id":56076},{"tag_id":46167,"sort_order":6,"person_id":56550}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 1","hotel":"","short_name":"ASV Pod 1","id":46466},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-08-07T05:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As a security practitioner, you may find yourself tasked with securing cloud-native applications. The problem is that there are so many moving parts, that you just wish somebody would shine a light on the alerts that count, so you could focus. You also wish somebody could automate away the trial and error involved in getting the really complex things like network policies and seccomp profiles just right.\n\n\n","media":[],"title":"Arsenal: Kubescape - OSS security from left to right and everything in the middle","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"As a security practitioner, you may find yourself tasked with securing cloud-native applications. The problem is that there are so many moving parts, that you just wish somebody would shine a light on the alerts that count, so you could focus. You also wish somebody could automate away the trial and error involved in getting the really complex things like network policies and seccomp profiles just right.","updated_timestamp":{"seconds":1722886111,"nanoseconds":0},"speakers":[{"content_ids":[56126],"conference_id":133,"event_ids":[56769],"name":"ben@armosec.io","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ARMO","title":"CTO & Co-Founder"}],"links":[],"pronouns":null,"media":[],"id":56514,"title":"CTO & Co-Founder at ARMO"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-05T19:28:31Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56769,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56514}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Arsenal 1","hotel":"","short_name":"ASV Arsenal 1","id":46469},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-08-05T19:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"En esta presentación se explorará cómo nuestra estrategia de instrumentación basada en la librería Microsoft Detours permite una inspección de los procesos de software comercial presente en diferentes sistemas, enfocándose en operaciones privilegiadas del sistema de archivos. Se detallará cómo el uso de la instrumentación facilita la búsqueda sistemática y exhaustiva de vulnerabilidades en dichos procesos, identificando y explotando fallos de seguridad críticos presentes en algunos de ellos. El proyecto demuestra la efectividad de Detours para realizar análisis de seguridad avanzados y muestra cómo las vulnerabilidades encontradas pueden ser explotadas para evaluar su impacto en escenarios reales. Esta exposición enfatiza la importancia y la efectividad de la búsqueda de vulnerabilidades para fortalecer la seguridad en sistemas de IT y OT.\n\n\n","media":[],"title":"Detección de Vulnerabilidades mediante Instrumentación y su Explotación","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"En esta presentación se explorará cómo nuestra estrategia de instrumentación basada en la librería Microsoft Detours permite una inspección de los procesos de software comercial presente en diferentes sistemas, enfocándose en operaciones privilegiadas del sistema de archivos. Se detallará cómo el uso de la instrumentación facilita la búsqueda sistemática y exhaustiva de vulnerabilidades en dichos procesos, identificando y explotando fallos de seguridad críticos presentes en algunos de ellos. El proyecto demuestra la efectividad de Detours para realizar análisis de seguridad avanzados y muestra cómo las vulnerabilidades encontradas pueden ser explotadas para evaluar su impacto en escenarios reales. Esta exposición enfatiza la importancia y la efectividad de la búsqueda de vulnerabilidades para fortalecer la seguridad en sistemas de IT y OT.","updated_timestamp":{"seconds":1722700538,"nanoseconds":0},"speakers":[{"content_ids":[55345,55977],"conference_id":133,"event_ids":[55737,56593],"name":"Asher Davila","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Palo Alto Networks","title":"IoT/OT Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/asherdavila/"},{"description":"","title":"Twitter (@asher_davila)","sort_order":0,"url":"https://twitter.com/asher_davila"},{"description":"","title":"Website","sort_order":0,"url":"https://cronop-io.github.io/"}],"media":[],"id":55948,"title":"IoT/OT Security Researcher at Palo Alto Networks"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T15:55:38Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":56593,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55948}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"For the past few months, I’ve been seeing how far I can push several commercially available GenAI systems past their ethical boundaries. … hint: it’s way too far.\r\n\r\nIn this talk, I’ll demonstrate how I was able to turn LLMs into a powerful backend for realtime, interactive voice enabled cyber scams. I’ll share my prompting strategy, social engineering tactics, the backend systems used, and show how each of these are working innocently in their own right, but enable massive possibilities for deception and harm when combined (in their current form). I’ll also cover a few key insights gained from this research, including unexpected lessons from both successful and unsuccessful attempts.\r\n\r\n**Note: this session includes demos of a violent and profane chatbot. Please do not attend if that will be offensive to you.**\n\n\n","media":[],"title":"My Conversations with a GenAI-Powered Virtual Kidnapper","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:30:00Z","end_timestamp":{"seconds":1723401000,"nanoseconds":0},"android_description":"For the past few months, I’ve been seeing how far I can push several commercially available GenAI systems past their ethical boundaries. … hint: it’s way too far.\r\n\r\nIn this talk, I’ll demonstrate how I was able to turn LLMs into a powerful backend for realtime, interactive voice enabled cyber scams. I’ll share my prompting strategy, social engineering tactics, the backend systems used, and show how each of these are working innocently in their own right, but enable massive possibilities for deception and harm when combined (in their current form). I’ll also cover a few key insights gained from this research, including unexpected lessons from both successful and unsuccessful attempts.\r\n\r\n**Note: this session includes demos of a violent and profane chatbot. Please do not attend if that will be offensive to you.**","updated_timestamp":{"seconds":1722626386,"nanoseconds":0},"speakers":[{"content_ids":[55887],"conference_id":133,"event_ids":[56472],"name":"Perry Carpenter","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"KnowBe4, Inc.","title":""}],"links":[],"pronouns":null,"media":[],"id":56259,"title":"KnowBe4, Inc."}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T19:19:46Z","links":[],"end":"2024-08-11T18:30:00.000-0000","id":56472,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56259}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-08-02T19:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Due to its wide usage, the FIDO2 protocol – also known as Passkeys – is a key example (pun intended) of a protocol that urgently needs to be migrated to post-quantum cryptographic algorithms (PQ or PQC) to be secure against the looming quantum threat. In this presentation we explain our work over the last two years towards maintaining secure passwordless authentication in the quantum era. \r\n\r\nWe discuss: is FIDO2 ‘quantum-ready’? Which of the used cryptographic algorithms need to be replaced and with what? What is the (quantum) threat model? And do we ‘just’ need quantum-secure instead of classical algorithms or should we instead use a combination of classical and PQ (a.k.a. hybrid) algorithms? Can the PQ migration be backwards compatible? If yes, would this introduce the possibility of down-grading attacks? And last but not least, is PQ FIDO2 feasible on current hardware? \r\n\r\nAfter discussing these, we present the first end-to-end post-quantum secure implementation of the FIDO2 protocol which we have recently open-sourced and benchmarked. The aim of our E2E OSS is to provide a complete implementation that allows PQ registration and authentication in all protocol operations, to enable developers to experiment and test the viability of PQ cryptography in current hardware devices providing FIDO2 authentication.\n\n\n","media":[],"title":"FIDO2 in the Quantum Realm","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:45:00Z","end_timestamp":{"seconds":1723401900,"nanoseconds":0},"android_description":"Due to its wide usage, the FIDO2 protocol – also known as Passkeys – is a key example (pun intended) of a protocol that urgently needs to be migrated to post-quantum cryptographic algorithms (PQ or PQC) to be secure against the looming quantum threat. In this presentation we explain our work over the last two years towards maintaining secure passwordless authentication in the quantum era. \r\n\r\nWe discuss: is FIDO2 ‘quantum-ready’? Which of the used cryptographic algorithms need to be replaced and with what? What is the (quantum) threat model? And do we ‘just’ need quantum-secure instead of classical algorithms or should we instead use a combination of classical and PQ (a.k.a. hybrid) algorithms? Can the PQ migration be backwards compatible? If yes, would this introduce the possibility of down-grading attacks? And last but not least, is PQ FIDO2 feasible on current hardware? \r\n\r\nAfter discussing these, we present the first end-to-end post-quantum secure implementation of the FIDO2 protocol which we have recently open-sourced and benchmarked. The aim of our E2E OSS is to provide a complete implementation that allows PQ registration and authentication in all protocol operations, to enable developers to experiment and test the viability of PQ cryptography in current hardware devices providing FIDO2 authentication.","updated_timestamp":{"seconds":1722626652,"nanoseconds":0},"speakers":[{"content_ids":[55858],"conference_id":133,"event_ids":[56445],"name":"Nina Bindel","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56227},{"content_ids":[55858],"conference_id":133,"event_ids":[56445],"name":"James Howe","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56228}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T19:24:12Z","links":[],"end":"2024-08-11T18:45:00.000-0000","id":56445,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56227},{"tag_id":46167,"sort_order":4,"person_id":56228}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-08-02T19:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this workshop we will build an inexpensive ADS-B (Automatic Dependent Surveillance–Broadcast) receiver with a Raspberry Pi and RTL-SDR. The receiver will track and display aircraft (commercial, private, and military) providing real-time altitude, direction, speed, GPS location and aircraft information. We'll discuss ADS-B technology and its importance to air traffic control. We'll also discuss building cheap external antennas to improve reception.\n\nWe will have 10 FREE ADS-B receiver kits that will be given away, at our discretion, to middle through high school students (11-18 years old). An additional 10 ADS-B kits will be available to any attendee for a modest donation to the Aerospace Village. Please see the Aerospace Village control tower to reserve your spot.\n\n\n","media":[],"title":"Watch The Skies: Build Your Own ADS-B receiver","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"In this workshop we will build an inexpensive ADS-B (Automatic Dependent Surveillance–Broadcast) receiver with a Raspberry Pi and RTL-SDR. The receiver will track and display aircraft (commercial, private, and military) providing real-time altitude, direction, speed, GPS location and aircraft information. We'll discuss ADS-B technology and its importance to air traffic control. We'll also discuss building cheap external antennas to improve reception.\n\nWe will have 10 FREE ADS-B receiver kits that will be given away, at our discretion, to middle through high school students (11-18 years old). An additional 10 ADS-B kits will be available to any attendee for a modest donation to the Aerospace Village. Please see the Aerospace Village control tower to reserve your spot.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55839],"conference_id":133,"event_ids":[56389],"name":"Jim \"Gurney\" Ross","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/jamesross/"}],"media":[],"id":56199}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56389,"tag_ids":[46366,46734],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56199}],"tags":"","conference_id":133,"location":{"parent_id":46259,"name":"LVCC - L1 - HW2-07-02 (Aerospace) - Workshops","hotel":"","short_name":"Workshops","id":46476},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us into this collaborative game of OWASP Cornucopia! Over the course of two hours we will create a Threat Model of an example target infrastructure using the OWASP Cornucopia game! Winner keeps the deck!\n\n\n","media":[],"title":"Activity: Threat modelling fun session with OWASP Cornucopia","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Join us into this collaborative game of OWASP Cornucopia! Over the course of two hours we will create a Threat Model of an example target infrastructure using the OWASP Cornucopia game! Winner keeps the deck!","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55723],"conference_id":133,"event_ids":[56254],"name":"Konstantinos Papapanagiotou","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56129}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56254,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56129}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 3","hotel":"","short_name":"ASV Pod 3","id":46468},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us into this collaborative game of OWASP Cornucopia! Over the course of two hours we will create a Threat Model of an example target infrastructure using the OWASP Cornucopia game! Winner keeps the deck!\n\n\n","media":[],"title":"Activity: Threat modelling fun session with OWASP Cornucopia","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Join us into this collaborative game of OWASP Cornucopia! Over the course of two hours we will create a Threat Model of an example target infrastructure using the OWASP Cornucopia game! Winner keeps the deck!","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55699,55712,55722],"conference_id":133,"event_ids":[56228,56230,56252],"name":"Andra","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56103}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56228,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56103}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 2","hotel":"","short_name":"ASV Pod 2","id":46467},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk, we delve deep into the increasingly interconnected world of electronic vehicles (EVs), photovoltaic (PV) solar systems, and the broader power grid infrastructure—a nexus that is becoming a fertile ground for potential large-scale cyber disruptions. As we navigate through this complex interplay of technology and infrastructure, we will uncover the critical vulnerabilities lurking within the API connections that bind these systems together. Our exploration will not only highlight these weaknesses but will also demonstrate, through real-world scenarios and potential attack vectors, how they can be exploited to launch sophisticated cyber-attacks, emphasizing the urgent need for robust security frameworks and proactive cybersecurity measures to safeguard our collective future.\r\nThe advent of PV inverters and EV charging systems has been marred by the industry's \"rush to market\" mentality, leading to overlooked security considerations.\n\n\n","media":[],"title":"Gridlock: The Dual-Edged Sword of EV and Solar APIs in Grid Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:30:00Z","end_timestamp":{"seconds":1723401000,"nanoseconds":0},"android_description":"In this talk, we delve deep into the increasingly interconnected world of electronic vehicles (EVs), photovoltaic (PV) solar systems, and the broader power grid infrastructure—a nexus that is becoming a fertile ground for potential large-scale cyber disruptions. As we navigate through this complex interplay of technology and infrastructure, we will uncover the critical vulnerabilities lurking within the API connections that bind these systems together. Our exploration will not only highlight these weaknesses but will also demonstrate, through real-world scenarios and potential attack vectors, how they can be exploited to launch sophisticated cyber-attacks, emphasizing the urgent need for robust security frameworks and proactive cybersecurity measures to safeguard our collective future.\r\nThe advent of PV inverters and EV charging systems has been marred by the industry's \"rush to market\" mentality, leading to overlooked security considerations.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[54495,55721],"conference_id":133,"event_ids":[56227,54868],"name":"Vangelis Stykas","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Atropos","title":"Chief Technology Officer"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/vangelis-stykas/"},{"description":"","title":"Twitter (@evstykas)","sort_order":0,"url":"https://twitter.com/evstykas"},{"description":"","title":"stykas.com","sort_order":0,"url":"https://stykas.com"}],"media":[],"id":54172,"title":"Chief Technology Officer at Atropos"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-11T18:30:00.000-0000","id":56227,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":4,"person_id":54172}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Do you ever pine for the days of 1200bps communications? Learn how to leverage the power of amateur radio to send digital data, pictures, and even cat memes using packet radio. This presentation will crack open the basics of packet, explore the tools you need (no soldering iron required!), and show you how to join the network buzzing beneath the surface of the RF spectrum.\n\n\n","media":[],"title":"Basic Packet Radio Operation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:30:00Z","end_timestamp":{"seconds":1723401000,"nanoseconds":0},"android_description":"Do you ever pine for the days of 1200bps communications? Learn how to leverage the power of amateur radio to send digital data, pictures, and even cat memes using packet radio. This presentation will crack open the basics of packet, explore the tools you need (no soldering iron required!), and show you how to join the network buzzing beneath the surface of the RF spectrum.","updated_timestamp":{"seconds":1722185806,"nanoseconds":0},"speakers":[{"content_ids":[55441,55442],"conference_id":133,"event_ids":[55866,55867],"name":"Jeremy","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55978}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T16:56:46Z","links":[],"end":"2024-08-11T18:30:00.000-0000","id":55866,"tag_ids":[46169,46380,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":55978}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W321","hotel":"","short_name":"W321","id":46337},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-28T16:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Industrial attacks garner a ton of attention especially from VC funded startups and government agencies who share a common goal - fundraising - I mean protecting our critical infrastructure. Threat actors around the world capitalize on geopolitical unrest and \"hack\" our industrial environments, posting screencaps while making wild claims. Both sides have seen an uptick in activity and I've been tracking unreal from reality. Heard of CyBeR AvEnGeRs or the CyBeR ArMy Of RusSiA ReBoRn and their terrifying water utilities hacks? (or not?) I'll deep dive into how these skiddies operate, their communication channels, claims, methods for validating claims, and general debauchery. I have receipts, will spill tea, and in this session will demonstrate for the village the methods/results of my work so everyone can see for themselves (so they can point and laugh and cry and laugh)\n\n\n","media":[],"title":"Tracking Industrial Advanced Threat Actors Who Aren't Really Advanced Just Skiddies Who Deface PLCs and Have Bad Manners: Methods and Results","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:50:00Z","end_timestamp":{"seconds":1723402200,"nanoseconds":0},"android_description":"Industrial attacks garner a ton of attention especially from VC funded startups and government agencies who share a common goal - fundraising - I mean protecting our critical infrastructure. Threat actors around the world capitalize on geopolitical unrest and \"hack\" our industrial environments, posting screencaps while making wild claims. Both sides have seen an uptick in activity and I've been tracking unreal from reality. Heard of CyBeR AvEnGeRs or the CyBeR ArMy Of RusSiA ReBoRn and their terrifying water utilities hacks? (or not?) I'll deep dive into how these skiddies operate, their communication channels, claims, methods for validating claims, and general debauchery. I have receipts, will spill tea, and in this session will demonstrate for the village the methods/results of my work so everyone can see for themselves (so they can point and laugh and cry and laugh)","updated_timestamp":{"seconds":1721781888,"nanoseconds":0},"speakers":[{"content_ids":[55358],"conference_id":133,"event_ids":[55750],"name":"Ron Fabela","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Infinity Squared Group (ISG)","title":"CEO"}],"links":[],"pronouns":null,"media":[],"id":55966,"title":"CEO at Infinity Squared Group (ISG)"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-24T00:44:48Z","links":[],"end":"2024-08-11T18:50:00.000-0000","id":55750,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55966}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-24T00:44:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This workshop has been developed to teach participants to be one step ahead of malicious actors with the techniques they use, making use of CVE's, investigating old and new exploits, to find payloads, vulnerable directory paths, remote inclusion of files and others so you can convert them into alerts or rules in Sentinel One. We are going to first analyze some of the most used CVEs or exploits of the moment to obtain the attack vectors and later convert them into rules\n\n\n","media":[],"title":"Threat hunting like a pentester","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T18:50:00Z","end_timestamp":{"seconds":1723402200,"nanoseconds":0},"android_description":"This workshop has been developed to teach participants to be one step ahead of malicious actors with the techniques they use, making use of CVE's, investigating old and new exploits, to find payloads, vulnerable directory paths, remote inclusion of files and others so you can convert them into alerts or rules in Sentinel One. We are going to first analyze some of the most used CVEs or exploits of the moment to obtain the attack vectors and later convert them into rules","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55321],"conference_id":133,"event_ids":[55711],"name":"Ronald Gonzalez","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55871}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-11T18:50:00.000-0000","id":55711,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55871}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Even tools \"designed to improve your security\" can be ridiculously vulnerable. Paradoxically, they can actually open the door to novel types of attacks. There's a significant threat right before us, one that everyone assumed was the cornerstone of our security but overlooked: YES, your SIEM!. In this talk, I will explain how attackers become more dangerous as they grow more creative, turning our own defenses against us. I can guarantee that by the end of the talk, some of us will be saying \"I wish we had never used any SIEM tools in the first place.\".\n\nIn this talk, the structure of SIEM tools and hidden vulnerable points of them will be discussed, using Splunk as a primary example. This talk will include demonstrations of various attack types using the open-source offensive security tool specifically developed for this research. Prepare to be both educated and amazed as we inject fake logs, distract blue teams, and hide our activities right under their noses.\n\nThis talk will equip red teamers with a novel post-exploitation strategy to enhance their engagements, challenging blue teams with the realization that the logs they monitor minutely may not always be trustworthy.\n\n\n","media":[],"title":"The SIEMless Hack: Rewriting Reality with Log Injection","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T18:50:00Z","end_timestamp":{"seconds":1723402200,"nanoseconds":0},"android_description":"Even tools \"designed to improve your security\" can be ridiculously vulnerable. Paradoxically, they can actually open the door to novel types of attacks. There's a significant threat right before us, one that everyone assumed was the cornerstone of our security but overlooked: YES, your SIEM!. In this talk, I will explain how attackers become more dangerous as they grow more creative, turning our own defenses against us. I can guarantee that by the end of the talk, some of us will be saying \"I wish we had never used any SIEM tools in the first place.\".\n\nIn this talk, the structure of SIEM tools and hidden vulnerable points of them will be discussed, using Splunk as a primary example. This talk will include demonstrations of various attack types using the open-source offensive security tool specifically developed for this research. Prepare to be both educated and amazed as we inject fake logs, distract blue teams, and hide our activities right under their noses.\n\nThis talk will equip red teamers with a novel post-exploitation strategy to enhance their engagements, challenging blue teams with the realization that the logs they monitor minutely may not always be trustworthy.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55320],"conference_id":133,"event_ids":[55710],"name":"Özgün Kültekin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@oz9un)","sort_order":0,"url":"https://twitter.com/oz9un"}],"media":[],"id":55875}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-11T18:50:00.000-0000","id":55710,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55875}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"What if you could set up a full Active Directory network, with ADCS, SCCM, and Elastic EDR with one command, on hardware you control, with parameters you define? Come with us as we explore the power of automated labs NOT based on pre-configured static templates, instead built on-demand. This talk will explore the past, present, and future of automated cybersecurity test environments that enable you to get hands-on cybersecurity experience without spending a decade becoming a sysadmin first. It will also discuss how we used our lab to find a common misconfiguration in SCCM that was exposing Domain Admin credentials on the public internet! You’ll walk away with a new SCCM tool and an open source tool to create your own labs, as well as the framework and ideas to build your own sharable modules.\n\n\n","media":[],"title":"Supercharge your vuln finding workflow with automated labs: How Ludus made it rain creds from SCCM","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T18:50:00Z","end_timestamp":{"seconds":1723402200,"nanoseconds":0},"android_description":"What if you could set up a full Active Directory network, with ADCS, SCCM, and Elastic EDR with one command, on hardware you control, with parameters you define? Come with us as we explore the power of automated labs NOT based on pre-configured static templates, instead built on-demand. This talk will explore the past, present, and future of automated cybersecurity test environments that enable you to get hands-on cybersecurity experience without spending a decade becoming a sysadmin first. It will also discuss how we used our lab to find a common misconfiguration in SCCM that was exposing Domain Admin credentials on the public internet! You’ll walk away with a new SCCM tool and an open source tool to create your own labs, as well as the framework and ideas to build your own sharable modules.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55319],"conference_id":133,"event_ids":[55709],"name":"Erik Hunstad","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@badsectorlabs)","sort_order":0,"url":"https://twitter.com/badsectorlabs"}],"media":[],"id":55876},{"content_ids":[55319],"conference_id":133,"event_ids":[55709],"name":"Alberto Rodriguez","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@__ar0d__)","sort_order":0,"url":"https://twitter.com/__ar0d__"}],"media":[],"id":55877}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-11T18:50:00.000-0000","id":55709,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55876},{"tag_id":46167,"sort_order":4,"person_id":55877}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This workshop offers a fast-paced and engaging introduction to setting up Red Team Infrastructure, focusing on the practical use of Terraform and Ansible. The session begins with a brief overview of Red Team operations and the critical role of robust infrastructure. It then swiftly moves into the practical aspects, demonstrating the basics of Terraform for deploying cloud infrastructure and Ansible for efficient configuration management. The highlight is a demonstration on integrating these tools to automate key components of Red Team infrastructure, emphasizing their application in real-world scenarios. This workshop is tailored for those eager to quickly grasp the essentials of Red Team infrastructure automation.\n\n\n","media":[],"title":"Red Team Infrastructure Setup and Automation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T18:50:00Z","end_timestamp":{"seconds":1723402200,"nanoseconds":0},"android_description":"This workshop offers a fast-paced and engaging introduction to setting up Red Team Infrastructure, focusing on the practical use of Terraform and Ansible. The session begins with a brief overview of Red Team operations and the critical role of robust infrastructure. It then swiftly moves into the practical aspects, demonstrating the basics of Terraform for deploying cloud infrastructure and Ansible for efficient configuration management. The highlight is a demonstration on integrating these tools to automate key components of Red Team infrastructure, emphasizing their application in real-world scenarios. This workshop is tailored for those eager to quickly grasp the essentials of Red Team infrastructure automation.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55318],"conference_id":133,"event_ids":[55708],"name":"Arun Nair","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@dazzyddos)","sort_order":0,"url":"https://twitter.com/dazzyddos"}],"media":[],"id":55872},{"content_ids":[55318],"conference_id":133,"event_ids":[55708],"name":"Aravind Prakash","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55873},{"content_ids":[55318],"conference_id":133,"event_ids":[55708],"name":"Shebin Mathew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55874}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-11T18:50:00.000-0000","id":55708,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55873},{"tag_id":46167,"sort_order":4,"person_id":55872},{"tag_id":46167,"sort_order":6,"person_id":55874}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In today's dynamic web application ecosystem, there exists numerous data manipulation processes to sanitize, translate and manipulate data for use by applications, for storage in back-end systems or sent to clients in web browsers. These same processes, however, can also be leveraged by bug hunters to obfuscate attack payloads from intermediary security systems such as web application firewalls (WAFs). In this workshop we will discuss several abuse scenarios including Edge-Side Includes (ESI), XSS Sanitizers and Unicode Normalizations. \r\n \r\nPre-Requisites:\r\nHands-on labs will be hosted on YesWeHack’s free DOJO platform (https://dojo-yeswehack.com/). Participants are encouraged to sign up for an account in advance and will use their own laptops for labs.\n\n\n","media":[],"title":"Lost in Translation - WAF Bypasses By Abusing Data Manipulation Processes","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T19:30:00Z","end_timestamp":{"seconds":1723404600,"nanoseconds":0},"android_description":"In today's dynamic web application ecosystem, there exists numerous data manipulation processes to sanitize, translate and manipulate data for use by applications, for storage in back-end systems or sent to clients in web browsers. These same processes, however, can also be leveraged by bug hunters to obfuscate attack payloads from intermediary security systems such as web application firewalls (WAFs). In this workshop we will discuss several abuse scenarios including Edge-Side Includes (ESI), XSS Sanitizers and Unicode Normalizations. \r\n \r\nPre-Requisites:\r\nHands-on labs will be hosted on YesWeHack’s free DOJO platform (https://dojo-yeswehack.com/). Participants are encouraged to sign up for an account in advance and will use their own laptops for labs.","updated_timestamp":{"seconds":1721438527,"nanoseconds":0},"speakers":[{"content_ids":[55184],"conference_id":133,"event_ids":[55572],"name":"Isabella Barnett","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"@4ng3lhacker","sort_order":0,"url":"https://twitter.com/4ng3lhacker"}],"media":[],"id":54820},{"content_ids":[55184],"conference_id":133,"event_ids":[55572],"name":"Ryan Barnett","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Akamai","title":""}],"pronouns":null,"links":[{"description":"","title":"@ryancbarnett","sort_order":0,"url":"https://twitter.com/ryancbarnett"}],"media":[],"id":54836,"title":"Akamai"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-20T01:22:07Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#lost-in-translation"}],"end":"2024-08-11T19:30:00.000-0000","id":55572,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54836},{"tag_id":46167,"sort_order":4,"person_id":54820}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-20T01:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Open source intelligence may sound like something you’ve never done, but even something as simple as finding your old friends on social media overlaps with skills required for the job. Learn about what OSINT is, how to start an investigation, and resources used by experts to collect the maximum amount of data on a facility before ever visiting the site.\n\n\n","media":[],"title":"Physical OSINT","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:30:00Z","end_timestamp":{"seconds":1723401000,"nanoseconds":0},"android_description":"Open source intelligence may sound like something you’ve never done, but even something as simple as finding your old friends on social media overlaps with skills required for the job. Learn about what OSINT is, how to start an investigation, and resources used by experts to collect the maximum amount of data on a facility before ever visiting the site.","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54646],"conference_id":133,"event_ids":[55019],"name":"Lukas McCullough","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54359}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T18:30:00.000-0000","id":55019,"tag_ids":[46387,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54359}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This combination presentation and panel discussion will surface the policy and technical challenges associated with securing civil aviation, bringing together perspectives from government, industry, and aviation cybersecurity companies.\r\n\r\nGiven the continued growth in civil aviation and impending regulation in the United States of America and Europe, this talk will describe the key technical challenges and the resulting policy challenges that should be addressed to keep civil aviation secure.\r\n\r\n\n\n\n","media":[],"title":"Flying Blind: Navigating the Turbulent Skies of Aviation Cybersecurity Regulation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:45:00Z","end_timestamp":{"seconds":1723401900,"nanoseconds":0},"android_description":"This combination presentation and panel discussion will surface the policy and technical challenges associated with securing civil aviation, bringing together perspectives from government, industry, and aviation cybersecurity companies.\r\n\r\nGiven the continued growth in civil aviation and impending regulation in the United States of America and Europe, this talk will describe the key technical challenges and the resulting policy challenges that should be addressed to keep civil aviation secure.","updated_timestamp":{"seconds":1720400397,"nanoseconds":0},"speakers":[{"content_ids":[54645],"conference_id":133,"event_ids":[55018],"name":"Mike Weigand","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Squadra Ventures","title":"Entrepreneur in Residence"}],"links":[],"pronouns":null,"media":[],"id":54225,"title":"Entrepreneur in Residence at Squadra Ventures"},{"content_ids":[54645],"conference_id":133,"event_ids":[55018],"name":"Stuart Wagner","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Department of the Air Force","title":"Former Chief Digital Transformation Officer"}],"links":[],"pronouns":null,"media":[],"id":56051,"title":"Former Chief Digital Transformation Officer at Department of the Air Force"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T00:59:57Z","links":[],"end":"2024-08-11T18:45:00.000-0000","id":55018,"tag_ids":[46388,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54225},{"tag_id":46167,"sort_order":4,"person_id":56051}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-08T00:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We live in an era where voice verification is increasingly adopted in security protocols. The potential for abuse through voice cloning technology presents a significant and growing threat to cybersecurity. This talk dives into the alarming capabilities of deep learning to create highly convincing voice clones. Using my own voice as a case study, I will demonstrate a recorded simulation where the cloned voice successfully bypasses several major institutions’ voice verification systems. This presentation will outline the tools and techniques leveraged for voice cloning, discuss the pressing risks involved, and explore strategic countermeasures for red teams. The aim is to equip offensive security researchers with a nuanced understanding of voice cloning technology, emphasizing its implications for threat emulation and defensive strategy formulation. Attendees will gain insight into adversary tactics using publicly available voice samples for simulating voice-based attacks, providing a clear perspective on preparing defenses against such AI-driven threats. \n\n\n","media":[],"title":"Exploiting Voice Cloning in Adversarial Simulation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:30:00Z","end_timestamp":{"seconds":1723401000,"nanoseconds":0},"android_description":"We live in an era where voice verification is increasingly adopted in security protocols. The potential for abuse through voice cloning technology presents a significant and growing threat to cybersecurity. This talk dives into the alarming capabilities of deep learning to create highly convincing voice clones. Using my own voice as a case study, I will demonstrate a recorded simulation where the cloned voice successfully bypasses several major institutions’ voice verification systems. This presentation will outline the tools and techniques leveraged for voice cloning, discuss the pressing risks involved, and explore strategic countermeasures for red teams. The aim is to equip offensive security researchers with a nuanced understanding of voice cloning technology, emphasizing its implications for threat emulation and defensive strategy formulation. Attendees will gain insight into adversary tactics using publicly available voice samples for simulating voice-based attacks, providing a clear perspective on preparing defenses against such AI-driven threats.","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54644],"conference_id":133,"event_ids":[55017],"name":"Mark Foudy","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NeurodiverseHackers.com","title":"Founder"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/markfoudy/"},{"description":"","title":"NeurodiverseHackers.com","sort_order":0,"url":"https://NeurodiverseHackers.com"},{"description":"","title":"Twitter (@0xM4rk7homas)","sort_order":0,"url":"https://twitter.com/0xM4rk7homas"}],"media":[],"id":54338,"title":"Founder at NeurodiverseHackers.com"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T18:30:00.000-0000","id":55017,"tag_ids":[46169,46367,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54338}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is not a talk in which I will demonstrate exploit chains obtained from the underworld after signing with blood. It’s about sharing meaningful stories from said underworld. The automotive underworld of huge corporations, short deadlines and lukewarm engineers. The one where companies fight for packing more and more functionality inside your computer on wheels, without paying attention to one of the things that our life actually depends on right now, cybersecurity.\r\n \r\nWhile others talk about extremely significant remote vulnerabilities, I will focus on a high-level view of architecture and design of vehicles and where security fits in these processes. I will go through a journey of exploitation, from discovering 0days, to persuading engineers for the significance of a finding, by putting him in the driving seat and engaging the breaks mid-journey.\r\n \r\nI will conclude, trying to understand why this is happening, why this behavior towards security still exists in the automotive industry, and how a small manufacturer managed to create one of the most secure embedded systems I faced in my career. All this, with a series of demos in real targets, and a real ECU on stage.\r\n \r\nOur ultimate goal is to help people understand the state of the industry, spark the interest which can come out of hacking a computer on wheels, and try to raise awareness with a bit of hack, a bit of crash and two smoking barrels.\r\n\r\n1. Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., ... & Savage, S. (2010, May). Experimental security analysis of a modern automobile. In 2010 IEEE symposium on security and privacy (pp. 447-462). IEEE.\r\n2. Miller, C., & Valasek, C. (2015). Remote exploitation of an unaltered passenger vehicle. Black Hat USA, 2015(S 91), 1-91.\r\n3. Cai, Z., Wang, A., Zhang, W., Gruffke, M., & Schweppe, H. (2019). 0-days & mitigations: roadways to exploit and secure connected BMW cars. Black Hat USA, 2019(39), 6.\r\n4. Tencent. Tencent Keen Security Lab: Experimental Security Assessment on Lexus Cars.\r\n5. [link](https://rollingpwn.github.io/rolling-pwn/)\r\n6. UNECE, G. W. (2021). UN Regulation No. 155—Cyber Security and Cyber Security Management System. Technical Report. United Nations.\r\n7. ISO. (2013). ISO 14229: Road vehicles — Unified Diagnostic Services (UDS).\r\n\n\n\n","media":[],"title":"The hack, the crash and two smoking barrels. (And all the times I (almost) killed an engineer.)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T18:45:00Z","end_timestamp":{"seconds":1723401900,"nanoseconds":0},"android_description":"This is not a talk in which I will demonstrate exploit chains obtained from the underworld after signing with blood. It’s about sharing meaningful stories from said underworld. The automotive underworld of huge corporations, short deadlines and lukewarm engineers. The one where companies fight for packing more and more functionality inside your computer on wheels, without paying attention to one of the things that our life actually depends on right now, cybersecurity.\r\n \r\nWhile others talk about extremely significant remote vulnerabilities, I will focus on a high-level view of architecture and design of vehicles and where security fits in these processes. I will go through a journey of exploitation, from discovering 0days, to persuading engineers for the significance of a finding, by putting him in the driving seat and engaging the breaks mid-journey.\r\n \r\nI will conclude, trying to understand why this is happening, why this behavior towards security still exists in the automotive industry, and how a small manufacturer managed to create one of the most secure embedded systems I faced in my career. All this, with a series of demos in real targets, and a real ECU on stage.\r\n \r\nOur ultimate goal is to help people understand the state of the industry, spark the interest which can come out of hacking a computer on wheels, and try to raise awareness with a bit of hack, a bit of crash and two smoking barrels.\r\n\r\n1. Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., ... & Savage, S. (2010, May). Experimental security analysis of a modern automobile. In 2010 IEEE symposium on security and privacy (pp. 447-462). IEEE.\r\n2. Miller, C., & Valasek, C. (2015). Remote exploitation of an unaltered passenger vehicle. Black Hat USA, 2015(S 91), 1-91.\r\n3. Cai, Z., Wang, A., Zhang, W., Gruffke, M., & Schweppe, H. (2019). 0-days & mitigations: roadways to exploit and secure connected BMW cars. Black Hat USA, 2019(39), 6.\r\n4. Tencent. Tencent Keen Security Lab: Experimental Security Assessment on Lexus Cars.\r\n5. [link](https://rollingpwn.github.io/rolling-pwn/)\r\n6. UNECE, G. W. (2021). UN Regulation No. 155—Cyber Security and Cyber Security Management System. Technical Report. United Nations.\r\n7. ISO. (2013). ISO 14229: Road vehicles — Unified Diagnostic Services (UDS).","updated_timestamp":{"seconds":1720463821,"nanoseconds":0},"speakers":[{"content_ids":[54564,54526],"conference_id":133,"event_ids":[54899,54939],"name":"Thomas \"Cr0wTom\" Sermpinis","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Auxilium Pentest Labs","title":"Technical Director"}],"pronouns":"he/him","links":[{"description":"","title":"cr0wsplace.com","sort_order":0,"url":"https://cr0wsplace.com"}],"media":[],"id":54059,"title":"Technical Director at Auxilium Pentest Labs"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T18:37:01Z","links":[],"end":"2024-08-11T18:45:00.000-0000","id":54899,"tag_ids":[46166,46169,46419,46437,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54059}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-08T18:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this presentation, we will unveil a new attack surface: Device Virtualization in VMKernel. This isan unknown territory that has not been explored by security researchers to date. During the reverse engineering of the VMware Hypervisor, we discovered 8 vulnerabilities related to device virtualization, 3 of them have been assigned CVE number (some vulnerabilities have even been successfully exploited in Tianfu Cup), and the remaining 5 of our vulnerabilities have been officially confirmed by VMware.\r\n\r\nFirstly we will delve into the loading process of vmm, the implementation of data sharing between vmm and vmx, and VMware's UserRPC, which facilitates communication between the Hypervisor and the Host. These mechanisms are crucial in virtual device emulation.\r\n\r\nThen We will explain security issues in various parts of the USB system, including the host controller, VUsb middleware, and VUsb backend devices, based on the vulnerabilities we have unearthed.\r\n\r\nIn the end, We will primarily discuss the similarities and differences in SCSI-related device emulation in the virtual disk system between VMware Workstation and ESXi Additionally, we will cover design flaws related to disk device emulation that we discovered in VMKernel.\r\n\r\n1. [link](https://www.cardlogix.com/glossary/apdu-application-protocol-data-unit-smart-card/)\r\n2. [link](https://www.zerodayinitiative.com/blog/2023/6/21/cve-2022-31696-an-analysis-of-a-vmware-esxi-tcp-socket-keepalive-type-confusion-lpe)\r\n3. [link](https://keenlab.tencent.com/en/2018/04/23/A-bunch-of-Red-Pills-VMware-Escapes/)\r\n4. [link](https://www.zerodayinitiative.com/blog/2018/1/19/automating-vmware-rpc-request-sniffing?rq=vmware)\r\n5. [link](https://williamlam.com/2010/06/esxcli-part1-what-is-esxcli.html)\r\n6. [link](https://www.usenix.org/system/files/woot19-paper_zhao.pdf)\r\n7. [link](https://www.zerodayinitiative.com/blog/2017/6/26/use-after-silence-exploiting-a-quietly-patched-uaf-in-vmware?rq=vmware)\r\n8. [link](https://github.com/vmware/open-vm-tools)\r\n9. [link](https://www.zerodayinitiative.com/blog/2019/5/7/taking-control-of-vmware-through-the-universal-host-controller-interface-part-1?rq=vmware)\r\n10. [link](https://papers.put.as/papers/macosx/2016/50_Shades_Of_Fuzzing.pdf)\r\n11. [link](https://nafod.net/blog/2020/02/29/zdi-19-421-uhci.html)\r\n12. [link](https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/ESXi_architecture.pdf)\r\n13. [link](https://www.zerodayinitiative.com/blog/2017/12/21/vmwares-launch-escape-system)\r\n14. [link](https://www.mcafee.com/blogs/other-blogs/mcafee-labs/analyzing-patch-of-a-virtual-machine-escape-on-vmware/)\r\n15. [link](https://www.blackhat.com/docs/eu-17/materials/eu-17-Mandal-The-Great-Escapes-Of-Vmware-A-Retrospective-Case-Study-Of-Vmware-G2H-Escape-Vulnerabilities.pdf)\r\n17. [link](https://www.zerodayinitiative.com/blog/2018/3/1/vmware-exploitation-through-uninitialized-buffers?rq=vmware)\r\n18. [link](https://www.blackhat.com/presentations/bh-usa-09/KORTCHINSKY/BHUSA09-Kortchinsky-Cloudburst-PAPER.pdf) conferences, including Usenix 2021, ACM CCS 2022, EuroS&P 2022, HITBSecConf2022, BlackHat Asia 2024.\r\n\n\n\n","media":[],"title":"Dragon SlayingGuide: Bug Hunting In VMware Device Virtualization","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T18:45:00Z","end_timestamp":{"seconds":1723401900,"nanoseconds":0},"android_description":"In this presentation, we will unveil a new attack surface: Device Virtualization in VMKernel. This isan unknown territory that has not been explored by security researchers to date. During the reverse engineering of the VMware Hypervisor, we discovered 8 vulnerabilities related to device virtualization, 3 of them have been assigned CVE number (some vulnerabilities have even been successfully exploited in Tianfu Cup), and the remaining 5 of our vulnerabilities have been officially confirmed by VMware.\r\n\r\nFirstly we will delve into the loading process of vmm, the implementation of data sharing between vmm and vmx, and VMware's UserRPC, which facilitates communication between the Hypervisor and the Host. These mechanisms are crucial in virtual device emulation.\r\n\r\nThen We will explain security issues in various parts of the USB system, including the host controller, VUsb middleware, and VUsb backend devices, based on the vulnerabilities we have unearthed.\r\n\r\nIn the end, We will primarily discuss the similarities and differences in SCSI-related device emulation in the virtual disk system between VMware Workstation and ESXi Additionally, we will cover design flaws related to disk device emulation that we discovered in VMKernel.\r\n\r\n1. [link](https://www.cardlogix.com/glossary/apdu-application-protocol-data-unit-smart-card/)\r\n2. [link](https://www.zerodayinitiative.com/blog/2023/6/21/cve-2022-31696-an-analysis-of-a-vmware-esxi-tcp-socket-keepalive-type-confusion-lpe)\r\n3. [link](https://keenlab.tencent.com/en/2018/04/23/A-bunch-of-Red-Pills-VMware-Escapes/)\r\n4. [link](https://www.zerodayinitiative.com/blog/2018/1/19/automating-vmware-rpc-request-sniffing?rq=vmware)\r\n5. [link](https://williamlam.com/2010/06/esxcli-part1-what-is-esxcli.html)\r\n6. [link](https://www.usenix.org/system/files/woot19-paper_zhao.pdf)\r\n7. [link](https://www.zerodayinitiative.com/blog/2017/6/26/use-after-silence-exploiting-a-quietly-patched-uaf-in-vmware?rq=vmware)\r\n8. [link](https://github.com/vmware/open-vm-tools)\r\n9. [link](https://www.zerodayinitiative.com/blog/2019/5/7/taking-control-of-vmware-through-the-universal-host-controller-interface-part-1?rq=vmware)\r\n10. [link](https://papers.put.as/papers/macosx/2016/50_Shades_Of_Fuzzing.pdf)\r\n11. [link](https://nafod.net/blog/2020/02/29/zdi-19-421-uhci.html)\r\n12. [link](https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/ESXi_architecture.pdf)\r\n13. [link](https://www.zerodayinitiative.com/blog/2017/12/21/vmwares-launch-escape-system)\r\n14. [link](https://www.mcafee.com/blogs/other-blogs/mcafee-labs/analyzing-patch-of-a-virtual-machine-escape-on-vmware/)\r\n15. [link](https://www.blackhat.com/docs/eu-17/materials/eu-17-Mandal-The-Great-Escapes-Of-Vmware-A-Retrospective-Case-Study-Of-Vmware-G2H-Escape-Vulnerabilities.pdf)\r\n17. [link](https://www.zerodayinitiative.com/blog/2018/3/1/vmware-exploitation-through-uninitialized-buffers?rq=vmware)\r\n18. [link](https://www.blackhat.com/presentations/bh-usa-09/KORTCHINSKY/BHUSA09-Kortchinsky-Cloudburst-PAPER.pdf) conferences, including Usenix 2021, ACM CCS 2022, EuroS&P 2022, HITBSecConf2022, BlackHat Asia 2024.","updated_timestamp":{"seconds":1720464711,"nanoseconds":0},"speakers":[{"content_ids":[54525],"conference_id":133,"event_ids":[54898],"name":"JiaQing Huang","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"QI-ANXIN Group","title":"Security Researcher, TianGong Team of Legendsec"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@S0dukuN)","sort_order":0,"url":"https://twitter.com/S0dukuN"},{"description":"","title":"Twitter (@TianGongLab)","sort_order":0,"url":"https://twitter.com/TianGongLab"}],"media":[],"id":54084,"title":"Security Researcher, TianGong Team of Legendsec at QI-ANXIN Group"},{"content_ids":[54525],"conference_id":133,"event_ids":[54898],"name":"Hao Zheng","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"QI-ANXIN Group","title":"Security Researcher, TianGong Team of Legendsec"}],"links":[],"pronouns":null,"media":[],"id":54127,"title":"Security Researcher, TianGong Team of Legendsec at QI-ANXIN Group"},{"content_ids":[54525],"conference_id":133,"event_ids":[54898],"name":"Yue Liu","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"QI-ANXIN Group","title":"Security Researcher"}],"links":[],"pronouns":null,"media":[],"id":54176,"title":"Security Researcher at QI-ANXIN Group"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T18:51:51Z","links":[],"end":"2024-08-11T18:45:00.000-0000","id":54898,"tag_ids":[46166,46419,46880],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54084},{"tag_id":46167,"sort_order":2,"person_id":54127},{"tag_id":46167,"sort_order":3,"person_id":54176}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-08T18:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"LDAP is no stranger to the security spotlight. While LDAP is a protocol (Lightweight Directory Access Protocol) and Active Directory is the most popular directory services system that supports a subset of LDAP, the terms “LDAP” and “AD” are tightly coupled when discussing the execution, detection and prevention of attacks targeting directory services data.\r\n \r\nIn the last decade the widespread offensive value of querying AD data via LDAP was cemented with the release of open-source tools such as BloodHound and PingCastle. However, proper visibility of LDAP queries mostly remains a privileged asset for those organizations with deep pockets, and the commercial security tools providing this visibility are often woefully fixated on simple signature-based detections.\r\n \r\nMaLDAPtive is the 2,000-hour (and counting) quest of offensive and defensive LDAP exploration and tool-building. This research includes mind-bending depths of obfuscation across all elements of LDAP queries (many undocumented and most never seen in the wild), all baked into an obfuscation/de-obfuscation/detection framework built upon our ground-up custom LDAP search filter tokenizer and syntax tree parser.\r\n \r\nCome witness the release of our MaLDAPtive research and open-source framework: transforming LDAP from “lightweight” to “heavyweight.”\r\n\r\n- General LDAP information:\r\n - [link](https://ldapwiki.com/wiki/)\r\n - [link](https://ldap.com/basic-ldap-concepts/)\r\n\r\n- LDAP-Related RFCs:\r\n - [link](https://datatracker.ietf.org/doc/html/rfc4511)\r\n - [link](https://datatracker.ietf.org/doc/html/rfc4512)\r\n - [link](https://datatracker.ietf.org/doc/html/rfc4514)\r\n \r\n- Official Documentation for Active Directory LDAP Attributes: [link](https://github.com/MicrosoftDocs/win32/tree/docs/desktop-src/ADSchema)\r\n\r\n- Blogs Highlighting Offensive LDAP Usage:\r\n - [link](https://posts.specterops.io/an-introduction-to-manual-active-directory-querying-with-dsquery-and-ldapsearch-84943c13d7eb)\r\n - [link](https://www.politoinc.com/post/ldap-queries-for-offensive-and-defensive-operations)\r\n - [link](https://www.binarydefense.com/resources/blog/uncovering-adversarial-ldap-tradecraft/)\r\n - [link](https://www.mdsec.co.uk/2024/02/active-directory-enumeration-for-red-teams/)\r\n \r\n- Open-Source Tooling Using LDAP:\r\n - [link](https://github.com/BloodHoundAD/BloodHound)\r\n - [link](https://github.com/vletoux/pingcastle)\r\n - [link](https://github.com/PowerShellMafia/PowerSploit/blob/master/Recon/PowerView.ps1)\r\n - [link](https://github.com/Kevin-Robertson/Powermad)\r\n \n\n\n","media":[],"title":"(|(MaLDAPtive:¯\\_(LDAP)_/¯=ObFUsc8t10n) (De-Obfuscation &:=De*te)(!c=tion))","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T18:45:00Z","end_timestamp":{"seconds":1723401900,"nanoseconds":0},"android_description":"LDAP is no stranger to the security spotlight. While LDAP is a protocol (Lightweight Directory Access Protocol) and Active Directory is the most popular directory services system that supports a subset of LDAP, the terms “LDAP” and “AD” are tightly coupled when discussing the execution, detection and prevention of attacks targeting directory services data.\r\n \r\nIn the last decade the widespread offensive value of querying AD data via LDAP was cemented with the release of open-source tools such as BloodHound and PingCastle. However, proper visibility of LDAP queries mostly remains a privileged asset for those organizations with deep pockets, and the commercial security tools providing this visibility are often woefully fixated on simple signature-based detections.\r\n \r\nMaLDAPtive is the 2,000-hour (and counting) quest of offensive and defensive LDAP exploration and tool-building. This research includes mind-bending depths of obfuscation across all elements of LDAP queries (many undocumented and most never seen in the wild), all baked into an obfuscation/de-obfuscation/detection framework built upon our ground-up custom LDAP search filter tokenizer and syntax tree parser.\r\n \r\nCome witness the release of our MaLDAPtive research and open-source framework: transforming LDAP from “lightweight” to “heavyweight.”\r\n\r\n- General LDAP information:\r\n - [link](https://ldapwiki.com/wiki/)\r\n - [link](https://ldap.com/basic-ldap-concepts/)\r\n\r\n- LDAP-Related RFCs:\r\n - [link](https://datatracker.ietf.org/doc/html/rfc4511)\r\n - [link](https://datatracker.ietf.org/doc/html/rfc4512)\r\n - [link](https://datatracker.ietf.org/doc/html/rfc4514)\r\n \r\n- Official Documentation for Active Directory LDAP Attributes: [link](https://github.com/MicrosoftDocs/win32/tree/docs/desktop-src/ADSchema)\r\n\r\n- Blogs Highlighting Offensive LDAP Usage:\r\n - [link](https://posts.specterops.io/an-introduction-to-manual-active-directory-querying-with-dsquery-and-ldapsearch-84943c13d7eb)\r\n - [link](https://www.politoinc.com/post/ldap-queries-for-offensive-and-defensive-operations)\r\n - [link](https://www.binarydefense.com/resources/blog/uncovering-adversarial-ldap-tradecraft/)\r\n - [link](https://www.mdsec.co.uk/2024/02/active-directory-enumeration-for-red-teams/)\r\n \r\n- Open-Source Tooling Using LDAP:\r\n - [link](https://github.com/BloodHoundAD/BloodHound)\r\n - [link](https://github.com/vletoux/pingcastle)\r\n - [link](https://github.com/PowerShellMafia/PowerSploit/blob/master/Recon/PowerView.ps1)\r\n - [link](https://github.com/Kevin-Robertson/Powermad)","updated_timestamp":{"seconds":1720463884,"nanoseconds":0},"speakers":[{"content_ids":[54524],"conference_id":133,"event_ids":[54897],"name":"Sabajete Elezaj","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Solaris SE","title":"Senior Cyber Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/sabajete-elezaj/"},{"description":"","title":"Twitter (@sabi_elezi)","sort_order":0,"url":"https://twitter.com/sabi_elezi"}],"media":[],"id":54043,"title":"Senior Cyber Security Engineer at Solaris SE"},{"content_ids":[54524],"conference_id":133,"event_ids":[54897],"name":"Daniel Bohannon","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Permiso Security","title":"Principal Threat Researcher, P0 Labs team"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/danielhbohannon/"},{"description":"","title":"Twitter (@danielhbohannon)","sort_order":0,"url":"https://twitter.com/danielhbohannon"},{"description":"","title":"Website","sort_order":0,"url":"https://danielbohannon.com"}],"media":[],"id":54055,"title":"Principal Threat Researcher, P0 Labs team at Permiso Security"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T18:38:04Z","links":[],"end":"2024-08-11T18:45:00.000-0000","id":54897,"tag_ids":[46166,46169,46419,46438,46878],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54055},{"tag_id":46167,"sort_order":4,"person_id":54043}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-08T18:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Internet was supposed to give us access to the world's information, so that people, everywhere, would be able to know the truth. But that’s not how things worked out. Instead, we have a digital deception engine of global proportions. Nothing that comes through the screen can be trusted, and even the things that are technically true have been selected, massaged, and amplified in support of someone’s messaging strategy.\n\nDeception isn’t just about narratives - we see deception at every layer of the network stack, from spoofed electromagnetic signatures, to false flags in malware, to phony personas used to access networks and spread influence. They hide in our blindspots, exploit our biases, and fill our egos while manipulating our perceptions.\n\nHow do we decide what is real? This talk examines time-tested maxims that teach the craft of effective deception, and then inverts those offensive principles to provide defensive strategies. We’ll explore ways to counter biases, triangulate information sources, detect narratives, and how hackers can build tools that can change the game.\n \nAt their best, hackers lift their heads up above the masses to see how the world actually works, not how it purports to work, and then take action to make the world a better place. You’ll leave this talk with practical skills to do just that.\n\n\n","media":[],"title":"Deception & Counter Deception – Defending Yourself in a World Full of Lies","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T18:45:00Z","end_timestamp":{"seconds":1723401900,"nanoseconds":0},"android_description":"The Internet was supposed to give us access to the world's information, so that people, everywhere, would be able to know the truth. But that’s not how things worked out. Instead, we have a digital deception engine of global proportions. Nothing that comes through the screen can be trusted, and even the things that are technically true have been selected, massaged, and amplified in support of someone’s messaging strategy.\n\nDeception isn’t just about narratives - we see deception at every layer of the network stack, from spoofed electromagnetic signatures, to false flags in malware, to phony personas used to access networks and spread influence. They hide in our blindspots, exploit our biases, and fill our egos while manipulating our perceptions.\n\nHow do we decide what is real? This talk examines time-tested maxims that teach the craft of effective deception, and then inverts those offensive principles to provide defensive strategies. We’ll explore ways to counter biases, triangulate information sources, detect narratives, and how hackers can build tools that can change the game.\n \nAt their best, hackers lift their heads up above the masses to see how the world actually works, not how it purports to work, and then take action to make the world a better place. You’ll leave this talk with practical skills to do just that.","updated_timestamp":{"seconds":1720307459,"nanoseconds":0},"speakers":[{"content_ids":[54487],"conference_id":133,"event_ids":[54860],"name":"Greg Conti","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Kopidion","title":"Principal"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/greg-conti-7a8521/"},{"description":"","title":"Twitter (@cyberbgone)","sort_order":0,"url":"https://twitter.com/cyberbgone"},{"description":"","title":"www.gregconti.com/","sort_order":0,"url":"https://www.gregconti.com/"}],"media":[],"id":54072,"title":"Principal at Kopidion"},{"content_ids":[54487],"conference_id":133,"event_ids":[54860],"name":"Tom \"Decius\" Cross","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Kopidion","title":"Principal"}],"pronouns":"he/him","links":[{"description":"","title":"bsky.app/profile/decius.bsky.social","sort_order":0,"url":"https://bsky.app/profile/decius.bsky.social"},{"description":"","title":"ioc.exchange/@decius","sort_order":0,"url":"https://ioc.exchange/@decius"}],"media":[],"id":54200,"title":"Principal at Kopidion"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-06T23:10:59Z","links":[],"end":"2024-08-11T18:45:00.000-0000","id":54860,"tag_ids":[46166,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54200},{"tag_id":46167,"sort_order":4,"person_id":54072}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ham radio is the original group of electronic hackers, starting long before computers, circuit chips, or even transistors. Continuing this pioneer spirit, The Ham Radio Village is offering free ham radio exams again at DEF CON! All are welcome to come and take the exam and get their amateur radio license upon passing. All three levels (technician, general, and amateur extra) of exams will be offered during DEF CON at the Ham Radio Village. Examinees are encouraged to study the question pool and take practice exams on ham.study.\r\n\r\nEverything we do today involves wireless communications of some sort, and a basic knowledge of how radio works is crucial. Getting your amateur radio license and entering the world of amateur radio will better equip you with knowledge about what goes on in the radio frequency domain, and this can be applied to other RF topics (like RFID credentials, WiFi, or anything else that communicated wirelessly)\n\n\n","media":[{"hash_sha256":"8121f8bfb8be2b701aea4941904ae7a178b8b90e84dd6cf786636abf65c33a38","filetype":"image/png","hash_md5":"d4129f6c22e4e172784f5759c4bb75d9","name":"pme_hamexams.png","is_logo":"Y","hash_crc32c":"ff2e55b6","filesize":31886,"asset_id":680,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_hamexams.png"}],"title":"Ham Radio Exams","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Ham radio is the original group of electronic hackers, starting long before computers, circuit chips, or even transistors. Continuing this pioneer spirit, The Ham Radio Village is offering free ham radio exams again at DEF CON! All are welcome to come and take the exam and get their amateur radio license upon passing. All three levels (technician, general, and amateur extra) of exams will be offered during DEF CON at the Ham Radio Village. Examinees are encouraged to study the question pool and take practice exams on ham.study.\r\n\r\nEverything we do today involves wireless communications of some sort, and a basic knowledge of how radio works is crucial. Getting your amateur radio license and entering the world of amateur radio will better equip you with knowledge about what goes on in the radio frequency domain, and this can be applied to other RF topics (like RFID credentials, WiFi, or anything else that communicated wirelessly)","updated_timestamp":{"seconds":1718812742,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-06-19T15:59:02Z","links":[{"label":"Website","type":"link","url":"https://hamvillage.org/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249512"},{"label":"Registration (Free)","type":"link","url":"https://ham.study/sessions/669069be6af12f90943be578/1"},{"label":"Twitter (@HamRadioVillage)","type":"link","url":"https://twitter.com/HamRadioVillage"}],"end":"2024-08-11T20:00:00.000-0000","id":54510,"tag_ids":[46365,46380],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W320","hotel":"","short_name":"W320","id":46299},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-06-19T15:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Kubernetes is the de facto operating system of the cloud, more organizations are running their workloads on Kubernetes. While Kubernetes offers many benefits, new users may introduce security risks like cluster misconfiguration, leaked credentials, cryptojacking, container escapes, and vulnerable clusters.\r\n\r\nThis workshop will teach you the fundamentals of Kubernetes security, from protecting your cluster to securing your workloads. You'll learn about RBAC, OPA, Security Contexts, Network Policies, and other security features. You'll also learn how to exploit workloads running on a Kubernetes environment using Living Off the Land (LotL) techniques like exploiting Insecure APIs, Secrets Theft, Container Escape and Pod Privilege Escalation, similar to the ones used by real-world threat actors.\r\n\r\nThis workshop is designed for both beginners and advanced students. By the end of the workshop, you'll have a deep understanding of Kubernetes security and the skills to protect your K8S clusters.\n\n\n","media":[],"title":"Kubernetes Security: Hands-On Attack and Defense","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Kubernetes is the de facto operating system of the cloud, more organizations are running their workloads on Kubernetes. While Kubernetes offers many benefits, new users may introduce security risks like cluster misconfiguration, leaked credentials, cryptojacking, container escapes, and vulnerable clusters.\r\n\r\nThis workshop will teach you the fundamentals of Kubernetes security, from protecting your cluster to securing your workloads. You'll learn about RBAC, OPA, Security Contexts, Network Policies, and other security features. You'll also learn how to exploit workloads running on a Kubernetes environment using Living Off the Land (LotL) techniques like exploiting Insecure APIs, Secrets Theft, Container Escape and Pod Privilege Escalation, similar to the ones used by real-world threat actors.\r\n\r\nThis workshop is designed for both beginners and advanced students. By the end of the workshop, you'll have a deep understanding of Kubernetes security and the skills to protect your K8S clusters.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55720],"conference_id":133,"event_ids":[56226],"name":"alevsk","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56131}],"begin_tsz":"2024-08-11T17:45:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56226,"tag_ids":[46370,46734],"village_id":null,"begin_timestamp":{"seconds":1723398300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56131}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Classroom","hotel":"","short_name":"ASV Classroom","id":46465},"spans_timebands":"N","begin":"2024-08-11T17:45:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk we will explore vulnerabilities in Amazon Web Services (AWS) products which allowed us to gain access to cloud environments.\n\nTraditionally, adversaries have abused misconfigurations and leaked credentials to gain access to AWS workloads. Things like exposed long-lived access keys and exploiting the privileges of virtual machines have allowed adversaries to breach cloud resources. However, these mistakes are on the customer side of the shared responsibility model. In this session, we will cover vulnerabilities in AWS services that have been fixed and that previously allowed us to access cloud resources.\n\nWe will start with an exploration of how Identity and Access Management (IAM) roles establish trust with AWS services. Covering how roles associated with Amazon Cognito and GitHub Actions could be misconfigured to allow anyone in the world to access them. From here, we’ll cover a vulnerability we found in AWS Amplify which exposed IAM roles associated with the service to takeover, allowing anyone the ability to assume these roles.\n\nFinally, we will also look at a worst-case scenario: what happens when an attacker finds a confused deputy vulnerability and is able to assume roles in other accounts? Sounds far-fetched? We’ll cover a real world example of a vulnerability we found in AWS AppSync that lets us do just that. We’ll also discuss how security practitioners can secure their environments, even against a zero-day like this one.\n\nJoin us to learn how attackers search for and exploit vulnerabilities in AWS services to gain access to cloud environments.\n\n\n","media":[],"title":"Kicking in the Door to the Cloud: Exploiting Cloud Provider Vulnerabilities for Initial Access","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:10:00Z","end_timestamp":{"seconds":1723399800,"nanoseconds":0},"android_description":"In this talk we will explore vulnerabilities in Amazon Web Services (AWS) products which allowed us to gain access to cloud environments.\n\nTraditionally, adversaries have abused misconfigurations and leaked credentials to gain access to AWS workloads. Things like exposed long-lived access keys and exploiting the privileges of virtual machines have allowed adversaries to breach cloud resources. However, these mistakes are on the customer side of the shared responsibility model. In this session, we will cover vulnerabilities in AWS services that have been fixed and that previously allowed us to access cloud resources.\n\nWe will start with an exploration of how Identity and Access Management (IAM) roles establish trust with AWS services. Covering how roles associated with Amazon Cognito and GitHub Actions could be misconfigured to allow anyone in the world to access them. From here, we’ll cover a vulnerability we found in AWS Amplify which exposed IAM roles associated with the service to takeover, allowing anyone the ability to assume these roles.\n\nFinally, we will also look at a worst-case scenario: what happens when an attacker finds a confused deputy vulnerability and is able to assume roles in other accounts? Sounds far-fetched? We’ll cover a real world example of a vulnerability we found in AWS AppSync that lets us do just that. We’ll also discuss how security practitioners can secure their environments, even against a zero-day like this one.\n\nJoin us to learn how attackers search for and exploit vulnerabilities in AWS services to gain access to cloud environments.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[54449,55498],"conference_id":133,"event_ids":[55927,54822],"name":"Nick Frichette","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Datadog","title":"Staff Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@frichetten@fosstodon.org)","sort_order":0,"url":"https://fosstodon.org/@frichetten"},{"description":"","title":"Twitter (@Frichette_n)","sort_order":0,"url":"https://twitter.com/Frichette_n"},{"description":"","title":"Website","sort_order":0,"url":"https://frichetten.com/"}],"media":[],"id":54089,"title":"Staff Security Researcher at Datadog"}],"begin_tsz":"2024-08-11T17:35:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-11T18:10:00.000-0000","id":55927,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723397700,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54089}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-11T17:35:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There are loads of ways to get through a door without actually attacking the lock itself, including using the egress hardware, access control hardware, and countless other techniques to gain entry. Learn how to do these attacks in this talk!\n\n\n","media":[],"title":"Bypass 101","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:30:00Z","end_timestamp":{"seconds":1723401000,"nanoseconds":0},"android_description":"There are loads of ways to get through a door without actually attacking the lock itself, including using the egress hardware, access control hardware, and countless other techniques to gain entry. Learn how to do these attacks in this talk!","updated_timestamp":{"seconds":1723044255,"nanoseconds":0},"speakers":[{"content_ids":[54561,54621,55796],"conference_id":133,"event_ids":[56873,56345,54936,54995],"name":"Karen Ng","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GGR Security","title":"Risk Analyst"}],"links":[],"pronouns":null,"media":[],"id":54281,"title":"Risk Analyst at GGR Security"}],"begin_tsz":"2024-08-11T17:30:00Z","timeband_id":1149,"updated_tsz":"2024-08-07T15:24:15Z","links":[],"end":"2024-08-11T18:30:00.000-0000","id":56873,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723397400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54281}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-11T17:30:00.000-0000","updated":"2024-08-07T15:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This panel will consist of leaders and practitioners from multiple areas of the security and hacking space, sharing their journeys and perspectives on the industry. They’ll answer your questions on hiring, career advancement, and technical growth. Join us for this interactive session!\n\n\nThis panel will consist of leaders and practitioners from multiple areas of the security and hacking space, sharing their journeys and perspectives on the industry. They’ll answer your questions on hiring, career advancement, and technical growth. Join us for this interactive session!","media":[],"title":"Blue Team Careers: Do what you love, get paid for it! (A BTV Interactive Panel)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"This panel will consist of leaders and practitioners from multiple areas of the security and hacking space, sharing their journeys and perspectives on the industry. They’ll answer your questions on hiring, career advancement, and technical growth. Join us for this interactive session!\n\n\nThis panel will consist of leaders and practitioners from multiple areas of the security and hacking space, sharing their journeys and perspectives on the industry. They’ll answer your questions on hiring, career advancement, and technical growth. Join us for this interactive session!","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55727,55760],"conference_id":133,"event_ids":[56235,56285],"name":"Tennisha Martin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56089},{"content_ids":[55763,55760],"conference_id":133,"event_ids":[56285,56287],"name":"Shea Nangle","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56157},{"content_ids":[55760],"conference_id":133,"event_ids":[56285],"name":"Cyb0rg42","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56590},{"content_ids":[55760],"conference_id":133,"event_ids":[56285],"name":"Dani","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56592},{"content_ids":[55760],"conference_id":133,"event_ids":[56285],"name":"Pete Ortega","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56596}],"begin_tsz":"2024-08-11T17:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":56285,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723397400,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":56590},{"tag_id":46487,"sort_order":4,"person_id":56592},{"tag_id":46487,"sort_order":6,"person_id":56157},{"tag_id":46487,"sort_order":8,"person_id":56089},{"tag_id":46167,"sort_order":10,"person_id":56596}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-11T17:30:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"WarDriver Meetup","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-11T19:20:00Z","end_timestamp":{"seconds":1723404000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722186874,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T17:14:34Z","links":[],"end":"2024-08-11T19:20:00.000-0000","id":55869,"tag_ids":[46364,46390],"village_id":null,"begin_timestamp":{"seconds":1723397400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-11T17:30:00.000-0000","updated":"2024-07-28T17:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Living a life devoid of trust in anything or anyone can lead to a dismal existence. However, in the realm of cyber security, embracing the concept of Zero Trust is essential. Trust was never meant for networks and is now irrelevant in the digital realm. This discussion explores why trust has become a vulnerability and underscores the importance for organizations to adopt principles such as Zero Trust to effectively respond to the ever-changing threat landscape; failure to do so may lead to their extinction within a few years.\n\n\n","media":[],"title":"Ain’t that a Breach: Zero Trust Is the Only Solution!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:30:00Z","end_timestamp":{"seconds":1723404600,"nanoseconds":0},"android_description":"Living a life devoid of trust in anything or anyone can lead to a dismal existence. However, in the realm of cyber security, embracing the concept of Zero Trust is essential. Trust was never meant for networks and is now irrelevant in the digital realm. This discussion explores why trust has become a vulnerability and underscores the importance for organizations to adopt principles such as Zero Trust to effectively respond to the ever-changing threat landscape; failure to do so may lead to their extinction within a few years.","updated_timestamp":{"seconds":1721495393,"nanoseconds":0},"speakers":[{"content_ids":[55205],"conference_id":133,"event_ids":[55595],"name":"Dr. Louis DeWeaver III","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Marsh McLennan Agency","title":"Cyber Security Consultant"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/drlouisdeweaver/"}],"media":[],"id":55795,"title":"Cyber Security Consultant at Marsh McLennan Agency"}],"begin_tsz":"2024-08-11T17:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-20T17:09:53Z","links":[],"end":"2024-08-11T19:30:00.000-0000","id":55595,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723397400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55795}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-11T17:30:00.000-0000","updated":"2024-07-20T17:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There are many famous codes and ciphers still waiting to be solved, such as the encrypted Voynich manuscript and Edward Elgar's Dorabella cipher. All hold a special fascination. In this talk, prepare to be entertained and informed by Elonka Dunin and Klaus Schmeh, as we briefly discuss the encryption on Kryptos, the mysterious sculpture at the center of CIA Headquarters; NKrypt, an encrypted sculpture in Australia; an encrypted engraving on an early 20th century German silver cigarette case; details about the message attached to the leg of a WWII carrier pigeon that was found in an English chimney; an encrypted postcard by the owner of UK's Luton soccer team; and the intriguing encrypted messages created by the mysterious Henry Debosnys while awaiting his murder trial in New York in the late 1800s.\n\n\n","media":[],"title":"Famous and Not-So-Famous Unsolved Codes","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:30:00Z","end_timestamp":{"seconds":1723401000,"nanoseconds":0},"android_description":"There are many famous codes and ciphers still waiting to be solved, such as the encrypted Voynich manuscript and Edward Elgar's Dorabella cipher. All hold a special fascination. In this talk, prepare to be entertained and informed by Elonka Dunin and Klaus Schmeh, as we briefly discuss the encryption on Kryptos, the mysterious sculpture at the center of CIA Headquarters; NKrypt, an encrypted sculpture in Australia; an encrypted engraving on an early 20th century German silver cigarette case; details about the message attached to the leg of a WWII carrier pigeon that was found in an English chimney; an encrypted postcard by the owner of UK's Luton soccer team; and the intriguing encrypted messages created by the mysterious Henry Debosnys while awaiting his murder trial in New York in the late 1800s.","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54643,54508],"conference_id":133,"event_ids":[54881,55016],"name":"Elonka Dunin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Crypto Expert"}],"pronouns":"she/her","links":[{"description":"","title":"Facebook","sort_order":0,"url":"https://www.facebook.com/elonka"},{"description":"","title":"Twitter (@ElonkaDunin)","sort_order":0,"url":"https://twitter.com/ElonkaDunin"},{"description":"","title":"cipherbrain.net","sort_order":0,"url":"https://cipherbrain.net"},{"description":"","title":"codebreaking-guide.com","sort_order":0,"url":"https://codebreaking-guide.com"},{"description":"","title":"elonka.com","sort_order":0,"url":"https://elonka.com"}],"media":[],"id":54068,"title":"Crypto Expert"},{"content_ids":[54643,54508],"conference_id":133,"event_ids":[54881,55016],"name":"Klaus Schmeh","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Eviden","title":"Crypto Expert"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@KlausSchmeh)","sort_order":0,"url":"https://twitter.com/KlausSchmeh"}],"media":[],"id":54194,"title":"Crypto Expert at Eviden"}],"begin_tsz":"2024-08-11T17:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T18:30:00.000-0000","id":55016,"tag_ids":[46377,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723397400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54068},{"tag_id":46167,"sort_order":6,"person_id":54194}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-11T17:30:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Rob Joyce, former NSA and White House cyber official, will engage with Dark Tangent to analyze the evolving state of global cyber threats. Their discussion will explore the impact and potential of artificial intelligence, assessing how AI is reshaping the cybersecurity landscape and what it means for the future of global security.\n\n\n\n\n","media":[],"title":"Changing Global Threat Landscape with Rob Joyce and Dark Tangent","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T18:15:00Z","end_timestamp":{"seconds":1723400100,"nanoseconds":0},"android_description":"Rob Joyce, former NSA and White House cyber official, will engage with Dark Tangent to analyze the evolving state of global cyber threats. Their discussion will explore the impact and potential of artificial intelligence, assessing how AI is reshaping the cybersecurity landscape and what it means for the future of global security.","updated_timestamp":{"seconds":1720307460,"nanoseconds":0},"speakers":[{"content_ids":[54523,54446,54436,54542,54574],"conference_id":133,"event_ids":[54809,54819,54896,54949,54915],"name":"Jeff \"The Dark Tangent\" Moss","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DEF CON Communications","title":""}],"pronouns":null,"links":[{"description":"","title":"Mastodon (@thedarktangent@defcon.social)","sort_order":0,"url":"https://defcon.social/@thedarktangent"},{"description":"","title":"Twitter (@thedarktangent)","sort_order":0,"url":"https://twitter.com/thedarktangent"}],"media":[{"hash_sha256":"f53ed4086958b3703d597c50fe74eef1800cf474aa3d17c0895bf89d6c05716f","filetype":"image/jpeg","hash_md5":"8104a1f4b82a4241208b7f6b9112ebf2","name":"thedarktangent_avatar.jpeg","hash_crc32c":"4ae7af86","asset_id":689,"filesize":2064,"sort_order":1,"url":"https://info.defcon.org/blobs/thedarktangent_avatar.jpeg","person_id":52629}],"id":52629,"title":"DEF CON Communications"},{"content_ids":[54523],"conference_id":133,"event_ids":[54896],"name":"Rob Joyce","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54067}],"begin_tsz":"2024-08-11T17:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-06T23:11:00Z","links":[],"end":"2024-08-11T18:15:00.000-0000","id":54896,"tag_ids":[46166,46419,46881],"village_id":null,"begin_timestamp":{"seconds":1723397400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54067},{"tag_id":46167,"sort_order":4,"person_id":52629}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-11T17:30:00.000-0000","updated":"2024-07-06T23:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Become a Wi-Fi investigator: Uncover Hidden Wi-Fi Cameras, network Intruders, and more with the Wi-Fi Nugget. In this workshop, we'll use a cute, cat-shaped microcontroller board to catch hackers using well-known hacking tools like a Wi-Fi Pineapple, hunt down suspicious Wi-Fi devices like hidden cameras, and detect jamming attacks. We’ll explore how low-cost microcontrollers can be used to unmask and track down Wi-Fi hacking tools, or locate unwanted devices on your local network.\n\n\n","media":[],"title":"Wi-Fi Hacker Hunting","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T18:45:00Z","end_timestamp":{"seconds":1723401900,"nanoseconds":0},"android_description":"Become a Wi-Fi investigator: Uncover Hidden Wi-Fi Cameras, network Intruders, and more with the Wi-Fi Nugget. In this workshop, we'll use a cute, cat-shaped microcontroller board to catch hackers using well-known hacking tools like a Wi-Fi Pineapple, hunt down suspicious Wi-Fi devices like hidden cameras, and detect jamming attacks. We’ll explore how low-cost microcontrollers can be used to unmask and track down Wi-Fi hacking tools, or locate unwanted devices on your local network.","updated_timestamp":{"seconds":1722645221,"nanoseconds":0},"speakers":[{"content_ids":[55930,55931,55932,55933,55934,55935,55936,55937,55938,55939],"conference_id":133,"event_ids":[56521,56522,56523,56524,56525,56526,56527,56528,56529,56530],"name":"Kody K","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56287}],"begin_tsz":"2024-08-11T17:15:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:41Z","links":[{"label":"Purchase/Pre-Register","type":"link","url":"https://retia.io/products/solder-your-own-cat-themed-wi-fi-hacking-tool-copy"}],"end":"2024-08-11T18:45:00.000-0000","id":56529,"tag_ids":[46383,46429,46734],"village_id":null,"begin_timestamp":{"seconds":1723396500,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56287}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:15:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"When you used your debit card today, do you know where that transaction was sent? Though it may conjure archival images of a 1950’s IT room stocked with enormous, low-tech machines, Mainframe technology is both modernized and heavily relied upon today. \r\n\r\nMainframe architecture is some of the most reliable tech available, able to manage incredibly large input/output volumes with low risk of downtime and there are few signs of it being sunset in the decades to come. As protectors of the cyber landscape, understanding how mainframes are incorporated into a businesses topology and ways to secure mainframe architecture will remain important for any entity that utilizes this technology. \r\n\r\nIn this talk we'll explore the pervasiveness of mainframe technology, why it will remain relevant to the future landscape of mission critical-applications, and several trusted solutions for helping to secure these incredible computers. \r\n\n\n\n","media":[],"title":"The Immortal Retrofuturism of Mainframe Computers and How to Keep Them Safe","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T17:45:00Z","end_timestamp":{"seconds":1723398300,"nanoseconds":0},"android_description":"When you used your debit card today, do you know where that transaction was sent? Though it may conjure archival images of a 1950’s IT room stocked with enormous, low-tech machines, Mainframe technology is both modernized and heavily relied upon today. \r\n\r\nMainframe architecture is some of the most reliable tech available, able to manage incredibly large input/output volumes with low risk of downtime and there are few signs of it being sunset in the decades to come. As protectors of the cyber landscape, understanding how mainframes are incorporated into a businesses topology and ways to secure mainframe architecture will remain important for any entity that utilizes this technology. \r\n\r\nIn this talk we'll explore the pervasiveness of mainframe technology, why it will remain relevant to the future landscape of mission critical-applications, and several trusted solutions for helping to secure these incredible computers.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55719],"conference_id":133,"event_ids":[56225],"name":"Michelle Eggers","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56133}],"begin_tsz":"2024-08-11T17:15:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-11T17:45:00.000-0000","id":56225,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723396500,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56133}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-11T17:15:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Correlating slow & stealthy APT traces hiding in the sheer noise","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723217657,"nanoseconds":0},"speakers":[{"content_ids":[54634,55759,55495,55348,56206,55557],"conference_id":133,"event_ids":[55740,56072,55924,56284,56860,55008],"name":"Ezz Tahoun","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ezzeldinadel/"}],"media":[],"id":54240}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-09T15:34:17Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":56860,"tag_ids":[46367,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54240}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV Hands-on Area","hotel":"","short_name":"ADV Hands-on Area","id":46478},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-09T15:34:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Physical Security Village explores the world of hardware bypasses and techniques generally outside of the realm of cyber-security and lockpicking. Come learn some of these bypasses, how to fix them, and have the opportunity to try them out for yourself. \r\n\r\nWe’ll be covering the basics, like the under-the-door-tool and latch slipping attacks, as well as an in depth look at more complicated bypasses. Learn about elevator hacking, attacking alarm systems at the sensor and communication line, and cut-away and display models of common hardware to show how it works on the inside. \r\n\r\nLooking for a challenge? Show us you can use lock bypass to escape from a pair of standard handcuffs in under 30 seconds and receive a prize!\n\n\n","media":[],"title":"Physical Security Village Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The Physical Security Village explores the world of hardware bypasses and techniques generally outside of the realm of cyber-security and lockpicking. Come learn some of these bypasses, how to fix them, and have the opportunity to try them out for yourself. \r\n\r\nWe’ll be covering the basics, like the under-the-door-tool and latch slipping attacks, as well as an in depth look at more complicated bypasses. Learn about elevator hacking, attacking alarm systems at the sensor and communication line, and cut-away and display models of common hardware to show how it works on the inside. \r\n\r\nLooking for a challenge? Show us you can use lock bypass to escape from a pair of standard handcuffs in under 30 seconds and receive a prize!","updated_timestamp":{"seconds":1723044549,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-07T15:29:09Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56821,"tag_ids":[46387,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-07T15:29:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In addition to the CTF and talks which are elsewhere on the schedule, the RF Village is also a place to hang out and chat with like minded folks who share your interests.\n\n\n","media":[],"title":"Radio Frequency Village Events","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"In addition to the CTF and talks which are elsewhere on the schedule, the RF Village is also a place to hang out and chat with like minded folks who share your interests.","updated_timestamp":{"seconds":1722874415,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-05T16:13:35Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56768,"tag_ids":[46390,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-05T16:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"To celebrate DEF CON 32, the Hardware Hacking Village (HHV) is hosting a Rube Goldberg Machine (RGM) Event! This idea has been kicking around the HHV volunteer circle in one shape or another since at least DEF CON 20, so it’s about time that it happened! The goal is to create a series of devices that combine to form an end-to-end Rube Goldberg machine for transmitting messages. The hope is that all sorts of creative devices will be connected up to each other to move bits through various complicated and fun analog/digital methods. Ideas have ranged from simply wiring RX to TX — to using radios to bounce the message off the moon!\n\n\n","media":[],"title":"HHV Rube Goldberg Machine","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"To celebrate DEF CON 32, the Hardware Hacking Village (HHV) is hosting a Rube Goldberg Machine (RGM) Event! This idea has been kicking around the HHV volunteer circle in one shape or another since at least DEF CON 20, so it’s about time that it happened! The goal is to create a series of devices that combine to form an end-to-end Rube Goldberg machine for transmitting messages. The hope is that all sorts of creative devices will be connected up to each other to move bits through various complicated and fun analog/digital methods. Ideas have ranged from simply wiring RX to TX — to using radios to bounce the message off the moon!","updated_timestamp":{"seconds":1722821818,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-05T01:36:58Z","links":[{"label":"More Info","type":"link","url":"https://dchhv.org/events/hhv_rgb.html"}],"end":"2024-08-11T20:00:00.000-0000","id":56763,"tag_ids":[46381,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-05T01:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you have never participated in a Robo Sumo event before, welcome to the crowd! There are a number of resources online on this topic. We are lucky enough to have Pololu as a local resource. Their office is a short distance from the strip. They have have robots and parts to make robots. They can ship to your hotel if desired. Put something together and bring it down to show off and shove other bots around.\r\n\r\nPlease follow the \"more info\" link if you would like to know more.\n\n\n","media":[],"title":"Robo Sumo","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"If you have never participated in a Robo Sumo event before, welcome to the crowd! There are a number of resources online on this topic. We are lucky enough to have Pololu as a local resource. Their office is a short distance from the strip. They have have robots and parts to make robots. They can ship to your hotel if desired. Put something together and bring it down to show off and shove other bots around.\r\n\r\nPlease follow the \"more info\" link if you would like to know more.","updated_timestamp":{"seconds":1722821775,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-05T01:36:15Z","links":[{"label":"More Info","type":"link","url":"https://dchhv.org/events/robosumo.html"}],"end":"2024-08-11T20:00:00.000-0000","id":56761,"tag_ids":[46381,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-05T01:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Hardware Hacking and Soldering Skills Village Open (HHV-SSV)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722822007,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-05T01:40:07Z","links":[{"label":"Website","type":"link","url":"https://dchhv.org"}],"end":"2024-08-11T20:00:00.000-0000","id":56759,"tag_ids":[46381,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-05T01:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Welcome to the inaugural GameHacking.GG @ DEF CON 32, where gaming and cybersecurity intersect in exciting and interactive ways. Our mission is to delve into various aspects of game security, fostering an environment of exploration, play, and learning. The DEFCON32 event is constructed to make game security accessible and playable at all skill levels. \r\n\r\nAt the Game Hacking DEF CON 32 event, participants can engage in activities ranging from modding games to exploring the intricacies of memory hacking and multiplayer cheats. In future iterations of the event we hope to expand to learning about game malware and maybe even some hardware hacks. Whether you're a beginner or an experienced hacker, we will have presentations and activities to challenge your skills.\r\n\r\nBe part of the evolution of game security. Dive into our activities, engage with other game hackers, and explore opportunities to contribute to and support the Game Hacking Community. Let’s play, learn, exploit, and perhaps even profit.\n\n\n","media":[],"title":"Game Hacking Community Activities & CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"Welcome to the inaugural GameHacking.GG @ DEF CON 32, where gaming and cybersecurity intersect in exciting and interactive ways. Our mission is to delve into various aspects of game security, fostering an environment of exploration, play, and learning. The DEFCON32 event is constructed to make game security accessible and playable at all skill levels. \r\n\r\nAt the Game Hacking DEF CON 32 event, participants can engage in activities ranging from modding games to exploring the intricacies of memory hacking and multiplayer cheats. In future iterations of the event we hope to expand to learning about game malware and maybe even some hardware hacks. Whether you're a beginner or an experienced hacker, we will have presentations and activities to challenge your skills.\r\n\r\nBe part of the evolution of game security. Dive into our activities, engage with other game hackers, and explore opportunities to contribute to and support the Game Hacking Community. Let’s play, learn, exploit, and perhaps even profit.","updated_timestamp":{"seconds":1722815557,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-04T23:52:37Z","links":[],"end":"2024-08-11T18:00:00.000-0000","id":56754,"tag_ids":[46402,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-03","hotel":"","short_name":"HW4-01-03","id":46275},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-04T23:52:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Lonely Hackers Club is conducting some meshtastic activities during DEF CON 32. \r\n\r\nThe Lonely Hackers Club is hosting a CTF over Meshtastic. To participate you will need a Meshtastic node. There will be additional flags located in or near the LHC room. For more information check out our [Meshtastic page](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Getting Started\r\n\r\nLearn more [here](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Default LongFast Mesh + LHC Channel, Use before DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CgcSAQE6AgggChcSEMSWXxEzf_LVVi5jI8UQhWUaA2xoYxIMCAE4AUADSAFQHmgB)\r\n\r\n## DEFCONnect ShortFast Mesh + LHC Channel, Use during DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CjISIDhLvMAdwCLRgb82uGEh4fuWty5Vv3Qifp1q-0jWTLGhGgpERUZDT05uZWN0OgIIDQoXEhDEll8RM3_y1VYuYyPFEIVlGgNsaGMSEQgBEAY4AUADSAFQHmgBwAYB)\r\n\n\n\n","media":[],"title":"LHC Meshtastic Activities and CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Lonely Hackers Club is conducting some meshtastic activities during DEF CON 32. \r\n\r\nThe Lonely Hackers Club is hosting a CTF over Meshtastic. To participate you will need a Meshtastic node. There will be additional flags located in or near the LHC room. For more information check out our [Meshtastic page](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Getting Started\r\n\r\nLearn more [here](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Default LongFast Mesh + LHC Channel, Use before DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CgcSAQE6AgggChcSEMSWXxEzf_LVVi5jI8UQhWUaA2xoYxIMCAE4AUADSAFQHmgB)\r\n\r\n## DEFCONnect ShortFast Mesh + LHC Channel, Use during DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CjISIDhLvMAdwCLRgb82uGEh4fuWty5Vv3Qifp1q-0jWTLGhGgpERUZDT05uZWN0OgIIDQoXEhDEll8RM3_y1VYuYyPFEIVlGgNsaGMSEQgBEAY4AUADSAFQHmgBwAYB)","updated_timestamp":{"seconds":1722875831,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-05T16:37:11Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56750,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-05T16:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"\"Tamper-evident\" refers to a physical security technology that provides evidence of tampering (access, damage, repair, or replacement) to determine authenticity or integrity of a container or object(s). In practical terms, this can be a piece of tape that closes an envelope, a plastic detainer that secures a hasp, or an ink used to identify a legitimate document. Tamper-evident technologies are often confused with \"tamper resistant\" or \"tamper proof\" technologies which attempt to prevent tampering in the first place. Referred to individually as \"seals,\" many tamper technologies are easy to destroy, but a destroyed (or missing) seal would provide evidence of tampering! The goal of the TEV is to teach attendees how these technologies work and how many can be tampered with without leaving evidence.\r\n\r\nThe Tamper-Evident Village includes the following contests and events:\r\n\r\n- The Box; an electronic tamper challenge. An extremely realistic explosive with traps, alarms, and a timer ticking down. One mistake and BOOM, you're dead. Make every second count! Sign ups on-site when the TEV begins.\r\n- Tamper-Evident King of the Hill; a full-featured tamper challenge. Tamper single items at your leisure and attempt to beat the current best. There can be only ONE! No sign ups required, play on-site when the TEV begins.\r\n- Badge Counterfeiting Contest; submit your best forgery of a DEF CON human badge. Other target badges are also available for those looking for more counterfeit fun!\r\n- For your viewing pleasure, collections of high-security tamper-evident seals from around the world.\r\n- Presentations & demonstrations on various aspects of tamper-evident seals and methods to defeat them.\r\n- Hands-on fun with adhesive seals, mechanical seals, envelopes, and evidence bags.\n\n\n","media":[],"title":"Tamper Evident Village Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"\"Tamper-evident\" refers to a physical security technology that provides evidence of tampering (access, damage, repair, or replacement) to determine authenticity or integrity of a container or object(s). In practical terms, this can be a piece of tape that closes an envelope, a plastic detainer that secures a hasp, or an ink used to identify a legitimate document. Tamper-evident technologies are often confused with \"tamper resistant\" or \"tamper proof\" technologies which attempt to prevent tampering in the first place. Referred to individually as \"seals,\" many tamper technologies are easy to destroy, but a destroyed (or missing) seal would provide evidence of tampering! The goal of the TEV is to teach attendees how these technologies work and how many can be tampered with without leaving evidence.\r\n\r\nThe Tamper-Evident Village includes the following contests and events:\r\n\r\n- The Box; an electronic tamper challenge. An extremely realistic explosive with traps, alarms, and a timer ticking down. One mistake and BOOM, you're dead. Make every second count! Sign ups on-site when the TEV begins.\r\n- Tamper-Evident King of the Hill; a full-featured tamper challenge. Tamper single items at your leisure and attempt to beat the current best. There can be only ONE! No sign ups required, play on-site when the TEV begins.\r\n- Badge Counterfeiting Contest; submit your best forgery of a DEF CON human badge. Other target badges are also available for those looking for more counterfeit fun!\r\n- For your viewing pleasure, collections of high-security tamper-evident seals from around the world.\r\n- Presentations & demonstrations on various aspects of tamper-evident seals and methods to defeat them.\r\n- Hands-on fun with adhesive seals, mechanical seals, envelopes, and evidence bags.","updated_timestamp":{"seconds":1722801725,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-04T20:02:05Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56747,"tag_ids":[46394,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-04T20:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AppSec Village is proud to present our DEF CON Contest in partnership with SecDim.\r\n\r\nUnlike a typical CTF, this contest rewards the players who fix security vulnerabilities. You can choose between secure coding challenges or competing against other players in an Attack & Defence AppSec challenge, where you need to secure your app before being given a chance to hack other players’ apps 😈.\r\n\r\nYou can also develop your own AppSec challenge by following challenge contribution guidelines. All approved challenges will be hosted during AppSec Village @ DEF CON.\r\n\r\nThere are two categories of winners:\r\n- The player with the highest total points by the end of the event (August 11 at 12:00 PM PDT)\r\n- The best-contributed challenge submission\r\n\r\nThe Award Ceremony will be held at 12:45 PM PDT in the AppSec Village on August 11.\n\n\n","media":[],"title":"Fix the Flag Wargame","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"AppSec Village is proud to present our DEF CON Contest in partnership with SecDim.\r\n\r\nUnlike a typical CTF, this contest rewards the players who fix security vulnerabilities. You can choose between secure coding challenges or competing against other players in an Attack & Defence AppSec challenge, where you need to secure your app before being given a chance to hack other players’ apps 😈.\r\n\r\nYou can also develop your own AppSec challenge by following challenge contribution guidelines. All approved challenges will be hosted during AppSec Village @ DEF CON.\r\n\r\nThere are two categories of winners:\r\n- The player with the highest total points by the end of the event (August 11 at 12:00 PM PDT)\r\n- The best-contributed challenge submission\r\n\r\nThe Award Ceremony will be held at 12:45 PM PDT in the AppSec Village on August 11.","updated_timestamp":{"seconds":1722783756,"nanoseconds":0},"speakers":[{"content_ids":[55726],"conference_id":133,"event_ids":[56630,56631,56234],"name":"Harley Wilson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56118}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-04T15:02:36Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56631,"tag_ids":[46370,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56118}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV CTF","hotel":"","short_name":"ASV CTF","id":46471},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-04T15:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The S.O.D.A. Machine Experience:\r\n\r\nImagine being at DEF CON, eager to dive into some serious hacking without being tethered to your laptop. The Shell On Demand Appliance is here to enhance your experience by providing access to anonymous virtual machine using cold hard cash. \r\n\r\nWhat is the Shell On Demand Appliance?\r\n\r\nThe S.O.D.A. machine is now located in the contest area at the DEF CON Scavenger Hunt booth, offering virtual machines accessible via the DEF CON network. A blend of hardware, software, art, and hacking, using recycled materials to create a sustainable tech experience. The built-in datacenter connects directly to the DEF CON network. Insert cash or coins into the machine to get started, the system deploys the VM to the network, and a receipt with your login credentials is printed. Users receive login credentials to access their virtual machine via remote shell. You can change the password, install tools and applications, and customize the VM to suit your needs. The updated system now provides secure access from anywhere in the world through a web browser or standard SSH client. Be sure to check out the BBS too!\r\n\r\nSupporting the Cause:\r\n\r\nAll proceeds from the S.O.D.A. Machine benefit the National Upcycled Computing Collective, Inc., a 501(c)(3) nonprofit organization dedicated to advancing research and education in computer science, technology, and engineering. Contributions are welcome at [https://www.paypal.com/paypalme/NUCC](https://www.paypal.com/paypalme/NUCC).\n\n\n","media":[],"title":"Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The S.O.D.A. Machine Experience:\r\n\r\nImagine being at DEF CON, eager to dive into some serious hacking without being tethered to your laptop. The Shell On Demand Appliance is here to enhance your experience by providing access to anonymous virtual machine using cold hard cash. \r\n\r\nWhat is the Shell On Demand Appliance?\r\n\r\nThe S.O.D.A. machine is now located in the contest area at the DEF CON Scavenger Hunt booth, offering virtual machines accessible via the DEF CON network. A blend of hardware, software, art, and hacking, using recycled materials to create a sustainable tech experience. The built-in datacenter connects directly to the DEF CON network. Insert cash or coins into the machine to get started, the system deploys the VM to the network, and a receipt with your login credentials is printed. Users receive login credentials to access their virtual machine via remote shell. You can change the password, install tools and applications, and customize the VM to suit your needs. The updated system now provides secure access from anywhere in the world through a web browser or standard SSH client. Be sure to check out the BBS too!\r\n\r\nSupporting the Cause:\r\n\r\nAll proceeds from the S.O.D.A. Machine benefit the National Upcycled Computing Collective, Inc., a 501(c)(3) nonprofit organization dedicated to advancing research and education in computer science, technology, and engineering. Contributions are welcome at [https://www.paypal.com/paypalme/NUCC](https://www.paypal.com/paypalme/NUCC).","updated_timestamp":{"seconds":1722781910,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-04T14:31:50Z","links":[{"label":"Mastodon (@soda@defcon.social)","type":"link","url":"https://defcon.social/@soda"},{"label":"Twitter (@ShellsOnDemand)","type":"link","url":"https://twitter.com/ShellsOnDemand"}],"end":"2024-08-11T20:00:00.000-0000","id":56629,"tag_ids":[46362,46427],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-02","hotel":"","short_name":"HW4-03-02","id":46369},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-04T14:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This area will feature guided breach simulation exercises for participants to engage with. There will be two activities, \"Breach-the-Hospital\" and \"Breach-the-Office,\" based on two LEGO sets. A simulated cyber range will be available for each scenario, providing an exact replica of an enterprise production environment. We will provide a detailed walkthrough of the attack scenarios, including Tools-Techniques-and-Procedures (TTPs) commands and how-to guides, demonstrating how to atatck and breach the hospital's infrastructure or the office environment. This exercise will give participants a clear understanding of how adversaries infiltrate corporate environments.\n\n\n","media":[],"title":"Hands-on Attack and Breach Simulation exercises","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"This area will feature guided breach simulation exercises for participants to engage with. There will be two activities, \"Breach-the-Hospital\" and \"Breach-the-Office,\" based on two LEGO sets. A simulated cyber range will be available for each scenario, providing an exact replica of an enterprise production environment. We will provide a detailed walkthrough of the attack scenarios, including Tools-Techniques-and-Procedures (TTPs) commands and how-to guides, demonstrating how to atatck and breach the hospital's infrastructure or the office environment. This exercise will give participants a clear understanding of how adversaries infiltrate corporate environments.","updated_timestamp":{"seconds":1722714024,"nanoseconds":0},"speakers":[{"content_ids":[55981,55982,55983,55994],"conference_id":133,"event_ids":[56597,56598,56599,56600,56601,56602,56603,56604,56605,56616],"name":"Adversary Village Crew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56320}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T19:40:24Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":56605,"tag_ids":[46367,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56320}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV Hands-on Area","hotel":"","short_name":"ADV Hands-on Area","id":46478},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T19:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Adversary Simulator booth is a volunteer assisted activity, which has hands-on adversary emulation plans and exercises specific to a wide variety of threat-actors; these are meant to provide the participants with a better understanding of adversarial attack emulation. The booth will be hosting a simulated environment meant to recreate enterprise infrastructure, operational technology environment, which serves targets for various attack simulations.The hands-on simulator booth also hosts an activity, which would need the participants to generate their own adversary emulation plans to assess the efficacy of the defense systems based on publicly available cyber threat intelligence.\n\n\n","media":[],"title":"Adversary simulator and purple teaming hands-on booth","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Adversary Simulator booth is a volunteer assisted activity, which has hands-on adversary emulation plans and exercises specific to a wide variety of threat-actors; these are meant to provide the participants with a better understanding of adversarial attack emulation. The booth will be hosting a simulated environment meant to recreate enterprise infrastructure, operational technology environment, which serves targets for various attack simulations.The hands-on simulator booth also hosts an activity, which would need the participants to generate their own adversary emulation plans to assess the efficacy of the defense systems based on publicly available cyber threat intelligence.","updated_timestamp":{"seconds":1722713994,"nanoseconds":0},"speakers":[{"content_ids":[55981,55982,55983,55994],"conference_id":133,"event_ids":[56597,56598,56599,56600,56601,56602,56603,56604,56605,56616],"name":"Adversary Village Crew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56320}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T19:39:54Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":56603,"tag_ids":[46367,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56320}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV Hands-on Area","hotel":"","short_name":"ADV Hands-on Area","id":46478},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T19:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Adversary Adventure is a Choose-Your-Own-Adventure model interactive table-top exercise game, where everyone can participate and choose various tasks. The participants can choose to play as an attacker who performs adversarial activities against a target, a defender who deals with a potential breach, as a CISO who is managing a ransomware attack, or even as management executives going through a table-top exercise.\n\n\n","media":[],"title":"Adversary-Adventure Table-top Game","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Adversary Adventure is a Choose-Your-Own-Adventure model interactive table-top exercise game, where everyone can participate and choose various tasks. The participants can choose to play as an attacker who performs adversarial activities against a target, a defender who deals with a potential breach, as a CISO who is managing a ransomware attack, or even as management executives going through a table-top exercise.","updated_timestamp":{"seconds":1722714013,"nanoseconds":0},"speakers":[{"content_ids":[55981,55982,55983,55994],"conference_id":133,"event_ids":[56597,56598,56599,56600,56601,56602,56603,56604,56605,56616],"name":"Adversary Village Crew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56320}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T19:40:13Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":56601,"tag_ids":[46367,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56320}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV Hands-on Area","hotel":"","short_name":"ADV Hands-on Area","id":46478},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T19:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"En este panel exploraremos las capacidades y habilidades esenciales para la caza de amenazas y la inteligencia en el ámbito de la ciberseguridad, con un enfoque especial en la comunidad de América Latina. Discutiremos las técnicas y herramientas más avanzadas utilizadas en la identificación y mitigación de amenazas, así como las competencias necesarias para enfrentar los desafíos actuales en ciberseguridad. Además, analizaremos casos de estudio y compartiremos experiencias y mejores prácticas dentro de la comunidad LATAM, destacando el papel crucial que juega la colaboración regional en el fortalecimiento de nuestras defensas colectivas.\n\n\n","media":[],"title":"Threat Hunting + Intelligence, capabilities, skills and capabilities inside the LATAM community","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"En este panel exploraremos las capacidades y habilidades esenciales para la caza de amenazas y la inteligencia en el ámbito de la ciberseguridad, con un enfoque especial en la comunidad de América Latina. Discutiremos las técnicas y herramientas más avanzadas utilizadas en la identificación y mitigación de amenazas, así como las competencias necesarias para enfrentar los desafíos actuales en ciberseguridad. Además, analizaremos casos de estudio y compartiremos experiencias y mejores prácticas dentro de la comunidad LATAM, destacando el papel crucial que juega la colaboración regional en el fortalecimiento de nuestras defensas colectivas.","updated_timestamp":{"seconds":1722700538,"nanoseconds":0},"speakers":[{"content_ids":[54559,55973,55976],"conference_id":133,"event_ids":[56589,56592,54934],"name":"Mauro Eldritch","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Birmingham Cyber Arms LTD","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/mauroeldritch/"},{"description":"","title":"Twitter (@MauroEldritch)","sort_order":0,"url":"https://twitter.com/MauroEldritch"},{"description":"","title":"Website","sort_order":0,"url":"https://www.birminghamcyberarms.co.uk/"}],"media":[],"id":54249,"title":"Founder at Birmingham Cyber Arms LTD"},{"content_ids":[55963,55976],"conference_id":133,"event_ids":[56579,56592],"name":"Thiago Bordini","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Head Cyber Threat Intelligence"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@tbordini)","sort_order":0,"url":"https://www.twitter.com/tbordini"}],"media":[],"id":56298,"title":"Head Cyber Threat Intelligence"},{"content_ids":[55976],"conference_id":133,"event_ids":[56592],"name":"Zoziel","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":""}],"links":[],"pronouns":null,"media":[],"id":56310}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T15:55:38Z","links":[],"end":"2024-08-11T18:00:00.000-0000","id":56592,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56298},{"tag_id":46167,"sort_order":4,"person_id":54249},{"tag_id":46167,"sort_order":6,"person_id":56310}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is when you can go visit our awesome vendors. \r\n\r\nWe don't know which they will be accepting cash vs cards. That's up to each organization, and we do not have a list.\r\n\r\nWe also don't know if/when vendors will sell out of anything they may be selling.\n\n\n","media":[],"title":"Vendors and Exhibitors Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"This is when you can go visit our awesome vendors. \r\n\r\nWe don't know which they will be accepting cash vs cards. That's up to each organization, and we do not have a list.\r\n\r\nWe also don't know if/when vendors will sell out of anything they may be selling.","updated_timestamp":{"seconds":1722692937,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T13:48:57Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56572,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T13:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this interactive exercise, you'll learn how to talk to chips on a board via SPI, extract a firmware image, and analyze it to find vulnerabilities. Take your hardware hacking skills to the next level\n\n\n","media":[],"title":"Firmware Extraction and Analysis","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"In this interactive exercise, you'll learn how to talk to chips on a board via SPI, extract a firmware image, and analyze it to find vulnerabilities. Take your hardware hacking skills to the next level","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56552,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"With Google Cast Miracast or AirPlay smart TVs now have plenty of ways to get your favorite content on screen. But while the latest show is playing there is a complex system running underneath that is ripe for hacking. Bitdefender invites you to solve a few challenges that will get you diving into the inner workings of a smart TV.\n\n\n","media":[],"title":"Hack My TV","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"With Google Cast Miracast or AirPlay smart TVs now have plenty of ways to get your favorite content on screen. But while the latest show is playing there is a complex system running underneath that is ripe for hacking. Bitdefender invites you to solve a few challenges that will get you diving into the inner workings of a smart TV.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56550,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Rapid7 is back with more hands-on hardware hacking exercises. This year we will be guiding attendees through several exercises gaining root access for control and extraction of firmware and file system data. From TFTP kernel images over the network to single user mode access via modification of U-Boot. These exercises will guide you through the process of importing a kernel image over the network and executing it in memory for root access, along with understanding embedded device flash memory layout and how to transfer firmware images over the network for offline testing.  Also, we will walk through placing the IoT device in single user mode for root access and then rebuild the structure and needed drivers to bring the IoT embedded system out of single user mode for full access.\n\n\n","media":[],"title":"Hands-On Hardware Hacking – From Console to Root, Manipulating and Controlling a Protected System","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Rapid7 is back with more hands-on hardware hacking exercises. This year we will be guiding attendees through several exercises gaining root access for control and extraction of firmware and file system data. From TFTP kernel images over the network to single user mode access via modification of U-Boot. These exercises will guide you through the process of importing a kernel image over the network and executing it in memory for root access, along with understanding embedded device flash memory layout and how to transfer firmware images over the network for offline testing.  Also, we will walk through placing the IoT device in single user mode for root access and then rebuild the structure and needed drivers to bring the IoT embedded system out of single user mode for full access.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56548,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"How to get started, two steps\n\n Download the GE Appliances SmartHQ App “SmartHQ” available on the Google Play and iOS Stores to your mobile phone\n Create your GE Appliances Account to commission the appliance, connecting the appliance to your account. The app will walk you through this step.\n\nRouter Name SSID: HackAway\nRouter Name Password: With GEA\n\nIn-Scope: Only communications between the appliance, GE Appliances SmartHQ App, and the cloud connection for the appliance\n\nPlease leave your contact information and we will be in touch! Or you may visit our security webpage by typing “GEAppliances.com/security” into your Internet browser. We have a call center and PSIRT team ready to hear your questions!\n\n\n","media":[],"title":"Hardware Hacking GE Appliances","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"How to get started, two steps\n\n Download the GE Appliances SmartHQ App “SmartHQ” available on the Google Play and iOS Stores to your mobile phone\n Create your GE Appliances Account to commission the appliance, connecting the appliance to your account. The app will walk you through this step.\n\nRouter Name SSID: HackAway\nRouter Name Password: With GEA\n\nIn-Scope: Only communications between the appliance, GE Appliances SmartHQ App, and the cloud connection for the appliance\n\nPlease leave your contact information and we will be in touch! Or you may visit our security webpage by typing “GEAppliances.com/security” into your Internet browser. We have a call center and PSIRT team ready to hear your questions!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56546,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn the trade secrets of elite embedded security researchers and exploit developers. This hands-on workshop equips you with the QEMU and GDB skills needed to emulate and debug embedded system processes.\n\nFriday, August 9th / Saturday, August 10th\n\n 10:00 am - QEMU Primer\n 11:00 am - QEMU Emulation\n 2:00 pm - Debugging with QEMU and GDB\n 3:00 pm - Q&A for Workshops\n\n\n","media":[],"title":"Inside the Toolkit of Elite Embedded Security Experts - Hands-On Workshop: QEMU & GDB for Embedded Systems Analysis","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Learn the trade secrets of elite embedded security researchers and exploit developers. This hands-on workshop equips you with the QEMU and GDB skills needed to emulate and debug embedded system processes.\n\nFriday, August 9th / Saturday, August 10th\n\n 10:00 am - QEMU Primer\n 11:00 am - QEMU Emulation\n 2:00 pm - Debugging with QEMU and GDB\n 3:00 pm - Q&A for Workshops","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56544,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join Finite State live on the Tech Done Different Podcast live at 2:30 on the 9th with host Ted Harrington. Finite State and ISE will be discussing all things DEF CON 32 and the state of IoT security. This will be a live recording!\n\n\n","media":[],"title":"IoT Security at DEF CON 32","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Join Finite State live on the Tech Done Different Podcast live at 2:30 on the 9th with host Ted Harrington. Finite State and ISE will be discussing all things DEF CON 32 and the state of IoT security. This will be a live recording!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56542,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The IoT Village Hacking Playground is a set of hands-on labs developed to teach the tools and techniques for discovering and exploiting some of the common weaknesses found in IoT devices in just a few minutes. Work at your own pace following our IoT Hacking guides and if you get stuck, our instructors are on hand to provide assistance and answer any questions.\n\n\n","media":[],"title":"IoT Village Hacking Playground","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The IoT Village Hacking Playground is a set of hands-on labs developed to teach the tools and techniques for discovering and exploiting some of the common weaknesses found in IoT devices in just a few minutes. Work at your own pace following our IoT Hacking guides and if you get stuck, our instructors are on hand to provide assistance and answer any questions.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56540,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Defeat the Keysight CTF challenge for a chance to win a Riscuberry IoT hacking training kit with Riscure Academy online training. See one of the Keysight staff for details. LIGHT THE BEACONS and show us the flag!\n\n\n","media":[],"title":"Keysight CTF Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Defeat the Keysight CTF challenge for a chance to win a Riscuberry IoT hacking training kit with Riscure Academy online training. See one of the Keysight staff for details. LIGHT THE BEACONS and show us the flag!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56538,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join Drew Green, John Rodriguez, and Ken Pyle for a deep dive into identifying vulnerabilities in network devices. Explore and exploit weaknesses in a wireless mesh network and learn how advanced threats view your infrastructure.\n\n\n","media":[],"title":"Living off the Land inside your WiFi : Exploring and Exploiting Access Points and Routers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Join Drew Green, John Rodriguez, and Ken Pyle for a deep dive into identifying vulnerabilities in network devices. Explore and exploit weaknesses in a wireless mesh network and learn how advanced threats view your infrastructure.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[{"content_ids":[55300,55927],"conference_id":133,"event_ids":[56518,56535,55690,56536],"name":"John Rodriguez","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55853},{"content_ids":[55927],"conference_id":133,"event_ids":[56518,56535,56536],"name":"Drew Green","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56288},{"content_ids":[55927],"conference_id":133,"event_ids":[56518,56535,56536],"name":"Ken Pyle","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56289}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56536,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56288},{"tag_id":46167,"sort_order":4,"person_id":55853},{"tag_id":46167,"sort_order":6,"person_id":56289}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Intuit R3DC0N's Phisherman's Wharf will lead beginners looking to learn how phishing campaigns are managed. This short introductory lab will give you hands on experience creating a phish test campaign from a cached email and web site using GoPhish, leverage email lists, and observe the responses when the victims interact with the phish emails in MailHog.\n\nAccompanied by our expert guide, witness live hacking demonstrations showcasing the alarming simplicity behind breaching and controlling banned xIoT devices. Embrace the excitement. Join us at the Lab and let the hacking games begin!\n\n\n","media":[],"title":"Phisherman's Wharf - Phishing for Beginners","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Intuit R3DC0N's Phisherman's Wharf will lead beginners looking to learn how phishing campaigns are managed. This short introductory lab will give you hands on experience creating a phish test campaign from a cached email and web site using GoPhish, leverage email lists, and observe the responses when the victims interact with the phish emails in MailHog.\n\nAccompanied by our expert guide, witness live hacking demonstrations showcasing the alarming simplicity behind breaching and controlling banned xIoT devices. Embrace the excitement. Join us at the Lab and let the hacking games begin!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56534,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hack a (not-so) smart safe and win prizes from TCM Security! Attendees will be guided through a hands-on lab that demonstrates common tools and techniques to unpack and analyze firmware, hunt for files of interest, and reverse engineer binaries and libraries. In addition, you will learn how to trace functionality in IoT devices to their underlying binaries and libraries and further reverse engineer these to hunt for common vulnerabilities. By using these techniques, you will be able to find the vulnerable section of code in the smart safe and craft an exploit that will allow you to access the safe and win the loot inside.\n\n\n","media":[],"title":"Safe Hacking","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Hack a (not-so) smart safe and win prizes from TCM Security! Attendees will be guided through a hands-on lab that demonstrates common tools and techniques to unpack and analyze firmware, hunt for files of interest, and reverse engineer binaries and libraries. In addition, you will learn how to trace functionality in IoT devices to their underlying binaries and libraries and further reverse engineer these to hunt for common vulnerabilities. By using these techniques, you will be able to find the vulnerable section of code in the smart safe and craft an exploit that will allow you to access the safe and win the loot inside.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56532,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Do you have questions about what DEF CON Groups are? Do you need help finding a group near you? Feel free to come ask. Or, just come up and hang out.\n\n\n","media":[],"title":"DEF CON Groups - Open for questions and hanging out","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Do you have questions about what DEF CON Groups are? Do you need help finding a group near you? Feel free to come ask. Or, just come up and hang out.","updated_timestamp":{"seconds":1722636477,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T22:07:57Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56507,"tag_ids":[46399,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W236","hotel":"","short_name":"W236","id":46293},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T22:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us at the AI Village for interactive demonstrations at the intersection of AI and security. Attempt to hijack and manipulate autonomous robots using large language models and generative AI. Fool your friends by creating deep fakes with a state-of-the-art setup from Bishop Fox, complete with DSLR camera, green screen, and props. Finally, put your social engineering awareness to the test with DARPA’s deep fake analysis system, designed to identify and attribute manipulated and synthetic media. Don’t miss this opportunity to engage with adversarial AI technologies and learn about their implications on the future, at DEF CON 32!\n\n\n","media":[],"title":"AI Village Demos","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Join us at the AI Village for interactive demonstrations at the intersection of AI and security. Attempt to hijack and manipulate autonomous robots using large language models and generative AI. Fool your friends by creating deep fakes with a state-of-the-art setup from Bishop Fox, complete with DSLR camera, green screen, and props. Finally, put your social engineering awareness to the test with DARPA’s deep fake analysis system, designed to identify and attribute manipulated and synthetic media. Don’t miss this opportunity to engage with adversarial AI technologies and learn about their implications on the future, at DEF CON 32!","updated_timestamp":{"seconds":1722626313,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T19:18:33Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56476,"tag_ids":[46368,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T19:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The possibility of an altered photo revising history in a convincing way highlights a salient threat of imaging technology. After all, seeing is believing. Or is it? The examples history has preserved make it clear that the observer is more often than not meant to understand that something has changed. Surprisingly, the objectives of photographic manipulation have remained largely the same since the camera first appeared in the 19th century. The old battleworn techniques have simply evolved to keep pace with technological developments. In this talk, we will learn about the history of photographic manipulation, from the invention of the camera to the advent of generative AI. Importantly, we will consider the reception of photo editing and its relationship to the notion of reality, which is more significant than the technologies themselves. Surprisingly, we will discover that creative myth making has found a new medium to embed itself in. This talk is based on Walter Scheirer’s recent book A History of Fake Things on the Internet (Stanford University Press 2023).\n\n\n","media":[],"title":"Photoshop Fantasies","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"The possibility of an altered photo revising history in a convincing way highlights a salient threat of imaging technology. After all, seeing is believing. Or is it? The examples history has preserved make it clear that the observer is more often than not meant to understand that something has changed. Surprisingly, the objectives of photographic manipulation have remained largely the same since the camera first appeared in the 19th century. The old battleworn techniques have simply evolved to keep pace with technological developments. In this talk, we will learn about the history of photographic manipulation, from the invention of the camera to the advent of generative AI. Importantly, we will consider the reception of photo editing and its relationship to the notion of reality, which is more significant than the technologies themselves. Surprisingly, we will discover that creative myth making has found a new medium to embed itself in. This talk is based on Walter Scheirer’s recent book A History of Fake Things on the Internet (Stanford University Press 2023).","updated_timestamp":{"seconds":1722625241,"nanoseconds":0},"speakers":[{"content_ids":[55886],"conference_id":133,"event_ids":[56471],"name":"Walter Scheirer","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"University of Notre Dame","title":""}],"links":[],"pronouns":null,"media":[],"id":56258,"title":"University of Notre Dame"}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T19:00:41Z","links":[],"end":"2024-08-11T18:00:00.000-0000","id":56471,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56258}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T19:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Seriously though, how do quantum computers work? Why does quantum mechanics behave the way that it does? What are quantum gates physically, and how are they implemented in reality? What is adiabatic quantum computing, and how does it solve difficult optimization problems? What makes quantum annealers not universal? We hope to cover all of these questions, and more, in this talk. Background in quantum computing is encouraged, but not required; the only prerequisite for this talk is basic linear algebra.\n\n\n","media":[],"title":"Physical Fundamentals of Quantum Computing","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"Seriously though, how do quantum computers work? Why does quantum mechanics behave the way that it does? What are quantum gates physically, and how are they implemented in reality? What is adiabatic quantum computing, and how does it solve difficult optimization problems? What makes quantum annealers not universal? We hope to cover all of these questions, and more, in this talk. Background in quantum computing is encouraged, but not required; the only prerequisite for this talk is basic linear algebra.","updated_timestamp":{"seconds":1723400152,"nanoseconds":0},"speakers":[{"content_ids":[55857],"conference_id":133,"event_ids":[56444],"name":"Erez M Abrams","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56226}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-11T18:15:52Z","links":[],"end":"2024-08-11T18:00:00.000-0000","id":56444,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56226}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-11T18:15:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Use spacestudio software to work through multiple challenges and scenarios. For instance:\r\n\r\nChallenge 1: Analysis of the performance of the next GEN of satellites to size the ground segment.\r\n\r\nChallenge 2: Assessment of propulsion system capabilities for initial orbit raising\r\n\r\nChallenges for spacetower flight dynamic software will also be available.\n\n\n","media":[],"title":"spacestudio and spacetower challenges","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Use spacestudio software to work through multiple challenges and scenarios. For instance:\r\n\r\nChallenge 1: Analysis of the performance of the next GEN of satellites to size the ground segment.\r\n\r\nChallenge 2: Assessment of propulsion system capabilities for initial orbit raising\r\n\r\nChallenges for spacetower flight dynamic software will also be available.","updated_timestamp":{"seconds":1722626556,"nanoseconds":0},"speakers":[{"content_ids":[55830],"conference_id":133,"event_ids":[56380,56408,56426],"name":"Exotrail","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56205},{"content_ids":[55824,55825,55830],"conference_id":133,"event_ids":[56374,56375,56380,56402,56403,56408,56420,56421,56426],"name":"Hack-A-Sat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56207}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T19:22:36Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56426,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56205},{"tag_id":46484,"sort_order":4,"person_id":56207}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T19:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Launch into the thrilling world of cybersecurity, specifically designed for space systems! Learn the fundamentals to safeguard ground stations, communication links, and spacecrafts.\n \nEngage in an immersive and fun CTF scenario. Apply your cybersecurity skills in real-time and see the direct impact of your decisions on our Space Systems Demonstrator. In this high-stakes scenario, you'll align with the Aurora Alliance in their critical mission to thwart Count Viktor Thunderclaw and the notorious Nebula Syndicate. The Syndicate threatens to destroy historic monuments around the world with their Space Laser unless their demands are met. Do you have what it takes to dismantle their malevolent plans?\n \nOur beginner-level CTF kicks off as soon as the village opens—no pre-registration necessary. Just bring your laptop to access the CTF platform and your favorite packet decoding software (i.e. Wireshark). Expect the CTF to take you less than 1 hour to complete. Team collaboration is encouraged, and if you encounter obstacles, numerous hints are available to guide you. Excel in the challenge, and you could walk away with a CT Cubed SAO, an exclusive prize while supplies last.\n\n\n","media":[],"title":"Space Systems Security CTF – Platform Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Launch into the thrilling world of cybersecurity, specifically designed for space systems! Learn the fundamentals to safeguard ground stations, communication links, and spacecrafts.\n \nEngage in an immersive and fun CTF scenario. Apply your cybersecurity skills in real-time and see the direct impact of your decisions on our Space Systems Demonstrator. In this high-stakes scenario, you'll align with the Aurora Alliance in their critical mission to thwart Count Viktor Thunderclaw and the notorious Nebula Syndicate. The Syndicate threatens to destroy historic monuments around the world with their Space Laser unless their demands are met. Do you have what it takes to dismantle their malevolent plans?\n \nOur beginner-level CTF kicks off as soon as the village opens—no pre-registration necessary. Just bring your laptop to access the CTF platform and your favorite packet decoding software (i.e. Wireshark). Expect the CTF to take you less than 1 hour to complete. Team collaboration is encouraged, and if you encounter obstacles, numerous hints are available to guide you. Excel in the challenge, and you could walk away with a CT Cubed SAO, an exclusive prize while supplies last.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55829],"conference_id":133,"event_ids":[56379,56407,56425],"name":"CT Cubed","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56204}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56425,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56204}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Space Grand Challenge (SGC) Program is a free virtual game-based cybersecurity/space competition CTF for middle and high school students built by Cal Poly students—Learn by Doing in action. The game is built on the UNITY gaming engine.\n\n\n","media":[],"title":"Space Grand Challenge Luna","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The Space Grand Challenge (SGC) Program is a free virtual game-based cybersecurity/space competition CTF for middle and high school students built by Cal Poly students—Learn by Doing in action. The game is built on the UNITY gaming engine.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55827,55828],"conference_id":133,"event_ids":[56377,56378,56405,56406,56423,56424],"name":"CalPoly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56203}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56424,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56203}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come take a picture with a CubeSat. And while you're there, learn a few things about it.\n\n\n","media":[],"title":"Selfie with a CubeSat","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Come take a picture with a CubeSat. And while you're there, learn a few things about it.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55827,55828],"conference_id":133,"event_ids":[56377,56378,56405,56406,56423,56424],"name":"CalPoly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56203}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56423,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56203}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Role play what would happen (or not happen) should a plane be maliciously targeted, or (like most) try and land a A320.\n\n\n","media":[],"title":"PTP Flight Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Role play what would happen (or not happen) should a plane be maliciously targeted, or (like most) try and land a A320.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55826],"conference_id":133,"event_ids":[56376,56404,56422],"name":"Pen Test Partners","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56188}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56422,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56188}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Enjoy some space math nostalgia with challenges from the past four years of Hack-A-Sat quals! Challenges require skills in astrodynamics, satellite operations, digital signal processing, reverse engineering, exploitation, and more! If you missed the last Hack-A-Sat qualifiers or just want to try again, now is your chance!\n\n10 challenges are available with a mix of difficulty. These will be available throughout all of DEF CON so work on them anywhere (even your hotel room). No team required and no scoreboard...so no pressure!\n\nChallenge developers will be available for hints/clues on the conference floor but may not be able to help with every challenge.\n\n\n","media":[],"title":"Hack-A-Sat Quals Challenges","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Enjoy some space math nostalgia with challenges from the past four years of Hack-A-Sat quals! Challenges require skills in astrodynamics, satellite operations, digital signal processing, reverse engineering, exploitation, and more! If you missed the last Hack-A-Sat qualifiers or just want to try again, now is your chance!\n\n10 challenges are available with a mix of difficulty. These will be available throughout all of DEF CON so work on them anywhere (even your hotel room). No team required and no scoreboard...so no pressure!\n\nChallenge developers will be available for hints/clues on the conference floor but may not be able to help with every challenge.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55824,55825,55830],"conference_id":133,"event_ids":[56374,56375,56380,56402,56403,56408,56420,56421,56426],"name":"Hack-A-Sat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56207},{"content_ids":[55824,55825],"conference_id":133,"event_ids":[56374,56375,56402,56403,56420,56421],"name":"Cromulence","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56213}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56421,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56207},{"tag_id":46484,"sort_order":4,"person_id":56213}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to know what happened to the Hack-A-Sat digital twins? We're bringing back our satellites and ground stations so you can see what it was like to be a team operating during finals!\n\nEstablish uplink using a ground station. Send commands to the satellite, observe effects and telemetry. 3D Cesium visualization of satellite in orbit and ground station locations. Grafana dashboards for sim data, etc. OpenC3 satellite operator interface for C2\n\n\n","media":[],"title":"Hack-A-Sat Digital Twin","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Want to know what happened to the Hack-A-Sat digital twins? We're bringing back our satellites and ground stations so you can see what it was like to be a team operating during finals!\n\nEstablish uplink using a ground station. Send commands to the satellite, observe effects and telemetry. 3D Cesium visualization of satellite in orbit and ground station locations. Grafana dashboards for sim data, etc. OpenC3 satellite operator interface for C2","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55824,55825,55830],"conference_id":133,"event_ids":[56374,56375,56380,56402,56403,56408,56420,56421,56426],"name":"Hack-A-Sat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56207},{"content_ids":[55824,55825],"conference_id":133,"event_ids":[56374,56375,56402,56403,56420,56421],"name":"Cromulence","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56213}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56420,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56207},{"tag_id":46484,"sort_order":4,"person_id":56213}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Dive into our interactive choose-your-own-adventure web interface and learn how to hack a drone in a fun, storyboard-based game. This graphical user interface simulates the process we use when hacking drones for the Air Force, allowing participants to make decisions and see the outcomes. It's a beginner-friendly activity that anyone can enjoy, offering insight into the steps involved in drone penetration testing.\n\n\n","media":[],"title":"Drone Hacking Choose Your Own Adventure","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Dive into our interactive choose-your-own-adventure web interface and learn how to hack a drone in a fun, storyboard-based game. This graphical user interface simulates the process we use when hacking drones for the Air Force, allowing participants to make decisions and see the outcomes. It's a beginner-friendly activity that anyone can enjoy, offering insight into the steps involved in drone penetration testing.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56419,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join our Drone Hacking Activity and get hands-on experience with hacking into drone microcontrollers. This three-step in-depth activity is designed to teach you about the vulnerabilities and security of autonomous systems. Using sample drones, participants will learn techniques used in government pen tests. This workshop is suitable for all skill levels, from beginners to advanced hackers. Come and test your skills in a real-world scenario and understand the intricacies of drone security.\n\n\n","media":[],"title":"Drone Hacking Activity","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Join our Drone Hacking Activity and get hands-on experience with hacking into drone microcontrollers. This three-step in-depth activity is designed to teach you about the vulnerabilities and security of autonomous systems. Using sample drones, participants will learn techniques used in government pen tests. This workshop is suitable for all skill levels, from beginners to advanced hackers. Come and test your skills in a real-world scenario and understand the intricacies of drone security.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56418,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Experience the thrill of flying a drone in our custom-built cage right on the showroom floor. This activity is designed for everyone to enjoy, from kids to adults. Fly mini drones around the cage and see how well you can control these agile little machines. It's a fun, interactive way to learn the basics of drone piloting in a safe environment.\n\n\n","media":[],"title":"Drone Flying Experience","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Experience the thrill of flying a drone in our custom-built cage right on the showroom floor. This activity is designed for everyone to enjoy, from kids to adults. Fly mini drones around the cage and see how well you can control these agile little machines. It's a fun, interactive way to learn the basics of drone piloting in a safe environment.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56417,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Put your drone hacking skills to the test in our Drone CTF. This advanced challenge requires participants to take over a drone mid-flight and develop a payload to hack a DJI drone. This CTF is perfect for those who have some experience in drone hacking or have participated in our Drone Hacking Workshop. It's a great opportunity to showcase your technical prowess and win some cool prizes.\n\n\n","media":[],"title":"Drone Capture the Flag (CTF)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Put your drone hacking skills to the test in our Drone CTF. This advanced challenge requires participants to take over a drone mid-flight and develop a payload to hack a DJI drone. This CTF is perfect for those who have some experience in drone hacking or have participated in our Drone Hacking Workshop. It's a great opportunity to showcase your technical prowess and win some cool prizes.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56416,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Can you spot suspicious items in packages? Try out your skills.\n\n\n","media":[],"title":"Detect a Threat","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Can you spot suspicious items in packages? Try out your skills.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55819],"conference_id":133,"event_ids":[56369,56397,56415],"name":"TSA","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56212}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56415,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56212}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"You are a new to the Airport IT staff at the IG International Airport Network Operations Center, working your first holiday travel weekend. It has been a busy day managing the network with the control tower reporting several small glitches.\n\nNo alerts have been raised in the network, and the glitches appeared to have been easily handled. While taking your last break of the day, you decide to take a short walk around the concourse to watch the sun set. Suddenly, your cell phone rings and the voice on the other end is a panicked Control Tower Operator. A short time earlier, the tower had observed the runway lights turn off, come back on, and are now randomly blinking. They also mentioned the Operator HMI (Human Machine Interface) controlling the Runway Lighting system is non-responsive and they are locked out of the Maintenance HMI to reboot the system. Time is critical – without the lights, the planes circling the airport cannot land. With limited fuel stores, the planes are unable to divert to another airport. You sit down at your terminal to pull up the maintenance manual and troubleshoot the problem only to discover you are locked out of your account. You are suddenly relieved that management would not let you deploy security updates to the network because they feared service interruptions may occur. Once you regain access to the system and have all the reference material available, you bring up the control logic for the runway lighting system on one screen and the HMIs on another and quickly realize this is not a normal system failure. An unknown hacker or hacker group has ceased and taken control of the system. They have manipulated the PLC’s (Programmable Logic Controller) and impacted the HMIs. Time is of the essence to restore operation to the Runway Lighting control system before the planes run out of fuel.\n\n\n","media":[],"title":"Defend the Airport CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"You are a new to the Airport IT staff at the IG International Airport Network Operations Center, working your first holiday travel weekend. It has been a busy day managing the network with the control tower reporting several small glitches.\n\nNo alerts have been raised in the network, and the glitches appeared to have been easily handled. While taking your last break of the day, you decide to take a short walk around the concourse to watch the sun set. Suddenly, your cell phone rings and the voice on the other end is a panicked Control Tower Operator. A short time earlier, the tower had observed the runway lights turn off, come back on, and are now randomly blinking. They also mentioned the Operator HMI (Human Machine Interface) controlling the Runway Lighting system is non-responsive and they are locked out of the Maintenance HMI to reboot the system. Time is critical – without the lights, the planes circling the airport cannot land. With limited fuel stores, the planes are unable to divert to another airport. You sit down at your terminal to pull up the maintenance manual and troubleshoot the problem only to discover you are locked out of your account. You are suddenly relieved that management would not let you deploy security updates to the network because they feared service interruptions may occur. Once you regain access to the system and have all the reference material available, you bring up the control logic for the runway lighting system on one screen and the HMIs on another and quickly realize this is not a normal system failure. An unknown hacker or hacker group has ceased and taken control of the system. They have manipulated the PLC’s (Programmable Logic Controller) and impacted the HMIs. Time is of the essence to restore operation to the Runway Lighting control system before the planes run out of fuel.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55818],"conference_id":133,"event_ids":[56368,56396,56414],"name":"IntelliGenesis and IG Labs","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56190}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56414,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56190}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Collect the clues, solve the puzzles, show off your aerospace knowledge and technical skills to win a limited edition PCB badge.\n\n\n","media":[],"title":"Darkstar Badge Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Collect the clues, solve the puzzles, show off your aerospace knowledge and technical skills to win a limited edition PCB badge.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55817],"conference_id":133,"event_ids":[56367,56395,56413],"name":"Lockheed Martin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56189}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56413,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56189}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The AMSAT Ground Control and CubeSat simulator emulates how satellite communications are used. Ground control communicates via UHF to the cubesat.\n\n\n","media":[],"title":"CubeSat Simulator","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The AMSAT Ground Control and CubeSat simulator emulates how satellite communications are used. Ground control communicates via UHF to the cubesat.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55816],"conference_id":133,"event_ids":[56366,56394,56412],"name":"AMSAT","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56200}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56412,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56200}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Bricks in the Air is a hands-on demo to teach the basics of low level protocols seen in aviation. The demo uses the I2C protocol and does not reveal actual security vulnerabilities in avionics or other systems in aviation.\n\n\n","media":[],"title":"Bricks in the Air","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Bricks in the Air is a hands-on demo to teach the basics of low level protocols seen in aviation. The demo uses the I2C protocol and does not reveal actual security vulnerabilities in avionics or other systems in aviation.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56411,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"ARINC 664 is an extension to IP networking that adds deterministic QoS for Aircraft Systems over Ethernet. Sit down and learn about how the extensions to 802.3 is used on aircraft, how that flight critical data is transferred in a timely matter, and how to manipulate the data on these networks. This progressive difficulty CTF provides a fun and informative way of approaching ARINC 664 networking.\n\n\n","media":[],"title":"ARINC 664 CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"ARINC 664 is an extension to IP networking that adds deterministic QoS for Aircraft Systems over Ethernet. Sit down and learn about how the extensions to 802.3 is used on aircraft, how that flight critical data is transferred in a timely matter, and how to manipulate the data on these networks. This progressive difficulty CTF provides a fun and informative way of approaching ARINC 664 networking.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55814],"conference_id":133,"event_ids":[56364,56392,56410],"name":"Boeing","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56202}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56410,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56202}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A variety of aviation infrastructure has been compromised by hackers. Immerse yourself into challenges where you are tasked as an aviation cyber defense participant to identify attacks/attackers, stop attacks, and restore normal operations. As a participant your first step is to register ahead and read the rules at: https://aisac.cyberskyline.com/events/aisac-defcon and bring your own laptop to the venue. You can participate in the virtual challenges from Friday, but the more critical in-person challenges are only available at certain times during Village open hours!\n\n\n","media":[],"title":"A-ISAC Aviation Cybersecurity Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"A variety of aviation infrastructure has been compromised by hackers. Immerse yourself into challenges where you are tasked as an aviation cyber defense participant to identify attacks/attackers, stop attacks, and restore normal operations. As a participant your first step is to register ahead and read the rules at: https://aisac.cyberskyline.com/events/aisac-defcon and bring your own laptop to the venue. You can participate in the virtual challenges from Friday, but the more critical in-person challenges are only available at certain times during Village open hours!","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55813],"conference_id":133,"event_ids":[56363,56391,56409],"name":"A-ISAC and Embry-Riddle Aeronautical University - Prescott","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56201}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56409,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56201}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Bringing cyber focused space science to schools can be challenging given school restrictions, firewalls, and expense of equipment. This presentation will go over multiple space-centric outreach activities for youth of all ages. From talking to astronauts aboard the International Space Station (ISS) to listening to satellites in the classroom. These various programs are bound to capture the imagination. Some of the projects to be discussed are the Amateur Radio on the International Space Station (ARISS) program, Slow-Scan Television (SSTV) images from the ISS, AMSat CubeSat Simulators, and setting up a RTL-SDR to capture information from satellites in the classroom. There are a variety of ways to start a countdown to space science careers in youth and these projects can help you connect with the imagination of youth near you.\n\n\n","media":[],"title":"How to Corrupt Youth to Cyber Focused Space Science","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"Bringing cyber focused space science to schools can be challenging given school restrictions, firewalls, and expense of equipment. This presentation will go over multiple space-centric outreach activities for youth of all ages. From talking to astronauts aboard the International Space Station (ISS) to listening to satellites in the classroom. These various programs are bound to capture the imagination. Some of the projects to be discussed are the Amateur Radio on the International Space Station (ARISS) program, Slow-Scan Television (SSTV) images from the ISS, AMSat CubeSat Simulators, and setting up a RTL-SDR to capture information from satellites in the classroom. There are a variety of ways to start a countdown to space science careers in youth and these projects can help you connect with the imagination of youth near you.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55838],"conference_id":133,"event_ids":[56388],"name":"RC Jones","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/rcspace/"}],"media":[],"id":56198}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T18:00:00.000-0000","id":56388,"tag_ids":[46366,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56198}],"tags":"","conference_id":133,"location":{"parent_id":46259,"name":"LVCC - L1 - HW2-07-02 (Aerospace) - Workshops","hotel":"","short_name":"Workshops","id":46476},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Small scale LAN party - Use one of our Windows 98 laptops or BYOB and hook it up! Seating will likely be limited depending on interest.\n\n\n","media":[],"title":"Small scale LAN party","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Small scale LAN party - Use one of our Windows 98 laptops or BYOB and hook it up! Seating will likely be limited depending on interest.","updated_timestamp":{"seconds":1722563871,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T01:57:51Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56342,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T01:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Although not scheduled we intend to have people in and out who can do repairs/soldering on older equipment should anything need it. If you have trouble with your vintage tech during con, we will do our best to help!\n\n\n","media":[],"title":"Retro Repair","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Although not scheduled we intend to have people in and out who can do repairs/soldering on older equipment should anything need it. If you have trouble with your vintage tech during con, we will do our best to help!","updated_timestamp":{"seconds":1722563919,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T01:58:39Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56341,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T01:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We will have several dumb terminals available for all sorts of things courtesy of SCAVHUNT!\n\n\n","media":[],"title":"Dumb Terminal fun","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"We will have several dumb terminals available for all sorts of things courtesy of SCAVHUNT!","updated_timestamp":{"seconds":1722563905,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T01:58:25Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56340,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T01:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Bring a retro artifact of your own for people to have fun with and demonstrate! (Note: Any artifact brought in for Show & Tell must also be taken back home with you, and although we will try our best to keep your artifact safe and operational, we suggest that you don't bring anything irreplaceable or that has sentimental value, as things could get destroyed or go missing.)\n\n\n","media":[],"title":"Show & Tell","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Bring a retro artifact of your own for people to have fun with and demonstrate! (Note: Any artifact brought in for Show & Tell must also be taken back home with you, and although we will try our best to keep your artifact safe and operational, we suggest that you don't bring anything irreplaceable or that has sentimental value, as things could get destroyed or go missing.)","updated_timestamp":{"seconds":1722563887,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T01:58:07Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56339,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T01:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The perfect introduction to network analysis, sniffing, and forensics. Do you want to understand the techniques people use to tap into a network, steal passwords and listen to conversations? Packet Inspector is the place to develop these skills! For well over a decade, the Wall of Sheep has shown people how important it is to use end-to-end encryption to keep sensitive information like passwords private. Using a license of the world famous Capture The Packet engine from Aries Security, we have created a unique way to teach hands-on skills in a controlled real-time environment.\n\n\n","media":[],"title":"Packet Inspector","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"The perfect introduction to network analysis, sniffing, and forensics. Do you want to understand the techniques people use to tap into a network, steal passwords and listen to conversations? Packet Inspector is the place to develop these skills! For well over a decade, the Wall of Sheep has shown people how important it is to use end-to-end encryption to keep sensitive information like passwords private. Using a license of the world famous Capture The Packet engine from Aries Security, we have created a unique way to teach hands-on skills in a controlled real-time environment.","updated_timestamp":{"seconds":1722476832,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T01:47:12Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":56315,"tag_ids":[46385,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T01:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Looking to upgrade your skills or see how you would fare in Capture The Packet? Come check out what Packet Detective has to offer! A step up in difficulty from Packet Inspector, Packet Detective will put your network hunting abilities to the test with real-world scenarios at the intermediate level. Take the next step in your journey towards network mastery in a friendly environment still focused on learning and take another step closer to preparing yourself for the competitive environment of Capture The Packet\n\n\n","media":[],"title":"Packet Detective","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"Looking to upgrade your skills or see how you would fare in Capture The Packet? Come check out what Packet Detective has to offer! A step up in difficulty from Packet Inspector, Packet Detective will put your network hunting abilities to the test with real-world scenarios at the intermediate level. Take the next step in your journey towards network mastery in a friendly environment still focused on learning and take another step closer to preparing yourself for the competitive environment of Capture The Packet","updated_timestamp":{"seconds":1722476866,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T01:47:46Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":56313,"tag_ids":[46385,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T01:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Knowing how to use the Linux command line is a critical skill for any good security practitioner. This trainer will have 10+ problems covering some of the most fundamental Linux commands. This trainer is for people new to field and for those who want to hone their Linux command line-fu.\n\n\n","media":[],"title":"Linux Trainer","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"Knowing how to use the Linux command line is a critical skill for any good security practitioner. This trainer will have 10+ problems covering some of the most fundamental Linux commands. This trainer is for people new to field and for those who want to hone their Linux command line-fu.","updated_timestamp":{"seconds":1722476901,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T01:48:21Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":56311,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Network-OS workshop will take you into the mysterious world which underpins modern computing and allows people to talk across the globe. This of course being the network itself. In this workshop you will familiarize yourself with the command line of network devices. Step by step, you will configure devices to talk to each other, share information about the computers connected to them, and relay their network information and traffic between each other. No experience needed, know how to type and copy/paste.\n\n\n","media":[],"title":"Network-OS: Be The Cloud","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"The Network-OS workshop will take you into the mysterious world which underpins modern computing and allows people to talk across the globe. This of course being the network itself. In this workshop you will familiarize yourself with the command line of network devices. Step by step, you will configure devices to talk to each other, share information about the computers connected to them, and relay their network information and traffic between each other. No experience needed, know how to type and copy/paste.","updated_timestamp":{"seconds":1722476912,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T01:48:32Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":56309,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Regular Expressions or RegEX are used everywhere! If you aspire to be a Pentester, Threat Hunter, Programmer, Network Engineer, DevOps or really anything in technology today, RegEx is a skill all the greats have and the majority of the industry are terrible at. Come learn or brush up on your RegEx skills in on our live trainer.\n\n\n","media":[],"title":"Regular Expressions (RegEx) Trainer","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"Regular Expressions or RegEX are used everywhere! If you aspire to be a Pentester, Threat Hunter, Programmer, Network Engineer, DevOps or really anything in technology today, RegEx is a skill all the greats have and the majority of the industry are terrible at. Come learn or brush up on your RegEx skills in on our live trainer.","updated_timestamp":{"seconds":1722476922,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T01:48:42Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":56307,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Use machine learning with Python to detect attacks in network packets including DNS tunneling, FTP brute force, and HTTP scanning. We will be using various Python tools such as iPython notebooks, scapy, and scikit-learn. Some Python experience is recommended, but if you don't know Python, come prepared to start with our Python tutorial!\n\n\n","media":[],"title":"Python + Packet Analysis + Machine Learning","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"Use machine learning with Python to detect attacks in network packets including DNS tunneling, FTP brute force, and HTTP scanning. We will be using various Python tools such as iPython notebooks, scapy, and scikit-learn. Some Python experience is recommended, but if you don't know Python, come prepared to start with our Python tutorial!","updated_timestamp":{"seconds":1722476946,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T01:49:06Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":56305,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T01:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Follow real world password attack steps against a mock target in order to better understand how to protect yourself and improve the security of your passwords!\n\n\n","media":[],"title":"Password lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"Follow real world password attack steps against a mock target in order to better understand how to protect yourself and improve the security of your passwords!","updated_timestamp":{"seconds":1722540130,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T19:22:10Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":56303,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T19:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"No description provided by creator\n\n\n","media":[],"title":"FleetDm","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"No description provided by creator","updated_timestamp":{"seconds":1722476980,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T01:49:40Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":56301,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T01:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for an interactive workshop where we will walk you through the ins and outs of botnet deployment and operation via a command and control web server. Geared towards beginners, this workshop offers a hands-on approach to understanding how botnets function. You'll also learn an effective defense strategy against the botnet you have created. No experience needed we will give you everything you need!\n\n\n","media":[],"title":"Botnets","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"Join us for an interactive workshop where we will walk you through the ins and outs of botnet deployment and operation via a command and control web server. Geared towards beginners, this workshop offers a hands-on approach to understanding how botnets function. You'll also learn an effective defense strategy against the botnet you have created. No experience needed we will give you everything you need!","updated_timestamp":{"seconds":1722476888,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T01:48:08Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":56299,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Play VR the gear comes out for a casual, hands on demo area to explore the metaverse in VR with games & expoloration in Meta Quest VR and Meta Raybans MR\n\n\n","media":[],"title":"Play All the Things","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Play VR the gear comes out for a casual, hands on demo area to explore the metaverse in VR with games & expoloration in Meta Quest VR and Meta Raybans MR","updated_timestamp":{"seconds":1722369095,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T19:51:35Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":56106,"tag_ids":[46397,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-06","hotel":"","short_name":"HW4-01-06","id":46354},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T19:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We are surrounded by invisible radio frequency signals created by human technology like radio, cellular, and satellite. Traditionally, we see these signals through spectrum analyzers. However, the capabilities of existing analysis tools are being outpaced by the rapid modernization of wireless networks and topologies like 5G, IoT, Bluetooth, LoRa, etc. RF is inherently multidimensional, but conventional analyzers display signals in 2D slices, limiting real-world applicability to highly technical users. Emerging technology that combines Augmented Reality displays and AI/ML algorithms is capable of spatializing RF data into its natural 3D location for easier understanding and communication.\r\n\r\nThis talk will provide an overview of the evolution of RF visualization tools from flat interfaces to immersive ones that can be used to discover and map RF signals and networks. The audience will gain a broad understanding of the emergence of immersive interfaces and how they can be applied successfully to spatial data visualization. We will walk participants through challenges with the design and development process, theory behind decisions, and usability issues to overcome in actual deployments. Resulting best practices will be shared openly. Finally, the audience will learn about future applications of these tools and forecasted innovations as the underlying technology matures.\n\n\n","media":[],"title":"Evolution of RF Signal Visualization - From Spectrum Analyzers to Augmented Reality","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T17:30:00Z","end_timestamp":{"seconds":1723397400,"nanoseconds":0},"android_description":"We are surrounded by invisible radio frequency signals created by human technology like radio, cellular, and satellite. Traditionally, we see these signals through spectrum analyzers. However, the capabilities of existing analysis tools are being outpaced by the rapid modernization of wireless networks and topologies like 5G, IoT, Bluetooth, LoRa, etc. RF is inherently multidimensional, but conventional analyzers display signals in 2D slices, limiting real-world applicability to highly technical users. Emerging technology that combines Augmented Reality displays and AI/ML algorithms is capable of spatializing RF data into its natural 3D location for easier understanding and communication.\r\n\r\nThis talk will provide an overview of the evolution of RF visualization tools from flat interfaces to immersive ones that can be used to discover and map RF signals and networks. The audience will gain a broad understanding of the emergence of immersive interfaces and how they can be applied successfully to spatial data visualization. We will walk participants through challenges with the design and development process, theory behind decisions, and usability issues to overcome in actual deployments. Resulting best practices will be shared openly. Finally, the audience will learn about future applications of these tools and forecasted innovations as the underlying technology matures.","updated_timestamp":{"seconds":1722376013,"nanoseconds":0},"speakers":[{"content_ids":[55578],"conference_id":133,"event_ids":[56100],"name":"Suzanne Borders","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"BadVR","title":"Founder and CEO"}],"links":[],"pronouns":"she/her","media":[],"id":56047,"title":"Founder and CEO at BadVR"},{"content_ids":[55578],"conference_id":133,"event_ids":[56100],"name":"Jad Meouchy","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"BadVR","title":"Co-Founder and CTO"}],"links":[],"pronouns":"he/him","media":[],"id":56048,"title":"Co-Founder and CTO at BadVR"}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T21:46:53Z","links":[],"end":"2024-08-11T17:30:00.000-0000","id":56100,"tag_ids":[46169,46397,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":56047},{"tag_id":46167,"sort_order":4,"person_id":56048}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T21:46:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"# Open Events - All Days\r\n\r\n## AIxCC - Artificial Intelligence Cyber Challenge\r\n\r\nExperience a dynamic model city with illuminated buildings and projections that bring to life the Semifinals of the AI Cyber Challenge (AIxCC) - a two-year competition to safeguard the software critical to modern life. You'll experience the thrill of the game events and the critical stakes of cybersecurity in an immersive setting that also offers an inspiring educational journey.\r\n\r\n## Social Engineering Village - SE Youth Challenge\r\n\r\nThe Social Engineering Community needs your help and it’s not exactly a big deal, but without your help, the entire universe is going to implode. Fortunately, some creative beings designed a failsafe just for this specific purpose, the Def Con Social Engineering Youth Challenge at DEF CON 32!\r\n\r\n## Adversary Village - Table top adventure\r\n\r\nTabletop adversary adventure!\r\n\r\n## Biohacking Village - Learn about bio-technology and biohacking! \r\n\r\nHands on medical device hacking and village tour\r\n\r\n## Ham Radio Vilage - Find the Fox, Decode a SSTV broadcast, get your Ham Radio License!\r\n\r\nFox Hunt!: Try to find the fox radio transmitter. SSTV: Send an SSTV broadcast and see it decoded by someone else Ham Radio Exam: Get your ham radio license at DEF CON!\r\n\r\n## Crypto Privacy Village - Gold Bug Puzzle\r\n\r\nAn invitation to a house party at the home of the Mysterious Marquise. What does it mean that it’s for those with “an adventurous spirit and enjoyment of puzzles”? And how can the doorknocker reveal anything? Find out in the Junior Cryptographer’s Corner of the CPV Gold Bug Puzzle.\r\n\r\n## Data Duplication Village - Multiple: HDD Teardown, Decryption Challenge, Error detection and correction\r\n\r\n- **HDD Teardown**: Take apart and see how hard drives work.\r\n- **Decryption Challenge**: Learn how file encryption / decryption works and solve a challenge.\r\n- **Error Detection and Correction**: Use a simple binary code system, errors are introduced in the data string. Teaching basic parity checking or checksum algorithms to identify and correct the errors, demonstrating a fundamental data integrity concept.\r\n\r\n## Hardware Hacking Village - Open Soldering lessons\r\n\r\nThe folks at the Hardware Hacking Village can teach you soldering! Bring your soldering kits and learn this valuable hacker and life skill. \r\n\r\n# Friday, Saturday 13:00 - 16:00\r\n\r\n## Car Hacking Village Scavenger Hunt\r\n\r\nThe Car Hacking Village (CHV) put together a wonderland of fun for kids of all ages to explore. Stop by at our CHV Kids Booth during our hours of operation and dive into the rabbit hole of car hacking with our team. As you explore the CHV Village, you will not only learn about car hacking, but will also get to collect fun swag at every stop. Join us on this adventure through the car hacking wonderland and let your scavenger hunt begin.\n\n\n","media":[],"title":"Open Events for DCNextGen","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"# Open Events - All Days\r\n\r\n## AIxCC - Artificial Intelligence Cyber Challenge\r\n\r\nExperience a dynamic model city with illuminated buildings and projections that bring to life the Semifinals of the AI Cyber Challenge (AIxCC) - a two-year competition to safeguard the software critical to modern life. You'll experience the thrill of the game events and the critical stakes of cybersecurity in an immersive setting that also offers an inspiring educational journey.\r\n\r\n## Social Engineering Village - SE Youth Challenge\r\n\r\nThe Social Engineering Community needs your help and it’s not exactly a big deal, but without your help, the entire universe is going to implode. Fortunately, some creative beings designed a failsafe just for this specific purpose, the Def Con Social Engineering Youth Challenge at DEF CON 32!\r\n\r\n## Adversary Village - Table top adventure\r\n\r\nTabletop adversary adventure!\r\n\r\n## Biohacking Village - Learn about bio-technology and biohacking! \r\n\r\nHands on medical device hacking and village tour\r\n\r\n## Ham Radio Vilage - Find the Fox, Decode a SSTV broadcast, get your Ham Radio License!\r\n\r\nFox Hunt!: Try to find the fox radio transmitter. SSTV: Send an SSTV broadcast and see it decoded by someone else Ham Radio Exam: Get your ham radio license at DEF CON!\r\n\r\n## Crypto Privacy Village - Gold Bug Puzzle\r\n\r\nAn invitation to a house party at the home of the Mysterious Marquise. What does it mean that it’s for those with “an adventurous spirit and enjoyment of puzzles”? And how can the doorknocker reveal anything? Find out in the Junior Cryptographer’s Corner of the CPV Gold Bug Puzzle.\r\n\r\n## Data Duplication Village - Multiple: HDD Teardown, Decryption Challenge, Error detection and correction\r\n\r\n- **HDD Teardown**: Take apart and see how hard drives work.\r\n- **Decryption Challenge**: Learn how file encryption / decryption works and solve a challenge.\r\n- **Error Detection and Correction**: Use a simple binary code system, errors are introduced in the data string. Teaching basic parity checking or checksum algorithms to identify and correct the errors, demonstrating a fundamental data integrity concept.\r\n\r\n## Hardware Hacking Village - Open Soldering lessons\r\n\r\nThe folks at the Hardware Hacking Village can teach you soldering! Bring your soldering kits and learn this valuable hacker and life skill. \r\n\r\n# Friday, Saturday 13:00 - 16:00\r\n\r\n## Car Hacking Village Scavenger Hunt\r\n\r\nThe Car Hacking Village (CHV) put together a wonderland of fun for kids of all ages to explore. Stop by at our CHV Kids Booth during our hours of operation and dive into the rabbit hole of car hacking with our team. As you explore the CHV Village, you will not only learn about car hacking, but will also get to collect fun swag at every stop. Join us on this adventure through the car hacking wonderland and let your scavenger hunt begin.","updated_timestamp":{"seconds":1722363207,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T18:13:27Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56099,"tag_ids":[46362,46398,46427],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T18:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Telecom Village is excited to announce \"Telecom Tinkerer,\" Capture The Flag (CTF) event. Participants, known as Tinkerers, will simulate actions against various elements of a dummy target organization. Telecom Tinkerer will feature real-world simulation scenarios and challenges, allowing Tinkerers to simulate attacks and explore new attack vectors, tactics, techniques, and procedures (TTPs). The event will include combined exercises with different levels of threat/emulation and purple teaming, promoting a collaborative learning environment for both offensive and defensive strategies.\n\n\n","media":[],"title":"Telecom Tinkerer CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"Telecom Village is excited to announce \"Telecom Tinkerer,\" Capture The Flag (CTF) event. Participants, known as Tinkerers, will simulate actions against various elements of a dummy target organization. Telecom Tinkerer will feature real-world simulation scenarios and challenges, allowing Tinkerers to simulate attacks and explore new attack vectors, tactics, techniques, and procedures (TTPs). The event will include combined exercises with different levels of threat/emulation and purple teaming, promoting a collaborative learning environment for both offensive and defensive strategies.","updated_timestamp":{"seconds":1722352101,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T15:08:21Z","links":[{"label":"More Info","type":"link","url":"https://telecomvillage.com/index.html#ctf"}],"end":"2024-08-11T21:00:00.000-0000","id":56073,"tag_ids":[46395,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W201","hotel":"","short_name":"W201","id":46281},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T15:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is a contest about bribery. Bribery is not only allowed, it is required as part of the contest, since it's the only way to move up the leaderboard. Judges will evaluate the value of any given bribe (for example, an unusual sticker, etc.), and award points accordingly. Boring bribes will be rejected (i.e. cash). Players can expect to learn how to make a persuasive argument, and the nature of value in an (often) pay-to-win world that we live in.\n\n\n","media":[{"hash_sha256":"d105c229ff2832a2a53e6bea90a820933908ef621ae9acf81589053a04e47e5d","filetype":"image/png","hash_md5":"6ecf3ddaa155976e729164a6f9138690","name":"ct_wallofbribesjpg.png","is_logo":"Y","hash_crc32c":"3ba9ff1a","filesize":102976,"asset_id":640,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_wallofbribesjpg.png"}],"title":"A Wall of Bribes","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"This is a contest about bribery. Bribery is not only allowed, it is required as part of the contest, since it's the only way to move up the leaderboard. Judges will evaluate the value of any given bribe (for example, an unusual sticker, etc.), and award points accordingly. Boring bribes will be rejected (i.e. cash). Players can expect to learn how to make a persuasive argument, and the nature of value in an (often) pay-to-win world that we live in.","updated_timestamp":{"seconds":1722311882,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:58:02Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249429"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249428"}],"end":"2024-08-11T19:00:00.000-0000","id":56069,"tag_ids":[46427,46439,46750],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-F","hotel":"","short_name":"HW4-02-02-F","id":46367},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Adversary Village proudly presents \"Adversary Wars CTF\", an official contest at DEF CON, where the participants will have to pose as adversaries and replicate adversarial actions against each element of a “target” organization. Adversary Wars would have real world simulation of CTF scenarios and challenges, where the participants can perform various attacks and learn new attack vectors, TTPs, techniques, etc. To visualize the CTF environment, the contest area will feature a miniature model of the city made using interlocking-plastic-bricks. The breached components OR organization buildings will be physically marked in the city model as the CTF progresses.\r\n\r\nWe are excited to be back at DEF CON as an official contest this year. Adversary Wars CTF will be located in the contest area for DEF CON 32.​\n\n\n","media":[{"hash_sha256":"07ddc9c91f6e59f3933f548603872f890309c05b353352836dc4896ef7fce215","filetype":"image/png","hash_md5":"cafd57b9dc99beb382a7e36477b02aad","name":"ct_adversary.png","is_logo":"Y","hash_crc32c":"b7d5aeab","filesize":104609,"asset_id":623,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_adversary.png"}],"title":"Adversary Wars CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Adversary Village proudly presents \"Adversary Wars CTF\", an official contest at DEF CON, where the participants will have to pose as adversaries and replicate adversarial actions against each element of a “target” organization. Adversary Wars would have real world simulation of CTF scenarios and challenges, where the participants can perform various attacks and learn new attack vectors, TTPs, techniques, etc. To visualize the CTF environment, the contest area will feature a miniature model of the city made using interlocking-plastic-bricks. The breached components OR organization buildings will be physically marked in the city model as the CTF progresses.\r\n\r\nWe are excited to be back at DEF CON as an official contest this year. Adversary Wars CTF will be located in the contest area for DEF CON 32.​","updated_timestamp":{"seconds":1722713515,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T19:31:55Z","links":[{"label":"Twitter (@AdversaryVillag)","type":"link","url":"https://twitter.com/AdversaryVillag"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249425"},{"label":"More Info","type":"link","url":"https://adversaryvillage.org/adversary-wars-ctf/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249426"}],"end":"2024-08-11T19:00:00.000-0000","id":56067,"tag_ids":[46367,46427,46439,46751],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-05","hotel":"","short_name":"HW4-03-05","id":46372},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T19:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This event was born out of the fires of DEF CON. Through years of analyzing network traffic for the Wall of Sheep and teaching others how to do the same, we built this system as a way to help the growing numbers in our community learn (fast). Then it quickly turned into the first defensive based CTF at DEF CON and is one of the longer running competitions at con with a twist... Each year we practically re-invent ourselves, bringing the latest tools & techniques along with never seen before content across 17 categories to unleash hell on the mostly-unsuspecting attendees. For ’24 we have added tons of new content, and new types of challenges never seen before.\r\n\r\nCome compete in the world's most challenging cyber defense competition based on the Aries Security Cyber Range. Tear through the challenges, traverse a hostile enterprise class network, and diligently analyze what is found in order to make it out unscathed. Not only glory, but prizes await those that emerge victorious from this upgraded labyrinth, so only the best prepared and battle hardened will escape the crucible.\n\n\n","media":[{"hash_sha256":"39238a01b06f0ddf4e2a678a63b07a1fb93094a3716dee47fac88ff443b09b2f","filetype":"image/png","hash_md5":"bb82eeecc603d6d9d05f319875161b0f","name":"ct_ctp.png","is_logo":"Y","hash_crc32c":"a13f862e","filesize":72882,"asset_id":631,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_ctp.png"}],"title":"Capture the Packet","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"This event was born out of the fires of DEF CON. Through years of analyzing network traffic for the Wall of Sheep and teaching others how to do the same, we built this system as a way to help the growing numbers in our community learn (fast). Then it quickly turned into the first defensive based CTF at DEF CON and is one of the longer running competitions at con with a twist... Each year we practically re-invent ourselves, bringing the latest tools & techniques along with never seen before content across 17 categories to unleash hell on the mostly-unsuspecting attendees. For ’24 we have added tons of new content, and new types of challenges never seen before.\r\n\r\nCome compete in the world's most challenging cyber defense competition based on the Aries Security Cyber Range. Tear through the challenges, traverse a hostile enterprise class network, and diligently analyze what is found in order to make it out unscathed. Not only glory, but prizes await those that emerge victorious from this upgraded labyrinth, so only the best prepared and battle hardened will escape the crucible.","updated_timestamp":{"seconds":1722476750,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T01:45:50Z","links":[{"label":"More Info","type":"link","url":"https://www.capturethepacket.com"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249401"},{"label":"Twitter (@capturetp)","type":"link","url":"https://twitter.com/capturetp"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249402"}],"end":"2024-08-11T19:00:00.000-0000","id":56054,"tag_ids":[46385,46427,46439,46757],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T01:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The inception of this distinctive event occurred at DEF CON 31, initiated by a fortuitous encounter with CookieT while participating in LineCon for merch. Our shared passions fostered an immediate bond, and it was amidst this camaraderie that the idea for a future challenge germinated. Having previously engaged participants with puzzle-embedded challenge coins, I (Chasse) was inspired to expand the concept beyond a mere cipher. The aim was to design a contest that would appeal across a broad spectrum of skill levels by integrating a variety of puzzles, both modern and traditional, to attract a wider audience from a complete beginner new to the hackerspace to the more seasoned and advanced hacker. Observing the collective enthusiasm as participants unraveled the first simple coin puzzle was exhilarating, yet the quick resolution of the puzzle occasionally detracted from the overall experience for more advanced puzzle solvers. Throughout DEF CON 31, CookieT and I explored the feasibility of a web-based challenge CTF, laying the foundation for what would evolve into a pioneering contest and experience. Later Raven emerged from the shadows of cyberspace to help us chisel out the contest from Zeroes and Ones\r\n\r\nWith the announcement of DEF CON 32's theme, our concept was honed, ready to blend our creative talents into this year's challenge. We crafted an innovative combination of a narrative-driven journey game, scavenger hunt, and web-based Capture The Flag (CTF) challenges, all meticulously aligned with the DEC CON 32 \"Engage\" theme. This contest emerges as a holistic platform, introducing DEF CON newcomers to core security principles through an engaging narrative. Spanning a variety of fields including OSINT, cryptography, radio, telephony, password, and web security. It promises a rich, diverse experience! Participants, automatically divided into teams, are propelled on a quest to decode puzzles and unearth flags, with challenges designed to suit everyone from novices to veterans seeking sophisticated, intricate challenges. This contest transcends the conventional competition framework, evolving into an artful endeavor that illustrates the symbiosis of storytelling and technical puzzles to create a deeply immersive learning adventure. Imagined as an interactive storybook, it invites attendees to navigate their own routes, making their own choices that lead them through a story-rich exploration of security concepts and engagement even with each other.\r\n\r\nThe technical infrastructure of this experience is built on varied technologies. The main website, https://www.chassepartie.com, is developed with Ruby on Rails 7.1 and hosted on Heroku, with CloudFlare acting as our Web Application Firewall (WAF). This site functions as the scoreboard and narrative hub of the contest. Additionally, we have set up an XCP-NG hypervisor to host approximately 10 to 15 virtual machines as targets for participant engagement. Augmented reality markers are also in place, intended for deployment in communal areas like sticker boards, to enhance the experience. These elements are interwoven with the storyline, guiding attendees through what we believe is an unprecedented adventure-style CTF challenge named Chasse Partie Systems – Dystopian Apocalypse Resistance Terminal.\r\n\r\nSo come and join us on our deviant journey, what are you waiting for?\n\n\n","media":[{"hash_sha256":"95a6fc9488a5c31ed3edb2848eb2a24498095a0de6f93552e7bc6ffe48c215cf","filetype":"image/png","hash_md5":"5ed77e41c595c690f459fe08cc26c28a","name":"ct_chasse-partie-ctf-v2.png","is_logo":"Y","hash_crc32c":"292aa419","filesize":303387,"asset_id":668,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_chasse-partie-ctf-v2.png"}],"title":"Chasse Partie Systems CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The inception of this distinctive event occurred at DEF CON 31, initiated by a fortuitous encounter with CookieT while participating in LineCon for merch. Our shared passions fostered an immediate bond, and it was amidst this camaraderie that the idea for a future challenge germinated. Having previously engaged participants with puzzle-embedded challenge coins, I (Chasse) was inspired to expand the concept beyond a mere cipher. The aim was to design a contest that would appeal across a broad spectrum of skill levels by integrating a variety of puzzles, both modern and traditional, to attract a wider audience from a complete beginner new to the hackerspace to the more seasoned and advanced hacker. Observing the collective enthusiasm as participants unraveled the first simple coin puzzle was exhilarating, yet the quick resolution of the puzzle occasionally detracted from the overall experience for more advanced puzzle solvers. Throughout DEF CON 31, CookieT and I explored the feasibility of a web-based challenge CTF, laying the foundation for what would evolve into a pioneering contest and experience. Later Raven emerged from the shadows of cyberspace to help us chisel out the contest from Zeroes and Ones\r\n\r\nWith the announcement of DEF CON 32's theme, our concept was honed, ready to blend our creative talents into this year's challenge. We crafted an innovative combination of a narrative-driven journey game, scavenger hunt, and web-based Capture The Flag (CTF) challenges, all meticulously aligned with the DEC CON 32 \"Engage\" theme. This contest emerges as a holistic platform, introducing DEF CON newcomers to core security principles through an engaging narrative. Spanning a variety of fields including OSINT, cryptography, radio, telephony, password, and web security. It promises a rich, diverse experience! Participants, automatically divided into teams, are propelled on a quest to decode puzzles and unearth flags, with challenges designed to suit everyone from novices to veterans seeking sophisticated, intricate challenges. This contest transcends the conventional competition framework, evolving into an artful endeavor that illustrates the symbiosis of storytelling and technical puzzles to create a deeply immersive learning adventure. Imagined as an interactive storybook, it invites attendees to navigate their own routes, making their own choices that lead them through a story-rich exploration of security concepts and engagement even with each other.\r\n\r\nThe technical infrastructure of this experience is built on varied technologies. The main website, https://www.chassepartie.com, is developed with Ruby on Rails 7.1 and hosted on Heroku, with CloudFlare acting as our Web Application Firewall (WAF). This site functions as the scoreboard and narrative hub of the contest. Additionally, we have set up an XCP-NG hypervisor to host approximately 10 to 15 virtual machines as targets for participant engagement. Augmented reality markers are also in place, intended for deployment in communal areas like sticker boards, to enhance the experience. These elements are interwoven with the storyline, guiding attendees through what we believe is an unprecedented adventure-style CTF challenge named Chasse Partie Systems – Dystopian Apocalypse Resistance Terminal.\r\n\r\nSo come and join us on our deviant journey, what are you waiting for?","updated_timestamp":{"seconds":1722310816,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:40:16Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249395"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249396"}],"end":"2024-08-11T20:00:00.000-0000","id":56051,"tag_ids":[46426,46439,46758],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-E","hotel":"","short_name":"HW4-01-04-E","id":46347},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"CMD+CTRL Web App Hacking Challenge gives you the opportunity to showcase your red team skills by attacking real web applications. The CMD+CTRL platform is a hacking game designed to teach the fundamentals of web application security. Explore vulnerable web applications, discover security flaws, and exploit those flaws to earn points and climb up the scoreboard. After attacking an application for yourself, you'll have a better understanding of the vulnerabilities that put real world systems at risk.\r\n\r\nAt DEF CON 32: We will be replaying some of our Cyber Range Greatest Hits. We will be running 4 different Ranges with over a 150 challenges possible!\n\n\n","media":[{"hash_sha256":"9c8df8b7b1bfaa7f9a6f76d47c2ddafcb15c60bfc6ba40d764dfaf8bc3583cde","filetype":"image/png","hash_md5":"a6d499b0f825c7c532b2eaf562131129","name":"ct_cmdctrl.png","is_logo":"Y","hash_crc32c":"9670e5ce","filesize":4017,"asset_id":630,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_cmdctrl.png"}],"title":"CMD+CTRL at DEF CON 32","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"CMD+CTRL Web App Hacking Challenge gives you the opportunity to showcase your red team skills by attacking real web applications. The CMD+CTRL platform is a hacking game designed to teach the fundamentals of web application security. Explore vulnerable web applications, discover security flaws, and exploit those flaws to earn points and climb up the scoreboard. After attacking an application for yourself, you'll have a better understanding of the vulnerabilities that put real world systems at risk.\r\n\r\nAt DEF CON 32: We will be replaying some of our Cyber Range Greatest Hits. We will be running 4 different Ranges with over a 150 challenges possible!","updated_timestamp":{"seconds":1722310603,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:36:43Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249390"},{"label":"More Info","type":"link","url":"https://defcon32.cmdnctrl.net"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249389"}],"end":"2024-08-11T19:00:00.000-0000","id":56045,"tag_ids":[46427,46439,46760],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-D","hotel":"","short_name":"HW4-03-06-D","id":46377},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Zoogleta has been scheming to corporatize and enshittify the Internet through regulatory capture, squashing indy devs, and commodifying users.\r\n\r\nYou've been contacted by journalists and whistleblowers who need help sifting through some big dumps of encrypted data and password hashes.\r\n\r\nHelp them so they can publish the smoking gun, crash Zoogleta's stock price, and get their leadership and the corrupt politicians they own arrested by exposing their internal dirt, for great justice.\r\n\r\nTime is of the essence! You will have 48 hours to crack as many files and hashes as possible.\r\n\r\nOpen to all; preregistration is recommended. Compete in the Street class for individuals or small teams, or in Pro if you do not want to sleep all weekend. Check out past years' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/\n\n\n","media":[{"hash_sha256":"8c55b933bea038dc88c4628f4a2689a38cb05c0482e20738f947c7c0a6d0bd03","filetype":"image/png","hash_md5":"1747482750537af24b802702bb112b7e","name":"ct_crackmeifyoucan.png","is_logo":"Y","hash_crc32c":"398a67a5","filesize":50685,"asset_id":721,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_crackmeifyoucan.png"}],"title":"CrackMeIfYouCan","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"Zoogleta has been scheming to corporatize and enshittify the Internet through regulatory capture, squashing indy devs, and commodifying users.\r\n\r\nYou've been contacted by journalists and whistleblowers who need help sifting through some big dumps of encrypted data and password hashes.\r\n\r\nHelp them so they can publish the smoking gun, crash Zoogleta's stock price, and get their leadership and the corrupt politicians they own arrested by exposing their internal dirt, for great justice.\r\n\r\nTime is of the essence! You will have 48 hours to crack as many files and hashes as possible.\r\n\r\nOpen to all; preregistration is recommended. Compete in the Street class for individuals or small teams, or in Pro if you do not want to sleep all weekend. Check out past years' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/","updated_timestamp":{"seconds":1722310455,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:34:15Z","links":[{"label":"More Info","type":"link","url":"https://www.crackmeifyoucan.com"},{"label":"Sub-Forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250053"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250054"},{"label":"Mastodon (@CrackMeIfYouCan@infosec.exchange)","type":"link","url":"https://infosec.exchange/@CrackMeIfYouCan"}],"end":"2024-08-11T18:00:00.000-0000","id":56042,"tag_ids":[46428,46439,46761],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-05","hotel":"","short_name":"HW4-01-05","id":46349},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:34:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Various cyber tools and techniques have been utilized based on information from past attacks. Game players will learn about different cyber security frameworks, cyber-attack processes, and how they can use utilised in a fun way. The game is built to teach key cyber terms, theory and apply techniques based on real-world scenarios.\r\n\r\nAs a player, you are part of a Global Cyber Protection Team (GCPT) assigned to the mission to prevent various attacks on critical infrastructure. Your task is to use the available information that your team has at your disposal to stop the adversary from achieving their objective.\r\n\r\nPlayers will find themselves in a variety of future scenarios based on a specific industry/sector focus e.g. manufacturing, utilities, defense, finance. The task will be to defend each individual network/system to govern, identify, detect, respond and recover against abnormal/suspicious activities on the network. You will be working against a global hacker network who are threatening to disrupt the overall operations of global critical infrastructure sites for their own nefarious means.\r\n\r\nYour team must protect various networks/systems as part of a global environment. If 5 or more systems are compromised and deactivated, the hacker network successfully disabled the global environment and can assume control of the entire environment. It is your mission to protect the environment and ensure the availability of the global system.\n\n\n","media":[{"hash_sha256":"590434b852585a01a647426db34529416f6624082c827bbd32d1ef45e5ef4651","filetype":"image/png","hash_md5":"1e73edab68d1da1d66c84a992554e685","name":"ct_cyberdefender.png","is_logo":"Y","hash_crc32c":"5a341827","filesize":92175,"asset_id":632,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_cyberdefender.png"}],"title":"Cyber Defender - The Game","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Various cyber tools and techniques have been utilized based on information from past attacks. Game players will learn about different cyber security frameworks, cyber-attack processes, and how they can use utilised in a fun way. The game is built to teach key cyber terms, theory and apply techniques based on real-world scenarios.\r\n\r\nAs a player, you are part of a Global Cyber Protection Team (GCPT) assigned to the mission to prevent various attacks on critical infrastructure. Your task is to use the available information that your team has at your disposal to stop the adversary from achieving their objective.\r\n\r\nPlayers will find themselves in a variety of future scenarios based on a specific industry/sector focus e.g. manufacturing, utilities, defense, finance. The task will be to defend each individual network/system to govern, identify, detect, respond and recover against abnormal/suspicious activities on the network. You will be working against a global hacker network who are threatening to disrupt the overall operations of global critical infrastructure sites for their own nefarious means.\r\n\r\nYour team must protect various networks/systems as part of a global environment. If 5 or more systems are compromised and deactivated, the hacker network successfully disabled the global environment and can assume control of the entire environment. It is your mission to protect the environment and ensure the availability of the global system.","updated_timestamp":{"seconds":1722310334,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:32:14Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249384"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249385"}],"end":"2024-08-11T19:00:00.000-0000","id":56038,"tag_ids":[46439,46762],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-C","hotel":"","short_name":"HW4-03-06-C","id":46376},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Darknet-NG is an Alternate Reality Game (ARG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The \"Learning Quests\" help the agent gather knowledge from all across the other villages at the conference, while the \"Challenge Quests\" help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year's final challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site https://darknet-ng.network and join our growing Discord Community!\n\n\n","media":[{"hash_sha256":"1b2e0f8d162af1a6bd8a463fa27176b2afd439a1dc61b7817c2c855763a600ed","filetype":"image/png","hash_md5":"e7442de5c5eb4549170a56163423cd5e","name":"ct_darknet.png","is_logo":"Y","hash_crc32c":"f77e820f","filesize":49081,"asset_id":633,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_darknet.png"}],"title":"Darknet-NG","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Darknet-NG is an Alternate Reality Game (ARG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The \"Learning Quests\" help the agent gather knowledge from all across the other villages at the conference, while the \"Challenge Quests\" help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year's final challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site https://darknet-ng.network and join our growing Discord Community!","updated_timestamp":{"seconds":1722310268,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:31:08Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249382"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249381"},{"label":"More Info","type":"link","url":"https://darknet-ng.network"},{"label":"Twitter (@DarknetNg)","type":"link","url":"https://twitter.com/DarknetNg"}],"end":"2024-08-11T19:00:00.000-0000","id":56035,"tag_ids":[46426,46439,46763],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-D","hotel":"","short_name":"HW4-02-01-D","id":46359},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DARPA and ARPA-H’s Artificial Intelligence Cyber Challenge (AIxCC) will bring together the foremost experts in AI and cybersecurity to safeguard the software critical to all Americans. AIxCC is a two-year competition that asks competitors to design novel AI systems to secure this critical code and will award a cumulative $29.5 million in prizes to Teams with the best systems. In 2024, top teams will be awarded prizes of $2 million each, and will advance to the finals at DEF CON 33. The AIxCC Experience at DEF CON 32 is an immersive and interactive competition environment and educational space to inspire people and organizations to accelerate the development of AI-enabled cyber defenses. Attendees will explore a futuristic city where they can learn all about the competition, the technology, and the power of AI to help secure the software we all depend on.\r\n\r\nRegistration for AIxCC is no longer open to new contestants. AIxCC Preliminary Events were held March – July 2024.\r\n\r\nSemifinalists will be announced here: https://aicyberchallenge.com/\n\n\n","media":[{"hash_sha256":"ff926fdb8070905e8485c17bfc79608b27202a7548f2ddcc058bbb89ea639e83","filetype":"image/png","hash_md5":"cbceb546139e5ed4e4a61a0b7fcaf58a","name":"ct_aixcc.png","is_logo":"Y","hash_crc32c":"661f6649","filesize":94474,"asset_id":625,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_aixcc.png"}],"title":"DARPA's Artificial Intelligence Cyber Challenge (AIxCC)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"DARPA and ARPA-H’s Artificial Intelligence Cyber Challenge (AIxCC) will bring together the foremost experts in AI and cybersecurity to safeguard the software critical to all Americans. AIxCC is a two-year competition that asks competitors to design novel AI systems to secure this critical code and will award a cumulative $29.5 million in prizes to Teams with the best systems. In 2024, top teams will be awarded prizes of $2 million each, and will advance to the finals at DEF CON 33. The AIxCC Experience at DEF CON 32 is an immersive and interactive competition environment and educational space to inspire people and organizations to accelerate the development of AI-enabled cyber defenses. Attendees will explore a futuristic city where they can learn all about the competition, the technology, and the power of AI to help secure the software we all depend on.\r\n\r\nRegistration for AIxCC is no longer open to new contestants. AIxCC Preliminary Events were held March – July 2024.\r\n\r\nSemifinalists will be announced here: https://aicyberchallenge.com/","updated_timestamp":{"seconds":1722310204,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:30:04Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249422"},{"label":"More Info","type":"link","url":"https://aicyberchallenge.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249423"}],"end":"2024-08-11T21:00:00.000-0000","id":56032,"tag_ids":[46427,46439,46764],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-06 (AIxCC)","hotel":"","short_name":"HW3-05-06 (AIxCC)","id":46268},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Whether you're a seasoned DEFCON veteran or a curious newcomer, the DEFCON Scavenger Hunt promises to challenge your skills, tickle your wits, and ignite your hacker spirit. Our list is a portal to mystery, mischief, and mayhem. Assemble your team of up to five members, interpret the items, and submit your findings at the booth to our esteemed judges. Go beyond the basics for bonus points. Legends are born here.\r\n\r\nCasual players will enjoy doing a handful of items, but you will need to devote your entire weekend if you want to win. It's not just about fame, glory, or boxes of swag; the true allure is the camaraderie of fellow hackers, the knowledge that you've etched your mark on DEFCON history, and the ultimate badge of honor: bragging rights. Nothing says \"I'm a hacker\" quite like being triumphant at the DEFCON Scavenger Hunt contest.\r\n\r\nSee you at the booth!\n\n\n","media":[{"hash_sha256":"0bbb61282ddf3bcc0d027a7ffb0cb2f0dc6fcf32814b48e53488203695f478b3","filetype":"image/png","hash_md5":"d8ada9124833199cadf2f291b0178024","name":"ct_scav-hunt.png","is_logo":"Y","hash_crc32c":"fa957778","filesize":20774,"asset_id":639,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_scav-hunt.png"}],"title":"DEF CON Scavenger Hunt","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Whether you're a seasoned DEFCON veteran or a curious newcomer, the DEFCON Scavenger Hunt promises to challenge your skills, tickle your wits, and ignite your hacker spirit. Our list is a portal to mystery, mischief, and mayhem. Assemble your team of up to five members, interpret the items, and submit your findings at the booth to our esteemed judges. Go beyond the basics for bonus points. Legends are born here.\r\n\r\nCasual players will enjoy doing a handful of items, but you will need to devote your entire weekend if you want to win. It's not just about fame, glory, or boxes of swag; the true allure is the camaraderie of fellow hackers, the knowledge that you've etched your mark on DEFCON history, and the ultimate badge of honor: bragging rights. Nothing says \"I'm a hacker\" quite like being triumphant at the DEFCON Scavenger Hunt contest.\r\n\r\nSee you at the booth!","updated_timestamp":{"seconds":1722309542,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:19:02Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249365"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249366"},{"label":"Twitter (@defconscavhunt)","type":"link","url":"https://twitter.com/defconscavhunt"},{"label":"More Info","type":"link","url":"https://www.defconscavhunt.com"}],"end":"2024-08-11T19:00:00.000-0000","id":56025,"tag_ids":[46427,46439,46767],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-02","hotel":"","short_name":"HW4-03-02","id":46369},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle can keep you intrigued and busy throughout DEF CON - and questioning how deep the layers of cryptography go.\r\n\r\nThe Gold Bug is an annual puzzle hunt at DEF CON, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto.\r\n\r\nThe Gold Bug is accessible to all, with some simpler puzzles for warmup or beginners (even kids!), and some that will require you to dig a little deeper. Whether you want to hack on puzzles solo or with a team, join us at https://goldbug.cryptovillage.org to get started!\n\n\n","media":[{"hash_sha256":"13b49952b47182e368d362f08a7e71f8089c9c83059a9c4c8e4808b45d4b4895","filetype":"image/png","hash_md5":"9a544e26f3417e9cf4b4d32be2f147ae","name":"ct_gold-bug.png","is_logo":"Y","hash_crc32c":"c2604e30","filesize":86951,"asset_id":642,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_gold-bug.png"}],"title":"Gold Bug Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle can keep you intrigued and busy throughout DEF CON - and questioning how deep the layers of cryptography go.\r\n\r\nThe Gold Bug is an annual puzzle hunt at DEF CON, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto.\r\n\r\nThe Gold Bug is accessible to all, with some simpler puzzles for warmup or beginners (even kids!), and some that will require you to dig a little deeper. Whether you want to hack on puzzles solo or with a team, join us at https://goldbug.cryptovillage.org to get started!","updated_timestamp":{"seconds":1722309511,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:18:31Z","links":[{"label":"More Info","type":"link","url":"https://goldbug.cryptovillage.org/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249357"},{"label":"Twitter (@CryptoVillage)","type":"link","url":"https://twitter.com/CryptoVillage"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249358"}],"end":"2024-08-11T19:00:00.000-0000","id":56021,"tag_ids":[46377,46426,46439,46768],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-F","hotel":"","short_name":"HW4-01-04-F","id":46348},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle can keep you intrigued and busy throughout DEF CON - and questioning how deep the layers of cryptography go.\r\n\r\nThe Gold Bug is an annual puzzle hunt at DEF CON, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto.\r\n\r\nThe Gold Bug is accessible to all, with some simpler puzzles for warmup or beginners (even kids!), and some that will require you to dig a little deeper. Whether you want to hack on puzzles solo or with a team, join us at https://goldbug.cryptovillage.org to get started!\n\n\n","media":[{"hash_sha256":"13b49952b47182e368d362f08a7e71f8089c9c83059a9c4c8e4808b45d4b4895","filetype":"image/png","hash_md5":"9a544e26f3417e9cf4b4d32be2f147ae","name":"ct_gold-bug.png","is_logo":"Y","hash_crc32c":"c2604e30","filesize":86951,"asset_id":642,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_gold-bug.png"}],"title":"Gold Bug Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-12T01:00:00Z","end_timestamp":{"seconds":1723424400,"nanoseconds":0},"android_description":"Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle can keep you intrigued and busy throughout DEF CON - and questioning how deep the layers of cryptography go.\r\n\r\nThe Gold Bug is an annual puzzle hunt at DEF CON, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto.\r\n\r\nThe Gold Bug is accessible to all, with some simpler puzzles for warmup or beginners (even kids!), and some that will require you to dig a little deeper. Whether you want to hack on puzzles solo or with a team, join us at https://goldbug.cryptovillage.org to get started!","updated_timestamp":{"seconds":1722309511,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:18:31Z","links":[{"label":"More Info","type":"link","url":"https://goldbug.cryptovillage.org/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249357"},{"label":"Twitter (@CryptoVillage)","type":"link","url":"https://twitter.com/CryptoVillage"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249358"}],"end":"2024-08-12T01:00:00.000-0000","id":56020,"tag_ids":[46377,46426,46439,46768],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-F","hotel":"","short_name":"HW4-01-04-F","id":46348},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hybrid Contest\r\nOn-site Hours: Friday and Saturday 10:00-18:00; Sunday: 10:00-12:00\r\nBecomes available online Thursday 12:00\r\nOnline and In-Person platforms will close Sunday 12:00\r\nPlayers will only be able to turn in scavenger hunt items during On-site Hours.\r\n\r\nThis Pac-Man themed set of challenges takes Players on a journey through learning and demonstrating hacker and information security skills to earn points. With multiple subject-matter specific challenge groups and tracks, this hacker challenge game has something for everyone. You, dear Player, are Hac-Man (or Ms. Hac-Man, or Hac-Person), making your way through various dark mazes eating pellets, fruit, and ghosts. Each ghost represents a hacker puzzle or skills challenge. Upon completing each challenge, you’ll be awarded points and can continue on to attempt further challenges. Many challenges have unlockable hints and location information, which you can unlock by spending your collected fruit.\r\n\r\nThere is a leaderboard! As you collect points, you’ll show up on this leaderboard. The top 10 Players at the end of the game will be awarded various prizes from a prize pool.\n\n\n","media":[{"hash_sha256":"cc6847194df5b5f393d21dbe7eae61dd116d6ba9425fa3ecf526ffe8e72fcd79","filetype":"image/png","hash_md5":"a8e899829eca14ba61dacae2a6508d0a","name":"ct_hac-man_v2.png","is_logo":"Y","hash_crc32c":"e972f1c8","filesize":99075,"asset_id":782,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hac-man_v2.png"}],"title":"Hac-Man","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Hybrid Contest\r\nOn-site Hours: Friday and Saturday 10:00-18:00; Sunday: 10:00-12:00\r\nBecomes available online Thursday 12:00\r\nOnline and In-Person platforms will close Sunday 12:00\r\nPlayers will only be able to turn in scavenger hunt items during On-site Hours.\r\n\r\nThis Pac-Man themed set of challenges takes Players on a journey through learning and demonstrating hacker and information security skills to earn points. With multiple subject-matter specific challenge groups and tracks, this hacker challenge game has something for everyone. You, dear Player, are Hac-Man (or Ms. Hac-Man, or Hac-Person), making your way through various dark mazes eating pellets, fruit, and ghosts. Each ghost represents a hacker puzzle or skills challenge. Upon completing each challenge, you’ll be awarded points and can continue on to attempt further challenges. Many challenges have unlockable hints and location information, which you can unlock by spending your collected fruit.\r\n\r\nThere is a leaderboard! As you collect points, you’ll show up on this leaderboard. The top 10 Players at the end of the game will be awarded various prizes from a prize pool.","updated_timestamp":{"seconds":1722309229,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:13:49Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249354"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249355"},{"label":"More Info","type":"link","url":"https://scramble.roguesignal.io/GM_HACM24"}],"end":"2024-08-11T20:00:00.000-0000","id":56017,"tag_ids":[46426,46439,46769],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-C","hotel":"","short_name":"HW4-02-01-C","id":46358},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We would like to see cancer become a thing of the past, and you can help. How? Join the Hacker Cooling Contraption Challenge, brought to you by the TeleChallenge. Here's how it works:\r\n\r\n1. Accept our Challenge. If you accept the Challenge, you're also committing to nominate three people to join you.\r\n2. Take a video of yourself dumping a bucket of ice water over your head in combination with a Contraption of your construction to lower your temperature and raise awareness of cancer. Trust us, it's way easier to do this during the summer in Vegas than at Halifax Analytica headquarters in the winter.\r\n3. Post the audio to the TeleChallenge voice BBS challenging up to three others using their phone number, or post a video to https://defcon.social or your social media of choice using the hashtag #HackerCoolingContraption and the following:\r\n - Your handle\r\n - Who challenged you\r\n - A statement of acceptance (\"I agree that I am responsible for my own hacker cooling actions, I understand that water is wet, and I promise not to sue the TeleChallenge or DEF CON\" or something to that effect)\r\n - The handles of 3 people you are nominating\r\n - A link to a nonprofit cancer research project or charity of your choice that you have chosen to support\r\n - A mention of your contribution (including cash, cryptocurrency, volunteer hours, or computing resources), if any\r\n\r\nSuggested: Make a contribution of your choice to support cancer research. You may want to check nonprofit and charity quality here: https://www.charitynavigator.org/\r\n\r\nRULES\r\n\r\n1. You can use up to 4 items obtained either from the TeleChallenge booth or at a dollar store costing no more than $5 plus tax, plus duct tape, along with a single one-gallon bucket or container full of conventional ice and water (solely H2O!) to build your Contraption.\r\n2. Only hand tools may be used.\r\n3. No hackers may be harmed in the execution of the Challenge. Contraption may cool to no colder than -3 degrees Celcius.\r\n4. You may wear no less than a bathing suit (due to dress code requirements at pools).\r\n5. Contraptions will be judged only for full participants of the Challenge, meaning you have made three nominations and at least two nominees have also participated.\r\n6. Judging criteria: Efficacy, creativity, flair, hax.\n\n\n","media":[{"hash_sha256":"1162bb14d1418b4cae3817411de665ed741ed2268a0dcc68a84b299605b611cb","filetype":"image/png","hash_md5":"a28c768a3e779e17ac17c6310bf89f1e","name":"ct_telechallenge.png","is_logo":"Y","hash_crc32c":"a0fffafe","filesize":8220,"asset_id":660,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_telechallenge.png"}],"title":"Hacker Cooling Contraption Challenge, brought to you by the TeleChallenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"We would like to see cancer become a thing of the past, and you can help. How? Join the Hacker Cooling Contraption Challenge, brought to you by the TeleChallenge. Here's how it works:\r\n\r\n1. Accept our Challenge. If you accept the Challenge, you're also committing to nominate three people to join you.\r\n2. Take a video of yourself dumping a bucket of ice water over your head in combination with a Contraption of your construction to lower your temperature and raise awareness of cancer. Trust us, it's way easier to do this during the summer in Vegas than at Halifax Analytica headquarters in the winter.\r\n3. Post the audio to the TeleChallenge voice BBS challenging up to three others using their phone number, or post a video to https://defcon.social or your social media of choice using the hashtag #HackerCoolingContraption and the following:\r\n - Your handle\r\n - Who challenged you\r\n - A statement of acceptance (\"I agree that I am responsible for my own hacker cooling actions, I understand that water is wet, and I promise not to sue the TeleChallenge or DEF CON\" or something to that effect)\r\n - The handles of 3 people you are nominating\r\n - A link to a nonprofit cancer research project or charity of your choice that you have chosen to support\r\n - A mention of your contribution (including cash, cryptocurrency, volunteer hours, or computing resources), if any\r\n\r\nSuggested: Make a contribution of your choice to support cancer research. You may want to check nonprofit and charity quality here: https://www.charitynavigator.org/\r\n\r\nRULES\r\n\r\n1. You can use up to 4 items obtained either from the TeleChallenge booth or at a dollar store costing no more than $5 plus tax, plus duct tape, along with a single one-gallon bucket or container full of conventional ice and water (solely H2O!) to build your Contraption.\r\n2. Only hand tools may be used.\r\n3. No hackers may be harmed in the execution of the Challenge. Contraption may cool to no colder than -3 degrees Celcius.\r\n4. You may wear no less than a bathing suit (due to dress code requirements at pools).\r\n5. Contraptions will be judged only for full participants of the Challenge, meaning you have made three nominations and at least two nominees have also participated.\r\n6. Judging criteria: Efficacy, creativity, flair, hax.","updated_timestamp":{"seconds":1722309155,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:12:35Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249290"},{"label":"More Info","type":"link","url":"https://www.telechallenge.org"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249289"}],"end":"2024-08-11T20:00:00.000-0000","id":56014,"tag_ids":[46426,46439,46770],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-B","hotel":"","short_name":"HW4-02-02-B","id":46363},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This event was born out of the desire to teach an often-overlooked hardware and networking skill, and to provide the opportunity for experienced people to mentor others as they learn. DEF CON provides the perfect environment for people with no prior training to learn something useful and new. Hardwired networks are often overlooked in today’s world of cellular connection and Wi-Fi, but they still play an important part in the backbone of information sharing. We believe that while cutting-edge technologies are thrilling, traditional skills-building still has its place, and we want to provide that opportunity to the DEF CON community.\r\n\r\nDon't know how to make a network cable and want to learn? Has it been years? Or do you think you're a pro? Come see if you can... make the best cable at con by cut/wire/crimp.\n\n\n","media":[],"title":"HardWired","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"This event was born out of the desire to teach an often-overlooked hardware and networking skill, and to provide the opportunity for experienced people to mentor others as they learn. DEF CON provides the perfect environment for people with no prior training to learn something useful and new. Hardwired networks are often overlooked in today’s world of cellular connection and Wi-Fi, but they still play an important part in the backbone of information sharing. We believe that while cutting-edge technologies are thrilling, traditional skills-building still has its place, and we want to provide that opportunity to the DEF CON community.\r\n\r\nDon't know how to make a network cable and want to learn? Has it been years? Or do you think you're a pro? Come see if you can... make the best cable at con by cut/wire/crimp.","updated_timestamp":{"seconds":1722476715,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T01:45:15Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249337"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249336"}],"end":"2024-08-11T20:00:00.000-0000","id":56005,"tag_ids":[46385,46427,46439,46774],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T01:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A powerful corporation, notorious for its unethical practices, leveraged their extensive data resources gathered from users, and their psychological profiles, to subdue the population into compliance. The immune few, realizing the extent of the corporate conspiracy, band together to expose and dismantle the corporation's grip on society. These individuals must navigate a dangerous world of surveillance and betrayal. Their mission is to ignite a global awakening and reclaim freedom from corporate domination.\r\n\r\nPlayers will have to join the mission and participate in a CTF that would be beneficial for beginners and experienced players alike. The challenge categories will be Web, Cryptography, Forensics, PWN(binary exploitation) and Reverse Engineering. Various difficulty challenges from each category will be featured.\n\n\n","media":[{"hash_sha256":"f55b0da621d4ee7bcd1f6dd77fc6c800e20904a3840e9c4e47aee632f1571436","filetype":"image/png","hash_md5":"a396fd3e8349dccb4058656168c13a48","name":"ct_htbctfdatadystopia.png","is_logo":"Y","hash_crc32c":"bdc31b88","filesize":412581,"asset_id":663,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_htbctfdatadystopia.png"}],"title":"HTB CTF: Data Dystopia","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"A powerful corporation, notorious for its unethical practices, leveraged their extensive data resources gathered from users, and their psychological profiles, to subdue the population into compliance. The immune few, realizing the extent of the corporate conspiracy, band together to expose and dismantle the corporation's grip on society. These individuals must navigate a dangerous world of surveillance and betrayal. Their mission is to ignite a global awakening and reclaim freedom from corporate domination.\r\n\r\nPlayers will have to join the mission and participate in a CTF that would be beneficial for beginners and experienced players alike. The challenge categories will be Web, Cryptography, Forensics, PWN(binary exploitation) and Reverse Engineering. Various difficulty challenges from each category will be featured.","updated_timestamp":{"seconds":1722308173,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:56:13Z","links":[{"label":"Website","type":"link","url":"https://ctf.hackthebox.com/"},{"label":"Twitter (@hackthebox_eu)","type":"link","url":"https://twitter.com/hackthebox_eu"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249333"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249334"}],"end":"2024-08-11T20:00:00.000-0000","id":56002,"tag_ids":[46427,46439,46775],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06","hotel":"","short_name":"HW4-03-06","id":46373},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The ICS Village CTF offers hands-on experiences with industrial control systems, which bridge technology with physics. Attendees engage with industry experts while solving challenges like a red vs blue manufacturing network process coupled with OT-specific jeopardy-stye challenges. This contest highlights vulnerabilities in industrial equipment and OT protocols. By simulating attacks on critical infrastructure, participants develop and practice DEFCON-level skills, enhancing their understanding with critical infrastructure and the world we rely on.\n\n\n","media":[{"hash_sha256":"8f0942a63e6e9852cd8a122722da50a5f820039a33fbf629d8e0bbb0bc3c2a25","filetype":"image/png","hash_md5":"6f799941f98600f913350895408f1f4c","name":"ct_ics.png","is_logo":"Y","hash_crc32c":"765e2955","filesize":196108,"asset_id":648,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_ics.png"}],"title":"ICS CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The ICS Village CTF offers hands-on experiences with industrial control systems, which bridge technology with physics. Attendees engage with industry experts while solving challenges like a red vs blue manufacturing network process coupled with OT-specific jeopardy-stye challenges. This contest highlights vulnerabilities in industrial equipment and OT protocols. By simulating attacks on critical infrastructure, participants develop and practice DEFCON-level skills, enhancing their understanding with critical infrastructure and the world we rely on.","updated_timestamp":{"seconds":1722308131,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:55:31Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249319"},{"label":"Website","type":"link","url":"https://www.icsvillage.com/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249318"}],"end":"2024-08-11T20:00:00.000-0000","id":55999,"tag_ids":[46427,46439,46776],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The IoT village pi eating contest is a challenge where participants put their hardwear hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins.\r\n\r\nIn this brand new challenge, participants put their hardware hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins!\r\n\n\n\n","media":[],"title":"IoT Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The IoT village pi eating contest is a challenge where participants put their hardwear hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins.\r\n\r\nIn this brand new challenge, participants put their hardware hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins!","updated_timestamp":{"seconds":1722622146,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T18:09:06Z","links":[{"label":"More Info","type":"link","url":"https://scoreboard.iotvillage.org/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249449"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249448"}],"end":"2024-08-11T20:00:00.000-0000","id":55996,"tag_ids":[46427,46439,46777],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T18:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"You have been randomly selected for additional security training. Be on the look out for one of our drives, USBs or surprise devices out here in Vegas, and follow along on @LonelyHardDrive for further clues to start hacking away at the puzzles. This is required for all LonelyCorp employees and Betty Pagefile is counting on you!\n\n\n","media":[{"hash_sha256":"d3413916446363608deee0d63c7e2efb8eee7c303fcaafc76eab10c25b274594","filetype":"image/png","hash_md5":"a8a23a326ef1c818a3403a1ef3e87269","name":"ct_lonelyhd.png","is_logo":"Y","hash_crc32c":"9ea33847","filesize":79993,"asset_id":650,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_lonelyhd.png"}],"title":"Lonely Hard Drive","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"You have been randomly selected for additional security training. Be on the look out for one of our drives, USBs or surprise devices out here in Vegas, and follow along on @LonelyHardDrive for further clues to start hacking away at the puzzles. This is required for all LonelyCorp employees and Betty Pagefile is counting on you!","updated_timestamp":{"seconds":1722307767,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:49:27Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249324"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249325"},{"label":"Discord","type":"link","url":"https://discord.gg/68pRuKdCpW"}],"end":"2024-08-11T20:00:00.000-0000","id":55989,"tag_ids":[46427,46439,46780],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-F","hotel":"","short_name":"HW4-02-02-F","id":46367},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"How far will you go? Or, more accurately, how far was your tag's last reported location? Pre-register your team to receive one of a dozen tags, and check out our socials (@LonelyHardDrive) to watch the tags move across the map!\n\n\n","media":[{"hash_sha256":"98201efca440cba174db564a38cc3207a4c951759d79e47ef2bb817534cbff0e","filetype":"image/png","hash_md5":"8e4dc2835c8f08abfaa5b9162b29447b","name":"ct_lonelytag.png","is_logo":"Y","hash_crc32c":"89bc5644","filesize":82759,"asset_id":651,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_lonelytag.png"}],"title":"Lonely Tag","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"How far will you go? Or, more accurately, how far was your tag's last reported location? Pre-register your team to receive one of a dozen tags, and check out our socials (@LonelyHardDrive) to watch the tags move across the map!","updated_timestamp":{"seconds":1722307717,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:48:37Z","links":[{"label":"Discord","type":"link","url":"https://discord.gg/68pRuKdCpW"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249328"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249327"},{"label":"Twitter (@LonelyHardDrive)","type":"link","url":"https://twitter.com/LonelyHardDrive"}],"end":"2024-08-11T20:00:00.000-0000","id":55986,"tag_ids":[46427,46439,46781],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-F","hotel":"","short_name":"HW4-02-02-F","id":46367},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"MARC I: Malware Analysis Report Competition I\r\n\r\nIn MARC I (Malware Analysis Report Competition I), participants collect and analyze real malware, then write an analysis report like a story, covering the entire scope of who, what, when, where, why, and how they found and analyzed the malware.\r\n\r\nMARC I was created by Lena Yu (aka LambdaMamba) to provide malware enthusiasts with an opportunity to learn and showcase their passion and skills. Mastering malware analysis means mastering language. Essentially, we take a highly technical concept and simplify it into something that many can understand, similar to how a compiler translates high-level language into low-level language that a wide range of systems can understand.\r\n\r\nWhen participants open-source and publish their work, it greatly contributes to improving the field of cyber defense. Let's make malware analysis knowledge go viral!\r\n\r\n\r\nBOMBE: Battle of Malware Bypass and EDR\r\n\r\nTry to capture malware by writing your own EDR, or become the malware to bypass detection! BOMBE (Battle of Malware Bypass and EDR) is a unique match where malware and EDR systems compete against each other inside a single VM boxing ring.\r\n\r\nOur participants can choose if they want to be malware creator or EDR developer. Malware creators aim to exfiltrate credentials and transmit them to our designated server. On the other side, EDR developers will focus on detecting the malware's activities and report its findings. Both the malware and EDR, created by our participants, will battle each other directly inside a single VM. As they face off, they’ll earn points for wins, moving up on the leaderboard. We also encourage them to keep improving their malware or EDR systems, system logs will be released after a few rounds.\r\n\r\nBOMBE was created by Wei-Chieh Chao (aka oalieno) and Tien-Chih Lin (aka Dange). It is not just a competition, it's a learning platform. Participants engage with real-world scenarios, learning the circumstances between malware and EDR, a never-ending bypass and detect game. Showcase your skills! Whether you're a wizard at weaving undetectable malware or a mastermind in sophisticated defenses, this is your stage. Demonstrate your capabilities to a global audience, including potential employers and industry leaders.\n\n\n","media":[{"hash_sha256":"6c6addafa55c0e71b8e6dc3fff0f1a9a32e4399a6b80efaece158e3fdf69dd77","filetype":"image/png","hash_md5":"ddda3a35809fc47bf728f63f829e258d","name":"ct_marcibombe.png","is_logo":"Y","hash_crc32c":"040f1340","filesize":22325,"asset_id":652,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_marcibombe.png"}],"title":"Malware Contests: MARC I & BOMBE","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"MARC I: Malware Analysis Report Competition I\r\n\r\nIn MARC I (Malware Analysis Report Competition I), participants collect and analyze real malware, then write an analysis report like a story, covering the entire scope of who, what, when, where, why, and how they found and analyzed the malware.\r\n\r\nMARC I was created by Lena Yu (aka LambdaMamba) to provide malware enthusiasts with an opportunity to learn and showcase their passion and skills. Mastering malware analysis means mastering language. Essentially, we take a highly technical concept and simplify it into something that many can understand, similar to how a compiler translates high-level language into low-level language that a wide range of systems can understand.\r\n\r\nWhen participants open-source and publish their work, it greatly contributes to improving the field of cyber defense. Let's make malware analysis knowledge go viral!\r\n\r\n\r\nBOMBE: Battle of Malware Bypass and EDR\r\n\r\nTry to capture malware by writing your own EDR, or become the malware to bypass detection! BOMBE (Battle of Malware Bypass and EDR) is a unique match where malware and EDR systems compete against each other inside a single VM boxing ring.\r\n\r\nOur participants can choose if they want to be malware creator or EDR developer. Malware creators aim to exfiltrate credentials and transmit them to our designated server. On the other side, EDR developers will focus on detecting the malware's activities and report its findings. Both the malware and EDR, created by our participants, will battle each other directly inside a single VM. As they face off, they’ll earn points for wins, moving up on the leaderboard. We also encourage them to keep improving their malware or EDR systems, system logs will be released after a few rounds.\r\n\r\nBOMBE was created by Wei-Chieh Chao (aka oalieno) and Tien-Chih Lin (aka Dange). It is not just a competition, it's a learning platform. Participants engage with real-world scenarios, learning the circumstances between malware and EDR, a never-ending bypass and detect game. Showcase your skills! Whether you're a wizard at weaving undetectable malware or a mastermind in sophisticated defenses, this is your stage. Demonstrate your capabilities to a global audience, including potential employers and industry leaders.","updated_timestamp":{"seconds":1722307667,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:47:47Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249321"},{"label":"More Info","type":"link","url":"https://digitalplaguedoctors.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249322"},{"label":"Twitter (@DigitalPlagueDr)","type":"link","url":"https://twitter.com/DigitalPlagueDr"}],"end":"2024-08-11T20:00:00.000-0000","id":55983,"tag_ids":[46427,46439,46782],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-03","hotel":"","short_name":"HW4-03-03","id":46370},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Get ready to dive into the excitement of the third annual Octopus Game at DEF CON! Octopus Game is your chance to connect with fellow attendees while exploring all the fun and fascinating aspects of DEF CON. Whether you're new to DEF CON, a beginner at code-breaking, or simply seeking a stress-free contest, this is the perfect opportunity for you. Test your skills in clue reading and code-breaking as you join in on the fun!\r\n\r\nYou and your fellow pirates will embark on an exhilarating journey, armed with clues that unveil the path to the lost treasure of a legendary pirate, now guarded by the mighty Kraken. These quests will guide you through the vibrant landscape of the Con, offering a glimpse into the myriad opportunities and experiences awaiting exploration. Designed to welcome newcomers to the hacking world, this contest fosters connections among attendees and contributors alike. Whether you choose to collaborate with a small group or brave the challenge solo, the decision is yours. Yet, amidst the excitement, remember that only one can emerge victorious. With challenges tailored for entry-level participants and a kid-friendly environment, come join us for a thrilling adventure into the depths of the Kraken's Conundrum.\n\n\n","media":[{"hash_sha256":"d965b5442c0a42e3e2532515477829fb650b66f56a09c1dc92ce7ea7b4f49215","filetype":"image/png","hash_md5":"5f9b31f3696397acc630b3f69415c627","name":"ct_octogame.png","is_logo":"Y","hash_crc32c":"a3e9435a","filesize":258126,"asset_id":653,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_octogame.png"}],"title":"Octopus Game","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Get ready to dive into the excitement of the third annual Octopus Game at DEF CON! Octopus Game is your chance to connect with fellow attendees while exploring all the fun and fascinating aspects of DEF CON. Whether you're new to DEF CON, a beginner at code-breaking, or simply seeking a stress-free contest, this is the perfect opportunity for you. Test your skills in clue reading and code-breaking as you join in on the fun!\r\n\r\nYou and your fellow pirates will embark on an exhilarating journey, armed with clues that unveil the path to the lost treasure of a legendary pirate, now guarded by the mighty Kraken. These quests will guide you through the vibrant landscape of the Con, offering a glimpse into the myriad opportunities and experiences awaiting exploration. Designed to welcome newcomers to the hacking world, this contest fosters connections among attendees and contributors alike. Whether you choose to collaborate with a small group or brave the challenge solo, the decision is yours. Yet, amidst the excitement, remember that only one can emerge victorious. With challenges tailored for entry-level participants and a kid-friendly environment, come join us for a thrilling adventure into the depths of the Kraken's Conundrum.","updated_timestamp":{"seconds":1722307468,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:44:28Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249313"},{"label":"More Info","type":"link","url":"https://www.mirolabs.info/octopus-game-dc32"},{"label":"Twitter (@OctopusGameDC)","type":"link","url":"https://twitter.com/OctopusGameDC"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249314"}],"end":"2024-08-11T20:00:00.000-0000","id":55980,"tag_ids":[46427,46439,46783],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-A","hotel":"","short_name":"HW4-03-06-A","id":46374},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:44:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The contest will be hosted on the Publicly Switched Telephone Network and will be live for access 24/7, with real world PSTN phone numbers to dial into.\r\n\r\nThe Hacked Existence team will be hosting a telecom based CTF. The CTF will be hosted on live VoIP lines routed through a modified asterisk PBX. This will allow participants to dial in to the CTF from a real world telephone routable phone number allowing them to hunt the PBX for flags. The flags will be based around utilizing historically accurate tactics, techniques, and procedures to manipulate emulated old school switching systems.\r\n\r\nThe purpose of our contest is to bring awareness around the still existing weaknesses in our telecom infrastructure and Interactive Voice Response Systems. Ideally visitors to our contest area will participate in the CTF allowing them to get a better understanding of telecom hacking in the year 2024 as well as a respect for the art of phreaking from yesteryears.\n\n\n","media":[{"hash_sha256":"a381d77389722eccd24a6d26091b74111ffeb39431dfba6ccc946470f7aa0c06","filetype":"image/png","hash_md5":"abb9c88d83bd9789b6436e200d1beba3","name":"ct_phreak-me.png","is_logo":"Y","hash_crc32c":"bce4e12c","filesize":27257,"asset_id":655,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_phreak-me.png"}],"title":"PhreakMe presented by HackedExistence","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The contest will be hosted on the Publicly Switched Telephone Network and will be live for access 24/7, with real world PSTN phone numbers to dial into.\r\n\r\nThe Hacked Existence team will be hosting a telecom based CTF. The CTF will be hosted on live VoIP lines routed through a modified asterisk PBX. This will allow participants to dial in to the CTF from a real world telephone routable phone number allowing them to hunt the PBX for flags. The flags will be based around utilizing historically accurate tactics, techniques, and procedures to manipulate emulated old school switching systems.\r\n\r\nThe purpose of our contest is to bring awareness around the still existing weaknesses in our telecom infrastructure and Interactive Voice Response Systems. Ideally visitors to our contest area will participate in the CTF allowing them to get a better understanding of telecom hacking in the year 2024 as well as a respect for the art of phreaking from yesteryears.","updated_timestamp":{"seconds":1722307355,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:42:35Z","links":[{"label":"Twitter (@mainframed767)","type":"link","url":"https://twitter.com/mainframed767"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249310"},{"label":"Twitter (@HackedExistence)","type":"link","url":"https://twitter.com/HackedExistence"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249311"}],"end":"2024-08-11T20:00:00.000-0000","id":55977,"tag_ids":[46426,46439,46784],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-C","hotel":"","short_name":"HW4-02-02-C","id":46364},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The inaugural Pinball High Score contest at DEF CON will run Friday and Saturday: 10:00-18:00, Sunday 10:00-13:00 with games available for daily High Score contests, daily challenges and open qualifying for a main tournament. The daily contests will allow any attendee to play pinball games and attempt to record a qualifying high score on each of the unique games. At 18:00 on Saturday main tournament qualifying will end and the top 8 players with the highest combined scores across all eligible machines will qualify for the Sunday finals event where they could become the first DEF CON Pinball Champion!\r\n \r\nAchieving a high score may sound simple but pinball rulesets are very complex and the skill to complete a “Wizard Mode” or achieve a high score requires research, practice, knowledge and execution. Out of the box thinking, analytical skills and pattern recognition are traits that pinball players must exhibit to be successful and some games have rule sets that can be studied and exploited to achieve a high score. Hackers are at an advantage here and while this is just a pinball contest, I expect that the community is ready for this challenge.\r\n \r\nStern Pinball has prepared an exclusive DEF CON 32 digital badge that will be available for any attendee to earn for playing in this event. Additional DEF CON specific Insider Connect badges may be unlocked during game play.\r\n \r\nPinball developers have a long history of including Easter Eggs/COWS in games. Easter eggs “may” also be available for attendees to discover during the conference. Undocumented Easter eggs found by players during the event will be documented, verified and recognized.\n\n\n","media":[{"hash_sha256":"9f1e99841fcfbdb0775e2e05980c102dddd97013cf9cc0bfce930a55d91246ec","filetype":"image/png","hash_md5":"5b36f9ed87f65efbdf841e5c77a6041f","name":"ct_Pinball.png","is_logo":"Y","hash_crc32c":"cbbfc253","filesize":614281,"asset_id":664,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_Pinball.png"}],"title":"Pinball High Score Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The inaugural Pinball High Score contest at DEF CON will run Friday and Saturday: 10:00-18:00, Sunday 10:00-13:00 with games available for daily High Score contests, daily challenges and open qualifying for a main tournament. The daily contests will allow any attendee to play pinball games and attempt to record a qualifying high score on each of the unique games. At 18:00 on Saturday main tournament qualifying will end and the top 8 players with the highest combined scores across all eligible machines will qualify for the Sunday finals event where they could become the first DEF CON Pinball Champion!\r\n \r\nAchieving a high score may sound simple but pinball rulesets are very complex and the skill to complete a “Wizard Mode” or achieve a high score requires research, practice, knowledge and execution. Out of the box thinking, analytical skills and pattern recognition are traits that pinball players must exhibit to be successful and some games have rule sets that can be studied and exploited to achieve a high score. Hackers are at an advantage here and while this is just a pinball contest, I expect that the community is ready for this challenge.\r\n \r\nStern Pinball has prepared an exclusive DEF CON 32 digital badge that will be available for any attendee to earn for playing in this event. Additional DEF CON specific Insider Connect badges may be unlocked during game play.\r\n \r\nPinball developers have a long history of including Easter Eggs/COWS in games. Easter eggs “may” also be available for attendees to discover during the conference. Undocumented Easter eggs found by players during the event will be documented, verified and recognized.","updated_timestamp":{"seconds":1722307304,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:41:44Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249307"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249308"}],"end":"2024-08-11T20:00:00.000-0000","id":55974,"tag_ids":[46427,46439,46785],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-A","hotel":"","short_name":"HW4-02-01-A","id":46356},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:41:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There’s a new emerging tech in town, and it’s name is Quantum! Following the past two years of Quantum CTF events held at the Quantum Village, we are pleased, proud, and excited to announce that our Q-CTF is indeed returning as Codename; QOLOSSUS! Pit your wits against the Atom, and come and see what devilish challenges from our Quantum Quizmasters await. Come and show your quantum prowess, and mastery of superposition and entanglement - design algorithms to break cryptography, hack our simulated quantum communications, and score points in our IRL activities. |Good Luck!〉\n\n\n","media":[{"hash_sha256":"199f4b2ea70f9102e0afb69f5030e3ee8f63e989d287fb95999ae10866455522","filetype":"image/png","hash_md5":"9b669ac9bfd767cb8376444b58c08733","name":"ct_quantum.png","is_logo":"Y","hash_crc32c":"4d94b7ec","filesize":133235,"asset_id":665,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_quantum.png"}],"title":"QOLOSSUS","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"There’s a new emerging tech in town, and it’s name is Quantum! Following the past two years of Quantum CTF events held at the Quantum Village, we are pleased, proud, and excited to announce that our Q-CTF is indeed returning as Codename; QOLOSSUS! Pit your wits against the Atom, and come and see what devilish challenges from our Quantum Quizmasters await. Come and show your quantum prowess, and mastery of superposition and entanglement - design algorithms to break cryptography, hack our simulated quantum communications, and score points in our IRL activities. |Good Luck!〉","updated_timestamp":{"seconds":1722307112,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:38:32Z","links":[{"label":"Website","type":"link","url":"https://quantumvillage.org/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249316"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249303"}],"end":"2024-08-11T20:00:00.000-0000","id":55971,"tag_ids":[46426,46439,46786],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is going to be an interactive live game that is driven by a near future storyline in which deepfakes and forgeries are so difficult to detect that bad actors and foreign governments are fully engaged in a war over people's minds. At the same time, the world is sitting on the brink of the so-called \"singularity,\" as AI advancements have completely blurred the line between artificial and natural cognition, and the Turing test has been rendered decisively moot.\r\n\r\nTeams will join the game and follow the storyline to clues that will give them hints about who they can trust and who they can't. The clues will follow the pattern of deepfakes and forgeries, asking players to figure out what's real and what's not, focusing on hacker and defcon focus areas such as authentication, trust, social engineering, hardware and software manipulation and more. They will be given a rich story that will lead them to research the underlying issues in trust and anonymous trust systems. They will also encounter challenges and tutorials on video and image validation and cryptographically safe messaging.\n\n\n","media":[{"hash_sha256":"5623af21fb9072f5866b3488e326d3582c44c0756e9bbfa94eae7e26318a73eb","filetype":"image/png","hash_md5":"ebb531e8ad802f8d5fb24e19e23f46f4","name":"ct_reali7y-overrun.png","is_logo":"Y","hash_crc32c":"14fd2e42","filesize":577690,"asset_id":701,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_reali7y-overrun.png"}],"title":"REALI7Y OVERRUN","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"This is going to be an interactive live game that is driven by a near future storyline in which deepfakes and forgeries are so difficult to detect that bad actors and foreign governments are fully engaged in a war over people's minds. At the same time, the world is sitting on the brink of the so-called \"singularity,\" as AI advancements have completely blurred the line between artificial and natural cognition, and the Turing test has been rendered decisively moot.\r\n\r\nTeams will join the game and follow the storyline to clues that will give them hints about who they can trust and who they can't. The clues will follow the pattern of deepfakes and forgeries, asking players to figure out what's real and what's not, focusing on hacker and defcon focus areas such as authentication, trust, social engineering, hardware and software manipulation and more. They will be given a rich story that will lead them to research the underlying issues in trust and anonymous trust systems. They will also encounter challenges and tutorials on video and image validation and cryptographically safe messaging.","updated_timestamp":{"seconds":1722306602,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:30:02Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249299"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249298"}],"end":"2024-08-11T20:00:00.000-0000","id":55968,"tag_ids":[46426,46439,46787],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-E","hotel":"","short_name":"HW4-02-02-E","id":46366},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Travel the seven seas to the seven wonders across time to test your skills across both old and new worlds. Every journey's end yields its own reward, but there is only one who can claim to be the first to the summit. Bring your entire tech arsenal or just a phone. Start at the broken compass and push forward into the known to seek the unknown. Wonders, plunder, and glory to those who test the waters and themselves.\n\n\n","media":[{"hash_sha256":"c00793a49e66e3875320bb6aa8a333a128342b9aff35ce0f359a692aa3adfcef","filetype":"image/png","hash_md5":"a764d88ab305ab55ecd270635fc1d6e7","name":"ct_venator-aurum.png","is_logo":"Y","hash_crc32c":"f705c79f","filesize":162235,"asset_id":661,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_venator-aurum.png"}],"title":"venator aurum - A Treasure Hunt","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Travel the seven seas to the seven wonders across time to test your skills across both old and new worlds. Every journey's end yields its own reward, but there is only one who can claim to be the first to the summit. Bring your entire tech arsenal or just a phone. Start at the broken compass and push forward into the known to seek the unknown. Wonders, plunder, and glory to those who test the waters and themselves.","updated_timestamp":{"seconds":1722305020,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:03:40Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249282"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249283"},{"label":"More Info","type":"link","url":"https://venatoraurum.org"}],"end":"2024-08-11T20:00:00.000-0000","id":55957,"tag_ids":[46427,46439,46792],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:03:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Red Team Capture the Flag (CTF) competition is back at DEFCON! It is a challenging and exciting event that tests the skills of participants in offensive security.\r\n\r\nThe Red Team CTF is designed to simulate real-world challenges in which attackers are put to the test. Participants are expected to use a wide range of hacking techniques, tools, and skills to identify and exploit vulnerabilities.\r\n\r\nTeams are typically composed of experienced hackers, penetration testers, and security researchers who have a deep understanding of the latest cybersecurity threats and attack techniques. They must work together to uncover and exploit vulnerabilities and solve challenges.\r\n\r\nThe Red Team CTF at DEFCON is considered one of the most challenging and prestigious CTF competitions in the world, with participants coming from all over the globe to compete. It is a high-pressure, high-stakes event that tests the limits of participants' technical and strategic abilities, and offers a unique opportunity to showcase their skills and knowledge in front of a global audience of Hackers.\n\n\n","media":[{"hash_sha256":"2bf4c805c5199cf58ff7b99c52832fc1bf226ca9687e583667a7725b361d989e","filetype":"image/png","hash_md5":"61c3a856daea14c6fd3d7d213a8048f9","name":"v_redteam2024.png","is_logo":"Y","hash_crc32c":"f14aab22","filesize":209749,"asset_id":719,"sort_order":1,"url":"https://info.defcon.org/blobs/v_redteam2024.png"}],"title":"Red Team Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"The Red Team Capture the Flag (CTF) competition is back at DEFCON! It is a challenging and exciting event that tests the skills of participants in offensive security.\r\n\r\nThe Red Team CTF is designed to simulate real-world challenges in which attackers are put to the test. Participants are expected to use a wide range of hacking techniques, tools, and skills to identify and exploit vulnerabilities.\r\n\r\nTeams are typically composed of experienced hackers, penetration testers, and security researchers who have a deep understanding of the latest cybersecurity threats and attack techniques. They must work together to uncover and exploit vulnerabilities and solve challenges.\r\n\r\nThe Red Team CTF at DEFCON is considered one of the most challenging and prestigious CTF competitions in the world, with participants coming from all over the globe to compete. It is a high-pressure, high-stakes event that tests the limits of participants' technical and strategic abilities, and offers a unique opportunity to showcase their skills and knowledge in front of a global audience of Hackers.","updated_timestamp":{"seconds":1722304921,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:02:01Z","links":[{"label":"Sub-Forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250035"}],"end":"2024-08-11T19:00:00.000-0000","id":55954,"tag_ids":[46392,46427,46439,46789],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-05-C","hotel":"","short_name":"HW4-01-05-C","id":46353},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In-Person Contest\r\nFriday and Saturday: 10:00-18:00; Sunday: 10:00-12:00\r\n\r\nThe Return of ? Cube \r\n\r\n? Cube returns, weaving a tale that transcends the ordinary. This year, engagement is not just a theme—it's a journey through the multidimensional realms of hacking. Progressive Puzzles: Unlock the secrets of each compartment as you journey through progressively harder puzzles. From the Front's gentle introduction to the Top's formidable challenges, the Cube invites you to engage with the spectrum of cybersecurity domains. Physical Entry Unleashed: In a bold evolution, physical entry becomes a key component. Navigate the tangible aspects of physical entry, decoding not only in the digital realm but also as you immerse yourself physically in the enigmatic sides of ? Cube. Cryptic Narratives: As each compartment unfolds, the narrative of engagement takes shape. The puzzles, touching on encryption, penetration testing, and beyond. Silent Intricacies: Engage not only with the puzzles but also with the silent intricacies woven into the physical challenges. Decrypt messages, decipher patterns, and embrace the essence of Defcon as you navigate the unseen and the tangible. Embark on the Engage Journey: ? Cube calls upon the curious and the bold. Embark on a journey where the puzzles transcend the digital divide, demanding both mental acuity and physical prowess. H4QEG5LCMUQEAICEMVTGG33OEAZTEICSMVQWI6JAORXSAZLOM5QWOZJ7\n\n\n","media":[{"hash_sha256":"d0e2dbb822f2d701836ee0e14952d5df4b6d830bfa606ab2b50a5a1edab2dabd","filetype":"image/png","hash_md5":"c33dfe5aaced7041c948e7b2e45ba78f","name":"ct_0x3f-cube.png","is_logo":"Y","hash_crc32c":"6b1ba7fa","filesize":272722,"asset_id":622,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_0x3f-cube.png"}],"title":"? Cube","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"In-Person Contest\r\nFriday and Saturday: 10:00-18:00; Sunday: 10:00-12:00\r\n\r\nThe Return of ? Cube \r\n\r\n? Cube returns, weaving a tale that transcends the ordinary. This year, engagement is not just a theme—it's a journey through the multidimensional realms of hacking. Progressive Puzzles: Unlock the secrets of each compartment as you journey through progressively harder puzzles. From the Front's gentle introduction to the Top's formidable challenges, the Cube invites you to engage with the spectrum of cybersecurity domains. Physical Entry Unleashed: In a bold evolution, physical entry becomes a key component. Navigate the tangible aspects of physical entry, decoding not only in the digital realm but also as you immerse yourself physically in the enigmatic sides of ? Cube. Cryptic Narratives: As each compartment unfolds, the narrative of engagement takes shape. The puzzles, touching on encryption, penetration testing, and beyond. Silent Intricacies: Engage not only with the puzzles but also with the silent intricacies woven into the physical challenges. Decrypt messages, decipher patterns, and embrace the essence of Defcon as you navigate the unseen and the tangible. Embark on the Engage Journey: ? Cube calls upon the curious and the bold. Embark on a journey where the puzzles transcend the digital divide, demanding both mental acuity and physical prowess. H4QEG5LCMUQEAICEMVTGG33OEAZTEICSMVQWI6JAORXSAZLOM5QWOZJ7","updated_timestamp":{"seconds":1722304182,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T01:49:42Z","links":[{"label":"More Info","type":"link","url":"https://0x3fcube.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249434"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249433"}],"end":"2024-08-11T19:00:00.000-0000","id":55951,"tag_ids":[46427,46439,46749],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02","hotel":"","short_name":"HW4-02-02","id":46361},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T01:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AND!XOR creates electronic badges filled with hacker challenges. We love doing this, especially coming up with unique ways for hackers to earn them. Introducing the newest member of our hacker-fam: 5N4CK3Y (Snackey). 5N4CK3Y is a vending machine hardware hacking project from AND!XOR. We retrofitted it into an IoT CTF based badge dispensing machine, bling and all. Find a flag on our web hosted CTF platform, you get a 5N4CK3Y dispense code, punch it in, and a badge is vended to you! There are a variety of challenges to earn a badge as well others to continue working on the badge itself once obtained. These span from hardware hacking, reverse engineering, OSINT, network security, and cryptography to name a few. There's a little bit of everything, so it's a perfect way to learn something at one of the many DEF CON villages and talking with people you meet, then attempt one of the CTF challenges to dispense a badge. Hardware hacking is our passion and we want people to learn on badges, but more importantly that there's a lot to learn at DEF CON so our CTF will hopefully serve a desire to learn something new and meet new friends while trying to earn a badge and hack it further.\n\n\n","media":[{"hash_sha256":"8ac69ab38e4119808de39c34aef0629a1bcfb5eb60ab6d7d351a3e37b5533f13","filetype":"image/png","hash_md5":"689e0fcdb0dd612c191cd25482435f76","name":"ct_5n4ck3y.png","is_logo":"Y","hash_crc32c":"dc7e4cd6","filesize":6283,"asset_id":621,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_5n4ck3y.png"}],"title":"5N4CK3Y Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"AND!XOR creates electronic badges filled with hacker challenges. We love doing this, especially coming up with unique ways for hackers to earn them. Introducing the newest member of our hacker-fam: 5N4CK3Y (Snackey). 5N4CK3Y is a vending machine hardware hacking project from AND!XOR. We retrofitted it into an IoT CTF based badge dispensing machine, bling and all. Find a flag on our web hosted CTF platform, you get a 5N4CK3Y dispense code, punch it in, and a badge is vended to you! There are a variety of challenges to earn a badge as well others to continue working on the badge itself once obtained. These span from hardware hacking, reverse engineering, OSINT, network security, and cryptography to name a few. There's a little bit of everything, so it's a perfect way to learn something at one of the many DEF CON villages and talking with people you meet, then attempt one of the CTF challenges to dispense a badge. Hardware hacking is our passion and we want people to learn on badges, but more importantly that there's a lot to learn at DEF CON so our CTF will hopefully serve a desire to learn something new and meet new friends while trying to earn a badge and hack it further.","updated_timestamp":{"seconds":1722304084,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T01:48:04Z","links":[{"label":"Twitter (@ANDnXOR)","type":"link","url":"https://twitter.com/ANDnXOR"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249432"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249431"}],"end":"2024-08-11T19:00:00.000-0000","id":55948,"tag_ids":[46427,46439,46748],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-B","hotel":"","short_name":"HW4-02-01-B","id":46357},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Car Hacking Village CTF is a fun interactive challenge which gives contestants first hand experience to interact with automotive technologies. We work with multiple automotive OEMs and suppliers to ensure our challenges give a real-world experience to car hacking. We understand hacking cars can be expensive, so please come check out our village and flex your skills in hacking automotive technologies.\r\n\r\nWith the largest collection of hackers in one area, there's no better way to understand the security state of an industry without bringing it to security professionals to break. Over the past 10 years, the Car Hacking Village has been the focal point of interest for new hackers entering the automotive industry to learn, be a part of and actually test out automotive technologies. We plan to use this event to keep drawing attention to the automotive security industry through hands-on challenges.\n\n\n","media":[{"hash_sha256":"e781ae0757165e1901f38152e551557644051f49e9b80b6665d211c8d0436358","filetype":"image/png","hash_md5":"e839c04dbe99f926b0ae9ee3ee703da3","name":"ct_car-hacking.png","is_logo":"Y","hash_crc32c":"fbca36e3","filesize":111066,"asset_id":629,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_car-hacking.png"}],"title":"Car Hacking Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"The Car Hacking Village CTF is a fun interactive challenge which gives contestants first hand experience to interact with automotive technologies. We work with multiple automotive OEMs and suppliers to ensure our challenges give a real-world experience to car hacking. We understand hacking cars can be expensive, so please come check out our village and flex your skills in hacking automotive technologies.\r\n\r\nWith the largest collection of hackers in one area, there's no better way to understand the security state of an industry without bringing it to security professionals to break. Over the past 10 years, the Car Hacking Village has been the focal point of interest for new hackers entering the automotive industry to learn, be a part of and actually test out automotive technologies. We plan to use this event to keep drawing attention to the automotive security industry through hands-on challenges.","updated_timestamp":{"seconds":1722273461,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-29T17:17:41Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249399"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249398"},{"label":"Twitter (@CarHackVillage)","type":"link","url":"https://twitter.com/CarHackVillage"},{"label":"More Info","type":"link","url":"https://www.carhackingvillage.com/"}],"end":"2024-08-11T19:00:00.000-0000","id":55945,"tag_ids":[46375,46427,46439,46747],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-01","hotel":"","short_name":"HW4-01-01","id":46273},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-29T17:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"## CHV 101\r\n\r\nThis booth will have several reverse engineer demonstrations and an automotive threat intelligence review. \r\n\r\n- Reverse Engineering Demonstration(s)\r\n- Live vehicle communications via remote controls\r\n- EV-based Hardware-in-the-Loop (HIL) demonstrations\r\n- Automotive Threat Intelligence\r\n- How to gather threat intelligence related to the automotive industry\r\n- What the current threat landscape looks like today\r\n\r\n## CHV CTF\r\n\r\nThere will be 10-15 automotive security CTF challenges this year ranging from reverse engineering, telemetry, grand theft auto, crypto, vehicle networks, and exploitation. \r\n\r\n1st place prize is a car!\r\n\r\n## CHV Kids\r\n\r\nA fun scavenger hunt designed for DCNextGen kids to participate in and learn about the Car Hacking Village. \r\n\r\nThere will be swag items handed out to the kids as they move through the scavenger hunt. \r\n\r\n## CHV Mechanics\r\n\r\nThere will be 1 Semi-Truck and 2 Electric Vehicles on site for people to plug into. \r\n\r\nDEFCON attendees must follow the rules for each of the vehicles. There will be large ORANGE signs with the rules detailed on them.\n\n\n","media":[{"hash_sha256":"ccde738b12c7c58aff986949ac20eaf7066dfb8d710349a422699273aa0579a1","filetype":"image/png","hash_md5":"fc0eba7a6d691cdd9aa385cd0bb1eece","name":"v_CarHacking.png","is_logo":"Y","hash_crc32c":"d845a1a6","filesize":249973,"asset_id":601,"sort_order":0,"url":"https://info.defcon.org/blobs/v_CarHacking.png"}],"title":"Car Hacking Village Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"## CHV 101\r\n\r\nThis booth will have several reverse engineer demonstrations and an automotive threat intelligence review. \r\n\r\n- Reverse Engineering Demonstration(s)\r\n- Live vehicle communications via remote controls\r\n- EV-based Hardware-in-the-Loop (HIL) demonstrations\r\n- Automotive Threat Intelligence\r\n- How to gather threat intelligence related to the automotive industry\r\n- What the current threat landscape looks like today\r\n\r\n## CHV CTF\r\n\r\nThere will be 10-15 automotive security CTF challenges this year ranging from reverse engineering, telemetry, grand theft auto, crypto, vehicle networks, and exploitation. \r\n\r\n1st place prize is a car!\r\n\r\n## CHV Kids\r\n\r\nA fun scavenger hunt designed for DCNextGen kids to participate in and learn about the Car Hacking Village. \r\n\r\nThere will be swag items handed out to the kids as they move through the scavenger hunt. \r\n\r\n## CHV Mechanics\r\n\r\nThere will be 1 Semi-Truck and 2 Electric Vehicles on site for people to plug into. \r\n\r\nDEFCON attendees must follow the rules for each of the vehicles. There will be large ORANGE signs with the rules detailed on them.","updated_timestamp":{"seconds":1722273345,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-29T17:15:45Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55942,"tag_ids":[46375,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-01","hotel":"","short_name":"HW4-01-01","id":46273},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-29T17:15:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A scenario-driven Capture the Flag contest, pits teams of participants against adversaries and a clock, to protect human life and public safety. Participants compete against each other on both real and simulated medical devices, integrated into the fully immersive Biohacking Village: Device Lab, laid out as a working hospital. \r\n\r\nChallenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with protocols like DICOM, HL7 and FHIR.\r\n\r\n# 2024 Capture the Flag Challenge\r\n\r\nWelcome, elite hackers and cyber sleuths, to a CTF experience like no other - the \"Code D.A.R.K. : Biohacking Village CTF Challenge\".\r\n \r\nMerge the worlds of biology and cybersecurity in an adrenaline-pumping contest that tests your skills in ways you've never imagined. Thrilling and challenging cybersecurity adventure centered around a hospital setting as a scenario where participants engage in a race against time to secure or retrieve critical medical data, navigating through various cybersecurity puzzles and challenges, where participants act as guardians of critical biological data. \r\n\r\nUnravel Biological Mysteries: Dive into a narrative where biotechnology meets cyber-warfare. Decode genetic puzzles, breach virtual lab networks, and outsmart bioinformatics security systems.\r\n\r\nElevate Your Hacking Game: Challenge yourself with unique biocybersecurity scenarios. This isn't your typical CTF - it's a fusion of biotech intrigue and hardcore hacking.\r\n\r\nCompete and Collaborate: Team up with fellow biohackers and cyber warriors. Share knowledge, strategize, and show off your skills in a community where biology and bits intersect.\r\n\r\nGear Up for a Cyber-Biotech Showdown\r\n\r\nImmersive Scenarios: Each challenge is a step into a world where safeguarding biological data is as critical as securing digital assets.\r\n\r\nSkill Diversity: Whether you're a veteran hacker or a biotech enthusiast, Code D.A.R.K. offers a range of puzzles that cater to a wide array of skills and interests.\r\n\r\n - OT/IT\r\n - Medical devices\r\n - Hospital infrastructure\r\n - Regulatory and international affairs\r\n - Robotics\r\n - Data\r\n - **Mark your calendars** and set your alarms because the action kicks off on Friday, August 9th at 1000 PDT.\r\n - **Play from anywhere in the world!** CTF open hours are as follows: \r\n - Friday, August 9th from 10am PST - 6pm PDT\r\n - Saturday, August 10th from 10am PST - 6pm PDT\r\n - Sunday, August 11th from 10am PST - 12pm PDT\r\n\r\n# RULES\r\n\r\n## REGISTRATION\r\n\r\nParticipants may only register once for this challenge. If participants register for this challenge more than once, the whole teams with a participant that registered multiple times will be disqualified.\r\n\r\nBy registering, participants agree that their accounts may be rejected or terminated and all submissions by them and/or their Team may be disqualified if any of the information in their account is incorrect.\r\n\r\nParticipants must agree to and abide by the [Code of Conduct](https://www.villageb.io/code-of-conduct) while participating in the Biohacking Village Capture the Flag. Anyone who will conduct themselves against the CoC will be eliminated from competition and banned forever.\r\n\r\n## TEAMS\r\n\r\nAfter participants register individually, they may work alone (team of one) or on one team with other challenge participants. To work on a team, they may either create a new team or join one that is pre-existing ( if a participant wishes to join a team or offer others to join, they can do so in the #ctf-st-elvis-teambuilding Discord Channel)\r\n\r\nThe maximum number of team members is five (5).\r\n\r\nAll teams must designate a Team Captain. A Team Captain serves as the official contact person for a team: this person should provide accurate and complete contact information to ensure that CTF organizers can reach their team if needed.\r\n\r\nEach member of the team must be a registered participant in the CTF.\r\n\r\nIf participants choose to join a team, then they may not simultaneously participate as an individual or another team. \r\n\r\n## CHALLENGE SUBMISSIONS\r\n\r\nAll submissions must be received during the Challenge period. Submissions posted after the posted time frame will be disqualified.\r\n\r\nParticipants may get an answer but it will forfeit their points for that challenge. Even if the flag they tried before was similar. The decision to get the answer is final for zero points.\r\n\r\n## CHALLENGE SCORING\r\n\r\nEach submission has set value known beforehand in the challenge description\r\n\r\nThe winning teams will be decided based on the number of the accumulated points during the CTF timeframe. In case two teams accumulate the same amount of points, the team that reached the amount of points in question faster will be the winner.\r\n\r\n## CHALLENGE DISQUALIFICATION\r\n\r\nWhole team gets disqualified if any of the following applies:\r\n\r\n - One or multiple team members have registered more than once\r\n - One or multiple team members will not follow [Code of Conduct](https://www.villageb.io/code-of-conduct) (applies to any of the Biohacking village platforms or social media)\r\n - Any offensive behaviour such as attacking the Biohacking Village infrastructure, denial of service, or escaping the boundaries set by the CTF or Device Lab environment\r\n\r\n## PRIVACY\r\n\r\nUnless stated otherwise on the mainsite, we do not share any information about participants with anyone. Some events or conferences might have/require other rules, in that case it will be noted on the CTFd site.\n\n\n","media":[{"hash_sha256":"b29c833000316f6b3af2c5cc50e33ccb1756f89fb27d54aba3d5a961337c91de","filetype":"image/png","hash_md5":"8209d940757db7a341e0db2b17618f70","name":"ct_bhv-ctf.png","is_logo":"Y","hash_crc32c":"2c477ed5","filesize":54217,"asset_id":627,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_bhv-ctf.png"}],"title":"Biohacking Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"A scenario-driven Capture the Flag contest, pits teams of participants against adversaries and a clock, to protect human life and public safety. Participants compete against each other on both real and simulated medical devices, integrated into the fully immersive Biohacking Village: Device Lab, laid out as a working hospital. \r\n\r\nChallenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with protocols like DICOM, HL7 and FHIR.\r\n\r\n# 2024 Capture the Flag Challenge\r\n\r\nWelcome, elite hackers and cyber sleuths, to a CTF experience like no other - the \"Code D.A.R.K. : Biohacking Village CTF Challenge\".\r\n \r\nMerge the worlds of biology and cybersecurity in an adrenaline-pumping contest that tests your skills in ways you've never imagined. Thrilling and challenging cybersecurity adventure centered around a hospital setting as a scenario where participants engage in a race against time to secure or retrieve critical medical data, navigating through various cybersecurity puzzles and challenges, where participants act as guardians of critical biological data. \r\n\r\nUnravel Biological Mysteries: Dive into a narrative where biotechnology meets cyber-warfare. Decode genetic puzzles, breach virtual lab networks, and outsmart bioinformatics security systems.\r\n\r\nElevate Your Hacking Game: Challenge yourself with unique biocybersecurity scenarios. This isn't your typical CTF - it's a fusion of biotech intrigue and hardcore hacking.\r\n\r\nCompete and Collaborate: Team up with fellow biohackers and cyber warriors. Share knowledge, strategize, and show off your skills in a community where biology and bits intersect.\r\n\r\nGear Up for a Cyber-Biotech Showdown\r\n\r\nImmersive Scenarios: Each challenge is a step into a world where safeguarding biological data is as critical as securing digital assets.\r\n\r\nSkill Diversity: Whether you're a veteran hacker or a biotech enthusiast, Code D.A.R.K. offers a range of puzzles that cater to a wide array of skills and interests.\r\n\r\n - OT/IT\r\n - Medical devices\r\n - Hospital infrastructure\r\n - Regulatory and international affairs\r\n - Robotics\r\n - Data\r\n - **Mark your calendars** and set your alarms because the action kicks off on Friday, August 9th at 1000 PDT.\r\n - **Play from anywhere in the world!** CTF open hours are as follows: \r\n - Friday, August 9th from 10am PST - 6pm PDT\r\n - Saturday, August 10th from 10am PST - 6pm PDT\r\n - Sunday, August 11th from 10am PST - 12pm PDT\r\n\r\n# RULES\r\n\r\n## REGISTRATION\r\n\r\nParticipants may only register once for this challenge. If participants register for this challenge more than once, the whole teams with a participant that registered multiple times will be disqualified.\r\n\r\nBy registering, participants agree that their accounts may be rejected or terminated and all submissions by them and/or their Team may be disqualified if any of the information in their account is incorrect.\r\n\r\nParticipants must agree to and abide by the [Code of Conduct](https://www.villageb.io/code-of-conduct) while participating in the Biohacking Village Capture the Flag. Anyone who will conduct themselves against the CoC will be eliminated from competition and banned forever.\r\n\r\n## TEAMS\r\n\r\nAfter participants register individually, they may work alone (team of one) or on one team with other challenge participants. To work on a team, they may either create a new team or join one that is pre-existing ( if a participant wishes to join a team or offer others to join, they can do so in the #ctf-st-elvis-teambuilding Discord Channel)\r\n\r\nThe maximum number of team members is five (5).\r\n\r\nAll teams must designate a Team Captain. A Team Captain serves as the official contact person for a team: this person should provide accurate and complete contact information to ensure that CTF organizers can reach their team if needed.\r\n\r\nEach member of the team must be a registered participant in the CTF.\r\n\r\nIf participants choose to join a team, then they may not simultaneously participate as an individual or another team. \r\n\r\n## CHALLENGE SUBMISSIONS\r\n\r\nAll submissions must be received during the Challenge period. Submissions posted after the posted time frame will be disqualified.\r\n\r\nParticipants may get an answer but it will forfeit their points for that challenge. Even if the flag they tried before was similar. The decision to get the answer is final for zero points.\r\n\r\n## CHALLENGE SCORING\r\n\r\nEach submission has set value known beforehand in the challenge description\r\n\r\nThe winning teams will be decided based on the number of the accumulated points during the CTF timeframe. In case two teams accumulate the same amount of points, the team that reached the amount of points in question faster will be the winner.\r\n\r\n## CHALLENGE DISQUALIFICATION\r\n\r\nWhole team gets disqualified if any of the following applies:\r\n\r\n - One or multiple team members have registered more than once\r\n - One or multiple team members will not follow [Code of Conduct](https://www.villageb.io/code-of-conduct) (applies to any of the Biohacking village platforms or social media)\r\n - Any offensive behaviour such as attacking the Biohacking Village infrastructure, denial of service, or escaping the boundaries set by the CTF or Device Lab environment\r\n\r\n## PRIVACY\r\n\r\nUnless stated otherwise on the mainsite, we do not share any information about participants with anyone. Some events or conferences might have/require other rules, in that case it will be noted on the CTFd site.","updated_timestamp":{"seconds":1722215343,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-29T01:09:03Z","links":[{"label":"More Info","type":"link","url":"https://www.villageb.io/capture-the-flag"}],"end":"2024-08-11T20:00:00.000-0000","id":55939,"tag_ids":[46371,46427,46439,46746],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-07","hotel":"","short_name":"HW3-05-07","id":46269},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-29T01:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Device Lab is highly-collaborative environment where security researchers test medical instruments, applications, and devices in real-time from participating Medical Device Manufacturers. Any potential issues are reported directly to the manufacturer, and coordinated vulnerability disclosures are produced.\r\n\r\nAs part of their product security programs, their proactive initiatives to test their products, and to enhance the cybersecurity of their medical technologies, select medical device makers are teaming up with the Biohacking Village.\r\n\r\nThese manufacturers are inviting security researchers to learn and to test their products in dedicated spaces set aside for them. Their staff will answer questions, educate researchers, and triage any potential security issues. Researchers who perform testing should expect to follow the manufacturers’ published coordinated vulnerability disclosure policy and report any potential issues found so they can be addressed. Security researchers must sign the Hippocratic Oath for Hackers and agree to the framework of boundaries and rules of engagement during and post conference engagement.\r\n\r\nWe have 10 manufacturers with 21 devices. You can find more information about the devices and each manufacturer's Vulnerability Disclosure Policy [here](https://www.villageb.io/device-lab).\n\n\n","media":[{"hash_sha256":"b57047f46800afe2ff021580e4f9e39ea7252a7f51b0f0fb3ba1a9f748a50de9","filetype":"image/png","hash_md5":"aa9ea400be95b7313ae2d044541cb9b4","name":"v_biohacking_village.png","is_logo":"Y","hash_crc32c":"83f838d1","filesize":47901,"asset_id":581,"sort_order":0,"url":"https://info.defcon.org/blobs/v_biohacking_village.png"}],"title":"Biohacking Village: Device Lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The Device Lab is highly-collaborative environment where security researchers test medical instruments, applications, and devices in real-time from participating Medical Device Manufacturers. Any potential issues are reported directly to the manufacturer, and coordinated vulnerability disclosures are produced.\r\n\r\nAs part of their product security programs, their proactive initiatives to test their products, and to enhance the cybersecurity of their medical technologies, select medical device makers are teaming up with the Biohacking Village.\r\n\r\nThese manufacturers are inviting security researchers to learn and to test their products in dedicated spaces set aside for them. Their staff will answer questions, educate researchers, and triage any potential security issues. Researchers who perform testing should expect to follow the manufacturers’ published coordinated vulnerability disclosure policy and report any potential issues found so they can be addressed. Security researchers must sign the Hippocratic Oath for Hackers and agree to the framework of boundaries and rules of engagement during and post conference engagement.\r\n\r\nWe have 10 manufacturers with 21 devices. You can find more information about the devices and each manufacturer's Vulnerability Disclosure Policy [here](https://www.villageb.io/device-lab).","updated_timestamp":{"seconds":1722214645,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-29T00:57:25Z","links":[{"label":"More Info","type":"link","url":"https://www.villageb.io/device-lab"},{"label":"Hippocractic Oath for Hackers","type":"link","url":"https://www.villageb.io/hippocractic-oath"}],"end":"2024-08-11T20:00:00.000-0000","id":55937,"tag_ids":[46371,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-07","hotel":"","short_name":"HW3-05-07","id":46269},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-29T00:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cloud attacks continue to evolve e.g., AWS enumeration without logging (Fourchette), Azure OAuth tokens used for EoP and persistence (Blizzard), Cloud Shell backdoors, code abuse in GSuite scripting (Bryant), and tool evolution (Rhinolabs pacu), with current defensive approaches of lagging further and further behind.\n\nThis talk covers research and tooling to improve cloud defenses in AWS, Azure, and GCP, using more stealthy measures which complement existing techniques. We call the approach cloud tripwires, which involves stealthy defensive techniques that can provide low-FP detections of malicious actors.\n\nThrough analysis of cloud provider IAM design, published attack techniques and common attack tools, we show multiple stealthy detection techniques such as: restricted admin roles that are not used by valid users; seeding of the restricted admin roles in regular user policies; honey resources (buckets, files) with detections to flag access; seeding of honey resources within user policies; cached honey credentials seeded in CLI installations in external client environments, EC2 instances, and Cloud Shells; unrestricted cross-account roles to restricted accounts; metadata proxy/iptables config on EC2 instances that issue restricted temporary tokens; and full CRUD/reporting/auditing functionality.\n\n\n","media":[],"title":"Cloud Tripwires: fighting stealth with stealth","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T17:35:00Z","end_timestamp":{"seconds":1723397700,"nanoseconds":0},"android_description":"Cloud attacks continue to evolve e.g., AWS enumeration without logging (Fourchette), Azure OAuth tokens used for EoP and persistence (Blizzard), Cloud Shell backdoors, code abuse in GSuite scripting (Bryant), and tool evolution (Rhinolabs pacu), with current defensive approaches of lagging further and further behind.\n\nThis talk covers research and tooling to improve cloud defenses in AWS, Azure, and GCP, using more stealthy measures which complement existing techniques. We call the approach cloud tripwires, which involves stealthy defensive techniques that can provide low-FP detections of malicious actors.\n\nThrough analysis of cloud provider IAM design, published attack techniques and common attack tools, we show multiple stealthy detection techniques such as: restricted admin roles that are not used by valid users; seeding of the restricted admin roles in regular user policies; honey resources (buckets, files) with detections to flag access; seeding of honey resources within user policies; cached honey credentials seeded in CLI installations in external client environments, EC2 instances, and Cloud Shells; unrestricted cross-account roles to restricted accounts; metadata proxy/iptables config on EC2 instances that issue restricted temporary tokens; and full CRUD/reporting/auditing functionality.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55497],"conference_id":133,"event_ids":[55926],"name":"Jenko Hwong","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"jenkohwong","sort_order":0,"url":"https://jenkohwong"}],"media":[],"id":56012}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-11T17:35:00.000-0000","id":55926,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56012}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Chill out space to relax with us in a safe place. Grab a non-alcoholic drink, unleash your creativity and unwind with our art therapy, and connect with women and underrepresented communities working in security and privacy.\n\n\n","media":[],"title":"WISP Community & Inclusion Room","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Chill out space to relax with us in a safe place. Grab a non-alcoholic drink, unleash your creativity and unwind with our art therapy, and connect with women and underrepresented communities working in security and privacy.","updated_timestamp":{"seconds":1722206838,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T22:47:18Z","links":[{"label":"Website","type":"link","url":"https://www.wisporg.com/"}],"end":"2024-08-11T20:00:00.000-0000","id":55900,"tag_ids":[46410,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-04","hotel":"","short_name":"HW3-05-04","id":46266},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-28T22:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This contest is simple, and is designed to teach you the basics of transmitter direction finding and “fox hunting”. We offer multiple levels of difficulty – whether you’ve never done a fox hunt before or are a seasoned pro, you can participate in the hunt! Learning how to locate the source of radio signals is an important tool you can add to your hacker arsenal. Whether you’re hunting for a source of interference, a rogue wireless AP, or tracking down the FCC’s monitoring vans, the real-world skills you will gain from this contest will be invaluable.\r\n\r\nTo participate in the beginner IR foxhunt you will need a device that can receive IR light in the 900nm range – such as many cell phones and digital cameras!\r\n\r\nTo participate in the RF foxhunt(s) you will need a radio or a scanner that can receive signals in the 2m and/or 70cm Amateur Radio Bands (144.000 MHz - 146.000 MHz, 420.000 MHZ - 450.000 MHz)\n\n\n","media":[{"hash_sha256":"eaa2e18ed376870b0b3ebb931ebea74844c1032d6e048968b87b07d86e184b3a","filetype":"image/png","hash_md5":"0f6296e86e5676264624f7692fbe4ca2","name":"ct_ham-fox-hunt.png","is_logo":"Y","hash_crc32c":"c9eab3b2","filesize":83132,"asset_id":646,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_ham-fox-hunt.png"}],"title":"Ham Radio Fox Hunt","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"This contest is simple, and is designed to teach you the basics of transmitter direction finding and “fox hunting”. We offer multiple levels of difficulty – whether you’ve never done a fox hunt before or are a seasoned pro, you can participate in the hunt! Learning how to locate the source of radio signals is an important tool you can add to your hacker arsenal. Whether you’re hunting for a source of interference, a rogue wireless AP, or tracking down the FCC’s monitoring vans, the real-world skills you will gain from this contest will be invaluable.\r\n\r\nTo participate in the beginner IR foxhunt you will need a device that can receive IR light in the 900nm range – such as many cell phones and digital cameras!\r\n\r\nTo participate in the RF foxhunt(s) you will need a radio or a scanner that can receive signals in the 2m and/or 70cm Amateur Radio Bands (144.000 MHz - 146.000 MHz, 420.000 MHZ - 450.000 MHz)","updated_timestamp":{"seconds":1722184768,"nanoseconds":0},"speakers":[{"content_ids":[55432],"conference_id":133,"event_ids":[55855,55856,55857],"name":"Ham Radio Village Staff","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@HamRadioVillage"},{"description":"","title":"Website","sort_order":0,"url":"https://hamvillage.org"}],"media":[],"id":55973}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T16:39:28Z","links":[{"label":"More Info","type":"link","url":"https://hamvillage.org/dc32/"}],"end":"2024-08-11T20:00:00.000-0000","id":55857,"tag_ids":[46380,46427,46439,46743],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":55973}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-A","hotel":"","short_name":"HW4-02-02-A","id":46362},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-28T16:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"All content areas generally open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722141200,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T04:33:20Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55851,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-28T04:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this game capture the flag you will be presented with real configurations of real wireless and radio technologies to attack. Practice your skill and learn new ones from Radio Frequency IDentification (RFID) through Software Defined Radio (SDR) and up to Bluetooth and WiFi. There may even be Infrared, if you have the eye for it.\r\n\r\nRF Hackers Sanctuary is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 32. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\r\n\r\nWe cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\r\n\r\nThis game doesn’t let you sit still either, as there are numerous fox hunts, testing your skill in tracking various signals. If running around the conference looking for WiFi, Bluetooth, or even a Tire Pressure Monitoring System (TPMS) device sounds like fun, we are your source of a higher step count.\r\n\r\nThere will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.\n\n\n","media":[{"hash_sha256":"5f981ba5433d67bf2f8834a45bb258444769b295ae92186f2f68a4af3895f9c6","filetype":"image/png","hash_md5":"72e07d62ad0bbc2e291d84f343f14ae7","name":"ct_rfhs.png","is_logo":"Y","hash_crc32c":"5c2623fd","filesize":55723,"asset_id":657,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_rfhs.png"}],"title":"Radio Frequency Capture the Flag","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"In this game capture the flag you will be presented with real configurations of real wireless and radio technologies to attack. Practice your skill and learn new ones from Radio Frequency IDentification (RFID) through Software Defined Radio (SDR) and up to Bluetooth and WiFi. There may even be Infrared, if you have the eye for it.\r\n\r\nRF Hackers Sanctuary is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 32. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\r\n\r\nWe cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\r\n\r\nThis game doesn’t let you sit still either, as there are numerous fox hunts, testing your skill in tracking various signals. If running around the conference looking for WiFi, Bluetooth, or even a Tire Pressure Monitoring System (TPMS) device sounds like fun, we are your source of a higher step count.\r\n\r\nThere will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.","updated_timestamp":{"seconds":1722114431,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-27T21:07:11Z","links":[{"label":"Website","type":"link","url":"https://rfhackers.com"},{"label":"Scoreboard","type":"link","url":"https://scoreboard.rfhackers.com/"}],"end":"2024-08-11T20:00:00.000-0000","id":55846,"tag_ids":[46390,46439,46742],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-27T21:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"See who won in our village! During this time we’ll present the Youth Challenge winner, the #SECVC 1st and 2nd place winners, as well as the much-coveted Dundies! Then stick around as we have a panel interview with the winners to hear their story about their path to victory!\n\n\n","media":[],"title":"SECVC Awards & Competitor Panel + Youth Challenge Awards","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:30:00Z","end_timestamp":{"seconds":1723401000,"nanoseconds":0},"android_description":"See who won in our village! During this time we’ll present the Youth Challenge winner, the #SECVC 1st and 2nd place winners, as well as the much-coveted Dundies! Then stick around as we have a panel interview with the winners to hear their story about their path to victory!","updated_timestamp":{"seconds":1722103101,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-27T17:58:21Z","links":[],"end":"2024-08-11T18:30:00.000-0000","id":55836,"tag_ids":[46393,46511],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-27T17:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come check out the Social Engineering Community Village!\n\n\n","media":[],"title":"Social Engineering Community Village Hours","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"Come check out the Social Engineering Community Village!","updated_timestamp":{"seconds":1722102714,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-27T17:51:54Z","links":[{"label":"More Info","type":"link","url":"https://www.se.community/schedule/"}],"end":"2024-08-11T21:00:00.000-0000","id":55831,"tag_ids":[46393,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-27T17:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to tinker with locks and tools the likes of which you've only seen in movies featuring secret agents, daring heists, or covert entry teams?\r\n\r\nThen come on by the Lockpick Village, run by The Open Organization Of Lockpickers, where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised.\r\n\r\nThe Lockpick Village is a physical security demonstration and participation area. Visitors can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficultly to try it themselves.\r\n\r\nExperts will be on hand to demonstrate and plenty of trial locks, pick tools, and other devices will be available for you to handle. By exploring the faults and flaws in many popular lock designs, you can not only learn about the fun hobby of sport-picking, but also gain a much stronger knowledge about the best methods and practices for protecting your own property.\r\n\r\nA popular spot for new lock pickers! Highly recommended you stop by. The Lockpick Village is always kid friendly and welcomes folks of all ages. We do require that the parents stay with the kids.\n\n\n","media":[],"title":"Lockpicking Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Want to tinker with locks and tools the likes of which you've only seen in movies featuring secret agents, daring heists, or covert entry teams?\r\n\r\nThen come on by the Lockpick Village, run by The Open Organization Of Lockpickers, where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised.\r\n\r\nThe Lockpick Village is a physical security demonstration and participation area. Visitors can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficultly to try it themselves.\r\n\r\nExperts will be on hand to demonstrate and plenty of trial locks, pick tools, and other devices will be available for you to handle. By exploring the faults and flaws in many popular lock designs, you can not only learn about the fun hobby of sport-picking, but also gain a much stronger knowledge about the best methods and practices for protecting your own property.\r\n\r\nA popular spot for new lock pickers! Highly recommended you stop by. The Lockpick Village is always kid friendly and welcomes folks of all ages. We do require that the parents stay with the kids.","updated_timestamp":{"seconds":1722093520,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-27T15:18:40Z","links":[{"label":"Website","type":"link","url":"https://www.toool.us/"},{"label":"Twitter (@toool)","type":"link","url":"https://twitter.com/toool"}],"end":"2024-08-11T20:00:00.000-0000","id":55821,"tag_ids":[46384,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03-A","hotel":"","short_name":"HW2-07-03-A","id":46383},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-27T15:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you've never popped open an embedded device and tried to get a simple shell, this is the lab for you. This is a first-come first-served workshop where you can walk through the step by step instructions to finding and connecting to a debug interface on an embedded device.\n\n\n","media":[],"title":"101 Labs: Hardware Lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"If you've never popped open an embedded device and tried to get a simple shell, this is the lab for you. This is a first-come first-served workshop where you can walk through the step by step instructions to finding and connecting to a debug interface on an embedded device.","updated_timestamp":{"seconds":1722037214,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-26T23:40:14Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55818,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-26T23:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come and explore embedded communication by sniffing wireless traffic, exploring embedded servers, and finding flags hidden within.\n\n\n","media":[],"title":"Wireless & Networking workshop","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Come and explore embedded communication by sniffing wireless traffic, exploring embedded servers, and finding flags hidden within.","updated_timestamp":{"seconds":1722303624,"nanoseconds":0},"speakers":[{"content_ids":[55408],"conference_id":133,"event_ids":[55802,55809,55817],"name":"Alex Kelly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56029}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T01:40:24Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55817,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56029}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T01:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hack your first embedded system! Sit down at our provided laptops and be guided through exploiting an IP camera, then learn how you can set up the emulated camera (and other devices) at home with Ludus!\n\n\n","media":[],"title":"Emulating (and Hacking) Embedded Devices","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Hack your first embedded system! Sit down at our provided laptops and be guided through exploiting an IP camera, then learn how you can set up the emulated camera (and other devices) at home with Ludus!","updated_timestamp":{"seconds":1722037241,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-26T23:40:41Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55816,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-26T23:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come try a hands-on workshop on embedded computing using the new RP2350 processor from Raspberry Pi.  Lean about the security architecture in modern embedded microprocessors and tinker with it in person! Think you have what it takes to break our stuff? Come learn, say hi and give it a try!\n\n\n","media":[],"title":"Secure Microcontroller Workshop","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Come try a hands-on workshop on embedded computing using the new RP2350 processor from Raspberry Pi.  Lean about the security architecture in modern embedded microprocessors and tinker with it in person! Think you have what it takes to break our stuff? Come learn, say hi and give it a try!","updated_timestamp":{"seconds":1723217513,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-09T15:31:53Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55815,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-09T15:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This series of self-guided labs will introduce even the most novice hacker to the world of embedded device firmware and software exploitation. First-come first-served, don't miss a chance try out these labs and get started with embedded device hacking.\n\n\n","media":[],"title":"101 Labs: Firmware and Software exploitation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"This series of self-guided labs will introduce even the most novice hacker to the world of embedded device firmware and software exploitation. First-come first-served, don't miss a chance try out these labs and get started with embedded device hacking.","updated_timestamp":{"seconds":1722037224,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-26T23:40:24Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55814,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-26T23:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Curious about hacking chips using fault-injection? Take your first steps in our (free) glitching workshops! We provide you with hardware & guidance to conduct your first fault-injection attacks, all you need is a laptop running Python & OpenOCD: Reproduce the nRF52 \"AirTag\" glitch or learn how to glitch one of the chips used in crypto-wallets to store millions of dollars.\r\n\r\nWe will also have a secret challenge announced on site!\r\n\r\nLab provided by hextree.io\n\n\n","media":[],"title":"Hardware Hacking: Glitching Lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Curious about hacking chips using fault-injection? Take your first steps in our (free) glitching workshops! We provide you with hardware & guidance to conduct your first fault-injection attacks, all you need is a laptop running Python & OpenOCD: Reproduce the nRF52 \"AirTag\" glitch or learn how to glitch one of the chips used in crypto-wallets to store millions of dollars.\r\n\r\nWe will also have a secret challenge announced on site!\r\n\r\nLab provided by hextree.io","updated_timestamp":{"seconds":1722037194,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-26T23:39:54Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55812,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-26T23:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Embedded systems are everywhere in our daily lives, from the smart devices in our homes to the systems that control critical infrastructure. These systems exist at the intersection of hardware and software, built to accomplish a specific task. However, unlike general-purpose computers, embedded systems are typically designed for a particular case of use and have limited resources. This makes them both challenging and fascinating to work with, especially from a security perspective. Often these disciplines are dealt with individually, but understanding the custom relationships between hardware and software is vital to performing security research on these devices.\r\n\r\nThe embedded device CTF contest is an exciting opportunity to explore the intricacies of these systems and test your skills in a competitive environment. Contestants are challenged to find vulnerabilities in the firmware or hardware and exploit them to gain access or control over the device. The contest offers a unique opportunity to explore embedded devices' inner workings and understand their design's security implications.\r\n\r\nNew devices will be dramatically introduced at set intervals throughout the competition, and point values will decrease over time. This keeps contestants guessing and on their toes, forcing them to adapt and use their skills to tackle new challenges. It also offers a chance to learn about different types of devices and how they function, broadening participants' knowledge and experience.\r\n\r\nBy participating in the contest, contestants can develop a deep understanding of how these systems operate and how to secure them against potential attacks. Additionally, the contest encourages participants to think outside the box and approach problems creatively, honing their problem-solving skills. The competition provides a valuable opportunity to network with like-minded individuals and a chance to learn from others in the field hands-on.\r\n\r\nOverall, the embedded device CTF contest is an exciting and educational experience that showcases the unique challenges and rewards of working with embedded devices. With the rise of the Internet of Things and the increasing integration of technology in our daily lives, embedded devices are becoming more ubiquitous, making this contest relevant and worth checking out. Whether you're a seasoned security professional or just starting in the field, the contest offers a chance to learn, test your skills, and have fun in a dynamic and competitive environment.\r\n\r\nThis is the main event at Embedded Systems Village. Come and show off your skills at hacking our collection of vulnerable embedded devices and find flags to score points! New this year we have a 101 track where each team will have their own set of emulated devices, as well as embedded challenges from the MITRE eCTF and some boss-level embedded challenges from Toyota Tsusho Systems US!\n\n\n","media":[{"hash_sha256":"a696b6f750fbe91d74ff91917f95bfe709d70e794beab35ff900219f1c87bdb9","filetype":"image/png","hash_md5":"173fb1fa87976ebc72de68fcb9171698","name":"ct_embedded.png","is_logo":"Y","hash_crc32c":"85767de7","filesize":121480,"asset_id":641,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_embedded.png"}],"title":"Embedded CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Embedded systems are everywhere in our daily lives, from the smart devices in our homes to the systems that control critical infrastructure. These systems exist at the intersection of hardware and software, built to accomplish a specific task. However, unlike general-purpose computers, embedded systems are typically designed for a particular case of use and have limited resources. This makes them both challenging and fascinating to work with, especially from a security perspective. Often these disciplines are dealt with individually, but understanding the custom relationships between hardware and software is vital to performing security research on these devices.\r\n\r\nThe embedded device CTF contest is an exciting opportunity to explore the intricacies of these systems and test your skills in a competitive environment. Contestants are challenged to find vulnerabilities in the firmware or hardware and exploit them to gain access or control over the device. The contest offers a unique opportunity to explore embedded devices' inner workings and understand their design's security implications.\r\n\r\nNew devices will be dramatically introduced at set intervals throughout the competition, and point values will decrease over time. This keeps contestants guessing and on their toes, forcing them to adapt and use their skills to tackle new challenges. It also offers a chance to learn about different types of devices and how they function, broadening participants' knowledge and experience.\r\n\r\nBy participating in the contest, contestants can develop a deep understanding of how these systems operate and how to secure them against potential attacks. Additionally, the contest encourages participants to think outside the box and approach problems creatively, honing their problem-solving skills. The competition provides a valuable opportunity to network with like-minded individuals and a chance to learn from others in the field hands-on.\r\n\r\nOverall, the embedded device CTF contest is an exciting and educational experience that showcases the unique challenges and rewards of working with embedded devices. With the rise of the Internet of Things and the increasing integration of technology in our daily lives, embedded devices are becoming more ubiquitous, making this contest relevant and worth checking out. Whether you're a seasoned security professional or just starting in the field, the contest offers a chance to learn, test your skills, and have fun in a dynamic and competitive environment.\r\n\r\nThis is the main event at Embedded Systems Village. Come and show off your skills at hacking our collection of vulnerable embedded devices and find flags to score points! New this year we have a 101 track where each team will have their own set of emulated devices, as well as embedded challenges from the MITRE eCTF and some boss-level embedded challenges from Toyota Tsusho Systems US!","updated_timestamp":{"seconds":1722037378,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-26T23:42:58Z","links":[{"label":"Twitter (@EmbeddedVillage)","type":"link","url":"https://twitter.com/EmbeddedVillage"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249361"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249360"},{"label":"More Info","type":"link","url":"https://www.embeddedvillage.org"}],"end":"2024-08-11T20:00:00.000-0000","id":55811,"tag_ids":[46379,46439,46739],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-26T23:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ever see someone walking around DEF CON and wonder “what is up with the hard hats?”\r\n\r\nThe Hard Hat Brigade brings hackers together in the spirit of endless curiosity and tinkering. We use a common platform (hats) to combine art (bling) and hacker functionality (warez) to inspire others to explore outside of their comfort zones in a safe and welcoming community.\r\n\r\nWe encourage everyone to explore their creativity using art, electronics, mechanical design, or any other medium that piques their interest. Hats are inexpensive, widely available, and easy to modify to suit your needs. We started with hard hats but are not limited to any type of hat, so you have the freedom to choose whatever hat suits your fancy.\r\n\r\nDespite everyone using a common platform, every creation is unique and embodies the personality of the creator. Walking around DEF CON, you can display your creation for all to see, and many will stop to ask you about what you have created. This allows you to talk about your experience, as well as inspire others to explore new ideas of their own.\r\n\r\nOne of the challenges at hacker summer camp has been finding people to connect with. By leveraging hard hats as a canvas, HHB has solved this challenge with something that is incredibly accessible while also offering a ton of variety. Gazing upon these creations, they reflect back the uniqueness of all the awesome hackers that we’ve been able to meet. In years past, we’ve had the opportunity to see how so many talented and creative hackers tackle the challenge of using the venerable hard hat as their muse. Just as fun, charming and skilled as so many attendees are, the hard hat has been a great vessel to carry their awesome projects. \r\n\r\nStop by our community space and make your trip memorable by trying on a hat, learning and sharing building techniques, networking with other hat loving hackers, and expressing yourself in your own hacker way. Keep on hacking!\n\n\n","media":[],"title":"Hard Hat Brigade - Community Space Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Ever see someone walking around DEF CON and wonder “what is up with the hard hats?”\r\n\r\nThe Hard Hat Brigade brings hackers together in the spirit of endless curiosity and tinkering. We use a common platform (hats) to combine art (bling) and hacker functionality (warez) to inspire others to explore outside of their comfort zones in a safe and welcoming community.\r\n\r\nWe encourage everyone to explore their creativity using art, electronics, mechanical design, or any other medium that piques their interest. Hats are inexpensive, widely available, and easy to modify to suit your needs. We started with hard hats but are not limited to any type of hat, so you have the freedom to choose whatever hat suits your fancy.\r\n\r\nDespite everyone using a common platform, every creation is unique and embodies the personality of the creator. Walking around DEF CON, you can display your creation for all to see, and many will stop to ask you about what you have created. This allows you to talk about your experience, as well as inspire others to explore new ideas of their own.\r\n\r\nOne of the challenges at hacker summer camp has been finding people to connect with. By leveraging hard hats as a canvas, HHB has solved this challenge with something that is incredibly accessible while also offering a ton of variety. Gazing upon these creations, they reflect back the uniqueness of all the awesome hackers that we’ve been able to meet. In years past, we’ve had the opportunity to see how so many talented and creative hackers tackle the challenge of using the venerable hard hat as their muse. Just as fun, charming and skilled as so many attendees are, the hard hat has been a great vessel to carry their awesome projects. \r\n\r\nStop by our community space and make your trip memorable by trying on a hat, learning and sharing building techniques, networking with other hat loving hackers, and expressing yourself in your own hacker way. Keep on hacking!","updated_timestamp":{"seconds":1721968701,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-26T04:38:21Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55796,"tag_ids":[46403,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-02","hotel":"","short_name":"HW2-08-02","id":46261},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-26T04:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to learn how to stop hackers in their tracks? Come to the Secure From Scratch coding workshop. Learn what you need to know to write secure code from the very first line of code. It's surprisingly easy! Plus, you'll get to try your hand at hacking, discovering how attackers think so you can build defences against them. (Some coding knowledge in Python is recommended. You should know loops, if statements, arrays, and functions.)\n\n\n","media":[],"title":"Secure From Scatch","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"Want to learn how to stop hackers in their tracks? Come to the Secure From Scratch coding workshop. Learn what you need to know to write secure code from the very first line of code. It's surprisingly easy! Plus, you'll get to try your hand at hacking, discovering how attackers think so you can build defences against them. (Some coding knowledge in Python is recommended. You should know loops, if statements, arrays, and functions.)","updated_timestamp":{"seconds":1722361583,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T17:46:23Z","links":[],"end":"2024-08-11T18:00:00.000-0000","id":55761,"tag_ids":[46398,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T17:46:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"ICS/OT environments are targets. Since the Colonial Pipeline breach in 2021, the ICS/OT threat landscape has changed tremendously. This presentation is not about the Fear, Uncertain and Doubt when an ICS/OT environment goes boom, but what happens when it goes down for ten days. What's the impact to the organization? It's employees? The people it serves?\r\n\r\nMost importantly, what can we do to prevent it from occurring? \r\n\r\nThe remainder of the presentation covers secure network architecture, therapy for IT and OT working together and continually learning/improving.\n\n\n","media":[],"title":"Countdown to Industrial Extinction","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T17:55:00Z","end_timestamp":{"seconds":1723398900,"nanoseconds":0},"android_description":"ICS/OT environments are targets. Since the Colonial Pipeline breach in 2021, the ICS/OT threat landscape has changed tremendously. This presentation is not about the Fear, Uncertain and Doubt when an ICS/OT environment goes boom, but what happens when it goes down for ten days. What's the impact to the organization? It's employees? The people it serves?\r\n\r\nMost importantly, what can we do to prevent it from occurring? \r\n\r\nThe remainder of the presentation covers secure network architecture, therapy for IT and OT working together and continually learning/improving.","updated_timestamp":{"seconds":1721781867,"nanoseconds":0},"speakers":[{"content_ids":[55339,55357],"conference_id":133,"event_ids":[55731,55749],"name":"Mike Holcomb","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Fluor","title":"Fellow of Cybersecurity and ICS/OT Cybersecurity Global Lead"}],"links":[],"pronouns":null,"media":[],"id":55961,"title":"Fellow of Cybersecurity and ICS/OT Cybersecurity Global Lead at Fluor"}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-24T00:44:27Z","links":[],"end":"2024-08-11T17:55:00.000-0000","id":55749,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55961}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-24T00:44:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"DC NextGen / Youth Challenge Area at Red Team Village","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T18:50:00Z","end_timestamp":{"seconds":1723402200,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1721595757,"nanoseconds":0},"speakers":[{"content_ids":[55273],"conference_id":133,"event_ids":[55663,55712,55713],"name":"RTV Staff","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@redteamvillage_)","sort_order":0,"url":"https://twitter.com/redteamvillage_"}],"media":[],"id":55852}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-21T21:02:37Z","links":[],"end":"2024-08-11T18:50:00.000-0000","id":55713,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55852}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W204-W207 (RTV)","hotel":"","short_name":"W204-W207 (RTV)","id":46283},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-21T21:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Bank case : Bank A provides an online banking application where users can access their accounts, perform transactions, and initiate money transfers. Here's a scenario with an IDOR vulnerability: Scenario: User A wants to transfer $1000 to User B. User A initiates a transfer and selects the recipient's account. However, due to an IDOR flaw in the application, the validation process fails, allowing users to select other users' accounts. In this case, User A can actually select User B's account and transfer the money, leading to unauthorized access to accounts.\n\nand other cases :)\n\n\n","media":[],"title":"IDOR in Financial Operations","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T17:50:00Z","end_timestamp":{"seconds":1723398600,"nanoseconds":0},"android_description":"Bank case : Bank A provides an online banking application where users can access their accounts, perform transactions, and initiate money transfers. Here's a scenario with an IDOR vulnerability: Scenario: User A wants to transfer $1000 to User B. User A initiates a transfer and selects the recipient's account. However, due to an IDOR flaw in the application, the validation process fails, allowing users to select other users' accounts. In this case, User A can actually select User B's account and transfer the money, leading to unauthorized access to accounts.\n\nand other cases :)","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55317],"conference_id":133,"event_ids":[55707],"name":"Ilkin Javadov","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55867}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-11T17:50:00.000-0000","id":55707,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55867}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"People often talk about red teaming as hacking people or systems, but no one really talks about hacking processes. Company processes are oftentimes some of the most critical business functions that a threat actor could go after, but there is no framework or attack chain lifecycle equivalent for red teaming processes. In this talk, we’ll be talking about how Fortune 500 red teamers simulate adversaries and attack processes, and how you can use our new framework, the Redteaming Process Framework: RTPF, to do the same.\n\n\n","media":[],"title":"Hacking Processes: Introducing the Redteaming Process Framework: RTPF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T17:50:00Z","end_timestamp":{"seconds":1723398600,"nanoseconds":0},"android_description":"People often talk about red teaming as hacking people or systems, but no one really talks about hacking processes. Company processes are oftentimes some of the most critical business functions that a threat actor could go after, but there is no framework or attack chain lifecycle equivalent for red teaming processes. In this talk, we’ll be talking about how Fortune 500 red teamers simulate adversaries and attack processes, and how you can use our new framework, the Redteaming Process Framework: RTPF, to do the same.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55316],"conference_id":133,"event_ids":[55706],"name":"Bobby R","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@bobbyrsec)","sort_order":0,"url":"https://twitter.com/bobbyrsec"}],"media":[],"id":55869},{"content_ids":[55316],"conference_id":133,"event_ids":[55706],"name":"Alex Gonzalez","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55870}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-11T17:50:00.000-0000","id":55706,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55870},{"tag_id":46167,"sort_order":4,"person_id":55869}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Do you think AWS Admin is the end game? Let's dive deeper into cloud native lateral movement and how Identity Providers has become the biggest C2 that has ever existed.\n\n\n","media":[],"title":"From Runners to IdP Admin","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T17:50:00Z","end_timestamp":{"seconds":1723398600,"nanoseconds":0},"android_description":"Do you think AWS Admin is the end game? Let's dive deeper into cloud native lateral movement and how Identity Providers has become the biggest C2 that has ever existed.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55315],"conference_id":133,"event_ids":[55705],"name":"Sim Cher Boon","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55868}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-11T17:50:00.000-0000","id":55705,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55868}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this workshop, the basic concepts of pivoting will be introduced, and a hands-on experience will be provided in a realistic testing environment. Participants will learn to utilize effective tools and techniques to move from one network to another within an organization's infrastructure. Additionally, attendees will have the opportunity to set up their own Docker laboratory to perform pivoting practices in an emulated environment.\n\n\n","media":[],"title":"From Network to Network: Hands-On Pivoting Techniques in Internal Environments","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T17:50:00Z","end_timestamp":{"seconds":1723398600,"nanoseconds":0},"android_description":"In this workshop, the basic concepts of pivoting will be introduced, and a hands-on experience will be provided in a realistic testing environment. Participants will learn to utilize effective tools and techniques to move from one network to another within an organization's infrastructure. Additionally, attendees will have the opportunity to set up their own Docker laboratory to perform pivoting practices in an emulated environment.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55314],"conference_id":133,"event_ids":[55704],"name":"Francisco Canteli","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@Franc_205)","sort_order":0,"url":"https://twitter.com/Franc_205"}],"media":[],"id":55866}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-11T17:50:00.000-0000","id":55704,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55866}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Lonely Hackers Club Community Room Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1721276328,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-18T04:18:48Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55410,"tag_ids":[46406,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-18T04:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Unofficial Sticker Swap is a casual and engaging activity where attendees can trade and collect unique stickers. This event fosters a sense of community and allows participants to showcase their creativity and personal style. \n\n\n","media":[],"title":"LHC's Unofficial Sticker Swap Table","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"The Unofficial Sticker Swap is a casual and engaging activity where attendees can trade and collect unique stickers. This event fosters a sense of community and allows participants to showcase their creativity and personal style.","updated_timestamp":{"seconds":1721487294,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-20T14:54:54Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":55407,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Keyboard Corner hosts typing challenges that test the speed and accuracy of attendees' typing skills on various keyboards. Participants can compete for high scores and bragging rights in a friendly and competitive setting. This activity adds an element of fun and excitement to the conference while highlighting the importance of efficient typing in cybersecurity.\n\n\n","media":[],"title":"Egor's Keyboard Corner","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Keyboard Corner hosts typing challenges that test the speed and accuracy of attendees' typing skills on various keyboards. Participants can compete for high scores and bragging rights in a friendly and competitive setting. This activity adds an element of fun and excitement to the conference while highlighting the importance of efficient typing in cybersecurity.","updated_timestamp":{"seconds":1721487260,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-20T14:54:20Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":55404,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is your last chance to pickup your drives whether they're finished or not. Get here between 10:00am and 11:00am on Sunday as any drives left behind are considered donations.\n\n\n","media":[],"title":"Last chance to pick up drives at the DDV","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"This is your last chance to pickup your drives whether they're finished or not. Get here between 10:00am and 11:00am on Sunday as any drives left behind are considered donations.","updated_timestamp":{"seconds":1720848200,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-13T05:23:20Z","links":[{"label":"More Info","type":"link","url":"https://dcddv.org"}],"end":"2024-08-11T18:00:00.000-0000","id":55188,"tag_ids":[46378,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W225","hotel":"","short_name":"W225","id":46291},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-13T05:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Advanced attackers are increasingly choosing edge devices as targets, many of which are security appliances such as VPNs and Firewalls. They run closed-source firmware, and defenders and researchers must understand it to assess its security and integrity. We faced this firsthand when a client that used Draytek equipment was compromised. With at least 500k Draytek routers exposed to the Internet globally, no working tools exist to extract their firmware and assist researchers and defenders working with them.\r\n\r\nWe reverse-engineered Draytek's firmware format, developed tools to extract it, and discovered that its RTOS kernel can load code modules dynamically. These stored modules remain active even after firmware upgrades, inadvertently facilitating persistent threats. We crafted and uploaded malicious modules using our tools and newly found vulnerabilities to achieve persistence.\r\n\r\nEnd-users lack straightforward means to detect such compromises. In response to this threat, we developed our own module to assess the integrity of other modules loaded in memory, mitigating its impact. In our pursuit of a more secure internet, we are sharing our knowledge and opening our tools to the community, enabling observability, hardening, transparency, and vulnerability research on Draytek edge devices.\r\n\n\n\n","media":[],"title":"Taking off the blindfold: Detecting persistent threats on Draytek edge devices","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"Advanced attackers are increasingly choosing edge devices as targets, many of which are security appliances such as VPNs and Firewalls. They run closed-source firmware, and defenders and researchers must understand it to assess its security and integrity. We faced this firsthand when a client that used Draytek equipment was compromised. With at least 500k Draytek routers exposed to the Internet globally, no working tools exist to extract their firmware and assist researchers and defenders working with them.\r\n\r\nWe reverse-engineered Draytek's firmware format, developed tools to extract it, and discovered that its RTOS kernel can load code modules dynamically. These stored modules remain active even after firmware upgrades, inadvertently facilitating persistent threats. We crafted and uploaded malicious modules using our tools and newly found vulnerabilities to achieve persistence.\r\n\r\nEnd-users lack straightforward means to detect such compromises. In response to this threat, we developed our own module to assess the integrity of other modules loaded in memory, mitigating its impact. In our pursuit of a more secure internet, we are sharing our knowledge and opening our tools to the community, enabling observability, hardening, transparency, and vulnerability research on Draytek edge devices.","updated_timestamp":{"seconds":1720400599,"nanoseconds":0},"speakers":[{"content_ids":[54642,55974],"conference_id":133,"event_ids":[56590,55015],"name":"Octavio Gianatiempo","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Faraday","title":"Security Researcher"},{"organization":"University of Buenos Aires","title":"Student, Computer Science"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/octavio-gianatiempo"},{"description":"","title":"Twitter (@ogianatiempo)","sort_order":0,"url":"https://twitter.com/ogianatiempo"}],"media":[],"id":54238,"title":"Student, Computer Science at University of Buenos Aires"},{"content_ids":[54642,55974],"conference_id":133,"event_ids":[56590,55015],"name":"Gastón Aznarez","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Faraday","title":"Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/gastonaznarez"},{"description":"","title":"Twitter (@gastonaznarez)","sort_order":0,"url":"https://twitter.com/gastonaznarez"}],"media":[],"id":54239,"title":"Security Researcher at Faraday"}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T01:03:19Z","links":[],"end":"2024-08-11T18:00:00.000-0000","id":55015,"tag_ids":[46169,46381,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54239},{"tag_id":46167,"sort_order":1,"person_id":54238}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-08T01:03:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As our social lives are highly intertwined with our online lives, people share a lot of information and create pictures and content that needs to be secured. In this talk I cover obscenity laws, revenge porn (nonconsensual distribution of intimate images), stalking, catfishing and sextortion and how people can prevent information being leaked as well as how to recover from it.\n\n\n","media":[],"title":"Porn & Privacy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T17:30:00Z","end_timestamp":{"seconds":1723397400,"nanoseconds":0},"android_description":"As our social lives are highly intertwined with our online lives, people share a lot of information and create pictures and content that needs to be secured. In this talk I cover obscenity laws, revenge porn (nonconsensual distribution of intimate images), stalking, catfishing and sextortion and how people can prevent information being leaked as well as how to recover from it.","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54641],"conference_id":133,"event_ids":[55014],"name":"ET","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54264}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T17:30:00.000-0000","id":55014,"tag_ids":[46377,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54264}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Villages are a key part of the DEFCON experience - join this panel of staff members of the DEFCON Villages to get an inside scoop on all the intricacies of organizing a village. Topics from finding sponsors to setting up equipment to making sure everyone gets to take a break during the event - there's a whole lot that goes on behind the scenes at DEFCON villages!\n\n\n","media":[],"title":"The Village Peoples' Panel - What Really Goes On in a Village?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"The Villages are a key part of the DEFCON experience - join this panel of staff members of the DEFCON Villages to get an inside scoop on all the intricacies of organizing a village. Topics from finding sponsors to setting up equipment to making sure everyone gets to take a break during the event - there's a whole lot that goes on behind the scenes at DEFCON villages!","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54523,54446,54436,54542,54574],"conference_id":133,"event_ids":[54809,54819,54896,54949,54915],"name":"Jeff \"The Dark Tangent\" Moss","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DEF CON Communications","title":""}],"pronouns":null,"links":[{"description":"","title":"Mastodon (@thedarktangent@defcon.social)","sort_order":0,"url":"https://defcon.social/@thedarktangent"},{"description":"","title":"Twitter (@thedarktangent)","sort_order":0,"url":"https://twitter.com/thedarktangent"}],"media":[{"hash_sha256":"f53ed4086958b3703d597c50fe74eef1800cf474aa3d17c0895bf89d6c05716f","filetype":"image/jpeg","hash_md5":"8104a1f4b82a4241208b7f6b9112ebf2","name":"thedarktangent_avatar.jpeg","hash_crc32c":"4ae7af86","asset_id":689,"filesize":2064,"sort_order":1,"url":"https://info.defcon.org/blobs/thedarktangent_avatar.jpeg","person_id":52629}],"id":52629,"title":"DEF CON Communications"},{"content_ids":[54584,54574],"conference_id":133,"event_ids":[54949,54959],"name":"Tom VanNorman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ICS Village","title":""}],"links":[],"pronouns":null,"media":[],"id":54316,"title":"ICS Village"},{"content_ids":[54574],"conference_id":133,"event_ids":[54949],"name":"Nina Alli","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Biohacking Village","title":""}],"links":[],"pronouns":null,"media":[],"id":54676,"title":"Biohacking Village"},{"content_ids":[54574],"conference_id":133,"event_ids":[54949],"name":"Justin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Car Hacking Village","title":""}],"links":[],"pronouns":null,"media":[],"id":54677,"title":"Car Hacking Village"},{"content_ids":[54574],"conference_id":133,"event_ids":[54949],"name":"muteki","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Blue Team Village","title":"Director"}],"links":[],"pronouns":null,"media":[],"id":54679,"title":"Director at Blue Team Village"},{"content_ids":[55763,54574],"conference_id":133,"event_ids":[56287,54949],"name":"Matt Mayes","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Aerospace Village","title":""}],"links":[],"pronouns":null,"media":[],"id":55971,"title":"Aerospace Village"},{"content_ids":[54574,55265],"conference_id":133,"event_ids":[55655,54949],"name":"Savannah \"lazzslayer\" Lazzara","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56333}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-11T18:00:00.000-0000","id":54949,"tag_ids":[46371,46373,46375,46382,46392,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":54677},{"tag_id":46487,"sort_order":4,"person_id":55971},{"tag_id":46487,"sort_order":6,"person_id":54679},{"tag_id":46487,"sort_order":8,"person_id":54676},{"tag_id":46167,"sort_order":10,"person_id":56333},{"tag_id":46487,"sort_order":14,"person_id":54316},{"tag_id":46488,"sort_order":16,"person_id":52629}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Downgrade attacks force software to revert to an older, vulnerable version. In 2023, BlackLotus emerged, downgrading the boot manager to bypass Secure Boot. Microsoft addressed the threat, but was Secure Boot the only component vulnerable to downgrades?\r\n\r\nBy examining Windows Updates, we found a flaw enabling us to take full control over it and craft downgrading updates, bypassing all verification steps.\r\n\r\nWe then managed to downgrade DLLs, drivers, and even the kernel. Afterwards, the OS reported it’s fully updated, unable to install future updates, with recovery tools unable to detect issues.\r\n\r\nWe aimed higher and found that the virtualization stack is at risk too. We successfully downgraded Hyper-V’s hypervisor, Secure Kernel, and Credential Guard to expose privilege escalations.\r\n\r\nWe also discovered several ways to disable VBS, including its Credential Guard and HVCI features, despite its enforced UEFI locks. This is the first known bypass of VBS's UEFI locks.\r\n\r\nLastly, we found another vulnerability in a Windows Update restoration scenario, making the findings accessible to unprivileged attackers!\r\n\r\nIn this talk, we’ll introduce \"Windows Downdate\", a tool that takes over Windows Updates to craft downgrades and expose dozens of vulnerabilities. It makes the term “fully patched” meaningless across any Windows machine worldwide.\n\n\n","media":[],"title":"Windows Downdate: Downgrade Attacks Using Windows Updates","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T17:45:00Z","end_timestamp":{"seconds":1723398300,"nanoseconds":0},"android_description":"Downgrade attacks force software to revert to an older, vulnerable version. In 2023, BlackLotus emerged, downgrading the boot manager to bypass Secure Boot. Microsoft addressed the threat, but was Secure Boot the only component vulnerable to downgrades?\r\n\r\nBy examining Windows Updates, we found a flaw enabling us to take full control over it and craft downgrading updates, bypassing all verification steps.\r\n\r\nWe then managed to downgrade DLLs, drivers, and even the kernel. Afterwards, the OS reported it’s fully updated, unable to install future updates, with recovery tools unable to detect issues.\r\n\r\nWe aimed higher and found that the virtualization stack is at risk too. We successfully downgraded Hyper-V’s hypervisor, Secure Kernel, and Credential Guard to expose privilege escalations.\r\n\r\nWe also discovered several ways to disable VBS, including its Credential Guard and HVCI features, despite its enforced UEFI locks. This is the first known bypass of VBS's UEFI locks.\r\n\r\nLastly, we found another vulnerability in a Windows Update restoration scenario, making the findings accessible to unprivileged attackers!\r\n\r\nIn this talk, we’ll introduce \"Windows Downdate\", a tool that takes over Windows Updates to craft downgrades and expose dozens of vulnerabilities. It makes the term “fully patched” meaningless across any Windows machine worldwide.","updated_timestamp":{"seconds":1720632727,"nanoseconds":0},"speakers":[{"content_ids":[54522],"conference_id":133,"event_ids":[54895],"name":"Alon Leviev","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://il.linkedin.com/in/alonleviev"},{"description":"","title":"Twitter (@_0xDeku)","sort_order":0,"url":"https://twitter.com/_0xDeku"}],"media":[],"id":54165}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-10T17:32:07Z","links":[],"end":"2024-08-11T17:45:00.000-0000","id":54895,"tag_ids":[46166,46169,46419,46437,46438,46880],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54165}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-10T17:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Industrial VPN gateways play a crucial role in operational technology by enabling secure remote access to systems within industrial networks. However, their importance goes hand in hand with increased security risks, as their architecture makes them lucrative targets for threat actors. Over the years, we have seen such devices being used in various industrial environments, which underlines their widespread use in critical infrastructures.\r\n\r\nThis talk is about a security analysis of a widely used industrial remote access solution. We will dive deep into and expose various vulnerabilities. This includes rooting the device, bypassing hardware-based security mechanisms such as the use of a hardware security module, and reverse engineering software and firmware. Ultimately, we will show how various identified vulnerabilities allowed us to hijack remote access sessions, creating significant security risks.\n\n\n","media":[],"title":"Unlocking the Gates: Hacking a secure Industrial Remote Access Solution","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T17:20:00Z","end_timestamp":{"seconds":1723396800,"nanoseconds":0},"android_description":"Industrial VPN gateways play a crucial role in operational technology by enabling secure remote access to systems within industrial networks. However, their importance goes hand in hand with increased security risks, as their architecture makes them lucrative targets for threat actors. Over the years, we have seen such devices being used in various industrial environments, which underlines their widespread use in critical infrastructures.\r\n\r\nThis talk is about a security analysis of a widely used industrial remote access solution. We will dive deep into and expose various vulnerabilities. This includes rooting the device, bypassing hardware-based security mechanisms such as the use of a hardware security module, and reverse engineering software and firmware. Ultimately, we will show how various identified vulnerabilities allowed us to hijack remote access sessions, creating significant security risks.","updated_timestamp":{"seconds":1720660604,"nanoseconds":0},"speakers":[{"content_ids":[54521],"conference_id":133,"event_ids":[54894],"name":"Moritz Abrell","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SySS GmbH","title":"Senior IT Security Consultant and Penetration Tester"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@moritz_abrell)","sort_order":0,"url":"https://twitter.com/moritz_abrell"}],"media":[],"id":54109,"title":"Senior IT Security Consultant and Penetration Tester at SySS GmbH"}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-11T01:16:44Z","links":[],"end":"2024-08-11T17:20:00.000-0000","id":54894,"tag_ids":[46166,46169,46419,46437,46881],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54109}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-11T01:16:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"People who don’t type Chinese might be surprised to learn that popular Chinese Input Method Editor (IME) keyboards can act as keyloggers; they transmit your keystrokes over the Internet to enable “cloud-based” support features to improve character prediction when typing.\r\n\r\n*Everyone* might be surprised to learn that these keyloggers, which were already collecting everything you type into your device, were doing it *insecurely*.\r\n\r\nIn this talk, we will describe how we systematically exploited every single popular Chinese IME keyboard vendor’s home-rolled network encryption protocol. Namely, we show how any network eavesdropper can read the keystrokes of what users of these vendors’ keyboards are typing. The affected keyboards include the three most popular Chinese IME keyboards, Sogou IME, Baidu IME, and iFlytek IME, collectively used by almost 800 million users, as well as default and pre-installed keyboards on basically every popular Android mobile device except for Huawei’s. We also discuss how we got here, re-affirm the age-old adage, “Don’t roll your own crypto!”, and call on hackers around the world to help us move towards HTTPS everywhere in understudied app ecosystems.\r\n\r\n[link](https://citizenlab.ca/2024/04/vulnerabilities-across-keyboard-apps-reveal-keystrokes-to-network-eavesdroppers/)\r\n\r\n[link](https://citizenlab.ca/2023/08/vulnerabilities-in-sogou-keyboard-encryption/)\r\n\n\n\n","media":[],"title":"The not-so-silent type: Breaking network crypto in almost every popular Chinese keyboard app","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T17:45:00Z","end_timestamp":{"seconds":1723398300,"nanoseconds":0},"android_description":"People who don’t type Chinese might be surprised to learn that popular Chinese Input Method Editor (IME) keyboards can act as keyloggers; they transmit your keystrokes over the Internet to enable “cloud-based” support features to improve character prediction when typing.\r\n\r\n*Everyone* might be surprised to learn that these keyloggers, which were already collecting everything you type into your device, were doing it *insecurely*.\r\n\r\nIn this talk, we will describe how we systematically exploited every single popular Chinese IME keyboard vendor’s home-rolled network encryption protocol. Namely, we show how any network eavesdropper can read the keystrokes of what users of these vendors’ keyboards are typing. The affected keyboards include the three most popular Chinese IME keyboards, Sogou IME, Baidu IME, and iFlytek IME, collectively used by almost 800 million users, as well as default and pre-installed keyboards on basically every popular Android mobile device except for Huawei’s. We also discuss how we got here, re-affirm the age-old adage, “Don’t roll your own crypto!”, and call on hackers around the world to help us move towards HTTPS everywhere in understudied app ecosystems.\r\n\r\n[link](https://citizenlab.ca/2024/04/vulnerabilities-across-keyboard-apps-reveal-keystrokes-to-network-eavesdroppers/)\r\n\r\n[link](https://citizenlab.ca/2023/08/vulnerabilities-in-sogou-keyboard-encryption/)","updated_timestamp":{"seconds":1720463902,"nanoseconds":0},"speakers":[{"content_ids":[54520],"conference_id":133,"event_ids":[54893],"name":"Mona Wang","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Princeton University","title":"PhD candidate in Computer Science"}],"pronouns":null,"links":[{"description":"","title":"m0na.net","sort_order":0,"url":"https://m0na.net"}],"media":[],"id":54091,"title":"PhD candidate in Computer Science at Princeton University"},{"content_ids":[54520],"conference_id":133,"event_ids":[54893],"name":"Jeffrey Knockel","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Citizen Lab","title":"Senior Research Associate"}],"pronouns":"he/him","links":[{"description":"","title":"jeffreyknockel.com","sort_order":0,"url":"https://jeffreyknockel.com"}],"media":[],"id":54133,"title":"Senior Research Associate at Citizen Lab"}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T18:38:22Z","links":[],"end":"2024-08-11T17:45:00.000-0000","id":54893,"tag_ids":[46166,46169,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":54133},{"tag_id":46167,"sort_order":4,"person_id":54091}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-08T18:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Websites often parse users' email addresses to identify their organisation. Unfortunately, parsing emails is far from straightforward thanks to a collection of ancient RFCs that everyone knows are crazy. You can probably see where this is going…\r\n\r\nIn this session, I'll introduce techniques for crafting RFC-compliant email addresses that bypass virtually all defences leading to broken assumptions, parser discrepancies and emails being routed to wildly unexpected destinations. I'll show you how to exploit multiple applications and libraries to spoof email domains, access internal systems protected by 'Zero Trust', and bypass employee-only registration barriers.\r\n\r\nThen I'll introduce another class of attack - harmless-looking input transformed into malicious payloads by unwitting libraries, leading to yet more misrouted emails, and blind CSS injection on a well-known target.\r\n\r\nI'll leave you with a full methodology and toolkit to identify and exploit your own targets, plus a CTF to develop your new skillset.\r\n\r\n- Email parsing:\r\n - [link](https://www.jochentopf.com/email/address.html)\r\n - [link](https://nathandavison.com/blog/exploiting-email-address-parsing-with-aws-ses)\r\n - [link](https://medium.com/@fs0c131y/tchap-the-super-not-secure-app-of-the-french-government-84b31517d144)\r\n\r\n- CSS Exfiltration:\r\n - [link](https://vwzq.net/slides/2019-s3_css_injection_attacks.pdf)\r\n - [link](https://d0nut.medium.com/better-exfiltration-via-html-injection-31c72a2dae8b)\r\n\r\n- Unicode:\r\n - [link](https://www.sonarsource.com/blog/10-unknown-security-pitfalls-for-python/#:~:text=8.%20Unicode%20Case%20Collision)\r\n\n\n\n","media":[],"title":"Splitting the email atom: exploiting parsers to bypass access controls","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T17:45:00Z","end_timestamp":{"seconds":1723398300,"nanoseconds":0},"android_description":"Websites often parse users' email addresses to identify their organisation. Unfortunately, parsing emails is far from straightforward thanks to a collection of ancient RFCs that everyone knows are crazy. You can probably see where this is going…\r\n\r\nIn this session, I'll introduce techniques for crafting RFC-compliant email addresses that bypass virtually all defences leading to broken assumptions, parser discrepancies and emails being routed to wildly unexpected destinations. I'll show you how to exploit multiple applications and libraries to spoof email domains, access internal systems protected by 'Zero Trust', and bypass employee-only registration barriers.\r\n\r\nThen I'll introduce another class of attack - harmless-looking input transformed into malicious payloads by unwitting libraries, leading to yet more misrouted emails, and blind CSS injection on a well-known target.\r\n\r\nI'll leave you with a full methodology and toolkit to identify and exploit your own targets, plus a CTF to develop your new skillset.\r\n\r\n- Email parsing:\r\n - [link](https://www.jochentopf.com/email/address.html)\r\n - [link](https://nathandavison.com/blog/exploiting-email-address-parsing-with-aws-ses)\r\n - [link](https://medium.com/@fs0c131y/tchap-the-super-not-secure-app-of-the-french-government-84b31517d144)\r\n\r\n- CSS Exfiltration:\r\n - [link](https://vwzq.net/slides/2019-s3_css_injection_attacks.pdf)\r\n - [link](https://d0nut.medium.com/better-exfiltration-via-html-injection-31c72a2dae8b)\r\n\r\n- Unicode:\r\n - [link](https://www.sonarsource.com/blog/10-unknown-security-pitfalls-for-python/#:~:text=8.%20Unicode%20Case%20Collision)","updated_timestamp":{"seconds":1720463920,"nanoseconds":0},"speakers":[{"content_ids":[54519,55173],"conference_id":133,"event_ids":[55561,54892],"name":"Gareth Heyes","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"PortSwigger","title":"Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@garethheyes)","sort_order":0,"url":"https://twitter.com/garethheyes"},{"description":"","title":"garethheyes.co.uk/","sort_order":0,"url":"https://garethheyes.co.uk/"}],"media":[],"id":54158,"title":"Researcher at PortSwigger"}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T18:38:40Z","links":[],"end":"2024-08-11T17:45:00.000-0000","id":54892,"tag_ids":[46166,46169,46419,46437,46438,46878],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54158}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-08T18:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us as we unravel another story of public resources from AWS, digging in 3.1 million AMIs for secrets. Beyond the findings, we'll delve into the ominous connection between exfiltrated AWS access credentials from these AMIs and the heightened risk of AWS account takeover. This talk will highlight key methodologies, tools, and lessons learned, emphasizing the critical need for robust security measures in the cloud to prevent both data exposure and potential account compromise.\r\n\r\nWe started and developed this research without references of existing work. However, here are two links that can be viewed as related/previous work:\r\n\r\nThis article shows a research on a subset of public AMIs from a single region in AWS\r\n[link](https://blog.lethalbit.com/hunting-for-sensitive-data-in-public-amazon-images-ami/)\r\n\r\nThis research shows a similar issue where public EBS are scanned. However, this technique does not work for most public AMIs\r\n[link](https://www.youtube.com/watch?v=HXM1rBk_wXs)\r\n\n\n\n","media":[],"title":"AWS CloudQuarry: Digging for secrets in public AMIs","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T17:45:00Z","end_timestamp":{"seconds":1723398300,"nanoseconds":0},"android_description":"Join us as we unravel another story of public resources from AWS, digging in 3.1 million AMIs for secrets. Beyond the findings, we'll delve into the ominous connection between exfiltrated AWS access credentials from these AMIs and the heightened risk of AWS account takeover. This talk will highlight key methodologies, tools, and lessons learned, emphasizing the critical need for robust security measures in the cloud to prevent both data exposure and potential account compromise.\r\n\r\nWe started and developed this research without references of existing work. However, here are two links that can be viewed as related/previous work:\r\n\r\nThis article shows a research on a subset of public AMIs from a single region in AWS\r\n[link](https://blog.lethalbit.com/hunting-for-sensitive-data-in-public-amazon-images-ami/)\r\n\r\nThis research shows a similar issue where public EBS are scanned. However, this technique does not work for most public AMIs\r\n[link](https://www.youtube.com/watch?v=HXM1rBk_wXs)","updated_timestamp":{"seconds":1720463930,"nanoseconds":0},"speakers":[{"content_ids":[54518],"conference_id":133,"event_ids":[54891],"name":"Matei Josephs","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Senior Penetration Tester"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/matei-anthony-josephs-325ba5199/"}],"media":[],"id":54114,"title":"Senior Penetration Tester"},{"content_ids":[54518],"conference_id":133,"event_ids":[54891],"name":"Eduard Agavriloae","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"AWS Offensive Expert and Pentester"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/eduard-k-agavriloae/"},{"description":"","title":"Twitter (@saw_your_packet)","sort_order":0,"url":"https://twitter.com/saw_your_packet"}],"media":[],"id":54126,"title":"AWS Offensive Expert and Pentester"}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T18:38:50Z","links":[],"end":"2024-08-11T17:45:00.000-0000","id":54891,"tag_ids":[46166,46169,46419,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54126},{"tag_id":46167,"sort_order":4,"person_id":54114}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-08T18:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DEF CON has made HDA a community, and we now have a community room! This room will be dedicated to the attendees with ADA needs, their friends, helpers, and anyone who wants to hang out and be social! So far we plan on providing charging stations, chill out sessions, an open call for a modular synth jam session, and more to come! Let's all work together to make DEFCON Awesomely Accessible!\r\n\r\n(Please note that on Thursday, we will be open only to provide assistance to those in need. Regular community programming will begin on Friday.)\r\n\r\nHang out, chill out deck out your mobility device and more!\n\n\n","media":[],"title":"HDA Community - Open for Accessibility Questions/Help","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T22:00:00Z","end_timestamp":{"seconds":1723413600,"nanoseconds":0},"android_description":"DEF CON has made HDA a community, and we now have a community room! This room will be dedicated to the attendees with ADA needs, their friends, helpers, and anyone who wants to hang out and be social! So far we plan on providing charging stations, chill out sessions, an open call for a modular synth jam session, and more to come! Let's all work together to make DEFCON Awesomely Accessible!\r\n\r\n(Please note that on Thursday, we will be open only to provide assistance to those in need. Regular community programming will begin on Friday.)\r\n\r\nHang out, chill out deck out your mobility device and more!","updated_timestamp":{"seconds":1722140938,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T04:28:58Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/242670"},{"label":"Official HDA Policy","type":"link","url":"https://defcon.org/html/links/dc-hda.html"}],"end":"2024-08-11T22:00:00.000-0000","id":54573,"tag_ids":[46362,46404],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46251,"name":"LVCC - L1 - W110 (HDA)","hotel":"","short_name":"W110 (HDA)","id":46280},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-28T04:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you find something that seems to have been lost, please take that item to the nearest NFO Node. The item will enter the DEF CON Lost & Found system. \r\n\r\nIf you've lost something, the only way to check on it (or reclaim it) is by going to the Lost & Found department yourself. The Lost & Found department is in room LVCC - L2 - W238. You may also call Lost & Found at [+1 (725) 377-5045](tel:+17253775045).\r\n\r\nThe Lost & Found department plans to be open Thursday - Saturday, during all hours that the conference operates. On Sunday, the Lost & Found department will open with the venue at 08:00, but will close at the beginning of DEF CON 32 Closing Ceremonies (15:00). Shortly thereafter, all remaining lost items will be transferred to the LVCC West Lobby Security Office. If you need to reach LVCC's West Lobby Security Office, you may call [+1 (702) 943-3532](tel:+17029433532).\n\n\n","media":[],"title":"Lost & Found","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T22:00:00Z","end_timestamp":{"seconds":1723413600,"nanoseconds":0},"android_description":"If you find something that seems to have been lost, please take that item to the nearest NFO Node. The item will enter the DEF CON Lost & Found system. \r\n\r\nIf you've lost something, the only way to check on it (or reclaim it) is by going to the Lost & Found department yourself. The Lost & Found department is in room LVCC - L2 - W238. You may also call Lost & Found at [+1 (725) 377-5045](tel:+17253775045).\r\n\r\nThe Lost & Found department plans to be open Thursday - Saturday, during all hours that the conference operates. On Sunday, the Lost & Found department will open with the venue at 08:00, but will close at the beginning of DEF CON 32 Closing Ceremonies (15:00). Shortly thereafter, all remaining lost items will be transferred to the LVCC West Lobby Security Office. If you need to reach LVCC's West Lobby Security Office, you may call [+1 (702) 943-3532](tel:+17029433532).","updated_timestamp":{"seconds":1722195318,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T15:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T19:35:18Z","links":[],"end":"2024-08-11T22:00:00.000-0000","id":55889,"tag_ids":[46362,46744],"village_id":null,"begin_timestamp":{"seconds":1723388400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W238 (Lost & Found)","hotel":"","short_name":"W238 (Lost & Found)","id":46338},"spans_timebands":"N","begin":"2024-08-11T15:00:00.000-0000","updated":"2024-07-28T19:35:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Our human registration process this year will be very similar to previous years. Please be patient. All of the times listed here are **approximate**. \r\n\r\n# Basics\r\n\r\n### Who needs a badge?\r\n\r\nA badge is required for each human age 8 and older.\r\n\r\n### Human?\r\n\r\nYou are a human if you do not know otherwise. People that are not humans include goons, official speaker, village/community/contest/creator staff, press, black badge holders, or similar. If you are not a human, you need to register separately. If you don't know how, see an NFO goon (NFO Node, formerly known as an infobooth, is where you can get help). The remainder of this message applies only to humans.\r\n\r\n### Lines? Linecon?\r\n\r\nLinecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)\r\n\r\nOnline badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales. \r\n\r\nPlease help us make this a great experience for everyone by **following directions given by goons**. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join. \r\n\r\n# Ways to buy a badge\r\n\r\n- $480 [online purchase](https://shop.defcon.org/products/def-con-32-las-vegas-convention-center) until August 1, 2024. Tickets are transferable. Please read the details on the linked page.\r\n- $460 cash purchase on-site.\r\n- As part of a BlackHat registration.\r\n\r\n### Online Purchase\r\n\r\nYou will be emailed a QR code to the email address provided when you bought your badge. Please guard that QR code as though it is cash -- it can only be redeemed once, and anyone can redeem it if they have it (including a photo of it). Badges are picked-up on-site -- they will not be mailed or shipped.\r\n\r\nWe can scan the QR code either from your phone's display or from a printed copy. You **must** have the QR code with you in order to obtain your badge. As you approach the front of the line, if you are going to show your QR code on an electronic device, please ensure that your display is set to maximum brightness. \r\n\r\nIf you pre-registered, but ultimately are unable to attend DEF CON and want to cancel your purchase, the **only** way to get a refund is from the original online source. We are unable to provide any refunds on-site at DEF CON. There is a fee to have your badge canceled: $34 until July 15, and $84 on and after July 15.\r\n\r\nOnline purchases are provided a receipt via email when the purchase is made.\r\n\r\nOnline purchase -- often referred to as pre-registration -- does not allow you to skip any line/queue to pick up your badge. Once you arrive on-site, you will need to join the existing line for human registration. There may or may not be a dedicated line for pre-registration badge pickup, depending on when you arrive, how long the line is, available staff, etc.\r\n\r\n### Cash Purchase\r\n\r\nBadges will be available for purchase on-site at DEF CON. All badge sales are **cash only**. No checks, money orders, credit cards, etc., will be accepted. In order to keep the registration line moving as quickly as possible, please have **exact change** ready as you near the front of the line.\r\n\r\nThere are no refunds given for cash sales. If you have any doubt about your desire to buy a badge, please refrain from doing so.\r\n\r\nWe are unable to provide printed receipts at the time of the sale. A generic receipt for the cash sale of a badge will be made available on media.defcon.org after the conference. You are welcome to print your own copy of the receipt on plain paper.\r\n\r\n### Via BlackHat \r\n\r\nIf you attend BlackHat, it is possible to purchase a DEF CON badge with your BlackHat registration. If you did so, please get your DEF CON badge from BlackHat before they close. \r\n\r\nBlackHat should send you an email with instructions for how to obtain your DEF CON badge. In case you missed it, you can go to the second floor, at the concierge desk, halfway down Black Hat Blvd.\r\n\r\n# Misc\r\n\r\nWant to buy multiple badges? No problem! We're happy to sell you however many badges you want to pay for.\r\n\r\nIf you lose your badge, there is unfortunately no way for us to replace it. You'll have to buy a replacement at full price. Please don't lose your badge. :( \r\n\r\nIf you are being accompanied by a full-time caretaker (such as someone who will push your wheelchair, and will accompany you at all times), please ask to speak to a Registration Goon. Your caretaker will receive a paper badge that will permit them to accompany you everywhere you go.\r\n\r\n# Still need help?\r\n\r\nIf you have questions about anything regarding human registration that are not addressed here, please ask to speak to a Registration Goon.\n\n\n","media":[{"hash_sha256":"8a300e1ae98ec2a54a4a5b4a5378f42ca3196613b8cfeec201265c89f74bada7","filetype":"image/webp","hash_md5":"d5dca56d644276270ebb606349e06742","name":"defcon32preregistrationartc.webp","is_logo":"Y","hash_crc32c":"4ef042a8","filesize":249642,"asset_id":815,"sort_order":1,"url":"https://info.defcon.org/blobs/defcon32preregistrationartc.webp"}],"title":"Human Registration Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T23:00:00Z","end_timestamp":{"seconds":1723417200,"nanoseconds":0},"android_description":"Our human registration process this year will be very similar to previous years. Please be patient. All of the times listed here are **approximate**. \r\n\r\n# Basics\r\n\r\n### Who needs a badge?\r\n\r\nA badge is required for each human age 8 and older.\r\n\r\n### Human?\r\n\r\nYou are a human if you do not know otherwise. People that are not humans include goons, official speaker, village/community/contest/creator staff, press, black badge holders, or similar. If you are not a human, you need to register separately. If you don't know how, see an NFO goon (NFO Node, formerly known as an infobooth, is where you can get help). The remainder of this message applies only to humans.\r\n\r\n### Lines? Linecon?\r\n\r\nLinecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)\r\n\r\nOnline badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales. \r\n\r\nPlease help us make this a great experience for everyone by **following directions given by goons**. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join. \r\n\r\n# Ways to buy a badge\r\n\r\n- $480 [online purchase](https://shop.defcon.org/products/def-con-32-las-vegas-convention-center) until August 1, 2024. Tickets are transferable. Please read the details on the linked page.\r\n- $460 cash purchase on-site.\r\n- As part of a BlackHat registration.\r\n\r\n### Online Purchase\r\n\r\nYou will be emailed a QR code to the email address provided when you bought your badge. Please guard that QR code as though it is cash -- it can only be redeemed once, and anyone can redeem it if they have it (including a photo of it). Badges are picked-up on-site -- they will not be mailed or shipped.\r\n\r\nWe can scan the QR code either from your phone's display or from a printed copy. You **must** have the QR code with you in order to obtain your badge. As you approach the front of the line, if you are going to show your QR code on an electronic device, please ensure that your display is set to maximum brightness. \r\n\r\nIf you pre-registered, but ultimately are unable to attend DEF CON and want to cancel your purchase, the **only** way to get a refund is from the original online source. We are unable to provide any refunds on-site at DEF CON. There is a fee to have your badge canceled: $34 until July 15, and $84 on and after July 15.\r\n\r\nOnline purchases are provided a receipt via email when the purchase is made.\r\n\r\nOnline purchase -- often referred to as pre-registration -- does not allow you to skip any line/queue to pick up your badge. Once you arrive on-site, you will need to join the existing line for human registration. There may or may not be a dedicated line for pre-registration badge pickup, depending on when you arrive, how long the line is, available staff, etc.\r\n\r\n### Cash Purchase\r\n\r\nBadges will be available for purchase on-site at DEF CON. All badge sales are **cash only**. No checks, money orders, credit cards, etc., will be accepted. In order to keep the registration line moving as quickly as possible, please have **exact change** ready as you near the front of the line.\r\n\r\nThere are no refunds given for cash sales. If you have any doubt about your desire to buy a badge, please refrain from doing so.\r\n\r\nWe are unable to provide printed receipts at the time of the sale. A generic receipt for the cash sale of a badge will be made available on media.defcon.org after the conference. You are welcome to print your own copy of the receipt on plain paper.\r\n\r\n### Via BlackHat \r\n\r\nIf you attend BlackHat, it is possible to purchase a DEF CON badge with your BlackHat registration. If you did so, please get your DEF CON badge from BlackHat before they close. \r\n\r\nBlackHat should send you an email with instructions for how to obtain your DEF CON badge. In case you missed it, you can go to the second floor, at the concierge desk, halfway down Black Hat Blvd.\r\n\r\n# Misc\r\n\r\nWant to buy multiple badges? No problem! We're happy to sell you however many badges you want to pay for.\r\n\r\nIf you lose your badge, there is unfortunately no way for us to replace it. You'll have to buy a replacement at full price. Please don't lose your badge. :( \r\n\r\nIf you are being accompanied by a full-time caretaker (such as someone who will push your wheelchair, and will accompany you at all times), please ask to speak to a Registration Goon. Your caretaker will receive a paper badge that will permit them to accompany you everywhere you go.\r\n\r\n# Still need help?\r\n\r\nIf you have questions about anything regarding human registration that are not addressed here, please ask to speak to a Registration Goon.","updated_timestamp":{"seconds":1722991207,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T15:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-07T00:40:07Z","links":[],"end":"2024-08-11T23:00:00.000-0000","id":54481,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723388400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"N","begin":"2024-08-11T15:00:00.000-0000","updated":"2024-08-07T00:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Thursday, Friday, Saturday and Sunday: 05:00 to 08:00, with random pop up meetings throughout the day in the con space.\r\n\r\nDefcon.run is an evolution of the now long running DEF CON 4x5K running event. Due to stupendous growth, we’ve been forced to change up the format. This year's activity will look to match up folks for fun runs, and rucks (!), in small distributed groups around Las Vegas. It’s the same old event but at a distributed scale!\r\n\r\nShow up in the morning, go for a run with folks, have a good time!\r\n\r\nWe’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances. Full Information at https://defcon.run\n\n\n","media":[],"title":"Defcon.run","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-11T15:00:00Z","end_timestamp":{"seconds":1723388400,"nanoseconds":0},"android_description":"Thursday, Friday, Saturday and Sunday: 05:00 to 08:00, with random pop up meetings throughout the day in the con space.\r\n\r\nDefcon.run is an evolution of the now long running DEF CON 4x5K running event. Due to stupendous growth, we’ve been forced to change up the format. This year's activity will look to match up folks for fun runs, and rucks (!), in small distributed groups around Las Vegas. It’s the same old event but at a distributed scale!\r\n\r\nShow up in the morning, go for a run with folks, have a good time!\r\n\r\nWe’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances. Full Information at https://defcon.run","updated_timestamp":{"seconds":1718813049,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T12:00:00Z","timeband_id":1149,"updated_tsz":"2024-06-19T16:04:09Z","links":[{"label":"More Info","type":"link","url":"https://defcon.run"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249585"}],"end":"2024-08-11T15:00:00.000-0000","id":54515,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723377600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-11T12:00:00.000-0000","updated":"2024-06-19T16:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Illuminati Party is excited to open our doors once again to all those who wish to join us at DEF CON for an OPEN party welcoming all of our Hacker Family! Follow us on X (Twitter: @IlluminatiParty)\n\n\n","media":[{"hash_sha256":"526647fe7b7a385b98e5d5aa7e61d3ef5afb96fd5837315b0fc6cf0dc088ff08","filetype":"image/png","hash_md5":"37ae6605775def32e78245abad406a13","name":"pme_illuminati.png","is_logo":"Y","hash_crc32c":"24f75229","filesize":247952,"asset_id":681,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_illuminati.png"}],"title":"The Illuminati Party","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-11T09:00:00Z","end_timestamp":{"seconds":1723366800,"nanoseconds":0},"android_description":"The Illuminati Party is excited to open our doors once again to all those who wish to join us at DEF CON for an OPEN party welcoming all of our Hacker Family! Follow us on X (Twitter: @IlluminatiParty)","updated_timestamp":{"seconds":1718814144,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T04:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T16:22:24Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249538"},{"label":"Website","type":"link","url":"https://illuminatiparty.org"},{"label":"Twitter (@illuminatiparty)","type":"link","url":"https://twitter.com/illuminatiparty"}],"end":"2024-08-11T09:00:00.000-0000","id":54524,"tag_ids":[46363],"village_id":null,"begin_timestamp":{"seconds":1723348800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W303-W304","hotel":"","short_name":"W303-W304","id":46317},"spans_timebands":"Y","begin":"2024-08-11T04:00:00.000-0000","updated":"2024-06-19T16:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"RAA For Workgroups 3.11 is a continuation of the Rent an Assassin series of parties from DC Shenanigans. Based on the World of Assassination from the Hitman video game franchise, RAA has been serving up clandestine client acquisition events in top-secret locations since DC30. This year marks our first-ever official DEF CON event, and we are excited to bring you some of the best DJs (and shenanigans) DEF CON has to offer.\n\n\n","media":[{"hash_sha256":"6da60dea311582544f0de0ed6d955ab2b13d3e7455715cc62d77819dffe444bc","filetype":"image/png","hash_md5":"1dede1c3cb8921e87a5c5ac5b719c269","name":"pme_raa.png","is_logo":"Y","hash_crc32c":"bc81d06b","filesize":44009,"asset_id":684,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_raa.png"}],"title":"RAA for Workgroups 3.11","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-11T09:00:00Z","end_timestamp":{"seconds":1723366800,"nanoseconds":0},"android_description":"RAA For Workgroups 3.11 is a continuation of the Rent an Assassin series of parties from DC Shenanigans. Based on the World of Assassination from the Hitman video game franchise, RAA has been serving up clandestine client acquisition events in top-secret locations since DC30. This year marks our first-ever official DEF CON event, and we are excited to bring you some of the best DJs (and shenanigans) DEF CON has to offer.","updated_timestamp":{"seconds":1718813957,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T04:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T16:19:17Z","links":[{"label":"Twitter (@dcshenanigans)","type":"link","url":"https://twitter.com/dcshenanigans"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249568"},{"label":"Website","type":"link","url":"https://dcshenanigans.com"}],"end":"2024-08-11T09:00:00.000-0000","id":54522,"tag_ids":[46363],"village_id":null,"begin_timestamp":{"seconds":1723348800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W324, W327","hotel":"","short_name":"W322-W324, W327","id":46306},"spans_timebands":"Y","begin":"2024-08-11T04:00:00.000-0000","updated":"2024-06-19T16:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us at the Hack Shack Saturday night from 21:00-02:00 in room 208 for an evening full of exploits and fun! Enjoy some byte-sized bites, groove to our cyber beats, and mingle with the best in the bug bounty biz. Stop by Intigriti's booth in Exhibitors area before the party and grab a scratch card for your chance to win a free drink! Don't miss out on this bug bounty bonanza!\n\n\n","media":[{"hash_sha256":"bf7f7e09674f432b33d4efbd5f64ee3dbaceeb809e5009e2be58090b364f8099","filetype":"image/png","hash_md5":"47a8dcfbf7547f48f39a8b7a7baeaf2b","name":"pme_intigriti.png","is_logo":"Y","hash_crc32c":"dc4ece55","filesize":69990,"asset_id":699,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_intigriti.png"}],"title":"Intigriti Hack Shack","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-11T09:00:00Z","end_timestamp":{"seconds":1723366800,"nanoseconds":0},"android_description":"Join us at the Hack Shack Saturday night from 21:00-02:00 in room 208 for an evening full of exploits and fun! Enjoy some byte-sized bites, groove to our cyber beats, and mingle with the best in the bug bounty biz. Stop by Intigriti's booth in Exhibitors area before the party and grab a scratch card for your chance to win a free drink! Don't miss out on this bug bounty bonanza!","updated_timestamp":{"seconds":1718813366,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T04:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T16:09:26Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249574"}],"end":"2024-08-11T09:00:00.000-0000","id":54520,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723348800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"Y","begin":"2024-08-11T04:00:00.000-0000","updated":"2024-06-19T16:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Welcome to VETCON, the DEFCON Community event and of course, THE VETCON Party where veterans, active duty military, and even civilians looking for a taste of the action come together for a cyber rendezvous. Because let's face it, sometimes you need a little civilian perspective to hack the system!\n\n\n","media":[{"hash_sha256":"63c681684ad6549ac831241dee220076649c0069996e7a01918362399b97298b","filetype":"image/png","hash_md5":"7ec0be52b0f1e42d5a6de220c198214d","name":"pme_vetcon.png","is_logo":"Y","hash_crc32c":"8adc3c61","filesize":159966,"asset_id":688,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_vetcon.png"}],"title":"VETCON","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-11T09:00:00Z","end_timestamp":{"seconds":1723366800,"nanoseconds":0},"android_description":"Welcome to VETCON, the DEFCON Community event and of course, THE VETCON Party where veterans, active duty military, and even civilians looking for a taste of the action come together for a cyber rendezvous. Because let's face it, sometimes you need a little civilian perspective to hack the system!","updated_timestamp":{"seconds":1718775123,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T04:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T05:32:03Z","links":[{"label":"More Info","type":"link","url":"https://vetconactual.com/"},{"label":"Twitter (@vetcon_command)","type":"link","url":"https://twitter.com/vetcon_command"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249546"}],"end":"2024-08-11T09:00:00.000-0000","id":54494,"tag_ids":[46363],"village_id":null,"begin_timestamp":{"seconds":1723348800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46251,"name":"LVCC - L1 - W106-W109 (Chillout 1)","hotel":"","short_name":"W106-W109 (Chillout 1)","id":46309},"spans_timebands":"Y","begin":"2024-08-11T04:00:00.000-0000","updated":"2024-06-19T05:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come party with Jack Rhysider at the Darknet Diaries Masquerade party! You're not going to want to miss this event as there will be free swag, killer music, interactive exhibits, and of course Jack Rhysider.\n\n\n","media":[{"hash_sha256":"9c2ef047ca48b42f7ea1f97b043622c4c14a0aa65786827356bcd1dec4720d46","filetype":"image/png","hash_md5":"c1d76b33963f641c6927799ad26ee73e","name":"pme_jack_rhysider.png","is_logo":"Y","hash_crc32c":"7efa16cd","filesize":227096,"asset_id":695,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_jack_rhysider.png"}],"title":"Jack Rhysider Masquerade Party","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-11T08:00:00Z","end_timestamp":{"seconds":1723363200,"nanoseconds":0},"android_description":"Come party with Jack Rhysider at the Darknet Diaries Masquerade party! You're not going to want to miss this event as there will be free swag, killer music, interactive exhibits, and of course Jack Rhysider.","updated_timestamp":{"seconds":1721321817,"nanoseconds":0},"speakers":[{"content_ids":[54147],"conference_id":133,"event_ids":[54491],"name":"Jack Rhysider","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@jackrhysider)","sort_order":0,"url":"https://twitter.com/jackrhysider"}],"media":[],"id":54675}],"begin_tsz":"2024-08-11T04:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-18T16:56:57Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249485"},{"label":"Twitter (@jackrhysider)","type":"link","url":"https://twitter.com/jackrhysider"},{"label":"Website","type":"link","url":"https://darknetdiaries.com/party"}],"end":"2024-08-11T08:00:00.000-0000","id":54491,"tag_ids":[46363],"village_id":null,"begin_timestamp":{"seconds":1723348800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":54675}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W325 - W326","hotel":"","short_name":"W325 - W326","id":46312},"spans_timebands":"Y","begin":"2024-08-11T04:00:00.000-0000","updated":"2024-07-18T16:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The increased dependency on the digital life to participate in society means, digital life is real life. With that, the consequences of failure in confidentiality, integrity and availability of our digital self, can have dire consequences. So, I threat modelled living in 2024; and it’s more fragile than I thought!\r\n\r\nHow digitally resilient do you think you are?\r\n\r\nLet’s talk about that, and some things we can do about it.\n\n\n","media":[],"title":"What!? Is my life that fragile?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T03:35:00Z","end_timestamp":{"seconds":1723347300,"nanoseconds":0},"android_description":"The increased dependency on the digital life to participate in society means, digital life is real life. With that, the consequences of failure in confidentiality, integrity and availability of our digital self, can have dire consequences. So, I threat modelled living in 2024; and it’s more fragile than I thought!\r\n\r\nHow digitally resilient do you think you are?\r\n\r\nLet’s talk about that, and some things we can do about it.","updated_timestamp":{"seconds":1722445977,"nanoseconds":0},"speakers":[{"content_ids":[55697],"conference_id":133,"event_ids":[56220],"name":"hoodiePony","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":"they/them","media":[],"id":56068}],"begin_tsz":"2024-08-11T03:05:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:12:57Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-11T03:35:00.000-0000","id":56220,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723345500,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56068}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-11T03:05:00.000-0000","updated":"2024-07-31T17:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The AI Village and Blue Team Village Pool Party will feature free tacos, cash bars, sponsor cabanas, with entertainment by DJ R.O.C.K.M.A.N. and \"Dunk A Fed\" benefitting Blacks in Cyber and Women in Security and Privacy. Sahara Azilo Pool, Saturday, August 10, 8pm to midnight. DEF CON badge required for entry. All ages. Visit Blacks In Cyber Village or WISP at DEF CON for your Dunk A Fed raffle ticket.\n\n\n","media":[],"title":"AIV + BTV Pool Party featuring DUNK-A-FED","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-11T06:59:59Z","end_timestamp":{"seconds":1723359599,"nanoseconds":0},"android_description":"The AI Village and Blue Team Village Pool Party will feature free tacos, cash bars, sponsor cabanas, with entertainment by DJ R.O.C.K.M.A.N. and \"Dunk A Fed\" benefitting Blacks in Cyber and Women in Security and Privacy. Sahara Azilo Pool, Saturday, August 10, 8pm to midnight. DEF CON badge required for entry. All ages. Visit Blacks In Cyber Village or WISP at DEF CON for your Dunk A Fed raffle ticket.","updated_timestamp":{"seconds":1723185185,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T03:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T06:33:05Z","links":[],"end":"2024-08-11T06:59:00.000-0000","id":56857,"tag_ids":[46363,46368,46373],"village_id":null,"begin_timestamp":{"seconds":1723345200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-11T03:00:00.000-0000","updated":"2024-08-09T06:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"- 20:00 - 21:00 - Kampf\r\n- 21:00 - 22:00 - mattrix\r\n- 22:00 - 23:00 - Dr. McGrew\r\n- 23:00 - 00:00 - Magik Plan\r\n- 00:00 - 01:00 - Syntax (DJ) + Luna (VJ)\r\n- 01:00 - 02:00 - N8\n\n\n","media":[{"hash_sha256":"a80728936f0af73b04b422b3a85afef988a246a4f3f31c1e863cfb506c6f1cef","filetype":"image/png","hash_md5":"40faa20781592f35d20948c7c608458a","name":"dc32_ae_flyer_saturday_v2.png","is_logo":"Y","hash_crc32c":"a28e08e1","filesize":270408,"asset_id":820,"sort_order":0,"url":"https://info.defcon.org/blobs/dc32_ae_flyer_saturday_v2.png"}],"title":"Music Set / Entertainment (Cyberpunk Bar Saturday, ACK Stage)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#2d40ff","name":"Entertainment","updated_tsz":"2024-08-04T15:14:13Z","id":46737},"end_tsz":"2024-08-11T09:00:00Z","end_timestamp":{"seconds":1723366800,"nanoseconds":0},"android_description":"- 20:00 - 21:00 - Kampf\r\n- 21:00 - 22:00 - mattrix\r\n- 22:00 - 23:00 - Dr. McGrew\r\n- 23:00 - 00:00 - Magik Plan\r\n- 00:00 - 01:00 - Syntax (DJ) + Luna (VJ)\r\n- 01:00 - 02:00 - N8","updated_timestamp":{"seconds":1721791183,"nanoseconds":0},"speakers":[{"content_ids":[55326,54479,54212],"conference_id":133,"event_ids":[55718,54585,54852],"name":"Wesley McGrew","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MartinFederal","title":"Senior Cybersecurity Fellow"}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@mcgrew@defcon.social)","sort_order":0,"url":"https://defcon.social/@mcgrew"},{"description":"","title":"MixCloud","sort_order":0,"url":"https://www.mixcloud.com/wesmcgrew/stream/"},{"description":"","title":"Twitter (@McGrewSecurity)","sort_order":0,"url":"https://twitter.com/McGrewSecurity"}],"media":[],"id":54044,"title":"Senior Cybersecurity Fellow at MartinFederal"},{"content_ids":[55326],"conference_id":133,"event_ids":[55718],"name":"Kampf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55897},{"content_ids":[55326],"conference_id":133,"event_ids":[55718],"name":"Magik Plan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55898},{"content_ids":[55326],"conference_id":133,"event_ids":[55718],"name":"mattrix","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55899},{"content_ids":[55326],"conference_id":133,"event_ids":[55718],"name":"N8","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55902},{"content_ids":[55326],"conference_id":133,"event_ids":[55718],"name":"Syntax (DJ) + Luna (VJ)","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55912}],"begin_tsz":"2024-08-11T03:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T03:19:43Z","links":[{"label":"Instagram","type":"link","url":"https://www.instagram.com/defcon_music/"},{"label":"Twitter (@defcon_music)","type":"link","url":"https://twitter.com/defcon_music"},{"label":"DEF CON Music Website","type":"link","url":"https://defconmusic.org"},{"label":"Mastodon (@Defcon_Music@defcon.social)","type":"link","url":"https://defcon.social/@Defcon_Music"}],"end":"2024-08-11T09:00:00.000-0000","id":55718,"tag_ids":[46737],"village_id":null,"begin_timestamp":{"seconds":1723345200,"nanoseconds":0},"includes":"","people":[{"tag_id":46486,"sort_order":2,"person_id":54044},{"tag_id":46486,"sort_order":4,"person_id":55912},{"tag_id":46486,"sort_order":6,"person_id":55902},{"tag_id":46486,"sort_order":8,"person_id":55899},{"tag_id":46486,"sort_order":10,"person_id":55898},{"tag_id":46486,"sort_order":12,"person_id":55897}],"tags":"","conference_id":133,"location":{"parent_id":46334,"name":"LVCC - L1 - North Lobby Contests/ACK Stage","hotel":"","short_name":"North Lobby Contests/ACK Stage","id":46332},"spans_timebands":"Y","begin":"2024-08-11T03:00:00.000-0000","updated":"2024-07-24T03:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"- 20:00 - 21:00 - DJ Scythe\r\n- 21:00 - 22:00 - Grindhaus Selektor\r\n- 22:00 - 23:00 - Skittish and Bus\r\n- 23:00 - 00:00 - Miss Jackalope\r\n- 00:00 - 01:00 - O'Craven Celtic Pirate Band\r\n- 01:00 - 01:15 - Costume Contest\r\n- 01:15 - 02:00 - Ninjula\n\n\n","media":[{"hash_sha256":"a80728936f0af73b04b422b3a85afef988a246a4f3f31c1e863cfb506c6f1cef","filetype":"image/png","hash_md5":"40faa20781592f35d20948c7c608458a","name":"dc32_ae_flyer_saturday_v2.png","is_logo":"Y","hash_crc32c":"a28e08e1","filesize":270408,"asset_id":820,"sort_order":1,"url":"https://info.defcon.org/blobs/dc32_ae_flyer_saturday_v2.png"}],"title":"Music Set / Entertainment (Pirate's Night For Me! Saturday, SYN Stage)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#2d40ff","name":"Entertainment","updated_tsz":"2024-08-04T15:14:13Z","id":46737},"end_tsz":"2024-08-11T09:00:00Z","end_timestamp":{"seconds":1723366800,"nanoseconds":0},"android_description":"- 20:00 - 21:00 - DJ Scythe\r\n- 21:00 - 22:00 - Grindhaus Selektor\r\n- 22:00 - 23:00 - Skittish and Bus\r\n- 23:00 - 00:00 - Miss Jackalope\r\n- 00:00 - 01:00 - O'Craven Celtic Pirate Band\r\n- 01:00 - 01:15 - Costume Contest\r\n- 01:15 - 02:00 - Ninjula","updated_timestamp":{"seconds":1721791193,"nanoseconds":0},"speakers":[{"content_ids":[55324,55325],"conference_id":133,"event_ids":[55716,55717],"name":"Costume Contest","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55884},{"content_ids":[55325],"conference_id":133,"event_ids":[55717],"name":"DJ Scythe","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55889},{"content_ids":[55325],"conference_id":133,"event_ids":[55717],"name":"Grindhaus Selektor","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55895},{"content_ids":[55325],"conference_id":133,"event_ids":[55717],"name":"Miss Jackalope","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55901},{"content_ids":[55325],"conference_id":133,"event_ids":[55717],"name":"Ninjula","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55903},{"content_ids":[55325],"conference_id":133,"event_ids":[55717],"name":"O'Craven Celtic Pirate Band","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55904},{"content_ids":[55325],"conference_id":133,"event_ids":[55717],"name":"Skittish and Bus","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55910}],"begin_tsz":"2024-08-11T03:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T03:19:53Z","links":[{"label":"Mastodon (@Defcon_Music@defcon.social)","type":"link","url":"https://defcon.social/@Defcon_Music"},{"label":"DEF CON Music Website","type":"link","url":"https://defconmusic.org"},{"label":"Twitter (@defcon_music)","type":"link","url":"https://twitter.com/defcon_music"},{"label":"Instagram","type":"link","url":"https://www.instagram.com/defcon_music/"}],"end":"2024-08-11T09:00:00.000-0000","id":55717,"tag_ids":[46737],"village_id":null,"begin_timestamp":{"seconds":1723345200,"nanoseconds":0},"includes":"","people":[{"tag_id":46486,"sort_order":2,"person_id":55910},{"tag_id":46486,"sort_order":4,"person_id":55904},{"tag_id":46486,"sort_order":6,"person_id":55903},{"tag_id":46486,"sort_order":8,"person_id":55901},{"tag_id":46486,"sort_order":10,"person_id":55895},{"tag_id":46486,"sort_order":12,"person_id":55889},{"tag_id":46486,"sort_order":14,"person_id":55884}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W231-W233 (Chillout 2)","hotel":"","short_name":"W231-W233 (Chillout 2)","id":46316},"spans_timebands":"Y","begin":"2024-08-11T03:00:00.000-0000","updated":"2024-07-24T03:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Hacker Jeopardy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T05:00:00Z","end_timestamp":{"seconds":1723352400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1720319460,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T03:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T02:31:00Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249351"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249350"},{"label":"Twitter (@HackerJeopardy)","type":"link","url":"https://twitter.com/HackerJeopardy"}],"end":"2024-08-11T05:00:00.000-0000","id":54890,"tag_ids":[46427,46439,46509],"village_id":null,"begin_timestamp":{"seconds":1723345200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01:02 (Tracks 1-2)","hotel":"","short_name":"HW1-11-01:02 (Tracks 1-2)","id":46320},"spans_timebands":"N","begin":"2024-08-11T03:00:00.000-0000","updated":"2024-07-07T02:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"DEF CON Movie Night","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-11T06:59:00Z","end_timestamp":{"seconds":1723359540,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1718567253,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T03:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-16T19:47:33Z","links":[],"end":"2024-08-11T06:59:00.000-0000","id":54527,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723345200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W320","hotel":"","short_name":"W320","id":46299},"spans_timebands":"N","begin":"2024-08-11T03:00:00.000-0000","updated":"2024-06-16T19:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We are the event to go to if you want to hang out, enjoy the festivities, sing along, and show ones hidden talent.\n\n\n","media":[{"hash_sha256":"9dc542b73ed2f180e9da92ab6b96c13fdbf77524457592bb5909be0995f48bd8","filetype":"image/png","hash_md5":"9397f4fba28c3ec1eb0298b7768f7f87","name":"pme_hackerkaraoke.png","is_logo":"Y","hash_crc32c":"83073e75","filesize":10913,"asset_id":679,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_hackerkaraoke.png"}],"title":"Hacker Karaoke","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-11T09:00:00Z","end_timestamp":{"seconds":1723366800,"nanoseconds":0},"android_description":"We are the event to go to if you want to hang out, enjoy the festivities, sing along, and show ones hidden talent.","updated_timestamp":{"seconds":1718812577,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T03:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T15:56:17Z","links":[{"label":"Website","type":"link","url":"https://www.hackerkaraoke.org/"},{"label":"Twitter (@hackerkaraoke)","type":"link","url":"https://twitter.com/hackerkaraoke"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249524"}],"end":"2024-08-11T09:00:00.000-0000","id":54506,"tag_ids":[46363,46886],"village_id":null,"begin_timestamp":{"seconds":1723345200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"Y","begin":"2024-08-11T03:00:00.000-0000","updated":"2024-06-19T15:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Shifting left in Reversing apk by converting smali to java","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T02:50:00Z","end_timestamp":{"seconds":1723344600,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722445954,"nanoseconds":0},"speakers":[{"content_ids":[55696],"conference_id":133,"event_ids":[56219],"name":"Just Tulpa","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":"he/him","media":[],"id":56067}],"begin_tsz":"2024-08-11T02:35:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:12:34Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-11T02:50:00.000-0000","id":56219,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723343700,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56067}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-11T02:35:00.000-0000","updated":"2024-07-31T17:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Party with DEF CON NextGen. Enjoy some music, and some good conversation with other young DEF CON attendees!\n\n\n","media":[{"hash_sha256":"1660edaca21c76279b6887ea499fc7cba4a5c1f6878d4155e04a767d8a9c284e","filetype":"image/png","hash_md5":"94aafd208c3ef8ee73253ab95df55e13","name":"pme_dcnextgen.png","is_logo":"Y","hash_crc32c":"cf26ebac","filesize":85383,"asset_id":675,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_dcnextgen.png"}],"title":"DC Next Gen party","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-11T05:00:00Z","end_timestamp":{"seconds":1723352400,"nanoseconds":0},"android_description":"Party with DEF CON NextGen. Enjoy some music, and some good conversation with other young DEF CON attendees!","updated_timestamp":{"seconds":1718775659,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T02:30:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T05:40:59Z","links":[{"label":"Mastodon (@defconnextgen@defcon.social)","type":"link","url":"https://defcon.social/@defconnextgen"},{"label":"Twitter (@DEFCONNextGen)","type":"link","url":"https://twitter.com/DEFCONNextGen"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249532"}],"end":"2024-08-11T05:00:00.000-0000","id":54497,"tag_ids":[46363,46398],"village_id":null,"begin_timestamp":{"seconds":1723343400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W228","hotel":"","short_name":"W228","id":46505},"spans_timebands":"N","begin":"2024-08-11T02:30:00.000-0000","updated":"2024-06-19T05:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Who cashed my check?! Catching (Very Obvious) Fraudsters","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T02:30:00Z","end_timestamp":{"seconds":1723343400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722445941,"nanoseconds":0},"speakers":[{"content_ids":[55695],"conference_id":133,"event_ids":[56218],"name":"Squiddy","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/they","links":[{"description":"","title":"Instagram","sort_order":0,"url":"https://www.instagram.com/0xhegemon1c"},{"description":"","title":"Mastodon (@teuthida@defcon.social)","sort_order":0,"url":"https://defcon.social/@teuthida"}],"media":[],"id":56066}],"begin_tsz":"2024-08-11T02:05:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:12:21Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-11T02:30:00.000-0000","id":56218,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723341900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56066}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-11T02:05:00.000-0000","updated":"2024-07-31T17:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Diana Initiative is hosting a meetup where we’d love to get all the gender non conforming, non-binary and women attendees together to hang out and make friends! DEF CON is better with friends.\n\n\n","media":[{"hash_sha256":"10cdc5214560ac0ed664a5ea16e7bd13a107db631614b1e97ed7e86d7fef629b","filetype":"image/png","hash_md5":"429647f628918052706c0fbc45153055","name":"pme_diana.png","is_logo":"Y","hash_crc32c":"89533925","filesize":46031,"asset_id":677,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_diana.png"}],"title":"Women, gender non-conforming and non-binary meetup with The Diana Initiative","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-11T04:00:00Z","end_timestamp":{"seconds":1723348800,"nanoseconds":0},"android_description":"The Diana Initiative is hosting a meetup where we’d love to get all the gender non conforming, non-binary and women attendees together to hang out and make friends! DEF CON is better with friends.","updated_timestamp":{"seconds":1719245515,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T02:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-24T16:11:55Z","links":[{"label":"Twitter (@dianainitiative)","type":"link","url":"https://twitter.com/dianainitiative"},{"label":"Website","type":"link","url":"https://dianainitiative.org"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249543"}],"end":"2024-08-11T04:00:00.000-0000","id":54495,"tag_ids":[46364],"village_id":null,"begin_timestamp":{"seconds":1723341600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W305-W306","hotel":"","short_name":"W305-W306","id":46308},"spans_timebands":"N","begin":"2024-08-11T02:00:00.000-0000","updated":"2024-06-24T16:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Feet Feud (Hacker Family Feud) is a Cybersecurity-themed Family Feud style game arranged by members of the OnlyFeet CTF team and hosted by Toeb3rius (aka Tib3rius). Both survey questions and their answers are crowd-sourced from the Cybersecurity community. Two teams (Left Foot and Right Foot) captained by members of OnlyFeet and comprised of audience members go head to head, trying to figure out the top answers to the survey questions.\r\n\r\nAttendees can either watch the game or volunteer to play on one of the two teams. Audience participation is also encouraged if either of the two teams fails to get every answer of a survey question.\r\n\r\nUltimately Feet Feud is about having a laugh, watching people in the industry attempt to figure out what randomly surveyed people from the Cybersecurity community put as answers to a number of security / tech related questions.\n\n\n","media":[{"hash_sha256":"9bb80a623a71a30dd319ef669ae771ceb4b4ee0d98fdf1f44a50f4b9fafa5a32","filetype":"image/png","hash_md5":"b1ebaf0ad5603c5f1d981867da53d3df","name":"pme_FeetFeud.png","is_logo":"Y","hash_crc32c":"f2e8a4e2","filesize":297331,"asset_id":703,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_FeetFeud.png"}],"title":"Feet Feud (Hacker Family Feud)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T02:30:00Z","end_timestamp":{"seconds":1723343400,"nanoseconds":0},"android_description":"Feet Feud (Hacker Family Feud) is a Cybersecurity-themed Family Feud style game arranged by members of the OnlyFeet CTF team and hosted by Toeb3rius (aka Tib3rius). Both survey questions and their answers are crowd-sourced from the Cybersecurity community. Two teams (Left Foot and Right Foot) captained by members of OnlyFeet and comprised of audience members go head to head, trying to figure out the top answers to the survey questions.\r\n\r\nAttendees can either watch the game or volunteer to play on one of the two teams. Audience participation is also encouraged if either of the two teams fails to get every answer of a survey question.\r\n\r\nUltimately Feet Feud is about having a laugh, watching people in the industry attempt to figure out what randomly surveyed people from the Cybersecurity community put as answers to a number of security / tech related questions.","updated_timestamp":{"seconds":1718858746,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T01:30:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T04:45:46Z","links":[{"label":"Survey","type":"link","url":"https://forms.gle/Thebx1vksze9fVsbA"}],"end":"2024-08-11T02:30:00.000-0000","id":54532,"tag_ids":[46427,46439,46440],"village_id":null,"begin_timestamp":{"seconds":1723339800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01:02 (Tracks 1-2)","hotel":"","short_name":"HW1-11-01:02 (Tracks 1-2)","id":46320},"spans_timebands":"N","begin":"2024-08-11T01:30:00.000-0000","updated":"2024-06-20T04:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[{"hash_sha256":"42942f2f0d75cd05a694bb9d4031dbbd4d0a6949e073116c271141f3cf5d53e8","filetype":"image/png","hash_md5":"e08c3b9a3211a2fe5a24ef021c1e2210","name":"pme_policy_mixer.png","is_logo":"Y","hash_crc32c":"1e6e3fad","filesize":181661,"asset_id":700,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_policy_mixer.png"}],"title":"Policy Mixer @ DEF CON","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-11T05:30:00Z","end_timestamp":{"seconds":1723354200,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1718567333,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T01:30:00Z","timeband_id":1148,"updated_tsz":"2024-06-16T19:48:53Z","links":[],"end":"2024-08-11T05:30:00.000-0000","id":54531,"tag_ids":[46364,46388],"village_id":null,"begin_timestamp":{"seconds":1723339800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-11T01:30:00.000-0000","updated":"2024-06-16T19:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"EFF's team of technology experts have crafted challenging trivia about the fascinating, obscure, and trivial aspects of digital security, online rights, and Internet culture. Competing teams will plumb the unfathomable depths of their knowledge, but only the champion hive mind will claim the First Place Tech Trivia Trophy and EFF swag pack. The second and third place teams will also win great EFF gear.\n\n\n","media":[{"hash_sha256":"4ef499771df587138102fc48a9d8a2116f266c0cb4657c37983aa6139d7ba5b8","filetype":"image/png","hash_md5":"cec5885ad1fbb77d5777e5c2e1b9165c","name":"pme_EFFTechTrivia.png","is_logo":"Y","hash_crc32c":"2a111d67","filesize":152880,"asset_id":822,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_EFFTechTrivia.png"}],"title":"EFF Tech Trivia","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-11T04:30:00Z","end_timestamp":{"seconds":1723350600,"nanoseconds":0},"android_description":"EFF's team of technology experts have crafted challenging trivia about the fascinating, obscure, and trivial aspects of digital security, online rights, and Internet culture. Competing teams will plumb the unfathomable depths of their knowledge, but only the champion hive mind will claim the First Place Tech Trivia Trophy and EFF swag pack. The second and third place teams will also win great EFF gear.","updated_timestamp":{"seconds":1722303463,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T01:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T01:37:43Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249571"},{"label":"Twitter (@eff)","type":"link","url":"https://twitter.com/eff"},{"label":"More Info","type":"link","url":"http://eff.org/techtrivia"}],"end":"2024-08-11T04:30:00.000-0000","id":54521,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723339800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W307-W308","hotel":"","short_name":"W307-W308","id":46311},"spans_timebands":"N","begin":"2024-08-11T01:30:00.000-0000","updated":"2024-07-30T01:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Something something Meshtastic Pip-Boy Personal Mesh with 150 km reach","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T02:05:00Z","end_timestamp":{"seconds":1723341900,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722445927,"nanoseconds":0},"speakers":[{"content_ids":[55694],"conference_id":133,"event_ids":[56217],"name":"Giglio","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Mastodon (@giglio@defcon.social)","sort_order":0,"url":"https://defcon.social/@giglio"},{"description":"","title":"Mastodon (@larrybiggs@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@larrybiggs"}],"media":[],"id":56065}],"begin_tsz":"2024-08-11T01:05:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:12:07Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-11T02:05:00.000-0000","id":56217,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723338300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56065}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-11T01:05:00.000-0000","updated":"2024-07-31T17:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Its time to ask the question: “Where do we go from here?” Join SEC Village founders, Snow & JC to have a heart to heart about how we shape the future of the SEC. If you’re looking for how to get involved, or have ideas for the village, be here! We need you and want to hear from you!\n\n\n","media":[],"title":"Presentation: It Takes a Village...","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Its time to ask the question: “Where do we go from here?” Join SEC Village founders, Snow & JC to have a heart to heart about how we shape the future of the SEC. If you’re looking for how to get involved, or have ideas for the village, be here! We need you and want to hear from you!","updated_timestamp":{"seconds":1722102958,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T00:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T17:55:58Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55835,"tag_ids":[46393,46511],"village_id":null,"begin_timestamp":{"seconds":1723336200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-11T00:30:00.000-0000","updated":"2024-07-27T17:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Meet the minds behind a decade of acclaimed web security research. Whether you'd like to query our thoughts on technical matters or career decisions, share something cool you've found, flood us with Burp Suite feature requests, or simply say hi, this is your chance! We're also giving three presentations at DEF CON so if you'd like to treat this as an extended Q&A for those, that's cool too. Please note this session may be chaotic.\n\n\n","media":[],"title":"Meet the PortSwigger Research team (Q/A)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Meet the minds behind a decade of acclaimed web security research. Whether you'd like to query our thoughts on technical matters or career decisions, share something cool you've found, flood us with Burp Suite feature requests, or simply say hi, this is your chance! We're also giving three presentations at DEF CON so if you'd like to treat this as an extended Q&A for those, that's cool too. Please note this session may be chaotic.","updated_timestamp":{"seconds":1721437797,"nanoseconds":0},"speakers":[{"content_ids":[54444,55173],"conference_id":133,"event_ids":[55561,54817],"name":"James \"albinowax\" Kettle","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"PortSwigger","title":"Director of Research"}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@albinowax@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@albinowax"},{"description":"","title":"Twitter (@albinowax)","sort_order":0,"url":"https://twitter.com/albinowax"},{"description":"","title":"Website","sort_order":0,"url":"https://jameskettle.com/"}],"media":[],"id":54156,"title":"Director of Research at PortSwigger"},{"content_ids":[54519,55173],"conference_id":133,"event_ids":[55561,54892],"name":"Gareth Heyes","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"PortSwigger","title":"Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@garethheyes)","sort_order":0,"url":"https://twitter.com/garethheyes"},{"description":"","title":"garethheyes.co.uk/","sort_order":0,"url":"https://garethheyes.co.uk/"}],"media":[],"id":54158,"title":"Researcher at PortSwigger"},{"content_ids":[54481,55173],"conference_id":133,"event_ids":[55561,54854],"name":"Martin Doyhenard","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Portswigger","title":"Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@tincho_508)","sort_order":0,"url":"https://twitter.com/tincho_508"}],"media":[],"id":54190,"title":"Security Researcher at Portswigger"}],"begin_tsz":"2024-08-11T00:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T01:09:57Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#meet-the-portswigger-research-team"}],"end":"2024-08-11T01:00:00.000-0000","id":55561,"tag_ids":[46374,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723336200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54190},{"tag_id":46167,"sort_order":4,"person_id":54156},{"tag_id":46167,"sort_order":6,"person_id":54158}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-11T00:30:00.000-0000","updated":"2024-07-20T01:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"I recently googled the meaning of “encryption” and found this definition on Wikipedia: “In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext.” Um…no, encoding produces code, enciphering produces ciphertext, encryption is more than just encoding, and so on. Given the jumbling together of historically very unique and significant terminology I set out to find the actual, historical definitions and try to find a way to teach and/or demonstrate the differences in the foundational forms of cryptography. But I quickly noticed that some of this terminology is so often mis-applied in our digital age that I wondered if maybe there has been an evolution of the meanings of these terms? I might not like it, but I’m open to that possibility. This very quickly led me to the conclusion that my research on this topic would make for an interesting talk and so here we are. I want to share the classical, historical forms of cryptography, discuss the etymology of the terminology, look at how the words apply today – and help the audience decide if the actual meanings even matter (or it’s just me). One important consideration is the tradeoff between keeping the data secret (security) and protecting the identity of individuals associated with the data (privacy). I hope you’ll join me in this journey to victory (or defeat) in the ongoing battle of preserving the classic goals and objectives of data security.\n\n\n","media":[],"title":"GUR RIBYHGVBA BS PELCGBTENCUL","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"I recently googled the meaning of “encryption” and found this definition on Wikipedia: “In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext.” Um…no, encoding produces code, enciphering produces ciphertext, encryption is more than just encoding, and so on. Given the jumbling together of historically very unique and significant terminology I set out to find the actual, historical definitions and try to find a way to teach and/or demonstrate the differences in the foundational forms of cryptography. But I quickly noticed that some of this terminology is so often mis-applied in our digital age that I wondered if maybe there has been an evolution of the meanings of these terms? I might not like it, but I’m open to that possibility. This very quickly led me to the conclusion that my research on this topic would make for an interesting talk and so here we are. I want to share the classical, historical forms of cryptography, discuss the etymology of the terminology, look at how the words apply today – and help the audience decide if the actual meanings even matter (or it’s just me). One important consideration is the tradeoff between keeping the data secret (security) and protecting the identity of individuals associated with the data (privacy). I hope you’ll join me in this journey to victory (or defeat) in the ongoing battle of preserving the classic goals and objectives of data security.","updated_timestamp":{"seconds":1720331871,"nanoseconds":0},"speakers":[{"content_ids":[54639],"conference_id":133,"event_ids":[55013],"name":"Jeff Man","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54247}],"begin_tsz":"2024-08-11T00:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:51Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55013,"tag_ids":[46377,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723336200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54247}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-11T00:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"From protecting Aircraft Software Parts to authenticating aircraft to ground networks, aircraft use PKI in their day-to-day operations. In this talk we will cover the typical use cases, technologies, and regulations in play and touch upon the emerging threat of the Post-Quantum world and what it could mean for the protection of embedded software we find on aircraft.\n\n\n","media":[],"title":"A dive into world of Aircraft PKI","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"From protecting Aircraft Software Parts to authenticating aircraft to ground networks, aircraft use PKI in their day-to-day operations. In this talk we will cover the typical use cases, technologies, and regulations in play and touch upon the emerging threat of the Post-Quantum world and what it could mean for the protection of embedded software we find on aircraft.","updated_timestamp":{"seconds":1720331871,"nanoseconds":0},"speakers":[{"content_ids":[54637],"conference_id":133,"event_ids":[55011],"name":"Matt Gaffney","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"United Airlines","title":"Principal Engineer, Aircraft Cyber Operations"}],"links":[],"pronouns":null,"media":[],"id":54292,"title":"Principal Engineer, Aircraft Cyber Operations at United Airlines"}],"begin_tsz":"2024-08-11T00:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:51Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55011,"tag_ids":[46366,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723336200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54292}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-11T00:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"For years, eFuse-based memories were used to store sensitive information such as encryption keys, passwords, and other potentially confidential pieces of information. This practice was encouraged by several vendors who leverage such memory types for protecting the debugging interfaces using a password or for official way to store encryption keys for external flash memories.\r\n\r\nHowever, with the advances in technology and threat actors’ creativity, eFuse-based memories may take a hard hit on their confidentiality assurance as their physical properties could allow for a relatively easy extraction of the stored information. \r\n\r\nIn this talk we will walk you through the journey of revealing one such data storage from decapsulating the chip itself, delayering it using common household items all the way to using advanced tools such as Scanning Electron Microscope (SEM) to read value of an encryption key and thus break the confidentiality of the encrypted flash memory.\r\n\r\n1. \"Solving Chip Security's Weakest Link.\" Design & Reuse, April 1, 2023, [link](https://www.design-reuse.com/articles/51232/solving-chip-security-s-weakest-link.html)\r\n2. Laurie, Adam. \"Fun with Masked ROMs - Atmel MARC4.\" Adams Blog, rfidiot.org, 1 Jan. 2013, [link](http://adamsblog.rfidiot.org/2013/01/fun-with-masked-roms.html)\r\n3. Hoover, William. \"Looking Inside a 1970s PROM Chip That Could Change Computing.\" RightO, 19 July 2019, [link](http://www.righto.com/2019/07/looking-inside-1970s-prom-chip-that.html)\r\n4. Chen, Nick. \"The Benefits of Antifuse OTP.\" Semiconductor Engineering, 19 Dec. 2016, [link](https://semiengineering.com/the-benefits-of-antifuse-otp/)\r\n\n\n\n","media":[],"title":"Nano-Enigma: Uncovering the Secrets Within eFuse Memories","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T01:15:00Z","end_timestamp":{"seconds":1723338900,"nanoseconds":0},"android_description":"For years, eFuse-based memories were used to store sensitive information such as encryption keys, passwords, and other potentially confidential pieces of information. This practice was encouraged by several vendors who leverage such memory types for protecting the debugging interfaces using a password or for official way to store encryption keys for external flash memories.\r\n\r\nHowever, with the advances in technology and threat actors’ creativity, eFuse-based memories may take a hard hit on their confidentiality assurance as their physical properties could allow for a relatively easy extraction of the stored information. \r\n\r\nIn this talk we will walk you through the journey of revealing one such data storage from decapsulating the chip itself, delayering it using common household items all the way to using advanced tools such as Scanning Electron Microscope (SEM) to read value of an encryption key and thus break the confidentiality of the encrypted flash memory.\r\n\r\n1. \"Solving Chip Security's Weakest Link.\" Design & Reuse, April 1, 2023, [link](https://www.design-reuse.com/articles/51232/solving-chip-security-s-weakest-link.html)\r\n2. Laurie, Adam. \"Fun with Masked ROMs - Atmel MARC4.\" Adams Blog, rfidiot.org, 1 Jan. 2013, [link](http://adamsblog.rfidiot.org/2013/01/fun-with-masked-roms.html)\r\n3. Hoover, William. \"Looking Inside a 1970s PROM Chip That Could Change Computing.\" RightO, 19 July 2019, [link](http://www.righto.com/2019/07/looking-inside-1970s-prom-chip-that.html)\r\n4. Chen, Nick. \"The Benefits of Antifuse OTP.\" Semiconductor Engineering, 19 Dec. 2016, [link](https://semiengineering.com/the-benefits-of-antifuse-otp/)","updated_timestamp":{"seconds":1720463423,"nanoseconds":0},"speakers":[{"content_ids":[54516],"conference_id":133,"event_ids":[54889],"name":"Martin Petran","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Accenture","title":"Embedded Systems Security Engineer"}],"links":[],"pronouns":null,"media":[],"id":54061,"title":"Embedded Systems Security Engineer at Accenture"},{"content_ids":[54516],"conference_id":133,"event_ids":[54889],"name":"Hayyan Ali","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Accenture","title":"Security Delivery Senior Analyst"}],"links":[],"pronouns":null,"media":[],"id":54086,"title":"Security Delivery Senior Analyst at Accenture"},{"content_ids":[54516],"conference_id":133,"event_ids":[54889],"name":"Michal Grygarek","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Accenture","title":"Security Architect"}],"pronouns":"he/him","links":[{"description":"","title":"ok2haz.ok2kld.cz/","sort_order":0,"url":"https://ok2haz.ok2kld.cz/"}],"media":[],"id":54174,"title":"Security Architect at Accenture"}],"begin_tsz":"2024-08-11T00:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:30:23Z","links":[],"end":"2024-08-11T01:15:00.000-0000","id":54889,"tag_ids":[46166,46169,46419,46881],"village_id":null,"begin_timestamp":{"seconds":1723336200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":54174},{"tag_id":46167,"sort_order":4,"person_id":54061},{"tag_id":46167,"sort_order":6,"person_id":54086}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-11T00:30:00.000-0000","updated":"2024-07-08T18:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Upon its discovery, CVE-2024-2961, a very old buffer overflow in the glibc, seemed like a terrible bug. Within the prism of the PHP engine, however, the vulnerability shone, and provided both a new remote code execution vector and a few 0-days.\n\nThis talk will first walk you through the discovery of the bug and its limitations, before describing the conception of remote binary PHP exploits using this bug, and through them offer unique insight in the internal of the engine of the web language, and the difficulties one faces when exploiting it.\n\nAfter this, it will reveal the impact on PHP's ecosystem, from well-known functions to unsuspected sinks, by showcasing the vulnerability on several popular libraries and applications.\n\n\n\n","media":[],"title":"Iconv, set the charset to RCE: exploiting the glibc to hack the PHP engine","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T01:15:00Z","end_timestamp":{"seconds":1723338900,"nanoseconds":0},"android_description":"Upon its discovery, CVE-2024-2961, a very old buffer overflow in the glibc, seemed like a terrible bug. Within the prism of the PHP engine, however, the vulnerability shone, and provided both a new remote code execution vector and a few 0-days.\n\nThis talk will first walk you through the discovery of the bug and its limitations, before describing the conception of remote binary PHP exploits using this bug, and through them offer unique insight in the internal of the engine of the web language, and the difficulties one faces when exploiting it.\n\nAfter this, it will reveal the impact on PHP's ecosystem, from well-known functions to unsuspected sinks, by showcasing the vulnerability on several popular libraries and applications.","updated_timestamp":{"seconds":1720307460,"nanoseconds":0},"speakers":[{"content_ids":[54515],"conference_id":133,"event_ids":[54888],"name":"Charles \"cfreal\" Fol","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"LEXFO / AMBIONICS","title":"Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Technical Blog","sort_order":0,"url":"https://www.ambionics.io/blog/"},{"description":"","title":"Twitter (@cfreal_)","sort_order":0,"url":"https://twitter.com/cfreal_"}],"media":[],"id":54204,"title":"Security Researcher at LEXFO / AMBIONICS"}],"begin_tsz":"2024-08-11T00:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-06T23:11:00Z","links":[],"end":"2024-08-11T01:15:00.000-0000","id":54888,"tag_ids":[46166,46169,46419,46437,46880],"village_id":null,"begin_timestamp":{"seconds":1723336200,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54204}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-11T00:30:00.000-0000","updated":"2024-07-06T23:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Bug bounty is an intricate game between the bug hunter, the clients, and the intermediary. \r\n\r\nLike any game, it can be hacked. Like some games, it can be unfair. \r\n\r\nJoin Jason as he walks you through the darker secrets of bug bounty , tips and tricks to address them, and in some cases, commiserate that there are just bad realities to the game. \r\n\r\nJason will address the problems hardly talked about in the system, from a hacker, program owner, and platform runner. \n\n\n","media":[],"title":"The Dark Side of Bug Bounty","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:50:00Z","end_timestamp":{"seconds":1723337400,"nanoseconds":0},"android_description":"Bug bounty is an intricate game between the bug hunter, the clients, and the intermediary. \r\n\r\nLike any game, it can be hacked. Like some games, it can be unfair. \r\n\r\nJoin Jason as he walks you through the darker secrets of bug bounty , tips and tricks to address them, and in some cases, commiserate that there are just bad realities to the game. \r\n\r\nJason will address the problems hardly talked about in the system, from a hacker, program owner, and platform runner.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55717,55180],"conference_id":133,"event_ids":[55568,56223],"name":"Jason Haddix","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Arcanum Security","title":""}],"pronouns":null,"links":[{"description":"","title":"Twitter (@jhaddx)","sort_order":0,"url":"https://twitter.com/jhaddx"}],"media":[],"id":54822,"title":"Arcanum Security"}],"begin_tsz":"2024-08-11T00:20:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-11T00:50:00.000-0000","id":56223,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723335600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54822}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-11T00:20:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to be anonymous? Learn about protecting your personal information","media":[],"title":"It's CPV, why would we share that with you?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:35:00Z","end_timestamp":{"seconds":1723336500,"nanoseconds":0},"android_description":"Want to be anonymous? Learn about protecting your personal information","updated_timestamp":{"seconds":1723334380,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T00:15:00Z","timeband_id":1148,"updated_tsz":"2024-08-10T23:59:40Z","links":[],"end":"2024-08-11T00:35:00.000-0000","id":56880,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723335300,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-11T00:15:00.000-0000","updated":"2024-08-10T23:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There are few opportunities to learn how code can be transformed into a visualization project. Tune in as Mark Griffin from UnDaunted shares about how his team took the competitor submissions and translated them into the AIxCC competition experience at DEF CON.\n\n\n","media":[],"title":"Visualizing AIxCC: Bringing Your Code to Life","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"There are few opportunities to learn how code can be transformed into a visualization project. Tune in as Mark Griffin from UnDaunted shares about how his team took the competitor submissions and translated them into the AIxCC competition experience at DEF CON.","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[56140],"conference_id":133,"event_ids":[56783],"name":"Mark Griffin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Undaunted","title":""}],"links":[],"pronouns":null,"media":[],"id":56527,"title":"Undaunted"}],"begin_tsz":"2024-08-11T00:15:00Z","timeband_id":1148,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56783,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723335300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56527}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-11T00:15:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Bloch Party & More Debates","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T00:15:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56443,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723335300,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-11T00:15:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Digital forensics and incident responders, as well as other essential emergency workers, often face high stress levels and risk burnout due to their demanding roles. This talk is for professionals, spouses, managers and corporations and will cover the following topics: \r\n\r\nSelf-Care, Hacking Health, maintaining Work-Life Balance, building a Support network, developing Mindfulness and Relaxation Techniques, using technology to Manage Workload, working with management to Create a Positive Work Environment.\r\n\r\nHaving built and lead successful DFIR practices that dealt with some of Canada’s largest data breaches. I wish to impart what I have learnt over the years so others may protect and nurture their most sacred resource, people.\n\n\n","media":[],"title":"Front line first aid: Triaging your DFIR emergency responders","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:50:00Z","end_timestamp":{"seconds":1723337400,"nanoseconds":0},"android_description":"Digital forensics and incident responders, as well as other essential emergency workers, often face high stress levels and risk burnout due to their demanding roles. This talk is for professionals, spouses, managers and corporations and will cover the following topics: \r\n\r\nSelf-Care, Hacking Health, maintaining Work-Life Balance, building a Support network, developing Mindfulness and Relaxation Techniques, using technology to Manage Workload, working with management to Create a Positive Work Environment.\r\n\r\nHaving built and lead successful DFIR practices that dealt with some of Canada’s largest data breaches. I wish to impart what I have learnt over the years so others may protect and nurture their most sacred resource, people.","updated_timestamp":{"seconds":1722445911,"nanoseconds":0},"speakers":[{"content_ids":[55693],"conference_id":133,"event_ids":[56216],"name":"Neumann \"scsideath\" Lim","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Odlum Brown","title":"Manager"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@cybersyrupblog)","sort_order":0,"url":"https://twitter.com/cybersyrupblog"}],"media":[],"id":56064,"title":"Manager at Odlum Brown"}],"begin_tsz":"2024-08-11T00:05:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:11:51Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-11T00:50:00.000-0000","id":56216,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723334700,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56064}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-11T00:05:00.000-0000","updated":"2024-07-31T17:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This panel will cover the misinformation, disinformation, and malinformation that we are seeing across different mediums prior to the upcoming presidential election. Join us for an all star panel of misinformation, disinformation, and malformation experts discuss the threats they are currently observing and what their biggest concerns are for the upcoming election. Audiences will also learn what kind of precautions are being taken and what individuals can do to prepare themselves and increase their media literacy and ability to identify information that actually has information integrity.\n\n\n","media":[],"title":"Misinformation, Disinformation, and Malformation in 2024","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:45:00Z","end_timestamp":{"seconds":1723337100,"nanoseconds":0},"android_description":"This panel will cover the misinformation, disinformation, and malinformation that we are seeing across different mediums prior to the upcoming presidential election. Join us for an all star panel of misinformation, disinformation, and malformation experts discuss the threats they are currently observing and what their biggest concerns are for the upcoming election. Audiences will also learn what kind of precautions are being taken and what individuals can do to prepare themselves and increase their media literacy and ability to identify information that actually has information integrity.","updated_timestamp":{"seconds":1723183539,"nanoseconds":0},"speakers":[{"content_ids":[56202],"conference_id":133,"event_ids":[56856],"name":"Derek DelGaudio","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56565},{"content_ids":[56201,56202],"conference_id":133,"event_ids":[56855,56856],"name":"Jake Braun","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/jake-braun-77372539"},{"description":"","title":"Twitter (@jakehbraun)","sort_order":0,"url":"https://twitter.com/jakehbraun"},{"description":"","title":"Website","sort_order":0,"url":"https://harris.uchicago.edu/directory/jake-braun"}],"media":[],"id":56572},{"content_ids":[56195,56202],"conference_id":133,"event_ids":[56849,56856],"name":"Kendall Spencer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/spenceresq"},{"description":"","title":"Twitter (@kendallspencer)","sort_order":0,"url":"https://twitter.com/kendallspencer"},{"description":"","title":"Website","sort_order":0,"url":"https://nightcommission.org"}],"media":[],"id":56574},{"content_ids":[56196,56202],"conference_id":133,"event_ids":[56850,56856],"name":"Michael Moore","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Website","sort_order":0,"url":"https://azdirect.az.gov/secretary-state"}],"media":[],"id":56578},{"content_ids":[56190,56202],"conference_id":133,"event_ids":[56844,56856],"name":"Nate Young","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/company/maricopa-county/"},{"description":"","title":"Twitter (@recordersoffice)","sort_order":0,"url":"https://twitter.com/recordersoffice"},{"description":"","title":"Website","sort_order":0,"url":"https://recorder.maricopa.gov/"}],"media":[],"id":56579},{"content_ids":[56202],"conference_id":133,"event_ids":[56856],"name":"Nicole Tisdale","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/nicoletisdale"},{"description":"","title":"Twitter (@hinicoletisdale)","sort_order":0,"url":"https://twitter.com/hinicoletisdale"},{"description":"","title":"Website","sort_order":0,"url":"https://nicoletisdale.com"}],"media":[],"id":56580}],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T06:05:39Z","links":[],"end":"2024-08-11T00:45:00.000-0000","id":56856,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":56580},{"tag_id":46487,"sort_order":4,"person_id":56578},{"tag_id":46487,"sort_order":6,"person_id":56579},{"tag_id":46487,"sort_order":8,"person_id":56572},{"tag_id":46488,"sort_order":10,"person_id":56565},{"tag_id":46487,"sort_order":12,"person_id":56574}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"\n\n\n","media":[],"title":"Challenges and Reactions: Cybersecurity and Communications Resilience in Taiwan","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:45:00Z","end_timestamp":{"seconds":1723337100,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722642980,"nanoseconds":0},"speakers":[{"content_ids":[55918],"conference_id":133,"event_ids":[56509],"name":"Herming Chiueh","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Ministry of Digital Affairs, Taiwan","title":"Deputy Minister"}],"links":[],"pronouns":null,"media":[],"id":56286,"title":"Deputy Minister at Ministry of Digital Affairs, Taiwan"}],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T23:56:20Z","links":[],"end":"2024-08-11T00:45:00.000-0000","id":56509,"tag_ids":[46388,46419,46511],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56286}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-08-02T23:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Traditional RFID badge cloning methods require you to be within 3 feet of your target. So how can you conduct a physical penetration test and clone a badge without interacting with a person? Companies have increasingly adopted a hybrid work environment, allowing employees to work remotely, which has decreased the amount of foot traffic in and out of a building at any given time. This session discusses two accessible, entry-level hardware designs you can build in a day and deploy in the field, along with the tried-and-true social engineering techniques that can increase your chances of remotely cloning an RFID badge.\r\n \r\nLangston and Dan discuss their Red Team adventures using implant devices, a Flipper Zero and an iCopy-X. As a bonus the two will explain how to perform a stealthy HID iClass SE/SEOS downgrade and legacy attack! This presentation is supplemented with files and instructions that are available for download in order to build your own standalone gooseneck reader, wall implant and clipboard cloning devices! This is. The Remix.\n\n\n","media":[],"title":"Flipping Locks (The Remix) - Remote Badge Cloning with the Flipper Zero and More","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Traditional RFID badge cloning methods require you to be within 3 feet of your target. So how can you conduct a physical penetration test and clone a badge without interacting with a person? Companies have increasingly adopted a hybrid work environment, allowing employees to work remotely, which has decreased the amount of foot traffic in and out of a building at any given time. This session discusses two accessible, entry-level hardware designs you can build in a day and deploy in the field, along with the tried-and-true social engineering techniques that can increase your chances of remotely cloning an RFID badge.\r\n \r\nLangston and Dan discuss their Red Team adventures using implant devices, a Flipper Zero and an iCopy-X. As a bonus the two will explain how to perform a stealthy HID iClass SE/SEOS downgrade and legacy attack! This presentation is supplemented with files and instructions that are available for download in order to build your own standalone gooseneck reader, wall implant and clipboard cloning devices! This is. The Remix.","updated_timestamp":{"seconds":1722564669,"nanoseconds":0},"speakers":[{"content_ids":[55794,55802],"conference_id":133,"event_ids":[56343,56351],"name":"Dan Goga","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56181},{"content_ids":[55794,55802],"conference_id":133,"event_ids":[56343,56351],"name":"Langston Clement","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56183}],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T02:11:09Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56351,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56183},{"tag_id":46167,"sort_order":4,"person_id":56181}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-08-02T02:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk with dive into:\r\n•\tThe speed of threats coming at us today, and how teams manage burnout and back to back calls.\r\n•\tHow the incident response landscape is changing.\r\n•\tDo AI and ML change incident response?\r\n•\tHow do the recent takedowns performed by LEs affect IR?\n\n\nIn an era where cyber threats evolve at breakneck speed, the ability to respond swiftly and effectively has never been more critical. Join us for \"Under the Hood: Incident Response at High Speed,\" where we'll delve into the high-stakes world of incident response and explore how teams are adapting to the relentless pace of modern threats. Discover the innovative ways AI and machine learning are transforming our defensive strategies and hear expert insights on the shifting landscape of incident management. We'll also examine the recent high-profile takedowns of droppers, C2s, and ransomware leak sites to determine whether these efforts are truly mitigating long-term risks or if we need a new approach to stay ahead. Your pit crew panel consists of leaders and practitioners from across industries and the globe discussing the latest and greatest in the world of Incident Response. Don't miss this opportunity to gain cutting-edge knowledge and strategies for navigating the evolving cyber threat landscape.","media":[],"title":"Under the Hood: Incident Response at High Speed (A BTV Panel)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"This talk with dive into:\r\n•\tThe speed of threats coming at us today, and how teams manage burnout and back to back calls.\r\n•\tHow the incident response landscape is changing.\r\n•\tDo AI and ML change incident response?\r\n•\tHow do the recent takedowns performed by LEs affect IR?\n\n\nIn an era where cyber threats evolve at breakneck speed, the ability to respond swiftly and effectively has never been more critical. Join us for \"Under the Hood: Incident Response at High Speed,\" where we'll delve into the high-stakes world of incident response and explore how teams are adapting to the relentless pace of modern threats. Discover the innovative ways AI and machine learning are transforming our defensive strategies and hear expert insights on the shifting landscape of incident management. We'll also examine the recent high-profile takedowns of droppers, C2s, and ransomware leak sites to determine whether these efforts are truly mitigating long-term risks or if we need a new approach to stay ahead. Your pit crew panel consists of leaders and practitioners from across industries and the globe discussing the latest and greatest in the world of Incident Response. Don't miss this opportunity to gain cutting-edge knowledge and strategies for navigating the evolving cyber threat landscape.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55754],"conference_id":133,"event_ids":[56279],"name":"Nicole Beckwith","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56147},{"content_ids":[55754],"conference_id":133,"event_ids":[56279],"name":"Shelly Giesbrecht","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56159},{"content_ids":[55754],"conference_id":133,"event_ids":[56279],"name":"Angelo Violetti","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SEC Consult","title":"Incident Response and Digital Forensics consultant"}],"links":[],"pronouns":null,"media":[],"id":56163,"title":"Incident Response and Digital Forensics consultant at SEC Consult"},{"content_ids":[55754],"conference_id":133,"event_ids":[56279],"name":"David Zito","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"VF Corp","title":""}],"links":[],"pronouns":null,"media":[],"id":56164,"title":"VF Corp"}],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56279,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56163},{"tag_id":46167,"sort_order":1,"person_id":56164},{"tag_id":46167,"sort_order":1,"person_id":56147},{"tag_id":46167,"sort_order":1,"person_id":56159}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for a journey into the world of quantum computing, where quantum computers can solve problems in seconds that would take regular computers years to solve. We'll explore the principles of quantum mechanics that make this possible, and the implications for cybersecurity. But don't worry, we'll also cover what's being done to keep our online communications safe and how we can stay ahead of the game.\n\n\n","media":[],"title":"Quantum Leap: The future of Computing and the security of your online world","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Join us for a journey into the world of quantum computing, where quantum computers can solve problems in seconds that would take regular computers years to solve. We'll explore the principles of quantum mechanics that make this possible, and the implications for cybersecurity. But don't worry, we'll also cover what's being done to keep our online communications safe and how we can stay ahead of the game.","updated_timestamp":{"seconds":1722361842,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T17:50:42Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56096,"tag_ids":[46398,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-07-30T17:50:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ask any top bug bounty hunter: the best part of a live hacking event is the Show & Tell; the time when the veil is lifted and we collectively revel in the ingenuity of the best finds from the competition. The goal of this talk is to give you that same experience. I will speak to you as the competent hackers that you are, not withholding the nitty-gritty technical details and the Ls along the way. Together, we’ll journey through the highs and the lows of my hunts, both solo and in a Live Hacking Event context. You’ll see everything from RCE to SQL injection, mass PII leakage to spying on people’s homes and workplaces. You’ll find some bugs mind-numbingly simple, and some bugs mind-bogglingly complex. Each bug in this talk was assigned the highest severity possible, and awarded somewhere between $10k-$60k in bounties.\n\n\n","media":[],"title":"Top War Stories from a TryHard Bug Bounty Hunter","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Ask any top bug bounty hunter: the best part of a live hacking event is the Show & Tell; the time when the veil is lifted and we collectively revel in the ingenuity of the best finds from the competition. The goal of this talk is to give you that same experience. I will speak to you as the competent hackers that you are, not withholding the nitty-gritty technical details and the Ls along the way. Together, we’ll journey through the highs and the lows of my hunts, both solo and in a Live Hacking Event context. You’ll see everything from RCE to SQL injection, mass PII leakage to spying on people’s homes and workplaces. You’ll find some bugs mind-numbingly simple, and some bugs mind-bogglingly complex. Each bug in this talk was assigned the highest severity possible, and awarded somewhere between $10k-$60k in bounties.","updated_timestamp":{"seconds":1720332332,"nanoseconds":0},"speakers":[{"content_ids":[54657,55182],"conference_id":133,"event_ids":[55570,55029],"name":"Justin \"Rhynorater\" Gardner","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Bug Bounty Hunter"},{"organization":"Critical Thinking - Bug Bounty Podcast","title":"Host"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@Rhynorater)","sort_order":0,"url":"https://twitter.com/Rhynorater"}],"media":[],"id":54326,"title":"Host at Critical Thinking - Bug Bounty Podcast"}],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T06:05:32Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#top-war-stories-from-a-tryhard-bug-bounty-hunter"}],"end":"2024-08-11T01:00:00.000-0000","id":55029,"tag_ids":[46374,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54326}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-07-07T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Demonstrating the transition from theorized space cyber attacks to practical proof of concepts. The presentation will utilize a simple yet effective attack, a man-in-the-middle attack, on the ground infrastructure to demonstrate how many SPARTA techniques and sub-techniques can be performed against a spacecraft from the ground infrastructure. By illustrating the significant impact of this simplified concept, we aim to emphasize the urgent need for enhanced cybersecurity measures throughout the entire lifecycle of space missions and break the inherit trust between the ground and spacecraft.\n\n\n","media":[],"title":"From Theory to Reality: Demonstrating the Simplicity of SPARTA Techniques","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:30:00Z","end_timestamp":{"seconds":1723336200,"nanoseconds":0},"android_description":"Demonstrating the transition from theorized space cyber attacks to practical proof of concepts. The presentation will utilize a simple yet effective attack, a man-in-the-middle attack, on the ground infrastructure to demonstrate how many SPARTA techniques and sub-techniques can be performed against a spacecraft from the ground infrastructure. By illustrating the significant impact of this simplified concept, we aim to emphasize the urgent need for enhanced cybersecurity measures throughout the entire lifecycle of space missions and break the inherit trust between the ground and spacecraft.","updated_timestamp":{"seconds":1720331871,"nanoseconds":0},"speakers":[{"content_ids":[54635],"conference_id":133,"event_ids":[55009],"name":"Randi Tinney","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"The Aerospace Corporation","title":"Engineering Specialist for the Cyber Assessments and Research Department, Cybersecurity and Advanced Platforms Subdivision (CAPS)"}],"links":[],"pronouns":null,"media":[],"id":54265,"title":"Engineering Specialist for the Cyber Assessments and Research Department, Cybersecurity and Advanced Platforms Subdivision (CAPS) at The Aerospace Corporation"}],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:51Z","links":[],"end":"2024-08-11T00:30:00.000-0000","id":55009,"tag_ids":[46169,46366,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54265}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the complex landscape of modern cybersecurity, identifying coordinated attacks within massive volumes of security data is a formidable challenge. Security professionals often grapple with distinguishing these attacks from numerous false positives and isolated incidents. This talk will illuminate how data science can be harnessed to transform tons of heterogeneous events, logs, and alerts into a bunch of clusters, a few kill chains, and fewer actionable insights, with open-source models, and security knowledge encoding. Join us on a journey to enhance security operations efficacy and efficiency! No data science expertise is required!\n\n\n","media":[],"title":"Exposing Coordinated Attacks Hiding in the Sheer Noise of False Positives and Lone Incidents: A Data Science Correlation and Contextualization Journey of Logs, Events, and Alerts","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"In the complex landscape of modern cybersecurity, identifying coordinated attacks within massive volumes of security data is a formidable challenge. Security professionals often grapple with distinguishing these attacks from numerous false positives and isolated incidents. This talk will illuminate how data science can be harnessed to transform tons of heterogeneous events, logs, and alerts into a bunch of clusters, a few kill chains, and fewer actionable insights, with open-source models, and security knowledge encoding. Join us on a journey to enhance security operations efficacy and efficiency! No data science expertise is required!","updated_timestamp":{"seconds":1720331871,"nanoseconds":0},"speakers":[{"content_ids":[54634,55759,55495,55348,56206,55557],"conference_id":133,"event_ids":[55740,56072,55924,56284,56860,55008],"name":"Ezz Tahoun","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ezzeldinadel/"}],"media":[],"id":54240},{"content_ids":[54634],"conference_id":133,"event_ids":[55008],"name":"Lynn Hamida","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54241}],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:51Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55008,"tag_ids":[46169,46385,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54240},{"tag_id":46167,"sort_order":1,"person_id":54241}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As the adoption of GenAI tools has soared, security has done little to keep up. New classes of data, and especially vector data, is flooding into new and untested data stores. Vector databases are getting copies of health data, financial data, HR data, emails, and everything else, but they have no intrinsic security. What's worse, the vectors themselves can be reversed in embedding inversion attacks that turn those vectors back into faces, sentences, and even pictures. We discuss these new attacks and a new branch of cryptography, vector encryption, which allows for privacy preserving searches to happen over the encrypted vectors. We'll discuss the benefits, trade-offs, and current state of the field and the open source software we've built to meet the new need.\n\n\n","media":[],"title":"Attacks on GenAI data and using vector encryption to stop them","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:30:00Z","end_timestamp":{"seconds":1723336200,"nanoseconds":0},"android_description":"As the adoption of GenAI tools has soared, security has done little to keep up. New classes of data, and especially vector data, is flooding into new and untested data stores. Vector databases are getting copies of health data, financial data, HR data, emails, and everything else, but they have no intrinsic security. What's worse, the vectors themselves can be reversed in embedding inversion attacks that turn those vectors back into faces, sentences, and even pictures. We discuss these new attacks and a new branch of cryptography, vector encryption, which allows for privacy preserving searches to happen over the encrypted vectors. We'll discuss the benefits, trade-offs, and current state of the field and the open source software we've built to meet the new need.","updated_timestamp":{"seconds":1720331871,"nanoseconds":0},"speakers":[{"content_ids":[54633],"conference_id":133,"event_ids":[55007],"name":"Patrick Walsh","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"IronCore Labs","title":""}],"links":[],"pronouns":null,"media":[],"id":54314,"title":"IronCore Labs"},{"content_ids":[54633],"conference_id":133,"event_ids":[55007],"name":"Bob Wall","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54363}],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:51Z","links":[],"end":"2024-08-11T00:30:00.000-0000","id":55007,"tag_ids":[46377,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54363},{"tag_id":46167,"sort_order":1,"person_id":54314}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk showcases techniques for process injection using advanced return-oriented programming (ROP). Process injection via ROP introduces significant hurdles, requiring many WinAPIs to be chained together, each with complex parameters and return values. We give practical details on how to best manage this. One seemingly insurmountable challenge is in identifying the target binary, as string comparison can be extremely difficult in ROP, as needed ROP gadgets may be lacking. We unveil a unique, universal solution, giving a reliable means of string comparison via ROP, which works all the time, allowing a specific process to be pinpointed and injected into via ROP.\r\n\r\nWe created numerous patterns for different WinAPIs, allowing for as many as a dozen ways of preparing a specific WinAPI via ROP, if using an approach centered around the PUSHAD instruction. With some WinAPIs, there are zero patterns for PUSHAD, forcing us to rely upon the much lauded “sniper” approach. We document all such variations of patterns for the WinAPIs in our demonstrated process injection. This research is not intended to demo a one-off example of process injection via ROP, but to provide a methodology that can be used time and time again, providing unique templates for others to use the same WinAPIs when attempting process injection via ROP.\r\n\r\n1. Anonymous.(2019.) Cobalt Strike’s Process Injection: The Details. [link](https://www.cobaltstrike.com/blog/cobalt-strikes-process-injection-the-details-cobalt-strike)\r\n2. Hosseini, Ashkan. (2017). Ten Process Injection Techniques: A Technical Survey of Common and Trending Process Injection Techniques. [link](https://www.elastic.co/blog/ten-process-injection-techniques-technical-survey-common-and-trending-process)\r\n3. Klein, A., & Kotler, I. (2019). Windows process injection in 2019. Black Hat USA, 2019.\r\n4. Landau, Gabriel. (2021). What you need to know about Process Ghosting, a new executable image tampering attack. [link](https://www.elastic.co/blog/process-ghosting-a-new-executable-image-tampering-attack)\r\n5. Mundbrod, N., Grambow, G., Kolb, J., & Reichert, M. (2015). Context-aware process injection: enhancing process flexibility by late extension of process instances. In On the Move to Meaningful Internet Systems: OTM 2015 Conferences: Confederated International Conferences: CoopIS, ODBASE, and C&TC 2015, Rhodes, Greece, October 26-30, 2015. Proceedings (pp. 127-145). Springer International Publishing.\r\n6. Process Injection. MITRE ATT&CK. [link](https://attack.mitre.org/techniques/T1055/)\r\n7. Process Injection. [link](https://redcanary.com/threat-detection-report/techniques/process-injection/)\r\n8. Unal, Ozan. (2020). Process Injection Techniques. [link](https://medium.com/@ozan.unal/process-injection-techniques-bc6396929740)\r\n\n\n\n","media":[],"title":"Techniques for Creating Process Injection Attacks with Advanced Return-Oriented Programming","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T00:20:00Z","end_timestamp":{"seconds":1723335600,"nanoseconds":0},"android_description":"This talk showcases techniques for process injection using advanced return-oriented programming (ROP). Process injection via ROP introduces significant hurdles, requiring many WinAPIs to be chained together, each with complex parameters and return values. We give practical details on how to best manage this. One seemingly insurmountable challenge is in identifying the target binary, as string comparison can be extremely difficult in ROP, as needed ROP gadgets may be lacking. We unveil a unique, universal solution, giving a reliable means of string comparison via ROP, which works all the time, allowing a specific process to be pinpointed and injected into via ROP.\r\n\r\nWe created numerous patterns for different WinAPIs, allowing for as many as a dozen ways of preparing a specific WinAPI via ROP, if using an approach centered around the PUSHAD instruction. With some WinAPIs, there are zero patterns for PUSHAD, forcing us to rely upon the much lauded “sniper” approach. We document all such variations of patterns for the WinAPIs in our demonstrated process injection. This research is not intended to demo a one-off example of process injection via ROP, but to provide a methodology that can be used time and time again, providing unique templates for others to use the same WinAPIs when attempting process injection via ROP.\r\n\r\n1. Anonymous.(2019.) Cobalt Strike’s Process Injection: The Details. [link](https://www.cobaltstrike.com/blog/cobalt-strikes-process-injection-the-details-cobalt-strike)\r\n2. Hosseini, Ashkan. (2017). Ten Process Injection Techniques: A Technical Survey of Common and Trending Process Injection Techniques. [link](https://www.elastic.co/blog/ten-process-injection-techniques-technical-survey-common-and-trending-process)\r\n3. Klein, A., & Kotler, I. (2019). Windows process injection in 2019. Black Hat USA, 2019.\r\n4. Landau, Gabriel. (2021). What you need to know about Process Ghosting, a new executable image tampering attack. [link](https://www.elastic.co/blog/process-ghosting-a-new-executable-image-tampering-attack)\r\n5. Mundbrod, N., Grambow, G., Kolb, J., & Reichert, M. (2015). Context-aware process injection: enhancing process flexibility by late extension of process instances. In On the Move to Meaningful Internet Systems: OTM 2015 Conferences: Confederated International Conferences: CoopIS, ODBASE, and C&TC 2015, Rhodes, Greece, October 26-30, 2015. Proceedings (pp. 127-145). Springer International Publishing.\r\n6. Process Injection. MITRE ATT&CK. [link](https://attack.mitre.org/techniques/T1055/)\r\n7. Process Injection. [link](https://redcanary.com/threat-detection-report/techniques/process-injection/)\r\n8. Unal, Ozan. (2020). Process Injection Techniques. [link](https://medium.com/@ozan.unal/process-injection-techniques-bc6396929740)","updated_timestamp":{"seconds":1720463450,"nanoseconds":0},"speakers":[{"content_ids":[54514],"conference_id":133,"event_ids":[54887],"name":"Bramwell Brizendine","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"University of Alabama in Huntsville","title":"Assistant Professor"}],"links":[],"pronouns":"he/him","media":[],"id":54080,"title":"Assistant Professor at University of Alabama in Huntsville"},{"content_ids":[54514],"conference_id":133,"event_ids":[54887],"name":"Shiva Shashank Kusuma","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"University of Alabama in Huntsville","title":"Computer Science Master's Student"}],"links":[],"pronouns":null,"media":[],"id":54152,"title":"Computer Science Master's Student at University of Alabama in Huntsville"}],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:30:50Z","links":[],"end":"2024-08-11T00:20:00.000-0000","id":54887,"tag_ids":[46166,46169,46419,46881],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54080},{"tag_id":46167,"sort_order":2,"person_id":54152}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-07-08T18:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"What’s the real life equivalent of hacking a Gibson? Probably stealing hundreds of millions of dollars in diamonds, gold, and cash from one of the world's most formidable vaults. In 2003, a team of thieves did just that. Armed with hairspray, double sided tape, and nerves of steel, these thieves defeated layer after layer of security to pull off the haul of a lifetime. \r\n\r\nHowever, as much as this is a story of skilled criminals, it is every bit as much a story of security failures and the parallels between protecting diamonds and data. In this presentation we’ll dive deep into what went right, what went wrong, and how to properly apply defense in depth to make your security program look like a hundred million bucks.\r\n\r\n1. Davis, J. (2009, March 12). The untold story of the World’s biggest Diamond Heist. Wired. [link](https://www.wired.com/2009/03/ff-diamonds-2/ )\r\n2. Selby, S. A., & Campbell, G. (2012). Flawless: Inside the largest diamond heist in history. Sterling. \r\n3. Stegemeyer, P. (2021). Heist: An inside look at the world’s 100 Greatest Heists, cons, and capers: From burglaries to bank jobs and everything in between. Whalen Book Works.\r\n\n\n\n","media":[],"title":"A Treasure Trove of Failures: What History’s Greatest Heist Can Teach Us About Defense In Depth","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T00:45:00Z","end_timestamp":{"seconds":1723337100,"nanoseconds":0},"android_description":"What’s the real life equivalent of hacking a Gibson? Probably stealing hundreds of millions of dollars in diamonds, gold, and cash from one of the world's most formidable vaults. In 2003, a team of thieves did just that. Armed with hairspray, double sided tape, and nerves of steel, these thieves defeated layer after layer of security to pull off the haul of a lifetime. \r\n\r\nHowever, as much as this is a story of skilled criminals, it is every bit as much a story of security failures and the parallels between protecting diamonds and data. In this presentation we’ll dive deep into what went right, what went wrong, and how to properly apply defense in depth to make your security program look like a hundred million bucks.\r\n\r\n1. Davis, J. (2009, March 12). The untold story of the World’s biggest Diamond Heist. Wired. [link](https://www.wired.com/2009/03/ff-diamonds-2/ )\r\n2. Selby, S. A., & Campbell, G. (2012). Flawless: Inside the largest diamond heist in history. Sterling. \r\n3. Stegemeyer, P. (2021). Heist: An inside look at the world’s 100 Greatest Heists, cons, and capers: From burglaries to bank jobs and everything in between. Whalen Book Works.","updated_timestamp":{"seconds":1720463462,"nanoseconds":0},"speakers":[{"content_ids":[54513],"conference_id":133,"event_ids":[54886],"name":"Pete Stegemeyer","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Senior Security Engineer"},{"organization":"“I Can Steal That!” Podcast","title":"Host"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@petestegemeyer)","sort_order":0,"url":"https://twitter.com/petestegemeyer"}],"media":[],"id":54095,"title":"Host at “I Can Steal That!” Podcast"}],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:31:02Z","links":[],"end":"2024-08-11T00:45:00.000-0000","id":54886,"tag_ids":[46166,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54095}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-07-08T18:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We've ran The UnOfficial DEF CON Sticker Swap for 5 years now. Maybe a few other things. This year will be the officially official DC Sticker Swap, come visit for sticker hacker culture and to swap a bit of history.\r\n\n\n\n","media":[{"hash_sha256":"efd01ae06831468241370d5aa762a5a8e7451f860411ed576860ba04ae097633","filetype":"image/png","hash_md5":"0039fea72713f08399ac47af024f5890","name":"pme_stickerswap.png","is_logo":"Y","hash_crc32c":"b988e3be","filesize":196074,"asset_id":685,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_stickerswap.png"}],"title":"Sticker Swap at DEF CON 32","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-11T02:00:00Z","end_timestamp":{"seconds":1723341600,"nanoseconds":0},"android_description":"We've ran The UnOfficial DEF CON Sticker Swap for 5 years now. Maybe a few other things. This year will be the officially official DC Sticker Swap, come visit for sticker hacker culture and to swap a bit of history.","updated_timestamp":{"seconds":1720285643,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-06T17:07:23Z","links":[],"end":"2024-08-11T02:00:00.000-0000","id":54529,"tag_ids":[46364],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"HallwayCon Lounge past W234","hotel":"","short_name":"HallwayCon Lounge past W234","id":46310},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-07-06T17:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00\n\n\n","media":[],"title":"Friends of Bill W","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00","updated_timestamp":{"seconds":1718771079,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T04:24:39Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249486"}],"end":"2024-08-11T01:00:00.000-0000","id":54489,"tag_ids":[46364,46401],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W301","hotel":"","short_name":"W301","id":46295},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-06-19T04:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Browser-based attacks are not new in the malicious landscape of attack patterns. Browsers remain a popular infiltration method for attackers. \r\n\r\nWhile seemingly local, services running on localhost are accessible to the browser using a flaw we found, exposing the ports on the localhost network interface, and leaving the floodgates ajar to remote network attacks.\r\n\r\nIn this live demo and attack simulation we’ll unveil a zero-day vulnerability (still under responsible disclosure) in Chrome and other browsers, and how we use the 0-day to attack developers behind firewalls. We will demonstrate remote code execution on a wildly popular open-source platform serving millions in the data engineering ecosystem, that seems to run on localhost. \r\n\r\nIn our talk, we will present novel attack techniques, targeting developers and employees within an organization, that are behind firewalls. This will be a first-ever deep dive into this newly discovered zero-day vulnerability.\r\n\n\n\n","media":[],"title":"0.0.0.0 Day: Exploiting Localhost APIs From The Browser","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:10:00Z","end_timestamp":{"seconds":1723335000,"nanoseconds":0},"android_description":"Browser-based attacks are not new in the malicious landscape of attack patterns. Browsers remain a popular infiltration method for attackers. \r\n\r\nWhile seemingly local, services running on localhost are accessible to the browser using a flaw we found, exposing the ports on the localhost network interface, and leaving the floodgates ajar to remote network attacks.\r\n\r\nIn this live demo and attack simulation we’ll unveil a zero-day vulnerability (still under responsible disclosure) in Chrome and other browsers, and how we use the 0-day to attack developers behind firewalls. We will demonstrate remote code execution on a wildly popular open-source platform serving millions in the data engineering ecosystem, that seems to run on localhost. \r\n\r\nIn our talk, we will present novel attack techniques, targeting developers and employees within an organization, that are behind firewalls. This will be a first-ever deep dive into this newly discovered zero-day vulnerability.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55716],"conference_id":133,"event_ids":[56253],"name":"Avi Lumelsky","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56105},{"content_ids":[55716],"conference_id":133,"event_ids":[56253],"name":"Gal Elbaz","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56114}],"begin_tsz":"2024-08-10T23:40:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-11T00:10:00.000-0000","id":56253,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723333200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56105},{"tag_id":46167,"sort_order":1,"person_id":56114}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T23:40:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for our first Bloch Party and find out anything you have wanted to know about Quantum Tech & Hacking and why it's a Bloch Party, not Block Party. At the same time join us for another round of our Oxford Union-style fun debates @ DEF CON!\n\n\n","media":[],"title":"Quantum Village Bloch Party!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Join us for our first Bloch Party and find out anything you have wanted to know about Quantum Tech & Hacking and why it's a Bloch Party, not Block Party. At the same time join us for another round of our Oxford Union-style fun debates @ DEF CON!","updated_timestamp":{"seconds":1723307396,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-10T16:29:56Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56876,"tag_ids":[46389,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-08-10T16:29:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We often hear about long lines at polling places and in particular at voter registration sites. Unfortunately, we rarely get insight into why this is happening and why this happens in such specific geographic locations. Join us to hear the full breakdown of what is happening from one of the Voting Village original founders and former White House Principal Deputy National Cyber Director and premier voting expert.\n\n\n","media":[],"title":"What Do Long Voter Registration Lines Mean?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"We often hear about long lines at polling places and in particular at voter registration sites. Unfortunately, we rarely get insight into why this is happening and why this happens in such specific geographic locations. Join us to hear the full breakdown of what is happening from one of the Voting Village original founders and former White House Principal Deputy National Cyber Director and premier voting expert.","updated_timestamp":{"seconds":1723183539,"nanoseconds":0},"speakers":[{"content_ids":[56201,56202],"conference_id":133,"event_ids":[56855,56856],"name":"Jake Braun","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/jake-braun-77372539"},{"description":"","title":"Twitter (@jakehbraun)","sort_order":0,"url":"https://twitter.com/jakehbraun"},{"description":"","title":"Website","sort_order":0,"url":"https://harris.uchicago.edu/directory/jake-braun"}],"media":[],"id":56572}],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T06:05:39Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":56855,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56572}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Con la presentacion de diferentes expertos en el tema, los cuales en este panel presentado en tres idiomas, vamos a discutir el impacto real que genera la GenIA en nuestro mundo de cibserseguridad\n\n\n","media":[],"title":"How is GenIA Impacting Cybersecurity: The good, The Bad, and The ugly (Trilingual Panel)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Con la presentacion de diferentes expertos en el tema, los cuales en este panel presentado en tres idiomas, vamos a discutir el impacto real que genera la GenIA en nuestro mundo de cibserseguridad","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55975],"conference_id":133,"event_ids":[56591],"name":"Marco Figueroa","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":""}],"links":[],"pronouns":null,"media":[],"id":56309}],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56591,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56309}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come learn about Meshtastic, the long-range, low-power, encrypted off-grid messaging protocol. We'll be setting up our Meshtastic Nuggets, going over the setup options, and exploring the advanced options that make Meshtastic more useful. We'll cover setting encryption, choosing a device role, and connecting over serial, web, and bluetooth. We'll also look at some of the optional modules, like broadcasting sensor telemetry data or adding a GPS.\n\n\n","media":[],"title":"Meshtastic Meetup","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Come learn about Meshtastic, the long-range, low-power, encrypted off-grid messaging protocol. We'll be setting up our Meshtastic Nuggets, going over the setup options, and exploring the advanced options that make Meshtastic more useful. We'll cover setting encryption, choosing a device role, and connecting over serial, web, and bluetooth. We'll also look at some of the optional modules, like broadcasting sensor telemetry data or adding a GPS.","updated_timestamp":{"seconds":1722645221,"nanoseconds":0},"speakers":[{"content_ids":[55930,55931,55932,55933,55934,55935,55936,55937,55938,55939],"conference_id":133,"event_ids":[56521,56522,56523,56524,56525,56526,56527,56528,56529,56530],"name":"Kody K","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56287}],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:41Z","links":[{"label":"Purchase/Pre-Register","type":"link","url":"https://retia.io/products/dc32-meshtastic-meetup-saturday"}],"end":"2024-08-11T01:00:00.000-0000","id":56528,"tag_ids":[46383,46429,46734],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56287}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for another round of our Oxford Union-style debates @ DEF CON! Chaired by Bob Gourley, we’re extremely excited to bring you two debates this year - one on Quantum Ethics, and another on the Quantum Skills gap, feat. some of our most excellent speakers including Bruna Shinohara de Mendonça, Joan Arrow of the Quantum Ethics Project, and more! \n\n\n","media":[],"title":"The Quantum Ethics and Skills Debates","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"Join us for another round of our Oxford Union-style debates @ DEF CON! Chaired by Bob Gourley, we’re extremely excited to bring you two debates this year - one on Quantum Ethics, and another on the Quantum Skills gap, feat. some of our most excellent speakers including Bruna Shinohara de Mendonça, Joan Arrow of the Quantum Ethics Project, and more!","updated_timestamp":{"seconds":1723307279,"nanoseconds":0},"speakers":[{"content_ids":[55844,55855],"conference_id":133,"event_ids":[56431,56442],"name":"Bruna Shinohara de Mendonça","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56221},{"content_ids":[55855],"conference_id":133,"event_ids":[56442],"name":"Bob Gourley","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56618},{"content_ids":[55855],"conference_id":133,"event_ids":[56442],"name":"Joan Arrow","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56619}],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-10T16:27:59Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":56442,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":56618},{"tag_id":46487,"sort_order":4,"person_id":56221},{"tag_id":46487,"sort_order":6,"person_id":56619}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-08-10T16:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Winners of Day Two announced and prizes given out\n\n\n","media":[],"title":"Payment Village CTF Day Two Results","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Winners of Day Two announced and prizes given out","updated_timestamp":{"seconds":1722356409,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T16:20:09Z","links":[{"label":"More Info","type":"link","url":"https://www.paymentvillage.org/challenges"}],"end":"2024-08-11T00:00:00.000-0000","id":56087,"tag_ids":[46386,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-07-30T16:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Some cars are over-engineered, some are too basic, and some check every box except one. I did that research over months when trying to buy a new car, and landed on a 6MT Cadillac ATS-V while only wanting and dealing with Japanese cars, specifically Lexus/Toyota. The one thing it was missing was a digital gauge cluster, and programmers were asking $350, so I set off to figure it out myself. I then dove deep into GM electronics and programming, found a smart dude who initially cracked it all for free to spite all the money-grabbing gatekeepers, then became a hyprocrite, backtracking asking thousands to reveal his learnings. This presentation will go over how I programmed that cluster, posted everything on Github, out of spite.\n\n\n","media":[],"title":"Programming a CTS-V Gauge Cluster into an ATS-V, out of pure spite","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Some cars are over-engineered, some are too basic, and some check every box except one. I did that research over months when trying to buy a new car, and landed on a 6MT Cadillac ATS-V while only wanting and dealing with Japanese cars, specifically Lexus/Toyota. The one thing it was missing was a digital gauge cluster, and programmers were asking $350, so I set off to figure it out myself. I then dove deep into GM electronics and programming, found a smart dude who initially cracked it all for free to spite all the money-grabbing gatekeepers, then became a hyprocrite, backtracking asking thousands to reveal his learnings. This presentation will go over how I programmed that cluster, posted everything on Github, out of spite.","updated_timestamp":{"seconds":1720331871,"nanoseconds":0},"speakers":[{"content_ids":[54632],"conference_id":133,"event_ids":[55006],"name":"Varjitt Jeeva","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Software Engineer"}],"links":[],"pronouns":null,"media":[],"id":54250,"title":"Software Engineer"}],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:51Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":55006,"tag_ids":[46169,46375,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54250}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Every space mission is underpinned by critical software that spacecraft operators utilize to monitor and command their assets. The Mission Control System serves as the primary interface with a spacecraft, marking it as a crucial component of the ground segment. For decades, these systems were operated exclusively within the confines of mission control rooms, accessible only to a select group of individuals through a limited number of computer workstations. This paradigm has recently shifted, with numerous space organizations enabling their personnel to manage space assets remotely, including from the comfort of their homes. This increased accessibility has rendered space-related systems susceptible to the same security vulnerabilities that affect our daily-use software.\n\nDespite the adoption of newer technology stacks in many mission control systems—either through upgrades or complete replacements—the consideration of security requirements has often been deferred to the final stages of development or overlooked entirely. This negligence presents a significant risk, exposing the space sector to potential exploitation by malicious entities. Like in other technology domains, merely expanding strategies to incorporate security measures, instituting security policies, and integrating new security requirements are positive but insufficient. Despite being developed and tested by extensive teams and presumably adhering to best practices, we have observed firsthand how contemporary mission control systems remain prone to elementary security flaws.\n\nThe most effective strategy to equip space systems with a robust defense against malicious actors involves integrating offensive security testing throughout their development lifecycle.\n\nIn this presentation, we share the results of the security research we have recently conducted on the more established, open-source Mission Control Systems: NASA OpenMCT and YaMCS. We present the details of the vulnerabilities we have discovered in those two systems, and their potential impact on a space mission when they are chained together into one exploit. We conclude by presenting with the audience the lessons learned from those security assessments.\n\n\n\n","media":[],"title":"Offensive Security Testing: Safeguarding the Final Frontier","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Every space mission is underpinned by critical software that spacecraft operators utilize to monitor and command their assets. The Mission Control System serves as the primary interface with a spacecraft, marking it as a crucial component of the ground segment. For decades, these systems were operated exclusively within the confines of mission control rooms, accessible only to a select group of individuals through a limited number of computer workstations. This paradigm has recently shifted, with numerous space organizations enabling their personnel to manage space assets remotely, including from the comfort of their homes. This increased accessibility has rendered space-related systems susceptible to the same security vulnerabilities that affect our daily-use software.\n\nDespite the adoption of newer technology stacks in many mission control systems—either through upgrades or complete replacements—the consideration of security requirements has often been deferred to the final stages of development or overlooked entirely. This negligence presents a significant risk, exposing the space sector to potential exploitation by malicious entities. Like in other technology domains, merely expanding strategies to incorporate security measures, instituting security policies, and integrating new security requirements are positive but insufficient. Despite being developed and tested by extensive teams and presumably adhering to best practices, we have observed firsthand how contemporary mission control systems remain prone to elementary security flaws.\n\nThe most effective strategy to equip space systems with a robust defense against malicious actors involves integrating offensive security testing throughout their development lifecycle.\n\nIn this presentation, we share the results of the security research we have recently conducted on the more established, open-source Mission Control Systems: NASA OpenMCT and YaMCS. We present the details of the vulnerabilities we have discovered in those two systems, and their potential impact on a space mission when they are chained together into one exploit. We conclude by presenting with the audience the lessons learned from those security assessments.","updated_timestamp":{"seconds":1720331871,"nanoseconds":0},"speakers":[{"content_ids":[54578,54631],"conference_id":133,"event_ids":[54953,55005],"name":"Andrzej Olchawa","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/andrzejolchawa"},{"description":"","title":"Twitter (@0x4ndy)","sort_order":0,"url":"https://x.com/0x4ndy"},{"description":"","title":"andy.codes","sort_order":0,"url":"https://andy.codes"}],"media":[],"id":54248}],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:51Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":55005,"tag_ids":[46366,46419,46437,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54248}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Honeypots are invaluable tools for monitoring internet-wide scans and understanding attackers' techniques. Traditional low-interaction web honeypots use manual methods to emulate various applications or vulnerabilities. Introducing Galah, an LLM-powered web honeypot that mimics diverse applications with a single prompt. This honeypot dynamically crafts relevant HTTP responses, including headers and body content, to various HTTP requests, effectively simulating multiple web applications. In this talk, I will share lessons learned from building and deploying Galah and address two key questions: How do different large language models perform in generating HTTP messages? Does delivering authentic-looking HTTP responses increase attackers’ engagement with the honeypot?\n\n\n","media":[],"title":"Decoding Galah, an LLM Powered Web Honeypot","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Honeypots are invaluable tools for monitoring internet-wide scans and understanding attackers' techniques. Traditional low-interaction web honeypots use manual methods to emulate various applications or vulnerabilities. Introducing Galah, an LLM-powered web honeypot that mimics diverse applications with a single prompt. This honeypot dynamically crafts relevant HTTP responses, including headers and body content, to various HTTP requests, effectively simulating multiple web applications. In this talk, I will share lessons learned from building and deploying Galah and address two key questions: How do different large language models perform in generating HTTP messages? Does delivering authentic-looking HTTP responses increase attackers’ engagement with the honeypot?","updated_timestamp":{"seconds":1720400840,"nanoseconds":0},"speakers":[{"content_ids":[54630],"conference_id":133,"event_ids":[55004],"name":"Adel Karimi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Niantic","title":"Senior Security Engineer, Detection"}],"links":[],"pronouns":null,"media":[],"id":54252,"title":"Senior Security Engineer, Detection at Niantic"}],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T01:07:20Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":55004,"tag_ids":[46385,46419,46438,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54252}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-07-08T01:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"With the development of artificial intelligence and image processing technology, the video industry such as CCTV is developing greatly. However, CCTV video may infringe on an individual's privacy, and personal information may be leaked due to hacking or illegal video collection. As such, Surveillance System's Security issues are also increasing, the importance of the video surveillance industry is becoming more prominent.\r\n\r\nIn order to prevent hacking or illegal video collection, research on camera security is being conducted. However, there is a lack of awareness of NVR (Network Video Recorder), a device that actually watches videos recorded by cameras, and research on this is also insufficient.\r\n\r\nWe selected Hikvision and Dahua, which have a high NVR market share, as target vendors, and also selected Synology's NVR-related package, Surveillance Station, as targets. Before proceeding with vulnerability analysis, several problems occurred during the file system extraction process, but U-Boot mitigation was successfully bypassed through various methods. Afterwards, various types of vulnerabilities were discovered through analysis, and OEM verification was also conducted to increase impact. We present exploit scenarios for surveillance devices through vulnerability linkage and present supply chain security issues in the Surveillance System.\r\n\r\n1. [link](https://media.defcon.org/DEF%20CON%2024/DEF%20CON%2024%20presentations/DEF%20CON%2024%20-%20Brad-Dixon-Pin2Pwn-How-to-Root-An-Embedded-Linux-Box-With-A-Sewing-Needle-UPDATED.pdf)\r\n2. [link](https://www.mdpi.com/1424-8220/20/17/4806)\r\n3. [link](https://www.sciencedirect.com/science/article/pii/B978032390054600009X)\r\n4. [link](https://arxiv.org/pdf/2202.06597)\r\n5. [link](https://arxiv.org/abs/1904.08653)\r\n6. [link](https://arxiv.org/pdf/1812.02361)\r\n7. [link](https://www.researchgate.net/publication/317714199_Security_Requirements_Analysis_on_IP_Camera_via_Threat_Modeling_and_Common_Criteria)\r\n8. [link](https://www.researchgate.net/profile/Kyounggon-Kim/publication/346494741_Derivation_of_Security_Requirements_of_Smart_TV_Based_on_STRIDE_Threat_Modeling/links/5fc50fc24585152e9be40802/Derivation-of-Security-Requirements-of-Smart-TV-Based-on-STRIDE-Threat-Modeling.pdf)\r\n9. [link](https://scholarworks.bwise.kr/cau/handle/2019.sw.cau/25949)\r\n10. [link](https://dl.acm.org/doi/10.1145/2995289.2995290)\r\n11. [link](https://www.mdpi.com/2076-3417/11/12/5571)\r\n12. [link](https://arxiv.org/abs/2302.04900)\r\n13. [link](https://kth.diva-portal.org/smash/get/diva2:1697718/FULLTEXT01.pdf)\r\n14. [link](https://dl.acm.org/doi/10.1145/3232829.3232832)\r\n15. [link](https://www.sciencedirect.com/science/article/pii/S0045790622004529)\r\n16. [link](https://www.researchgate.net/publication/334396073_Vulnerability_Analysis_of_IP_Cameras_Using_ARP_Poisoning)\r\n\n\n\n","media":[],"title":"Watchers being watched: Exploiting the Surveillance System and its supply chain","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T00:15:00Z","end_timestamp":{"seconds":1723335300,"nanoseconds":0},"android_description":"With the development of artificial intelligence and image processing technology, the video industry such as CCTV is developing greatly. However, CCTV video may infringe on an individual's privacy, and personal information may be leaked due to hacking or illegal video collection. As such, Surveillance System's Security issues are also increasing, the importance of the video surveillance industry is becoming more prominent.\r\n\r\nIn order to prevent hacking or illegal video collection, research on camera security is being conducted. However, there is a lack of awareness of NVR (Network Video Recorder), a device that actually watches videos recorded by cameras, and research on this is also insufficient.\r\n\r\nWe selected Hikvision and Dahua, which have a high NVR market share, as target vendors, and also selected Synology's NVR-related package, Surveillance Station, as targets. Before proceeding with vulnerability analysis, several problems occurred during the file system extraction process, but U-Boot mitigation was successfully bypassed through various methods. Afterwards, various types of vulnerabilities were discovered through analysis, and OEM verification was also conducted to increase impact. We present exploit scenarios for surveillance devices through vulnerability linkage and present supply chain security issues in the Surveillance System.\r\n\r\n1. [link](https://media.defcon.org/DEF%20CON%2024/DEF%20CON%2024%20presentations/DEF%20CON%2024%20-%20Brad-Dixon-Pin2Pwn-How-to-Root-An-Embedded-Linux-Box-With-A-Sewing-Needle-UPDATED.pdf)\r\n2. [link](https://www.mdpi.com/1424-8220/20/17/4806)\r\n3. [link](https://www.sciencedirect.com/science/article/pii/B978032390054600009X)\r\n4. [link](https://arxiv.org/pdf/2202.06597)\r\n5. [link](https://arxiv.org/abs/1904.08653)\r\n6. [link](https://arxiv.org/pdf/1812.02361)\r\n7. [link](https://www.researchgate.net/publication/317714199_Security_Requirements_Analysis_on_IP_Camera_via_Threat_Modeling_and_Common_Criteria)\r\n8. [link](https://www.researchgate.net/profile/Kyounggon-Kim/publication/346494741_Derivation_of_Security_Requirements_of_Smart_TV_Based_on_STRIDE_Threat_Modeling/links/5fc50fc24585152e9be40802/Derivation-of-Security-Requirements-of-Smart-TV-Based-on-STRIDE-Threat-Modeling.pdf)\r\n9. [link](https://scholarworks.bwise.kr/cau/handle/2019.sw.cau/25949)\r\n10. [link](https://dl.acm.org/doi/10.1145/2995289.2995290)\r\n11. [link](https://www.mdpi.com/2076-3417/11/12/5571)\r\n12. [link](https://arxiv.org/abs/2302.04900)\r\n13. [link](https://kth.diva-portal.org/smash/get/diva2:1697718/FULLTEXT01.pdf)\r\n14. [link](https://dl.acm.org/doi/10.1145/3232829.3232832)\r\n15. [link](https://www.sciencedirect.com/science/article/pii/S0045790622004529)\r\n16. [link](https://www.researchgate.net/publication/334396073_Vulnerability_Analysis_of_IP_Cameras_Using_ARP_Poisoning)","updated_timestamp":{"seconds":1720463554,"nanoseconds":0},"speakers":[{"content_ids":[54512],"conference_id":133,"event_ids":[54885],"name":"Myeonghun Pak","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"KITRI","title":"Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@mhun512)","sort_order":0,"url":"https://twitter.com/mhun512"}],"media":[],"id":54045,"title":"Researcher at KITRI"},{"content_ids":[54512],"conference_id":133,"event_ids":[54885],"name":"Chanin Kim","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"S2W Inc","title":"Offensive Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@lourcode)","sort_order":0,"url":"https://twitter.com/lourcode"}],"media":[],"id":54098,"title":"Offensive Researcher at S2W Inc"},{"content_ids":[54512],"conference_id":133,"event_ids":[54885],"name":"Myeongjin Shin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Chonnam National University","title":"Student"}],"pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/magan_2160"}],"media":[],"id":54665,"title":"Student at Chonnam National University"}],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:32:34Z","links":[],"end":"2024-08-11T00:15:00.000-0000","id":54885,"tag_ids":[46166,46169,46419,46437,46878],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":2,"person_id":54098},{"tag_id":46167,"sort_order":4,"person_id":54045},{"tag_id":46167,"sort_order":6,"person_id":54665}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-07-08T18:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DEF CON is a siren song for the hacker mind. Clever people around the world hear it and are pulled, every year, to Las Vegas. They mass by the tens of thousands, streaming through the halls of DEF CON to watch talks given by absolute legends about incredible escapades, to gaze in wonder as true wizards bend bytes to their will in the CTF room, and to dream about one day reaching to those heights themselves.\r\n\r\nSome have the critical combination of grit, perseverance, raw talent, and (let's face it) privilege to push through to those dreams of greatness. But among even the clever and the motivated, it is rare for n00bs to rise to l33tness without support. Some find this support in inspiring classes in college. Others, among friends or mentors. But many don't find it at all, and remain in the hallways, dreaming.\r\n\r\nDo you want to leave the hallways and hack the planet? We are hackers, educators, and learners who are creating DEF CON Academy, a concerted effort to maximize hacker potential by providing open, clear, approachable, and inclusive practical resources for budding hackers to transcend and rule cyberspace. Through extensive DEF CON event presence and year-round hacking resources, we will pro up the noobs of the world and bring the community, at scale, to the next level of skill.\r\n\r\nCome, listen, and learn how we can help!\r\n\r\n1. [link](https://pwn.college)\r\n2. Connor Nelson, Yan Shoshitaishvili. DOJO: Applied Cybersecurity Education In The Browser. ACM SIGCSE 2024. [link](https://yancomm.net/papers/2024%20-%20SIGCSE%20-%20PWN%20the%20Learning%20Curve.pdf)\r\n3. Connor Nelson, Yan Shoshitaishvili. PWN The Learning Curve: Education-First CTF Challenges. ACM SIGCSE 2024. [link](https://yancomm.net/papers/2024%20-%20SIGCSE%20-%20Enter%20the%20DOJO.pdf)\r\n4. [link](https://wargames.ret2.systems/)\r\n5. [link](https://www.hackthebox.com/)\r\n\n\n\n","media":[],"title":"DEF CON Academy: Cultivating M4D SK1LLZ In the DEF CON Community","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T00:15:00Z","end_timestamp":{"seconds":1723335300,"nanoseconds":0},"android_description":"DEF CON is a siren song for the hacker mind. Clever people around the world hear it and are pulled, every year, to Las Vegas. They mass by the tens of thousands, streaming through the halls of DEF CON to watch talks given by absolute legends about incredible escapades, to gaze in wonder as true wizards bend bytes to their will in the CTF room, and to dream about one day reaching to those heights themselves.\r\n\r\nSome have the critical combination of grit, perseverance, raw talent, and (let's face it) privilege to push through to those dreams of greatness. But among even the clever and the motivated, it is rare for n00bs to rise to l33tness without support. Some find this support in inspiring classes in college. Others, among friends or mentors. But many don't find it at all, and remain in the hallways, dreaming.\r\n\r\nDo you want to leave the hallways and hack the planet? We are hackers, educators, and learners who are creating DEF CON Academy, a concerted effort to maximize hacker potential by providing open, clear, approachable, and inclusive practical resources for budding hackers to transcend and rule cyberspace. Through extensive DEF CON event presence and year-round hacking resources, we will pro up the noobs of the world and bring the community, at scale, to the next level of skill.\r\n\r\nCome, listen, and learn how we can help!\r\n\r\n1. [link](https://pwn.college)\r\n2. Connor Nelson, Yan Shoshitaishvili. DOJO: Applied Cybersecurity Education In The Browser. ACM SIGCSE 2024. [link](https://yancomm.net/papers/2024%20-%20SIGCSE%20-%20PWN%20the%20Learning%20Curve.pdf)\r\n3. Connor Nelson, Yan Shoshitaishvili. PWN The Learning Curve: Education-First CTF Challenges. ACM SIGCSE 2024. [link](https://yancomm.net/papers/2024%20-%20SIGCSE%20-%20Enter%20the%20DOJO.pdf)\r\n4. [link](https://wargames.ret2.systems/)\r\n5. [link](https://www.hackthebox.com/)","updated_timestamp":{"seconds":1720463573,"nanoseconds":0},"speakers":[{"content_ids":[54533,54511],"conference_id":133,"event_ids":[54884,54906],"name":"Perri Adams","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Defense Advanced Research Projects Agency (DARPA)","title":"Special Assistant to the Director"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@perribus)","sort_order":0,"url":"https://twitter.com/perribus"}],"media":[],"id":54047,"title":"Special Assistant to the Director at Defense Advanced Research Projects Agency (DARPA)"},{"content_ids":[54511],"conference_id":133,"event_ids":[54884],"name":"Yan \"Zardus\" Shoshitaishvili","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Arizona State University","title":"Associate Professor"}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@Zardus@defcon.social)","sort_order":0,"url":"https://defcon.social/@Zardus"},{"description":"","title":"Twitter (@Zardus)","sort_order":0,"url":"https://twitter.com/Zardus"},{"description":"","title":"yancomm.net","sort_order":0,"url":"https://yancomm.net"}],"media":[],"id":54201,"title":"Associate Professor at Arizona State University"}],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:32:53Z","links":[],"end":"2024-08-11T00:15:00.000-0000","id":54884,"tag_ids":[46166,46169,46419,46879],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":54201},{"tag_id":46167,"sort_order":4,"person_id":54047}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-07-08T18:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"VSAT satellite communication systems are widely used to provide two-way data and voice communications to remote areas, including maritime environments, crisis regions, and other locations where terrestrial communication infrastructure is limited or unavailable. In this presentation, we report on our security findings from our reverse-engineering efforts to exploit VSAT satellite modems from the Earth. We will focus on the Newtec MDM2200 from iDirect as an example. First, we explain how we reverse-engineered the software stack running on the modem device to find 0-day vulnerabilities. Then, we show how we reverse-engineered the network stack to devise attacks that can be launched by injecting wireless signals through the antenna dish of a VSAT terminal. Finally, we demonstrate our software-defined radio end-to-end attacks to inject bogus firmware updates and to gain a remote root shell access on the modem. To the best of knowledge, this represents the first successful demonstration of signal injection attacks on VSAT modems using software-defined radios from the Earth, while previous attacks on VSAT systems such as the ViaSat hack in 2022 were based on exploiting the operator’s network through Internet VPN connections. Our work therefore enlarges significantly the attack surface of VSAT systems.\n\nOur presentation at DEF CON is part of a project that has three parts. \n\nIn the first part, we focus on the inherent security issues in current VSAT system practices. This work will be appear in May at ACM WiSec 2024.\n\nVSAsTer: Uncovering Inherent Security Issues in Current VSAT System Practices, Johannes Willbold, Moritz Schloegel, Robin Bisping, Martin Strohmeier, Thorsten Holz, Vincent Lenders, 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), Seoul, Korea, May 2024. \n\nThe second part deals with the systematic evaluation of wireless signal injection attacks using a software-defined radio. This work will appear in August at Usenix Security 2024:\n\nWireless Signal Injection Attacks on VSAT Satellite Modems, Robin Bisping, Johannes Willbold, Martin Strohmeier, and Vincent Lenders, 33rd USENIX Security Symposium (USENIX Security), Philadelphia PA, USA, August 2024. \n\nThe third part of the project deals with reverse-engineering of the software and network stack of satellite modems and the development of exploits that can be injected over the air through the antenna dish of a VSAT terminal from the ground. This part shall be presented at DEF CON this year.\n\n\n","media":[],"title":"Breaking the Beam: Exploiting VSAT Satellite Modems from the Earth's Surface","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T00:15:00Z","end_timestamp":{"seconds":1723335300,"nanoseconds":0},"android_description":"VSAT satellite communication systems are widely used to provide two-way data and voice communications to remote areas, including maritime environments, crisis regions, and other locations where terrestrial communication infrastructure is limited or unavailable. In this presentation, we report on our security findings from our reverse-engineering efforts to exploit VSAT satellite modems from the Earth. We will focus on the Newtec MDM2200 from iDirect as an example. First, we explain how we reverse-engineered the software stack running on the modem device to find 0-day vulnerabilities. Then, we show how we reverse-engineered the network stack to devise attacks that can be launched by injecting wireless signals through the antenna dish of a VSAT terminal. Finally, we demonstrate our software-defined radio end-to-end attacks to inject bogus firmware updates and to gain a remote root shell access on the modem. To the best of knowledge, this represents the first successful demonstration of signal injection attacks on VSAT modems using software-defined radios from the Earth, while previous attacks on VSAT systems such as the ViaSat hack in 2022 were based on exploiting the operator’s network through Internet VPN connections. Our work therefore enlarges significantly the attack surface of VSAT systems.\n\nOur presentation at DEF CON is part of a project that has three parts. \n\nIn the first part, we focus on the inherent security issues in current VSAT system practices. This work will be appear in May at ACM WiSec 2024.\n\nVSAsTer: Uncovering Inherent Security Issues in Current VSAT System Practices, Johannes Willbold, Moritz Schloegel, Robin Bisping, Martin Strohmeier, Thorsten Holz, Vincent Lenders, 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), Seoul, Korea, May 2024. \n\nThe second part deals with the systematic evaluation of wireless signal injection attacks using a software-defined radio. This work will appear in August at Usenix Security 2024:\n\nWireless Signal Injection Attacks on VSAT Satellite Modems, Robin Bisping, Johannes Willbold, Martin Strohmeier, and Vincent Lenders, 33rd USENIX Security Symposium (USENIX Security), Philadelphia PA, USA, August 2024. \n\nThe third part of the project deals with reverse-engineering of the software and network stack of satellite modems and the development of exploits that can be injected over the air through the antenna dish of a VSAT terminal from the ground. This part shall be presented at DEF CON this year.","updated_timestamp":{"seconds":1720307460,"nanoseconds":0},"speakers":[{"content_ids":[54510],"conference_id":133,"event_ids":[54883],"name":"Robin Bisping","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cyber-Defence Campus","title":"Security Engineer"}],"links":[],"pronouns":null,"media":[],"id":54058,"title":"Security Engineer at Cyber-Defence Campus"},{"content_ids":[54510],"conference_id":133,"event_ids":[54883],"name":"Johannes Willbold","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Ruhr University Bochum","title":"PhD Student"}],"links":[],"pronouns":null,"media":[],"id":54076,"title":"PhD Student at Ruhr University Bochum"},{"content_ids":[54618,54510],"conference_id":133,"event_ids":[54883,54992],"name":"Vincent Lenders","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cyber-Defence Campus","title":"Cybersecurity Researcher and Head"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/vincent-lenders-303656"},{"description":"","title":"Twitter (@Vlenders)","sort_order":0,"url":"https://twitter.com/Vlenders"},{"description":"","title":"lenders.ch","sort_order":0,"url":"https://lenders.ch"}],"media":[],"id":54111,"title":"Cybersecurity Researcher and Head at Cyber-Defence Campus"}],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-06T23:11:00Z","links":[],"end":"2024-08-11T00:15:00.000-0000","id":54883,"tag_ids":[46166,46169,46419,46437,46880],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":2,"person_id":54111},{"tag_id":46167,"sort_order":4,"person_id":54076},{"tag_id":46167,"sort_order":6,"person_id":54058}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-07-06T23:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Are you ready to embark on a journey that celebrates uniqueness, innovation, and untapped potential? It’s time to shine a light on Neurodiversity and what that means to Information Security.\r\n\r\n1. The Power of Neurodiversity:\r\n\r\nImagine a world where different brains aren’t seen as deficits but as diverse strengths. Neurodiversity embraces the beautiful mosaic of human minds, from ADHD to autism and beyond.\r\nXavier will unravel the superpowers hidden within neurodivergent individuals—like visual hypersensitivity, out-of-the-box thinking, and encyclopedic knowledge. These aren’t just buzzwords; they’re game-changers for the Infosec field.\r\n\r\n2. Success Stories and Real Impact:\r\n\r\nBrace yourself for success stories that defy convention. JPMorgan Chase’s neurodiverse hires outperform their peers by leaps and bounds. Productivity spikes, retention soars, and innovation thrives.\r\nUltra Testing, an IT company with 75% neurodiverse staff, proves that inclusion isn’t charity—it’s smart business. Their mantra? “Staffing fantastically capable talent who just haven’t had a fair shot before.”\r\n\r\n3. Creating an Inclusive Future:\r\n\r\nXavier won’t stop at inspiration; he’ll equip you with actionable steps including: How to Revisit Hiring Processes, Adapting the Environment, Tailored Career Journeys\r\n\r\n4. Be Part of the Movement:\r\n\r\nWhether you’re a hacker, an individual seeking help, or just a cat lover (yes, there’s a slide for that!), this presentation is your invitation to change the narrative.\r\n\r\nSo mark your calendar, grab your virtual seat, and let’s celebrate neurodiversity—one mind at a time. Remember, the rising tide lifts all boats. Join us, learn, and be part of a more inclusive future! Don’t miss out—this isn’t your typical tech talk. It’s a revolution waiting to happen. See you there!\n\n\n","media":[],"title":"Unlocking Hidden Superpowers: Neurodiversity in Infosec","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:05:00Z","end_timestamp":{"seconds":1723334700,"nanoseconds":0},"android_description":"Are you ready to embark on a journey that celebrates uniqueness, innovation, and untapped potential? It’s time to shine a light on Neurodiversity and what that means to Information Security.\r\n\r\n1. The Power of Neurodiversity:\r\n\r\nImagine a world where different brains aren’t seen as deficits but as diverse strengths. Neurodiversity embraces the beautiful mosaic of human minds, from ADHD to autism and beyond.\r\nXavier will unravel the superpowers hidden within neurodivergent individuals—like visual hypersensitivity, out-of-the-box thinking, and encyclopedic knowledge. These aren’t just buzzwords; they’re game-changers for the Infosec field.\r\n\r\n2. Success Stories and Real Impact:\r\n\r\nBrace yourself for success stories that defy convention. JPMorgan Chase’s neurodiverse hires outperform their peers by leaps and bounds. Productivity spikes, retention soars, and innovation thrives.\r\nUltra Testing, an IT company with 75% neurodiverse staff, proves that inclusion isn’t charity—it’s smart business. Their mantra? “Staffing fantastically capable talent who just haven’t had a fair shot before.”\r\n\r\n3. Creating an Inclusive Future:\r\n\r\nXavier won’t stop at inspiration; he’ll equip you with actionable steps including: How to Revisit Hiring Processes, Adapting the Environment, Tailored Career Journeys\r\n\r\n4. Be Part of the Movement:\r\n\r\nWhether you’re a hacker, an individual seeking help, or just a cat lover (yes, there’s a slide for that!), this presentation is your invitation to change the narrative.\r\n\r\nSo mark your calendar, grab your virtual seat, and let’s celebrate neurodiversity—one mind at a time. Remember, the rising tide lifts all boats. Join us, learn, and be part of a more inclusive future! Don’t miss out—this isn’t your typical tech talk. It’s a revolution waiting to happen. See you there!","updated_timestamp":{"seconds":1722445887,"nanoseconds":0},"speakers":[{"content_ids":[55692],"conference_id":133,"event_ids":[56215],"name":"Xavier \"rubix1138\" Ashe","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Truist","title":"Senior Vice President, Cyber Operations and Technology"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/xavierashe/"},{"description":"","title":"Mastodon (@Xavier@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@Xavier"}],"media":[],"id":56063,"title":"Senior Vice President, Cyber Operations and Technology at Truist"}],"begin_tsz":"2024-08-10T23:05:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:11:27Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-11T00:05:00.000-0000","id":56215,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723331100,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56063}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-10T23:05:00.000-0000","updated":"2024-07-31T17:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cybersecurity Policy has transformed red teaming. Cyber and AI are the most emerging domains of the law, with strategies, regulations, and standards constantly emerging, globally. This domain also serves as an amazing opportunity for you explore to new paths, and opportunities, to drive impact at scale, and collaborate with the hacker ecosystem to drive better policies, and better security – that advance all users. This talk invites the audience to explore the latest trend in cyber policy globally, focusing on areas with broad impact on the red teaming community – such as AI red teaming, pen testing policy, secure development, legal limitations to vuln disclosure, and anti-hacking laws. We will cover the latest developments from CIRCIA to the EU Cyber Resilience Act and the AI EO – and introduce the audience to the world of policy hacking, and policy “hacking”. We will cover case studies and\n\n\n","media":[],"title":"Hacking Policy and Policy Hacking - A Red-Teamer Hacker Guide to the Universe of Cyber Policy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T23:50:00Z","end_timestamp":{"seconds":1723333800,"nanoseconds":0},"android_description":"Cybersecurity Policy has transformed red teaming. Cyber and AI are the most emerging domains of the law, with strategies, regulations, and standards constantly emerging, globally. This domain also serves as an amazing opportunity for you explore to new paths, and opportunities, to drive impact at scale, and collaborate with the hacker ecosystem to drive better policies, and better security – that advance all users. This talk invites the audience to explore the latest trend in cyber policy globally, focusing on areas with broad impact on the red teaming community – such as AI red teaming, pen testing policy, secure development, legal limitations to vuln disclosure, and anti-hacking laws. We will cover the latest developments from CIRCIA to the EU Cyber Resilience Act and the AI EO – and introduce the audience to the world of policy hacking, and policy “hacking”. We will cover case studies and","updated_timestamp":{"seconds":1723169081,"nanoseconds":0},"speakers":[{"content_ids":[56179],"conference_id":133,"event_ids":[56833],"name":"Amit Elazari","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56560}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T02:04:41Z","links":[],"end":"2024-08-10T23:50:00.000-0000","id":56833,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56560}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-08-09T02:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The FBI ran an encrypted app called Anom, intercepting all of its messages. The operation ended in the arrest of hundreds of criminals. But what happens now? Are apps that we all use, like Signal, under threat too? This talk will give a blistering dive into what the app was, how it worked, and what it means for all of our privacy now.\n\n\n","media":[],"title":"A Whirlwind Tour of the FBI's Secret Encrypted Chat App","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"The FBI ran an encrypted app called Anom, intercepting all of its messages. The operation ended in the arrest of hundreds of criminals. But what happens now? Are apps that we all use, like Signal, under threat too? This talk will give a blistering dive into what the app was, how it worked, and what it means for all of our privacy now.","updated_timestamp":{"seconds":1722725902,"nanoseconds":0},"speakers":[{"content_ids":[54493,56001],"conference_id":133,"event_ids":[56623,54866],"name":"Joseph Cox","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Investigative Journalist"},{"organization":"404 Media","title":"Co-Founder"}],"pronouns":"he/him","links":[{"description":"","title":"Bsky","sort_order":0,"url":"https://bsky.app/profile/josephcox.bsky.social"},{"description":"","title":"Mastodon (@josephcox@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@josephcox"},{"description":"","title":"Twitter (@josephfcox)","sort_order":0,"url":"https://twitter.com/josephfcox"}],"media":[],"id":54153,"title":"Co-Founder at 404 Media"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T22:58:22Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":56623,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54153}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-08-03T22:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cyberjūtsu is a new way to teach cybersecurity inspired from martial arts trainings. It is an educational way which allows everyone (novice to expert) to practice together and improve themselves in cybersecurity through confrontation. It follows budō (judo, jujitsu, karate...) principles and ethical code. The goal is to reach \"maximum-efficient use of computer\" in a \"mutual benefit\" of a human confrontation. It's a digital martial art fight e-sport using linux shell. No matter your technical background—from 10-year-olds to technical experts like pentesters and red/blue teamers—this workshop is designed for you. The only prerequisite is basic reading, writing, and counting knowledge. Experience real live adversary sparring and see how even those with less knowledge can outmaneuver more experienced participants. Join us for an interactive session with 14 players participating and others welcome to watch. Enhance your cybersecurity skills through collaborative and practical exercises.\n\n\n","media":[],"title":"Cyberjutsu Path to a Digital Martial Art","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Cyberjūtsu is a new way to teach cybersecurity inspired from martial arts trainings. It is an educational way which allows everyone (novice to expert) to practice together and improve themselves in cybersecurity through confrontation. It follows budō (judo, jujitsu, karate...) principles and ethical code. The goal is to reach \"maximum-efficient use of computer\" in a \"mutual benefit\" of a human confrontation. It's a digital martial art fight e-sport using linux shell. No matter your technical background—from 10-year-olds to technical experts like pentesters and red/blue teamers—this workshop is designed for you. The only prerequisite is basic reading, writing, and counting knowledge. Experience real live adversary sparring and see how even those with less knowledge can outmaneuver more experienced participants. Join us for an interactive session with 14 players participating and others welcome to watch. Enhance your cybersecurity skills through collaborative and practical exercises.","updated_timestamp":{"seconds":1722715708,"nanoseconds":0},"speakers":[{"content_ids":[55992],"conference_id":133,"event_ids":[56614],"name":"Alexandre CABROL PERALES","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"President of NPO multi-country WOCSA, Director of Managed Detection & Response at Sopra Steria, Teacher at French University Cyber Master","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/alexandrecabrolperales"}],"media":[],"id":56329,"title":"President of NPO multi-country WOCSA, Director of Managed Detection & Response at Sopra Steria, Teacher at French University Cyber Master"},{"content_ids":[55992],"conference_id":133,"event_ids":[56614],"name":"Quentin Fraty","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Threat Intelligence Analyst and Reverse at Sopra Steria","title":""}],"pronouns":null,"links":[{"description":"","title":"fr.linkedin.com/in/quentin-fraty-7580841b8/fr","sort_order":0,"url":"https://fr.linkedin.com/in/quentin-fraty-7580841b8/fr"}],"media":[],"id":56330,"title":"Threat Intelligence Analyst and Reverse at Sopra Steria"},{"content_ids":[55992],"conference_id":133,"event_ids":[56614],"name":"Alaric Becker","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SOC Analyst and Threat Hunter at Sopra Steria","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/alaric-becker-a183a3139/"}],"media":[],"id":56331,"title":"SOC Analyst and Threat Hunter at Sopra Steria"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T20:08:28Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56614,"tag_ids":[46367,46734],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56329},{"tag_id":46484,"sort_order":4,"person_id":56330},{"tag_id":46484,"sort_order":6,"person_id":56331}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-08-03T20:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The adoption of OT security solutions into the world's most critical infrastructure has increased dramatically. The location in which these appliance reside within control networks poses unique risk as both management interfaces and even more often monitoring interfaces reside within segments that contain critical process automation equipment. This talk will explore essential product security considerations specific to OT security appliances, secure deployment strategies, device and network hardening techniques, and some real-world examples of discovered vulnerabilities in COTS appliances.\n\n\n","media":[],"title":"Product security considerations for OT security appliances","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:50:00Z","end_timestamp":{"seconds":1723333800,"nanoseconds":0},"android_description":"The adoption of OT security solutions into the world's most critical infrastructure has increased dramatically. The location in which these appliance reside within control networks poses unique risk as both management interfaces and even more often monitoring interfaces reside within segments that contain critical process automation equipment. This talk will explore essential product security considerations specific to OT security appliances, secure deployment strategies, device and network hardening techniques, and some real-world examples of discovered vulnerabilities in COTS appliances.","updated_timestamp":{"seconds":1722652169,"nanoseconds":0},"speakers":[{"content_ids":[55940],"conference_id":133,"event_ids":[56553],"name":"Robert Landavazo","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Dragos","title":"Senior Director of Solution Architects"}],"links":[],"pronouns":null,"media":[],"id":56290,"title":"Senior Director of Solution Architects at Dragos"},{"content_ids":[55940],"conference_id":133,"event_ids":[56553],"name":"Brandon Dudley","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Dragos","title":"Field Operations Engineer"}],"links":[],"pronouns":null,"media":[],"id":56291,"title":"Field Operations Engineer at Dragos"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T02:29:29Z","links":[],"end":"2024-08-10T23:50:00.000-0000","id":56553,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56291},{"tag_id":46167,"sort_order":4,"person_id":56290}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-08-03T02:29:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Live Recon Finalist Presentations","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722627655,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T19:40:55Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56478,"tag_ids":[46391,46427,46439,46779],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-08-02T19:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is an audience-participation talk in the style of the 1980s Choose your own Adventure books. We will expose the audience to a quasi real life incident, giving them the choice to choose how they deal with that incident. This will give insight in to the difficult choices that have to be made by operators in real time.\n\n\n","media":[],"title":"Choose your own adventure: Has your fleet been hacked?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"This is an audience-participation talk in the style of the 1980s Choose your own Adventure books. We will expose the audience to a quasi real life incident, giving them the choice to choose how they deal with that incident. This will give insight in to the difficult choices that have to be made by operators in real time.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[54606,55837,56177],"conference_id":133,"event_ids":[56387,56831,54980],"name":"Ken Munro","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Pen Test Partners","title":"Partner and Founder"}],"links":[],"pronouns":null,"media":[],"id":54347,"title":"Partner and Founder at Pen Test Partners"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":56387,"tag_ids":[46366,46734],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":54347}],"tags":"","conference_id":133,"location":{"parent_id":46259,"name":"LVCC - L1 - HW2-07-02 (Aerospace) - Workshops","hotel":"","short_name":"Workshops","id":46476},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"What is this Threat Hunting stuff all about? Isn't \"hunting\" just a cooler-sounding word for Incident Response? Why are so many new jobs opening up with Threat Hunting in the title, and how do you get the experience to land one of those jobs? Should SOC Analysts always be hunting, or is that \"someone else's job?\" How does CTI connect to hunting?\r\nIf you have any of these questions burning in your mind, you have to come to this panel! We've got a fun and mostly sane panel of people who have different perspectives to share, and we want to hear from you, too!\n\n\nOur panel of Threat Hunting practitioners will take spicy topics from our amazing moderator and the audience on topics ranging from how to thrunt to real life stories of the good, the bad and the ugly. Do you have strong opinions about whether you should call it Thrunting or DEATH? We'll ask the audience some questions, too, and you might even win a prize for your spicy take!","media":[],"title":"Thrunting or DEATH! (A BTV Panel)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"What is this Threat Hunting stuff all about? Isn't \"hunting\" just a cooler-sounding word for Incident Response? Why are so many new jobs opening up with Threat Hunting in the title, and how do you get the experience to land one of those jobs? Should SOC Analysts always be hunting, or is that \"someone else's job?\" How does CTI connect to hunting?\r\nIf you have any of these questions burning in your mind, you have to come to this panel! We've got a fun and mostly sane panel of people who have different perspectives to share, and we want to hear from you, too!\n\n\nOur panel of Threat Hunting practitioners will take spicy topics from our amazing moderator and the audience on topics ranging from how to thrunt to real life stories of the good, the bad and the ugly. Do you have strong opinions about whether you should call it Thrunting or DEATH? We'll ask the audience some questions, too, and you might even win a prize for your spicy take!","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[54222,55764],"conference_id":133,"event_ids":[56273,54595],"name":"Ryan Chapman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@rj_chap)","sort_order":0,"url":"https://twitter.com/rj_chap"}],"media":[],"id":53865},{"content_ids":[54569,55764],"conference_id":133,"event_ids":[56273,54944],"name":"Joe Slowik","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54362},{"content_ids":[55764],"conference_id":133,"event_ids":[56273],"name":"th3CyF0x","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56144},{"content_ids":[55764],"conference_id":133,"event_ids":[56273],"name":"Sydney Marrone","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56154},{"content_ids":[55764],"conference_id":133,"event_ids":[56273],"name":"Randy Pargman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56175}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":56273,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54362},{"tag_id":46167,"sort_order":6,"person_id":56175},{"tag_id":46167,"sort_order":8,"person_id":56154},{"tag_id":46167,"sort_order":10,"person_id":56144},{"tag_id":46167,"sort_order":12,"person_id":53865}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There is some debate as to how SBOMs can enhance vulnerability management practices, and some believe that collecting SBOMs from internal teams or suppliers is too difficult and time-consuming. Learn how Schneider Electric has collected thousands of our product SBOMs and how we are leveraging the SBOMs as part of our corporate product CERT to quickly analyze and focus our attention when time is of importance. This presentation describes how we modified our policies and processes to collect, generate, and store thousands of SBOMs. You will hear how we have leveraged SBOMs during the Log4j and OpenSSL vulnerability events. Then we will conclude with key learnings, suggestions, and opportunities for improvement.\n\n\n","media":[],"title":"The Missing Link - How we collect and leverage SBOMs","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"There is some debate as to how SBOMs can enhance vulnerability management practices, and some believe that collecting SBOMs from internal teams or suppliers is too difficult and time-consuming. Learn how Schneider Electric has collected thousands of our product SBOMs and how we are leveraging the SBOMs as part of our corporate product CERT to quickly analyze and focus our attention when time is of importance. This presentation describes how we modified our policies and processes to collect, generate, and store thousands of SBOMs. You will hear how we have leveraged SBOMs during the Log4j and OpenSSL vulnerability events. Then we will conclude with key learnings, suggestions, and opportunities for improvement.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55715,55329],"conference_id":133,"event_ids":[55721,56233],"name":"Cassie Crossley","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Schneider Electric","title":"Vice President, Supply Chain Security, Cybersecurity & Product Security Office"}],"links":[],"pronouns":null,"media":[],"id":56107,"title":"Vice President, Supply Chain Security, Cybersecurity & Product Security Office at Schneider Electric"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":56233,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56107}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Whether you are responsible for attacking or defending cloud environments, you want to know how attackers compromise them and what successful post-exploitation looks like in the cloud.\n\nThis workshop focuses on learning how attackers typically compromise cloud environments, and what post-exploitation looks like. Each workshop attendee will have access to an AWS account deployed with a collection of intentionally vulnerable cloud resources that represent misconfigurations exploited during real cloud penetration tests.\n\nIn most cases, attackers gain initial access to cloud environments in one of three ways: They compromise a vulnerable application or service in the cloud, a misconfigured cloud resource, or a user with access to the cloud. In this workshop we will be attacking an intentionally vulnerable cloud environment with all three types of vulnerabilities.\n\nEach section of the workshop will start with an instructor led introduction followed by hands-on hacking. There is something for everyone, regardless of your offensive skill level. Anyone familiar with Linux commands and the AWS CLI is welcome to attend, and even those who have been in the field for years will find something to challenge them.\n\n\n","media":[],"title":"Exploiting common vulnerabilities in AWS environments","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Whether you are responsible for attacking or defending cloud environments, you want to know how attackers compromise them and what successful post-exploitation looks like in the cloud.\n\nThis workshop focuses on learning how attackers typically compromise cloud environments, and what post-exploitation looks like. Each workshop attendee will have access to an AWS account deployed with a collection of intentionally vulnerable cloud resources that represent misconfigurations exploited during real cloud penetration tests.\n\nIn most cases, attackers gain initial access to cloud environments in one of three ways: They compromise a vulnerable application or service in the cloud, a misconfigured cloud resource, or a user with access to the cloud. In this workshop we will be attacking an intentionally vulnerable cloud environment with all three types of vulnerabilities.\n\nEach section of the workshop will start with an instructor led introduction followed by hands-on hacking. There is something for everyone, regardless of your offensive skill level. Anyone familiar with Linux commands and the AWS CLI is welcome to attend, and even those who have been in the field for years will find something to challenge them.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55496],"conference_id":133,"event_ids":[55925],"name":"Seth Art","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"sethsec","sort_order":0,"url":"https://sethsec"}],"media":[],"id":56017}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55925,"tag_ids":[46376,46734],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56017}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us Women in Security and Privacy to mingle and network with privacy and security professionals. You can also bring some swag, pins, or stickers to exchange as part of the networking activities.\n\n\n","media":[],"title":"Peer-to-Peer Mentoring and Networking with optional Swag, Pin & Sticker Exchange","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Join us Women in Security and Privacy to mingle and network with privacy and security professionals. You can also bring some swag, pins, or stickers to exchange as part of the networking activities.","updated_timestamp":{"seconds":1722207066,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T22:51:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55904,"tag_ids":[46410,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-04","hotel":"","short_name":"HW3-05-04","id":46266},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-28T22:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Tracking of Wifi devices is a common requirement in the cybersecurity world from tracking rogue devices to locating bad actors. This presentation will cover a novel technique of combining passive scanning techniques with active scanning using intended behaviors within the 802.11 protocol. Passive scanning is available through software in suites such as Kali, or in tools like a Pineapple, with the disadvantage of being only as fast as the target is willing to send packets. Active scanning has been traditionally relegated to only devices attached to the same Access Point or other, expensive gadgets while gaining the advantage of eliciting responses on command. Using a technique based on Wifi-Polite packets, cheap ESP32s can be leveraged to gain the advantages of active scanning without the requirement of being connected to the same Access Point. The software code operating this powerful combination of active and passive scanning on an inexpensive platform will be publicly released. Attendees will have a clear understanding of the technology, be given the knowledge and code to implement it themselves, and understand the future implications of using devices like this in a cooperative mesh to track targets in real time.\n\n\n","media":[],"title":"Tracking Real-Time Locations with Rogue WiFi Packets","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:50:00Z","end_timestamp":{"seconds":1723333800,"nanoseconds":0},"android_description":"Tracking of Wifi devices is a common requirement in the cybersecurity world from tracking rogue devices to locating bad actors. This presentation will cover a novel technique of combining passive scanning techniques with active scanning using intended behaviors within the 802.11 protocol. Passive scanning is available through software in suites such as Kali, or in tools like a Pineapple, with the disadvantage of being only as fast as the target is willing to send packets. Active scanning has been traditionally relegated to only devices attached to the same Access Point or other, expensive gadgets while gaining the advantage of eliciting responses on command. Using a technique based on Wifi-Polite packets, cheap ESP32s can be leveraged to gain the advantages of active scanning without the requirement of being connected to the same Access Point. The software code operating this powerful combination of active and passive scanning on an inexpensive platform will be publicly released. Attendees will have a clear understanding of the technology, be given the knowledge and code to implement it themselves, and understand the future implications of using devices like this in a cooperative mesh to track targets in real time.","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55460],"conference_id":133,"event_ids":[55885],"name":"Mikey Awbrey","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55999}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-10T23:50:00.000-0000","id":55885,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55999}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Home Owners Association or HOAs make amateur radio difficult. The good antennas are restricted, requiring a little bit of compromise and creativity to work around. This talk is how I worked around my HOA's covenants, conditions, and restrictions to operate my antenna. \r\n\r\nThis talk will present actual proven techniques to allow you to operate on all the amateur bands. I will talk about my personal horizontal loop deployment, as well as talk about all the bad antenna options I tried first before getting here.\n\n\n","media":[],"title":"Ham Radio in an HOA: Radio in the Face of Your Oppressor","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"Home Owners Association or HOAs make amateur radio difficult. The good antennas are restricted, requiring a little bit of compromise and creativity to work around. This talk is how I worked around my HOA's covenants, conditions, and restrictions to operate my antenna. \r\n\r\nThis talk will present actual proven techniques to allow you to operate on all the amateur bands. I will talk about my personal horizontal loop deployment, as well as talk about all the bad antenna options I tried first before getting here.","updated_timestamp":{"seconds":1722185779,"nanoseconds":0},"speakers":[{"content_ids":[55440],"conference_id":133,"event_ids":[55865],"name":"Danny Quist","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@k1hyl"}],"media":[],"id":55976}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T16:56:19Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":55865,"tag_ids":[46380,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55976}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W321","hotel":"","short_name":"W321","id":46337},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-28T16:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In today's tech landscape, where cloud computing and DevOps practices have converged, managing the integrity of CI/CD pipelines is essential. These intertwined elements should be holistically addressed, particularly regarding security measures. \n\nHowever, with the rise of automation, there comes an increased risk. Join us for \"Pipeline Pandemonium,\" a comprehensive talk about vulnerabilities within CI/CD pipelines and their potential to inadvertently negatively affect organizations that rely on cloud environments. Through real-world examples and case studies, attendees will explore the convergence of rapid software delivery and cloud infrastructure, uncovering the methods used by malicious actors to infiltrate pipelines and compromise cloud security.\n\nSeveral real-world examples will be expounded, including code injection, dependency hijacking, unauthorized access through over-provisioned keys, runner abuse, and artifact poisoning. More specifically, much of the talk will focus on common techniques to abuse privileges and configurations associated with GitHub actions, CircleCI and Jenkins pipelines. The presenter has real world experience exploiting these issues at fortune 500 companies and has made significant contributions to their security organization’s security posture.\n\nAttendees will gain a deep understanding of the vulnerabilities inherent in CI/CD processes and general strategies to defend against common attacks. Although the focus of the presentation is for a broad audience and requires no in-depth knowledge about the specific topics that will be covered.\n\nJoin us for \"Pipeline Pandemonium\" and discover how to navigate the turbulent waters of cloud security with confidence, turning the tide against insecurity and reclaiming control of your CI/CD pipelines.\n\n\n","media":[],"title":"Pipeline Pandemonium: How to Hijack the Cloud and Make it Rain","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T23:50:00Z","end_timestamp":{"seconds":1723333800,"nanoseconds":0},"android_description":"In today's tech landscape, where cloud computing and DevOps practices have converged, managing the integrity of CI/CD pipelines is essential. These intertwined elements should be holistically addressed, particularly regarding security measures. \n\nHowever, with the rise of automation, there comes an increased risk. Join us for \"Pipeline Pandemonium,\" a comprehensive talk about vulnerabilities within CI/CD pipelines and their potential to inadvertently negatively affect organizations that rely on cloud environments. Through real-world examples and case studies, attendees will explore the convergence of rapid software delivery and cloud infrastructure, uncovering the methods used by malicious actors to infiltrate pipelines and compromise cloud security.\n\nSeveral real-world examples will be expounded, including code injection, dependency hijacking, unauthorized access through over-provisioned keys, runner abuse, and artifact poisoning. More specifically, much of the talk will focus on common techniques to abuse privileges and configurations associated with GitHub actions, CircleCI and Jenkins pipelines. The presenter has real world experience exploiting these issues at fortune 500 companies and has made significant contributions to their security organization’s security posture.\n\nAttendees will gain a deep understanding of the vulnerabilities inherent in CI/CD processes and general strategies to defend against common attacks. Although the focus of the presentation is for a broad audience and requires no in-depth knowledge about the specific topics that will be covered.\n\nJoin us for \"Pipeline Pandemonium\" and discover how to navigate the turbulent waters of cloud security with confidence, turning the tide against insecurity and reclaiming control of your CI/CD pipelines.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55312],"conference_id":133,"event_ids":[55702],"name":"Blake Hudson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55864}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T23:50:00.000-0000","id":55702,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55864}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk introduces a method for creating unique command and control (C2) servers for each engagement, utilizing diverse programming languages, obfuscations, and communication protocols. The approach leverages a curated repository of historical C2 and implant data, with feedback to ensure continuous improvement. Want a C2 written in PERL that uses Gopher for comms? I don't know why you would but I can show you how. Rust, nodejs, and more. Want a C2 that runs in UEFI? The best part is once the engagement is done you don't have to worry that your toolset was blown because next engagement you will have a new framework.\n\n\n","media":[],"title":"Bespoke C2s are coming of age.","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T23:50:00Z","end_timestamp":{"seconds":1723333800,"nanoseconds":0},"android_description":"This talk introduces a method for creating unique command and control (C2) servers for each engagement, utilizing diverse programming languages, obfuscations, and communication protocols. The approach leverages a curated repository of historical C2 and implant data, with feedback to ensure continuous improvement. Want a C2 written in PERL that uses Gopher for comms? I don't know why you would but I can show you how. Rust, nodejs, and more. Want a C2 that runs in UEFI? The best part is once the engagement is done you don't have to worry that your toolset was blown because next engagement you will have a new framework.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[54587,55310],"conference_id":133,"event_ids":[55700,54962],"name":"David \"Icer\" Maynor","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ThreatHunter.ai","title":"Secret Keeper"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@Dave_Maynor)","sort_order":0,"url":"https://twitter.com/Dave_Maynor"}],"media":[],"id":54339,"title":"Secret Keeper at ThreatHunter.ai"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T23:50:00.000-0000","id":55700,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":4,"person_id":54339}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Transparency Algorithm (TTA): AI's Answer to Legal Equality is a groundbreaking initiative to dismantle the deep-rooted biases and systemic disparities that have plagued the American legal system for far too long. This revolutionary effort leverages the unparalleled power of artificial intelligence (AI) and machine learning (ML) to shine a glaring light on the injustices that have condemned generations of marginalized communities to a cycle of inequity and despair.Imagine a justice system where your fate is determined not by the content of your character but by the color of your skin, your gender, or your socioeconomic status. This is the grim reality that TTA seeks to eradicate. TTA meticulously analyzes public court case data to expose the hidden biases and discriminatory practices perpetuating injustice. This initiative doesn't just aim to reform; it seeks to revolutionize the very foundation of our legal system, bringing about the transparency and accountability that have long been overdue. At its core, TTA is a powerful tool for democratizing access to justice. Empowering citizens with data-driven insights provides a platform for informed public discourse and advocacy for systemic reform. The time for change is now, and TTA is the catalyst we need to forge a path towards a truly equitable legal landscape.\n\n\n","media":[],"title":"The Transparency Algorithm: AI's Answer to Legal Racial and Social Inequality","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"The Transparency Algorithm (TTA): AI's Answer to Legal Equality is a groundbreaking initiative to dismantle the deep-rooted biases and systemic disparities that have plagued the American legal system for far too long. This revolutionary effort leverages the unparalleled power of artificial intelligence (AI) and machine learning (ML) to shine a glaring light on the injustices that have condemned generations of marginalized communities to a cycle of inequity and despair.Imagine a justice system where your fate is determined not by the content of your character but by the color of your skin, your gender, or your socioeconomic status. This is the grim reality that TTA seeks to eradicate. TTA meticulously analyzes public court case data to expose the hidden biases and discriminatory practices perpetuating injustice. This initiative doesn't just aim to reform; it seeks to revolutionize the very foundation of our legal system, bringing about the transparency and accountability that have long been overdue. At its core, TTA is a powerful tool for democratizing access to justice. Empowering citizens with data-driven insights provides a platform for informed public discourse and advocacy for systemic reform. The time for change is now, and TTA is the catalyst we need to forge a path towards a truly equitable legal landscape.","updated_timestamp":{"seconds":1721495374,"nanoseconds":0},"speakers":[{"content_ids":[55204],"conference_id":133,"event_ids":[55594],"name":"Aquarious Workman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Security Architect & Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/aquariousworkman/"}],"media":[],"id":55792,"title":"Security Architect & Researcher"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T17:09:34Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":55594,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55792}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-20T17:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the rapidly evolving landscape of cybersecurity, effective reconnaissance is the cornerstone of successful bug bounty hunting. This presentation will guide you through identifying, enriching, and prioritizing targets before any scanning occurs, emphasizing the importance of uncovering \"unknown unknowns.\" We will cover the use of tools like subfinder and amass for asset discovery, followed by httpx for extracting relevant data such as titles and ports. Prioritization will be discussed to focus efforts on high-potential targets, including those requiring sign-in. Once prioritized, we'll move to scanning, employing advanced techniques to uncover hidden files and functionalities, targeting both known vulnerabilities and the elusive \"unknown unknowns.\" Finally, we'll focus on exploiting discovered functionalities, equipping you with the skills to uncover and exploit weaknesses. Join us to enhance your bug bounty hunting capabilities with a methodical approach to reconnaissance and exploitation, ensuring no stone is left unturned in your quest for vulnerabilities.\n\n\n","media":[],"title":"Unveiling Vulnerabilities: A Comprehensive Guide to Bug Bounty Recon","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T00:30:00Z","end_timestamp":{"seconds":1723336200,"nanoseconds":0},"android_description":"In the rapidly evolving landscape of cybersecurity, effective reconnaissance is the cornerstone of successful bug bounty hunting. This presentation will guide you through identifying, enriching, and prioritizing targets before any scanning occurs, emphasizing the importance of uncovering \"unknown unknowns.\" We will cover the use of tools like subfinder and amass for asset discovery, followed by httpx for extracting relevant data such as titles and ports. Prioritization will be discussed to focus efforts on high-potential targets, including those requiring sign-in. Once prioritized, we'll move to scanning, employing advanced techniques to uncover hidden files and functionalities, targeting both known vulnerabilities and the elusive \"unknown unknowns.\" Finally, we'll focus on exploiting discovered functionalities, equipping you with the skills to uncover and exploit weaknesses. Join us to enhance your bug bounty hunting capabilities with a methodical approach to reconnaissance and exploitation, ensuring no stone is left unturned in your quest for vulnerabilities.","updated_timestamp":{"seconds":1721438491,"nanoseconds":0},"speakers":[{"content_ids":[55183],"conference_id":133,"event_ids":[55571],"name":"Prince Chaddha","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ProjectDiscovery","title":""}],"pronouns":null,"links":[{"description":"","title":"Twitter (@princechaddha)","sort_order":0,"url":"https://twitter.com/princechaddha"}],"media":[],"id":56069,"title":"ProjectDiscovery"},{"content_ids":[55183],"conference_id":133,"event_ids":[55571],"name":"Tarun Koyalwar","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ProjectDiscovery","title":"Go developer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@KoyalwarTarun)","sort_order":0,"url":"https://twitter.com/KoyalwarTarun"}],"media":[],"id":56070,"title":"Go developer at ProjectDiscovery"},{"content_ids":[55183],"conference_id":133,"event_ids":[55571],"name":"Dhiyaneshwaran Balasubramaniam","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ProjectDiscovery.io","title":"Nuclei Template Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@DhiyaneshDK)","sort_order":0,"url":"https://twitter.com/DhiyaneshDK"}],"media":[],"id":56071,"title":"Nuclei Template Engineer at ProjectDiscovery.io"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T01:21:31Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#unveiling-vulnerabilities-bug-bounty-recon"}],"end":"2024-08-11T00:30:00.000-0000","id":55571,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":4,"person_id":56071},{"tag_id":46167,"sort_order":6,"person_id":56069},{"tag_id":46167,"sort_order":8,"person_id":56070}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-20T01:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Over the past decade, infotainment systems experienced a growth in functionality, broader adoption and central incorporation into the vehicle architecture. Due to the ever-growing role of wireless protocols such as Bluetooth and a known lack of patches alongside the difficulty of patch installation, this poses a new attack surface and a genuine threat to the users. At the same time, the tools and methodologies required for testing are scattered across the Internet, absent and need a rigorous setup.\r\n\r\nIn this talk, we share a comprehensive framework BlueToolkit to test and replay Bluetooth Classic vulnerabilities. We provide practical information and tips. Additionally, we release new exploits and a privilege escalation attack vector.\r\n\r\nWe show how we used the toolkit to find 64 new vulnerabilities in 22 modern cars and the Garmin Flight Stream flight management system used in several aircraft types.\r\n\r\nOur work equips Bluetooth hackers with necessary information on novel implementation-specific vulnerabilities that could be used to steal information from target cars, establish MitM position or escalate privileges to hijack victims’ accounts stealthily.\r\n\r\nWe believe our research will be beneficial in finding new vulnerabilities and making Bluetooth research more accessible and reproducible.\n\n\n","media":[],"title":"Exploiting Bluetooth - from your car to the bank account$$","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"Over the past decade, infotainment systems experienced a growth in functionality, broader adoption and central incorporation into the vehicle architecture. Due to the ever-growing role of wireless protocols such as Bluetooth and a known lack of patches alongside the difficulty of patch installation, this poses a new attack surface and a genuine threat to the users. At the same time, the tools and methodologies required for testing are scattered across the Internet, absent and need a rigorous setup.\r\n\r\nIn this talk, we share a comprehensive framework BlueToolkit to test and replay Bluetooth Classic vulnerabilities. We provide practical information and tips. Additionally, we release new exploits and a privilege escalation attack vector.\r\n\r\nWe show how we used the toolkit to find 64 new vulnerabilities in 22 modern cars and the Garmin Flight Stream flight management system used in several aircraft types.\r\n\r\nOur work equips Bluetooth hackers with necessary information on novel implementation-specific vulnerabilities that could be used to steal information from target cars, establish MitM position or escalate privileges to hijack victims’ accounts stealthily.\r\n\r\nWe believe our research will be beneficial in finding new vulnerabilities and making Bluetooth research more accessible and reproducible.","updated_timestamp":{"seconds":1720394537,"nanoseconds":0},"speakers":[{"content_ids":[54473,54638],"conference_id":133,"event_ids":[54846,55012],"name":"Vladyslav Zubkov","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Bug Bounty Hunter"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@0a_yso)","sort_order":0,"url":"https://twitter.com/0a_yso"}],"media":[],"id":54167,"title":"Bug Bounty Hunter"},{"content_ids":[54581,54473,54638],"conference_id":133,"event_ids":[54846,54956,55012],"name":"Martin Strohmeier","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cyber Defence Campus","title":"Senior Scientist"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@masorx)","sort_order":0,"url":"https://twitter.com/masorx"}],"media":[],"id":54277,"title":"Senior Scientist at Cyber Defence Campus"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T23:22:17Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":55012,"tag_ids":[46375,46419,46438,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54167},{"tag_id":46167,"sort_order":4,"person_id":54277}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-07T23:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"When we consider the conventional approaches to vulnerability discovery, be it in software or websites, we tend to confine ourselves to a specific target or platform. In the case of software, we might reverse engineer an application's attack surfaces for untrusted input, aiming to trigger edge cases. For websites, we might enumerate a domain for related assets and seek out unpatched, less defended, or occasionally abandoned resources.\r\n\r\nThis presentation explores the untapped potential of scaling security research by leveraging unconventional data sources. We'll walk through design flaws that enable two examples: forgotten cloud assets and leaked secrets. Instead of starting with a target and finding vulnerabilities, we'll find vulnerabilities and relate them to our targets. We won't just stop at discovery. We'll also discuss the incentives that create them and how to solve the ecosystem issues as an industry.\r\n\r\nWhile you can't easily scale every issue, this project has led to tens of thousands of highly significant yet seemingly trivial weaknesses in some of the world's largest organizations. Prepare to shift your perspective on vulnerability discovery, learn scalable approaches to address commonly overlooked bugs, and understand how even the simplest misconfiguration can have a devastating impact.\r\n\r\n- Toomey, Patrick. “Behind the Scenes of Github Token Scanning.” The GitHub Blog, 17 Oct. 2018, [link](https://github.blog/2018-10-17-behind-the-scenes-of-github-token-scanning/).\r\n- Meli, Michael, et al. “How Bad Can It Git? Characterizing Secret Leakage in Public Github Repositories.” Proceedings 2019 Network and Distributed System Security Symposium, 19 Feb. 2019, [link](https://doi.org/10.14722/ndss.2019.23418).\r\n- Awslabs. “Awslabs/Git-Secrets: Prevents You from Committing Secrets and Credentials into Git Repositories.” GitHub, 2015, [link](https://github.com/awslabs/git-secrets).\r\n- Rice, Zachary. “Zricethezav/Gitleaks: Scan Git Repos (or Files) for Secrets Using Regex and Entropy.” GitHub, 2018, [link](https://github.com/zricethezav/gitleaks).\r\n- Ballenthin, Willi, and Moritz Raabe. “Mandiant/Flare-Floss: Flare Obfuscated String Solver - Automatically Extract Obfuscated Strings from Malware.” GitHub, 2016, [link](https://github.com/mandiant/flare-floss).\r\n- Squarcina, Marco, et al. “Can I Take Your Subdomain? Exploring Same-Site Attacks in the Modern Web.” USENIX Security Symposium, vol. 30, Aug. 2021, pp. 2917–2934.\r\n- MDN contributors. “Subdomain Takeovers - Web Security | MDN.” Developer.mozilla.org, 14 Oct. 2021, [link](https://developer.mozilla.org/en-US/docs/Web/Security/Subdomain_takeovers).\r\n- “Prevent Subdomain Takeovers with Azure DNS Alias Records and Azure App Service’s Custom Domain Verification.” Learn.microsoft.com, Microsoft, 16 June 2020, [link](https://learn.microsoft.com/en-us/azure/security/fundamentals/subdomain-takeover).\r\n- Shah, Shubham. “Eliminating Dangling Elastic IP Takeovers with Ghostbuster.” Assetnote, 13 Feb. 2022, [link](https://blog.assetnote.io/2022/02/13/dangling-eips/).\r\n- Claudius, Jonathan. “‘Deep Thoughts’ on Subdomain Takeover Vulnerabilities.” Claudijd.github.io, 3 Feb. 2017, [link](https://claudijd.github.io/2017/02/03/deep-thoughts-on-subdomain-takeovers/).\r\n- Victor Le Pochat, Tom Van Goethem, Samaneh Tajalizadehkhoob, Maciej Korczyński, and Wouter Joosen. 2019. \"Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation,\" Proceedings of the 26th Annual Network and Distributed System Security Symposium (NDSS 2019). [link](https://doi.org/10.14722/ndss.2019.23386)\r\n- Hallam-Baker, Phillip, et al. “RFC 8659 - DNS Certification Authority Authorization (CAA) Resource Record.” Datatracker.ietf.org, IETF, Nov. 2019, [link](https://datatracker.ietf.org/doc/html/rfc8659).\r\n\n\n\n","media":[],"title":"Secrets and Shadows: Leveraging Big Data for Vulnerability Discovery at Scale","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T23:45:00Z","end_timestamp":{"seconds":1723333500,"nanoseconds":0},"android_description":"When we consider the conventional approaches to vulnerability discovery, be it in software or websites, we tend to confine ourselves to a specific target or platform. In the case of software, we might reverse engineer an application's attack surfaces for untrusted input, aiming to trigger edge cases. For websites, we might enumerate a domain for related assets and seek out unpatched, less defended, or occasionally abandoned resources.\r\n\r\nThis presentation explores the untapped potential of scaling security research by leveraging unconventional data sources. We'll walk through design flaws that enable two examples: forgotten cloud assets and leaked secrets. Instead of starting with a target and finding vulnerabilities, we'll find vulnerabilities and relate them to our targets. We won't just stop at discovery. We'll also discuss the incentives that create them and how to solve the ecosystem issues as an industry.\r\n\r\nWhile you can't easily scale every issue, this project has led to tens of thousands of highly significant yet seemingly trivial weaknesses in some of the world's largest organizations. Prepare to shift your perspective on vulnerability discovery, learn scalable approaches to address commonly overlooked bugs, and understand how even the simplest misconfiguration can have a devastating impact.\r\n\r\n- Toomey, Patrick. “Behind the Scenes of Github Token Scanning.” The GitHub Blog, 17 Oct. 2018, [link](https://github.blog/2018-10-17-behind-the-scenes-of-github-token-scanning/).\r\n- Meli, Michael, et al. “How Bad Can It Git? Characterizing Secret Leakage in Public Github Repositories.” Proceedings 2019 Network and Distributed System Security Symposium, 19 Feb. 2019, [link](https://doi.org/10.14722/ndss.2019.23418).\r\n- Awslabs. “Awslabs/Git-Secrets: Prevents You from Committing Secrets and Credentials into Git Repositories.” GitHub, 2015, [link](https://github.com/awslabs/git-secrets).\r\n- Rice, Zachary. “Zricethezav/Gitleaks: Scan Git Repos (or Files) for Secrets Using Regex and Entropy.” GitHub, 2018, [link](https://github.com/zricethezav/gitleaks).\r\n- Ballenthin, Willi, and Moritz Raabe. “Mandiant/Flare-Floss: Flare Obfuscated String Solver - Automatically Extract Obfuscated Strings from Malware.” GitHub, 2016, [link](https://github.com/mandiant/flare-floss).\r\n- Squarcina, Marco, et al. “Can I Take Your Subdomain? Exploring Same-Site Attacks in the Modern Web.” USENIX Security Symposium, vol. 30, Aug. 2021, pp. 2917–2934.\r\n- MDN contributors. “Subdomain Takeovers - Web Security | MDN.” Developer.mozilla.org, 14 Oct. 2021, [link](https://developer.mozilla.org/en-US/docs/Web/Security/Subdomain_takeovers).\r\n- “Prevent Subdomain Takeovers with Azure DNS Alias Records and Azure App Service’s Custom Domain Verification.” Learn.microsoft.com, Microsoft, 16 June 2020, [link](https://learn.microsoft.com/en-us/azure/security/fundamentals/subdomain-takeover).\r\n- Shah, Shubham. “Eliminating Dangling Elastic IP Takeovers with Ghostbuster.” Assetnote, 13 Feb. 2022, [link](https://blog.assetnote.io/2022/02/13/dangling-eips/).\r\n- Claudius, Jonathan. “‘Deep Thoughts’ on Subdomain Takeover Vulnerabilities.” Claudijd.github.io, 3 Feb. 2017, [link](https://claudijd.github.io/2017/02/03/deep-thoughts-on-subdomain-takeovers/).\r\n- Victor Le Pochat, Tom Van Goethem, Samaneh Tajalizadehkhoob, Maciej Korczyński, and Wouter Joosen. 2019. \"Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation,\" Proceedings of the 26th Annual Network and Distributed System Security Symposium (NDSS 2019). [link](https://doi.org/10.14722/ndss.2019.23386)\r\n- Hallam-Baker, Phillip, et al. “RFC 8659 - DNS Certification Authority Authorization (CAA) Resource Record.” Datatracker.ietf.org, IETF, Nov. 2019, [link](https://datatracker.ietf.org/doc/html/rfc8659).","updated_timestamp":{"seconds":1720463642,"nanoseconds":0},"speakers":[{"content_ids":[54509],"conference_id":133,"event_ids":[54882],"name":"Bill Demirkapi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Independent Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@BillDemirkapi)","sort_order":0,"url":"https://twitter.com/BillDemirkapi"},{"description":"","title":"billdemirkapi.me","sort_order":0,"url":"https://billdemirkapi.me"}],"media":[],"id":54112,"title":"Independent Security Researcher"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:34:02Z","links":[],"end":"2024-08-10T23:45:00.000-0000","id":54882,"tag_ids":[46166,46169,46419,46881],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54112}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-08T18:34:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Between 1850 and 1855, the London-based newspaper The Times published over 50 encrypted advertisements apparently intended for the same recipient. As we know today, the ads in that series were meant for the sea captain Richard Collinson, who at the time was on a mission in the Canadian Arctic trying to solve a captivating mystery: What happened to the lost John Franklin expedition? While Collinson never reached his goal, he established a secure worldwide communication system, which was unique for its time.\r\n\r\nBefore his departure, Collinson's family was taught how to encrypt brief reports about what was going on at home and to publish these messages as mysterious ads in “The Times” once a month. The cipher used was a modified version of a system based on a signal-book of the Royal Navy. As the circulation of The Times stretched far beyond the UK, Collinson would have the chance to get his hands on a copy even at the remotest of ports.\r\n\r\nOver a century later, the Collinson ads were finally broken in the 1990s. Over the last two years, the lecturers of this talk continued this work, with a goal of decrypting all of the ads and placing them in their appropriate geographic and cultural context.\r\n\r\n- Article in “Mental Floss” (this was written based on one of our earlier talks)\r\n - Ellen Gutoskey: How Victorian Explorers and Pining Lovers Used Coded Newspaper Ads to Communicate. Aug 10, 2022\r\n - [link](https://www.mentalfloss.com/posts/victorian-coded-messages-franklin-expedition)\r\n\r\n- 1992 Research paper in Cryptologia:\r\n - John Rabson: All are Well at Boldon a mid-Victorian Code System. Cryptologia 16(2): 127-135 (1992)\r\n\r\n- Book about encrypted newspaper advertisements:\r\n - Jean Palmer: The Agony Column Codes & Ciphers. New Generation Publishing, London 2006\r\n\r\n- Naval codebooks:\r\n - 10th edition (1847): [link](https://www.google.com/books/edition/A_Code_of_Signals_in_the_Merchant_Servic/J1APe67ngc8C)\r\n - 11th edition (1851): [link](https://books.google.de/books/about/The_universal_code_of_signals_for_the_me.html?id=jGEBAAAAQAAJ)\r\n - 12th edition (1854): [link](https://www.google.com/books/edition/The_universal_code_of_signals_for_the_me/jGEBAAAAQAAJ)\r\n\r\n- Collinson’s logbooks (by his brother):\r\n - Thomas Bernard Collinson: Cypher Notices in the ‘Times’. In: Journal of H.M.S. Enterprise, on the Expedition in Search of Sir John Franklin's Ships by Behring Strait. 1850-55. Sampson Low, Marston, Searle, & Rivington. London: 1889 [link](https://archive.org/details/cu31924083524409/page/2/mode/2up)\r\n\r\n- Article from the 1940s:\r\n - Richard J. Cyriax: The Collinson Cryptograms in \"The Times\". Notes and Queries 26 July, 1947: 322-323\r\n\n\n\n","media":[],"title":"Encrypted newspaper ads in the 19th century - The world's first worldwide secure communication system","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T23:45:00Z","end_timestamp":{"seconds":1723333500,"nanoseconds":0},"android_description":"Between 1850 and 1855, the London-based newspaper The Times published over 50 encrypted advertisements apparently intended for the same recipient. As we know today, the ads in that series were meant for the sea captain Richard Collinson, who at the time was on a mission in the Canadian Arctic trying to solve a captivating mystery: What happened to the lost John Franklin expedition? While Collinson never reached his goal, he established a secure worldwide communication system, which was unique for its time.\r\n\r\nBefore his departure, Collinson's family was taught how to encrypt brief reports about what was going on at home and to publish these messages as mysterious ads in “The Times” once a month. The cipher used was a modified version of a system based on a signal-book of the Royal Navy. As the circulation of The Times stretched far beyond the UK, Collinson would have the chance to get his hands on a copy even at the remotest of ports.\r\n\r\nOver a century later, the Collinson ads were finally broken in the 1990s. Over the last two years, the lecturers of this talk continued this work, with a goal of decrypting all of the ads and placing them in their appropriate geographic and cultural context.\r\n\r\n- Article in “Mental Floss” (this was written based on one of our earlier talks)\r\n - Ellen Gutoskey: How Victorian Explorers and Pining Lovers Used Coded Newspaper Ads to Communicate. Aug 10, 2022\r\n - [link](https://www.mentalfloss.com/posts/victorian-coded-messages-franklin-expedition)\r\n\r\n- 1992 Research paper in Cryptologia:\r\n - John Rabson: All are Well at Boldon a mid-Victorian Code System. Cryptologia 16(2): 127-135 (1992)\r\n\r\n- Book about encrypted newspaper advertisements:\r\n - Jean Palmer: The Agony Column Codes & Ciphers. New Generation Publishing, London 2006\r\n\r\n- Naval codebooks:\r\n - 10th edition (1847): [link](https://www.google.com/books/edition/A_Code_of_Signals_in_the_Merchant_Servic/J1APe67ngc8C)\r\n - 11th edition (1851): [link](https://books.google.de/books/about/The_universal_code_of_signals_for_the_me.html?id=jGEBAAAAQAAJ)\r\n - 12th edition (1854): [link](https://www.google.com/books/edition/The_universal_code_of_signals_for_the_me/jGEBAAAAQAAJ)\r\n\r\n- Collinson’s logbooks (by his brother):\r\n - Thomas Bernard Collinson: Cypher Notices in the ‘Times’. In: Journal of H.M.S. Enterprise, on the Expedition in Search of Sir John Franklin's Ships by Behring Strait. 1850-55. Sampson Low, Marston, Searle, & Rivington. London: 1889 [link](https://archive.org/details/cu31924083524409/page/2/mode/2up)\r\n\r\n- Article from the 1940s:\r\n - Richard J. Cyriax: The Collinson Cryptograms in \"The Times\". Notes and Queries 26 July, 1947: 322-323","updated_timestamp":{"seconds":1720463664,"nanoseconds":0},"speakers":[{"content_ids":[54643,54508],"conference_id":133,"event_ids":[54881,55016],"name":"Elonka Dunin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Crypto Expert"}],"pronouns":"she/her","links":[{"description":"","title":"Facebook","sort_order":0,"url":"https://www.facebook.com/elonka"},{"description":"","title":"Twitter (@ElonkaDunin)","sort_order":0,"url":"https://twitter.com/ElonkaDunin"},{"description":"","title":"cipherbrain.net","sort_order":0,"url":"https://cipherbrain.net"},{"description":"","title":"codebreaking-guide.com","sort_order":0,"url":"https://codebreaking-guide.com"},{"description":"","title":"elonka.com","sort_order":0,"url":"https://elonka.com"}],"media":[],"id":54068,"title":"Crypto Expert"},{"content_ids":[54643,54508],"conference_id":133,"event_ids":[54881,55016],"name":"Klaus Schmeh","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Eviden","title":"Crypto Expert"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@KlausSchmeh)","sort_order":0,"url":"https://twitter.com/KlausSchmeh"}],"media":[],"id":54194,"title":"Crypto Expert at Eviden"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:34:24Z","links":[],"end":"2024-08-10T23:45:00.000-0000","id":54881,"tag_ids":[46166,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54068},{"tag_id":46167,"sort_order":2,"person_id":54194}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-08T18:34:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Presented by Jake Jepson and Rik Chatterjee, two Systems Engineering Master's students at Colorado State University, this talk delves into the critical security implications within the trucking industry, particularly focusing on Electronic Logging Devices (ELDs). These devices, integral to compliance with Hours of Service regulations, present unique cyber-physical threats due to their networked nature and lack of standardized security protocols.\r\n\r\nThe presentation will walk through examining potential remote exploits via wireless ELD compromise, leading to cyber physical control payloads and even wormable scenarios. Key vulnerabilities identified include insecure defaults and poor security practices shown on a commercially available ELD. These vulnerabilities not only expose truck networks to potential unauthorized control but also highlight systemic issues in device certification and security oversight.\r\n\r\nThe talk will cover their journey from acquiring and reverse engineering ELDs, discovering their common architectures and weaknesses, to demonstrating proof of concept attacks that underline the urgent need for industry-wide security reforms. Notably, Jepson will discuss his first CVE, detailing the coordinated disclosure process and subsequent manufacturer response.\r\n\r\nThis session is semi-technical, ideal for cybersecurity professionals and amateurs alike, interested in vehicle network protocols, and embedded systems security. Prior knowledge of network protocols such as CAN and J1939, along with an understanding of firmware reverse engineering, will enhance the learning experience, but is not required. Tools and techniques used include network scanners, reverse engineering platforms like Ghidra, and various wireless communication methods.\r\n\r\nBy attending this presentation, participants will not only understand the specific security flaws affecting heavy vehicles but also appreciate the broader implications for embedded systems security in transportation. This talk is a call to action for improving security practices and regulatory standards in an increasingly interconnected world.\r\n\r\n1. Bureau of Transportation Statistics, United States Department of Transportation. \"National Transportation Statistics (NTS).\" Accessed December 19, 2023. [link](https://tinyurl.com/rosapntlbtsNTS). doi:10.21949/1503663\r\n2. “Economics and Industry Data.” American Trucking Associations. [Online]. Available: [link](https://www.trucking.org/economics-and-industry-data)\r\n3. Technology, Syrma Sgs. “Automotive ECU: The Core Component for Connected Cars.” Electronic Manufacturing Services - Syrma SGS Technology, 15 July 2021, [link](https://www.syrma.com/ecu). Picture: “M156 ECU Upgrade.” DYNE Performance, [link](https://dyneperformance.com.au/product/m156-ecu-upgrade/?currency=AUD). Accessed 22 Apr. 2022.\r\n4. “J1939-13.” SAE International.\r\n5. “Moving Ahead for Progress in the 21st Century Act (MAP-21).” U.S. Department of Transportation. [Online]. Available: Moving Ahead for Progress in the 21st Century Act (MAP-21)\r\n6. “ELD List.” FMCSA. [Online]. Available: [link](https://eld.fmcsa.dot.gov/List)\r\n7. [link](https://us.amazon.com/EZ-ELD-Solution-Electronic-Logging-Device/dp/B071FN5RKN)\r\n8. [link](https://www.overdriveonline.com/electronic-logging-devices/article/14888881/rule-to-require-speed-limiters-could-come-this-week-e-log-rule-expected-soon-too)\r\n9. [link](https://www.garmin.com/en-US/p/592207)\r\n10. [link](https://fccid.io/2ALBDPT30)\r\n\n\n\n","media":[],"title":"Compromising an Electronic Logging Device and Creating a Truck2Truck Worm","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T23:20:00Z","end_timestamp":{"seconds":1723332000,"nanoseconds":0},"android_description":"Presented by Jake Jepson and Rik Chatterjee, two Systems Engineering Master's students at Colorado State University, this talk delves into the critical security implications within the trucking industry, particularly focusing on Electronic Logging Devices (ELDs). These devices, integral to compliance with Hours of Service regulations, present unique cyber-physical threats due to their networked nature and lack of standardized security protocols.\r\n\r\nThe presentation will walk through examining potential remote exploits via wireless ELD compromise, leading to cyber physical control payloads and even wormable scenarios. Key vulnerabilities identified include insecure defaults and poor security practices shown on a commercially available ELD. These vulnerabilities not only expose truck networks to potential unauthorized control but also highlight systemic issues in device certification and security oversight.\r\n\r\nThe talk will cover their journey from acquiring and reverse engineering ELDs, discovering their common architectures and weaknesses, to demonstrating proof of concept attacks that underline the urgent need for industry-wide security reforms. Notably, Jepson will discuss his first CVE, detailing the coordinated disclosure process and subsequent manufacturer response.\r\n\r\nThis session is semi-technical, ideal for cybersecurity professionals and amateurs alike, interested in vehicle network protocols, and embedded systems security. Prior knowledge of network protocols such as CAN and J1939, along with an understanding of firmware reverse engineering, will enhance the learning experience, but is not required. Tools and techniques used include network scanners, reverse engineering platforms like Ghidra, and various wireless communication methods.\r\n\r\nBy attending this presentation, participants will not only understand the specific security flaws affecting heavy vehicles but also appreciate the broader implications for embedded systems security in transportation. This talk is a call to action for improving security practices and regulatory standards in an increasingly interconnected world.\r\n\r\n1. Bureau of Transportation Statistics, United States Department of Transportation. \"National Transportation Statistics (NTS).\" Accessed December 19, 2023. [link](https://tinyurl.com/rosapntlbtsNTS). doi:10.21949/1503663\r\n2. “Economics and Industry Data.” American Trucking Associations. [Online]. Available: [link](https://www.trucking.org/economics-and-industry-data)\r\n3. Technology, Syrma Sgs. “Automotive ECU: The Core Component for Connected Cars.” Electronic Manufacturing Services - Syrma SGS Technology, 15 July 2021, [link](https://www.syrma.com/ecu). Picture: “M156 ECU Upgrade.” DYNE Performance, [link](https://dyneperformance.com.au/product/m156-ecu-upgrade/?currency=AUD). Accessed 22 Apr. 2022.\r\n4. “J1939-13.” SAE International.\r\n5. “Moving Ahead for Progress in the 21st Century Act (MAP-21).” U.S. Department of Transportation. [Online]. Available: Moving Ahead for Progress in the 21st Century Act (MAP-21)\r\n6. “ELD List.” FMCSA. [Online]. Available: [link](https://eld.fmcsa.dot.gov/List)\r\n7. [link](https://us.amazon.com/EZ-ELD-Solution-Electronic-Logging-Device/dp/B071FN5RKN)\r\n8. [link](https://www.overdriveonline.com/electronic-logging-devices/article/14888881/rule-to-require-speed-limiters-could-come-this-week-e-log-rule-expected-soon-too)\r\n9. [link](https://www.garmin.com/en-US/p/592207)\r\n10. [link](https://fccid.io/2ALBDPT30)","updated_timestamp":{"seconds":1720464662,"nanoseconds":0},"speakers":[{"content_ids":[54507],"conference_id":133,"event_ids":[54880],"name":"Rik Chatterjee","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Colorado State University","title":"Graduate Research Assistant, Department of Systems Engineering"}],"links":[],"pronouns":null,"media":[],"id":54064,"title":"Graduate Research Assistant, Department of Systems Engineering at Colorado State University"},{"content_ids":[54507],"conference_id":133,"event_ids":[54880],"name":"Jake Jepson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Colorado State University","title":"Graduate Research Assistant, Department of Systems Engineering"}],"links":[],"pronouns":"he/him","media":[],"id":54188,"title":"Graduate Research Assistant, Department of Systems Engineering at Colorado State University"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:51:02Z","links":[],"end":"2024-08-10T23:20:00.000-0000","id":54880,"tag_ids":[46166,46169,46419,46437,46878],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":2,"person_id":54188},{"tag_id":46167,"sort_order":4,"person_id":54064}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-08T18:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In-person contest\r\nFriday: 10:00 to 15:00, Qualifications \r\nContest Area\r\nSaturday: 16:00 - 19:00\r\nContest Stage\r\n\r\nWhat happens when you take an ACM style programming contest, smash it head long into a drinking game, throw in a mix of our most distracting helpers, then shove the resulting chaos incarnate onto a stage? You get the contest known as Crash and Compile.\r\n\r\nTeams are given programming challenges and have to solve them with code. If your code fails to compile? Take a drink. Segfault? Take a drink. Did your code fail to produce the correct answer when you ran it? Take a drink. We set you against the clock and the other teams. And because our \"Team Distraction\" think watching people simply code is boring, they have taken it upon themselves to be creative in hindering you from programming, much to the enjoyment of the audience. At the end of the night, one team will have proven their ability, and walk away with the coveted Crash and Compile trophy.\r\n\r\nCrash and Compile is looking for the top programmers to test their skills in our contest. Do you have the problem solving and programming ability to complete our challenges? More importantly can you do so with style that sets your team ahead of the others? We encourage you to try your hand at the Crash and Compile qualifiers. Gather your team and see if you have the coding chops to secure your place as one of the top teams to move on to the main contest event.\r\n\r\nQualifications for Crash and Compile will take place 10:00 to 15:00. Come see us in contest area West Hall 4, or if you are excited to get started, qualifying can be completed from anywhere, as it takes place online at https://crashandcompile.org. You need a two hour block of time to complete the qualifying round. Points are awarded based on time to complete and problem difficulty.\n\n\n","media":[],"title":"Crash and Compile","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T02:00:00Z","end_timestamp":{"seconds":1723341600,"nanoseconds":0},"android_description":"In-person contest\r\nFriday: 10:00 to 15:00, Qualifications \r\nContest Area\r\nSaturday: 16:00 - 19:00\r\nContest Stage\r\n\r\nWhat happens when you take an ACM style programming contest, smash it head long into a drinking game, throw in a mix of our most distracting helpers, then shove the resulting chaos incarnate onto a stage? You get the contest known as Crash and Compile.\r\n\r\nTeams are given programming challenges and have to solve them with code. If your code fails to compile? Take a drink. Segfault? Take a drink. Did your code fail to produce the correct answer when you ran it? Take a drink. We set you against the clock and the other teams. And because our \"Team Distraction\" think watching people simply code is boring, they have taken it upon themselves to be creative in hindering you from programming, much to the enjoyment of the audience. At the end of the night, one team will have proven their ability, and walk away with the coveted Crash and Compile trophy.\r\n\r\nCrash and Compile is looking for the top programmers to test their skills in our contest. Do you have the problem solving and programming ability to complete our challenges? More importantly can you do so with style that sets your team ahead of the others? We encourage you to try your hand at the Crash and Compile qualifiers. Gather your team and see if you have the coding chops to secure your place as one of the top teams to move on to the main contest event.\r\n\r\nQualifications for Crash and Compile will take place 10:00 to 15:00. Come see us in contest area West Hall 4, or if you are excited to get started, qualifying can be completed from anywhere, as it takes place online at https://crashandcompile.org. You need a two hour block of time to complete the qualifying round. Points are awarded based on time to complete and problem difficulty.","updated_timestamp":{"seconds":1719554822,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T06:07:02Z","links":[{"label":"Website","type":"link","url":"https://crashandcompile.org"}],"end":"2024-08-11T02:00:00.000-0000","id":54613,"tag_ids":[46427,46439,46494],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46334,"name":"LVCC - L1 - North Lobby Contests/ACK Stage","hotel":"","short_name":"North Lobby Contests/ACK Stage","id":46332},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-06-28T06:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come by this informal mixer to meet others in the lgbtqia+ community who are a part of this wonderful world that is InfoSec. This is a safe and inclusive space to meet and talk to others with your shared experience and is a nice environment to network and unwind with a drink.\n\n\n","media":[{"hash_sha256":"2656c5ebc25f87c2aace541797f643642da570a63fff5f24da518c3d6d472944","filetype":"image/png","hash_md5":"ed87e0dc24f65f5259a7bdff54921872","name":"pme_queercon-mixer.png","is_logo":"Y","hash_crc32c":"f9440803","filesize":140037,"asset_id":682,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_queercon-mixer.png"}],"title":"QueerCon Mixer","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Come by this informal mixer to meet others in the lgbtqia+ community who are a part of this wonderful world that is InfoSec. This is a safe and inclusive space to meet and talk to others with your shared experience and is a nice environment to network and unwind with a drink.","updated_timestamp":{"seconds":1718813154,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T16:05:54Z","links":[{"label":"Twitter (@queercon)","type":"link","url":"https://twitter.com/queercon"},{"label":"Discord","type":"link","url":"https://queercon.lgbt/discord"},{"label":"Website","type":"link","url":"https://queercon.org"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249580"}],"end":"2024-08-11T01:00:00.000-0000","id":54518,"tag_ids":[46364],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W231-W233 (Chillout 2)","hotel":"","short_name":"W231-W233 (Chillout 2)","id":46316},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-06-19T16:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"While the world buzzes about AI-augmented reverse engineering, what about turning the tables and reverse engineering AI itself? As artificial intelligence systems grow increasingly complex and pervasive, decoding their inner workings has become not just a fun challenge, but a critical necessity. This talk introduces the emerging field of mechanistic interpretability to the reverse engineering community, revealing how the frontier of AI research is reinventing wheels long familiar to RE experts. We'll explore how traditional reverse engineering techniques are finding new life in dissecting neural networks, and why the RE community's hard-earned wisdom is more relevant than ever in the age of AI.\n\n\n","media":[],"title":"A Reverse Engineer's Guide to AI Interpretability","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"While the world buzzes about AI-augmented reverse engineering, what about turning the tables and reverse engineering AI itself? As artificial intelligence systems grow increasingly complex and pervasive, decoding their inner workings has become not just a fun challenge, but a critical necessity. This talk introduces the emerging field of mechanistic interpretability to the reverse engineering community, revealing how the frontier of AI research is reinventing wheels long familiar to RE experts. We'll explore how traditional reverse engineering techniques are finding new life in dissecting neural networks, and why the RE community's hard-earned wisdom is more relevant than ever in the age of AI.","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[56139],"conference_id":133,"event_ids":[56782],"name":"Dr. Andrew Fasano","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MIT Lincoln Laboratory","title":"Cyber System Assessments"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/fasano/"},{"description":"","title":"Mastodon (@andrewfasano@mastodon.social)","sort_order":0,"url":"https://mastodon.social/@andrewfasano"},{"description":"","title":"Nation.State.Actor Blog","sort_order":0,"url":"https://nation.state.actor"},{"description":"","title":"Website","sort_order":0,"url":"https://andrewfasano.com"}],"media":[],"id":56530,"title":"Cyber System Assessments at MIT Lincoln Laboratory"}],"begin_tsz":"2024-08-10T22:45:00Z","timeband_id":1148,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":56782,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723329900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56530}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-10T22:45:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Gather with members of the Women in Security and Privacy community for a group picture.\n\n\n","media":[],"title":"WISP Group Photo","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Gather with members of the Women in Security and Privacy community for a group picture.","updated_timestamp":{"seconds":1722207035,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T22:45:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T22:50:35Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":55903,"tag_ids":[46410,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723329900,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-04","hotel":"","short_name":"HW3-05-04","id":46266},"spans_timebands":"N","begin":"2024-08-10T22:45:00.000-0000","updated":"2024-07-28T22:50:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We are living through a time period where not only are wars being fought, on land, sea, air, and cyber, but we have all been drafted into a misinformation, disinformation, and malinformation war that many of us were not given the proper tools or training for. The times we exist in are unprecedented, and the more that people primarily consume their information online, the more susceptible we all are to becoming influenced by operations that are coming foreign adversaries as a means of not only spreading misinformation, disinformation, and malformation, but as means of dividing and polarizing our nation. How can we resist that? What can we look for? Is there a framework the average voter can use? Join us for this fireside chat to learn more and equip yourself for the upcoming election.\n\n\n","media":[],"title":"Cognative Weather Report","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"We are living through a time period where not only are wars being fought, on land, sea, air, and cyber, but we have all been drafted into a misinformation, disinformation, and malinformation war that many of us were not given the proper tools or training for. The times we exist in are unprecedented, and the more that people primarily consume their information online, the more susceptible we all are to becoming influenced by operations that are coming foreign adversaries as a means of not only spreading misinformation, disinformation, and malformation, but as means of dividing and polarizing our nation. How can we resist that? What can we look for? Is there a framework the average voter can use? Join us for this fireside chat to learn more and equip yourself for the upcoming election.","updated_timestamp":{"seconds":1723183539,"nanoseconds":0},"speakers":[{"content_ids":[56200,56182,56192],"conference_id":133,"event_ids":[56836,56846,56854],"name":"Catherine Terranova","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/catherine-terranova-8b209826a"},{"description":"","title":"Twitter (@catlovesvoting)","sort_order":0,"url":"https://twitter.com/catlovesvoting"},{"description":"","title":"Website","sort_order":0,"url":"https://votingvillage.org"}],"media":[],"id":56563},{"content_ids":[56199,56200],"conference_id":133,"event_ids":[56853,56854],"name":"Constantine Nicolaidis","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56564}],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T06:05:39Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":56854,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56564},{"tag_id":46167,"sort_order":4,"person_id":56563}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Nuestra presentación se centra en cómo ganar observabilidad y transparencia a nivel de firmware en dispositivos que se encuentran el perímetro de la red. De esta forma, toca el tema central de DEF CON 32: Arreglar lo que esta roto en internet. Contaremos todo lo que aprendimos haciendo ingenieria inversa del firmware de los routers Draytek, cómo descubrimos vulnerabilidades que permiten ganar persistencia, y cómo aprovechamos esto para detectar posibles ataques de terceros sobre estos dispositivos. Mostraremos nuestro proceso y compartiremos nuestras herramientas para empoderar a los asistentes que deseen analizar estos routers, buscar nuevas vulnerabilidades, hardenearlos o incluso hacer mods que implementen nuevas funcionalidades.\n\n\n","media":[],"title":"Haciendo visible lo invisible: Observabilidad y transparencia en routers Draytek","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"Nuestra presentación se centra en cómo ganar observabilidad y transparencia a nivel de firmware en dispositivos que se encuentran el perímetro de la red. De esta forma, toca el tema central de DEF CON 32: Arreglar lo que esta roto en internet. Contaremos todo lo que aprendimos haciendo ingenieria inversa del firmware de los routers Draytek, cómo descubrimos vulnerabilidades que permiten ganar persistencia, y cómo aprovechamos esto para detectar posibles ataques de terceros sobre estos dispositivos. Mostraremos nuestro proceso y compartiremos nuestras herramientas para empoderar a los asistentes que deseen analizar estos routers, buscar nuevas vulnerabilidades, hardenearlos o incluso hacer mods que implementen nuevas funcionalidades.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[54642,55974],"conference_id":133,"event_ids":[56590,55015],"name":"Octavio Gianatiempo","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Faraday","title":"Security Researcher"},{"organization":"University of Buenos Aires","title":"Student, Computer Science"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/octavio-gianatiempo"},{"description":"","title":"Twitter (@ogianatiempo)","sort_order":0,"url":"https://twitter.com/ogianatiempo"}],"media":[],"id":54238,"title":"Student, Computer Science at University of Buenos Aires"},{"content_ids":[54642,55974],"conference_id":133,"event_ids":[56590,55015],"name":"Gastón Aznarez","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Faraday","title":"Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/gastonaznarez"},{"description":"","title":"Twitter (@gastonaznarez)","sort_order":0,"url":"https://twitter.com/gastonaznarez"}],"media":[],"id":54239,"title":"Security Researcher at Faraday"}],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":56590,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54239},{"tag_id":46167,"sort_order":6,"person_id":54238}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Given access to the start time, duration, method of encoding, and an all-powerful quantum receiver, could you perform the \"simple\" task of detecting whether two or more parties were attempting to communicate? Covert communication, or low probability of detection, demonstrates that it is possible to hide signals within noise so effectively that even an all-powerful quantum adversary would have a vanishing probability of detecting the signal’s presence. In this talk, I'll provide a high-level overview of covert communication and its extension to the quantum regime. I'll discuss the theoretical underpinnings of covert quantum communication, and how we can practically implement such a system. Finally, I'll discuss the ethical considerations of this work and why we should care about it.\n\n\n","media":[],"title":"Covert Quantum Communication","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"Given access to the start time, duration, method of encoding, and an all-powerful quantum receiver, could you perform the \"simple\" task of detecting whether two or more parties were attempting to communicate? Covert communication, or low probability of detection, demonstrates that it is possible to hide signals within noise so effectively that even an all-powerful quantum adversary would have a vanishing probability of detecting the signal’s presence. In this talk, I'll provide a high-level overview of covert communication and its extension to the quantum regime. I'll discuss the theoretical underpinnings of covert quantum communication, and how we can practically implement such a system. Finally, I'll discuss the ethical considerations of this work and why we should care about it.","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[{"content_ids":[55854],"conference_id":133,"event_ids":[56441],"name":"Evan Anderson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56217}],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":56441,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56217}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Physical Red Teams are the most dynamic, exciting, and fast paced engagements we can perform. It requires good decision making under pressure and intimate knowledge of a vast landscape of physical security mechanisms. This talk equips you with the knowledge of over a dozen techniques I use on engagements, delivering the most effective lessons from both lab work and field work. In one action packed hour we'll cover top bypasses for padlocks, doors, RFID systems and more.\n\n\n","media":[],"title":"Intermediate Physical Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"Physical Red Teams are the most dynamic, exciting, and fast paced engagements we can perform. It requires good decision making under pressure and intimate knowledge of a vast landscape of physical security mechanisms. This talk equips you with the knowledge of over a dozen techniques I use on engagements, delivering the most effective lessons from both lab work and field work. In one action packed hour we'll cover top bypasses for padlocks, doors, RFID systems and more.","updated_timestamp":{"seconds":1723044458,"nanoseconds":0},"speakers":[{"content_ids":[55801],"conference_id":133,"event_ids":[56350],"name":"Justin Wynn","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Coalfire","title":"Director of the Red Team"}],"links":[],"pronouns":null,"media":[],"id":56180,"title":"Director of the Red Team at Coalfire"}],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T15:27:38Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":56350,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56180}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-08-07T15:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"\"Synthetic Aperture Radar (SAR) is one of the most useful and interesting techniques in radar, providing high resolution radar satellite images from relatively small satellites. SAR is not limited by the time of day or by atmospheric conditions. It complements satellite photography and other remote sensing techniques, revealing activity on the Earth that would otherwise be hidden. How does the magic happen? This talk will explain the basics of SAR in an accessible and friendly way. That's the good news. \n\nThe bad news? SAR is controlled by ITAR, the International Traffic in Arms Regulations, and is listed in the USML, the United States Munitions List. ITAR regulates the export of defense articles and services and is administered by the US State Department. This includes both products and services as well as technical data. Such as, catalogs of high resolution radar imagery. \n\nRegulation of SAR chills commercial activity, creating costly and time-consuming burdens. But why does any of this matter to signals hackers? Because technology has overtaken the rules, and devices used by enthusiasts, researchers, students, and hackers are increasingly likely to have enough capability to fall into or near export-controlled categories. The penalties are harsh. Fear of running afoul of ITAR is enough to stop a promising open source project in its tracks.\n\nIs there a way forward? Yes. ITAR has a public domain carve out. Information that is published and that is generally accessible or available to the public is excluded from control as ITAR technical data. That's great in theory, but how can we increase our confidence that we are interpreting these rules correctly? How can we use and build upon these rules, so that our community can learn and practice modern radio techniques with reduced fear and risk? Can we contribute towards regulatory relief when it comes to SAR? We will describe the process, report on the progress, and enumerate the challenges and roadblocks.\"\n\n\n","media":[],"title":"Who's Afraid of Synthetic Aperture Radar?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:55:00Z","end_timestamp":{"seconds":1723330500,"nanoseconds":0},"android_description":"\"Synthetic Aperture Radar (SAR) is one of the most useful and interesting techniques in radar, providing high resolution radar satellite images from relatively small satellites. SAR is not limited by the time of day or by atmospheric conditions. It complements satellite photography and other remote sensing techniques, revealing activity on the Earth that would otherwise be hidden. How does the magic happen? This talk will explain the basics of SAR in an accessible and friendly way. That's the good news. \n\nThe bad news? SAR is controlled by ITAR, the International Traffic in Arms Regulations, and is listed in the USML, the United States Munitions List. ITAR regulates the export of defense articles and services and is administered by the US State Department. This includes both products and services as well as technical data. Such as, catalogs of high resolution radar imagery. \n\nRegulation of SAR chills commercial activity, creating costly and time-consuming burdens. But why does any of this matter to signals hackers? Because technology has overtaken the rules, and devices used by enthusiasts, researchers, students, and hackers are increasingly likely to have enough capability to fall into or near export-controlled categories. The penalties are harsh. Fear of running afoul of ITAR is enough to stop a promising open source project in its tracks.\n\nIs there a way forward? Yes. ITAR has a public domain carve out. Information that is published and that is generally accessible or available to the public is excluded from control as ITAR technical data. That's great in theory, but how can we increase our confidence that we are interpreting these rules correctly? How can we use and build upon these rules, so that our community can learn and practice modern radio techniques with reduced fear and risk? Can we contribute towards regulatory relief when it comes to SAR? We will describe the process, report on the progress, and enumerate the challenges and roadblocks.\"","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55459],"conference_id":133,"event_ids":[55884],"name":"Abraxas3d","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Open Research Institute","title":"Founder and CEO"},{"organization":"ARRL","title":"Technical Specialist and Technical Advisor"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@abraxas3d)","sort_order":0,"url":"https://twitter.com/abraxas3d"}],"media":[],"id":55998,"title":"Technical Specialist and Technical Advisor at ARRL"}],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-10T22:55:00.000-0000","id":55884,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55998}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come make a call in front of our soundproof booth. We provide everything, the target company, their phone number, and three objectives to gather (easy, medium, and hard). First come, first serve. \n\n\n","media":[],"title":"Cold Calls","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T00:30:00Z","end_timestamp":{"seconds":1723336200,"nanoseconds":0},"android_description":"Come make a call in front of our soundproof booth. We provide everything, the target company, their phone number, and three objectives to gather (easy, medium, and hard). First come, first serve.","updated_timestamp":{"seconds":1722103160,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T17:59:20Z","links":[{"label":"More Info","type":"link","url":"https://www.se.community/cold-calls/"}],"end":"2024-08-11T00:30:00.000-0000","id":55839,"tag_ids":[46393,46641],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-07-27T17:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Building Zero Trust in ICS","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:55:00Z","end_timestamp":{"seconds":1723330500,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1721781797,"nanoseconds":0},"speakers":[{"content_ids":[55356],"conference_id":133,"event_ids":[55748],"name":"Sting","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55968}],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T00:43:17Z","links":[],"end":"2024-08-10T22:55:00.000-0000","id":55748,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55968}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-07-24T00:43:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"D0N0H4RM: Cyber STEM Storytime","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1721676679,"nanoseconds":0},"speakers":[{"content_ids":[54533,55322,56132],"conference_id":133,"event_ids":[55714,56775,54906],"name":"Andrew Carney","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DARPA AI Cyber Challenge (AIxCC)","title":"Program Manager"},{"organization":"Advanced Research Projects Agency for Health (ARPA-H)","title":"Program Manager"}],"pronouns":null,"links":[{"description":"","title":"ARPA-H Profile","sort_order":0,"url":"https://arpa-h.gov/about/people/andrew-carney"}],"media":[],"id":54106,"title":"Program Manager at Advanced Research Projects Agency for Health (ARPA-H)"},{"content_ids":[55322],"conference_id":133,"event_ids":[55714],"name":"Nitin Natarajan","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cybersecurity and Infrastructure Security Agency (CISA)","title":"Deputy Director"}],"links":[],"pronouns":null,"media":[],"id":54227,"title":"Deputy Director at Cybersecurity and Infrastructure Security Agency (CISA)"},{"content_ids":[55322],"conference_id":133,"event_ids":[55714],"name":"Christian Dameff, MD","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Emergency Physician"}],"links":[],"pronouns":null,"media":[],"id":54458,"title":"Emergency Physician"},{"content_ids":[55322],"conference_id":133,"event_ids":[55714],"name":"Matt Hazelett","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"FDA","title":"Program Director for the Cybersecurity Focal Point Program in the Office of Product Evaluation and Quality (OPEQ)"}],"links":[],"pronouns":null,"media":[],"id":55878,"title":"Program Director for the Cybersecurity Focal Point Program in the Office of Product Evaluation and Quality (OPEQ) at FDA"},{"content_ids":[55322],"conference_id":133,"event_ids":[55714],"name":"Erika Cheung","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Ethics in Entrepreneurship","title":"Executive Director"}],"links":[],"pronouns":null,"media":[],"id":56024,"title":"Executive Director at Ethics in Entrepreneurship"}],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-22T19:31:19Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":55714,"tag_ids":[46371,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54227},{"tag_id":46167,"sort_order":4,"person_id":54458},{"tag_id":46167,"sort_order":6,"person_id":54106},{"tag_id":46167,"sort_order":8,"person_id":55878},{"tag_id":46167,"sort_order":10,"person_id":56024}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-07-22T19:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Are you looking to install or upgrade a physical access control system? Having installed, repaired and upgraded dozens of large and small access control system installations, I have found that many vendors install a minimum viable product that can leave your new system unreliable and trivial to bypass.\r\n\r\nThis session will give you the tools and knowledge you need to work with your installer to implement your system using best practices in the following areas:\r\n\r\n- Wiring, supervision, encryption and tamper-resistance\r\n- Choosing clone-resistant badges and securely programming badge readers\r\n- Securing controller equipment and managing issued badges\r\n- Maintaining the system for maximum security and uptime\r\n\n\n\n","media":[],"title":"Access Control Done Right the First Time","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Are you looking to install or upgrade a physical access control system? Having installed, repaired and upgraded dozens of large and small access control system installations, I have found that many vendors install a minimum viable product that can leave your new system unreliable and trivial to bypass.\r\n\r\nThis session will give you the tools and knowledge you need to work with your installer to implement your system using best practices in the following areas:\r\n\r\n- Wiring, supervision, encryption and tamper-resistance\r\n- Choosing clone-resistant badges and securely programming badge readers\r\n- Securing controller equipment and managing issued badges\r\n- Maintaining the system for maximum security and uptime","updated_timestamp":{"seconds":1720403318,"nanoseconds":0},"speakers":[{"content_ids":[54625,55797],"conference_id":133,"event_ids":[56346,54999],"name":"Tim Clevenger","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SailPoint","title":"Cybersecurity Network Engineer"}],"links":[],"pronouns":null,"media":[],"id":54335,"title":"Cybersecurity Network Engineer at SailPoint"}],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T01:48:38Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":54999,"tag_ids":[46387,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54335}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-07-08T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Electronic hotel locks have been in use for over three decades, and have become an integral part of the hospitality sector. Las Vegas has over 150.000 hotel rooms, many of which use an RFID based electronic lock for access control. Most hotel guests rely on these locks to safeguard personal belongings and to protect their personal safety. However, some of these long-deployed locks have never been publicly scrutinized by the research community.\r\n\r\nThis presentation covers the discovery of vulnerabilities affecting three million dormakaba Saflok locks. The Saflok system relied on a proprietary key derivation function for its MIFARE Classic cards and a proprietary encryption algorithm for the card contents. Reverse engineering the Saflok system allowed us to forge valid keycards. After reading a single, low privilege, guest card we are able to create a pair of forged key cards that allow us to deactivate the deadbolt and open any room at the property.\r\n\r\nWe reported these vulnerabilities to dormakaba in September of 2022, as part of this presentation we will discuss the responsible disclosure and mitigation processes. Additionally, we will demonstrate how you can determine if your own hotel room has been patched to help ensure your personal safety.\r\n\r\n1. My Arduino can beat up your hotel room lock - Onity locks - Cody Brocious - Blackhat 2012\r\n2. Ghost In The Locks: Owning Electronic Locks Without Leaving A Trace - Vingcard locks - Tomi Tuominen and Timo Hirvonen - HITBGSEC 2018\r\n\n\n\n","media":[],"title":"Unsaflok: Hacking millions of hotel locks","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T23:15:00Z","end_timestamp":{"seconds":1723331700,"nanoseconds":0},"android_description":"Electronic hotel locks have been in use for over three decades, and have become an integral part of the hospitality sector. Las Vegas has over 150.000 hotel rooms, many of which use an RFID based electronic lock for access control. Most hotel guests rely on these locks to safeguard personal belongings and to protect their personal safety. However, some of these long-deployed locks have never been publicly scrutinized by the research community.\r\n\r\nThis presentation covers the discovery of vulnerabilities affecting three million dormakaba Saflok locks. The Saflok system relied on a proprietary key derivation function for its MIFARE Classic cards and a proprietary encryption algorithm for the card contents. Reverse engineering the Saflok system allowed us to forge valid keycards. After reading a single, low privilege, guest card we are able to create a pair of forged key cards that allow us to deactivate the deadbolt and open any room at the property.\r\n\r\nWe reported these vulnerabilities to dormakaba in September of 2022, as part of this presentation we will discuss the responsible disclosure and mitigation processes. Additionally, we will demonstrate how you can determine if your own hotel room has been patched to help ensure your personal safety.\r\n\r\n1. My Arduino can beat up your hotel room lock - Onity locks - Cody Brocious - Blackhat 2012\r\n2. Ghost In The Locks: Owning Electronic Locks Without Leaving A Trace - Vingcard locks - Tomi Tuominen and Timo Hirvonen - HITBGSEC 2018","updated_timestamp":{"seconds":1720384329,"nanoseconds":0},"speakers":[{"content_ids":[54506],"conference_id":133,"event_ids":[54879],"name":"Lennert Wouters","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"KU Leuven University","title":"Security Researcher, Computer Security and Industrial Cryptography (COSIC)"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@LennertWo)","sort_order":0,"url":"https://twitter.com/LennertWo"}],"media":[],"id":54157,"title":"Security Researcher, Computer Security and Industrial Cryptography (COSIC) at KU Leuven University"},{"content_ids":[54506],"conference_id":133,"event_ids":[54879],"name":"Ian Carroll","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Seats.aero","title":"Founder"},{"organization":"","title":"Independent Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@iangcarroll)","sort_order":0,"url":"https://twitter.com/iangcarroll"},{"description":"","title":"seats.aero","sort_order":0,"url":"https://seats.aero"}],"media":[],"id":54178,"title":"Independent Security Researcher"}],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T20:32:09Z","links":[],"end":"2024-08-10T23:15:00.000-0000","id":54879,"tag_ids":[46166,46169,46419,46437,46880],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54157},{"tag_id":46167,"sort_order":2,"person_id":54178}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-07-07T20:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the current digital security ecosystem, where threats evolve rapidly and with complexity, companies developing Endpoint Detection and Response (EDR) solutions are in constant search for innovations that not only keep up but also anticipate emerging attack vectors. In this context, this article introduces the HookChain, a look from another perspective at widely known techniques, which when combined, provide an additional layer of sophisticated evasion against traditional EDR systems.\r\n\r\nThrough a precise combination of IAT Hooking techniques, dynamic SSN resolution, and indirect system calls, HookChain redirects the execution flow of Windows subsystems in a way that remains invisible to the vigilant eyes of EDRs that only act on Ntdll.dll, without requiring changes to the source code of the applications and malwares involved.\r\n\r\nThis work not only challenges current conventions in cybersecurity but also sheds light on a promising path for future protection strategies, leveraging the understanding that continuous evolution is key to the effectiveness of digital security. \r\n\r\nBy developing and exploring the HookChain technique, this study significantly contributes to the body of knowledge in endpoint security, stimulating the development of more robust and adaptive solutions that can effectively address the ever-changing dynamics of digital threats. This work aspires to inspire deep reflection and advancement in the research and development of security technologies that are always several steps ahead of adversaries.\n\n\n","media":[],"title":"HookChain: A new perspective for Bypassing EDR Solutions","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T23:15:00Z","end_timestamp":{"seconds":1723331700,"nanoseconds":0},"android_description":"In the current digital security ecosystem, where threats evolve rapidly and with complexity, companies developing Endpoint Detection and Response (EDR) solutions are in constant search for innovations that not only keep up but also anticipate emerging attack vectors. In this context, this article introduces the HookChain, a look from another perspective at widely known techniques, which when combined, provide an additional layer of sophisticated evasion against traditional EDR systems.\r\n\r\nThrough a precise combination of IAT Hooking techniques, dynamic SSN resolution, and indirect system calls, HookChain redirects the execution flow of Windows subsystems in a way that remains invisible to the vigilant eyes of EDRs that only act on Ntdll.dll, without requiring changes to the source code of the applications and malwares involved.\r\n\r\nThis work not only challenges current conventions in cybersecurity but also sheds light on a promising path for future protection strategies, leveraging the understanding that continuous evolution is key to the effectiveness of digital security. \r\n\r\nBy developing and exploring the HookChain technique, this study significantly contributes to the body of knowledge in endpoint security, stimulating the development of more robust and adaptive solutions that can effectively address the ever-changing dynamics of digital threats. This work aspires to inspire deep reflection and advancement in the research and development of security technologies that are always several steps ahead of adversaries.","updated_timestamp":{"seconds":1720378486,"nanoseconds":0},"speakers":[{"content_ids":[54505],"conference_id":133,"event_ids":[54878],"name":"Helvio Carvalho Junior","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Sec4US","title":"CEO"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/helviojunior/"},{"description":"","title":"sec4us.com.br/","sort_order":0,"url":"https://sec4us.com.br/"},{"description":"","title":"www.helviojunior.com.br/","sort_order":0,"url":"https://www.helviojunior.com.br/"}],"media":[],"id":54134,"title":"CEO at Sec4US"}],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T18:54:46Z","links":[],"end":"2024-08-10T23:15:00.000-0000","id":54878,"tag_ids":[46166,46169,46419,46437,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54134}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-07-07T18:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Since the first car hit the road, manufacturers have been obsessed with safety. But hey, as AI wisely points out, determining the absolute 'safest' car can be as subjective as trying to decide on the best pizza topping! So, we decided to shift gears… into the world of car manufacturers' (application) security.\r\n\r\nIn this talk, get ready for a wild ride as we unveil the security findings from our research, affecting at least eleven major car manufacturers. Buckle up, folks, because your favorite brand might be on our list—along with your personal info!\r\n\r\nBring popcorn to watch some proof-of-concept videos.\r\n\r\nWith this talk we aim to demonstrate:\r\n\r\n* that modern Web Applications are still affected by old/traditional vulnerabilities,\r\n* how security issues can be chained together to build real attacks/demonstrate impact,\r\n* highlight a common pattern on running unpatched third-party software,\r\n* how organizations benefit from a responsible disclosure policy.\n\n\n","media":[],"title":"Speed Bumps and Speed Hacks: Adventures in Car Manufacturers Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:50:00Z","end_timestamp":{"seconds":1723330200,"nanoseconds":0},"android_description":"Since the first car hit the road, manufacturers have been obsessed with safety. But hey, as AI wisely points out, determining the absolute 'safest' car can be as subjective as trying to decide on the best pizza topping! So, we decided to shift gears… into the world of car manufacturers' (application) security.\r\n\r\nIn this talk, get ready for a wild ride as we unveil the security findings from our research, affecting at least eleven major car manufacturers. Buckle up, folks, because your favorite brand might be on our list—along with your personal info!\r\n\r\nBring popcorn to watch some proof-of-concept videos.\r\n\r\nWith this talk we aim to demonstrate:\r\n\r\n* that modern Web Applications are still affected by old/traditional vulnerabilities,\r\n* how security issues can be chained together to build real attacks/demonstrate impact,\r\n* highlight a common pattern on running unpatched third-party software,\r\n* how organizations benefit from a responsible disclosure policy.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55714],"conference_id":133,"event_ids":[56240],"name":"Paulo A. Silva","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56078},{"content_ids":[55714],"conference_id":133,"event_ids":[56240],"name":"David Sopas","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56110}],"begin_tsz":"2024-08-10T22:20:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T22:50:00.000-0000","id":56240,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723328400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56110},{"tag_id":46167,"sort_order":1,"person_id":56078}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T22:20:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Were you ever wondering why a vacuum robot or a smart air purifier needs multiple cameras and microphones? How secure are these devices? Can the devices be used to potentially spy on you?\n\nFor the past 5 years we have been presenting ways to hack and root vacuum robots at various events like the c3 or the DEFCON. In all these cases it covered vacuum robots by Roborock, Dreame, Xiaomi and some smaller companies. However, did we ever take a look at other vendors and maybe some new interesting device classes? In this talk we do exactly that, and will take a deep dive into Ecovacs robots! Ecovacs is the current market leader for smart home robots and recently expanded in other areas of home robotics.\n\nYou will be surprised how many worrisome things we found: broken crypto, missing TLS certificate verification, honor-system based ACLs, lots of RCEs, broken factory resets and unauthorized live camera access.\n\nWe will discuss our and other researchers experience with reporting bugs to the company and why one cannot trust third party certification agencies. In regard to trust, we will also address why you need to be careful with the choice of your spouse or flatmates.\n\nCome with us on a journey of having fun hacking interesting devices while exploring bad oversights, real problems and the ignorance of the manufacturer. Learn what ways there are to root these devices and to use them in a privacy-preserving way.\n\n\n\n","media":[],"title":"Reverse engineering and hacking Ecovacs robots","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Were you ever wondering why a vacuum robot or a smart air purifier needs multiple cameras and microphones? How secure are these devices? Can the devices be used to potentially spy on you?\n\nFor the past 5 years we have been presenting ways to hack and root vacuum robots at various events like the c3 or the DEFCON. In all these cases it covered vacuum robots by Roborock, Dreame, Xiaomi and some smaller companies. However, did we ever take a look at other vendors and maybe some new interesting device classes? In this talk we do exactly that, and will take a deep dive into Ecovacs robots! Ecovacs is the current market leader for smart home robots and recently expanded in other areas of home robotics.\n\nYou will be surprised how many worrisome things we found: broken crypto, missing TLS certificate verification, honor-system based ACLs, lots of RCEs, broken factory resets and unauthorized live camera access.\n\nWe will discuss our and other researchers experience with reporting bugs to the company and why one cannot trust third party certification agencies. In regard to trust, we will also address why you need to be careful with the choice of your spouse or flatmates.\n\nCome with us on a journey of having fun hacking interesting devices while exploring bad oversights, real problems and the ignorance of the manufacturer. Learn what ways there are to root these devices and to use them in a privacy-preserving way.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54624,54441],"conference_id":133,"event_ids":[54814,54998],"name":"Braelynn","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Leviathan Security Group","title":"Security Consultant"}],"links":[],"pronouns":null,"media":[],"id":54131,"title":"Security Consultant at Leviathan Security Group"},{"content_ids":[54624,54441,54471],"conference_id":133,"event_ids":[54814,54844,54998],"name":"Dennis Giese","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Twitter (@dgi_DE)","sort_order":0,"url":"https://twitter.com/dgi_DE"},{"description":"","title":"Website","sort_order":0,"url":"https://dontvacuum.me"}],"media":[],"id":54142}],"begin_tsz":"2024-08-10T22:15:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":54998,"tag_ids":[46169,46379,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723328100,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":54142},{"tag_id":46167,"sort_order":4,"person_id":54131}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T22:15:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The ethical and secure disclosure of vulnerabilities in AI has emerged as a pivotal challenge, compounded by the need to address biases and misinformation that often cloud the true nature of these vulnerabilities. This talk delves into the intricate dynamics of vulnerability disclosure within AI, balancing transparency with security. We'll dissect the unique challenges AI presents, such as data bias exploitation and model manipulation, which can amplify the impact of vulnerabilities. Through a lens of real-world examples and recent disclosures, we'll navigate the complexities of responsible vulnerability management in AI. Our discussion will not only aim to shed light on these critical issues but also inspire a unified approach to refining disclosure processes. This concerted effort is vital for enhancing the integrity of AI systems and bolstering public trust in their use.\n\n\n\n","media":[],"title":"I've got 99 problems but a prompt injection ain't pineapple","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"The ethical and secure disclosure of vulnerabilities in AI has emerged as a pivotal challenge, compounded by the need to address biases and misinformation that often cloud the true nature of these vulnerabilities. This talk delves into the intricate dynamics of vulnerability disclosure within AI, balancing transparency with security. We'll dissect the unique challenges AI presents, such as data bias exploitation and model manipulation, which can amplify the impact of vulnerabilities. Through a lens of real-world examples and recent disclosures, we'll navigate the complexities of responsible vulnerability management in AI. Our discussion will not only aim to shed light on these critical issues but also inspire a unified approach to refining disclosure processes. This concerted effort is vital for enhancing the integrity of AI systems and bolstering public trust in their use.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54623,55698,55989],"conference_id":133,"event_ids":[56611,56229,54997],"name":"Chloé Messdaghi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"HiddenLayer","title":"Head of Threat Intelligence"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@ChloeMessdaghi)","sort_order":0,"url":"https://twitter.com/ChloeMessdaghi"}],"media":[],"id":54278,"title":"Head of Threat Intelligence at HiddenLayer"},{"content_ids":[54623,55878,55698,55989],"conference_id":133,"event_ids":[56611,56229,56463,54997],"name":"Kasimir Schulz","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"HiddenLayer","title":"Principal Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@abraxus7331)","sort_order":0,"url":"https://twitter.com/abraxus7331"}],"media":[],"id":54282,"title":"Principal Security Researcher at HiddenLayer"}],"begin_tsz":"2024-08-10T22:15:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#ive-got-99-problems-but-a-prompt-injection"}],"end":"2024-08-10T23:00:00.000-0000","id":54997,"tag_ids":[46374,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723328100,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54278},{"tag_id":46167,"sort_order":4,"person_id":54282}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-10T22:15:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"How I Learned to Stop Worrying and Love the Ban","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:05:00Z","end_timestamp":{"seconds":1723331100,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722445839,"nanoseconds":0},"speakers":[{"content_ids":[55691],"conference_id":133,"event_ids":[56214],"name":"Manfred","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@_EBFE)","sort_order":0,"url":"https://x.com/_EBFE"}],"media":[],"id":56062}],"begin_tsz":"2024-08-10T22:05:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:10:39Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-10T23:05:00.000-0000","id":56214,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723327500,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56062}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-10T22:05:00.000-0000","updated":"2024-07-31T17:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Cybersecurity for Veterans: Bridging the Gap from Military to Civilian Careers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723225190,"nanoseconds":0},"speakers":[{"content_ids":[56214],"conference_id":133,"event_ids":[56868],"name":"Matt James","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56605}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T17:39:50Z","links":[],"end":"2024-08-10T22:45:00.000-0000","id":56868,"tag_ids":[46409,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56605}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W213-W214","hotel":"","short_name":"W213-W214","id":46286},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-08-09T17:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Find the reachable one! You’ve got 18x18 inch game board, 5 cards, 5 code weaknesses, and a 5-minute sand timer, ready, set, go! You'll have 5 minutes to place the cards in the correct order and find the true positive(s). The winner? Whoever finds the solution in the shortest amount of time!\n\n\n","media":[],"title":"Activity: Spot the Reachable by Backslash","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Find the reachable one! You’ve got 18x18 inch game board, 5 cards, 5 code weaknesses, and a 5-minute sand timer, ready, set, go! You'll have 5 minutes to place the cards in the correct order and find the true positive(s). The winner? Whoever finds the solution in the shortest amount of time!","updated_timestamp":{"seconds":1723007403,"nanoseconds":0},"speakers":[{"content_ids":[56164],"conference_id":133,"event_ids":[56808,56815,56816],"name":"Czesia Glik","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56548},{"content_ids":[56164],"conference_id":133,"event_ids":[56808,56815,56816],"name":"Yossi Pik","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Backslash Security","title":"CTO & Co-Founder"}],"links":[],"pronouns":null,"media":[],"id":56553,"title":"CTO & Co-Founder at Backslash Security"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T05:10:03Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":56815,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56548},{"tag_id":46167,"sort_order":4,"person_id":56553}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 1","hotel":"","short_name":"ASV Pod 1","id":46466},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-08-07T05:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this activity, participants will see an API Security presentation with examples and engage in a trivia game centered around the topic.\r\n\r\nLearn about the wide range of API vulnerabilities with real-world examples of data breaches and what it means to secure APIs through tests. And then it’s trivia time!\r\n\r\nParticipants will have to answer 10-15 questions on API Security based on their learnings. You will get swags for each answer you get right!\n\n\n","media":[],"title":"Activity: API Security 101: Testing and Trivia by Akto.io","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"In this activity, participants will see an API Security presentation with examples and engage in a trivia game centered around the topic.\r\n\r\nLearn about the wide range of API vulnerabilities with real-world examples of data breaches and what it means to secure APIs through tests. And then it’s trivia time!\r\n\r\nParticipants will have to answer 10-15 questions on API Security based on their learnings. You will get swags for each answer you get right!","updated_timestamp":{"seconds":1723007277,"nanoseconds":0},"speakers":[{"content_ids":[56161],"conference_id":133,"event_ids":[56805,56812],"name":"Ankita Gupta","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56546},{"content_ids":[56161],"conference_id":133,"event_ids":[56805,56812],"name":"Ankush Jain","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Akto","title":"Co-founder & CTO"}],"links":[],"pronouns":null,"media":[],"id":56547,"title":"Co-founder & CTO at Akto"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T05:07:57Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":56812,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56547},{"tag_id":46167,"sort_order":4,"person_id":56546}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 3","hotel":"","short_name":"ASV Pod 3","id":46468},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-08-07T05:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Contextualizing Open Source Software’s Importance to CISA's Mission","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:30:00Z","end_timestamp":{"seconds":1723329000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[55331,56138],"conference_id":133,"event_ids":[55730,56781],"name":"Aeva Black","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DHS Cyber Security and Infrastructure Security Agency","title":""}],"links":[],"pronouns":"they/them","media":[],"id":55918,"title":"DHS Cyber Security and Infrastructure Security Agency"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-10T22:30:00.000-0000","id":56781,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55918}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Este es un triple disco de vinilo. En el Lado A, abordaremos el panorama de los ransomwares, los famosos, por supuesto, y cómo los ransomware indies intentan competir con los ya consagrados. Al igual que en el lado B de un disco, se encuentran las canciones más oscuras y desconocidas que es poco probable que escuches por ahí, trataremos de los ransomwares que nunca han llegado al estrellato. Y por último, en LadoC, echaremos un vistazo a las amenazas emergentes y a las recomendaciones.\n\n\n","media":[],"title":"Ransomware B-Sides: Los ransoms que nunca triunfaron","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:30:00Z","end_timestamp":{"seconds":1723329000,"nanoseconds":0},"android_description":"Este es un triple disco de vinilo. En el Lado A, abordaremos el panorama de los ransomwares, los famosos, por supuesto, y cómo los ransomware indies intentan competir con los ya consagrados. Al igual que en el lado B de un disco, se encuentran las canciones más oscuras y desconocidas que es poco probable que escuches por ahí, trataremos de los ransomwares que nunca han llegado al estrellato. Y por último, en LadoC, echaremos un vistazo a las amenazas emergentes y a las recomendaciones.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[54559,55973,55976],"conference_id":133,"event_ids":[56589,56592,54934],"name":"Mauro Eldritch","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Birmingham Cyber Arms LTD","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/mauroeldritch/"},{"description":"","title":"Twitter (@MauroEldritch)","sort_order":0,"url":"https://twitter.com/MauroEldritch"},{"description":"","title":"Website","sort_order":0,"url":"https://www.birminghamcyberarms.co.uk/"}],"media":[],"id":54249,"title":"Founder at Birmingham Cyber Arms LTD"},{"content_ids":[54559,55973],"conference_id":133,"event_ids":[56589,54934],"name":"Cybelle Oliveira ","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"CTI Malwarelandia","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/cybelleoliveira/"},{"description":"","title":"Twitter (@cyb3113)","sort_order":0,"url":"https://twitter.com/cyb3113"}],"media":[],"id":54350,"title":"CTI Malwarelandia"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-10T22:30:00.000-0000","id":56589,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54249},{"tag_id":46167,"sort_order":4,"person_id":54350}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This panel will explore the critical challenges and opportunities in developing a robust workforce for AI and machine learning (ML) security. As AI systems become increasingly prevalent across industries, the need for skilled professionals who can safeguard these technologies against adversarial attacks and vulnerabilities has never been greater.\n\nA key focus of the discussion will be addressing the significant shortage of practitioners with hands-on experience in securing ML models deployed in real-world adversarial environments. Panelists will examine how this lack of battle-tested expertise impacts the industry’s ability to defend against sophisticated attacks and discuss strategies for cultivating this essential skill set.\n\n\n","media":[],"title":"Bridging the Experience Gap in Machine Learning Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"This panel will explore the critical challenges and opportunities in developing a robust workforce for AI and machine learning (ML) security. As AI systems become increasingly prevalent across industries, the need for skilled professionals who can safeguard these technologies against adversarial attacks and vulnerabilities has never been greater.\n\nA key focus of the discussion will be addressing the significant shortage of practitioners with hands-on experience in securing ML models deployed in real-world adversarial environments. Panelists will examine how this lack of battle-tested expertise impacts the industry’s ability to defend against sophisticated attacks and discuss strategies for cultivating this essential skill set.","updated_timestamp":{"seconds":1722625241,"nanoseconds":0},"speakers":[{"content_ids":[55335,55885],"conference_id":133,"event_ids":[55726,56470],"name":"Christine Lai","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DHS Cyber Security and Infrastructure Security Agency","title":"Cybersecurity Research Specialist"}],"links":[],"pronouns":null,"media":[],"id":55923,"title":"Cybersecurity Research Specialist at DHS Cyber Security and Infrastructure Security Agency"},{"content_ids":[55885],"conference_id":133,"event_ids":[56470],"name":"Kellee Wicker (Moderator)","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"The Wilson Center","title":""}],"links":[],"pronouns":null,"media":[],"id":56252,"title":"The Wilson Center"},{"content_ids":[55885],"conference_id":133,"event_ids":[56470],"name":"David Lo","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SMU","title":""}],"links":[],"pronouns":null,"media":[],"id":56253,"title":"SMU"},{"content_ids":[55885],"conference_id":133,"event_ids":[56470],"name":"Austin Carson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Seed AI","title":""}],"links":[],"pronouns":null,"media":[],"id":56254,"title":"Seed AI"},{"content_ids":[55885],"conference_id":133,"event_ids":[56470],"name":"Nick Landers","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Dreadnode","title":""}],"links":[],"pronouns":null,"media":[],"id":56255,"title":"Dreadnode"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T19:00:41Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56470,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56252},{"tag_id":46167,"sort_order":4,"person_id":55923},{"tag_id":46167,"sort_order":6,"person_id":56253},{"tag_id":46167,"sort_order":8,"person_id":56254},{"tag_id":46167,"sort_order":10,"person_id":56255}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-08-02T19:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This panel is a reprisal of the panel I've done for a couple years now. The first two years we were very successful- packed room, high audience engagement. I'm hoping to come back for a third year.\r\n\r\nThis is not written for public consumption. If you want a longer description that's audience-facing, let me know!\r\n\r\n*** Topic 1- SOCs vs IT infrastructure / Network Ops, the battle continues\r\n•\tStart off by giving some good war stories when we see these groups collide\r\n•\tThen tell some stories where they worked together in success\r\n•\tWhat is the intended design: efficiency, collaboration, oversight, secrecy? \r\n•\tWhat techniques makes these relationships successful?\r\n•\tOperational models\r\n•\tTicketing and tasking\r\n•\tPartnership and interfaces\r\n\r\n*** Topic 2- LLMs/ Generative AI in general\r\n•\tWhat are they actually being used for in practice so far\r\n•\tWhat do we see emerging from the market right now\r\n•\tWhat roles can we replace in the SOC / adjust staffing on\r\n•\tLet’s speculate on 3 years from now, what do we see showing actual value\r\n•\tWhat’s overhyped, so far\r\n•\tIs the SOC going away? (of course it isn’t– why not)\r\n•\tExpand scope… what ML techniques outside LLM do we see SOCs getting value out of? What’s not getting the attention that it should?\r\n•\tHow could we accomplish supervised learning (known / labelled sets) at enough scale? A community driven project might accomplish this.\r\n•\tUnsupervised learning approach - could we accomplish threat intelligence attribution where there’s no right answer, but some pretty good basis, and keep refactoring on old campaigns until we have a pretty reasonable approximation? Which leads us to threat intel…\r\n\r\n*** Topic 3- Threat Intel\r\n•\tEveryone’s got feelings about this one, what do we mean by threat intel beyond simple IOC matching?\r\n•\tHow much refinement is needed in threat intel reporting?\r\n•\tHow are folks separating (and handling) Tactical vs Strategic threat intel?\r\n•\tWho are SOCs getting the most traction with by sharing? Execs? Constituents? Other SOCs?\r\n•\tWork products:\r\n•\tExecutive facing reporting? (are execs understanding/getting the value out of these reports?)\r\n•\tIT briefings? \r\n•\tThreat intel production / extraction from investigations?\r\n•\tAttribution?\r\n\r\n*** Topic 4- Live audience participation\r\n•\tLet’s do some live polls of the audience– this worked well last time, let’s expand on that\r\n•\tTopics we’re considering:\r\n•\tStaffing models\r\n•\tCurrent hiring trends\r\n•\tCurrent detection efforts\r\n\r\n*** Topic 5- Cyber risk quantification\r\n•\tWhat do we mean by CRQ?\r\n•\tWhen incidents happen, what CRQ measurement methods actually work?\r\n•\tHow are folks using CRQ to drive improvements in defensive controls and/or other risk-related initiatives?\r\n•\tWhat is more speculative, low value, hard, or otherwise should the audience stay away from?\n\n\nCome hear 5 SOC veterans discuss some of the most challenging topics in security operations today. Carson Zimmerman is joined by SOC veterans Chris Crowley, Eric Lippart, Enoch Long, and Russ McRee. With a total of over a century of SOC experience, we cut the buzzword bingo and get real. This year, we’ll be discussing topics like: resolving conflict with network and IT ops, what value are people really getting out of LLMs, how to get value with threat intel beyond IOC matching, and more! We will be doing live, real-time polling of the audience. We will also take your spicy questions!","media":[],"title":"Hot SOC Topics for 2024: Feel the Spice!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"This panel is a reprisal of the panel I've done for a couple years now. The first two years we were very successful- packed room, high audience engagement. I'm hoping to come back for a third year.\r\n\r\nThis is not written for public consumption. If you want a longer description that's audience-facing, let me know!\r\n\r\n*** Topic 1- SOCs vs IT infrastructure / Network Ops, the battle continues\r\n•\tStart off by giving some good war stories when we see these groups collide\r\n•\tThen tell some stories where they worked together in success\r\n•\tWhat is the intended design: efficiency, collaboration, oversight, secrecy? \r\n•\tWhat techniques makes these relationships successful?\r\n•\tOperational models\r\n•\tTicketing and tasking\r\n•\tPartnership and interfaces\r\n\r\n*** Topic 2- LLMs/ Generative AI in general\r\n•\tWhat are they actually being used for in practice so far\r\n•\tWhat do we see emerging from the market right now\r\n•\tWhat roles can we replace in the SOC / adjust staffing on\r\n•\tLet’s speculate on 3 years from now, what do we see showing actual value\r\n•\tWhat’s overhyped, so far\r\n•\tIs the SOC going away? (of course it isn’t– why not)\r\n•\tExpand scope… what ML techniques outside LLM do we see SOCs getting value out of? What’s not getting the attention that it should?\r\n•\tHow could we accomplish supervised learning (known / labelled sets) at enough scale? A community driven project might accomplish this.\r\n•\tUnsupervised learning approach - could we accomplish threat intelligence attribution where there’s no right answer, but some pretty good basis, and keep refactoring on old campaigns until we have a pretty reasonable approximation? Which leads us to threat intel…\r\n\r\n*** Topic 3- Threat Intel\r\n•\tEveryone’s got feelings about this one, what do we mean by threat intel beyond simple IOC matching?\r\n•\tHow much refinement is needed in threat intel reporting?\r\n•\tHow are folks separating (and handling) Tactical vs Strategic threat intel?\r\n•\tWho are SOCs getting the most traction with by sharing? Execs? Constituents? Other SOCs?\r\n•\tWork products:\r\n•\tExecutive facing reporting? (are execs understanding/getting the value out of these reports?)\r\n•\tIT briefings? \r\n•\tThreat intel production / extraction from investigations?\r\n•\tAttribution?\r\n\r\n*** Topic 4- Live audience participation\r\n•\tLet’s do some live polls of the audience– this worked well last time, let’s expand on that\r\n•\tTopics we’re considering:\r\n•\tStaffing models\r\n•\tCurrent hiring trends\r\n•\tCurrent detection efforts\r\n\r\n*** Topic 5- Cyber risk quantification\r\n•\tWhat do we mean by CRQ?\r\n•\tWhen incidents happen, what CRQ measurement methods actually work?\r\n•\tHow are folks using CRQ to drive improvements in defensive controls and/or other risk-related initiatives?\r\n•\tWhat is more speculative, low value, hard, or otherwise should the audience stay away from?\n\n\nCome hear 5 SOC veterans discuss some of the most challenging topics in security operations today. Carson Zimmerman is joined by SOC veterans Chris Crowley, Eric Lippart, Enoch Long, and Russ McRee. With a total of over a century of SOC experience, we cut the buzzword bingo and get real. This year, we’ll be discussing topics like: resolving conflict with network and IT ops, what value are people really getting out of LLMs, how to get value with threat intel beyond IOC matching, and more! We will be doing live, real-time polling of the audience. We will also take your spicy questions!","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55747],"conference_id":133,"event_ids":[56271],"name":"Carson Zimmerman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56171},{"content_ids":[55747],"conference_id":133,"event_ids":[56271],"name":"Russ McRee","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56591},{"content_ids":[55747],"conference_id":133,"event_ids":[56271],"name":"Enoch Long","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56594},{"content_ids":[55747],"conference_id":133,"event_ids":[56271],"name":"Eric Lippart","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56595}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56271,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56171},{"tag_id":46167,"sort_order":4,"person_id":56591},{"tag_id":46167,"sort_order":6,"person_id":56595},{"tag_id":46167,"sort_order":8,"person_id":56594}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Immerse yourself in a workshop where we guide participants in creating a covert trojan within code completion models. Learn to inject a backdoor discreetly, then explore detection techniques. Gain hands-on experience crafting and identifying hidden threats, unveiling the underbelly of trusted coding.\n\n\n","media":[],"title":"Injecting and Detecting Backdoors in Code Completion Models","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Immerse yourself in a workshop where we guide participants in creating a covert trojan within code completion models. Learn to inject a backdoor discreetly, then explore detection techniques. Gain hands-on experience crafting and identifying hidden threats, unveiling the underbelly of trusted coding.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55713,56163],"conference_id":133,"event_ids":[56807,56814,56239],"name":"Ori Ron","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56076},{"content_ids":[55713,56163],"conference_id":133,"event_ids":[56807,56814,56239],"name":"Tal Folkman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56087}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":56239,"tag_ids":[46370,46734],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56076},{"tag_id":46167,"sort_order":1,"person_id":56087}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Classroom","hotel":"","short_name":"ASV Classroom","id":46465},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Panel - Hacker stories and career Q and A: Stories and adventures from real life hacking engagements. Ask the panel about different career’s in cyber security and getting paid to be a hacker.\n\n\n","media":[],"title":"Real life hacking stories (that can’t be recorded!)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Panel - Hacker stories and career Q and A: Stories and adventures from real life hacking engagements. Ask the panel about different career’s in cyber security and getting paid to be a hacker.","updated_timestamp":{"seconds":1722361815,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T17:50:15Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56095,"tag_ids":[46398,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-30T17:50:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"\"Learn the basics of how cards are used for payments online, and the risks associated.\r\nWe’ll explore a number of attacks used by malicious actors against online payment systems and the ways to mitigate them\"\n\n\n","media":[],"title":"Online Payments - Attack and Defense","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"\"Learn the basics of how cards are used for payments online, and the risks associated.\r\nWe’ll explore a number of attacks used by malicious actors against online payment systems and the ways to mitigate them\"","updated_timestamp":{"seconds":1722356322,"nanoseconds":0},"speakers":[{"content_ids":[55569],"conference_id":133,"event_ids":[56084],"name":"Vincent Sloan","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GoFundMe","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/vincentsloan/"},{"description":"","title":"Website","sort_order":0,"url":"https://vincentsloan.com"}],"media":[],"id":56042,"title":"GoFundMe"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T16:18:42Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56084,"tag_ids":[46386,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56042}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-30T16:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"\"4G Frenzy: Delving into Advanced Telecom Security\" explores telecom network security with a focus on 4G. It covers the basics of 2G, 3G, and 4G, highlighting key differences and advancements. The workshop examines legacy telecom threats, vulnerabilities, and historical attacks, then delves into 4G's security improvements. Topics include protocols, RAN and core security, authentication, encryption, voice services, roaming, and Diameter protocol weaknesses. Includes hands-on demos of 4G weaknesses, prevention techniques, and open-source 4G network setup\n\n\n","media":[{"hash_sha256":"bb0c0d9f7f52d4708773c50f13ab99ea877c11eac6c33326315f91dfbec1dc80","filetype":"image/webp","hash_md5":"99e7418f9aef29bf25429d7fed59c7d3","name":"content_telecom_4gfrenzy.webp","is_logo":"Y","hash_crc32c":"b23e0fea","filesize":116184,"asset_id":823,"sort_order":1,"url":"https://info.defcon.org/blobs/content_telecom_4gfrenzy.webp"}],"title":"4G Frenzy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"\"4G Frenzy: Delving into Advanced Telecom Security\" explores telecom network security with a focus on 4G. It covers the basics of 2G, 3G, and 4G, highlighting key differences and advancements. The workshop examines legacy telecom threats, vulnerabilities, and historical attacks, then delves into 4G's security improvements. Topics include protocols, RAN and core security, authentication, encryption, voice services, roaming, and Diameter protocol weaknesses. Includes hands-on demos of 4G weaknesses, prevention techniques, and open-source 4G network setup","updated_timestamp":{"seconds":1722352226,"nanoseconds":0},"speakers":[{"content_ids":[55563],"conference_id":133,"event_ids":[56078],"name":"Vinod Shrimali","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/vinodkumarshrimalii/"}],"media":[],"id":56035}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T15:10:26Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":56078,"tag_ids":[46395,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56035}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W201","hotel":"","short_name":"W201","id":46281},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-30T15:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"GPS Jamming and GPS Spoofing.\nVulnerabilities in typical GPS receivers\n Some simple mods that can help\nDirection finding on GPS Jammers.\n Overview of DF techniques\nArtillery Radars\nJam resistance HF Communications.\n (Basically the same thing the Germans did when\n they were in the Ukraine!)\n\n\n","media":[],"title":"Current EW techniques","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:25:00Z","end_timestamp":{"seconds":1723328700,"nanoseconds":0},"android_description":"GPS Jamming and GPS Spoofing.\nVulnerabilities in typical GPS receivers\n Some simple mods that can help\nDirection finding on GPS Jammers.\n Overview of DF techniques\nArtillery Radars\nJam resistance HF Communications.\n (Basically the same thing the Germans did when\n they were in the Ukraine!)","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55458],"conference_id":133,"event_ids":[55883],"name":"Kent Britain","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55997}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-10T22:25:00.000-0000","id":55883,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55997}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Making and deploying double bazooka antenna out of commonly available materials.\n\n\n","media":[],"title":"Clapping cheeks, aka home brew antennas","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:30:00Z","end_timestamp":{"seconds":1723329000,"nanoseconds":0},"android_description":"Making and deploying double bazooka antenna out of commonly available materials.","updated_timestamp":{"seconds":1722185715,"nanoseconds":0},"speakers":[{"content_ids":[55439],"conference_id":133,"event_ids":[55864],"name":"Seth","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55980}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T16:55:15Z","links":[],"end":"2024-08-10T22:30:00.000-0000","id":55864,"tag_ids":[46380,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55980}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W321","hotel":"","short_name":"W321","id":46337},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-28T16:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Time to mingle! Discover who can tell the best dad jokes. We're taking a quick break - be back soon!\n\n\n","media":[],"title":"SECV - Break / Networking","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T22:30:00Z","end_timestamp":{"seconds":1723329000,"nanoseconds":0},"android_description":"Time to mingle! Discover who can tell the best dad jokes. We're taking a quick break - be back soon!","updated_timestamp":{"seconds":1722102841,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T17:54:01Z","links":[],"end":"2024-08-10T22:30:00.000-0000","id":55833,"tag_ids":[46393,46641],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-27T17:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The purpose of this study is to identify commonalities in cybersecurity incidents in the maritime transportation system (MTS). For this exploratory study, the researcher expanded upon their previous research into identifying commonalities in cyberattacks by analyzing documents to identify trends concerning all cybersecurity incidents in the civilian and military MTS components. The MTS can use identified commonalities from the expanded study, including all cybersecurity incidents impacting the civilian and military aspects, to make better informed decisions on cybersecurity threats and appropriate measures. In addition to the Diamond Model of Intrusion Analysis and the information security triad—Confidentiality, Integrity, or Availablity (CIA), this study incorporates additional cybersecurity concepts, such as the Parkerian Hexad and the MITRE ATT&CK framework, to provide more granularity to commonalities identifying in previous research.\n\n\n","media":[],"title":"Underway to Identifying Commonalities of Cybersecurity Incidents in the Maritime Transportation System","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:30:00Z","end_timestamp":{"seconds":1723329000,"nanoseconds":0},"android_description":"The purpose of this study is to identify commonalities in cybersecurity incidents in the maritime transportation system (MTS). For this exploratory study, the researcher expanded upon their previous research into identifying commonalities in cyberattacks by analyzing documents to identify trends concerning all cybersecurity incidents in the civilian and military MTS components. The MTS can use identified commonalities from the expanded study, including all cybersecurity incidents impacting the civilian and military aspects, to make better informed decisions on cybersecurity threats and appropriate measures. In addition to the Diamond Model of Intrusion Analysis and the information security triad—Confidentiality, Integrity, or Availablity (CIA), this study incorporates additional cybersecurity concepts, such as the Parkerian Hexad and the MITRE ATT&CK framework, to provide more granularity to commonalities identifying in previous research.","updated_timestamp":{"seconds":1721781780,"nanoseconds":0},"speakers":[{"content_ids":[55355],"conference_id":133,"event_ids":[55747],"name":"Rebecca J. Rohan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55965}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T00:43:00Z","links":[],"end":"2024-08-10T22:30:00.000-0000","id":55747,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55965}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-24T00:43:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Everyone is trying to leverage AI for many tasks. However, are they doing it effectively? This presentation explores the integration of Retrieval Augmented Generation (RAG), Langchain, and Large Language Models (LLMs) within cybersecurity and offensive security operations. We will begin by exploring the conceptual foundations of these technologies, looking at their unique capabilities for enhancing automation in offensive (and defensive) security operations.\n\nWe will go over different practical demonstrations and case studies. You will gain insights into how these tools can be harnessed to take your red, blue, purple team to the next level. We will discuss the implementation of RAG for dynamic information retrieval, re-ranking, and other techniques and how Langchain is making using these technologies so easy nowadays. We will also explore the use of uncensored models that can be used for cybersecurity and to create exploits.\n\n\n","media":[],"title":"Using Retrieval Augmented Generation (RAG), Langchain, and LLMs for Cybersecurity Operations","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T22:50:00Z","end_timestamp":{"seconds":1723330200,"nanoseconds":0},"android_description":"Everyone is trying to leverage AI for many tasks. However, are they doing it effectively? This presentation explores the integration of Retrieval Augmented Generation (RAG), Langchain, and Large Language Models (LLMs) within cybersecurity and offensive security operations. We will begin by exploring the conceptual foundations of these technologies, looking at their unique capabilities for enhancing automation in offensive (and defensive) security operations.\n\nWe will go over different practical demonstrations and case studies. You will gain insights into how these tools can be harnessed to take your red, blue, purple team to the next level. We will discuss the implementation of RAG for dynamic information retrieval, re-ranking, and other techniques and how Langchain is making using these technologies so easy nowadays. We will also explore the use of uncensored models that can be used for cybersecurity and to create exploits.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55290,55309,55957,55274],"conference_id":133,"event_ids":[55699,56573,55664,55680],"name":"Omar Santos","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@santosomar)","sort_order":0,"url":"https://twitter.com/santosomar"}],"media":[],"id":55860}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T22:50:00.000-0000","id":55699,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55860}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"What would someone know about you if they had all of the credentials saved on your computer? More importantly what would you know about the world if you had 60 million random samples of all of the credentials saved on the' computers of others? Join Eric Clay and Nick Ascoli as they dive into the fascinating world of stealer logs. Nick & Eric have spent more than 6 months examining the world's most comprehensive stealer log data set to understand.... well everything. What can you learn from the credentials on a terrorists computer? What about a U.S. adversaries intelligence service or a ransomware group? And who actually killed JFK? Ok well maybe we haven't figured that one out yet. Nick and Eric will go deep and examine one of the most interesting data sets for intelligence since the advent of writing while maintaining a healthy sense of humor and more than a little fear of Polonium poisoning.\n\n\n","media":[],"title":"The Curious Case of Stealer Logs: Access & Espionage in the World's Most Interesting Dataset","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T22:50:00Z","end_timestamp":{"seconds":1723330200,"nanoseconds":0},"android_description":"What would someone know about you if they had all of the credentials saved on your computer? More importantly what would you know about the world if you had 60 million random samples of all of the credentials saved on the' computers of others? Join Eric Clay and Nick Ascoli as they dive into the fascinating world of stealer logs. Nick & Eric have spent more than 6 months examining the world's most comprehensive stealer log data set to understand.... well everything. What can you learn from the credentials on a terrorists computer? What about a U.S. adversaries intelligence service or a ransomware group? And who actually killed JFK? Ok well maybe we haven't figured that one out yet. Nick and Eric will go deep and examine one of the most interesting data sets for intelligence since the advent of writing while maintaining a healthy sense of humor and more than a little fear of Polonium poisoning.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55752,55308],"conference_id":133,"event_ids":[55698,56277],"name":"Eric Clay","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55813},{"content_ids":[55308,55752],"conference_id":133,"event_ids":[55698,56277],"name":"Nick Ascoli","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@kcin418)","sort_order":0,"url":"https://twitter.com/kcin418"}],"media":[],"id":55861}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T22:50:00.000-0000","id":55698,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55813},{"tag_id":46167,"sort_order":4,"person_id":55861}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The OWASP Amass Project has been developing the new OSINT Collection Engine that is designed around the Open Asset Model data standard released last year. The new engine makes your use of Amass more flexible than ever before, yet does come with some additional configurations to learn. This workshop will take users, both new and seasoned, all the way through the experience of using this new architecture.\n\n\n","media":[],"title":"Learning the New Amass Collection Engine","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"The OWASP Amass Project has been developing the new OSINT Collection Engine that is designed around the Open Asset Model data standard released last year. The new engine makes your use of Amass more flexible than ever before, yet does come with some additional configurations to learn. This workshop will take users, both new and seasoned, all the way through the experience of using this new architecture.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55307,55913],"conference_id":133,"event_ids":[55697,56500],"name":"Jeff Foley","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@jeff_foley)","sort_order":0,"url":"https://twitter.com/jeff_foley"}],"media":[],"id":55859}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":55697,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55859}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Kubernetes is the de facto operating system of the cloud, and more and more organizations are running their workloads on Kubernetes. While Kubernetes offers many benefits, it also introduces new security risks, such as cluster misconfiguration, leaked credentials, cryptojacking, container escapes, and vulnerable clusters.\n\nThis workshop will teach you the fundamentals of Kubernetes security, you'll learn how to exploit workloads running on a Kubernetes environment using Living Off the Land (LotL) techniques like exploiting Insecure APIs, Secrets Theft, Container Escape and Pod Privilege Escalation, similar to the ones used by real-world threat actors.\n\n\n\n","media":[],"title":"Introduction to Kubernetes common attack techniques","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T22:50:00Z","end_timestamp":{"seconds":1723330200,"nanoseconds":0},"android_description":"Kubernetes is the de facto operating system of the cloud, and more and more organizations are running their workloads on Kubernetes. While Kubernetes offers many benefits, it also introduces new security risks, such as cluster misconfiguration, leaked credentials, cryptojacking, container escapes, and vulnerable clusters.\n\nThis workshop will teach you the fundamentals of Kubernetes security, you'll learn how to exploit workloads running on a Kubernetes environment using Living Off the Land (LotL) techniques like exploiting Insecure APIs, Secrets Theft, Container Escape and Pod Privilege Escalation, similar to the ones used by real-world threat actors.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55306,55904,55965,55957],"conference_id":133,"event_ids":[56573,56581,55696,56491],"name":"Lenin Alevski","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Security Engineer"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/alevsk/"},{"description":"","title":"Twitter (@alevsk)","sort_order":0,"url":"https://twitter.com/alevsk"},{"description":"","title":"Website","sort_order":0,"url":"https://www.alevsk.com/"}],"media":[],"id":55862,"title":"Security Engineer at Google"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T22:50:00.000-0000","id":55696,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55862}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Jailbreak vulnerabilities in Large Language Models (LLMs), which exploit meticulously crafted prompts to elicit content that violates service guidelines, have captured the attention of research communities. While model owners can defend against individual jailbreak prompts through safety training strategies, this relatively passive approach struggles to handle the broader category of similar jailbreaks. To tackle this issue, we introduce FuzzLLM, an automated fuzzing framework designed to proactively test and discover jailbreak vulnerabilities in LLMs. We utilize templates to capture the structural integrity of a prompt and isolate key features of a jailbreak class as constraints. By integrating different base classes into powerful combo attacks and varying the elements of constraints and prohibited questions, FuzzLLM enables efficient testing with reduced manual effort. Extensive experiments demonstrate FuzzLLM's effectiveness and comprehensiveness in vulnerability discovery across various LLMs.\n\n\n","media":[],"title":"FuzzLLM: A Fuzzing Framework for Discovering Jailbreak Vulnerabilities in Large Language Models","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Jailbreak vulnerabilities in Large Language Models (LLMs), which exploit meticulously crafted prompts to elicit content that violates service guidelines, have captured the attention of research communities. While model owners can defend against individual jailbreak prompts through safety training strategies, this relatively passive approach struggles to handle the broader category of similar jailbreaks. To tackle this issue, we introduce FuzzLLM, an automated fuzzing framework designed to proactively test and discover jailbreak vulnerabilities in LLMs. We utilize templates to capture the structural integrity of a prompt and isolate key features of a jailbreak class as constraints. By integrating different base classes into powerful combo attacks and varying the elements of constraints and prohibited questions, FuzzLLM enables efficient testing with reduced manual effort. Extensive experiments demonstrate FuzzLLM's effectiveness and comprehensiveness in vulnerability discovery across various LLMs.","updated_timestamp":{"seconds":1721495354,"nanoseconds":0},"speakers":[{"content_ids":[55203],"conference_id":133,"event_ids":[55593],"name":"Ian G. Harris","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"University of California Irvine","title":"Professor of Computer Science"}],"pronouns":"he/him","links":[{"description":"","title":"Website","sort_order":0,"url":"https://ics.uci.edu/~harris/"}],"media":[],"id":55804,"title":"Professor of Computer Science at University of California Irvine"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T17:09:14Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":55593,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55804}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-20T17:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Name the Noob is a fun and interactive session where seasoned hackers create unique handles for new attendees. This activity helps newbies integrate into the hacking community and gives them a memorable start to their cybersecurity journey.\n\n\n","media":[],"title":"Name the Noob","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Name the Noob is a fun and interactive session where seasoned hackers create unique handles for new attendees. This activity helps newbies integrate into the hacking community and gives them a memorable start to their cybersecurity journey.","updated_timestamp":{"seconds":1721487277,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T14:54:37Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55416,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk, Shishir will share some critical insights from performing a decade worth of Red Team (attack simulation) exercises for large-scale industrial operations across the globe.\r\n\r\nThe presentation will also cover real-world examples of attack vectors leveraged by Google's Mandiant Red Team while performing offensive security exercises for operational technology and control system environments. \r\n\r\nThis talk will cover:\r\n\r\n- Insights into common TTPs and attack vectors for large-scale industrial networks\r\n- Network propagation and mission execution across ICS-OT attack life-cycle\r\n- Examples from real-world case studies of penetrating cyber-physical systems\r\n\n\n\n","media":[],"title":"War Games: Red Team for OT (Based on Real World Case Studies)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:30:00Z","end_timestamp":{"seconds":1723329000,"nanoseconds":0},"android_description":"In this talk, Shishir will share some critical insights from performing a decade worth of Red Team (attack simulation) exercises for large-scale industrial operations across the globe.\r\n\r\nThe presentation will also cover real-world examples of attack vectors leveraged by Google's Mandiant Red Team while performing offensive security exercises for operational technology and control system environments. \r\n\r\nThis talk will cover:\r\n\r\n- Insights into common TTPs and attack vectors for large-scale industrial networks\r\n- Network propagation and mission execution across ICS-OT attack life-cycle\r\n- Examples from real-world case studies of penetrating cyber-physical systems","updated_timestamp":{"seconds":1720403449,"nanoseconds":0},"speakers":[{"content_ids":[54622],"conference_id":133,"event_ids":[54996],"name":"Shishir Gupta","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Mandiant","title":"Technical Manager and Function Lead, ICS-OT Red Team"}],"links":[],"pronouns":null,"media":[],"id":54270,"title":"Technical Manager and Function Lead, ICS-OT Red Team at Mandiant"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T01:50:49Z","links":[],"end":"2024-08-10T22:30:00.000-0000","id":54996,"tag_ids":[46382,46419,46456,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54270}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-08T01:50:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Now that you’re familiar with the techniques used to bypass locks in some door installation, come and learn the remediations for these common bypasses. In this talk, you will learn how to protect against or harden against attacks such as the Under the Door attack, latch slipping, and more.\n\n\n","media":[],"title":"Bypass 102","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:30:00Z","end_timestamp":{"seconds":1723329000,"nanoseconds":0},"android_description":"Now that you’re familiar with the techniques used to bypass locks in some door installation, come and learn the remediations for these common bypasses. In this talk, you will learn how to protect against or harden against attacks such as the Under the Door attack, latch slipping, and more.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54621],"conference_id":133,"event_ids":[54995],"name":"Terry Luan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54260},{"content_ids":[54561,54621,55796],"conference_id":133,"event_ids":[56873,56345,54936,54995],"name":"Karen Ng","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GGR Security","title":"Risk Analyst"}],"links":[],"pronouns":null,"media":[],"id":54281,"title":"Risk Analyst at GGR Security"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T22:30:00.000-0000","id":54995,"tag_ids":[46169,46387,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54281},{"tag_id":46167,"sort_order":1,"person_id":54260}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Millions of people around the world use Tor every day to protect themselves from surveillance and censorship. While the Tor Browser and its protocol are widely known, the backbone of the Tor ecosystem, its extensive network of volunteer relays, is often subject to speculation and misinformation. The Tor Project is dedicated to supporting this network and fostering a vibrant, diverse community of relay operators.\r\n\r\nThis talk will focus on our efforts to maintain a healthy network and community, and detect and mitigate attacks -- all with the help of metrics and analysis of usage patterns. By illustrating how we collect safe-enough metrics for an anonymity network, we will offer insights into how we identify unusual activity and other noteworthy events on the network. We will also discuss our ongoing strategies for addressing current and future network health challenges.\r\n\r\nIf you are interested in understanding the inner workings of the Tor network and its relay community and how we keep this vital ecosystem running, this talk is for you.\r\n\r\n1. Network Health Team wiki: [link](https://gitlab.torproject.org/tpo/network-health/team/-/wikis/home)\r\n2. Two blog posts on Tor network health: [link](https://blog.torproject.org/malicious-relays-health-tor-network/) [link](https://blog.torproject.org/tor-network-community-health-update/)\r\n3. Collector (where we archive all network data sets): [link](https://collector.torproject.org/)\r\n4. Paper by Rob Jansen et al. on incentives schemes for relays on the Tor network, \"Recruiting New Tor Relays with BRAIDS\": [link](http://www-users.cs.umn.edu/~hopper/braids_ccs.pdf)\r\n5. Broader blog post about research papers on incentive for Tor relays: [link](https://blog.torproject.org/tor-incentives-research-roundup-goldstar-par-braids-lira-tears-and-torcoin/)\r\n6. Research paper by NRL proposing how to measure relay performance in a way that resists attempts to lie about relay speed: [link](https://www.ohmygodel.com/publications/flashflow-icdcs2021.pdf)\r\n7. Our plan to change how we collect, store and serve Tor network data (discussion from our bug tracker): [link](https://bugs.torproject.org/tpo/network-health/metrics/collector/40012)\r\n8. Performance measurements over the Tor Network: [link](https://metrics.torproject.org/torperf.html)\r\n9. Onionperf is the tool we use to measure performances from different locations across the globe: [link](https://gitlab.torproject.org/tpo/network-health/metrics/onionperf)\r\n10. The number of relays on the network by relay flags: [link](https://metrics.torproject.org/relayflags.html)\r\n11. Documentation about reproducible metrics: [link](https://metrics.torproject.org/reproducible-metrics.html)\r\n\n\n\n","media":[],"title":"Measuring the Tor Network","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"Millions of people around the world use Tor every day to protect themselves from surveillance and censorship. While the Tor Browser and its protocol are widely known, the backbone of the Tor ecosystem, its extensive network of volunteer relays, is often subject to speculation and misinformation. The Tor Project is dedicated to supporting this network and fostering a vibrant, diverse community of relay operators.\r\n\r\nThis talk will focus on our efforts to maintain a healthy network and community, and detect and mitigate attacks -- all with the help of metrics and analysis of usage patterns. By illustrating how we collect safe-enough metrics for an anonymity network, we will offer insights into how we identify unusual activity and other noteworthy events on the network. We will also discuss our ongoing strategies for addressing current and future network health challenges.\r\n\r\nIf you are interested in understanding the inner workings of the Tor network and its relay community and how we keep this vital ecosystem running, this talk is for you.\r\n\r\n1. Network Health Team wiki: [link](https://gitlab.torproject.org/tpo/network-health/team/-/wikis/home)\r\n2. Two blog posts on Tor network health: [link](https://blog.torproject.org/malicious-relays-health-tor-network/) [link](https://blog.torproject.org/tor-network-community-health-update/)\r\n3. Collector (where we archive all network data sets): [link](https://collector.torproject.org/)\r\n4. Paper by Rob Jansen et al. on incentives schemes for relays on the Tor network, \"Recruiting New Tor Relays with BRAIDS\": [link](http://www-users.cs.umn.edu/~hopper/braids_ccs.pdf)\r\n5. Broader blog post about research papers on incentive for Tor relays: [link](https://blog.torproject.org/tor-incentives-research-roundup-goldstar-par-braids-lira-tears-and-torcoin/)\r\n6. Research paper by NRL proposing how to measure relay performance in a way that resists attempts to lie about relay speed: [link](https://www.ohmygodel.com/publications/flashflow-icdcs2021.pdf)\r\n7. Our plan to change how we collect, store and serve Tor network data (discussion from our bug tracker): [link](https://bugs.torproject.org/tpo/network-health/metrics/collector/40012)\r\n8. Performance measurements over the Tor Network: [link](https://metrics.torproject.org/torperf.html)\r\n9. Onionperf is the tool we use to measure performances from different locations across the globe: [link](https://gitlab.torproject.org/tpo/network-health/metrics/onionperf)\r\n10. The number of relays on the network by relay flags: [link](https://metrics.torproject.org/relayflags.html)\r\n11. Documentation about reproducible metrics: [link](https://metrics.torproject.org/reproducible-metrics.html)","updated_timestamp":{"seconds":1720463147,"nanoseconds":0},"speakers":[{"content_ids":[54504],"conference_id":133,"event_ids":[54877],"name":"Silvia Puglisi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Tor Project","title":"Lead, Network Health"}],"pronouns":"she/her","links":[{"description":"","title":"Mastodon (@nopressure@mastodon.social)","sort_order":0,"url":"https://mastodon.social/@nopressure"},{"description":"","title":"Mastodon (@torproject@mastodon.social)","sort_order":0,"url":"https://mastodon.social/@torproject"},{"description":"","title":"Twitter (@torproject)","sort_order":0,"url":"https://twitter.com/torproject"}],"media":[],"id":54071,"title":"Lead, Network Health at Tor Project"},{"content_ids":[54504],"conference_id":133,"event_ids":[54877],"name":"Roger Dingledine","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Tor Project","title":"Co-Founder and Original Developer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@RogerDingledine)","sort_order":0,"url":"https://twitter.com/RogerDingledine"}],"media":[],"id":54155,"title":"Co-Founder and Original Developer at Tor Project"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:25:47Z","links":[],"end":"2024-08-10T22:45:00.000-0000","id":54877,"tag_ids":[46166,46419,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54071},{"tag_id":46167,"sort_order":2,"person_id":54155}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-08T18:25:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"aWe explore case studies of exploiting vulnerabilities in modern JavaScript and TypeScript applications, drawing on experiences from participating in the Kibana Bug Bounty Program. It's not uncommon to encounter a vulnerability that appears unexploitable at first glance, or to be told by a triage team that the behavior is \"by design.\" So, what options does a security researcher have in such situations? And what primitives can be utilized to construct an exploitation chain with significant impact?\r\n\r\nOur study involves breaking out of properly isolated containers in scenarios where there is RCE-by-design. We will examine several Prototype Pollutions that crash an application in less than one second after exploitation and explore how these vulnerabilities can ultimately lead to critical RCEs. Furthermore, we introduce new primitives and gadgets that enable the achievement of RCE from Prototype Pollutions previously deemed unexploitable beyond DoS attacks.\r\n\r\nBy highlighting these methods, the talk aims to equip attendees with advanced techniques for exploiting complex vulnerability chains in JavaScript applications, as well as recommendations for proper defense and mitigations against them.\r\n\r\n1. Mikhail Shcherbakov, Musard Balliu and Cristian-Alexandru Staicu \"Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js\"\r\n2. \"Collection of Server-Side Prototype Pollution gadgets\" [link](https://github.com/KTH-LangSec/server-side-prototype-pollution)\r\n3. Olivier Arteau \"JavaScript prototype pollution attack in NodeJS\"\r\n4. Nir Chako \"Attacking Kubernetes Clusters Through Your Network Plumbing\" [link](https://www.cyberark.com/resources/threat-research-blog/attacking-kubernetes-clusters-through-your-network-plumbing-part-1)\r\n\n\n\n","media":[],"title":"Exploiting the Unexploitable: Insights from the Kibana Bug Bounty","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"aWe explore case studies of exploiting vulnerabilities in modern JavaScript and TypeScript applications, drawing on experiences from participating in the Kibana Bug Bounty Program. It's not uncommon to encounter a vulnerability that appears unexploitable at first glance, or to be told by a triage team that the behavior is \"by design.\" So, what options does a security researcher have in such situations? And what primitives can be utilized to construct an exploitation chain with significant impact?\r\n\r\nOur study involves breaking out of properly isolated containers in scenarios where there is RCE-by-design. We will examine several Prototype Pollutions that crash an application in less than one second after exploitation and explore how these vulnerabilities can ultimately lead to critical RCEs. Furthermore, we introduce new primitives and gadgets that enable the achievement of RCE from Prototype Pollutions previously deemed unexploitable beyond DoS attacks.\r\n\r\nBy highlighting these methods, the talk aims to equip attendees with advanced techniques for exploiting complex vulnerability chains in JavaScript applications, as well as recommendations for proper defense and mitigations against them.\r\n\r\n1. Mikhail Shcherbakov, Musard Balliu and Cristian-Alexandru Staicu \"Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js\"\r\n2. \"Collection of Server-Side Prototype Pollution gadgets\" [link](https://github.com/KTH-LangSec/server-side-prototype-pollution)\r\n3. Olivier Arteau \"JavaScript prototype pollution attack in NodeJS\"\r\n4. Nir Chako \"Attacking Kubernetes Clusters Through Your Network Plumbing\" [link](https://www.cyberark.com/resources/threat-research-blog/attacking-kubernetes-clusters-through-your-network-plumbing-part-1)","updated_timestamp":{"seconds":1720463160,"nanoseconds":0},"speakers":[{"content_ids":[54503],"conference_id":133,"event_ids":[54876],"name":"Mikhail Shcherbakov","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Twitter (@yu5k3)","sort_order":0,"url":"https://twitter.com/yu5k3"}],"media":[],"id":54171}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:26:00Z","links":[],"end":"2024-08-10T22:45:00.000-0000","id":54876,"tag_ids":[46166,46169,46419,46438,46878],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54171}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-08T18:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The public library is under attack. Calls for book banning are at an all time high. Some states have passed laws that hold librarians legally accountable for offering \"unacceptable\" materials to minors. But before this fire started, another one was already burning. In an era of digital content, from eBooks to streaming movies, public libraries have been forced to accept draconian terms of service at the expense of their patrons and to the benefit of corporations. Grossly inflated eBook prices and licensing, unobtainable materials that went out of print due to artificial scarcity, exorbitant fees for access to academic research; these are just a few of the myriad of ways that libraries have been forced to bow before capitalism, all because of a desire to serve the public. But we can fight back...\r\n\r\nAnd no one says we need to fight fairly.\r\n\r\nI’d like to tell you some real life stories of a public librarian with a quasi-legal, dark grey skillset. And I’d love to share some ideas about what you can do to help others. If I can do this, you can. And anyone can be a shadow librarian.\r\n\r\n1. Bodó, Balázs, Dániel Antal, and Zoltán Puha. “Can Scholarly Pirate Libraries Bridge the Knowledge Access Gap? An Empirical Study on the Structural Conditions of Book Piracy in Global and European Academia.” Edited by Sergi Lozano. PLOS ONE 15, no. 12 (December 3, 2020): e0242509. [link](https://doi.org/10.1371/journal.pone.0242509).\r\n2. Böök, Mikael. “Herding the Wind,” 2020. [link](http://www.kaapeli.fi/book/libpub/Z-Library_en.pdf).\r\n3. Brown, Elizabeth Nolon. “You Can’t Stop Pirate Libraries.” Reason, 2022. [link](https://reason.com/2022/07/24/you-cant-stop-pirate-libraries/).\r\n4. Complutense, Francisco Segado-Bo, Juan Martín-Quevedo, and Juan-José Prieto-Gutiérrez. “Jumping over the Paywall: Strategies and Motivations for Scholarly Piracy and Other Alternatives.” Accessed January 4, 2024. [link](https://doi.org/10.1177/02666669221144429).\r\n5. Gardner, Gabriel J, Stephen R McLaughlin, and Andrew D Asher. “Shadow Libraries and You: Sci-Hub Usage and the Future of ILL.” ACRL 2017, Baltimore, Maryland, March 22 - 25, 2017. [Conference Paper], 2017. [link](http://hdl.handle.net/20.500.12680/cr56n622s).\r\n6. Yesberg, Helen. “Libraries, Piracy and the Grey Area In-Between: Free Digital Media during the COVID-19 Pandemic.” Reinvention: An International Journal of Undergraduate Research 15, no. 1 (April 29, 2022). [link](https://doi.org/10.31273/reinvention.v15i1.799).\r\n\n\n\n","media":[],"title":"A Shadow Librarian in Broad Daylight: Fighting back against ever encroaching capitalism","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"The public library is under attack. Calls for book banning are at an all time high. Some states have passed laws that hold librarians legally accountable for offering \"unacceptable\" materials to minors. But before this fire started, another one was already burning. In an era of digital content, from eBooks to streaming movies, public libraries have been forced to accept draconian terms of service at the expense of their patrons and to the benefit of corporations. Grossly inflated eBook prices and licensing, unobtainable materials that went out of print due to artificial scarcity, exorbitant fees for access to academic research; these are just a few of the myriad of ways that libraries have been forced to bow before capitalism, all because of a desire to serve the public. But we can fight back...\r\n\r\nAnd no one says we need to fight fairly.\r\n\r\nI’d like to tell you some real life stories of a public librarian with a quasi-legal, dark grey skillset. And I’d love to share some ideas about what you can do to help others. If I can do this, you can. And anyone can be a shadow librarian.\r\n\r\n1. Bodó, Balázs, Dániel Antal, and Zoltán Puha. “Can Scholarly Pirate Libraries Bridge the Knowledge Access Gap? An Empirical Study on the Structural Conditions of Book Piracy in Global and European Academia.” Edited by Sergi Lozano. PLOS ONE 15, no. 12 (December 3, 2020): e0242509. [link](https://doi.org/10.1371/journal.pone.0242509).\r\n2. Böök, Mikael. “Herding the Wind,” 2020. [link](http://www.kaapeli.fi/book/libpub/Z-Library_en.pdf).\r\n3. Brown, Elizabeth Nolon. “You Can’t Stop Pirate Libraries.” Reason, 2022. [link](https://reason.com/2022/07/24/you-cant-stop-pirate-libraries/).\r\n4. Complutense, Francisco Segado-Bo, Juan Martín-Quevedo, and Juan-José Prieto-Gutiérrez. “Jumping over the Paywall: Strategies and Motivations for Scholarly Piracy and Other Alternatives.” Accessed January 4, 2024. [link](https://doi.org/10.1177/02666669221144429).\r\n5. Gardner, Gabriel J, Stephen R McLaughlin, and Andrew D Asher. “Shadow Libraries and You: Sci-Hub Usage and the Future of ILL.” ACRL 2017, Baltimore, Maryland, March 22 - 25, 2017. [Conference Paper], 2017. [link](http://hdl.handle.net/20.500.12680/cr56n622s).\r\n6. Yesberg, Helen. “Libraries, Piracy and the Grey Area In-Between: Free Digital Media during the COVID-19 Pandemic.” Reinvention: An International Journal of Undergraduate Research 15, no. 1 (April 29, 2022). [link](https://doi.org/10.31273/reinvention.v15i1.799).","updated_timestamp":{"seconds":1720463184,"nanoseconds":0},"speakers":[{"content_ids":[54502],"conference_id":133,"event_ids":[54875],"name":"Daniel Messer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Mastodon (@cyberpunklibrarian@hackers.town)","sort_order":0,"url":"https://hackers.town/@cyberpunklibrarian"},{"description":"","title":"Website","sort_order":0,"url":"https://cyberpunklibrarian.com"}],"media":[],"id":54199}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:26:24Z","links":[],"end":"2024-08-10T22:45:00.000-0000","id":54875,"tag_ids":[46166,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54199}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-08T18:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We are living through a secular (once in a lifetime) crisis period that presents an existential risk to democracy, both at home and abroad. There are various underlying sociological, geopolitical and economic forces that give rise to a crises of this magnitude. How are authoritarian actors exploiting this to weaken the liberal democratic order? How can these dynamics help us create a frame to better understand the nature of Cognitive Warfare? Our liberal democratic system is under increasing levels of attack. Who are the internal and external threat actors behind this? Are they working together? Our liberal democratic system is under increasing levels of attack. Who are the internal and external threat actors behind this? Are they working together? The terms disinformation and misinformation are often used to describe cognitive warfare influents (instances of influence used in a CW campaign), but these terms can also limit our ability to detect and defend. Let’s explore a model of Cognitive Warfare that helps us understand the broad range of tactics being used as well as who is being targeted and how.We will also explore how Cognitive Warfare can complement other domains of conflict and how CW has even been used as part of kinetic combat operations. What are some of the natural asymmetries when CW is being used in conflicts between authoritative and democratic systems? Join us as we work to grow and model our understanding this new and critical domain of conflict.\n\n\n","media":[],"title":"Understanding Cognitive Warefare in a Geopolitcal Context","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:30:00Z","end_timestamp":{"seconds":1723329000,"nanoseconds":0},"android_description":"We are living through a secular (once in a lifetime) crisis period that presents an existential risk to democracy, both at home and abroad. There are various underlying sociological, geopolitical and economic forces that give rise to a crises of this magnitude. How are authoritarian actors exploiting this to weaken the liberal democratic order? How can these dynamics help us create a frame to better understand the nature of Cognitive Warfare? Our liberal democratic system is under increasing levels of attack. Who are the internal and external threat actors behind this? Are they working together? Our liberal democratic system is under increasing levels of attack. Who are the internal and external threat actors behind this? Are they working together? The terms disinformation and misinformation are often used to describe cognitive warfare influents (instances of influence used in a CW campaign), but these terms can also limit our ability to detect and defend. Let’s explore a model of Cognitive Warfare that helps us understand the broad range of tactics being used as well as who is being targeted and how.We will also explore how Cognitive Warfare can complement other domains of conflict and how CW has even been used as part of kinetic combat operations. What are some of the natural asymmetries when CW is being used in conflicts between authoritative and democratic systems? Join us as we work to grow and model our understanding this new and critical domain of conflict.","updated_timestamp":{"seconds":1723183539,"nanoseconds":0},"speakers":[{"content_ids":[56199,56200],"conference_id":133,"event_ids":[56853,56854],"name":"Constantine Nicolaidis","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56564}],"begin_tsz":"2024-08-10T21:45:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T06:05:39Z","links":[],"end":"2024-08-10T22:30:00.000-0000","id":56853,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723326300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56564}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T21:45:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The global quantum community is searching for future applications of quantum computing and quantum communications. A somewhat uncommon way to think about this problem is through quantum game theory. This field of research looks at how quantum resources can be used in both cooperative and competitive games to achieve what would be impossible with only classical resources. In this talk we’ll look at some of the fundamentals of quantum game theory, including some archetypal examples of quantum strategies and some theoretical results that show how quantum games differ from classical ones.\n\n\n","media":[],"title":"Playing with Quantum: wayfinding with quantum game theory","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:30:00Z","end_timestamp":{"seconds":1723329000,"nanoseconds":0},"android_description":"The global quantum community is searching for future applications of quantum computing and quantum communications. A somewhat uncommon way to think about this problem is through quantum game theory. This field of research looks at how quantum resources can be used in both cooperative and competitive games to achieve what would be impossible with only classical resources. In this talk we’ll look at some of the fundamentals of quantum game theory, including some archetypal examples of quantum strategies and some theoretical results that show how quantum games differ from classical ones.","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[{"content_ids":[55853],"conference_id":133,"event_ids":[56440],"name":"Michael Dascal","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56216}],"begin_tsz":"2024-08-10T21:45:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-10T22:30:00.000-0000","id":56440,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723326300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56216}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T21:45:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Efficient threat modelling is essential for finding and fixing vulnerabilities. Yet empowering threat modelling trainers to communicate in a way that ensures actionable solutions, moving beyond the directive to “fix SQLI.” is a common challenge. This talk presents strategies for training threat modelers, ensuring they can communicate techniques and principles needed to better and address vulnerabilities early on in the SDLC\r\n\r\nIntroducing: \"Engineers & Exploits: The Quest for Security\" a derivative of the Cornucopia card game. While Cornucopia is an excellent introductory threat modelling exercise, we found limitations when training our coworkers to subsequently instruct developers. To bridge this gap, we developed a tabletop game designed to improve the learning experience. In this interactive session, we will show game mechanics and explain benefits, \r\nJoin us to discover how you can transform threat modelling education, making it engaging for trainers and trainees.\n\n\n","media":[],"title":"Engineers & Exploits: The Quest for Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:10:00Z","end_timestamp":{"seconds":1723327800,"nanoseconds":0},"android_description":"Efficient threat modelling is essential for finding and fixing vulnerabilities. Yet empowering threat modelling trainers to communicate in a way that ensures actionable solutions, moving beyond the directive to “fix SQLI.” is a common challenge. This talk presents strategies for training threat modelers, ensuring they can communicate techniques and principles needed to better and address vulnerabilities early on in the SDLC\r\n\r\nIntroducing: \"Engineers & Exploits: The Quest for Security\" a derivative of the Cornucopia card game. While Cornucopia is an excellent introductory threat modelling exercise, we found limitations when training our coworkers to subsequently instruct developers. To bridge this gap, we developed a tabletop game designed to improve the learning experience. In this interactive session, we will show game mechanics and explain benefits, \r\nJoin us to discover how you can transform threat modelling education, making it engaging for trainers and trainees.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55712],"conference_id":133,"event_ids":[56252],"name":"Spyros Gasteratos","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56086},{"content_ids":[55699,55712,55722],"conference_id":133,"event_ids":[56228,56230,56252],"name":"Andra","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56103}],"begin_tsz":"2024-08-10T21:40:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T22:10:00.000-0000","id":56252,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723326000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56103},{"tag_id":46167,"sort_order":1,"person_id":56086}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T21:40:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Open Source Program Offices (OSPOs) are an increasingly adopted approach to establishing and cultivating a culture of contribution. The Digital Service at CMS.gov will share the programs, policies, and projects they’re building to identify and mitigate continuity and security risks in the software supply chain across the Federal Ecosystem.\n\n\n","media":[],"title":"Establishing the first Open Source Program Office at a United States Federal Agency","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Open Source Program Offices (OSPOs) are an increasingly adopted approach to establishing and cultivating a culture of contribution. The Digital Service at CMS.gov will share the programs, policies, and projects they’re building to identify and mitigate continuity and security risks in the software supply chain across the Federal Ecosystem.","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[56137],"conference_id":133,"event_ids":[56780],"name":"Remy DeCausemaker","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Center for Medicare and Medicaid Services","title":"Open Source Lead"}],"pronouns":"he/him","links":[{"description":"","title":"CMS OSPO Website","sort_order":0,"url":"https://cms.gov/digital-service/open-source-program-office"},{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/decause"},{"description":"","title":"Twitter (@remy_d)","sort_order":0,"url":"https://twitter.com/remy_d"}],"media":[],"id":56526,"title":"Open Source Lead at Center for Medicare and Medicaid Services"}],"begin_tsz":"2024-08-10T21:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":56780,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723325400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56526}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-10T21:30:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Embora tragam muita diversão e inovação, brinquedos conectados à Internet (IoToys) também apresentam sérios riscos à segurança e privacidade. Ao entender e mitigar esses riscos, e até mesmo criando seus próprios dispositivos, pais e responsáveis podem garantir que a diversão com brinquedos inteligentes e conectados não se transforme em uma preocupação com vazamentos de informações pessoais.\n\n\n","media":[],"title":"Make all the things - Construa seus próprios \"brinquedos\" Threats","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Embora tragam muita diversão e inovação, brinquedos conectados à Internet (IoToys) também apresentam sérios riscos à segurança e privacidade. Ao entender e mitigar esses riscos, e até mesmo criando seus próprios dispositivos, pais e responsáveis podem garantir que a diversão com brinquedos inteligentes e conectados não se transforme em uma preocupação com vazamentos de informações pessoais.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55972],"conference_id":133,"event_ids":[56588],"name":"Christiane Borges Santos","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Coordenadora do Eixo de Design Factory - Criar IFG"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/christianebs/"},{"description":"","title":"Twitter (@angel_chris)","sort_order":0,"url":"https://x.com/angel_chris"}],"media":[],"id":56308,"title":"Coordenadora do Eixo de Design Factory - Criar IFG"}],"begin_tsz":"2024-08-10T21:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":56588,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723325400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56308}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-10T21:30:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Prompt injections are a class of attacks against LLM-powered applications that exploit the inclusion of untrusted user inputs in LLM prompts. We give an overview of two open source frameworks developed by Meta related to understanding and mitigating prompt injection risks:\r\n\r\n- our CyberSecEval Prompt Injection benchmarks (evaluations of the propensity of popular LLMs to succumb to prompt injection when used without guardrails),\r\n\r\n- as well as PromptGuard (an open-source model for identifying risky inputs to LLM-powered applications, both direct jailbreaks and indirect injections).\r\n\r\nFindings of interest:\r\n\r\n- Evaluating foundation model vulnerability to indirect prompt injection: LLMs can be trained to have contextual awareness of which parts of the input prompt are coming from a trusted user versus an untrusted third party - in particular via inclusion of a system prompt. We share our benchmark for direct and indirect prompt injection susceptibility of foundational LLMs (across a wide variety of attack strategies) introduced as part of CyberSecEval (an open-source suite of benchmarks for measuring the cybersecurity risks of foundational models). We present the results of these evaluations for currently-popular foundational LLMs. We conclude that model conditioning is not enough to defend against indirect prompt injection risks in most contexts, even with the usage of a system prompt.\r\n\r\n- Guardrailing against prompt injection attacks in real applications: We present PromptGuard, a model designed for both the detection of direct jailbreak and indirect injection attacks. We highlight the differences between our models and existing malicious prompt detectors (which largely only address direct prompt injection or jailbreaking risks), and the specific risks that can be prevented by utilizing our guardrail in LLM-powered applications. We also show how the model can be fine-tuned to improve application-specific performance.\n\n\n","media":[],"title":"Evaluations and Guardrails against Prompt Injection attacks on LLM powered-applications","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Prompt injections are a class of attacks against LLM-powered applications that exploit the inclusion of untrusted user inputs in LLM prompts. We give an overview of two open source frameworks developed by Meta related to understanding and mitigating prompt injection risks:\r\n\r\n- our CyberSecEval Prompt Injection benchmarks (evaluations of the propensity of popular LLMs to succumb to prompt injection when used without guardrails),\r\n\r\n- as well as PromptGuard (an open-source model for identifying risky inputs to LLM-powered applications, both direct jailbreaks and indirect injections).\r\n\r\nFindings of interest:\r\n\r\n- Evaluating foundation model vulnerability to indirect prompt injection: LLMs can be trained to have contextual awareness of which parts of the input prompt are coming from a trusted user versus an untrusted third party - in particular via inclusion of a system prompt. We share our benchmark for direct and indirect prompt injection susceptibility of foundational LLMs (across a wide variety of attack strategies) introduced as part of CyberSecEval (an open-source suite of benchmarks for measuring the cybersecurity risks of foundational models). We present the results of these evaluations for currently-popular foundational LLMs. We conclude that model conditioning is not enough to defend against indirect prompt injection risks in most contexts, even with the usage of a system prompt.\r\n\r\n- Guardrailing against prompt injection attacks in real applications: We present PromptGuard, a model designed for both the detection of direct jailbreak and indirect injection attacks. We highlight the differences between our models and existing malicious prompt detectors (which largely only address direct prompt injection or jailbreaking risks), and the specific risks that can be prevented by utilizing our guardrail in LLM-powered applications. We also show how the model can be fine-tuned to improve application-specific performance.","updated_timestamp":{"seconds":1722626362,"nanoseconds":0},"speakers":[{"content_ids":[55884],"conference_id":133,"event_ids":[56469],"name":"Cyrus Nikolaidis","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Meta Platforms, Inc.","title":""}],"links":[],"pronouns":null,"media":[],"id":56256,"title":"Meta Platforms, Inc."},{"content_ids":[55884],"conference_id":133,"event_ids":[56469],"name":"Faizan Ahmad","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Meta Platforms, Inc.","title":""}],"links":[],"pronouns":null,"media":[],"id":56257,"title":"Meta Platforms, Inc."}],"begin_tsz":"2024-08-10T21:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T19:19:22Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":56469,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723325400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56256},{"tag_id":46167,"sort_order":4,"person_id":56257}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-10T21:30:00.000-0000","updated":"2024-08-02T19:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Who isn’t busy nowadays? When you sit down to hack, you want to find a bug, or at least know you’re on the right track to find one. Over the past 5 years of full-time bug bounty, I’ve identified a couple of techniques that will get you some quick wins on most applications. I’ll show you how to apply these techniques, and then, building upon them, direct your longer-term testing to keep finding bugs and getting the best ROI for your time hunting. This workshop is oriented toward equipping you to make the most money with the least time investment. These are not the most technical bugs. These are the bugs that pay the bills and keep you well-fed, dopamine'ed up, and pushing deeper into these apps. In this workshop, we'll target REAL bug bounty targets, and apply the very techniques I've used in the past to find bugs on these targets. We'll cover mega-efficient testing techniques for various types of client-side access controls and IDORs. We'll cover polyglot usage for generic injection testing. We'll cover attack vector ideation, friction minimization, gadget hunting, organization. And much, much more. All of these things will keep you motivated, on track, and efficient as you push through the slog of HTTP requests between you and your next pay day. Leggo.\r\n\r\nWhat skill level is your presentation aimed at?\r\nAll skill levels, but attendees should have a basic understanding of web architecture and web vulnerabilities such as XSS, CSRF, IDOR, and Broken Access Controls.\r\n\r\nPre-Requisites:\r\n- Bring your laptop\r\n- Please come with Caido installed (or Burp, if you must) \r\n- General understanding of HTTP requests and web testing\n\n\n","media":[],"title":"High ROI Manual Bug Hunting Techniques","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Who isn’t busy nowadays? When you sit down to hack, you want to find a bug, or at least know you’re on the right track to find one. Over the past 5 years of full-time bug bounty, I’ve identified a couple of techniques that will get you some quick wins on most applications. I’ll show you how to apply these techniques, and then, building upon them, direct your longer-term testing to keep finding bugs and getting the best ROI for your time hunting. This workshop is oriented toward equipping you to make the most money with the least time investment. These are not the most technical bugs. These are the bugs that pay the bills and keep you well-fed, dopamine'ed up, and pushing deeper into these apps. In this workshop, we'll target REAL bug bounty targets, and apply the very techniques I've used in the past to find bugs on these targets. We'll cover mega-efficient testing techniques for various types of client-side access controls and IDORs. We'll cover polyglot usage for generic injection testing. We'll cover attack vector ideation, friction minimization, gadget hunting, organization. And much, much more. All of these things will keep you motivated, on track, and efficient as you push through the slog of HTTP requests between you and your next pay day. Leggo.\r\n\r\nWhat skill level is your presentation aimed at?\r\nAll skill levels, but attendees should have a basic understanding of web architecture and web vulnerabilities such as XSS, CSRF, IDOR, and Broken Access Controls.\r\n\r\nPre-Requisites:\r\n- Bring your laptop\r\n- Please come with Caido installed (or Burp, if you must) \r\n- General understanding of HTTP requests and web testing","updated_timestamp":{"seconds":1721438447,"nanoseconds":0},"speakers":[{"content_ids":[54657,55182],"conference_id":133,"event_ids":[55570,55029],"name":"Justin \"Rhynorater\" Gardner","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Bug Bounty Hunter"},{"organization":"Critical Thinking - Bug Bounty Podcast","title":"Host"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@Rhynorater)","sort_order":0,"url":"https://twitter.com/Rhynorater"}],"media":[],"id":54326,"title":"Host at Critical Thinking - Bug Bounty Podcast"}],"begin_tsz":"2024-08-10T21:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T01:20:47Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#high-roi-manual-bug-hunting-techniques"}],"end":"2024-08-10T23:00:00.000-0000","id":55570,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723325400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54326}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-10T21:30:00.000-0000","updated":"2024-07-20T01:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Biological warfare is a phenomenon that spans human history, tracing its roots to ancient times rather than being a recent invention. To gain insights into bioweapons' current and future landscape, it is imperative to delve into historical examples of conventional biological warfare and understand how methods were devised and implemented.\r\n\r\nHowever, amidst the exploration of historical precedents, it becomes evident that our optimism for the future hinges significantly on our ability to foster transparency and creativity within the global community. This optimism is intertwined with our comprehension of technological advancements, the rapid pace of innovation, the interconnectedness of various domains, and the imperative task of constructing practical defenses against emerging threats. It is crucial to acknowledge that despite the sophistication of technology, its efficacy remains intricately linked to human ingenuity. As a poignant reminder, our vulnerability lies in technological shortcomings and our collective failure of imagination. Creativity, a distinctly human attribute, stands as the cornerstone in the perpetual endeavor to safeguard against unforeseen adversities.\r\n\r\nFurthermore, the discourse extends to establishing social norms and mores that are pivotal in shaping attitudes toward biological warfare. Addressing the proliferation of disinformation and its potential to fuel the proliferation and utilization of bioweapons becomes imperative. This discussion encompasses an exploration of prospective research endeavors and emerging initiatives leveraging artificial intelligence (AI) in the realm of bioweaponry. Notably, the utility of Generative AI in affecting societal shifts toward the normalization of bioweapon deployment warrants scrutiny. Additionally, the current societal landscape, particularly the desensitization of internet denizens to overt hostile actions, poses profound implications for the future trajectory of biological warfare.\r\n\r\nIn essence, a comprehensive understanding of historical precedents, coupled with a proactive approach towards fostering transparency, creativity, and the cultivation of robust societal norms, is indispensable in navigating the complexities of bioweapon proliferation. As we confront the intricate interplay between technological advancements and human agency, it is imperative to remain vigilant and resolute in our pursuit of a future safeguarded against the malevolent exploitation of biological agents.\n\n\n","media":[],"title":"The Past, Present, and Future of Bioweapons","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:15:00Z","end_timestamp":{"seconds":1723328100,"nanoseconds":0},"android_description":"Biological warfare is a phenomenon that spans human history, tracing its roots to ancient times rather than being a recent invention. To gain insights into bioweapons' current and future landscape, it is imperative to delve into historical examples of conventional biological warfare and understand how methods were devised and implemented.\r\n\r\nHowever, amidst the exploration of historical precedents, it becomes evident that our optimism for the future hinges significantly on our ability to foster transparency and creativity within the global community. This optimism is intertwined with our comprehension of technological advancements, the rapid pace of innovation, the interconnectedness of various domains, and the imperative task of constructing practical defenses against emerging threats. It is crucial to acknowledge that despite the sophistication of technology, its efficacy remains intricately linked to human ingenuity. As a poignant reminder, our vulnerability lies in technological shortcomings and our collective failure of imagination. Creativity, a distinctly human attribute, stands as the cornerstone in the perpetual endeavor to safeguard against unforeseen adversities.\r\n\r\nFurthermore, the discourse extends to establishing social norms and mores that are pivotal in shaping attitudes toward biological warfare. Addressing the proliferation of disinformation and its potential to fuel the proliferation and utilization of bioweapons becomes imperative. This discussion encompasses an exploration of prospective research endeavors and emerging initiatives leveraging artificial intelligence (AI) in the realm of bioweaponry. Notably, the utility of Generative AI in affecting societal shifts toward the normalization of bioweapon deployment warrants scrutiny. Additionally, the current societal landscape, particularly the desensitization of internet denizens to overt hostile actions, poses profound implications for the future trajectory of biological warfare.\r\n\r\nIn essence, a comprehensive understanding of historical precedents, coupled with a proactive approach towards fostering transparency, creativity, and the cultivation of robust societal norms, is indispensable in navigating the complexities of bioweapon proliferation. As we confront the intricate interplay between technological advancements and human agency, it is imperative to remain vigilant and resolute in our pursuit of a future safeguarded against the malevolent exploitation of biological agents.","updated_timestamp":{"seconds":1720403504,"nanoseconds":0},"speakers":[{"content_ids":[54620],"conference_id":133,"event_ids":[54994],"name":"Lucas Potter","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"BiosView","title":"Engineer"}],"links":[],"pronouns":null,"media":[],"id":54223,"title":"Engineer at BiosView"},{"content_ids":[54620],"conference_id":133,"event_ids":[54994],"name":"Xavier Palmer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54232},{"content_ids":[54620],"conference_id":133,"event_ids":[54994],"name":"Meow-Ludo Disco Gamma Meow-Meow ","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54355}],"begin_tsz":"2024-08-10T21:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T01:51:44Z","links":[],"end":"2024-08-10T22:15:00.000-0000","id":54994,"tag_ids":[46371,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723325400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54223},{"tag_id":46167,"sort_order":1,"person_id":54355},{"tag_id":46167,"sort_order":1,"person_id":54232}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T21:30:00.000-0000","updated":"2024-07-08T01:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As security researchers, we constantly attempt to stay ahead of the curve, seeking innovative solutions to enhance our offensive security strategies. In recent years, the advent of artificial intelligence (AI) has introduced a new dimension to our efforts, particularly in the realm of bug bounties and pentesting. While significant attention has been given to understanding and mitigating attacks against AI systems, the potential of AI to assist in the offensive security field remains largely unclear.\n\nThis talk pretends to dig into the research and development process undertaken to create an AI agent designed to augment the bug bounty and pentesting workflow. Our AI agent is not merely a theoretical concept but a practical tool aimed at enhancing the efficiency and effectiveness of security researchers.\n\nWe have conducted extensive research to understand how AI can mimic and enhance human intuition and creativity in identifying vulnerabilities. While this may sound trivial, there is little evidence of this being tested before on generative AI agents. Our work breaks new ground by pushing the boundaries of what AI can achieve in offensive security. \n\nWill AI become an indispensable tool in our arsenal, capable of autonomously identifying and exploiting vulnerabilities? Join us as we explore the possibilities and implications of AI as an offensive assistant in this new era of offensive security.\n\n\n","media":[],"title":"Leveraging AI for Smarter Bug Bounties","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:15:00Z","end_timestamp":{"seconds":1723328100,"nanoseconds":0},"android_description":"As security researchers, we constantly attempt to stay ahead of the curve, seeking innovative solutions to enhance our offensive security strategies. In recent years, the advent of artificial intelligence (AI) has introduced a new dimension to our efforts, particularly in the realm of bug bounties and pentesting. While significant attention has been given to understanding and mitigating attacks against AI systems, the potential of AI to assist in the offensive security field remains largely unclear.\n\nThis talk pretends to dig into the research and development process undertaken to create an AI agent designed to augment the bug bounty and pentesting workflow. Our AI agent is not merely a theoretical concept but a practical tool aimed at enhancing the efficiency and effectiveness of security researchers.\n\nWe have conducted extensive research to understand how AI can mimic and enhance human intuition and creativity in identifying vulnerabilities. While this may sound trivial, there is little evidence of this being tested before on generative AI agents. Our work breaks new ground by pushing the boundaries of what AI can achieve in offensive security. \n\nWill AI become an indispensable tool in our arsenal, capable of autonomously identifying and exploiting vulnerabilities? Join us as we explore the possibilities and implications of AI as an offensive assistant in this new era of offensive security.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54619],"conference_id":133,"event_ids":[54993],"name":"Joel \"Niemand_Sec\" Noguera","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"XBOW","title":"Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@niemand_sec)","sort_order":0,"url":"https://twitter.com/niemand_sec"}],"media":[],"id":54269,"title":"Security Researcher at XBOW"},{"content_ids":[54619],"conference_id":133,"event_ids":[54993],"name":"Diego Jurado","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"XBOW","title":"Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@djurado9)","sort_order":0,"url":"https://twitter.com/djurado9"}],"media":[],"id":54329,"title":"Security Researcher at XBOW"}],"begin_tsz":"2024-08-10T21:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#leveraging-ai-for-smarter-bug-bounties"}],"end":"2024-08-10T22:15:00.000-0000","id":54993,"tag_ids":[46374,46419,46442,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723325400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54329},{"tag_id":46167,"sort_order":4,"person_id":54269}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-10T21:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Trolls cheating in video games by passing Tool-Assisted Speedruns off as human effort break leaderboards and stifle speedrunners. Why do they do it when they could make a cool game hack or TAS to show off their work, and how do you trap these trolls? The answer is to use their own tools against them, often with popcorn bucket worthy results like taking down Guinness World Records. From a TASVideos member taking on 1980's Dragster cheat Todd Rogers, a passing mention of Billy Mitchell, and the TASBot team investigating Super Mario Maker shenanigans, this talk covers several notable cheating incidents and concludes with a systematic takedown of a troll that chilled the Diablo speedrunning community for more than a decade.\r\n\r\nThis talk includes several investigations I have been a part of in some capacity and will ultimately include additional references in the coming months; I've broken the references out by game, presented in Markdown format like the rest of this document:\r\n### Dragster\r\n- [Submission #5517: Omnigamer's A2600 Dragster in 00:08.49](https://tasvideos.org/5517S)\r\n- [A2600 Dragster by Omnigamer in 00:08.49](https://tasvideos.org/3430M)\r\n- [Submission #5876: MrWint & Omnigamer's A2600 Dragster in 00:08.39](https://tasvideos.org/5876S)\r\n- [A2600 Dragster by MrWint, Omnigamer in 00:08.39](https://tasvideos.org/3662M)\r\n- [Omnigamer's Dragster simulator model](https://docs.google.com/spreadsheets/d/1HhaBah7e48lBRA18v8Mgr-fRVZS5DUJb_pnOsBTC34c)\r\n- [Dragster optimal sequence project by esnard](https://github.com/esnard/dragster)\r\n- [Investigation into optimal Dragster play by MrWint](https://github.com/MrWint/dragster/tree/master)\r\n- [TASBot beats Dragster in 5.57 (console verification of Omnigamer's TAS)](https://www.youtube.com/watch?v=oXMxZbPzRzs)\r\n\r\n### Super Mario Maker\r\n- [Inside TASBot’s semi-secret, probably legal effort to control the Nintendo Switch](https://arstechnica.com/gaming/2020/01/inside-tasbots-semi-secret-probably-legal-effort-to-control-the-nintendo-switch/)\r\n- [The _Super Mario Maker_ community faces its final boss](https://arstechnica.com/gaming/2024/03/the-super-mario-maker-community-faces-its-final-boss/)\r\n- [_Super Mario Maker_’s “final boss” was a fraud all along](https://arstechnica.com/gaming/2024/03/super-mario-makers-final-boss-was-a-fraud-all-along/)\r\n- [How to cheat at _Super Mario Maker_ and get away with it for years](https://arstechnica.com/gaming/2024/04/how-to-cheat-at-super-mario-maker-and-get-away-with-it-for-years/)\r\n- [Trimming the Herbs TAS attempts](https://youtu.be/ypoNHp7aWGM)\r\n- [Trimming the Herbs has been Beaten](https://www.youtube.com/watch?v=i7yvVJbji0U)\r\n\r\n# Diablo\r\n- [Speed Demos Archive Diablo page](https://speeddemosarchive.com/Diablo.html)\r\n- [Groobo's 2009 Diablo speedrun submission video](https://speeddemosarchive.com/demo.pl?Diablo_Sorcerer_312)\r\n- [Speed Demos Archive Diablo run review](https://forum.speeddemosarchive.com/post/diablo__february_8th_2009.html)\r\n- [Guinness World Records Diablo entry](https://www.guinnessworldrecords.com/world-records/110580-fastest-completion-of-an-rpg-videogame)\r\n- [Devilution Diablo decompiliation](https://github.com/diasurgical/devilution)\r\n- [DevilutionX Diablo decompiliation](https://github.com/diasurgical/devilutionX/)\r\n- [Diablo MapGen](https://github.com/Matthew-petroff/diablo-mapgen)\r\n\n\n\n","media":[],"title":"Troll Trapping Through TAS Tools - Exposing Speedrunning Cheaters","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T22:15:00Z","end_timestamp":{"seconds":1723328100,"nanoseconds":0},"android_description":"Trolls cheating in video games by passing Tool-Assisted Speedruns off as human effort break leaderboards and stifle speedrunners. Why do they do it when they could make a cool game hack or TAS to show off their work, and how do you trap these trolls? The answer is to use their own tools against them, often with popcorn bucket worthy results like taking down Guinness World Records. From a TASVideos member taking on 1980's Dragster cheat Todd Rogers, a passing mention of Billy Mitchell, and the TASBot team investigating Super Mario Maker shenanigans, this talk covers several notable cheating incidents and concludes with a systematic takedown of a troll that chilled the Diablo speedrunning community for more than a decade.\r\n\r\nThis talk includes several investigations I have been a part of in some capacity and will ultimately include additional references in the coming months; I've broken the references out by game, presented in Markdown format like the rest of this document:\r\n### Dragster\r\n- [Submission #5517: Omnigamer's A2600 Dragster in 00:08.49](https://tasvideos.org/5517S)\r\n- [A2600 Dragster by Omnigamer in 00:08.49](https://tasvideos.org/3430M)\r\n- [Submission #5876: MrWint & Omnigamer's A2600 Dragster in 00:08.39](https://tasvideos.org/5876S)\r\n- [A2600 Dragster by MrWint, Omnigamer in 00:08.39](https://tasvideos.org/3662M)\r\n- [Omnigamer's Dragster simulator model](https://docs.google.com/spreadsheets/d/1HhaBah7e48lBRA18v8Mgr-fRVZS5DUJb_pnOsBTC34c)\r\n- [Dragster optimal sequence project by esnard](https://github.com/esnard/dragster)\r\n- [Investigation into optimal Dragster play by MrWint](https://github.com/MrWint/dragster/tree/master)\r\n- [TASBot beats Dragster in 5.57 (console verification of Omnigamer's TAS)](https://www.youtube.com/watch?v=oXMxZbPzRzs)\r\n\r\n### Super Mario Maker\r\n- [Inside TASBot’s semi-secret, probably legal effort to control the Nintendo Switch](https://arstechnica.com/gaming/2020/01/inside-tasbots-semi-secret-probably-legal-effort-to-control-the-nintendo-switch/)\r\n- [The _Super Mario Maker_ community faces its final boss](https://arstechnica.com/gaming/2024/03/the-super-mario-maker-community-faces-its-final-boss/)\r\n- [_Super Mario Maker_’s “final boss” was a fraud all along](https://arstechnica.com/gaming/2024/03/super-mario-makers-final-boss-was-a-fraud-all-along/)\r\n- [How to cheat at _Super Mario Maker_ and get away with it for years](https://arstechnica.com/gaming/2024/04/how-to-cheat-at-super-mario-maker-and-get-away-with-it-for-years/)\r\n- [Trimming the Herbs TAS attempts](https://youtu.be/ypoNHp7aWGM)\r\n- [Trimming the Herbs has been Beaten](https://www.youtube.com/watch?v=i7yvVJbji0U)\r\n\r\n# Diablo\r\n- [Speed Demos Archive Diablo page](https://speeddemosarchive.com/Diablo.html)\r\n- [Groobo's 2009 Diablo speedrun submission video](https://speeddemosarchive.com/demo.pl?Diablo_Sorcerer_312)\r\n- [Speed Demos Archive Diablo run review](https://forum.speeddemosarchive.com/post/diablo__february_8th_2009.html)\r\n- [Guinness World Records Diablo entry](https://www.guinnessworldrecords.com/world-records/110580-fastest-completion-of-an-rpg-videogame)\r\n- [Devilution Diablo decompiliation](https://github.com/diasurgical/devilution)\r\n- [DevilutionX Diablo decompiliation](https://github.com/diasurgical/devilutionX/)\r\n- [Diablo MapGen](https://github.com/Matthew-petroff/diablo-mapgen)","updated_timestamp":{"seconds":1720463210,"nanoseconds":0},"speakers":[{"content_ids":[54501],"conference_id":133,"event_ids":[54874],"name":"Allan \"dwangoAC\" Cecil","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"TASBot Online Community","title":"Founder and Leader"}],"pronouns":"he/him","links":[{"description":"","title":"Discord.gg/TASBot","sort_order":0,"url":"https://Discord.gg/TASBot"},{"description":"","title":"TAS.Bot","sort_order":0,"url":"https://TAS.Bot"},{"description":"","title":"Twitch","sort_order":0,"url":"https://Twitch.tv/dwangoAC"},{"description":"","title":"YouTube","sort_order":0,"url":"https://YouTube.com/dwangoAC"}],"media":[],"id":54063,"title":"Founder and Leader at TASBot Online Community"}],"begin_tsz":"2024-08-10T21:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:26:50Z","links":[],"end":"2024-08-10T22:15:00.000-0000","id":54874,"tag_ids":[46166,46169,46419,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723325400,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54063}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-10T21:30:00.000-0000","updated":"2024-07-08T18:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"With the iPhone 15 & iPhone 15 Pro Apple switched their iPhone to USB-C - and introduced a new proprietary USB-C controller: The ACE3.\r\n\r\nBut the ACE3 does more than just handle USB power delivery: It's a full microcontroller running a full USB stack connected to some of the internal busses of the device, and we even managed to access JTAG on the iPhone 15 through it. It also provides access to UART, the internal SPMI bus, etc. Previous variants of the ACE, namely the ACE2 found in MacBooks, could easily be dumped and analyzed using SWD - and even be persistently backdoored through a software vulnerability we found.\r\n\r\nOn the ACE3 however, Apple upped their game: Firmware updates are personalized, debug interfaces seem to be disabled, and the external flash is validated and does not contain all the firmware. However using a combination of reverse-engineering, RF side-channel analysis and electro-magnetic fault-injection it was possible to gain code-execution on the ACE3 - allowing dumping of the ROM, and analysis of the functionality.\r\n\r\nThis talk will show how to use a combination of hardware, firmware, reverse-engineering, side-channel analysis and fault-injection to gain code-execution on a completely custom chip, enabling further security research on an under-explored but security relevant part of Apple devices.\r\n\r\n- AsahiLinux USB-PD Documentaiton - [link](https://github.com/AsahiLinux/docs/wiki/HW%3AUSB-PD)\r\n- AsahiLinux macvdmtool - [link](https://github.com/AsahiLinux/macvdmtool)\r\n- ACE Controller Secrets (for ACE/ACE2) - [link](https://blog.rickmark.me/ace-controller-secrets/)\r\n- Marc Zyngier's Central Scrutinizer - [link](https://kernel.googlesource.com/pub/scm/linux/kernel/git/maz/cs-hw/)\r\n\n\n\n","media":[],"title":"ACE up the Sleeve: From getting JTAG on the iPhone 15 to hacking into Apple's new USB-C Controller","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T22:15:00Z","end_timestamp":{"seconds":1723328100,"nanoseconds":0},"android_description":"With the iPhone 15 & iPhone 15 Pro Apple switched their iPhone to USB-C - and introduced a new proprietary USB-C controller: The ACE3.\r\n\r\nBut the ACE3 does more than just handle USB power delivery: It's a full microcontroller running a full USB stack connected to some of the internal busses of the device, and we even managed to access JTAG on the iPhone 15 through it. It also provides access to UART, the internal SPMI bus, etc. Previous variants of the ACE, namely the ACE2 found in MacBooks, could easily be dumped and analyzed using SWD - and even be persistently backdoored through a software vulnerability we found.\r\n\r\nOn the ACE3 however, Apple upped their game: Firmware updates are personalized, debug interfaces seem to be disabled, and the external flash is validated and does not contain all the firmware. However using a combination of reverse-engineering, RF side-channel analysis and electro-magnetic fault-injection it was possible to gain code-execution on the ACE3 - allowing dumping of the ROM, and analysis of the functionality.\r\n\r\nThis talk will show how to use a combination of hardware, firmware, reverse-engineering, side-channel analysis and fault-injection to gain code-execution on a completely custom chip, enabling further security research on an under-explored but security relevant part of Apple devices.\r\n\r\n- AsahiLinux USB-PD Documentaiton - [link](https://github.com/AsahiLinux/docs/wiki/HW%3AUSB-PD)\r\n- AsahiLinux macvdmtool - [link](https://github.com/AsahiLinux/macvdmtool)\r\n- ACE Controller Secrets (for ACE/ACE2) - [link](https://blog.rickmark.me/ace-controller-secrets/)\r\n- Marc Zyngier's Central Scrutinizer - [link](https://kernel.googlesource.com/pub/scm/linux/kernel/git/maz/cs-hw/)","updated_timestamp":{"seconds":1720463233,"nanoseconds":0},"speakers":[{"content_ids":[54500],"conference_id":133,"event_ids":[54873],"name":"Thomas \"stacksmashing\" Roth","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Twitter (@ghidraninja)","sort_order":0,"url":"https://twitter.com/ghidraninja"},{"description":"","title":"YouTube","sort_order":0,"url":"https://youtube.com/stacksmashing"}],"media":[],"id":54065}],"begin_tsz":"2024-08-10T21:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:27:13Z","links":[],"end":"2024-08-10T22:15:00.000-0000","id":54873,"tag_ids":[46166,46169,46419,46438,46880],"village_id":null,"begin_timestamp":{"seconds":1723325400,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54065}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-10T21:30:00.000-0000","updated":"2024-07-08T18:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This workshop offers hands-on instruction using a unique, cat-shaped Wi-Fi hacking microcontroller. Designed to engage participants in practical learning, the workshop will cover essential skills for defending against four common Wi-Fi attacks. Participants will explore topics like detecting Wi-Fi leaks, the risks of QR codes leading to hidden networks, spotting phishing networks, and defending against advanced Wi-Fi karma attacks. The cat-shaped Wi-Fi Nugget is a powerful tool for understanding and fighting back against Wi-Fi hacking. This workshop is suitable for Wi-Fi hacking experts and those just getting started. A computer with a Chrome-based browser is required for this workshop.\n\n\n","media":[],"title":"Wi-Fi Hacking Self Defense: Four Advanced Techniques and How to Stop Them","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T23:15:00Z","end_timestamp":{"seconds":1723331700,"nanoseconds":0},"android_description":"This workshop offers hands-on instruction using a unique, cat-shaped Wi-Fi hacking microcontroller. Designed to engage participants in practical learning, the workshop will cover essential skills for defending against four common Wi-Fi attacks. Participants will explore topics like detecting Wi-Fi leaks, the risks of QR codes leading to hidden networks, spotting phishing networks, and defending against advanced Wi-Fi karma attacks. The cat-shaped Wi-Fi Nugget is a powerful tool for understanding and fighting back against Wi-Fi hacking. This workshop is suitable for Wi-Fi hacking experts and those just getting started. A computer with a Chrome-based browser is required for this workshop.","updated_timestamp":{"seconds":1722645221,"nanoseconds":0},"speakers":[{"content_ids":[55930,55931,55932,55933,55934,55935,55936,55937,55938,55939],"conference_id":133,"event_ids":[56521,56522,56523,56524,56525,56526,56527,56528,56529,56530],"name":"Kody K","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56287}],"begin_tsz":"2024-08-10T21:15:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:41Z","links":[{"label":"Purchase/Pre-Register","type":"link","url":"https://retia.io/products/wi-fi-hacking-self-defense-4-advanced-techniques-and-how-to-stop-them"}],"end":"2024-08-10T23:15:00.000-0000","id":56527,"tag_ids":[46383,46429,46734],"village_id":null,"begin_timestamp":{"seconds":1723324500,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56287}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T21:15:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Aviation's Traffic Collision Avoidance System (TCAS) II has been touted as a foolproof safety net since its introduction in the 1980s. But what if we told you that this supposedly impenetrable system can be compromised? For years, attacks on TCAS have been mere theoretical exercises, foiled by an (accidental) built in security feature. That is, until now. In this presentation, we'll reveal the first working RF attacks on TCAS II, demonstrating how to hijack collision avoidance displays and create fake Traffic Advisories (TAs) and Resolution Advisories (RAs). We'll walk you through the technical challenges of building the necessary tooling using commercial off-the-shelf hardware.\n\nBut that's not all. Our research has also uncovered a second attack capable of remotely disabling an aircraft's TCAS capabilities, rendering it vulnerable to mid-air collisions. The implications are clear: if our findings can be exploited in real-world scenarios, the safety of millions of passengers hangs in the balance. Join us as we lift the lid on this shocking vulnerability and explore the dark side of aviation security.\n\n\n","media":[],"title":" RF Attacks on Aviation's Last Line of Defense Against Mid-Air Collisions (TCAS II)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Aviation's Traffic Collision Avoidance System (TCAS) II has been touted as a foolproof safety net since its introduction in the 1980s. But what if we told you that this supposedly impenetrable system can be compromised? For years, attacks on TCAS have been mere theoretical exercises, foiled by an (accidental) built in security feature. That is, until now. In this presentation, we'll reveal the first working RF attacks on TCAS II, demonstrating how to hijack collision avoidance displays and create fake Traffic Advisories (TAs) and Resolution Advisories (RAs). We'll walk you through the technical challenges of building the necessary tooling using commercial off-the-shelf hardware.\n\nBut that's not all. Our research has also uncovered a second attack capable of remotely disabling an aircraft's TCAS capabilities, rendering it vulnerable to mid-air collisions. The implications are clear: if our findings can be exploited in real-world scenarios, the safety of millions of passengers hangs in the balance. Join us as we lift the lid on this shocking vulnerability and explore the dark side of aviation security.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54618,54510],"conference_id":133,"event_ids":[54883,54992],"name":"Vincent Lenders","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cyber-Defence Campus","title":"Cybersecurity Researcher and Head"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/vincent-lenders-303656"},{"description":"","title":"Twitter (@Vlenders)","sort_order":0,"url":"https://twitter.com/Vlenders"},{"description":"","title":"lenders.ch","sort_order":0,"url":"https://lenders.ch"}],"media":[],"id":54111,"title":"Cybersecurity Researcher and Head at Cyber-Defence Campus"},{"content_ids":[54618],"conference_id":133,"event_ids":[54992],"name":"Giacomo Longo","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54336}],"begin_tsz":"2024-08-10T21:15:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":54992,"tag_ids":[46366,46419,46437,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723324500,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54336},{"tag_id":46167,"sort_order":1,"person_id":54111}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T21:15:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Brief History of GRC","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:50:00Z","end_timestamp":{"seconds":1723326600,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722445826,"nanoseconds":0},"speakers":[{"content_ids":[55690],"conference_id":133,"event_ids":[56213],"name":"Allen Baranov","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56061}],"begin_tsz":"2024-08-10T21:05:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:10:26Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-10T21:50:00.000-0000","id":56213,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723323900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56061}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-10T21:05:00.000-0000","updated":"2024-07-31T17:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk we'll cover just how far you can communicate on less power than your phone uses to charge. How to tx over the horizon and how to power it all.\n\n\n","media":[],"title":"Low Power & Long Range Communications - QRP","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:30:00Z","end_timestamp":{"seconds":1723325400,"nanoseconds":0},"android_description":"In this talk we'll cover just how far you can communicate on less power than your phone uses to charge. How to tx over the horizon and how to power it all.","updated_timestamp":{"seconds":1723309020,"nanoseconds":0},"speakers":[{"content_ids":[56222],"conference_id":133,"event_ids":[56877],"name":"Escobar","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@EricEscobar)","sort_order":0,"url":"https://twitter.com/EricEscobar"}],"media":[],"id":56620}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-10T16:57:00Z","links":[],"end":"2024-08-10T21:30:00.000-0000","id":56877,"tag_ids":[46380,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56620}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W321","hotel":"","short_name":"W321","id":46337},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-10T16:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Navigating Bureaucracy: Strategies for a Post-Military Career Encore","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:45:00Z","end_timestamp":{"seconds":1723326300,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723225179,"nanoseconds":0},"speakers":[{"content_ids":[56213],"conference_id":133,"event_ids":[56867],"name":"Nia Luckey","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56604}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T17:39:39Z","links":[],"end":"2024-08-10T21:45:00.000-0000","id":56867,"tag_ids":[46409,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56604}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W213-W214","hotel":"","short_name":"W213-W214","id":46286},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-09T17:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk will cover the role that Secretaries of State’s offices play in Elections. This talk with also dive into the election processes that the State of NH follow and all the ways they do whatever they can to keep elections secure. It is a rare opportunity to hear directly from a Secretary of State the roll they play in national elections. This talk will allow audiences to have a better understanding of how these processes work and why Secretary of States play such a critical role in elections.\n\n\n","media":[],"title":"Understanding the Role of Secretary of States in Elections","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:45:00Z","end_timestamp":{"seconds":1723326300,"nanoseconds":0},"android_description":"This talk will cover the role that Secretaries of State’s offices play in Elections. This talk with also dive into the election processes that the State of NH follow and all the ways they do whatever they can to keep elections secure. It is a rare opportunity to hear directly from a Secretary of State the roll they play in national elections. This talk will allow audiences to have a better understanding of how these processes work and why Secretary of States play such a critical role in elections.","updated_timestamp":{"seconds":1723183539,"nanoseconds":0},"speakers":[{"content_ids":[56198],"conference_id":133,"event_ids":[56852],"name":"Dave Scanlan","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"New Hampshire","title":"Secretary of State"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@NHSecretary)","sort_order":0,"url":"https://twitter.com/NHSecretary"},{"description":"","title":"Website","sort_order":0,"url":"https://www.sos.nh.gov/elections/information/contact"}],"media":[],"id":56571,"title":"Secretary of State at New Hampshire"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T06:05:39Z","links":[],"end":"2024-08-10T21:45:00.000-0000","id":56852,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56571}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Adversarial AI has come a long way since its resurgence ten years ago. In this talk, we discuss how the landscape of attacks and defenses has shifted in recent years as a result of DARPA’s program on Guaranteeing AI Robustness against Deception (GARD) as well as the rise of LLMs.\n\n\n","media":[],"title":"The Cat-and-Mouse Game of Adversarial Artificial Intelligence","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:20:00Z","end_timestamp":{"seconds":1723324800,"nanoseconds":0},"android_description":"Adversarial AI has come a long way since its resurgence ten years ago. In this talk, we discuss how the landscape of attacks and defenses has shifted in recent years as a result of DARPA’s program on Guaranteeing AI Robustness against Deception (GARD) as well as the rise of LLMs.","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[56136],"conference_id":133,"event_ids":[56779],"name":"Alvaro Velasquez","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DARPA Information Innovation Office","title":"GARD Program Manager"}],"pronouns":null,"links":[{"description":"","title":"DARPA Profile","sort_order":0,"url":"https://www.darpa.mil/staff/dr-alvaro-velasquez"},{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/alvaro-velasquez-b14963246/"}],"media":[],"id":56531,"title":"GARD Program Manager at DARPA Information Innovation Office"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-10T21:20:00.000-0000","id":56779,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56531}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Welcome to Day 2 of the Gold Bug at the 11th annual Crypto & Privacy Village! Join the Gold Bug Team for the latest updates, panel-exclusive hints, and more. This panel compliments the Gold Bug: Welcome on Day 1.\n\n\n","media":[],"title":"Gold Bug: Puzzle Panel","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Welcome to Day 2 of the Gold Bug at the 11th annual Crypto & Privacy Village! Join the Gold Bug Team for the latest updates, panel-exclusive hints, and more. This panel compliments the Gold Bug: Welcome on Day 1.","updated_timestamp":{"seconds":1722726000,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T23:00:00Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":56625,"tag_ids":[46377,46439,46768],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-03T23:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Skills are learned, but application is art. Much like an artist learning the skill to draw, in this workshop, we learn the skill to identify and create byte-sized adversary emulation-based tests. By reading a report with the lens of MITRE ATT&CK, we identify procedures that link back to MITRE ATT&CK techniques or sub-techniques, which allows us to create an atomic red team test based on the reporting. However, like every artist faces when putting pen to paper, the skill of drawing is not the same as the skill of creating. Using art forgery concepts to help us overcome these obstacles, we walk through how to navigate the gaps in reporting and emulate versus simulating the adversary. Participants are encouraged to finish out the atomic tests and contribute to the public Atomic Red Team GitHub. Welcome to the club of legal copycats. Intended audience: International audience with English is a second language. Beginner to intermediate skill. Basic level of programing knowledge and cyber security concepts required. Students are expected to provide their own laptop. Have a GitHub account & understand the clone, git and pull commands.\n\n\n","media":[],"title":"CopyCat: An Artist Guide to Adversary Forgery","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Skills are learned, but application is art. Much like an artist learning the skill to draw, in this workshop, we learn the skill to identify and create byte-sized adversary emulation-based tests. By reading a report with the lens of MITRE ATT&CK, we identify procedures that link back to MITRE ATT&CK techniques or sub-techniques, which allows us to create an atomic red team test based on the reporting. However, like every artist faces when putting pen to paper, the skill of drawing is not the same as the skill of creating. Using art forgery concepts to help us overcome these obstacles, we walk through how to navigate the gaps in reporting and emulate versus simulating the adversary. Participants are encouraged to finish out the atomic tests and contribute to the public Atomic Red Team GitHub. Welcome to the club of legal copycats. Intended audience: International audience with English is a second language. Beginner to intermediate skill. Basic level of programing knowledge and cyber security concepts required. Students are expected to provide their own laptop. Have a GitHub account & understand the clone, git and pull commands.","updated_timestamp":{"seconds":1722715708,"nanoseconds":0},"speakers":[{"content_ids":[55991],"conference_id":133,"event_ids":[56613],"name":"Cat Self","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Principal Adversary Emulation Engineer (MITRE ATT&CK)","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/coolestcatiknow/"},{"description":"","title":"Twitter (@coolestcatiknow)","sort_order":0,"url":"https://x.com/coolestcatiknow"}],"media":[],"id":56328,"title":"Principal Adversary Emulation Engineer (MITRE ATT&CK)"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T20:08:28Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56613,"tag_ids":[46367,46734],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56328}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-03T20:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Unleash your creativity at the Tool Makers Hackathon, where innovation meets functionality. Collaborate with fellow hackers to design and build groundbreaking tools that push the boundaries of cybersecurity. Whether you're a seasoned pro or a budding developer, this is your chance to showcase your skills, learn from the best, and create something truly unique.\n\n\n","media":[],"title":"ToolMakers Hackathon","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Unleash your creativity at the Tool Makers Hackathon, where innovation meets functionality. Collaborate with fellow hackers to design and build groundbreaking tools that push the boundaries of cybersecurity. Whether you're a seasoned pro or a budding developer, this is your chance to showcase your skills, learn from the best, and create something truly unique.","updated_timestamp":{"seconds":1722633249,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T21:14:09Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56502,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for an immersive workshop designed for beginners and professionals looking to enhance their Open Source Intelligence (OSINT) skills. This workshop provides a technical guide to uncovering hidden connections and expanding investigative horizons using advanced OSINT techniques and tools. Participants will gain hands-on experience with leading OSINT tools, learn how to identify pivotal data points, and practice real-world pivoting strategies through interactive exercises and case studies. \n\nThis workshop is ideal for those seeking to refine their investigative methodologies and leverage cutting-edge OSINT practices for more effective and efficient investigations. \n\nTopics:\n- OSINT Introduction and Walkthrough\n- Common tools and platforms\n- Data Sources\n- Understanding Pivoting\n- Identifying Pivot Points\n- Techniques and Tools\n- Data Correlation\n- Automation and Scripting\n- Case Study\n- Integrating OSINT with other Intel\n- Ethical and Legal Considerations\n\n\nSkill Level: Beginner to Intermediate\n\n\n","media":[],"title":"The art of Pivoting in OSINT Investigations","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Join us for an immersive workshop designed for beginners and professionals looking to enhance their Open Source Intelligence (OSINT) skills. This workshop provides a technical guide to uncovering hidden connections and expanding investigative horizons using advanced OSINT techniques and tools. Participants will gain hands-on experience with leading OSINT tools, learn how to identify pivotal data points, and practice real-world pivoting strategies through interactive exercises and case studies. \n\nThis workshop is ideal for those seeking to refine their investigative methodologies and leverage cutting-edge OSINT practices for more effective and efficient investigations. \n\nTopics:\n- OSINT Introduction and Walkthrough\n- Common tools and platforms\n- Data Sources\n- Understanding Pivoting\n- Identifying Pivot Points\n- Techniques and Tools\n- Data Correlation\n- Automation and Scripting\n- Case Study\n- Integrating OSINT with other Intel\n- Ethical and Legal Considerations\n\n\nSkill Level: Beginner to Intermediate","updated_timestamp":{"seconds":1722633249,"nanoseconds":0},"speakers":[{"content_ids":[55914],"conference_id":133,"event_ids":[56501],"name":"Ram Ganesh","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56270}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T21:14:09Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56501,"tag_ids":[46391,46734],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56270}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Quantum machine learning is a relatively new discipline, first appearing around 15 years ago, and uses a combination of machine learning ideas and concepts with quantum computing in order to ask: can we utilize the high-dimensional vector space of quantum computing for machine learning?\r\n\r\nIn this talk, I’ll go through the history of quantum machine learning: the highs, the lows, and the question marks. While we still have a lot to figure out — quantum computers will not just make existing quantum machine learning ‘faster’! — I’ll show you what’s already out there and how to take part.\r\n\n\n\n","media":[],"title":"QML - Quantum Machine Learning: What is it, where did it come from, and how do I start?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:45:00Z","end_timestamp":{"seconds":1723326300,"nanoseconds":0},"android_description":"Quantum machine learning is a relatively new discipline, first appearing around 15 years ago, and uses a combination of machine learning ideas and concepts with quantum computing in order to ask: can we utilize the high-dimensional vector space of quantum computing for machine learning?\r\n\r\nIn this talk, I’ll go through the history of quantum machine learning: the highs, the lows, and the question marks. While we still have a lot to figure out — quantum computers will not just make existing quantum machine learning ‘faster’! — I’ll show you what’s already out there and how to take part.","updated_timestamp":{"seconds":1723307234,"nanoseconds":0},"speakers":[{"content_ids":[55852],"conference_id":133,"event_ids":[56439],"name":"Josh Izaac","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56617}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-10T16:27:14Z","links":[],"end":"2024-08-10T21:45:00.000-0000","id":56439,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56617}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-10T16:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Biometrics applied to PACS (Physical Access Control Systems) has been an hot-topic for a few years now. The spread of fingerprint or face recognition based access control and time attendance systems among corporate, industrial and military environments has surged. And with it, also the number of potential attack vectors has increased. In this talk, after a brief overview of the state of art of available PACS utilizing biometrics to authenticate and authorize users, we will investigate one technology among others (usually perceived less-invasive) that has been widely used in some specific fields (e.g. industrial plants, airports, food industry, etc.): the handpunch access control and time attendance systems. The handpunch PACS are based on the hand-geometry recognition. In this presentation we will have a look how this tech works and, in particular, we will focus our attention on reviewing some of existing handpunch devices: from a physical security POV until reversing the communication protocol. Moreover, during the presentation will be demonstrated how to remotely push a new super-admin user into it (i.e. persistent backdoor), how to dump existing users credentials and will be also released an opensource tool-suite: HandScan & HandPwner. Eventually, thanks the cooperation with Shodan’s creator, it has been confirmed that more than 1800 of these vulnerable devices were found exposed on the Internet. Finally, we will conclude the talk with practical and actionable countermeasures to prevent these attacks and how to harden these devices.\n\n\n","media":[],"title":"HandPwning: “Your Hand is your Passport. Verify me. Now let me in!”","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Biometrics applied to PACS (Physical Access Control Systems) has been an hot-topic for a few years now. The spread of fingerprint or face recognition based access control and time attendance systems among corporate, industrial and military environments has surged. And with it, also the number of potential attack vectors has increased. In this talk, after a brief overview of the state of art of available PACS utilizing biometrics to authenticate and authorize users, we will investigate one technology among others (usually perceived less-invasive) that has been widely used in some specific fields (e.g. industrial plants, airports, food industry, etc.): the handpunch access control and time attendance systems. The handpunch PACS are based on the hand-geometry recognition. In this presentation we will have a look how this tech works and, in particular, we will focus our attention on reviewing some of existing handpunch devices: from a physical security POV until reversing the communication protocol. Moreover, during the presentation will be demonstrated how to remotely push a new super-admin user into it (i.e. persistent backdoor), how to dump existing users credentials and will be also released an opensource tool-suite: HandScan & HandPwner. Eventually, thanks the cooperation with Shodan’s creator, it has been confirmed that more than 1800 of these vulnerable devices were found exposed on the Internet. Finally, we will conclude the talk with practical and actionable countermeasures to prevent these attacks and how to harden these devices.","updated_timestamp":{"seconds":1722564617,"nanoseconds":0},"speakers":[{"content_ids":[55343,55800],"conference_id":133,"event_ids":[55735,56349,56352],"name":"Luca \"CYBERANTANI\" Bongiorni","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"We Hack In Disguise (WHID)","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":55951,"title":"Founder at We Hack In Disguise (WHID)"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T02:10:17Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":56349,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55951}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-02T02:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Arguably one of the many unsexy topics in the space, but a super important consideration for those leading security programs and the ICs working on the individual components. This conversation will include an overview of the pros and cons of building vs buying decisions in a security program. Specific use cases, and maturity stages will be explored to help the audience understand how to work towards getting the balance right. Panelists with a wealth of diverse industry experience will talk through real world examples of what worked and what didn’t, and lessons learned. We reserve the right to pull an Oprah Winfrey and leave jars of mayo under each seat to make this talk extra memorable. \r\n\r\nPanelists’ experience includes both IC and management, from startups to FAANG to giant enterprise.\n\n\nJoin us for this thrilling and dynamic panel as we extend the wisdom of The Barefoot Contessa, Ina Garten, to the security space. Why spend your precious time in the kitchen of your security program making absolutely everything from scratch, when store bought can be just fine sometimes? We’ll discuss the pros and cons and considerations of build vs buy, in a talk that promises to capture the right balance of cynicism, nuance, and practicality. We know it’s tempting to make our own mayo, but we’ve lived it and have to say - sometimes store bought is just fine. Prepare your well ack-shuallys, we’re ready.","media":[],"title":"Store bought is fine, sometimes!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Arguably one of the many unsexy topics in the space, but a super important consideration for those leading security programs and the ICs working on the individual components. This conversation will include an overview of the pros and cons of building vs buying decisions in a security program. Specific use cases, and maturity stages will be explored to help the audience understand how to work towards getting the balance right. Panelists with a wealth of diverse industry experience will talk through real world examples of what worked and what didn’t, and lessons learned. We reserve the right to pull an Oprah Winfrey and leave jars of mayo under each seat to make this talk extra memorable. \r\n\r\nPanelists’ experience includes both IC and management, from startups to FAANG to giant enterprise.\n\n\nJoin us for this thrilling and dynamic panel as we extend the wisdom of The Barefoot Contessa, Ina Garten, to the security space. Why spend your precious time in the kitchen of your security program making absolutely everything from scratch, when store bought can be just fine sometimes? We’ll discuss the pros and cons and considerations of build vs buy, in a talk that promises to capture the right balance of cynicism, nuance, and practicality. We know it’s tempting to make our own mayo, but we’ve lived it and have to say - sometimes store bought is just fine. Prepare your well ack-shuallys, we’re ready.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55765],"conference_id":133,"event_ids":[56288],"name":"Tina Velez","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ClearVector","title":"Growth Lead"}],"links":[],"pronouns":null,"media":[],"id":56138,"title":"Growth Lead at ClearVector"},{"content_ids":[55765],"conference_id":133,"event_ids":[56288],"name":"William Phillips","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56146},{"content_ids":[55765],"conference_id":133,"event_ids":[56288],"name":"Jason Craig","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56151},{"content_ids":[55765],"conference_id":133,"event_ids":[56288],"name":"Lauren Proehl","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56166}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":56288,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56151},{"tag_id":46167,"sort_order":1,"person_id":56166},{"tag_id":46167,"sort_order":1,"person_id":56138},{"tag_id":46167,"sort_order":1,"person_id":56146}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Dapps (decentralized applications) are a type of application in the blockchain space that integrate both Web2 and blockchain components, presenting unique security challenges. Drawing from years of experience hacking Dapps, this session will share real-world examples of Dapp vulnerabilities and attack vectors. Topics covered include an introduction to Dapps, Dapp threat modeling, and Dapp vulnerability case studies, providing valuable insights and resources for newcomers and seasoned Web2 pentesters looking to enhance their Web3 application hacking skills.\n\n\n","media":[],"title":"Web2 Meets Web3: Hacking Decentralized Applications","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:30:00Z","end_timestamp":{"seconds":1723325400,"nanoseconds":0},"android_description":"Dapps (decentralized applications) are a type of application in the blockchain space that integrate both Web2 and blockchain components, presenting unique security challenges. Drawing from years of experience hacking Dapps, this session will share real-world examples of Dapp vulnerabilities and attack vectors. Topics covered include an introduction to Dapps, Dapp threat modeling, and Dapp vulnerability case studies, providing valuable insights and resources for newcomers and seasoned Web2 pentesters looking to enhance their Web3 application hacking skills.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55711],"conference_id":133,"event_ids":[56251],"name":"Peiyu Wang","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56079}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T21:30:00.000-0000","id":56251,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56079}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Make a friendship bracelet with an exclusive WISP charm.\n\n\n","media":[],"title":"Friendship Bracelet Making","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"Make a friendship bracelet with an exclusive WISP charm.","updated_timestamp":{"seconds":1722207088,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T22:51:28Z","links":[{"label":"Website","type":"link","url":"https://www.wisporg.com/"}],"end":"2024-08-10T22:45:00.000-0000","id":55902,"tag_ids":[46410,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-04","hotel":"","short_name":"HW3-05-04","id":46266},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-28T22:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"New updates to FISSURE, the open-source RF framework and toolbox for all things RF, include the addition of deployable remote sensor nodes consisting of general-purpose computers that support many types of radio peripherals. These remote sensor nodes run a small subset of code that can be controlled over a network through the FISSURE Dashboard GUI to perform traditional FISSURE operations and also execute new types of scripted actions that can be run autonomously on startup or semi-autonomously through user interaction. \n\nFlexible hardware options inherent to the computers and the radio peripherals allow the operator to weigh varying price points and upgrade options depending on the task at hand. Multiple types of COTS single-board computers (Raspberry Pi, Orange Pi, etc.), mini-PCs, laptops, and desktop computers can be supported along with various RF-enabled devices like software-defined radios or Wi-Fi/Bluetooth/Zigbee adapters. The new updates also include the ability to trigger electromagnetic effects using different types of RF, visual, acoustic, and environmental sensors connected to the nodes.\n\nThe deployment of multiple sensor nodes on the same network unlocks many geospatial applications for future development of FISSURE. Such applications include direction finding, tracking, intrusion detection, mobile deployment, and perimeter defense. A small form factor and autonomous capabilities grant unique opportunities for stealth deployment and packaging onto existing platforms. These updates can also provide a low-cost mechanism for remote workers to conduct combined RF-cybersecurity testing and access specialized RF environments like international localities of interest, laboratories, and test sites.\n\nThis talk will provide a brief overview of FISSURE and walk through all the new updates relating to the remote sensor node capabilities. To learn more, read about FISSURE on GitHub: https://github.com/ainfosec/FISSURE\n\n\n","media":[],"title":"Remote Sensor Node Updates for FISSURE - The RF Framework","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"New updates to FISSURE, the open-source RF framework and toolbox for all things RF, include the addition of deployable remote sensor nodes consisting of general-purpose computers that support many types of radio peripherals. These remote sensor nodes run a small subset of code that can be controlled over a network through the FISSURE Dashboard GUI to perform traditional FISSURE operations and also execute new types of scripted actions that can be run autonomously on startup or semi-autonomously through user interaction. \n\nFlexible hardware options inherent to the computers and the radio peripherals allow the operator to weigh varying price points and upgrade options depending on the task at hand. Multiple types of COTS single-board computers (Raspberry Pi, Orange Pi, etc.), mini-PCs, laptops, and desktop computers can be supported along with various RF-enabled devices like software-defined radios or Wi-Fi/Bluetooth/Zigbee adapters. The new updates also include the ability to trigger electromagnetic effects using different types of RF, visual, acoustic, and environmental sensors connected to the nodes.\n\nThe deployment of multiple sensor nodes on the same network unlocks many geospatial applications for future development of FISSURE. Such applications include direction finding, tracking, intrusion detection, mobile deployment, and perimeter defense. A small form factor and autonomous capabilities grant unique opportunities for stealth deployment and packaging onto existing platforms. These updates can also provide a low-cost mechanism for remote workers to conduct combined RF-cybersecurity testing and access specialized RF environments like international localities of interest, laboratories, and test sites.\n\nThis talk will provide a brief overview of FISSURE and walk through all the new updates relating to the remote sensor node capabilities. To learn more, read about FISSURE on GitHub: https://github.com/ainfosec/FISSURE","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55457],"conference_id":133,"event_ids":[55882],"name":"Chris Poore","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Assured Information Security","title":"Senior Reverse Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@FissureRF)","sort_order":0,"url":"https://twitter.com/FissureRF"}],"media":[],"id":55996,"title":"Senior Reverse Engineer at Assured Information Security"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":55882,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55996}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Gnarly vulnerabilities in devices and services that typically face the internet are being disclosed every week. You can use GreyNoise's new free community analysis platform to deploy honeypot sensors, collect PCAPs of in-the-wild exploitation of software vulnerabilities, discover the source IPs of mass scanners, botnets, and compromised devices, and compare attacks across networks. In this presentation we're demonstrating GreyNoise' new sensor deployment, SQL explorer, and rules engine.\n\n\n","media":[],"title":"Farming Ndays with GreyNoise","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"Gnarly vulnerabilities in devices and services that typically face the internet are being disclosed every week. You can use GreyNoise's new free community analysis platform to deploy honeypot sensors, collect PCAPs of in-the-wild exploitation of software vulnerabilities, discover the source IPs of mass scanners, botnets, and compromised devices, and compare attacks across networks. In this presentation we're demonstrating GreyNoise' new sensor deployment, SQL explorer, and rules engine.","updated_timestamp":{"seconds":1722131281,"nanoseconds":0},"speakers":[{"content_ids":[55428],"conference_id":133,"event_ids":[55847],"name":"Andrew Morris","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@andrew___morris"}],"media":[],"id":55972}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T01:48:01Z","links":[],"end":"2024-08-10T22:45:00.000-0000","id":55847,"tag_ids":[46441],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55972}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W308","hotel":"","short_name":"W308","id":46321},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-28T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Get all your questions about hard hats answered by the Hard Hat Brigade community organizers.\n\n\n","media":[],"title":"Hard Hat Brigade - Q&A Panel","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Get all your questions about hard hats answered by the Hard Hat Brigade community organizers.","updated_timestamp":{"seconds":1721968619,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-26T04:36:59Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":55793,"tag_ids":[46403,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-02","hotel":"","short_name":"HW2-08-02","id":46261},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-26T04:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The National Renewable Energy Laboratory's Clean Energy Cybersecurity Accelerator (CECA) program focuses on accelerating the deployment of innovative OT security solutions in the electric grid. Sponsored by the Department of Energy and utility partners, CECA collaborates with utility sponsors to prioritize cybersecurity gaps and evaluate emerging solutions focused on those gaps. The second cohort of CECA addressed the challenge of OT asset management, particularly incomplete system visibility in Industrial Control Systems (ICS). This presentation covers CECA's evaluation of runZero, a product that enhances asset visibility through active scanning. The evaluation process involved rigorous, repeatable testing in a controlled environment to assess the product's ability to accurately identify devices and its impact on device operation. We will discuss the results of this testing, demonstrating how active scanning can be safe and effective for improving asset visibility. Additionally, we will delve into CECA’s testing philosophy and approach, providing insights into our evaluation process and how it ensures the reliability and efficacy of new cybersecurity solutions.\n\n\n","media":[],"title":"Seeing the Unseen: An Evaluation of Active Scanning in ICS Environments","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:50:00Z","end_timestamp":{"seconds":1723326600,"nanoseconds":0},"android_description":"The National Renewable Energy Laboratory's Clean Energy Cybersecurity Accelerator (CECA) program focuses on accelerating the deployment of innovative OT security solutions in the electric grid. Sponsored by the Department of Energy and utility partners, CECA collaborates with utility sponsors to prioritize cybersecurity gaps and evaluate emerging solutions focused on those gaps. The second cohort of CECA addressed the challenge of OT asset management, particularly incomplete system visibility in Industrial Control Systems (ICS). This presentation covers CECA's evaluation of runZero, a product that enhances asset visibility through active scanning. The evaluation process involved rigorous, repeatable testing in a controlled environment to assess the product's ability to accurately identify devices and its impact on device operation. We will discuss the results of this testing, demonstrating how active scanning can be safe and effective for improving asset visibility. Additionally, we will delve into CECA’s testing philosophy and approach, providing insights into our evaluation process and how it ensures the reliability and efficacy of new cybersecurity solutions.","updated_timestamp":{"seconds":1721781765,"nanoseconds":0},"speakers":[{"content_ids":[55354],"conference_id":133,"event_ids":[55746],"name":"Jennifer Guerra","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"National Renewable Energy Laboratory (NREL)","title":"Cybersecurity Researcher"}],"links":[],"pronouns":null,"media":[],"id":55956,"title":"Cybersecurity Researcher at National Renewable Energy Laboratory (NREL)"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T00:42:45Z","links":[],"end":"2024-08-10T21:50:00.000-0000","id":55746,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55956}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-24T00:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The marketplace offering commercial proliferation of cyber tools and services (such as end to end CNE capabilities as well as individual components for those capabilities) is lowering the barrier to entry resulting in greater and irresponsible use by threat actors. Across the world, governments, industry, civil society, journalists, and think tanks are responding to this. Through the Pall Mall Process, the UK and French governments are working together to address this challenge, while recognising that these tools and services can provide benefits when used for legitimate purposes and developed responsibly. This session will inform those attending about the Pall Mall Process up to now and look at some of the next steps. It will also give a chance for questions to understand what it could mean for them. There is also a plan to hold an open roundtable at DEF CON for those who wish to provide feedback in a more intimate setting so that this can be considered whilst working through the next steps of the Pall Mall Process.\n\n\n","media":[],"title":"What’s next for the commercial CNE marketplace? A chance for you to influence the policy that will impact the future","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"The marketplace offering commercial proliferation of cyber tools and services (such as end to end CNE capabilities as well as individual components for those capabilities) is lowering the barrier to entry resulting in greater and irresponsible use by threat actors. Across the world, governments, industry, civil society, journalists, and think tanks are responding to this. Through the Pall Mall Process, the UK and French governments are working together to address this challenge, while recognising that these tools and services can provide benefits when used for legitimate purposes and developed responsibly. This session will inform those attending about the Pall Mall Process up to now and look at some of the next steps. It will also give a chance for questions to understand what it could mean for them. There is also a plan to hold an open roundtable at DEF CON for those who wish to provide feedback in a more intimate setting so that this can be considered whilst working through the next steps of the Pall Mall Process.","updated_timestamp":{"seconds":1722730244,"nanoseconds":0},"speakers":[{"content_ids":[55338],"conference_id":133,"event_ids":[55729],"name":"Bill Marczak","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"University of Toronto's Citizen Lab","title":"Senior Researcher"}],"links":[],"pronouns":null,"media":[],"id":55920,"title":"Senior Researcher at University of Toronto's Citizen Lab"},{"content_ids":[55338],"conference_id":133,"event_ids":[55729],"name":"Claudi d’Antoine","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Margin Research","title":"President and CEO"}],"links":[],"pronouns":null,"media":[],"id":55924,"title":"President and CEO at Margin Research"},{"content_ids":[55338],"conference_id":133,"event_ids":[55729],"name":"Océane Thieriot","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Embassy of France in Washington DC","title":"Counselor for Cyber Affairs"}],"links":[],"pronouns":null,"media":[],"id":55938,"title":"Counselor for Cyber Affairs at Embassy of France in Washington DC"},{"content_ids":[55338],"conference_id":133,"event_ids":[55729],"name":"Senior Representative from UK NCSC","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"UK National Cyber Security Centre","title":"CTO for Cyber Policy & Assessment"}],"links":[],"pronouns":null,"media":[],"id":55940,"title":"CTO for Cyber Policy & Assessment at UK National Cyber Security Centre"},{"content_ids":[55338],"conference_id":133,"event_ids":[55729],"name":"UK Repersentative 2","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"UK Foreign Commonwealth & Development Office","title":"Head of Cyber Proliferation Policy"}],"links":[],"pronouns":null,"media":[],"id":55941,"title":"Head of Cyber Proliferation Policy at UK Foreign Commonwealth & Development Office"},{"content_ids":[55897,55338],"conference_id":133,"event_ids":[55729,56484],"name":"Daniel Cuthbert","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56284}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-04T00:10:44Z","links":[],"end":"2024-08-10T22:45:00.000-0000","id":55729,"tag_ids":[46388,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55941},{"tag_id":46167,"sort_order":4,"person_id":55940},{"tag_id":46167,"sort_order":6,"person_id":55938},{"tag_id":46167,"sort_order":8,"person_id":55924},{"tag_id":46167,"sort_order":10,"person_id":55920},{"tag_id":46167,"sort_order":12,"person_id":56284}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-04T00:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Tempest is a new command and control framework written in Rust. The main goal of this framework is to prioritize ease of use for the hacker while also achieving elegant effectiveness on operations. Attendees will learn all about how to use the framework, with a focus on operational security and understanding the underlying code.\nThis talk will go beyond just showing how to push buttons and learn steps for using a tool. We'll talk about how the c2 works, how post-ex modules work, how to avoid EDR detection, and how to make the most effective use of this or any c2 framework.\n\n\n","media":[],"title":"Tempest c2: Use and Design","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:50:00Z","end_timestamp":{"seconds":1723326600,"nanoseconds":0},"android_description":"Tempest is a new command and control framework written in Rust. The main goal of this framework is to prioritize ease of use for the hacker while also achieving elegant effectiveness on operations. Attendees will learn all about how to use the framework, with a focus on operational security and understanding the underlying code.\nThis talk will go beyond just showing how to push buttons and learn steps for using a tool. We'll talk about how the c2 works, how post-ex modules work, how to avoid EDR detection, and how to make the most effective use of this or any c2 framework.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55305,54185],"conference_id":133,"event_ids":[55695,54554],"name":"Kirk Trychel","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Box.com","title":"Senior Red Team Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@teach2breach)","sort_order":0,"url":"https://twitter.com/teach2breach"}],"media":[],"id":53748,"title":"Senior Red Team Engineer at Box.com"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T21:50:00.000-0000","id":55695,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":53748}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Uncensored LLMs represent a category of language models free from ethical constraints, thus prone to misuse for various malicious purposes like generating malware. However, their capabilities fall short compared to commercially available LLMs, which are censored and unsuitable for such nefarious activities. Previously, researchers could bypass censorship in LLMs to generate malicious content using Jail Breaks. However, over time and with the introduction of new security measures, such exploits have become increasingly rare. In this research, we propose a novel technique in which we combine censored and uncensored LLMs for the generation of ransomware. The uncensored LLM will generate the initial malware, which will then be refined by the censored LLM to create a final, functional ransomware. We have tested the developed Ransomware in latest version of Windows OS and found it suitable for exploitation purposes. Additionally with minor efforts the rasnowmares can be updated using LLM for code obfuscation and unnecessary functionality addition for bypassing antivirus and antimalware solutions.\n\n\n","media":[],"title":"Combining Uncensored and Censored LLMs for Ransomware Generation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:50:00Z","end_timestamp":{"seconds":1723326600,"nanoseconds":0},"android_description":"Uncensored LLMs represent a category of language models free from ethical constraints, thus prone to misuse for various malicious purposes like generating malware. However, their capabilities fall short compared to commercially available LLMs, which are censored and unsuitable for such nefarious activities. Previously, researchers could bypass censorship in LLMs to generate malicious content using Jail Breaks. However, over time and with the introduction of new security measures, such exploits have become increasingly rare. In this research, we propose a novel technique in which we combine censored and uncensored LLMs for the generation of ransomware. The uncensored LLM will generate the initial malware, which will then be refined by the censored LLM to create a final, functional ransomware. We have tested the developed Ransomware in latest version of Windows OS and found it suitable for exploitation purposes. Additionally with minor efforts the rasnowmares can be updated using LLM for code obfuscation and unnecessary functionality addition for bypassing antivirus and antimalware solutions.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55304],"conference_id":133,"event_ids":[55694],"name":"Muhammad Mudassar Yamin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@Muddasaryamin)","sort_order":0,"url":"https://twitter.com/Muddasaryamin"}],"media":[],"id":55858}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T21:50:00.000-0000","id":55694,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55858}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"During this talk, we will cover the critical importance of permissions management in integrations, especially in cloud environments, and how an inappropriate permissions standard can create significant vulnerabilities for attackers. We will explore how an attacker can leverage legitimate permissions to perform privilege escalation in the cloud, highlighting the fundamental differences between Attack Vector and Attack Path. Additionally, we will examine the most effective and shortest path an attacker can take to achieve success in their goals. We will also discuss strategies to improve security in this context and mitigate these threats.\n\n\n","media":[],"title":"Cloud Offensive Breaches: The Graph-Based Exploitation of Misconfigurations","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:50:00Z","end_timestamp":{"seconds":1723326600,"nanoseconds":0},"android_description":"During this talk, we will cover the critical importance of permissions management in integrations, especially in cloud environments, and how an inappropriate permissions standard can create significant vulnerabilities for attackers. We will explore how an attacker can leverage legitimate permissions to perform privilege escalation in the cloud, highlighting the fundamental differences between Attack Vector and Attack Path. Additionally, we will examine the most effective and shortest path an attacker can take to achieve success in their goals. We will also discuss strategies to improve security in this context and mitigate these threats.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55303,55493,55964],"conference_id":133,"event_ids":[56580,55693,55922],"name":"Filipi Pires","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"senhasegura","title":"Security and Threat Researcher and Cybersecurity Advocate"},{"organization":"Black&White Technology","title":"Founder"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/filipipires/"},{"description":"","title":"Twitter (@FilipiPires)","sort_order":0,"url":"https://twitter.com/FilipiPires"},{"description":"","title":"Website","sort_order":0,"url":"https://filipipires.com"}],"media":[],"id":55857,"title":"Founder at Black&White Technology"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T21:50:00.000-0000","id":55693,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55857}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk delves into the methodologies and strategies for discovering zero-day vulnerabilities in iOS applications. It covers the fundamental principles of iOS security, including code review, reverse engineering, and dynamic analysis techniques. Attendees will gain insights into common weaknesses in iOS app architecture and learn how to exploit these vulnerabilities ethically. By the end of the session, participants will be equipped with practical tools and knowledge to identify and address potential security threats in iOS applications.\n\n\n","media":[],"title":"How to Find a 0day in iOS Apps","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"This talk delves into the methodologies and strategies for discovering zero-day vulnerabilities in iOS applications. It covers the fundamental principles of iOS security, including code review, reverse engineering, and dynamic analysis techniques. Attendees will gain insights into common weaknesses in iOS app architecture and learn how to exploit these vulnerabilities ethically. By the end of the session, participants will be equipped with practical tools and knowledge to identify and address potential security threats in iOS applications.","updated_timestamp":{"seconds":1721495340,"nanoseconds":0},"speakers":[{"content_ids":[55202],"conference_id":133,"event_ids":[55592],"name":"Xavier D. Johnson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/xavierdjohnson/"},{"description":"","title":"Website","sort_order":0,"url":"https://wehelpyousecure.com/"}],"media":[],"id":55812,"title":"Security Researcher"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T17:09:00Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":55592,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55812}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-20T17:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"National Service and Cybersecurity: Bridging the Gap Across Experiences\r\n\r\nIn an increasingly interconnected world, cybersecurity stands at the forefront of national security and defense. This panel brings together a diverse group of veterans, federal civilians, and actively serving soldiers to delve into the critical intersection of national service and cybersecurity. Through their unique perspectives and experiences, the panelists will shed light on how their respective roles play a vital part in protecting national interests and addressing the ever-evolving landscape of cyber threats.\r\n\r\nOur panel aims to underscore each group's indispensable contributions to the cybersecurity field, from veterans' strategic and operational insights to active service members' hands-on expertise and federal civilians' policy and management perspectives. By attending, you will gain valuable insights into the synergies between these roles and the pivotal role of collaboration in fortifying national security.\r\n\r\nJoin us for a compelling discussion on the profound impact of national service on cybersecurity, the challenges encountered by each group, and the vast opportunities for future collaboration to fortify our digital infrastructure.\n\n\n","media":[],"title":"MCPA x BIC x CAPT Virtual National Service Panel 2024","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"National Service and Cybersecurity: Bridging the Gap Across Experiences\r\n\r\nIn an increasingly interconnected world, cybersecurity stands at the forefront of national security and defense. This panel brings together a diverse group of veterans, federal civilians, and actively serving soldiers to delve into the critical intersection of national service and cybersecurity. Through their unique perspectives and experiences, the panelists will shed light on how their respective roles play a vital part in protecting national interests and addressing the ever-evolving landscape of cyber threats.\r\n\r\nOur panel aims to underscore each group's indispensable contributions to the cybersecurity field, from veterans' strategic and operational insights to active service members' hands-on expertise and federal civilians' policy and management perspectives. By attending, you will gain valuable insights into the synergies between these roles and the pivotal role of collaboration in fortifying national security.\r\n\r\nJoin us for a compelling discussion on the profound impact of national service on cybersecurity, the challenges encountered by each group, and the vast opportunities for future collaboration to fortify our digital infrastructure.","updated_timestamp":{"seconds":1721494694,"nanoseconds":0},"speakers":[{"content_ids":[55186],"conference_id":133,"event_ids":[55576],"name":"Manvell Lessane","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Cybersecurity Professional"}],"links":[],"pronouns":null,"media":[],"id":55788,"title":"Cybersecurity Professional"},{"content_ids":[55186],"conference_id":133,"event_ids":[55576],"name":"Dr. Juel Tillman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Service Member & Cybersecurity Professional"}],"links":[],"pronouns":"he/him","media":[],"id":55798,"title":"Service Member & Cybersecurity Professional"},{"content_ids":[55186],"conference_id":133,"event_ids":[55576],"name":"Dr. William (Bill) Butler","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Capitol Technology University","title":"Vice President Cyber Science Outreach and Partnerships"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/dr-william-bill-butler-1aba546/"}],"media":[],"id":55799,"title":"Vice President Cyber Science Outreach and Partnerships at Capitol Technology University"},{"content_ids":[55186,55197],"conference_id":133,"event_ids":[55576,55587],"name":"Nikkia Henderson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Program Operations Lead"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/nikkiahenderson/"}],"media":[],"id":55809,"title":"Program Operations Lead"},{"content_ids":[55206,55186],"conference_id":133,"event_ids":[55576,55596],"name":"Sydney Johns","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Johns Hopkins Human Language Technology Center of Excellence","title":"Phd Student & Artificial Intelligence Researcher"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/sydney-johns/"}],"media":[],"id":55811,"title":"Phd Student & Artificial Intelligence Researcher at Johns Hopkins Human Language Technology Center of Excellence"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T16:58:14Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":55576,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":55811},{"tag_id":46487,"sort_order":4,"person_id":55809},{"tag_id":46487,"sort_order":6,"person_id":55788},{"tag_id":46487,"sort_order":8,"person_id":55799},{"tag_id":46487,"sort_order":10,"person_id":55798}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-20T16:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Resume Reviews offer attendees the opportunity to have their resumes critiqued by industry professionals. This activity provides personalized feedback and tips on how to improve resumes to stand out in the cybersecurity job market. It's a great way for participants to enhance their professional profiles and increase their chances of landing their desired roles.\n\n\n","media":[],"title":"Resume Reviews","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Resume Reviews offer attendees the opportunity to have their resumes critiqued by industry professionals. This activity provides personalized feedback and tips on how to improve resumes to stand out in the cybersecurity job market. It's a great way for participants to enhance their professional profiles and increase their chances of landing their desired roles.","updated_timestamp":{"seconds":1721487270,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T14:54:30Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55414,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Biological warfare is a phenomenon that spans human history, tracing its roots to ancient times rather than being a recent invention. To gain insights into bioweapons' current and future landscape, it is imperative to look into historical examples of conventional biological warfare and understand how methods were devised and implemented. Our future hinges significantly on our ability to foster transparency and creativity within the global community. This optimism is intertwined with our comprehension of technological advancements, the rapid pace of innovation, the interconnectedness of various domains, and the imperative task of constructing practical defenses against emerging threats. As a poignant reminder, our vulnerability lies in technological shortcomings and our collective failure of imagination. This discourse extends to establishing social norms and mores that are pivotal in shaping attitudes toward biological warfare and encompasses an exploration of prospective research endeavors and emerging initiatives leveraging artificial intelligence (AI) in the realm of bioweaponry. As we confront the intricate interplay between technological advancements and human agency, it is imperative to remain vigilant and resolute in our pursuit of a future safeguarded against the malevolent exploitation of biological agents.\n\n\n","media":[],"title":"You got a lighter? I need to do some Electroporation.","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:30:00Z","end_timestamp":{"seconds":1723325400,"nanoseconds":0},"android_description":"Biological warfare is a phenomenon that spans human history, tracing its roots to ancient times rather than being a recent invention. To gain insights into bioweapons' current and future landscape, it is imperative to look into historical examples of conventional biological warfare and understand how methods were devised and implemented. Our future hinges significantly on our ability to foster transparency and creativity within the global community. This optimism is intertwined with our comprehension of technological advancements, the rapid pace of innovation, the interconnectedness of various domains, and the imperative task of constructing practical defenses against emerging threats. As a poignant reminder, our vulnerability lies in technological shortcomings and our collective failure of imagination. This discourse extends to establishing social norms and mores that are pivotal in shaping attitudes toward biological warfare and encompasses an exploration of prospective research endeavors and emerging initiatives leveraging artificial intelligence (AI) in the realm of bioweaponry. As we confront the intricate interplay between technological advancements and human agency, it is imperative to remain vigilant and resolute in our pursuit of a future safeguarded against the malevolent exploitation of biological agents.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54617],"conference_id":133,"event_ids":[54991],"name":"Joshua HIll","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54244},{"content_ids":[54617],"conference_id":133,"event_ids":[54991],"name":"Phil Rhodes","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54259},{"content_ids":[54617],"conference_id":133,"event_ids":[54991],"name":"James Utley","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Auragens","title":"Chief Scientific Officer"}],"links":[],"pronouns":null,"media":[],"id":54279,"title":"Chief Scientific Officer at Auragens"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T21:30:00.000-0000","id":54991,"tag_ids":[46371,46419,46438,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54279},{"tag_id":46167,"sort_order":1,"person_id":54244},{"tag_id":46167,"sort_order":1,"person_id":54259}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you're a bug bounty hunter, time can literally mean money. For this reason, automation can be a vital part of how you hunt. But automation has limits. Whether this is hardware limits, target rate limits, WAFs & bot detection, and the list goes on. Successful automation techniques should EFFICIENTLY enhance your hunting. Whether it is being first to a fresh target, or finding targets other hunters haven't. We will go over some techniques and tools to get ahead of the pack, without wasting all your time and money.\n\n\n","media":[],"title":"Efficient Bug Bounty Automation Techniques","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:30:00Z","end_timestamp":{"seconds":1723325400,"nanoseconds":0},"android_description":"If you're a bug bounty hunter, time can literally mean money. For this reason, automation can be a vital part of how you hunt. But automation has limits. Whether this is hardware limits, target rate limits, WAFs & bot detection, and the list goes on. Successful automation techniques should EFFICIENTLY enhance your hunting. Whether it is being first to a fresh target, or finding targets other hunters haven't. We will go over some techniques and tools to get ahead of the pack, without wasting all your time and money.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54616],"conference_id":133,"event_ids":[54990],"name":"Gunnar Andrews","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@G0LDEN_infosec)","sort_order":0,"url":"https://twitter.com/G0LDEN_infosec"}],"media":[],"id":54341}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#efficient-bug-bounty-automation-techniques"}],"end":"2024-08-10T21:30:00.000-0000","id":54990,"tag_ids":[46374,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54341}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Without plan or intent, three Makers took three paths to achieve colorful badges and none were smart enough to turn back. Join our panel discussion to learn our different approaches, the strengths and weaknesses of each, and ask your probing questions. Perhaps you too will be foolish enough to venture into the technicolor labyrinth.\n\n\n","media":[],"title":"Color Blasted Badge Making: How Hard Could It Be ?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Without plan or intent, three Makers took three paths to achieve colorful badges and none were smart enough to turn back. Join our panel discussion to learn our different approaches, the strengths and weaknesses of each, and ask your probing questions. Perhaps you too will be foolish enough to venture into the technicolor labyrinth.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54615],"conference_id":133,"event_ids":[54989],"name":"Abhinav Panda","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@TweetsFromPanda)","sort_order":0,"url":"https://twitter.com/TweetsFromPanda"}],"media":[],"id":54210},{"content_ids":[54615],"conference_id":133,"event_ids":[54989],"name":"Bradán Lane","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@bradanlane)","sort_order":0,"url":"https://twitter.com/bradanlane"}],"media":[],"id":54213},{"content_ids":[54615,55434],"conference_id":133,"event_ids":[55859,54989],"name":"Hamster","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Github","sort_order":0,"url":"https://github.com/hamster"},{"description":"","title":"Twitter (@hamster)","sort_order":0,"url":"https://twitter.com/hamster"}],"media":[],"id":54217}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":54989,"tag_ids":[46407,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54210},{"tag_id":46167,"sort_order":1,"person_id":54213},{"tag_id":46167,"sort_order":1,"person_id":54217}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"On December 25th, 2021, I discovered that my modem had been hacked after a strange IP address replayed my traffic. I began researching who they were, how it happened, and eventually discovered a vulnerability which allowed me to passively monitor, change configurations, and execute commands on millions of devices. This talk details 3 years of intermittent web research on ISP security and how broadband equipment is becoming scarily centralized.\r\n\r\n1. N. Mavrakis, \"Vulnerabilities of ISPs,\" in IEEE Potentials, vol. 22, no. 4, pp. 9-15, Oct.-Nov. 2003, doi: 10.1109/MP.2003.1238687\r\n2. I Hunt TR-069 Admins: Pwning ISPs Like a Boss (Shahar Tal, August 2014, [link](https://www.youtube.com/watch?v=rz0SNEFZ8h0))\r\n3. TR-069 Wikipedia [link](https://en.wikipedia.org/wiki/TR-069#Security)\r\n4. Cox Communications VDP [link](https://www.cox.com/aboutus/policies/cox-security-responsible-disclosure-policy.html)\r\n\n\n\n","media":[],"title":"Hacking Millions of Modems (and Investigating Who Hacked My Modem)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T21:45:00Z","end_timestamp":{"seconds":1723326300,"nanoseconds":0},"android_description":"On December 25th, 2021, I discovered that my modem had been hacked after a strange IP address replayed my traffic. I began researching who they were, how it happened, and eventually discovered a vulnerability which allowed me to passively monitor, change configurations, and execute commands on millions of devices. This talk details 3 years of intermittent web research on ISP security and how broadband equipment is becoming scarily centralized.\r\n\r\n1. N. Mavrakis, \"Vulnerabilities of ISPs,\" in IEEE Potentials, vol. 22, no. 4, pp. 9-15, Oct.-Nov. 2003, doi: 10.1109/MP.2003.1238687\r\n2. I Hunt TR-069 Admins: Pwning ISPs Like a Boss (Shahar Tal, August 2014, [link](https://www.youtube.com/watch?v=rz0SNEFZ8h0))\r\n3. TR-069 Wikipedia [link](https://en.wikipedia.org/wiki/TR-069#Security)\r\n4. Cox Communications VDP [link](https://www.cox.com/aboutus/policies/cox-security-responsible-disclosure-policy.html)","updated_timestamp":{"seconds":1720463253,"nanoseconds":0},"speakers":[{"content_ids":[54499],"conference_id":133,"event_ids":[54872],"name":"Sam Curry","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Palisade","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@samwcyo)","sort_order":0,"url":"https://twitter.com/samwcyo"}],"media":[],"id":54146,"title":"Founder at Palisade"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:27:33Z","links":[],"end":"2024-08-10T21:45:00.000-0000","id":54872,"tag_ids":[46166,46169,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54146}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-08T18:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Password managers are routinely granted a massive level of trust from users, by nature of managing some of their most sensitive credentials. For any noteworthy password manager, the encryption standards for user data are well understood and highly scrutinized. What is less understood is the attack surface of the software itself. This presentation explores the local security of the 1Password MacOS desktop application and answers the question of “how safe are my passwords if my computer is infected or otherwise compromised?”.\r\n\r\nThis talk will cover the outcome of our research into 1Password, presenting several different attacks to dump local 1Password vaults. This includes describing multiple application vulnerabilities and security weaknesses we identified in the 1Password MacOS desktop application, as well as discussing the inherent limitations in its usage of IPC mechanisms and open source software. Additionally, we will discuss novel vulnerabilities found in Google Chrome that aided our exploitation of the 1Password browser extension.\r\n\r\nDarthNull’s work around decrypting 1Password vaults: [link](https://darthnull.org/1pass-roundtrip/)\r\n\n\n\n","media":[],"title":"Discovering and exploiting local attacks against the 1Password MacOS desktop application","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T21:45:00Z","end_timestamp":{"seconds":1723326300,"nanoseconds":0},"android_description":"Password managers are routinely granted a massive level of trust from users, by nature of managing some of their most sensitive credentials. For any noteworthy password manager, the encryption standards for user data are well understood and highly scrutinized. What is less understood is the attack surface of the software itself. This presentation explores the local security of the 1Password MacOS desktop application and answers the question of “how safe are my passwords if my computer is infected or otherwise compromised?”.\r\n\r\nThis talk will cover the outcome of our research into 1Password, presenting several different attacks to dump local 1Password vaults. This includes describing multiple application vulnerabilities and security weaknesses we identified in the 1Password MacOS desktop application, as well as discussing the inherent limitations in its usage of IPC mechanisms and open source software. Additionally, we will discuss novel vulnerabilities found in Google Chrome that aided our exploitation of the 1Password browser extension.\r\n\r\nDarthNull’s work around decrypting 1Password vaults: [link](https://darthnull.org/1pass-roundtrip/)","updated_timestamp":{"seconds":1720463270,"nanoseconds":0},"speakers":[{"content_ids":[54497],"conference_id":133,"event_ids":[54870],"name":"Colby Morgan","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Robinhood","title":"Leads, Pentest Team"}],"links":[],"pronouns":null,"media":[],"id":54162,"title":"Leads, Pentest Team at Robinhood"},{"content_ids":[54497],"conference_id":133,"event_ids":[54870],"name":"Jeffrey Hofmann","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Senior Offensive Security Engineer"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@jeffssh)","sort_order":0,"url":"https://twitter.com/jeffssh"},{"description":"","title":"Website","sort_order":0,"url":"https://jeffs.sh/"}],"media":[],"id":54163,"title":"Senior Offensive Security Engineer"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:27:50Z","links":[],"end":"2024-08-10T21:45:00.000-0000","id":54870,"tag_ids":[46166,46169,46419,46437,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54163},{"tag_id":46167,"sort_order":4,"person_id":54162}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-08T18:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"SQL injections seem to be a solved problem; databases even have built-in support for prepared statements, leaving no room for injections. In this session, we will go a level deeper: instead of attacking the query syntax, we will explore smuggling attacks against database wire protocols, through which remote, unauthenticated attackers can inject entire (No)SQL statements into an application's database connection.\r\n\r\nUsing vulnerable database driver libraries as case studies, we will bring the concept of HTTP request smuggling to binary protocols. By corrupting the boundaries between protocol messages, we desynchronize an application and its database, allowing the insertion of malicious messages that lead to authentication bypasses, data leakage, and remote code execution.\r\n\r\nTo put our findings into context, we will explore the real-world applicability of this new concept by comparing how robust various languages and frameworks are against these attacks. We will also discuss how smuggling attacks are not specific to database wire protocols but affect all kinds of binary protocols, from databases over message queues to caching. We will end the session with inspirations for future research to explore the topic further.\r\n\r\n- [link](https://www.postgresql.org/docs/current/protocol.html)\r\n- [link](https://dev.mysql.com/doc/dev/mysql-server/latest/PAGE_PROTOCOL.html)\r\n- [link](https://www.mongodb.com/docs/manual/reference/mongodb-wire-protocol/)\r\n- [link](https://redis.io/docs/latest/develop/reference/protocol-spec/)\r\n- [link](https://portswigger.net/research/http-desync-attacks-request-smuggling-reborn)\r\n- [link](https://portswigger.net/research/http2)\r\n- [link](https://portswigger.net/research/browser-powered-desync-attacks)\n\n\n","media":[],"title":"SQL Injection Isn't Dead: Smuggling Queries at the Protocol Level","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T21:45:00Z","end_timestamp":{"seconds":1723326300,"nanoseconds":0},"android_description":"SQL injections seem to be a solved problem; databases even have built-in support for prepared statements, leaving no room for injections. In this session, we will go a level deeper: instead of attacking the query syntax, we will explore smuggling attacks against database wire protocols, through which remote, unauthenticated attackers can inject entire (No)SQL statements into an application's database connection.\r\n\r\nUsing vulnerable database driver libraries as case studies, we will bring the concept of HTTP request smuggling to binary protocols. By corrupting the boundaries between protocol messages, we desynchronize an application and its database, allowing the insertion of malicious messages that lead to authentication bypasses, data leakage, and remote code execution.\r\n\r\nTo put our findings into context, we will explore the real-world applicability of this new concept by comparing how robust various languages and frameworks are against these attacks. We will also discuss how smuggling attacks are not specific to database wire protocols but affect all kinds of binary protocols, from databases over message queues to caching. We will end the session with inspirations for future research to explore the topic further.\r\n\r\n- [link](https://www.postgresql.org/docs/current/protocol.html)\r\n- [link](https://dev.mysql.com/doc/dev/mysql-server/latest/PAGE_PROTOCOL.html)\r\n- [link](https://www.mongodb.com/docs/manual/reference/mongodb-wire-protocol/)\r\n- [link](https://redis.io/docs/latest/develop/reference/protocol-spec/)\r\n- [link](https://portswigger.net/research/http-desync-attacks-request-smuggling-reborn)\r\n- [link](https://portswigger.net/research/http2)\r\n- [link](https://portswigger.net/research/browser-powered-desync-attacks)","updated_timestamp":{"seconds":1720462499,"nanoseconds":0},"speakers":[{"content_ids":[54466],"conference_id":133,"event_ids":[54839],"name":"Paul Gerste","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Sonar","title":"Vulnerability Researcher, R&D team"}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@pspaul@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@pspaul"},{"description":"","title":"Twitter (@pspaul95)","sort_order":0,"url":"https://twitter.com/pspaul95"}],"media":[],"id":54057,"title":"Vulnerability Researcher, R&D team at Sonar"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:14:59Z","links":[],"end":"2024-08-10T21:45:00.000-0000","id":54839,"tag_ids":[46166,46169,46419,46437,46878],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54057}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-08T18:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Get ready for everything you always wanted to know about RFID, but were afraid to ask! The workshop will start with a basic introduction to Radio-frequency Identification (RFID) and build to a set of practical hands-on challenges. The workshop delves into the theory behind RFID, including different types and protocols (insecure vs. secure types), and how to perform an assessment. Several hands-on assignments will punctuate the theory portion, preparing participants for challenges (of increasing difficulty) on an RFID simulation device, all while participants obtain points for the CTF contest. The objective is to make this workshop fun and accessible to a wide audience. The RFID protocols discussed and in the challenges will be limited to HID and Mifare Classic Instructions and walkthroughs for three devices will be available in the workshop materials, including:\n * Proxmark3\n * Flipper Zero\n * ACR122U\nACR122U devices will be available from the instructor during the workshop.\n\n\n","media":[],"title":"Playing with RFID","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Get ready for everything you always wanted to know about RFID, but were afraid to ask! The workshop will start with a basic introduction to Radio-frequency Identification (RFID) and build to a set of practical hands-on challenges. The workshop delves into the theory behind RFID, including different types and protocols (insecure vs. secure types), and how to perform an assessment. Several hands-on assignments will punctuate the theory portion, preparing participants for challenges (of increasing difficulty) on an RFID simulation device, all while participants obtain points for the CTF contest. The objective is to make this workshop fun and accessible to a wide audience. The RFID protocols discussed and in the challenges will be limited to HID and Mifare Classic Instructions and walkthroughs for three devices will be available in the workshop materials, including:\n * Proxmark3\n * Flipper Zero\n * ACR122U\nACR122U devices will be available from the instructor during the workshop.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54235],"conference_id":133,"event_ids":[54608],"name":"Vinnie \"kernelpaniek\" Vanhoecke","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Bishop Fox","title":"Senior Security Consultant"}],"links":[],"pronouns":null,"media":[],"id":53873,"title":"Senior Security Consultant at Bishop Fox"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://kernelpaniek_DC32.eventbrite.com"}],"end":"2024-08-11T01:00:00.000-0000","id":54608,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53873}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Frontier","hotel":"","short_name":"Frontier","id":46330},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Malware continues to increase in prevalence and sophistication. VirusTotal reported a daily submission of 2M+ malware samples. Of those 2 million malware daily submissions, over 1 million were unique malware samples. Successfully exploiting networks and systems has become a highly profitable operation for malicious threat actors. Traditional detection mechanisms including antivirus software fail to adequately detect new and varied malware. Artificial Intelligence provides advanced capabilities that can enhance cybersecurity. The purpose of this workshop is to provide an immersive, hands on projects that teach security analysts how to train Machine Learning models to detect thousands and thousands of unique malware samples. This workshop delivers a new framework that uses Machine Learning models to analyze malware, produce uniform datasets for additional analysis, and classify malicious samples into malware families. Additionally, this research presents a new Ensemble Classification Facility we developed that leverages several Machine Learning models to enhance malware classification. To our knowledge, this is the first research that utilizes Machine Learning to provide enhanced classification of an entire 200+ gigabyte-malware family corpus consisting of 80K+ unique malware samples and 70+ unique malware families. New, labeled datasets are released to aid in future classification of malware. It is time we leverage the capabilities of Artificial Intelligence and Machine Learning to enhance detection and classification of malware. Topics taught through hands-on projects include Machine Learning, Natural Language Processing, and Deep Learning models. This workshop provides a pathway to incorporate Artificial Intelligence into the automated malware analysis domain. \n\n\n","media":[],"title":"Master Class: Hands-On Machine Learning to Enhance Malware Analysis, Classification, and Detection","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Malware continues to increase in prevalence and sophistication. VirusTotal reported a daily submission of 2M+ malware samples. Of those 2 million malware daily submissions, over 1 million were unique malware samples. Successfully exploiting networks and systems has become a highly profitable operation for malicious threat actors. Traditional detection mechanisms including antivirus software fail to adequately detect new and varied malware. Artificial Intelligence provides advanced capabilities that can enhance cybersecurity. The purpose of this workshop is to provide an immersive, hands on projects that teach security analysts how to train Machine Learning models to detect thousands and thousands of unique malware samples. This workshop delivers a new framework that uses Machine Learning models to analyze malware, produce uniform datasets for additional analysis, and classify malicious samples into malware families. Additionally, this research presents a new Ensemble Classification Facility we developed that leverages several Machine Learning models to enhance malware classification. To our knowledge, this is the first research that utilizes Machine Learning to provide enhanced classification of an entire 200+ gigabyte-malware family corpus consisting of 80K+ unique malware samples and 70+ unique malware families. New, labeled datasets are released to aid in future classification of malware. It is time we leverage the capabilities of Artificial Intelligence and Machine Learning to enhance detection and classification of malware. Topics taught through hands-on projects include Machine Learning, Natural Language Processing, and Deep Learning models. This workshop provides a pathway to incorporate Artificial Intelligence into the automated malware analysis domain.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54234],"conference_id":133,"event_ids":[54607],"name":"Solomon Sonya","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Purdue University","title":"Computer Science Graduate Student"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@0xSolomonSonya)","sort_order":0,"url":"https://twitter.com/0xSolomonSonya"}],"media":[],"id":53871,"title":"Computer Science Graduate Student at Purdue University"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Sonya_DC32.eventbrite.com"}],"end":"2024-08-11T01:00:00.000-0000","id":54607,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53871}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Sands","hotel":"","short_name":"Sands","id":46331},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Email remains the #1 initial access vector for commodity malware and nation state actors. Historically, tackling email-based threats has been considered the purview of black-box vendor solutions, with defenders having limited scope (or tooling!) to swiftly and effectively respond to emerging attacker activity and novel offensive tradecraft.\nIn this workshop, attendees will be given detailed insight into the latest techniques used to deliver prevalent malware strains, including Pikabot and DarkGate, and will hunt through email data to identify this malicious activity, developing rules to detect and block these attacks.\nInitially attendees will be introduced to the foundational technologies that enable threat hunting, detection engineering, and response in the email domain, before being given access to the email data of a fictitious company seeded with benign and real-world attack data. Throughout the day, participants will learn to hunt common phishing techniques including:\n- QR codes\n- Image-as-content\n- Drive-by delivery via links and HTML smuggling\n- Excel attachments with embedded links to SMB shares\n- ISO attachments\n- PDF attachments with embedded links to malware (PDF -> URL -> ZIP -> WSF)\n- VIP impersonations\n- BEC\nAttendees will be guided through the rule creation process, utilizing free and open detection engines including Sublime and Yara, and will be introduced to the signals and email attributes that can be used to craft high-fidelity rules, including targeted user groups, sentiment analysis, sender domain age, and attachment analysis. Having completed the workshop, attendees will have a strong understanding of the tools and techniques at their disposal to defend their organizations from all manor of email threats.\n\n\n","media":[],"title":"Email Detection Engineering and Threat Hunting","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Email remains the #1 initial access vector for commodity malware and nation state actors. Historically, tackling email-based threats has been considered the purview of black-box vendor solutions, with defenders having limited scope (or tooling!) to swiftly and effectively respond to emerging attacker activity and novel offensive tradecraft.\nIn this workshop, attendees will be given detailed insight into the latest techniques used to deliver prevalent malware strains, including Pikabot and DarkGate, and will hunt through email data to identify this malicious activity, developing rules to detect and block these attacks.\nInitially attendees will be introduced to the foundational technologies that enable threat hunting, detection engineering, and response in the email domain, before being given access to the email data of a fictitious company seeded with benign and real-world attack data. Throughout the day, participants will learn to hunt common phishing techniques including:\n- QR codes\n- Image-as-content\n- Drive-by delivery via links and HTML smuggling\n- Excel attachments with embedded links to SMB shares\n- ISO attachments\n- PDF attachments with embedded links to malware (PDF -> URL -> ZIP -> WSF)\n- VIP impersonations\n- BEC\nAttendees will be guided through the rule creation process, utilizing free and open detection engines including Sublime and Yara, and will be introduced to the signals and email attributes that can be used to craft high-fidelity rules, including targeted user groups, sentiment analysis, sender domain age, and attachment analysis. Having completed the workshop, attendees will have a strong understanding of the tools and techniques at their disposal to defend their organizations from all manor of email threats.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54233],"conference_id":133,"event_ids":[54606],"name":"Alfie Champion","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DelivrTo","title":"Co-founder"}],"links":[],"pronouns":null,"media":[],"id":53832,"title":"Co-founder at DelivrTo"},{"content_ids":[54233],"conference_id":133,"event_ids":[54606],"name":"Josh Kamdjou","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Sublime Security","title":"Founder and CEO"}],"links":[],"pronouns":null,"media":[],"id":53849,"title":"Founder and CEO at Sublime Security"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Kamdjou_DC32.eventbrite.com"}],"end":"2024-08-11T01:00:00.000-0000","id":54606,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53832},{"tag_id":46167,"sort_order":1,"person_id":53849}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Desert Inn","hotel":"","short_name":"Desert Inn","id":46328},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This Physical Access Control Learning Lab will teach attendees about physical access control and the systems involved. Many of the subjects being taught will be related to their cybersecurity counterparts and lots of focus placed on the why of each concept, not only the fun parts.\n\n\n","media":[],"title":"Crash Course in Physical Access Control Systems","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"This Physical Access Control Learning Lab will teach attendees about physical access control and the systems involved. Many of the subjects being taught will be related to their cybersecurity counterparts and lots of focus placed on the why of each concept, not only the fun parts.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54232],"conference_id":133,"event_ids":[54605],"name":"Lorenzo Pedroncelli","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"RSA","title":""}],"links":[],"pronouns":null,"media":[],"id":53854,"title":"RSA"},{"content_ids":[54232],"conference_id":133,"event_ids":[54605],"name":"Randy Belbin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"RSA","title":""}],"links":[],"pronouns":null,"media":[],"id":53862,"title":"RSA"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Pedroncelli_DC32.eventbrite.com"}],"end":"2024-08-11T01:00:00.000-0000","id":54605,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53854},{"tag_id":46167,"sort_order":1,"person_id":53862}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dunes","hotel":"","short_name":"Dunes","id":46329},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Moriarty is a.NET tool designed to identify vulnerabilities for privilege escalation in Windows environments. Building upon Watson and Sherlock, Moriarty extends their capabilities by incorporating advanced scanning techniques for newer vulnerabilities and integrating additional checks. This tool supports a wide range of Windows versions, from Windows 10 to Windows 11 and Server versions 2016, 2019, and 2022. Moriarty differentiates itself by its ability to enumerate missing KBs and detect a variety of vulnerabilities linked to privilege escalation, offering suggestions for potential exploits. The tool's extensive database includes well-known vulnerabilities such as PrintNightmare (CVE-2021-1675), Log4Shell (CVE-2021-44228), and SMBGhost (CVE-2020-0796), among others.\n\n\n","media":[],"title":"Moriarty","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"Moriarty is a.NET tool designed to identify vulnerabilities for privilege escalation in Windows environments. Building upon Watson and Sherlock, Moriarty extends their capabilities by incorporating advanced scanning techniques for newer vulnerabilities and integrating additional checks. This tool supports a wide range of Windows versions, from Windows 10 to Windows 11 and Server versions 2016, 2019, and 2022. Moriarty differentiates itself by its ability to enumerate missing KBs and detect a variety of vulnerabilities linked to privilege escalation, offering suggestions for potential exploits. The tool's extensive database includes well-known vulnerabilities such as PrintNightmare (CVE-2021-1675), Log4Shell (CVE-2021-44228), and SMBGhost (CVE-2020-0796), among others.","updated_timestamp":{"seconds":1718922777,"nanoseconds":0},"speakers":[{"content_ids":[54196],"conference_id":133,"event_ids":[54565],"name":"Anthony “Coin” Rose","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"BC Security","title":"Lead Security Researcher and Chief Operating Officer"}],"pronouns":null,"links":[{"description":"","title":"Blog","sort_order":0,"url":"https://www.bc-security.org/blog/"}],"media":[],"id":53723,"title":"Lead Security Researcher and Chief Operating Officer at BC Security"},{"content_ids":[54216,54196],"conference_id":133,"event_ids":[54565,54589],"name":"Jake “Hubble” Krasnov","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"BC Security","title":"Red Team Operations Lead and Chief Executive Officer"}],"pronouns":null,"links":[{"description":"","title":"Blog","sort_order":0,"url":"https://www.bc-security.org/blog/"}],"media":[],"id":53742,"title":"Red Team Operations Lead and Chief Executive Officer at BC Security"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:32:57Z","links":[{"label":"Project","type":"link","url":"https://github.com/BC-SECURITY/Moriarty"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249637"}],"end":"2024-08-10T22:45:00.000-0000","id":54565,"tag_ids":[46169,46441,46453],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53723},{"tag_id":46167,"sort_order":4,"person_id":53742}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W307","hotel":"","short_name":"W307","id":46322},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-06-20T22:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Drop-Pi is a suite of software developed on a Raspberry Pi to facilitate the automatic bypassing of 802.1x/NAC implementations (pre 802.1x-2010 standards) and establish discrete remote access into target networks. Designed with physical penetration testing in mind, the Drop-Pi can establish remote access inside a target network within a matter of seconds after being plugged in, affording assessors with a quick in and out on an objective. Its built with common and easily sourced hardware which allows for easy and quick provisioning of multiple Drop-Pi devices. When it's not feasible to utilize a target network for egress traffic, the Drop-Pi can easily be configured to employ a wireless connection or mobile hotspot to facilitate access in and out of the network.\n\n\n","media":[],"title":"Drop-Pi","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"The Drop-Pi is a suite of software developed on a Raspberry Pi to facilitate the automatic bypassing of 802.1x/NAC implementations (pre 802.1x-2010 standards) and establish discrete remote access into target networks. Designed with physical penetration testing in mind, the Drop-Pi can establish remote access inside a target network within a matter of seconds after being plugged in, affording assessors with a quick in and out on an objective. Its built with common and easily sourced hardware which allows for easy and quick provisioning of multiple Drop-Pi devices. When it's not feasible to utilize a target network for egress traffic, the Drop-Pi can easily be configured to employ a wireless connection or mobile hotspot to facilitate access in and out of the network.","updated_timestamp":{"seconds":1718922721,"nanoseconds":0},"speakers":[{"content_ids":[54193],"conference_id":133,"event_ids":[54562],"name":"Doug Kent","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"State Farm","title":"Pentesting Team"}],"links":[],"pronouns":null,"media":[],"id":53733,"title":"Pentesting Team at State Farm"},{"content_ids":[54193],"conference_id":133,"event_ids":[54562],"name":"Robert Ditmer","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"State Farm","title":"Red Team"}],"links":[],"pronouns":null,"media":[],"id":53771,"title":"Red Team at State Farm"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:32:01Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249636"},{"label":"Project","type":"link","url":"https://github.com/ditmer/Drop-Pi"}],"end":"2024-08-10T22:45:00.000-0000","id":54562,"tag_ids":[46169,46441,46453],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53733},{"tag_id":46167,"sort_order":4,"person_id":53771}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W306","hotel":"","short_name":"W306","id":46323},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-06-20T22:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"TheAllCommander is an open-source tool which offers red teams and blue teams a framework to rapidly prototype and model malware communications, as well as associated client-side indicators of compromise. The framework provides a structured, documented, and object-oriented API for both the client and server, allowing anyone to quickly implement a novel communications protocol between a simulated malware daemon and its command and control server. For Blue Teamers, this allows rapid modeling of emerging threats and comprehensive testing in a controlled manner to develop reliable detection models. For Red Teamers, this framework allows rapid iteration and development of new protocols and communications schemes with an easy to use Python interface. The framework has many tools or techniques used by red teams built in to allow out-of-the-box modeling, including emulated client browser HTTPS traffic Remote Desktop tunneling, and UAC bypass.\n\n\n","media":[],"title":"TheAllCommander 2.0","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"TheAllCommander is an open-source tool which offers red teams and blue teams a framework to rapidly prototype and model malware communications, as well as associated client-side indicators of compromise. The framework provides a structured, documented, and object-oriented API for both the client and server, allowing anyone to quickly implement a novel communications protocol between a simulated malware daemon and its command and control server. For Blue Teamers, this allows rapid modeling of emerging threats and comprehensive testing in a controlled manner to develop reliable detection models. For Red Teamers, this framework allows rapid iteration and development of new protocols and communications schemes with an easy to use Python interface. The framework has many tools or techniques used by red teams built in to allow out-of-the-box modeling, including emulated client browser HTTPS traffic Remote Desktop tunneling, and UAC bypass.","updated_timestamp":{"seconds":1718922667,"nanoseconds":0},"speakers":[{"content_ids":[54190],"conference_id":133,"event_ids":[54559],"name":"Matthew Handy","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NASA","title":""}],"links":[],"pronouns":null,"media":[],"id":53757,"title":"NASA"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:31:07Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249635"},{"label":"Project","type":"link","url":"https://github.com/matt-handy/TheAllCommander"}],"end":"2024-08-10T22:45:00.000-0000","id":54559,"tag_ids":[46169,46441,46445,46453],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53757}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W305","hotel":"","short_name":"W305","id":46324},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-06-20T22:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Vovk is a toolset that can be used to create YARA rules. The Vovk DEF CON 2024 version will be released at DEF CON.\n\n\n","media":[],"title":"Vovk - Advanced YARA Rule Generator v2.0","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"Vovk is a toolset that can be used to create YARA rules. The Vovk DEF CON 2024 version will be released at DEF CON.","updated_timestamp":{"seconds":1718922607,"nanoseconds":0},"speakers":[{"content_ids":[54187],"conference_id":133,"event_ids":[54556],"name":"Benjamyn Whiteman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"TikTok USDS","title":"Lead Analyst, Global CSOC"}],"links":[],"pronouns":null,"media":[],"id":53724,"title":"Lead Analyst, Global CSOC at TikTok USDS"},{"content_ids":[54187],"conference_id":133,"event_ids":[54556],"name":"Vishal Thakur","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"TikTok USDS","title":"Senior Director, Cyber Fusion Center"}],"links":[],"pronouns":null,"media":[],"id":53775,"title":"Senior Director, Cyber Fusion Center at TikTok USDS"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:30:07Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249634"},{"label":"Project","type":"link","url":"https://github.com/malienist/vovk"}],"end":"2024-08-10T22:45:00.000-0000","id":54556,"tag_ids":[46169,46441,46445,46461,46467,46468],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53724},{"tag_id":46167,"sort_order":4,"person_id":53775}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W304","hotel":"","short_name":"W304","id":46325},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-06-20T22:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Caldera for Operational Technology (C4OT) is an extension to the open-source Caldera adversary emulation platform. Adversary emulation has long helped defenders of information systems exercise and improve their cyber defenses by using real adversary techniques. While Caldera has been out since 2021, C4OT was released September 2023. Specifically, C4OT exposes native OT protocol functions to Caldera. The initial release of C4OT supported three popular OT protocols (Modbus, BACnet, and DNP3). Since then, we have added support for two more protocols (IEC61850 and Profinet). Today, we are actively working on support for the space protocol GEMS. By utilizing Caldera and the C4OT plugins, end-users can emulate threat activity across both Enterprise and Operational networks with ease.\n\n\n","media":[],"title":"MITRE Caldera for OT","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"Caldera for Operational Technology (C4OT) is an extension to the open-source Caldera adversary emulation platform. Adversary emulation has long helped defenders of information systems exercise and improve their cyber defenses by using real adversary techniques. While Caldera has been out since 2021, C4OT was released September 2023. Specifically, C4OT exposes native OT protocol functions to Caldera. The initial release of C4OT supported three popular OT protocols (Modbus, BACnet, and DNP3). Since then, we have added support for two more protocols (IEC61850 and Profinet). Today, we are actively working on support for the space protocol GEMS. By utilizing Caldera and the C4OT plugins, end-users can emulate threat activity across both Enterprise and Operational networks with ease.","updated_timestamp":{"seconds":1718922546,"nanoseconds":0},"speakers":[{"content_ids":[54184],"conference_id":133,"event_ids":[54553],"name":"Blaine Jeffries","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MITRE Corp","title":"Operational Technology Security Engineer"}],"links":[],"pronouns":null,"media":[],"id":53725,"title":"Operational Technology Security Engineer at MITRE Corp"},{"content_ids":[54184],"conference_id":133,"event_ids":[54553],"name":"Devon Colmer","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MITRE Corp","title":"Cybersecurity Engineer, Critical Infrastructure Protection Innovation Center"}],"links":[],"pronouns":null,"media":[],"id":53732,"title":"Cybersecurity Engineer, Critical Infrastructure Protection Innovation Center at MITRE Corp"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:29:06Z","links":[{"label":"Project","type":"link","url":"https://github.com/mitre/caldera-ot"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249633"}],"end":"2024-08-10T22:45:00.000-0000","id":54553,"tag_ids":[46169,46441,46445,46453,46454,46455,46456],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53725},{"tag_id":46167,"sort_order":4,"person_id":53732}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W303","hotel":"","short_name":"W303","id":46326},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-06-20T22:29:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A quieter space for those who want to discuss what they are reading, recommend books, and trade books too. We will have a logo themed sticker.\n\n\n","media":[{"hash_sha256":"0525db4bf785c139047a4b26110f4207eb87e01a01f612244d8aacc9d9d5d50d","filetype":"image/png","hash_md5":"2fd6e358ad0144f03f49c63283298b05","name":"pme_BookClub.png","is_logo":"Y","hash_crc32c":"ddc7f34d","filesize":502445,"asset_id":698,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_BookClub.png"}],"title":"DC Book Club Discussion","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"A quieter space for those who want to discuss what they are reading, recommend books, and trade books too. We will have a logo themed sticker.","updated_timestamp":{"seconds":1718776193,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T05:49:53Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249549"}],"end":"2024-08-10T23:00:00.000-0000","id":54500,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"HallwayCon Lounge past W234","hotel":"","short_name":"HallwayCon Lounge past W234","id":46310},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-06-19T05:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Interpret the vast amount of alerts (from different sources) received with a comprehensive, hands-on autonomous attack correlation & false positive detection workshop designed to enhance your proactive defense in the cloud. The workshop aims to demystify the process of identifying coordinated attacks amidst this noise, empowering attendees to improve their efficacy & utilize the cloud cost-effectiveness.\n\nNo data science expertise is required. Little cloud & secops expertise is required.\n\nIntro:\n- The session begins with a foundational overview of event analysis challenges and state of the art.\n- Participants will learn about the ATT&CK framework, focusing on its Flows, Tactics, & Techniques to standardize threat detection.\n\n\nAI & Data:\n- A deep dive into accessible open-source AI tools will follow, featuring clustering algorithms, natural language processing, & Markov chains.\n- Guidance on importing, cleaning, & normalizing data will ensure accuracy in subsequent analyses.\n- Participants will have access to a demo environment to apply these tools interactively.\n\n\nMapping Alerts:\n- Techniques for automated mapping of alerts to ATT&CK will be demonstrated.\n- Attendees will engage in mapping exercises using AI.\n\n\nClustering Alerts:\n- The workshop will cover clustering methods based on temporal, spatial, & technical attributes.\n- Participants will engage in clustering sample alerts to form contextualized attack steps.\n\n\nCorrelating Alerts:\n- The importance of killchains in cybersecurity will be highlighted, with methods to link attack steps into cohesive killchains.\n- Participants are guided in creating & analyzing killchains to identify coordinated attacks.\n\n\nTickets:\n- Criteria for creating FP Tickets, Incident Tickets, & Attack Story Tickets will be outlined.\n- Participants will engage in generating sample tickets, ensuring each type is comprehensive & actionable.\n\n\nIntegrating & QA:\n- The session will cover integration into existing SOC setups & automation using scripts & tools.\n- Demonstrations will show how to maintain & update the system for continuous improvement, emphasizing cost-effective cloud automation.\n- QA, troubleshooting, & further resources.\n\n\nBy the end of this interactive workshop, participants will have experience with AI tools mapping alerts to Techniques, clustering them into contextualized attack steps, & constructing comprehensive killchains to uncover coordinated attacks. Additionally, they will learn to generate actionable tickets for immediate response & long-term improvements in their security posture, all without needing advanced data science knowledge. This session encourages practical application in participants' environments & further exploration of the vast capabilities of open-source AI in cybersecurity, & showcases the power of cloud cost-effectiveness in big data analytics (sagemaker, s3, lambda, etc.).\n\n\n","media":[],"title":"Connecting the Dots: Mastering Alert Correlation for Proactive Defense in the Cloud","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T22:50:00Z","end_timestamp":{"seconds":1723330200,"nanoseconds":0},"android_description":"Interpret the vast amount of alerts (from different sources) received with a comprehensive, hands-on autonomous attack correlation & false positive detection workshop designed to enhance your proactive defense in the cloud. The workshop aims to demystify the process of identifying coordinated attacks amidst this noise, empowering attendees to improve their efficacy & utilize the cloud cost-effectiveness.\n\nNo data science expertise is required. Little cloud & secops expertise is required.\n\nIntro:\n- The session begins with a foundational overview of event analysis challenges and state of the art.\n- Participants will learn about the ATT&CK framework, focusing on its Flows, Tactics, & Techniques to standardize threat detection.\n\n\nAI & Data:\n- A deep dive into accessible open-source AI tools will follow, featuring clustering algorithms, natural language processing, & Markov chains.\n- Guidance on importing, cleaning, & normalizing data will ensure accuracy in subsequent analyses.\n- Participants will have access to a demo environment to apply these tools interactively.\n\n\nMapping Alerts:\n- Techniques for automated mapping of alerts to ATT&CK will be demonstrated.\n- Attendees will engage in mapping exercises using AI.\n\n\nClustering Alerts:\n- The workshop will cover clustering methods based on temporal, spatial, & technical attributes.\n- Participants will engage in clustering sample alerts to form contextualized attack steps.\n\n\nCorrelating Alerts:\n- The importance of killchains in cybersecurity will be highlighted, with methods to link attack steps into cohesive killchains.\n- Participants are guided in creating & analyzing killchains to identify coordinated attacks.\n\n\nTickets:\n- Criteria for creating FP Tickets, Incident Tickets, & Attack Story Tickets will be outlined.\n- Participants will engage in generating sample tickets, ensuring each type is comprehensive & actionable.\n\n\nIntegrating & QA:\n- The session will cover integration into existing SOC setups & automation using scripts & tools.\n- Demonstrations will show how to maintain & update the system for continuous improvement, emphasizing cost-effective cloud automation.\n- QA, troubleshooting, & further resources.\n\n\nBy the end of this interactive workshop, participants will have experience with AI tools mapping alerts to Techniques, clustering them into contextualized attack steps, & constructing comprehensive killchains to uncover coordinated attacks. Additionally, they will learn to generate actionable tickets for immediate response & long-term improvements in their security posture, all without needing advanced data science knowledge. This session encourages practical application in participants' environments & further exploration of the vast capabilities of open-source AI in cybersecurity, & showcases the power of cloud cost-effectiveness in big data analytics (sagemaker, s3, lambda, etc.).","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[54634,55759,55495,55348,56206,55557],"conference_id":133,"event_ids":[55740,56072,55924,56284,56860,55008],"name":"Ezz Tahoun","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ezzeldinadel/"}],"media":[],"id":54240}],"begin_tsz":"2024-08-10T20:50:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-10T22:50:00.000-0000","id":55924,"tag_ids":[46376,46734],"village_id":null,"begin_timestamp":{"seconds":1723323000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54240}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-10T20:50:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Con el continuo crecimiento de las amenazas en el ciberespacio y la escasez de guías efectivas para analizar, detectar y estar un paso adelante de los adversarios, expondremos durante nuestra plática cómo, a través de la inteligencia de ciber-amenazas y el análisis de malware, podemos desmantelar la infraestructura de los atacantes y anticiparnos a sus objetivos. Utilizaremos técnicas de Threat Hunting para demostrar cómo detectar comportamientos anómalos dentro de una red y proporcionar a los asistentes las herramientas necesarias, incluyendo Indicadores de Compromiso (IoCs), Tácticas, Técnicas y Procedimientos (TTPs), e infraestructura no detectada (Hunting Infrastructure), para enfrentar la actividad maliciosa del malware conocido como DarkGate.\n\n\n","media":[],"title":"DarkGate: Cazando a la amenaza y exponiendo su infraestructura","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:30:00Z","end_timestamp":{"seconds":1723325400,"nanoseconds":0},"android_description":"Con el continuo crecimiento de las amenazas en el ciberespacio y la escasez de guías efectivas para analizar, detectar y estar un paso adelante de los adversarios, expondremos durante nuestra plática cómo, a través de la inteligencia de ciber-amenazas y el análisis de malware, podemos desmantelar la infraestructura de los atacantes y anticiparnos a sus objetivos. Utilizaremos técnicas de Threat Hunting para demostrar cómo detectar comportamientos anómalos dentro de una red y proporcionar a los asistentes las herramientas necesarias, incluyendo Indicadores de Compromiso (IoCs), Tácticas, Técnicas y Procedimientos (TTPs), e infraestructura no detectada (Hunting Infrastructure), para enfrentar la actividad maliciosa del malware conocido como DarkGate.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55971],"conference_id":133,"event_ids":[56587],"name":"Nestor Sánchez","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Cyber Threat Hunter at GNP"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@ponchosansan)","sort_order":0,"url":"https://twitter.com/ponchosansan"},{"description":"","title":"Website","sort_order":0,"url":"https://github.com/sansan-monkey"}],"media":[],"id":56314,"title":"Cyber Threat Hunter at GNP"}],"begin_tsz":"2024-08-10T20:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-10T21:30:00.000-0000","id":56587,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723321800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56314}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-10T20:30:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The hype for integrating artificial intelligence into an enterprise’s daily work has become more prevalent after introducing AI-driven systems that use Retrieval Augmented Generation (RAG), such as Copilot for Microsoft 365. But is the trust in such systems and their control over decision-making processes within enterprises rational? Copilot and other RAG-based systems can be misused to cause dissemination of misinformation that negatively impacts decision-making processes without proper auditing and safeguarding of data available to large language models in RAG-based systems.\n\nThis talk will demonstrate such an attack that we have termed ConfusedPilot because of its ability to turn Copilot into a confused deputy. The attack occurs when a malicious document is introduced to the data pool (documents, presentations, other relevant files, etc.) related to a topic affecting the enterprise’s decision-making process. The malicious document contains a combination of corrupt data and malicious strings that suppress the correct documents related to the topic and respond to the user’s query with only the information present within the malicious document. Furthermore, the talk highlights how this attack can persist after deleting content within the malicious document or the document itself. The talk also points to the larger implications of such attacks, highlighting their cascading effect and existing security measures that can be used to reduce the attack’s effectiveness. Our talk sheds light on the current attacks and potential security measures that can shield enterprises from the adverse effects of such attacks on their AI-driven systems.\n\n\n","media":[],"title":"ConfusedPilot: Data Corruption and Leakage by Misusing Copilot for Microsoft 365","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:30:00Z","end_timestamp":{"seconds":1723325400,"nanoseconds":0},"android_description":"The hype for integrating artificial intelligence into an enterprise’s daily work has become more prevalent after introducing AI-driven systems that use Retrieval Augmented Generation (RAG), such as Copilot for Microsoft 365. But is the trust in such systems and their control over decision-making processes within enterprises rational? Copilot and other RAG-based systems can be misused to cause dissemination of misinformation that negatively impacts decision-making processes without proper auditing and safeguarding of data available to large language models in RAG-based systems.\n\nThis talk will demonstrate such an attack that we have termed ConfusedPilot because of its ability to turn Copilot into a confused deputy. The attack occurs when a malicious document is introduced to the data pool (documents, presentations, other relevant files, etc.) related to a topic affecting the enterprise’s decision-making process. The malicious document contains a combination of corrupt data and malicious strings that suppress the correct documents related to the topic and respond to the user’s query with only the information present within the malicious document. Furthermore, the talk highlights how this attack can persist after deleting content within the malicious document or the document itself. The talk also points to the larger implications of such attacks, highlighting their cascading effect and existing security measures that can be used to reduce the attack’s effectiveness. Our talk sheds light on the current attacks and potential security measures that can shield enterprises from the adverse effects of such attacks on their AI-driven systems.","updated_timestamp":{"seconds":1722625241,"nanoseconds":0},"speakers":[{"content_ids":[55883],"conference_id":133,"event_ids":[56468],"name":"Ayush RoyChowdhury","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"The University of Texas at Austin","title":""}],"links":[],"pronouns":null,"media":[],"id":56249,"title":"The University of Texas at Austin"},{"content_ids":[55883],"conference_id":133,"event_ids":[56468],"name":"Mulong Luo","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"The University of Texas at Austin","title":""}],"links":[],"pronouns":null,"media":[],"id":56250,"title":"The University of Texas at Austin"},{"content_ids":[55883],"conference_id":133,"event_ids":[56468],"name":"Mohit Tiwari","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"The University of Texas at Austin","title":""}],"links":[],"pronouns":null,"media":[],"id":56251,"title":"The University of Texas at Austin"}],"begin_tsz":"2024-08-10T20:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T19:00:41Z","links":[],"end":"2024-08-10T21:30:00.000-0000","id":56468,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723321800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56249},{"tag_id":46167,"sort_order":4,"person_id":56250},{"tag_id":46167,"sort_order":6,"person_id":56251}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-10T20:30:00.000-0000","updated":"2024-08-02T19:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Drone hacking tends to be expensive and sometimes unsafe, but not if you use a simulator!. We have developed a drone hacking simulator called the Damn Vulnerable Drone (https://github.com/nicholasaleks/Damn-Vulnerable-Drone).\n\nThe Damn Vulnerable Drone is a virtually simulated environment designed for offensive security professionals to safely learn and practice drone hacking techniques. It simulates real-world ArduPilot & MAVLink drone architectures and vulnerabilities, offering hands-on experience in exploiting drone systems.\n\n\n","media":[],"title":"Open Source Drone Hacking Simulator","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:30:00Z","end_timestamp":{"seconds":1723325400,"nanoseconds":0},"android_description":"Drone hacking tends to be expensive and sometimes unsafe, but not if you use a simulator!. We have developed a drone hacking simulator called the Damn Vulnerable Drone (https://github.com/nicholasaleks/Damn-Vulnerable-Drone).\n\nThe Damn Vulnerable Drone is a virtually simulated environment designed for offensive security professionals to safely learn and practice drone hacking techniques. It simulates real-world ArduPilot & MAVLink drone architectures and vulnerabilities, offering hands-on experience in exploiting drone systems.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55275,55836],"conference_id":133,"event_ids":[55665,56386],"name":"Nick Aleks","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@exploitpapi)","sort_order":0,"url":"https://twitter.com/exploitpapi"}],"media":[],"id":55824},{"content_ids":[55836],"conference_id":133,"event_ids":[56386],"name":"Rudy Mendoza","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56197}],"begin_tsz":"2024-08-10T20:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T21:30:00.000-0000","id":56386,"tag_ids":[46366,46734],"village_id":null,"begin_timestamp":{"seconds":1723321800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":55824},{"tag_id":46484,"sort_order":4,"person_id":56197}],"tags":"","conference_id":133,"location":{"parent_id":46259,"name":"LVCC - L1 - HW2-07-02 (Aerospace) - Workshops","hotel":"","short_name":"Workshops","id":46476},"spans_timebands":"N","begin":"2024-08-10T20:30:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We’ve been talking about the gap in ICS cybersecurity features and functions for over a decade, but it seems like we’re always confronting the same set of challenges. Despite all the progress in products, systems, regulations and oversight it feels like we’re caught in an endless loop of vulnerabilities. The problem isn’t in a lack of effort on anyone’s behalf: it’s in the fundamental market forces that drive the critical infrastructure investments we depend on. This presentation looks at these forces and shows how to work with them rather than agains them, no matter what your mission might be.\n\n\n","media":[],"title":"The perma-lag: why industrial cybersecurity will never be state-of-the-art","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:55:00Z","end_timestamp":{"seconds":1723323300,"nanoseconds":0},"android_description":"We’ve been talking about the gap in ICS cybersecurity features and functions for over a decade, but it seems like we’re always confronting the same set of challenges. Despite all the progress in products, systems, regulations and oversight it feels like we’re caught in an endless loop of vulnerabilities. The problem isn’t in a lack of effort on anyone’s behalf: it’s in the fundamental market forces that drive the critical infrastructure investments we depend on. This presentation looks at these forces and shows how to work with them rather than agains them, no matter what your mission might be.","updated_timestamp":{"seconds":1721781748,"nanoseconds":0},"speakers":[{"content_ids":[55353],"conference_id":133,"event_ids":[55745],"name":"Kyle McMillan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55960}],"begin_tsz":"2024-08-10T20:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T00:42:28Z","links":[],"end":"2024-08-10T20:55:00.000-0000","id":55745,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723321800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55960}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-10T20:30:00.000-0000","updated":"2024-07-24T00:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The proliferation of ride-share rocket launches and decrease in the overall cost of sending payloads to space due to recent successes in the private space industry has made small satellite systems a cost effective and time-efficient method to put research vehicles in space.\n\nThe University of Alabama in Huntsville’s Center for Cybersecurity Research and Education (CCRE) has been funded by the U.S. Army Space and Missile Defense Command (SMDC) over the last several years to investigate the overall cybersecurity posture of small satellite systems. Numerous iterations of student teams led by CCRE and SMDC staff members have managed to accomplish notable research milestones. \n\nThis talk is meant to inform the next generation in aerospace cybersecurity by discussing our major research milestones, relevant findings, lessons learned, and areas of concern relating to the overall cybersecurity posture of small satellite systems.\n\nRelevant items to be covered in this talk include what it took to build a working small satellite system model as close to real-world as possible (Raspberry Pis vs PyCubed boards vs other contenders), implementation of small satellite functions (payload camera, radio communications, positioning/sensor array, orbital simulation, battery/solar charging, etc.), performing vulnerability analysis against the implemented model, creating different attack scenarios (MitM, DoS, spoofing, hardware attacks), implementing defensive mitigations (hardening scripts, command validation, health checks), and the development of a lightweight software solution named “Small Satellite Defender” (SSD) designed to protect satellites from potential threat vectors.\n\n\n\n","media":[],"title":"Small Satellite Modeling and Defender Software","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"The proliferation of ride-share rocket launches and decrease in the overall cost of sending payloads to space due to recent successes in the private space industry has made small satellite systems a cost effective and time-efficient method to put research vehicles in space.\n\nThe University of Alabama in Huntsville’s Center for Cybersecurity Research and Education (CCRE) has been funded by the U.S. Army Space and Missile Defense Command (SMDC) over the last several years to investigate the overall cybersecurity posture of small satellite systems. Numerous iterations of student teams led by CCRE and SMDC staff members have managed to accomplish notable research milestones. \n\nThis talk is meant to inform the next generation in aerospace cybersecurity by discussing our major research milestones, relevant findings, lessons learned, and areas of concern relating to the overall cybersecurity posture of small satellite systems.\n\nRelevant items to be covered in this talk include what it took to build a working small satellite system model as close to real-world as possible (Raspberry Pis vs PyCubed boards vs other contenders), implementation of small satellite functions (payload camera, radio communications, positioning/sensor array, orbital simulation, battery/solar charging, etc.), performing vulnerability analysis against the implemented model, creating different attack scenarios (MitM, DoS, spoofing, hardware attacks), implementing defensive mitigations (hardening scripts, command validation, health checks), and the development of a lightweight software solution named “Small Satellite Defender” (SSD) designed to protect satellites from potential threat vectors.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54614],"conference_id":133,"event_ids":[54988],"name":"Kyle Murbach","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"University of Alabama in Huntsville","title":"Principal Research Engineer, Center for Cybersecurity Research and Education (UAH/CCRE)"}],"links":[],"pronouns":null,"media":[],"id":54346,"title":"Principal Research Engineer, Center for Cybersecurity Research and Education (UAH/CCRE) at University of Alabama in Huntsville"}],"begin_tsz":"2024-08-10T20:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":54988,"tag_ids":[46366,46419,46438,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723321800,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54346}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T20:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":" See talk title, kids these days dont read more than a sentence anyway. Seriously though, we get asked a lot of random custom electronics, hardware hacking, and badge questions, here's your chance to throw them at us while we drink a beer and pretend to know the right answer\n\n\n","media":[],"title":"How we built our REDACTED THING this year, 5n4ck3y, && AMA Panel on Making Badges","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:15:00Z","end_timestamp":{"seconds":1723324500,"nanoseconds":0},"android_description":"See talk title, kids these days dont read more than a sentence anyway. Seriously though, we get asked a lot of random custom electronics, hardware hacking, and badge questions, here's your chance to throw them at us while we drink a beer and pretend to know the right answer","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54613],"conference_id":133,"event_ids":[54987],"name":"AND!XOR ","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54299}],"begin_tsz":"2024-08-10T20:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T21:15:00.000-0000","id":54987,"tag_ids":[46407,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723321800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54299}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T20:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Microsoft is planning to kill off NTLM (New Technology Lan Manager) authentication in Windows 11 and above. Let's speedrun coercing hashes out of a few more things before it fades into obscurity over the next twenty five years or so. \r\n\r\nThere will be a deep dive on several new bugs we disclosed to Microsoft (including bypassing a fix to an existing CVE), some interesting and useful techniques, combining techniques from multiple bug classes resulting in some unexpected discoveries and some absolutely cooked bugs. We’ll also uncover some defaults that simply shouldn't exist in sensible libraries or applications as well as some glaring gaps in some of the Microsoft NTLM related security controls.\r\n\r\n1. [link](https://blog.yappare.com/2019/01/bug-000114489-ssrf-in-portal-for-arcgis.html)\r\n2. [link](https://blog.ss23.geek.nz/2023/09/21/iracing-electron-rce-exploit.html)\r\n3. [link](https://www.blazeinfosec.com/post/web-app-vulnerabilities-ntlm-hashes/)\r\n4. [link](http://varonis.com/blog/outlook-vulnerability-new-ways-to-leak-ntlm-hashes)\r\n5. Varonis Threat Labs discovered a new Outlook exploit and three new ways to access NTLM v2 hashed passwords. [link](https://varonis.com)\r\n\n\n\n","media":[],"title":"NTLM - The Last Ride","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T21:15:00Z","end_timestamp":{"seconds":1723324500,"nanoseconds":0},"android_description":"Microsoft is planning to kill off NTLM (New Technology Lan Manager) authentication in Windows 11 and above. Let's speedrun coercing hashes out of a few more things before it fades into obscurity over the next twenty five years or so. \r\n\r\nThere will be a deep dive on several new bugs we disclosed to Microsoft (including bypassing a fix to an existing CVE), some interesting and useful techniques, combining techniques from multiple bug classes resulting in some unexpected discoveries and some absolutely cooked bugs. We’ll also uncover some defaults that simply shouldn't exist in sensible libraries or applications as well as some glaring gaps in some of the Microsoft NTLM related security controls.\r\n\r\n1. [link](https://blog.yappare.com/2019/01/bug-000114489-ssrf-in-portal-for-arcgis.html)\r\n2. [link](https://blog.ss23.geek.nz/2023/09/21/iracing-electron-rce-exploit.html)\r\n3. [link](https://www.blazeinfosec.com/post/web-app-vulnerabilities-ntlm-hashes/)\r\n4. [link](http://varonis.com/blog/outlook-vulnerability-new-ways-to-leak-ntlm-hashes)\r\n5. Varonis Threat Labs discovered a new Outlook exploit and three new ways to access NTLM v2 hashed passwords. [link](https://varonis.com)","updated_timestamp":{"seconds":1720463294,"nanoseconds":0},"speakers":[{"content_ids":[54496],"conference_id":133,"event_ids":[54869],"name":"Tomais Williamson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54085},{"content_ids":[54496],"conference_id":133,"event_ids":[54869],"name":"Jim Rush","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/jimsrush/"}],"media":[],"id":54128}],"begin_tsz":"2024-08-10T20:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:28:14Z","links":[],"end":"2024-08-10T21:15:00.000-0000","id":54869,"tag_ids":[46166,46419,46437,46879],"village_id":null,"begin_timestamp":{"seconds":1723321800,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":2,"person_id":54128},{"tag_id":46167,"sort_order":4,"person_id":54085}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-10T20:30:00.000-0000","updated":"2024-07-08T18:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ransomware groups have become notably proficient at wreaking havoc across various sectors , but we can turn the tables. However, a less explored avenue in the fight against these digital adversaries lies in the proactive offense against their web panels. In this presentation, I will delve into the strategies and methodologies for infiltrating and commandeering the web panels used by ransomware groups to manage their malicious operations or the APIs used during their initial exfiltration of data.\r\n\r\nI will demonstrate how to leverage these vulnerabilities to gain unauthorized access to the ransomware groups' web panels. This access not only disrupts their operations but also opens a window to gather intelligence and potentially identify the operators behind those APTs. Let’s explore the frontiers of cyber offense, targeting the very command and control (C2) centers ransomware groups rely on, turning the tables in our ongoing battle against cyber threats,it’s our turn to wreak havoc.\r\n\r\n- [link](https://www.sentinelone.com/blog/mallox-resurrected-ransomware-attacks-exploiting-ms-sql-continue-to-burden-enterprises/)\r\n- [link](https://www.truesec.com/hub/blog/a-victim-of-mallox-ransomware-how-truesec-csirt-fought-back)\r\n- [link](https://unit42.paloaltonetworks.com/medusa-ransomware-escalation-new-leak-site/)\r\n- [link](https://www.provendata.com/blog/medusa-ransomware/)\r\n- [link](https://en.wikipedia.org/wiki/BlackCat_(cyber_gang))\r\n- [link](https://securityscorecard.com/research/deep-dive-into-alphv-blackcat-ransomware/)\r\n\n\n\n","media":[],"title":"Behind Enemy Lines: Engaging and Disrupting Ransomware Web Panels","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T21:15:00Z","end_timestamp":{"seconds":1723324500,"nanoseconds":0},"android_description":"Ransomware groups have become notably proficient at wreaking havoc across various sectors , but we can turn the tables. However, a less explored avenue in the fight against these digital adversaries lies in the proactive offense against their web panels. In this presentation, I will delve into the strategies and methodologies for infiltrating and commandeering the web panels used by ransomware groups to manage their malicious operations or the APIs used during their initial exfiltration of data.\r\n\r\nI will demonstrate how to leverage these vulnerabilities to gain unauthorized access to the ransomware groups' web panels. This access not only disrupts their operations but also opens a window to gather intelligence and potentially identify the operators behind those APTs. Let’s explore the frontiers of cyber offense, targeting the very command and control (C2) centers ransomware groups rely on, turning the tables in our ongoing battle against cyber threats,it’s our turn to wreak havoc.\r\n\r\n- [link](https://www.sentinelone.com/blog/mallox-resurrected-ransomware-attacks-exploiting-ms-sql-continue-to-burden-enterprises/)\r\n- [link](https://www.truesec.com/hub/blog/a-victim-of-mallox-ransomware-how-truesec-csirt-fought-back)\r\n- [link](https://unit42.paloaltonetworks.com/medusa-ransomware-escalation-new-leak-site/)\r\n- [link](https://www.provendata.com/blog/medusa-ransomware/)\r\n- [link](https://en.wikipedia.org/wiki/BlackCat_(cyber_gang))\r\n- [link](https://securityscorecard.com/research/deep-dive-into-alphv-blackcat-ransomware/)","updated_timestamp":{"seconds":1720463317,"nanoseconds":0},"speakers":[{"content_ids":[54495,55721],"conference_id":133,"event_ids":[56227,54868],"name":"Vangelis Stykas","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Atropos","title":"Chief Technology Officer"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/vangelis-stykas/"},{"description":"","title":"Twitter (@evstykas)","sort_order":0,"url":"https://twitter.com/evstykas"},{"description":"","title":"stykas.com","sort_order":0,"url":"https://stykas.com"}],"media":[],"id":54172,"title":"Chief Technology Officer at Atropos"}],"begin_tsz":"2024-08-10T20:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:28:37Z","links":[],"end":"2024-08-10T21:15:00.000-0000","id":54868,"tag_ids":[46166,46419,46437,46880],"village_id":null,"begin_timestamp":{"seconds":1723321800,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54172}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-10T20:30:00.000-0000","updated":"2024-07-08T18:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk with cover the networks that generate and spread misinformation over social media. This talk will dive deep into the challenges a think tank of this type is at risk of facing, and will give us an update on what is currently happening with the program. There will be a general overview of what happened and how the increasing threats came to be as well as an update on where things stand now.\n\n\n","media":[],"title":"Stanford Digital Observatory","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"This talk with cover the networks that generate and spread misinformation over social media. This talk will dive deep into the challenges a think tank of this type is at risk of facing, and will give us an update on what is currently happening with the program. There will be a general overview of what happened and how the increasing threats came to be as well as an update on where things stand now.","updated_timestamp":{"seconds":1723183539,"nanoseconds":0},"speakers":[{"content_ids":[56197],"conference_id":133,"event_ids":[56851],"name":"Renée DiResta","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Website","sort_order":0,"url":"https://reneediresta.com"}],"media":[],"id":56581}],"begin_tsz":"2024-08-10T20:15:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T06:05:39Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":56851,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723320900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56581}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T20:15:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The convergence of Artificial Intelligence (AI) and national security not only fuels international discourse but also inspires narratives within popular culture. Harriet is no stranger to these myths, as an ex-intelligence professional who specialized in applying machine learning to cyber security. In fact, she likes to lean into them. This makes her previous bosses nervous, so she uses pop culture as the lens through which to communicate her insights - and in this talk she utilizes the worlds of Ghost in the Shell, Neuromancer and Mission Impossible. \n\nThrough these stories, as well as her own decade of experience working at the intersection of artificial intelligence and cyber security, Harriet discusses the extent to which fears surrounding AI systems are applicable to real life national security settings. From cyber warfare to AI-driven surveillance, she unravels the interplay between hackers, AI, and government agencies. This session is interactive, with demos of how these AI systems actually work under the hood, as well as discussion time. Blur the lines between human and machine, and understand how you can contribute your skills to prevent our own modern day Puppet Master.\n\n\n","media":[],"title":"Hacker vs AI: perspectives from an ex-spy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"The convergence of Artificial Intelligence (AI) and national security not only fuels international discourse but also inspires narratives within popular culture. Harriet is no stranger to these myths, as an ex-intelligence professional who specialized in applying machine learning to cyber security. In fact, she likes to lean into them. This makes her previous bosses nervous, so she uses pop culture as the lens through which to communicate her insights - and in this talk she utilizes the worlds of Ghost in the Shell, Neuromancer and Mission Impossible. \n\nThrough these stories, as well as her own decade of experience working at the intersection of artificial intelligence and cyber security, Harriet discusses the extent to which fears surrounding AI systems are applicable to real life national security settings. From cyber warfare to AI-driven surveillance, she unravels the interplay between hackers, AI, and government agencies. This session is interactive, with demos of how these AI systems actually work under the hood, as well as discussion time. Blur the lines between human and machine, and understand how you can contribute your skills to prevent our own modern day Puppet Master.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54612,54447,55880],"conference_id":133,"event_ids":[56465,54820,54986],"name":"Harriet Farlow","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Mileva Security Labs","title":"CEO"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/harriet-farlow-654963b7/"},{"description":"","title":"YouTube","sort_order":0,"url":"https://www.youtube.com/@HarrietHacks"},{"description":"","title":"www.harriethacks.com/","sort_order":0,"url":"https://www.harriethacks.com/"},{"description":"","title":"www.mileva.com.au/about-us","sort_order":0,"url":"https://www.mileva.com.au/about-us"}],"media":[],"id":54195,"title":"CEO at Mileva Security Labs"}],"begin_tsz":"2024-08-10T20:15:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":54986,"tag_ids":[46388,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723320900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54195}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-10T20:15:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As security engineers, managing risk means making informed decisions about which vulnerabilities to address first. We are often too time constrained, and the signal-to-noise ratio of current SAST/SCA tooling is too low.\n\nThis talk introduces \"Runtime Reachability,\" a novel approach that leverages Continuous Profiling via eBPF to quantify how often a vulnerable method/codepath is called, in actual production usage. By understanding the runtime behavior of applications, security teams can effectively filter out low-likelihood vulnerabilities, prioritize fixes more effectively, reduce toil & the overall risk to their organization.\n\n\n","media":[],"title":"Runtime Reachability: Prioritizing Vulnerabilities with eBPF & Continuous Profiling","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:50:00Z","end_timestamp":{"seconds":1723323000,"nanoseconds":0},"android_description":"As security engineers, managing risk means making informed decisions about which vulnerabilities to address first. We are often too time constrained, and the signal-to-noise ratio of current SAST/SCA tooling is too low.\n\nThis talk introduces \"Runtime Reachability,\" a novel approach that leverages Continuous Profiling via eBPF to quantify how often a vulnerable method/codepath is called, in actual production usage. By understanding the runtime behavior of applications, security teams can effectively filter out low-likelihood vulnerabilities, prioritize fixes more effectively, reduce toil & the overall risk to their organization.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55494],"conference_id":133,"event_ids":[55923],"name":"Sam \"Frenchie\" Stewart","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"nffrenchie","sort_order":0,"url":"https://nffrenchie"}],"media":[],"id":56011}],"begin_tsz":"2024-08-10T20:10:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-10T20:50:00.000-0000","id":55923,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723320600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56011}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-10T20:10:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"The Sand Castle - The State of the MacOS Sandbox","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:05:00Z","end_timestamp":{"seconds":1723323900,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722445805,"nanoseconds":0},"speakers":[{"content_ids":[55689],"conference_id":133,"event_ids":[56212],"name":"Jonathan \"JBO\" Bar Or","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":"Principal Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@yo_yo_yo_jbo)","sort_order":0,"url":"https://twitter.com/yo_yo_yo_jbo"}],"media":[],"id":56060,"title":"Principal Security Researcher at Microsoft"}],"begin_tsz":"2024-08-10T20:05:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:10:05Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-10T21:05:00.000-0000","id":56212,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723320300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56060}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-10T20:05:00.000-0000","updated":"2024-07-31T17:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Are you getting stuck on solving ciphers in challenges? Not sure who or what Caesar is? What is \"polyalphabetic\" or \"transposition\"? Is this even relevant to modern day cryptography? Come on over for the Intro to Ciphers talk! Talk time: 5-15 minutes\n\n\n","media":[],"title":"CPV: Intro to Cyphers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:15:00Z","end_timestamp":{"seconds":1723320900,"nanoseconds":0},"android_description":"Are you getting stuck on solving ciphers in challenges? Not sure who or what Caesar is? What is \"polyalphabetic\" or \"transposition\"? Is this even relevant to modern day cryptography? Come on over for the Intro to Ciphers talk! Talk time: 5-15 minutes","updated_timestamp":{"seconds":1722725880,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T22:58:00Z","links":[],"end":"2024-08-10T20:15:00.000-0000","id":56879,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-08-03T22:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk covers the systems used to physically restrict the motion of shopping carts by locking one or more of their wheels. Topics cover what they are, how they work, and methods to bypass them.\n\n\n","media":[],"title":"Smart Shopping Cart Wheels - How they Work","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:30:00Z","end_timestamp":{"seconds":1723321800,"nanoseconds":0},"android_description":"This talk covers the systems used to physically restrict the motion of shopping carts by locking one or more of their wheels. Topics cover what they are, how they work, and methods to bypass them.","updated_timestamp":{"seconds":1723298786,"nanoseconds":0},"speakers":[{"content_ids":[56219],"conference_id":133,"event_ids":[56874],"name":"Joseph","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56615}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-10T14:06:26Z","links":[],"end":"2024-08-10T20:30:00.000-0000","id":56874,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56615}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-08-10T14:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Don't go too far… your job is not done!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723225166,"nanoseconds":0},"speakers":[{"content_ids":[56212],"conference_id":133,"event_ids":[56866],"name":"Chris Cleary","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56603}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T17:39:26Z","links":[],"end":"2024-08-10T20:45:00.000-0000","id":56866,"tag_ids":[46409,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56603}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W213-W214","hotel":"","short_name":"W213-W214","id":46286},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-08-09T17:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Before you can deal with secrets sprawl, you first need to understand how deep the issue of plaintext secrets can be. Improperly stored and shared secrets are a problem beyond just the top layer of code you put in production. It affects feature branches, old commits, logs, and communication and collaboration tools.\r\n\r\nIn this exercise, you will be challenged to find all the secrets and then use a special tool to quickly validate the secrets and your work. Walk away from this exercise ready to apply the lessons learned to make your organization safer in no time.\n\n\n","media":[],"title":"Activity: Spot the Secrets: Finding Secrets Throughout Your Environments by GitGuardian","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Before you can deal with secrets sprawl, you first need to understand how deep the issue of plaintext secrets can be. Improperly stored and shared secrets are a problem beyond just the top layer of code you put in production. It affects feature branches, old commits, logs, and communication and collaboration tools.\r\n\r\nIn this exercise, you will be challenged to find all the secrets and then use a special tool to quickly validate the secrets and your work. Walk away from this exercise ready to apply the lessons learned to make your organization safer in no time.","updated_timestamp":{"seconds":1723007453,"nanoseconds":0},"speakers":[{"content_ids":[56165],"conference_id":133,"event_ids":[56809,56817,56818],"name":"mcdwayne","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56551}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T05:10:53Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":56818,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56551}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 3","hotel":"","short_name":"ASV Pod 3","id":46468},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-08-07T05:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Find the reachable one! You’ve got 18x18 inch game board, 5 cards, 5 code weaknesses, and a 5-minute sand timer, ready, set, go! You'll have 5 minutes to place the cards in the correct order and find the true positive(s). The winner? Whoever finds the solution in the shortest amount of time!\n\n\n","media":[],"title":"Activity: Spot the Reachable by Backslash","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Find the reachable one! You’ve got 18x18 inch game board, 5 cards, 5 code weaknesses, and a 5-minute sand timer, ready, set, go! You'll have 5 minutes to place the cards in the correct order and find the true positive(s). The winner? Whoever finds the solution in the shortest amount of time!","updated_timestamp":{"seconds":1723007403,"nanoseconds":0},"speakers":[{"content_ids":[56164],"conference_id":133,"event_ids":[56808,56815,56816],"name":"Czesia Glik","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56548},{"content_ids":[56164],"conference_id":133,"event_ids":[56808,56815,56816],"name":"Yossi Pik","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Backslash Security","title":"CTO & Co-Founder"}],"links":[],"pronouns":null,"media":[],"id":56553,"title":"CTO & Co-Founder at Backslash Security"}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T05:10:03Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":56816,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56548},{"tag_id":46167,"sort_order":4,"person_id":56553}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 1","hotel":"","short_name":"ASV Pod 1","id":46466},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-08-07T05:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Live Recon Finalist Selection Process","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722627642,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T19:40:42Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56477,"tag_ids":[46391,46427,46439,46779],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-08-02T19:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Most hackers have a love-hate relationship with DNS: teleporting a building block of the internet from the 80’s is a recipe for frustration. To give DNS a modern twist, we developed an ultra-fast open-source DNS scanner, SanicDNS, which is two orders of magnitude faster than popular tools.\r\n\r\nThis Arsenal session will give a demonstration of how you can use SanicDNS to superpower your recon workflow using world's fastest DNS scanner.\n\n\n","media":[],"title":"Arsenal: SanicDNS","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:30:00Z","end_timestamp":{"seconds":1723325400,"nanoseconds":0},"android_description":"Most hackers have a love-hate relationship with DNS: teleporting a building block of the internet from the 80’s is a recipe for frustration. To give DNS a modern twist, we developed an ultra-fast open-source DNS scanner, SanicDNS, which is two orders of magnitude faster than popular tools.\r\n\r\nThis Arsenal session will give a demonstration of how you can use SanicDNS to superpower your recon workflow using world's fastest DNS scanner.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55710,55907],"conference_id":133,"event_ids":[56250,56494],"name":"Jasper Insinger","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56123}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T21:30:00.000-0000","id":56250,"tag_ids":[46169,46370,46438,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"Tool 🛠, Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":56123}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Arsenal 2","hotel":"","short_name":"ASV Arsenal 2","id":46470},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The continuous adoption of emerging technological trends like Mobile, IoT, Cloud, Blockchains, and now GenAI has transformed application security from simple threat modeling and SAST/DAST scans to comprehensive proactive prevention and real-time detection of security anomalies. This panel will discuss the dynamic nature of AppSec as the lines between traditional infrastructure and cloud environments blur. We will explore the importance of maintaining a comprehensive security posture within 'everything as code' ecosystems, emphasizing proper configuration and secret management to secure infrastructure effectively.\n\n\n","media":[],"title":"Transforming AppSec: Protecting 'Everything as Code' & Emerging Tech","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"The continuous adoption of emerging technological trends like Mobile, IoT, Cloud, Blockchains, and now GenAI has transformed application security from simple threat modeling and SAST/DAST scans to comprehensive proactive prevention and real-time detection of security anomalies. This panel will discuss the dynamic nature of AppSec as the lines between traditional infrastructure and cloud environments blur. We will explore the importance of maintaining a comprehensive security posture within 'everything as code' ecosystems, emphasizing proper configuration and secret management to secure infrastructure effectively.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55707],"conference_id":133,"event_ids":[56247],"name":"Sara Attarzadeh","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56083},{"content_ids":[55707],"conference_id":133,"event_ids":[56247],"name":"Shahar Man","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56084},{"content_ids":[55707],"conference_id":133,"event_ids":[56247],"name":"Trupti Shiralkar","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56092},{"content_ids":[55707],"conference_id":133,"event_ids":[56247],"name":"Kunal Bhattacharya","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56130}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T20:45:00.000-0000","id":56247,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56130},{"tag_id":46167,"sort_order":1,"person_id":56083},{"tag_id":46167,"sort_order":1,"person_id":56084},{"tag_id":46167,"sort_order":1,"person_id":56092}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Do you have any photos, videos, games or apps privately hosted at home that you’d love to easily and securely share with your friends anywhere in the world, for free? Would you like to learn how to secure your family and school’s Internet access against phishing, ransomware, and other Internet risks? In this hands-on class you will learn how to easily build a secure private network over the Internet with Cloudflare Zero Trust services.\n\n\n","media":[],"title":"Learn Zero Trust Network Security with Cloudflare","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Do you have any photos, videos, games or apps privately hosted at home that you’d love to easily and securely share with your friends anywhere in the world, for free? Would you like to learn how to secure your family and school’s Internet access against phishing, ransomware, and other Internet risks? In this hands-on class you will learn how to easily build a secure private network over the Internet with Cloudflare Zero Trust services.","updated_timestamp":{"seconds":1722361722,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T17:48:42Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":56094,"tag_ids":[46398,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-30T17:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"By the end of the session, attendees will gain a comprehensive understanding of the security mechanisms protecting mobile payment applications, the inherent vulnerabilities, and the sophisticated techniques employed by attackers to exploit these systems. This talk is designed to provide industry insights, maintaining a vendor-neutral perspective while focusing on the broader security landscape.\n\n\n","media":[],"title":"Breaking software protected crypto implementations","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"By the end of the session, attendees will gain a comprehensive understanding of the security mechanisms protecting mobile payment applications, the inherent vulnerabilities, and the sophisticated techniques employed by attackers to exploit these systems. This talk is designed to provide industry insights, maintaining a vendor-neutral perspective while focusing on the broader security landscape.","updated_timestamp":{"seconds":1722356217,"nanoseconds":0},"speakers":[{"content_ids":[55565],"conference_id":133,"event_ids":[56080],"name":"Adrian Garcia","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Adyen","title":"Senior Security Expert"}],"links":[],"pronouns":null,"media":[],"id":56037,"title":"Senior Security Expert at Adyen"}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T16:16:57Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":56080,"tag_ids":[46386,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56037}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-30T16:16:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this MarSec event we will engage convention goers with a number of different tabletop games to help them understand the operational issues surrounding offensive and defensive cyber operations in a port complex. Players will become familiar with the various network components that support port and shipping operations from the underlying infrastructure to the system components at ports and commercial ships. A fictional terminal, Boundary Terminal part of the Port Elizabeth New Jersey complex, and a fictional shipping line, Worldwide Shipping Operations form the basis for all of three of our games. The games are: a short game designed to show the basic target set and linkages, a longer role-playing game where players can engage in detail with port systems, and a card driven game focused on detection, forensics, and counter-forensics. The role-playing game has been conducted as part of the MarSec portion of the ICS Village for the past two years, while the shorter version was added last year. This year we will add the counter-forensics game. All of the games are designed to be entertaining and engaging with prizes provided to the winners and best players (usually everyone gets a prize).\n\n\n","media":[{"hash_sha256":"a43e90beb02db94f81620530a72e3185043ff5f6a8fc15d5b915c4b7414f537a","filetype":"image/png","hash_md5":"381e707c51504a86ffccd678769cfbf7","name":"ct_hacking-boundary.png","is_logo":"Y","hash_crc32c":"81a9d890","filesize":253710,"asset_id":645,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hacking-boundary.png"}],"title":"Hacking Boundary Terminal","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"In this MarSec event we will engage convention goers with a number of different tabletop games to help them understand the operational issues surrounding offensive and defensive cyber operations in a port complex. Players will become familiar with the various network components that support port and shipping operations from the underlying infrastructure to the system components at ports and commercial ships. A fictional terminal, Boundary Terminal part of the Port Elizabeth New Jersey complex, and a fictional shipping line, Worldwide Shipping Operations form the basis for all of three of our games. The games are: a short game designed to show the basic target set and linkages, a longer role-playing game where players can engage in detail with port systems, and a card driven game focused on detection, forensics, and counter-forensics. The role-playing game has been conducted as part of the MarSec portion of the ICS Village for the past two years, while the shorter version was added last year. This year we will add the counter-forensics game. All of the games are designed to be entertaining and engaging with prizes provided to the winners and best players (usually everyone gets a prize).","updated_timestamp":{"seconds":1722308655,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:04:15Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249344"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249345"}],"end":"2024-08-11T01:00:00.000-0000","id":56009,"tag_ids":[46427,46439,46772],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-E","hotel":"","short_name":"HW4-03-06-E","id":46378},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-30T03:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Allen Telescope Array is a radio interferometer array located in Northern California. Each of the 42 antennas is 6 meters in diameter and is distributed randomly over an area of 350 meters. Each dish is sensitive to an ultra-wideband frequency range from 200 MHz to 12 GHz. While in operation, each dish can produce 1.5 GHz of bandwidth for each polarization adding up to 1.3 Tbps of data to be processed in real-time.\n\nAlthough it's scale, the Allen Telescope Array acts like a gigantic Software Defined Radio. The system design gives us the ability to try new concepts not ever tried with great flexibility. This talk will go deep into how the telescope operates from the antenna's cryogenically cooled feeds to the state-of-the-art GPU-accelerated digital signal processing pipeline deployed at our on-site data center. All of this while giving special focus to little details that make it special and hackable.\n\n\n","media":[],"title":"Exploring the Cosmos: Hackable Innovations at the Allen Telescope Array","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"The Allen Telescope Array is a radio interferometer array located in Northern California. Each of the 42 antennas is 6 meters in diameter and is distributed randomly over an area of 350 meters. Each dish is sensitive to an ultra-wideband frequency range from 200 MHz to 12 GHz. While in operation, each dish can produce 1.5 GHz of bandwidth for each polarization adding up to 1.3 Tbps of data to be processed in real-time.\n\nAlthough it's scale, the Allen Telescope Array acts like a gigantic Software Defined Radio. The system design gives us the ability to try new concepts not ever tried with great flexibility. This talk will go deep into how the telescope operates from the antenna's cryogenically cooled feeds to the state-of-the-art GPU-accelerated digital signal processing pipeline deployed at our on-site data center. All of this while giving special focus to little details that make it special and hackable.","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55456],"conference_id":133,"event_ids":[55881],"name":"Luigi Cruz","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@luigifcruz)","sort_order":0,"url":"https://twitter.com/luigifcruz"}],"media":[],"id":55995}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":55881,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55995}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We love our furry friends, but they can't always join us - leaving a pet in a vehicle can be very risky, but may also be a necessity. Commercial solutions exist, however these all require monthly subscriptions and cell coverage in order to work. We are hackers! We can do better.\r\n\r\nUsing the Automatic Packet Reporting System (APRS), a digital communications standard that utilizes the 2 meter amateur radio band, I've built a monitoring platform that can alert on high or low temperatures even when cell service isn't available. By broadcasting a signal that can be picked up with commercial hand-held radios, backcountry monitoring is possible, and when inside coverage areas, an AWS Lambda, combined with the APRS.FI service enables real-time alerts through SMS messages.\r\n\r\nIn this talk, we'll go through the journey of building this off-the-grid temperature monitoring system, including evaluation of off-the-shelf tools commonly used for high-altitude ballooning, discussion of online APIs related to APRS and their limitations, and the risk modelling process related to a system designed for life safety. Attendees will be able to use this knowledge to build their own monitoring systems for use in vehicles, high-altitude balloons, or anywhere else remote monitoring is desired.\n\n\n","media":[],"title":"Staying alive off the grid - using APRS and Lambdas to monitor temperature remotely","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:30:00Z","end_timestamp":{"seconds":1723321800,"nanoseconds":0},"android_description":"We love our furry friends, but they can't always join us - leaving a pet in a vehicle can be very risky, but may also be a necessity. Commercial solutions exist, however these all require monthly subscriptions and cell coverage in order to work. We are hackers! We can do better.\r\n\r\nUsing the Automatic Packet Reporting System (APRS), a digital communications standard that utilizes the 2 meter amateur radio band, I've built a monitoring platform that can alert on high or low temperatures even when cell service isn't available. By broadcasting a signal that can be picked up with commercial hand-held radios, backcountry monitoring is possible, and when inside coverage areas, an AWS Lambda, combined with the APRS.FI service enables real-time alerts through SMS messages.\r\n\r\nIn this talk, we'll go through the journey of building this off-the-grid temperature monitoring system, including evaluation of off-the-shelf tools commonly used for high-altitude ballooning, discussion of online APIs related to APRS and their limitations, and the risk modelling process related to a system designed for life safety. Attendees will be able to use this knowledge to build their own monitoring systems for use in vehicles, high-altitude balloons, or anywhere else remote monitoring is desired.","updated_timestamp":{"seconds":1722185656,"nanoseconds":0},"speakers":[{"content_ids":[55437],"conference_id":133,"event_ids":[55862],"name":"Kamikazi","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/cniggel"}],"media":[],"id":55979}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T16:54:16Z","links":[],"end":"2024-08-10T20:30:00.000-0000","id":55862,"tag_ids":[46169,46380,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":55979}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W321","hotel":"","short_name":"W321","id":46337},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-28T16:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come make a call in front of our soundproof booth. We provide everything, the target company, their phone number, and three objectives to gather (easy, medium, and hard). First come, first serve. \n\n\n","media":[],"title":"Cold Calls","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Come make a call in front of our soundproof booth. We provide everything, the target company, their phone number, and three objectives to gather (easy, medium, and hard). First come, first serve.","updated_timestamp":{"seconds":1722103160,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T17:59:20Z","links":[{"label":"More Info","type":"link","url":"https://www.se.community/cold-calls/"}],"end":"2024-08-10T22:00:00.000-0000","id":55837,"tag_ids":[46393,46641],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-27T17:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In collaboration with the legendary Kess, the presenters will demonstrate a FOSS (gnuradio) based SDR tool for accessing and exploring wireless attack surfaces present on every ship and large maritime vessel. We will demonstrate abuse of the AIS protocol to cause various forms of mischief, including causing marine navigation and telemetry systems to hallucinate other major vessels and obstructions.\n\n\n","media":[],"title":"Don't Ship Your Bridges! Tools to Explore Wireless Attack Surfaces in Every Ship's Marine Navigation Systems","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:25:00Z","end_timestamp":{"seconds":1723321500,"nanoseconds":0},"android_description":"In collaboration with the legendary Kess, the presenters will demonstrate a FOSS (gnuradio) based SDR tool for accessing and exploring wireless attack surfaces present on every ship and large maritime vessel. We will demonstrate abuse of the AIS protocol to cause various forms of mischief, including causing marine navigation and telemetry systems to hallucinate other major vessels and obstructions.","updated_timestamp":{"seconds":1721781729,"nanoseconds":0},"speakers":[{"content_ids":[55352],"conference_id":133,"event_ids":[55744],"name":"Duncan Woodbury","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55954},{"content_ids":[55352],"conference_id":133,"event_ids":[55744],"name":"Nick Halt","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55962}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T00:42:09Z","links":[],"end":"2024-08-10T20:25:00.000-0000","id":55744,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55962},{"tag_id":46167,"sort_order":4,"person_id":55954}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-24T00:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This panel aims to mobilize DEFCON's technical talent towards global good, encouraging application of their skills in a broader, impactful context. Transcending conventional cybersecurity dialogues focused primarily on the US and Europe, this discussion highlights underexplored regions and emphasizes the importance of partnerships and incorporating international developments into cybersecurity strategies. Attendees will learn from Mr. Randy Pestana on how academic institutions contribute to cybersecurity, followed by Ms. Kerry Ann Barrett on the influence of multilateral organizations, Mr. Brett DeWitt on financial sector insights that influence foreign investment, and Mr. Wouter Veenstra on the necessity of global collaboration. This session equips participants to engage more effectively in international cybersecurity efforts, highlighting the value of diverse global perspectives and strategic partnerships.\n\n\n","media":[],"title":"Global Perspectives in Cybersecurity: Challenging Norms and Expanding Horizons","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"This panel aims to mobilize DEFCON's technical talent towards global good, encouraging application of their skills in a broader, impactful context. Transcending conventional cybersecurity dialogues focused primarily on the US and Europe, this discussion highlights underexplored regions and emphasizes the importance of partnerships and incorporating international developments into cybersecurity strategies. Attendees will learn from Mr. Randy Pestana on how academic institutions contribute to cybersecurity, followed by Ms. Kerry Ann Barrett on the influence of multilateral organizations, Mr. Brett DeWitt on financial sector insights that influence foreign investment, and Mr. Wouter Veenstra on the necessity of global collaboration. This session equips participants to engage more effectively in international cybersecurity efforts, highlighting the value of diverse global perspectives and strategic partnerships.","updated_timestamp":{"seconds":1721778855,"nanoseconds":0},"speakers":[{"content_ids":[55337],"conference_id":133,"event_ids":[55728],"name":"Brett DeWitt","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Mastercard","title":""}],"links":[],"pronouns":null,"media":[],"id":55922,"title":"Mastercard"},{"content_ids":[55337],"conference_id":133,"event_ids":[55728],"name":"Kerry-Ann Barrett","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Inter-American Committee Against Terrorism of the Organization of American States","title":"Cybersecurity Program Manager"}],"links":[],"pronouns":null,"media":[],"id":55933,"title":"Cybersecurity Program Manager at Inter-American Committee Against Terrorism of the Organization of American States"},{"content_ids":[55337],"conference_id":133,"event_ids":[55728],"name":"Randy Pestana","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Florida International University’s Jack D. Gordon Institute for Public Policy","title":"Director of Cybersecurity Polic"}],"links":[],"pronouns":null,"media":[],"id":55939,"title":"Director of Cybersecurity Polic at Florida International University’s Jack D. Gordon Institute for Public Policy"},{"content_ids":[55337],"conference_id":133,"event_ids":[55728],"name":"Wouter Veenstra","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GFCE","title":""}],"links":[],"pronouns":null,"media":[],"id":55944,"title":"GFCE"}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-23T23:54:15Z","links":[],"end":"2024-08-10T20:45:00.000-0000","id":55728,"tag_ids":[46388,46419,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":55944},{"tag_id":46487,"sort_order":4,"person_id":55939},{"tag_id":46487,"sort_order":6,"person_id":55933},{"tag_id":46487,"sort_order":8,"person_id":55922}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-23T23:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this research businesses and organizations continue to adopt more advanced security measures to protect against cyber-attacks on your macOS endpoints, attackers are constantly evolving their techniques to bypass these measures. In this presentation, we will demonstrate real-world attack scenarios and reveal common vulnerabilities, as well as provide insights on how to exploit them. \"macOS Red Team on Corporate Scenarios\" is the result of years of research and dedicated work in testing macOS environments. Its main objective is to provide a comprehensive view of the security surrounding Apple's operating system, demonstrating how potential vulnerabilities can be exploited. The adopted approach assumes the perspective of an insider attacker or during a Red Team simulation.\n\nThe research will delve into various security features embedded within macOS, such as SIP (System Integrity Protection), TCC (Transparency, Consent, and Control), FileVault, SSV (System Software Version), Gatekeeper, XProtect, and Secure Boot. These components play crucial roles in safeguarding the integrity, privacy, and overall security posture of the macOS operating system.\n\nThe research will also delve into the tactics, techniques, and procedures (TTPs) recommended by the MITRE ATT&CK framework for macOS systems to assist in conducting red team simulations. This exploration aims to provide insights into the methodologies and strategies employed by attackers, enhancing the effectiveness of defensive strategies and improving overall cybersecurity posture in macOS environments.\n\nAt the conclusion of the presentation, we will demonstrate how to perform a bypass of a vulnerability discovered in the macOS Transparency, Consent, and Control (TCC) framework. This vulnerability has been reported to Apple for investigation and mitigation. We will also discuss the process of how Apple has handled the vulnerability disclosure and the steps taken by the company to address the issue.\n\n\n","media":[],"title":"macOS Red Team on Corporate Scenarios","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T20:50:00Z","end_timestamp":{"seconds":1723323000,"nanoseconds":0},"android_description":"In this research businesses and organizations continue to adopt more advanced security measures to protect against cyber-attacks on your macOS endpoints, attackers are constantly evolving their techniques to bypass these measures. In this presentation, we will demonstrate real-world attack scenarios and reveal common vulnerabilities, as well as provide insights on how to exploit them. \"macOS Red Team on Corporate Scenarios\" is the result of years of research and dedicated work in testing macOS environments. Its main objective is to provide a comprehensive view of the security surrounding Apple's operating system, demonstrating how potential vulnerabilities can be exploited. The adopted approach assumes the perspective of an insider attacker or during a Red Team simulation.\n\nThe research will delve into various security features embedded within macOS, such as SIP (System Integrity Protection), TCC (Transparency, Consent, and Control), FileVault, SSV (System Software Version), Gatekeeper, XProtect, and Secure Boot. These components play crucial roles in safeguarding the integrity, privacy, and overall security posture of the macOS operating system.\n\nThe research will also delve into the tactics, techniques, and procedures (TTPs) recommended by the MITRE ATT&CK framework for macOS systems to assist in conducting red team simulations. This exploration aims to provide insights into the methodologies and strategies employed by attackers, enhancing the effectiveness of defensive strategies and improving overall cybersecurity posture in macOS environments.\n\nAt the conclusion of the presentation, we will demonstrate how to perform a bypass of a vulnerability discovered in the macOS Transparency, Consent, and Control (TCC) framework. This vulnerability has been reported to Apple for investigation and mitigation. We will also discuss the process of how Apple has handled the vulnerability disclosure and the steps taken by the company to address the issue.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55302],"conference_id":133,"event_ids":[55692],"name":"Ricardo L0gan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@l0ganbr)","sort_order":0,"url":"https://twitter.com/l0ganbr"}],"media":[],"id":55854}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T20:50:00.000-0000","id":55692,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55854}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Explore the realm of crafting payloads with precision at DEFCON 32 in our session, \"Mastering APT-Style Implants: 101.\" This deep dive experience goes beyond theory, providing practical insights into the development of payloads inspired by Advanced Persistent Threats (APTs).\r\n\r\nAttendees will gain a holistic mindset by comprehending—an objective-based methodology for offensive cyber operations. Gain insights into real-world APT tactics and historical perspectives. \r\n\r\nThis is followed by practical payload development, AI integration, and comprehending industry-relevant tools, from line-by-line code to compiler settings necessary to ensure payload success. These techniques are then wrapped into stealth and operation security concepts with a scenario-based objective targeting a matured environment representative of today's real-world environments.\r\n\r\nAt the end of the deep dive, attendees will have experienced the payload development cycle from the perspective of a nation-state adversary. Comprehend the mindset necessary to operate in today's most mature environments and the practical knowledge to craft their implants.\r\n\n\n\n","media":[],"title":"Building Surgical Implants: A Comprehensive Guide to APT-style Techniques","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T20:50:00Z","end_timestamp":{"seconds":1723323000,"nanoseconds":0},"android_description":"Explore the realm of crafting payloads with precision at DEFCON 32 in our session, \"Mastering APT-Style Implants: 101.\" This deep dive experience goes beyond theory, providing practical insights into the development of payloads inspired by Advanced Persistent Threats (APTs).\r\n\r\nAttendees will gain a holistic mindset by comprehending—an objective-based methodology for offensive cyber operations. Gain insights into real-world APT tactics and historical perspectives. \r\n\r\nThis is followed by practical payload development, AI integration, and comprehending industry-relevant tools, from line-by-line code to compiler settings necessary to ensure payload success. These techniques are then wrapped into stealth and operation security concepts with a scenario-based objective targeting a matured environment representative of today's real-world environments.\r\n\r\nAt the end of the deep dive, attendees will have experienced the payload development cycle from the perspective of a nation-state adversary. Comprehend the mindset necessary to operate in today's most mature environments and the practical knowledge to craft their implants.","updated_timestamp":{"seconds":1721595490,"nanoseconds":0},"speakers":[{"content_ids":[55300,55927],"conference_id":133,"event_ids":[56518,56535,55690,56536],"name":"John Rodriguez","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55853}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T20:58:10Z","links":[],"end":"2024-08-10T20:50:00.000-0000","id":55690,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55853}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-21T20:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"SCCM abuse has become a popular technique in the offensive security community but can be intimidating to test in production environments due to its complexity. This workshop aims to provide operators not only a safe environment to practice tradecraft but also provide them with the confidence to properly find and assess SCCM during their engagements.\n\n\n","media":[],"title":"An Operator's Guide: Hunting SCCM in the Real World","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:50:00Z","end_timestamp":{"seconds":1723326600,"nanoseconds":0},"android_description":"SCCM abuse has become a popular technique in the offensive security community but can be intimidating to test in production environments due to its complexity. This workshop aims to provide operators not only a safe environment to practice tradecraft but also provide them with the confidence to properly find and assess SCCM during their engagements.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[54209,55299],"conference_id":133,"event_ids":[55689,54582],"name":"Garrett Foster","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SpecterOps","title":"Senior Consultant"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@garrfoster)","sort_order":0,"url":"https://twitter.com/garrfoster"}],"media":[],"id":53878,"title":"Senior Consultant at SpecterOps"},{"content_ids":[55299],"conference_id":133,"event_ids":[55689],"name":"Zachary Stein","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@synzack21)","sort_order":0,"url":"https://twitter.com/synzack21"}],"media":[],"id":55855}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T21:50:00.000-0000","id":55689,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":53878},{"tag_id":46167,"sort_order":4,"person_id":55855}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This presentation dives into the critical role of emotional intelligence in navigating microaggressions and fostering inclusive communication dynamics for Black professionals in the cybersecurity field, particularly focusing on interactions with peers and leadership. It explores how developing emotional intelligence skills can equip Black cybersecurity professionals to effectively address and mitigate the impact of microaggressions while promoting respectful and inclusive communication exchanges within the team and with leadership.\n\n\n","media":[],"title":"Navigating Microaggressions and Fostering Inclusive Communication with Peers and Leadership for Black Professionals","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"This presentation dives into the critical role of emotional intelligence in navigating microaggressions and fostering inclusive communication dynamics for Black professionals in the cybersecurity field, particularly focusing on interactions with peers and leadership. It explores how developing emotional intelligence skills can equip Black cybersecurity professionals to effectively address and mitigate the impact of microaggressions while promoting respectful and inclusive communication exchanges within the team and with leadership.","updated_timestamp":{"seconds":1721495326,"nanoseconds":0},"speakers":[{"content_ids":[55201],"conference_id":133,"event_ids":[55591],"name":"Jessica Hoffman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"DCISO & University Professor"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/jessica-hoffman-cissp/"}],"media":[],"id":55791,"title":"DCISO & University Professor"}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T17:08:46Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":55591,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55791}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-20T17:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"What exactly are SIEM and SOAR and why are they so critical to the cyber securitylandscape? In today's session, I want to explore the ins and outs of SIEM and SOAR platforms and how they can be scaled up and down from smaller businesses all the way to multiple billion-dollar firms and their security organizations. I will also be covering how learning and understanding automation and having soft skills in this space can set you apart from the competition and help you land a role faster. Anyone who is interested in the blue side of cybersecurity doesn't want to miss this.\n\n\n","media":[],"title":"Virtual SIEM/SOAR Workshop","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"What exactly are SIEM and SOAR and why are they so critical to the cyber securitylandscape? In today's session, I want to explore the ins and outs of SIEM and SOAR platforms and how they can be scaled up and down from smaller businesses all the way to multiple billion-dollar firms and their security organizations. I will also be covering how learning and understanding automation and having soft skills in this space can set you apart from the competition and help you land a role faster. Anyone who is interested in the blue side of cybersecurity doesn't want to miss this.","updated_timestamp":{"seconds":1721494784,"nanoseconds":0},"speakers":[{"content_ids":[55187],"conference_id":133,"event_ids":[55577],"name":"Kenneth Ellington","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Senior Cybersecurity Consultant"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/kenneth-ellington"},{"description":"","title":"Twitter (@KennethElling31)","sort_order":0,"url":"https://twitter.com/KennethElling31"},{"description":"","title":"Website","sort_order":0,"url":"https://kenneth-ellington.mykajabi.com/"}],"media":[],"id":55787,"title":"Senior Cybersecurity Consultant"}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T16:59:44Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":55577,"tag_ids":[46372,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55787}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-20T16:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Picking locks is fun, but what if you want more? Ever considered competing against other lock enthusiasts? In this talk we'll discuss the exciting lock-related competitions that take place around the world, how to find them, and what it takes to compete and win. \n\n\n","media":[],"title":"Locksport Competitions: Compete in the Olympics of Locks ","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:30:00Z","end_timestamp":{"seconds":1723321800,"nanoseconds":0},"android_description":"Picking locks is fun, but what if you want more? Ever considered competing against other lock enthusiasts? In this talk we'll discuss the exciting lock-related competitions that take place around the world, how to find them, and what it takes to compete and win.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54611],"conference_id":133,"event_ids":[54985],"name":"Matt Burrough","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54276}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T20:30:00.000-0000","id":54985,"tag_ids":[46384,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54276}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As a pilot and cybersecurity researcher, I am very interested of the nexus between aviation and security. To explore this interest, I developed a device called Fly Catcher - a device that detects for aircraft spoofing by monitoring for malicious ADS-B signals in the 1090MHz frequency. The device consists of a 1090 MHz antenna, a Flight Aware RTL SDR, a custom 3D printed case, a portable battery charger, and a MicroUSB cable.\n\nThe device receives ADS-B information from the antenna and the software-defined radio, which is then passed into a Convolutional Neural Network written with Python to detect whether or not the aircraft is spoofed. I trained the neural network on a dataset of valid ADS-B signals as well as a generated spoofed set of aircraft signals, to teach Fly Catcher how to detect and flag any suspicious ADS-B signals. It does this by checking for discrepancies in the signal's characteristics, such as its location, velocity, and identification.\n\nThe result outputted by the neural network is then displayed onto a radar screen allowing users to detect spoofed aircraft near them. To test the device, I brought it with me for an hour-long flight to scan for a wide variety of aircraft enroute. After the flight, the data was fed into the Neural Network to analyze any spoofed aircraft I might have encountered.\n\n\n\n","media":[],"title":"Fly Catcher - How I Developed a Low-Cost Raspberry Pi Based Device for ADS-B Spoof","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:30:00Z","end_timestamp":{"seconds":1723321800,"nanoseconds":0},"android_description":"As a pilot and cybersecurity researcher, I am very interested of the nexus between aviation and security. To explore this interest, I developed a device called Fly Catcher - a device that detects for aircraft spoofing by monitoring for malicious ADS-B signals in the 1090MHz frequency. The device consists of a 1090 MHz antenna, a Flight Aware RTL SDR, a custom 3D printed case, a portable battery charger, and a MicroUSB cable.\n\nThe device receives ADS-B information from the antenna and the software-defined radio, which is then passed into a Convolutional Neural Network written with Python to detect whether or not the aircraft is spoofed. I trained the neural network on a dataset of valid ADS-B signals as well as a generated spoofed set of aircraft signals, to teach Fly Catcher how to detect and flag any suspicious ADS-B signals. It does this by checking for discrepancies in the signal's characteristics, such as its location, velocity, and identification.\n\nThe result outputted by the neural network is then displayed onto a radar screen allowing users to detect spoofed aircraft near them. To test the device, I brought it with me for an hour-long flight to scan for a wide variety of aircraft enroute. After the flight, the data was fed into the Neural Network to analyze any spoofed aircraft I might have encountered.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54610],"conference_id":133,"event_ids":[54984],"name":"Angelina Tsuboi","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54302}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T20:30:00.000-0000","id":54984,"tag_ids":[46366,46419,46438,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54302}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is a live tutorial of hacking against keyboards of all forms. Attacking the keyboard is the ultimate strategy to hijack a session before it is encrypted, capturing plaintext at the source and (often) in much simpler ways than those required to attack network protocols. \n\nIn this session we explore available attack vectors against traditional keyboards, starting with plain old keyloggers. We then advance to \"Van Eck Phreaking\" style attacks against individual keystroke emanations as well as RF wireless connections, and we finally graduate to the new hotness: acoustic attacks by eavesdropping on the sound of you typing! \n\nUse your newfound knowledge for good, with great power comes great responsibility!\n\nA subset of signal leak attacks focusing on keyboards. This talk is compiled with open sources, no classified material will be discussed. \n\n\n\n","media":[],"title":"All Your Keyboards Are Belong to US!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"This is a live tutorial of hacking against keyboards of all forms. Attacking the keyboard is the ultimate strategy to hijack a session before it is encrypted, capturing plaintext at the source and (often) in much simpler ways than those required to attack network protocols. \n\nIn this session we explore available attack vectors against traditional keyboards, starting with plain old keyloggers. We then advance to \"Van Eck Phreaking\" style attacks against individual keystroke emanations as well as RF wireless connections, and we finally graduate to the new hotness: acoustic attacks by eavesdropping on the sound of you typing! \n\nUse your newfound knowledge for good, with great power comes great responsibility!\n\nA subset of signal leak attacks focusing on keyboards. This talk is compiled with open sources, no classified material will be discussed.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54609],"conference_id":133,"event_ids":[54983],"name":"Federico Lucifredi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"IBM and Red Hat","title":"Product Management Director, Ceph Storage"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@0xF2)","sort_order":0,"url":"https://twitter.com/0xF2"}],"media":[],"id":54296,"title":"Product Management Director, Ceph Storage at IBM and Red Hat"}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":54983,"tag_ids":[46169,46381,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54296}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As DevOps and developers are slowly shifting away from storing long-lived static credentials to the more secure, still kinda-new, OIDC alternative - the underlying logic, mechanisms and implementations tend to feel like complicated magic and are mostly overlooked.\r\n\r\nIn this talk, we'll begin by recapping what OIDC is, who are the interacting entities when OIDC is used, and how OIDC is taking place to securely access one's cloud using CI/CD flows.\r\n\r\nOnce covered, we will be able to alternate our point-of-view between the entities in play and demonstrate potential vulnerabilities in various setups.\r\n\r\nStarting with the user PoV, we will show what \"under-configurations\" look like, and continue by demonstrating how new OIDC configuration options can actually be misconfigurations that can result with a compromise.\r\n\r\nWe will then see another attack vector where leaking an OIDC token from a single repository in an organization can allow an attacker to abuse under-configurations and access private clouds.\r\n\r\nAfter that, we will shift our PoV to be of the Identity Provider (IdP) so that we can look into what happens if an IdP is misconfigured, and disclose a real-world security vulnerability found in one of the most popular CI vendors that allowed us to access any of their customers' cloud environments.\r\n\r\nI'll refer to this talk by the Tinder Security team [link](https://www.youtube.com/watch?v=pTKS99Nfaxw&t=747s) where they show how they could \"claim\" in the name of other identities due to under-configured WIFs.\r\n\n\n\n","media":[],"title":"OH-MY-DC: Abusing OIDC all the way to your cloud","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"As DevOps and developers are slowly shifting away from storing long-lived static credentials to the more secure, still kinda-new, OIDC alternative - the underlying logic, mechanisms and implementations tend to feel like complicated magic and are mostly overlooked.\r\n\r\nIn this talk, we'll begin by recapping what OIDC is, who are the interacting entities when OIDC is used, and how OIDC is taking place to securely access one's cloud using CI/CD flows.\r\n\r\nOnce covered, we will be able to alternate our point-of-view between the entities in play and demonstrate potential vulnerabilities in various setups.\r\n\r\nStarting with the user PoV, we will show what \"under-configurations\" look like, and continue by demonstrating how new OIDC configuration options can actually be misconfigurations that can result with a compromise.\r\n\r\nWe will then see another attack vector where leaking an OIDC token from a single repository in an organization can allow an attacker to abuse under-configurations and access private clouds.\r\n\r\nAfter that, we will shift our PoV to be of the Identity Provider (IdP) so that we can look into what happens if an IdP is misconfigured, and disclose a real-world security vulnerability found in one of the most popular CI vendors that allowed us to access any of their customers' cloud environments.\r\n\r\nI'll refer to this talk by the Tinder Security team [link](https://www.youtube.com/watch?v=pTKS99Nfaxw&t=747s) where they show how they could \"claim\" in the name of other identities due to under-configured WIFs.","updated_timestamp":{"seconds":1720463327,"nanoseconds":0},"speakers":[{"content_ids":[54494],"conference_id":133,"event_ids":[54867],"name":"Aviad Hahami","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Palo Alto Networks","title":""}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@_0xffd)","sort_order":0,"url":"https://twitter.com/_0xffd"}],"media":[],"id":54161,"title":"Palo Alto Networks"}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:28:47Z","links":[],"end":"2024-08-10T20:45:00.000-0000","id":54867,"tag_ids":[46166,46169,46419,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54161}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-08T18:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In 2018, a secure communications app called Anom started to gain popularity among organized criminals. Soon, top tier drug traffickers were using it all over the world. Because they thought their messages were secure, smugglers and hitmen coordinated high stakes crimes across the platform. But Anom had a secret: it was secretly run by the FBI.\r\n\r\nFor years Joseph Cox has investigated the inside story of Anom, speaking to people who coded the app, those who sold it, criminals who chatted across it, and the FBI agents who surreptitiously managed it. This new talk, building on details from his recent book DARK WIRE, will include never-before-published technical details on how the Anom network functioned, how the backdoor itself worked, and how Anom grew to such a size that the FBI started to lose control of its own creation. \r\n\r\nIt will also reflect on how police have entered a new phase of compromising entire encrypted phone networks, with little to no debate from the public, and provide critical insight on what really happens when authorities introduce a backdoor into a telecommunications product.\r\n\r\nDARK WIRE: The Incredible True Story of the Largest Sting Operation Ever, June 4th, 2024: [link](https://www.hachettebookgroup.com/titles/joseph-cox/dark-wire/9781541702691/?lens=publicaffairs)\n\n\n","media":[],"title":"Inside the FBI’s Secret Encrypted Phone Company ‘Anom’","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"In 2018, a secure communications app called Anom started to gain popularity among organized criminals. Soon, top tier drug traffickers were using it all over the world. Because they thought their messages were secure, smugglers and hitmen coordinated high stakes crimes across the platform. But Anom had a secret: it was secretly run by the FBI.\r\n\r\nFor years Joseph Cox has investigated the inside story of Anom, speaking to people who coded the app, those who sold it, criminals who chatted across it, and the FBI agents who surreptitiously managed it. This new talk, building on details from his recent book DARK WIRE, will include never-before-published technical details on how the Anom network functioned, how the backdoor itself worked, and how Anom grew to such a size that the FBI started to lose control of its own creation. \r\n\r\nIt will also reflect on how police have entered a new phase of compromising entire encrypted phone networks, with little to no debate from the public, and provide critical insight on what really happens when authorities introduce a backdoor into a telecommunications product.\r\n\r\nDARK WIRE: The Incredible True Story of the Largest Sting Operation Ever, June 4th, 2024: [link](https://www.hachettebookgroup.com/titles/joseph-cox/dark-wire/9781541702691/?lens=publicaffairs)","updated_timestamp":{"seconds":1720463339,"nanoseconds":0},"speakers":[{"content_ids":[54493,56001],"conference_id":133,"event_ids":[56623,54866],"name":"Joseph Cox","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Investigative Journalist"},{"organization":"404 Media","title":"Co-Founder"}],"pronouns":"he/him","links":[{"description":"","title":"Bsky","sort_order":0,"url":"https://bsky.app/profile/josephcox.bsky.social"},{"description":"","title":"Mastodon (@josephcox@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@josephcox"},{"description":"","title":"Twitter (@josephfcox)","sort_order":0,"url":"https://twitter.com/josephfcox"}],"media":[],"id":54153,"title":"Co-Founder at 404 Media"}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:28:59Z","links":[],"end":"2024-08-10T20:45:00.000-0000","id":54866,"tag_ids":[46166,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54153}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-08T18:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The world increasingly appreciates how much we rely on space systems for our personal, economic, and national security needs. However, the nation-state cyber threat to government and commercial systems continues to grow at a time when the current landscape of cybersecurity policies and frameworks aren’t readily applicable for space systems.\r\n\r\nIn this fireside chat, ONCD will have the opportunity to introduce our 2nd National Cyber Director to the research community and discuss some of his priorities, such as space cybersecurity. We will discuss how the White House has been working to tackle hard problems and challenges. In the instance of space cybersecurity, ONCD has been collaborating with federal space operators and the space industry to develop policy solutions, including by answering a tasking from the Vice President to develop minimum cybersecurity requirements for U.S. space systems. \n\n\n","media":[],"title":"Fireside Chat with Jay Healey and National Cyber Director Harry Coker, Jr.","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"The world increasingly appreciates how much we rely on space systems for our personal, economic, and national security needs. However, the nation-state cyber threat to government and commercial systems continues to grow at a time when the current landscape of cybersecurity policies and frameworks aren’t readily applicable for space systems.\r\n\r\nIn this fireside chat, ONCD will have the opportunity to introduce our 2nd National Cyber Director to the research community and discuss some of his priorities, such as space cybersecurity. We will discuss how the White House has been working to tackle hard problems and challenges. In the instance of space cybersecurity, ONCD has been collaborating with federal space operators and the space industry to develop policy solutions, including by answering a tasking from the Vice President to develop minimum cybersecurity requirements for U.S. space systems.","updated_timestamp":{"seconds":1721261756,"nanoseconds":0},"speakers":[{"content_ids":[54492],"conference_id":133,"event_ids":[54865],"name":"Harry Coker, Jr.","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"White House Office of the National Cyber Director (ONCD)","title":"National Cyber Director"}],"links":[],"pronouns":null,"media":[],"id":54113,"title":"National Cyber Director at White House Office of the National Cyber Director (ONCD)"},{"content_ids":[54492],"conference_id":133,"event_ids":[54865],"name":"Jay Healey","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54674}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-18T00:15:56Z","links":[],"end":"2024-08-10T20:45:00.000-0000","id":54865,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54113},{"tag_id":46167,"sort_order":4,"person_id":54674}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-18T00:15:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Get ready to strut your stuff, hackers! We're thrilled to announce the 6th annual Hack3r Runw@y returning to DEF CON 32, bigger and bolder than ever.\r\n\r\nCalling all glamorous geeks, crafty coders, and fashionably functional folks: Dust off your soldering irons, grab your needles and threads, and unleash your creativity! Hack3r Runw@y challenges you to reimagine fashion through the lens of hacking.\r\n\r\nShow us your wearable tech wonders in the following 4 categories for a chance to win in each category plus one coveted People’s Choice trophy where ANYONE can win, but there will be a twist. Did you see this year's theme (hint).\r\n\r\nSmart wear that wows: Integrate LEDs, microcontrollers, and sensors into your designs for dazzling functionality.\r\n\r\nDigital design that dazzles: light it up with LEDs, bling with lights, but keep it passive.\r\n\r\nFunctional Fashion: masks and shields, hazmat suit, lockpick earrings, and cufflink shims.\r\n\r\nExtraordinary style: Elevate your daily wardrobe with unique fabrics, passive design, 3d textures, optical illusions, cosplay, and security-inspired patterns.\r\n\r\nNo matter your skill level, Hack3r Runw@y has a place for you! Whether you're a seasoned maker or a coding newbie, join us in celebrating the convergence of creativity, technology, and style.\r\n\r\nWinners selected by judges selection based on:\r\n\r\nUniqueness\r\nTrendy\r\nPractical\r\nCouture\r\nCreativity\r\nRelevance\r\nOriginality\r\nPresentation\r\nMastery\n\n\n","media":[{"hash_sha256":"90908ba4a7bf0e11167114397d24e522453fd0810cbee9c9c6e675120cd23e6c","filetype":"image/png","hash_md5":"24d77c529e00d7a297152d4f47229091","name":"ct_hack3rrunway2024-fin.png","is_logo":"Y","hash_crc32c":"04c8e95e","filesize":223387,"asset_id":708,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hack3rrunway2024-fin.png"}],"title":"Hack3r Runw@y","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Get ready to strut your stuff, hackers! We're thrilled to announce the 6th annual Hack3r Runw@y returning to DEF CON 32, bigger and bolder than ever.\r\n\r\nCalling all glamorous geeks, crafty coders, and fashionably functional folks: Dust off your soldering irons, grab your needles and threads, and unleash your creativity! Hack3r Runw@y challenges you to reimagine fashion through the lens of hacking.\r\n\r\nShow us your wearable tech wonders in the following 4 categories for a chance to win in each category plus one coveted People’s Choice trophy where ANYONE can win, but there will be a twist. Did you see this year's theme (hint).\r\n\r\nSmart wear that wows: Integrate LEDs, microcontrollers, and sensors into your designs for dazzling functionality.\r\n\r\nDigital design that dazzles: light it up with LEDs, bling with lights, but keep it passive.\r\n\r\nFunctional Fashion: masks and shields, hazmat suit, lockpick earrings, and cufflink shims.\r\n\r\nExtraordinary style: Elevate your daily wardrobe with unique fabrics, passive design, 3d textures, optical illusions, cosplay, and security-inspired patterns.\r\n\r\nNo matter your skill level, Hack3r Runw@y has a place for you! Whether you're a seasoned maker or a coding newbie, join us in celebrating the convergence of creativity, technology, and style.\r\n\r\nWinners selected by judges selection based on:\r\n\r\nUniqueness\r\nTrendy\r\nPractical\r\nCouture\r\nCreativity\r\nRelevance\r\nOriginality\r\nPresentation\r\nMastery","updated_timestamp":{"seconds":1719554693,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T06:04:53Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249352"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249353"},{"label":"More Info","type":"link","url":"https://hack3rrunway.github.io/"}],"end":"2024-08-10T22:00:00.000-0000","id":54612,"tag_ids":[46427,46439,46493],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46334,"name":"LVCC - L1 - North Lobby Contests/ACK Stage","hotel":"","short_name":"North Lobby Contests/ACK Stage","id":46332},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-06-28T06:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"During this presentation, we will address the critical importance of permission management in Cloud Native integrations and how an inadequate permissions model can create significant advantages for attackers. We will demonstrate how an attacker can exploit standard permissions to achieve privilege escalation, explain what Choke Points are, and illustrate Attack Paths in practice, showing how an attacker can progress towards success in their objectives. As the ultimate goal of this talk, we will present practical actions to enhance the security of your environment in this context and mitigate these threats.\n\n\n","media":[],"title":"Revealing Choke Points: Practical Tactics for Boosting Cloud Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:10:00Z","end_timestamp":{"seconds":1723320600,"nanoseconds":0},"android_description":"During this presentation, we will address the critical importance of permission management in Cloud Native integrations and how an inadequate permissions model can create significant advantages for attackers. We will demonstrate how an attacker can exploit standard permissions to achieve privilege escalation, explain what Choke Points are, and illustrate Attack Paths in practice, showing how an attacker can progress towards success in their objectives. As the ultimate goal of this talk, we will present practical actions to enhance the security of your environment in this context and mitigate these threats.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55303,55493,55964],"conference_id":133,"event_ids":[56580,55693,55922],"name":"Filipi Pires","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"senhasegura","title":"Security and Threat Researcher and Cybersecurity Advocate"},{"organization":"Black&White Technology","title":"Founder"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/filipipires/"},{"description":"","title":"Twitter (@FilipiPires)","sort_order":0,"url":"https://twitter.com/FilipiPires"},{"description":"","title":"Website","sort_order":0,"url":"https://filipipires.com"}],"media":[],"id":55857,"title":"Founder at Black&White Technology"}],"begin_tsz":"2024-08-10T19:40:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-10T20:10:00.000-0000","id":55922,"tag_ids":[46169,46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723318800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":55857}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-10T19:40:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Curious about mobile phone privacy? Come on over for this workshop with lots of direct Q&A!\n\n\n","media":[],"title":"Basic Mobile Phone Privacy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Curious about mobile phone privacy? Come on over for this workshop with lots of direct Q&A!","updated_timestamp":{"seconds":1723249495,"nanoseconds":0},"speakers":[{"content_ids":[54553,56218],"conference_id":133,"event_ids":[56872,56878,54928],"name":"Grey Fox","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54320}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-10T00:24:55Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":56878,"tag_ids":[46377,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54320}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-08-10T00:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Internet bandwidth, or transit, the thing that people pay for when they “connect to the Internet,” is largely transnational, and is balanced by substantial transborder flows of capital. As the Internet becomes our primary mode of communication, the international financial impact of trade in Internet bandwidth itself becomes a substantial risk for net-consumer countries like India and the United Arab Emirates, and a substantial opportunity for net-exporter countries like the Netherlands and Brazil. Governments are beginning to recognize these risks and opportunities, and seeking to manage them in an informed and deliberate way, which requires instrumentation of flows of bandwidth which haven’t existed ubiquitously since prior to the 1992 privatization of the Internet and dissolution of the centralized Internet backbone. This talk looks at the mechanisms and efforts underway in intergovernmental treaty organizations to coordinate harmonized and repeatable technical mechanisms of bandwidth measurement.\n\n\n","media":[],"title":"Measuring the international balance of trade in Internet bandwidth: introducing Netflow to Ministries of Finance","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:50:00Z","end_timestamp":{"seconds":1723319400,"nanoseconds":0},"android_description":"Internet bandwidth, or transit, the thing that people pay for when they “connect to the Internet,” is largely transnational, and is balanced by substantial transborder flows of capital. As the Internet becomes our primary mode of communication, the international financial impact of trade in Internet bandwidth itself becomes a substantial risk for net-consumer countries like India and the United Arab Emirates, and a substantial opportunity for net-exporter countries like the Netherlands and Brazil. Governments are beginning to recognize these risks and opportunities, and seeking to manage them in an informed and deliberate way, which requires instrumentation of flows of bandwidth which haven’t existed ubiquitously since prior to the 1992 privatization of the Internet and dissolution of the centralized Internet backbone. This talk looks at the mechanisms and efforts underway in intergovernmental treaty organizations to coordinate harmonized and repeatable technical mechanisms of bandwidth measurement.","updated_timestamp":{"seconds":1723168846,"nanoseconds":0},"speakers":[{"content_ids":[54453,56178,55917],"conference_id":133,"event_ids":[56832,54826,56508],"name":"Bill Woodcock","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Packet Clearing House","title":"Executive Director"}],"links":[],"pronouns":null,"media":[],"id":54077,"title":"Executive Director at Packet Clearing House"}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T02:00:46Z","links":[],"end":"2024-08-10T19:50:00.000-0000","id":56832,"tag_ids":[46388,46419,46511],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54077}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-08-09T02:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this 50-minute session, we will explore the critical role of Global Navigation Satellite Systems (GNSS) and the escalating cyber threats they face. GNSS technologies such as GPS, GLONASS, Galileo, and BeiDou are indispensable for providing precise positioning, navigation, and timing services across various sectors. However, these systems are increasingly vulnerable to cyber attacks. Join us to uncover disruptive techniques that threaten essential services in transportation, utilities, public safety, and finance. Don't miss the fascinating real-life case studies we'll discuss, highlighting strategies to defend against these threats.\n\n\n","media":[],"title":"Threats in Space: The Dangerous Rise of GNSS Attacks","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:30:00Z","end_timestamp":{"seconds":1723321800,"nanoseconds":0},"android_description":"In this 50-minute session, we will explore the critical role of Global Navigation Satellite Systems (GNSS) and the escalating cyber threats they face. GNSS technologies such as GPS, GLONASS, Galileo, and BeiDou are indispensable for providing precise positioning, navigation, and timing services across various sectors. However, these systems are increasingly vulnerable to cyber attacks. Join us to uncover disruptive techniques that threaten essential services in transportation, utilities, public safety, and finance. Don't miss the fascinating real-life case studies we'll discuss, highlighting strategies to defend against these threats.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55960,55970],"conference_id":133,"event_ids":[56576,56586],"name":"Isabel Manjarrez","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Threat Researcher (GReAT)"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@IsMR0a)","sort_order":0,"url":"https://x.com/IsMR0a"}],"media":[],"id":56306,"title":"Threat Researcher (GReAT)"}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-10T20:30:00.000-0000","id":56586,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56306}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The goals of this presentation is to get the participants comfortable with breaking down CTI,\r\nmapping those insights to MITRE, and creating a campaign that will bring value to their work.\r\nEverything is completely focused on post-exploitation TTPs, and their importance. We will not\r\nreview how to integrate IoCs into the mapping of threats. Participants will walk away with a full\r\nexample of the process, resources to explore later, and examples for thinking critically about\r\ntest cases.\r\n\r\nThere is a strong purple style emphasis here, to help bridge knowledge gaps, and show the\r\nimportance for defensive engineers to validate their security controls. This will not bring insight\r\ninto utilizing the results for remediations, threat hunting, or any other engineering strategy.\r\n\r\nEverything in this presentation is free or open-source. Any mentions of vendors (for CTI content) is solely for the purpose of using a research paper resource that is free to the public, and are not meant to advertise.\r\n\r\nWith an interactive session, participants will learn how: (not in this particular order)\r\n* To choose a threat/actor who is relevant to their organization\r\n* I will have a premade scenario and example ready for participants to follow along\r\n* Setting High-Level Goals for their campaign\r\n* Map their threat/actor to MITRE ATT&CK\r\n** Overview of ATT&CK\r\n\r\n* Simulation Vs Emulation\r\n** how this impacts choosing content\r\n** Combining multiple threats to create a campaign\r\n\r\n* The Power of CTI: Explore completely free CTI resources\r\n** will cover at least 4\r\n** explore already published campaign content\r\n** Interactive Questions & Answers: Making content choices\r\n*** Ex: Is X or Y a better test case for this situation?\r\n** Create multiple layers in ATT&CK navigator, to build their campaign\r\n** Add in open-source content, such as Atomic-Red-Team\r\n*** Quick Demo & interactive: how to find the right Atomic Content\r\n\r\n* Finalizing the Campaign\r\n* Overview of manual options and using open-source tools for executing campaigns\r\n\r\nOther High-level topics that will be presented: (not in this particular order)\r\n* Why create your own content if there is none available\r\n** Your org is in the beginning stages of adopting this strategy, and you want to find\r\na good place to start\r\n** Demonstrate Value (KPIs)\r\n** Budget: org cant onboard BAS/Simulator tools\r\n** You have a BAS but the content isn't there for a specific threat OR its not\r\ncomprehensive enough\r\n* Why focus on a threat actor's TTPs\r\n** Remediations are focused on the type of attack, not a specific indicator\r\n* Adopting Threats for your organization\r\n** Following a framework inspired by MITRE\r\n** Accepting specific threats/actors as likely to target\r\n* Avoiding Technical Bias when choosing test cases\r\n** particularly challenging for engineers who create detections, or work with EDR\r\nsolutions.\r\n\r\n* Make zero assumptions of whether or not a test case will get stopped/logged\r\n** Most important to choose the most aligned content to your threat/actor's TTPs\r\n* Convincing Benefits\r\n** Detection Validation Strategies: High Level Overview(SIEM, EDR, DLP, ect)\r\n** SOC/IR gets to see examples of a full attack chain for specific threat\r\n** Detection engineering gets to understand logging/EDR/tool gaps\r\n** Threat Hunting benefits from both of these insights\r\n* List of Free Resources to dive more into these topics\n\n\nPremise:\r\n* Organizations are becoming increasingly aware of the importance of understanding the\r\nTTPs of the threats/actors most likely to target them.\r\n* Many organizations cannot afford outside consultants, or the ability to maintain a\r\ndedicated internal offensive team. Or they want this style of testing, but don't know how\r\nto get started, or show leadership the value.\r\n* This talk is for any engineer or team leader who wants to bring Adversarial\r\nEmulation/Simulation to their organization to understand how they compare against an\r\nattack from a likely threat. It is also valuable for consultants who want to provide this\r\nservice to their clients.\r\n* If someone is new to offensive techniques, this will be a way for them to think about how this strategy applies to their role, and embrace it as a defensive strategy.\r\n\r\nThe goals of this presentation is to get the participants comfortable with breaking down CTI,\r\nmapping those insights to MITRE, and creating a campaign that will bring value to their work.\r\nEverything is completely focused on post-exploitation TTPs, and their importance. We will not\r\nreview how to integrate IoCs into the mapping of threats. Participants will walk away with a full\r\nexample of the process, resources to explore later, and examples for thinking critically about\r\ntest cases.","media":[],"title":"From CTI to Creating Campaigns","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:30:00Z","end_timestamp":{"seconds":1723321800,"nanoseconds":0},"android_description":"The goals of this presentation is to get the participants comfortable with breaking down CTI,\r\nmapping those insights to MITRE, and creating a campaign that will bring value to their work.\r\nEverything is completely focused on post-exploitation TTPs, and their importance. We will not\r\nreview how to integrate IoCs into the mapping of threats. Participants will walk away with a full\r\nexample of the process, resources to explore later, and examples for thinking critically about\r\ntest cases.\r\n\r\nThere is a strong purple style emphasis here, to help bridge knowledge gaps, and show the\r\nimportance for defensive engineers to validate their security controls. This will not bring insight\r\ninto utilizing the results for remediations, threat hunting, or any other engineering strategy.\r\n\r\nEverything in this presentation is free or open-source. Any mentions of vendors (for CTI content) is solely for the purpose of using a research paper resource that is free to the public, and are not meant to advertise.\r\n\r\nWith an interactive session, participants will learn how: (not in this particular order)\r\n* To choose a threat/actor who is relevant to their organization\r\n* I will have a premade scenario and example ready for participants to follow along\r\n* Setting High-Level Goals for their campaign\r\n* Map their threat/actor to MITRE ATT&CK\r\n** Overview of ATT&CK\r\n\r\n* Simulation Vs Emulation\r\n** how this impacts choosing content\r\n** Combining multiple threats to create a campaign\r\n\r\n* The Power of CTI: Explore completely free CTI resources\r\n** will cover at least 4\r\n** explore already published campaign content\r\n** Interactive Questions & Answers: Making content choices\r\n*** Ex: Is X or Y a better test case for this situation?\r\n** Create multiple layers in ATT&CK navigator, to build their campaign\r\n** Add in open-source content, such as Atomic-Red-Team\r\n*** Quick Demo & interactive: how to find the right Atomic Content\r\n\r\n* Finalizing the Campaign\r\n* Overview of manual options and using open-source tools for executing campaigns\r\n\r\nOther High-level topics that will be presented: (not in this particular order)\r\n* Why create your own content if there is none available\r\n** Your org is in the beginning stages of adopting this strategy, and you want to find\r\na good place to start\r\n** Demonstrate Value (KPIs)\r\n** Budget: org cant onboard BAS/Simulator tools\r\n** You have a BAS but the content isn't there for a specific threat OR its not\r\ncomprehensive enough\r\n* Why focus on a threat actor's TTPs\r\n** Remediations are focused on the type of attack, not a specific indicator\r\n* Adopting Threats for your organization\r\n** Following a framework inspired by MITRE\r\n** Accepting specific threats/actors as likely to target\r\n* Avoiding Technical Bias when choosing test cases\r\n** particularly challenging for engineers who create detections, or work with EDR\r\nsolutions.\r\n\r\n* Make zero assumptions of whether or not a test case will get stopped/logged\r\n** Most important to choose the most aligned content to your threat/actor's TTPs\r\n* Convincing Benefits\r\n** Detection Validation Strategies: High Level Overview(SIEM, EDR, DLP, ect)\r\n** SOC/IR gets to see examples of a full attack chain for specific threat\r\n** Detection engineering gets to understand logging/EDR/tool gaps\r\n** Threat Hunting benefits from both of these insights\r\n* List of Free Resources to dive more into these topics\n\n\nPremise:\r\n* Organizations are becoming increasingly aware of the importance of understanding the\r\nTTPs of the threats/actors most likely to target them.\r\n* Many organizations cannot afford outside consultants, or the ability to maintain a\r\ndedicated internal offensive team. Or they want this style of testing, but don't know how\r\nto get started, or show leadership the value.\r\n* This talk is for any engineer or team leader who wants to bring Adversarial\r\nEmulation/Simulation to their organization to understand how they compare against an\r\nattack from a likely threat. It is also valuable for consultants who want to provide this\r\nservice to their clients.\r\n* If someone is new to offensive techniques, this will be a way for them to think about how this strategy applies to their role, and embrace it as a defensive strategy.\r\n\r\nThe goals of this presentation is to get the participants comfortable with breaking down CTI,\r\nmapping those insights to MITRE, and creating a campaign that will bring value to their work.\r\nEverything is completely focused on post-exploitation TTPs, and their importance. We will not\r\nreview how to integrate IoCs into the mapping of threats. Participants will walk away with a full\r\nexample of the process, resources to explore later, and examples for thinking critically about\r\ntest cases.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55758],"conference_id":133,"event_ids":[56283],"name":"Noah Lazzaro","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56170}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-10T20:30:00.000-0000","id":56283,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56170}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This workshop offers a hands-on introduction to developing Osquery extensions for Linux and macOS, aimed at beginners seeking to enhance endpoint security visibility. Through guided instruction, participants will explore Osquery extension architecture, the Thrift API, SQL-based querying, and module integration. Real-world examples and best practices will be emphasized, providing attendees with the skills to create custom extensions tailored to organizational security needs. By the end of the session, participants will have the confidence to leverage Osquery effectively in bolstering endpoint security defenses. Python will be used during the workshop. Basic knowledge of python will be sufficient to follow workshop.\r\n\r\nOutline:\r\n\r\n- Introduction to Osquery and its role in endpoint security\r\n- Overview of Osquery extension architecture\r\n- First extension \r\n- Understanding the basics of Osquery Thrift API \r\n- Real-world examples and use cases\r\n- Hands-on exercises and practical application\r\n- Q&A and interactive discussion\n\n\nJoin us for a comprehensive introduction to developing Osquery extensions tailored for Linux and macOS environments. This hands-on training session, designed for beginners, will demystify the process of extending Osquery functionalities, empowering attendees to bolster their endpoint security strategies. Throughout the workshop, participants will learn the fundamentals of Osquery extension development, gain practical insights through real-world examples, and discover how to leverage Osquery's capabilities to enhance visibility into their endpoint ecosystems. By the end of this session, attendees will have the confidence and knowledge to create custom Osquery extensions, effectively enriching their organization's security posture.","media":[],"title":"Introduction to Creating Osquery Extensions: Enhancing Endpoint Security Visibility","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T20:30:00Z","end_timestamp":{"seconds":1723321800,"nanoseconds":0},"android_description":"This workshop offers a hands-on introduction to developing Osquery extensions for Linux and macOS, aimed at beginners seeking to enhance endpoint security visibility. Through guided instruction, participants will explore Osquery extension architecture, the Thrift API, SQL-based querying, and module integration. Real-world examples and best practices will be emphasized, providing attendees with the skills to create custom extensions tailored to organizational security needs. By the end of the session, participants will have the confidence to leverage Osquery effectively in bolstering endpoint security defenses. Python will be used during the workshop. Basic knowledge of python will be sufficient to follow workshop.\r\n\r\nOutline:\r\n\r\n- Introduction to Osquery and its role in endpoint security\r\n- Overview of Osquery extension architecture\r\n- First extension \r\n- Understanding the basics of Osquery Thrift API \r\n- Real-world examples and use cases\r\n- Hands-on exercises and practical application\r\n- Q&A and interactive discussion\n\n\nJoin us for a comprehensive introduction to developing Osquery extensions tailored for Linux and macOS environments. This hands-on training session, designed for beginners, will demystify the process of extending Osquery functionalities, empowering attendees to bolster their endpoint security strategies. Throughout the workshop, participants will learn the fundamentals of Osquery extension development, gain practical insights through real-world examples, and discover how to leverage Osquery's capabilities to enhance visibility into their endpoint ecosystems. By the end of this session, attendees will have the confidence and knowledge to create custom Osquery extensions, effectively enriching their organization's security posture.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55746],"conference_id":133,"event_ids":[56270],"name":"Kivanc Aydin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56149}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-10T20:30:00.000-0000","id":56270,"tag_ids":[46373,46734],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56149}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W309 (BTV Track 2 Workshops)","hotel":"","short_name":"W309 (BTV Track 2 Workshops)","id":46473},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Earlier this year, I traveled with 2 full suitcases and shipped a 30lbs box to a conference, just to bring along a few readers, a few EACS and mini-doors for a small RFID village. I wanted to make that easier, so this talk will run through the process of planning, designing, and building a better solution, and hopefully make it easier for others to do the same.\n\n\n","media":[],"title":"DoorSim - making my conference travel easier","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:55:00Z","end_timestamp":{"seconds":1723319700,"nanoseconds":0},"android_description":"Earlier this year, I traveled with 2 full suitcases and shipped a 30lbs box to a conference, just to bring along a few readers, a few EACS and mini-doors for a small RFID village. I wanted to make that easier, so this talk will run through the process of planning, designing, and building a better solution, and hopefully make it easier for others to do the same.","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55455],"conference_id":133,"event_ids":[55880],"name":"evildaemond (Adam Foster)","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@evildaemond)","sort_order":0,"url":"https://twitter.com/evildaemond"}],"media":[],"id":55994}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-10T19:55:00.000-0000","id":55880,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55994}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Time to mingle! Discover who can tell the best dad jokes. We're taking a quick break - be back soon!\n\n\n","media":[],"title":"SECV - Break / Networking","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Time to mingle! Discover who can tell the best dad jokes. We're taking a quick break - be back soon!","updated_timestamp":{"seconds":1722102841,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T17:54:01Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":55832,"tag_ids":[46393,46641],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-07-27T17:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is a hands-on workshop with a lab that will help students and attendees learn some of the common and interesting ways to takeover accounts or escalate access while looking for vulnerabilities in a web app. These labs are all based on valid and have been awarded bounties by multiple large organizations such as Amazon, Zoom, PayPal, Yahoo, and more!\r\n\r\nPre-Prerequisites\r\n- Basic understanding of web application hacking\r\n- Knowledge of Web Proxies\r\n- Working laptop\r\n- Working WiFi (Will not be doable without access to a working WiFi)\r\n- Caido (BurpSuite or similar works too!)\n\n\n","media":[],"title":"A Bug Hunter's Guide to Account Takeover","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"This is a hands-on workshop with a lab that will help students and attendees learn some of the common and interesting ways to takeover accounts or escalate access while looking for vulnerabilities in a web app. These labs are all based on valid and have been awarded bounties by multiple large organizations such as Amazon, Zoom, PayPal, Yahoo, and more!\r\n\r\nPre-Prerequisites\r\n- Basic understanding of web application hacking\r\n- Knowledge of Web Proxies\r\n- Working laptop\r\n- Working WiFi (Will not be doable without access to a working WiFi)\r\n- Caido (BurpSuite or similar works too!)","updated_timestamp":{"seconds":1721438395,"nanoseconds":0},"speakers":[{"content_ids":[55175,55181,55265],"conference_id":133,"event_ids":[55563,55569,55655],"name":"Ben \"NahamSec\" Sadeghipour","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Hacking Hub","title":""}],"pronouns":null,"links":[{"description":"","title":"Twitter (@nahamsec)","sort_order":0,"url":"https://twitter.com/nahamsec"}],"media":[],"id":54808,"title":"Hacking Hub"}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T01:19:55Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#a-bug-hunters-guide-to-account-takeover"}],"end":"2024-08-10T21:00:00.000-0000","id":55569,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54808}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-07-20T01:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Clean Energy technology, while essential for the energy transition, often utilizes components sourced from adversarial countries, potentially increasing cyber vulnerabilities, especially in systems managed by smaller utilities with limited cybersecurity expertise. The previous approaches of 'rip and replace' to eliminate foreign components have proved inadequate and if applied to clean energy, may be economically and technically destabilizing.\r\n\r\nThis policy session will also delve into the broader implications of a digitalized supply chain, where simplistic views of cybersecurity do not suffice. Instead, a nuanced understanding of the operational and physical realities of energy systems is essential. By discussing how to balance immediate economic pressures against long-term sustainability and security, the session aims to foster a more informed and effective policy discourse.\r\n\r\nIn summary, as the energy sector evolves to include diverse infrastructure systems—ranging from hospitals to military installations—the need for a robust, informed, and agile policy approach to cybersecurity becomes increasingly critical. This session will provide a platform for critical discourse to ensure that the transition to renewable energy is both secure and sustainable, aligning climate goals with national security imperatives\n\n\n","media":[],"title":"Pick Your Poison: Navigating a secure clean energy transition","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:15:00Z","end_timestamp":{"seconds":1723320900,"nanoseconds":0},"android_description":"Clean Energy technology, while essential for the energy transition, often utilizes components sourced from adversarial countries, potentially increasing cyber vulnerabilities, especially in systems managed by smaller utilities with limited cybersecurity expertise. The previous approaches of 'rip and replace' to eliminate foreign components have proved inadequate and if applied to clean energy, may be economically and technically destabilizing.\r\n\r\nThis policy session will also delve into the broader implications of a digitalized supply chain, where simplistic views of cybersecurity do not suffice. Instead, a nuanced understanding of the operational and physical realities of energy systems is essential. By discussing how to balance immediate economic pressures against long-term sustainability and security, the session aims to foster a more informed and effective policy discourse.\r\n\r\nIn summary, as the energy sector evolves to include diverse infrastructure systems—ranging from hospitals to military installations—the need for a robust, informed, and agile policy approach to cybersecurity becomes increasingly critical. This session will provide a platform for critical discourse to ensure that the transition to renewable energy is both secure and sustainable, aligning climate goals with national security imperatives","updated_timestamp":{"seconds":1720396877,"nanoseconds":0},"speakers":[{"content_ids":[54608],"conference_id":133,"event_ids":[54982],"name":"Emma Stewart","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Center for Securing the Digital Energy Transition","title":"Director"},{"organization":"Idaho National Labs","title":"Chief Power Grid Scientist"}],"links":[],"pronouns":null,"media":[],"id":54334,"title":"Chief Power Grid Scientist at Idaho National Labs"}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T00:01:17Z","links":[],"end":"2024-08-10T20:15:00.000-0000","id":54982,"tag_ids":[46388,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54334}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-07-08T00:01:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Manufacturing continues to be a top targeted sector by cyber threat actors, especially by ransomware. Dragos 2023 Year In Review showed that 70% of all ransomware victims were manufacturers. The Global Resilience Federation Ransomware Report shows very similar figures. There are some specific elements that make manufacturing a particularly attractive target for ransomware such as the lack of network security and segmentation, IT compromise that often leads to operational disruption (even if there is not OT network intrusion), manufacturing having tight margins, a lack of a compliance regime, and organizational size all contributing. Manufacturing continues to be a top targeted sector by cyber threat actors, especially by ransomware. Dragos 2023 Year In Review showed that 70% of all ransomware victims were manufacturers. The Global Resilience Federation Ransomware Report shows very similar figures. There are some specific elements that make manufacturing a particularly attractive target for ransomware such as the lack of network security and segmentation, IT compromise that often leads to operational disruption (even if there is not OT network intrusion), manufacturing having tight margins, a lack of a compliance regime, and organizational size all contributing.\r\n\r\nWhile manufacturing as a whole lags many other critical infrastructure sectors in aspects of cyber security there is a category that manufacturing has consistently led other industry verticals in, automation and device connectivity in the operational technology domain. Manufacturer’s OT network environments increasingly are set up as a network or hyper connected IIoT devices, where all data goes to the cloud and often comes back from the cloud to offer changes, and all participants have access into the OT network domain allowing manufacturing to push the boundaries of what products are technically possible, what production efficiencies are possible, and how OT environments can scale as never before.\r\n\r\nThis has obviously come with downside risks that manufacturers are only now beginning to grapple with and to make meaningful changes to better protect their networks and the gains they have made. Their growing pains can serve as roadmap of what to do and what not to do as many other OT intensive industry verticals are moving very quickly into similar use cases.\n\n\n","media":[],"title":"Manufacturing- Lessons Learned, Lessons Taught","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Manufacturing continues to be a top targeted sector by cyber threat actors, especially by ransomware. Dragos 2023 Year In Review showed that 70% of all ransomware victims were manufacturers. The Global Resilience Federation Ransomware Report shows very similar figures. There are some specific elements that make manufacturing a particularly attractive target for ransomware such as the lack of network security and segmentation, IT compromise that often leads to operational disruption (even if there is not OT network intrusion), manufacturing having tight margins, a lack of a compliance regime, and organizational size all contributing. Manufacturing continues to be a top targeted sector by cyber threat actors, especially by ransomware. Dragos 2023 Year In Review showed that 70% of all ransomware victims were manufacturers. The Global Resilience Federation Ransomware Report shows very similar figures. There are some specific elements that make manufacturing a particularly attractive target for ransomware such as the lack of network security and segmentation, IT compromise that often leads to operational disruption (even if there is not OT network intrusion), manufacturing having tight margins, a lack of a compliance regime, and organizational size all contributing.\r\n\r\nWhile manufacturing as a whole lags many other critical infrastructure sectors in aspects of cyber security there is a category that manufacturing has consistently led other industry verticals in, automation and device connectivity in the operational technology domain. Manufacturer’s OT network environments increasingly are set up as a network or hyper connected IIoT devices, where all data goes to the cloud and often comes back from the cloud to offer changes, and all participants have access into the OT network domain allowing manufacturing to push the boundaries of what products are technically possible, what production efficiencies are possible, and how OT environments can scale as never before.\r\n\r\nThis has obviously come with downside risks that manufacturers are only now beginning to grapple with and to make meaningful changes to better protect their networks and the gains they have made. Their growing pains can serve as roadmap of what to do and what not to do as many other OT intensive industry verticals are moving very quickly into similar use cases.","updated_timestamp":{"seconds":1720396929,"nanoseconds":0},"speakers":[{"content_ids":[54607],"conference_id":133,"event_ids":[54981],"name":"Tim Chase","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Global Resilience Federation (GRF)","title":"Program Director"}],"links":[],"pronouns":null,"media":[],"id":54261,"title":"Program Director at Global Resilience Federation (GRF)"}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T00:02:09Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":54981,"tag_ids":[46382,46419,46463,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54261}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-07-08T00:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Talking to pilots and operators, an important aspect of GPS spoofing and jamming is being missed from the narrative in the media. We know about position spoofing, that's a given. What doesn't appear to be getting much attention is the effect of time spoofing.\n\nThe most significant of these is an incident where time was spoofed a significant period into the future. This caused all digital certificates on board an aircraft to become invalid and caused all electronic communications to fail. As GPS clocks have protection against time being rolled backwards, but not forward, the aircraft was grounded for several weeks for systems to be reflashed and the clocks to be reset,\n\nCoarse time spoofing could therefore ground entire fleets. We'll discuss this and potential mitigations. If time allows, we could touch on conventional RF navaids and their exposure to similar attacks.\n\n\n\n","media":[],"title":"GPS spoofing: it's about time, not just position","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Talking to pilots and operators, an important aspect of GPS spoofing and jamming is being missed from the narrative in the media. We know about position spoofing, that's a given. What doesn't appear to be getting much attention is the effect of time spoofing.\n\nThe most significant of these is an incident where time was spoofed a significant period into the future. This caused all digital certificates on board an aircraft to become invalid and caused all electronic communications to fail. As GPS clocks have protection against time being rolled backwards, but not forward, the aircraft was grounded for several weeks for systems to be reflashed and the clocks to be reset,\n\nCoarse time spoofing could therefore ground entire fleets. We'll discuss this and potential mitigations. If time allows, we could touch on conventional RF navaids and their exposure to similar attacks.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54606,55837,56177],"conference_id":133,"event_ids":[56387,56831,54980],"name":"Ken Munro","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Pen Test Partners","title":"Partner and Founder"}],"links":[],"pronouns":null,"media":[],"id":54347,"title":"Partner and Founder at Pen Test Partners"}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":54980,"tag_ids":[46366,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54347}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"An ex-employee's work laptop, a secret hardware prototype, the company backup server, and classified government computers. What do these things have in common? They should never end up on the public market. Ask any IT department and they'll tell you that \"it happens\", but how serious is the problem and what's really at stake? This talk explores the interesting journey of a research project to learn the surprising answers to these questions.\n\nAlong the way we'll scrape over 150 million images from online listings in Western and Eastern second hand markets, hack together an OCR cluster out of old iPhones, reverse engineer well-obfuscated Chinese apps, and converse with secretive underground groups of collectors.\n\n\n","media":[],"title":"The Secret Life of a Rogue Device - Lost IT Assets on the Public Marketplace","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T20:15:00Z","end_timestamp":{"seconds":1723320900,"nanoseconds":0},"android_description":"An ex-employee's work laptop, a secret hardware prototype, the company backup server, and classified government computers. What do these things have in common? They should never end up on the public market. Ask any IT department and they'll tell you that \"it happens\", but how serious is the problem and what's really at stake? This talk explores the interesting journey of a research project to learn the surprising answers to these questions.\n\nAlong the way we'll scrape over 150 million images from online listings in Western and Eastern second hand markets, hack together an OCR cluster out of old iPhones, reverse engineer well-obfuscated Chinese apps, and converse with secretive underground groups of collectors.","updated_timestamp":{"seconds":1720307459,"nanoseconds":0},"speakers":[{"content_ids":[54491],"conference_id":133,"event_ids":[54864],"name":"Matthew \"mandatory\" Bryant","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Snapchat","title":"Red Team Lead"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@IAmMandatory)","sort_order":0,"url":"https://twitter.com/IAmMandatory"},{"description":"","title":"thehackerblog.com","sort_order":0,"url":"https://thehackerblog.com"}],"media":[],"id":54082,"title":"Red Team Lead at Snapchat"}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-06T23:10:59Z","links":[],"end":"2024-08-10T20:15:00.000-0000","id":54864,"tag_ids":[46166,46419,46879],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54082}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"System Management Mode (SMM) is one of the most powerful execution modes in the x86 architecture and code at this level is invisible to the Hypervisor and OS-level protections, including anti-cheat engines and anti-virus systems. While the BIOS ecosystem's complexity has led to a multitude of vulnerabilities in firmware over time, vendors are now making strides in delivering patches with greater speed and efficiency. Unfortunately, these efforts are not enough in the presence of a CPU vulnerability.\r\n\r\nWhen researching the AMD processor, our team noticed a flaw in one of the critical components required for securing SMM. This silicon-level issue appears to have remained undetected for nearly two decades.\r\n\r\nThis presentation starts by providing an introduction to SMM and the security mechanisms that the AMD processor provides to support it. Subsequently, it delves into the CPU design flaw and the complete methodology and engineering used to create a universal ring -2 privilege escalation exploit.\n\n\n","media":[],"title":"AMD Sinkclose: Universal Ring -2 Privilege Escalation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T20:15:00Z","end_timestamp":{"seconds":1723320900,"nanoseconds":0},"android_description":"System Management Mode (SMM) is one of the most powerful execution modes in the x86 architecture and code at this level is invisible to the Hypervisor and OS-level protections, including anti-cheat engines and anti-virus systems. While the BIOS ecosystem's complexity has led to a multitude of vulnerabilities in firmware over time, vendors are now making strides in delivering patches with greater speed and efficiency. Unfortunately, these efforts are not enough in the presence of a CPU vulnerability.\r\n\r\nWhen researching the AMD processor, our team noticed a flaw in one of the critical components required for securing SMM. This silicon-level issue appears to have remained undetected for nearly two decades.\r\n\r\nThis presentation starts by providing an introduction to SMM and the security mechanisms that the AMD processor provides to support it. Subsequently, it delves into the CPU design flaw and the complete methodology and engineering used to create a universal ring -2 privilege escalation exploit.","updated_timestamp":{"seconds":1721486966,"nanoseconds":0},"speakers":[{"content_ids":[54490],"conference_id":133,"event_ids":[54863],"name":"Enrique Nissim","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"IOActive","title":"Principal Security Consultant"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@kiqueNissim)","sort_order":0,"url":"https://twitter.com/kiqueNissim"}],"media":[],"id":54147,"title":"Principal Security Consultant at IOActive"},{"content_ids":[54490],"conference_id":133,"event_ids":[54863],"name":"Krzysztof Okupski","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"IOActive","title":"Associate Principal Security Consultant"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@exminium)","sort_order":0,"url":"https://twitter.com/exminium"}],"media":[],"id":54154,"title":"Associate Principal Security Consultant at IOActive"}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T14:49:26Z","links":[],"end":"2024-08-10T20:15:00.000-0000","id":54863,"tag_ids":[46166,46169,46419,46437,46438,46880],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54147},{"tag_id":46167,"sort_order":2,"person_id":54154}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-07-20T14:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"After working with over 400 companies on their application security programs the most common question I receive is “what’s next?”. They want to know how to mature their programs, and when they look at the maturity models available, they find them intimidating and so far beyond their current maturity level that they feel impossible. In this talk I will take you through 3 common AppSec program maturity levels I have encountered over the years, with practical and actionable next steps you could take immediately to improve your security posture.\n\n\n","media":[],"title":"Maturing Your Application Security Program","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:50:00Z","end_timestamp":{"seconds":1723319400,"nanoseconds":0},"android_description":"After working with over 400 companies on their application security programs the most common question I receive is “what’s next?”. They want to know how to mature their programs, and when they look at the maturity models available, they find them intimidating and so far beyond their current maturity level that they feel impossible. In this talk I will take you through 3 common AppSec program maturity levels I have encountered over the years, with practical and actionable next steps you could take immediately to improve your security posture.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55706],"conference_id":133,"event_ids":[56222],"name":"SheHacksPurple","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56088}],"begin_tsz":"2024-08-10T19:20:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T19:50:00.000-0000","id":56222,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723317600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56088}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T19:20:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Arizona Secretary of State Adrian Fontes has been educating election officials about the capabilities of current tools to create synthetic content: GenAI used to create text for advanced spear phish targeting election officials, cloned voices of election officials explaining to their real\r\ncounterparts how their voices could be weaponized to confuse staff and poll workers, lastly, high quality deepfakes of Secretary Fontes himself showing how easy it could be to use an elected official’s own likeness against them. This presentation will be a deep dive into how we predict GenAI attacks will be used during the 2024 General Election and will provide a framework for the audience, hardening them against\r\nwhat is coming.\n\n\n","media":[],"title":"Indivisible","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:15:00Z","end_timestamp":{"seconds":1723320900,"nanoseconds":0},"android_description":"Arizona Secretary of State Adrian Fontes has been educating election officials about the capabilities of current tools to create synthetic content: GenAI used to create text for advanced spear phish targeting election officials, cloned voices of election officials explaining to their real\r\ncounterparts how their voices could be weaponized to confuse staff and poll workers, lastly, high quality deepfakes of Secretary Fontes himself showing how easy it could be to use an elected official’s own likeness against them. This presentation will be a deep dive into how we predict GenAI attacks will be used during the 2024 General Election and will provide a framework for the audience, hardening them against\r\nwhat is coming.","updated_timestamp":{"seconds":1723237194,"nanoseconds":0},"speakers":[{"content_ids":[56196,56202],"conference_id":133,"event_ids":[56850,56856],"name":"Michael Moore","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Website","sort_order":0,"url":"https://azdirect.az.gov/secretary-state"}],"media":[],"id":56578}],"begin_tsz":"2024-08-10T19:15:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T20:59:54Z","links":[],"end":"2024-08-10T20:15:00.000-0000","id":56850,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723317300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56578}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T19:15:00.000-0000","updated":"2024-08-09T20:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Microsoft Entra Conditional Access sits at the forefront of organization's security boundaries. The ever-changing climate of conditional access continues to give administrators more and more security controls. The tradeoff of which is increased complexity when attempting to balance security and productivity. The more policies deployed in a tenant, the greater the chance for misconfigurations that create opportunities for exploitation. Whether you're a cloud administrator, security consultant, or adversary, the goal remains the same: to find the holes in conditional access.\n\nThis talk discusses lessons learned from real-life engagements and identifies multiple strategies for evaluating conditional access. Topics and tooling are explored that view conditional access from several different angles. First, understanding PowerShell and Graph API is vital when combing through policies, finding gaps in user, group, role, location, application, or device configuration. Second, simulation of logon criteria and reporting on authentication events helps to understand where policies fall short. Finally, creating a visual representation of each policy is helpful to better see policy details or build executive reports. Each of these provides an important piece of the puzzle when attempting to identify methods to bypass security controls. Audience members should expect to leave with an arsenal of new tools and techniques to continuously monitor conditional access for risk.\n\n\n","media":[],"title":"Finding Holes in Conditional Access Policies","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:40:00Z","end_timestamp":{"seconds":1723318800,"nanoseconds":0},"android_description":"Microsoft Entra Conditional Access sits at the forefront of organization's security boundaries. The ever-changing climate of conditional access continues to give administrators more and more security controls. The tradeoff of which is increased complexity when attempting to balance security and productivity. The more policies deployed in a tenant, the greater the chance for misconfigurations that create opportunities for exploitation. Whether you're a cloud administrator, security consultant, or adversary, the goal remains the same: to find the holes in conditional access.\n\nThis talk discusses lessons learned from real-life engagements and identifies multiple strategies for evaluating conditional access. Topics and tooling are explored that view conditional access from several different angles. First, understanding PowerShell and Graph API is vital when combing through policies, finding gaps in user, group, role, location, application, or device configuration. Second, simulation of logon criteria and reporting on authentication events helps to understand where policies fall short. Finally, creating a visual representation of each policy is helpful to better see policy details or build executive reports. Each of these provides an important piece of the puzzle when attempting to identify methods to bypass security controls. Audience members should expect to leave with an arsenal of new tools and techniques to continuously monitor conditional access for risk.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[54558,55492],"conference_id":133,"event_ids":[55921,54933],"name":"Brandon Colley","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Trimarc","title":"Senior Security Consultant"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@techBrandon)","sort_order":0,"url":"https://twitter.com/techBrandon"}],"media":[],"id":54256,"title":"Senior Security Consultant at Trimarc"}],"begin_tsz":"2024-08-10T19:15:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-10T19:40:00.000-0000","id":55921,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723317300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54256}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-10T19:15:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In an era of remote work and distributed IT environments, remote administration tools (RATs) and remote monitoring and management (RMM) tools have become indispensable for system administrators and managed service providers (MSPs). However, the same features that make these tools efficient also make them attractive targets for malicious actors. Advanced threat actors are increasingly leveraging legitimate RATs and RMMs to gain unauthorized access to networks, bypassing traditional security controls and evading detection.\n\n\n","media":[],"title":"Weaponized Convenience: Inside the Rise of Remote Tool Abuse","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"In an era of remote work and distributed IT environments, remote administration tools (RATs) and remote monitoring and management (RMM) tools have become indispensable for system administrators and managed service providers (MSPs). However, the same features that make these tools efficient also make them attractive targets for malicious actors. Advanced threat actors are increasingly leveraging legitimate RATs and RMMs to gain unauthorized access to networks, bypassing traditional security controls and evading detection.","updated_timestamp":{"seconds":1721495310,"nanoseconds":0},"speakers":[{"content_ids":[55200],"conference_id":133,"event_ids":[55590],"name":"Fernando Tomlinson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Mandiant / Google Cloud","title":"Forensics and Incident Response Technical Manager"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/fernando-tomlinson/"},{"description":"","title":"Twitter (@Wired_Pulse)","sort_order":0,"url":"https://x.com/Wired_Pulse"}],"media":[],"id":55801,"title":"Forensics and Incident Response Technical Manager at Mandiant / Google Cloud"},{"content_ids":[55200],"conference_id":133,"event_ids":[55590],"name":"Nader Zaveri","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Incident Response & Remediation Senior Manager"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/naderzaveri/"},{"description":"","title":"Twitter (@naderzaveri)","sort_order":0,"url":"https://x.com/naderzaveri"}],"media":[],"id":55808,"title":"Incident Response & Remediation Senior Manager"}],"begin_tsz":"2024-08-10T19:15:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T17:08:30Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":55590,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723317300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55808},{"tag_id":46167,"sort_order":4,"person_id":55801}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T19:15:00.000-0000","updated":"2024-07-20T17:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"DEF CON Groups Panel #1","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:05:00Z","end_timestamp":{"seconds":1723320300,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722641228,"nanoseconds":0},"speakers":[{"content_ids":[55688],"conference_id":133,"event_ids":[56211],"name":"xray","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56055},{"content_ids":[55688],"conference_id":133,"event_ids":[56211],"name":"ᗩᒪETᕼE","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56056},{"content_ids":[55688],"conference_id":133,"event_ids":[56211],"name":"overcast","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56057},{"content_ids":[55687,55688],"conference_id":133,"event_ids":[56210,56211],"name":"Abhishek S","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Flipkart","title":"Security Engineer"}],"links":[],"pronouns":null,"media":[],"id":56058,"title":"Security Engineer at Flipkart"},{"content_ids":[55688],"conference_id":133,"event_ids":[56211],"name":"TX","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56059}],"begin_tsz":"2024-08-10T19:05:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T23:27:08Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-10T20:05:00.000-0000","id":56211,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723316700,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56056},{"tag_id":46167,"sort_order":4,"person_id":56055},{"tag_id":46167,"sort_order":6,"person_id":56059},{"tag_id":46167,"sort_order":8,"person_id":56057},{"tag_id":46167,"sort_order":10,"person_id":56058}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-10T19:05:00.000-0000","updated":"2024-08-02T23:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"3D Printing My Way to Sanity: The Self-Funding Hobby That Changed Everything","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:45:00Z","end_timestamp":{"seconds":1723319100,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723225155,"nanoseconds":0},"speakers":[{"content_ids":[56211],"conference_id":133,"event_ids":[56865],"name":"Steve Dossey","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56598}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T17:39:15Z","links":[],"end":"2024-08-10T19:45:00.000-0000","id":56865,"tag_ids":[46409,46511],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56598}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W213-W214","hotel":"","short_name":"W213-W214","id":46286},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-08-09T17:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There’s no two ways about it: Kubernetes is a confusing and complex collection of intertwined systems. Finding attack paths in Kubernetes by hand is a frustrating, slow, and tedious process. Defending Kubernetes against those same attack paths is almost impossible without any third party tooling. In this workshop we will present KubeHound - an opinionated, scalable, offensive-minded Kubernetes attack graph tool used by security teams across Datadog. We will cover the custom KubeHound DSL to demonstrate its power to identify some of the most interesting and common attack primitives living in your Kubernetes cluster. If the DSL is not enough, we will cover the basics of Gremlin, the language used by our graph technology so you can find relevant attack paths that matter to you. As attackers (or defenders), there's nothing better to understand an attack than to exploit it oneself. So in this workshop we will cover some of the usual attack paths and exploit them.\n\n\n","media":[],"title":"Hands-on Kubernetes security with KubeHound (purple teaming)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"There’s no two ways about it: Kubernetes is a confusing and complex collection of intertwined systems. Finding attack paths in Kubernetes by hand is a frustrating, slow, and tedious process. Defending Kubernetes against those same attack paths is almost impossible without any third party tooling. In this workshop we will present KubeHound - an opinionated, scalable, offensive-minded Kubernetes attack graph tool used by security teams across Datadog. We will cover the custom KubeHound DSL to demonstrate its power to identify some of the most interesting and common attack primitives living in your Kubernetes cluster. If the DSL is not enough, we will cover the basics of Gremlin, the language used by our graph technology so you can find relevant attack paths that matter to you. As attackers (or defenders), there's nothing better to understand an attack than to exploit it oneself. So in this workshop we will cover some of the usual attack paths and exploit them.","updated_timestamp":{"seconds":1722715708,"nanoseconds":0},"speakers":[{"content_ids":[55990],"conference_id":133,"event_ids":[56612],"name":"Julien Terriac","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Adversary Simulation Engineering at Datadog","title":""}],"links":[],"pronouns":null,"media":[],"id":56327,"title":"Adversary Simulation Engineering at Datadog"}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T20:08:28Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":56612,"tag_ids":[46367,46734],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56327}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-08-03T20:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"LoRa is an exciting new technology renowned for its low cost and long range, making it popular for hackers and makers. In this workshop, you’ll learn to program a LoRa radio with CircuitPython to create long-range hacking tools and blinky prototypes which can communicate off-grid from over a mile away! The workshop will cover remotely triggered BadUSB devices, LED controllers, sensor monitors, and more! A computer with Google Chrome is required for this workshop.\n\n\n","media":[],"title":"LoRa for Hackers : Long Range Hacking for Beginners With CircuitPython","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"LoRa is an exciting new technology renowned for its low cost and long range, making it popular for hackers and makers. In this workshop, you’ll learn to program a LoRa radio with CircuitPython to create long-range hacking tools and blinky prototypes which can communicate off-grid from over a mile away! The workshop will cover remotely triggered BadUSB devices, LED controllers, sensor monitors, and more! A computer with Google Chrome is required for this workshop.","updated_timestamp":{"seconds":1722645221,"nanoseconds":0},"speakers":[{"content_ids":[55930,55931,55932,55933,55934,55935,55936,55937,55938,55939],"conference_id":133,"event_ids":[56521,56522,56523,56524,56525,56526,56527,56528,56529,56530],"name":"Kody K","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56287}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:41Z","links":[{"label":"Purchase/Pre-Register","type":"link","url":"https://retia.io/products/hackers-guide-to-lora-long-range-hacking-with-lora-and-circuitpython?"}],"end":"2024-08-10T21:00:00.000-0000","id":56526,"tag_ids":[46383,46429,46734],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56287}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us at Recon Village for an in-depth workshop on the OWASP Amass Project, a powerful open-source tool used for network mapping, attack surface analysis, and asset discovery. This workshop will delve into the exciting advancements in data collection capabilities within Amass, demonstrating how these enhancements have taken the project from a humble subdomain enumeration tool to an OSINT collection system. Participants will gain hands-on experience with new features, learn best practices for leveraging Amass, and explore the broader dataset of findings and associated assets. Whether you are a seasoned security professional or new to network reconnaissance, this session will provide valuable insights and practical skills to elevate your reconnaissance game.\n\nWorkshop Outline\n\nIntroduction (15 minutes)\n- Welcome and speaker introductions\n- Overview of OWASP Amass\n - Brief history and evolution\n - Core functionalities and typical use cases\n- Workshop objectives and agenda\n\nUnderstanding Amass's Data Collection Capabilities (15 minutes)\n- Current data sources utilized by Amass\n - Public data sources\n - OSINT (Open Source Intelligence) integration\n - Third-party APIs\n- Introduction to new data collection features\n - Enhanced API integrations\n - Proprietary data sources\n\nHands-On with New Data Collection Features (30 minutes)\n- Setting up Amass for expanded data collection\n - Installation and configuration\n - API key management and integration\n- Practical demonstration\n - Running Amass with new data sources\n - Interpreting results\n - Case study: Real-world scenarios and outcomes\n\nAnalyzing and Utilizing Recon Data (30 minutes)\n- Attack surface mapping is more than internet infrastructure\n- Introduction to the Open Asset Model (OAM)\n- Collecting email addresses with Amass\n- OAM types to be supported by the project\n- The Future of Mapping attack surfaces\n\n\nQ&A Session (20 minutes)\n\nConclusion (10 minutes)\n- Recap of key takeaways\n- Additional resources and further learning\n- Closing remarks and feedback session\n\n---\n\nPreparation Requirements:**\n- Participants are encouraged to bring laptops with pre-installed OWASP Amass.\n- API keys for various data sources (details to be provided prior to the workshop).\n\nTarget Audience:**\n- Security researchers and professionals\n- Penetration testers\n- Network administrators\n- Anyone interested in improving their reconnaissance skills and knowledge\n\nThis workshop promises to be an engaging and educational experience, equipping attendees with the latest techniques and tools to enhance their security reconnaissance capabilities using OWASP Amass.\n\n\n","media":[],"title":"OWASP Amass Expanding Data Horizons: Amassing More Than Subdomains","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"Join us at Recon Village for an in-depth workshop on the OWASP Amass Project, a powerful open-source tool used for network mapping, attack surface analysis, and asset discovery. This workshop will delve into the exciting advancements in data collection capabilities within Amass, demonstrating how these enhancements have taken the project from a humble subdomain enumeration tool to an OSINT collection system. Participants will gain hands-on experience with new features, learn best practices for leveraging Amass, and explore the broader dataset of findings and associated assets. Whether you are a seasoned security professional or new to network reconnaissance, this session will provide valuable insights and practical skills to elevate your reconnaissance game.\n\nWorkshop Outline\n\nIntroduction (15 minutes)\n- Welcome and speaker introductions\n- Overview of OWASP Amass\n - Brief history and evolution\n - Core functionalities and typical use cases\n- Workshop objectives and agenda\n\nUnderstanding Amass's Data Collection Capabilities (15 minutes)\n- Current data sources utilized by Amass\n - Public data sources\n - OSINT (Open Source Intelligence) integration\n - Third-party APIs\n- Introduction to new data collection features\n - Enhanced API integrations\n - Proprietary data sources\n\nHands-On with New Data Collection Features (30 minutes)\n- Setting up Amass for expanded data collection\n - Installation and configuration\n - API key management and integration\n- Practical demonstration\n - Running Amass with new data sources\n - Interpreting results\n - Case study: Real-world scenarios and outcomes\n\nAnalyzing and Utilizing Recon Data (30 minutes)\n- Attack surface mapping is more than internet infrastructure\n- Introduction to the Open Asset Model (OAM)\n- Collecting email addresses with Amass\n- OAM types to be supported by the project\n- The Future of Mapping attack surfaces\n\n\nQ&A Session (20 minutes)\n\nConclusion (10 minutes)\n- Recap of key takeaways\n- Additional resources and further learning\n- Closing remarks and feedback session\n\n---\n\nPreparation Requirements:**\n- Participants are encouraged to bring laptops with pre-installed OWASP Amass.\n- API keys for various data sources (details to be provided prior to the workshop).\n\nTarget Audience:**\n- Security researchers and professionals\n- Penetration testers\n- Network administrators\n- Anyone interested in improving their reconnaissance skills and knowledge\n\nThis workshop promises to be an engaging and educational experience, equipping attendees with the latest techniques and tools to enhance their security reconnaissance capabilities using OWASP Amass.","updated_timestamp":{"seconds":1722633249,"nanoseconds":0},"speakers":[{"content_ids":[55307,55913],"conference_id":133,"event_ids":[55697,56500],"name":"Jeff Foley","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@jeff_foley)","sort_order":0,"url":"https://twitter.com/jeff_foley"}],"media":[],"id":55859}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T21:14:09Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":56500,"tag_ids":[46391,46734],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55859}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is an AMA/Podcast that will be recorded on-site.\n\n\n","media":[],"title":"Interview - Daniel Miessler, Hosted by Ankur","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"This is an AMA/Podcast that will be recorded on-site.","updated_timestamp":{"seconds":1722633249,"nanoseconds":0},"speakers":[{"content_ids":[55912],"conference_id":133,"event_ids":[56499],"name":"Daniel Miessler","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56271},{"content_ids":[55912],"conference_id":133,"event_ids":[56499],"name":"Ankur","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56272}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T21:14:09Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":56499,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56271},{"tag_id":46167,"sort_order":4,"person_id":56272}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Much is said about QKD and its benefits and drawbacks. Even more is said about how it is, and we quote, ‘UNHACKABLE’!! We know that it is definitely susceptible to hacks, and want to invite all hackers to an open session where we will discuss attacks against QKD, both classical and quantum, and as a group start constructing a threat model that describes this technology. We will all benefit when more of us understand the real details and contexts about it! HAQ THE PLANET!\n\n\n","media":[],"title":"Threat Modelling QKD","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Much is said about QKD and its benefits and drawbacks. Even more is said about how it is, and we quote, ‘UNHACKABLE’!! We know that it is definitely susceptible to hacks, and want to invite all hackers to an open session where we will discuss attacks against QKD, both classical and quantum, and as a group start constructing a threat model that describes this technology. We will all benefit when more of us understand the real details and contexts about it! HAQ THE PLANET!","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":56438,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Drones, also known as unmanned aerial vehicles (UAVs), are becoming increasingly popular for various applications, from delivery and surveillance to emergency response and military support. While traditionally controlled by dedicated remote controllers (ground control stations), Android is emerging as a powerful platform for drone development and operation. For example, some drone manufacturers, like DJI, have developed their own custom Android-based operating systems (OS) for their drones. Open-source Android-based flight control software like QGroundControl and Mission Planner are also available, allowing developers to build custom drone control applications. With the growing reliance on Android within the drone market, the necessity to understand the landscape of Android-based vulnerabilities and exposure has become more important than ever before, especially to ensure secure, safe, and reliable drone operations.\n\n\n","media":[],"title":"Secure the Skies: A Modern Android Security Research Framework for Drone Ground Control Stations and Applications","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Drones, also known as unmanned aerial vehicles (UAVs), are becoming increasingly popular for various applications, from delivery and surveillance to emergency response and military support. While traditionally controlled by dedicated remote controllers (ground control stations), Android is emerging as a powerful platform for drone development and operation. For example, some drone manufacturers, like DJI, have developed their own custom Android-based operating systems (OS) for their drones. Open-source Android-based flight control software like QGroundControl and Mission Planner are also available, allowing developers to build custom drone control applications. With the growing reliance on Android within the drone market, the necessity to understand the landscape of Android-based vulnerabilities and exposure has become more important than ever before, especially to ensure secure, safe, and reliable drone operations.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55835],"conference_id":133,"event_ids":[56385],"name":"Jonathan Waterman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56196}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":56385,"tag_ids":[46366,46734],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56196}],"tags":"","conference_id":133,"location":{"parent_id":46259,"name":"LVCC - L1 - HW2-07-02 (Aerospace) - Workshops","hotel":"","short_name":"Workshops","id":46476},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Beverage Chilling Contraption Contest has been un-canceled! After a fantastic afternoon of day drinking celebrating the start of the 20th BCCC we've run out of beer. It's a disaster, a catastrophe! Fortunately, we had the wherewithal to scramble a crack beverage acquisition team to the streets of Las Vegas and found more! Don't ask where. Unfortunately, like the streets of Las Vegas, it's HOT and kinda sticky. We need you to help us fix this and get that beer as cold as the barren wasteland that is our generation's dreams of home ownership!\n\n\n","media":[],"title":"Beverage Chilling Contraption Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The Beverage Chilling Contraption Contest has been un-canceled! After a fantastic afternoon of day drinking celebrating the start of the 20th BCCC we've run out of beer. It's a disaster, a catastrophe! Fortunately, we had the wherewithal to scramble a crack beverage acquisition team to the streets of Las Vegas and found more! Don't ask where. Unfortunately, like the streets of Las Vegas, it's HOT and kinda sticky. We need you to help us fix this and get that beer as cold as the barren wasteland that is our generation's dreams of home ownership!","updated_timestamp":{"seconds":1722311147,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:45:47Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249412"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249413"}],"end":"2024-08-11T01:00:00.000-0000","id":56061,"tag_ids":[46427,46439,46753],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-B","hotel":"","short_name":"HW4-01-04-B","id":46277},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-30T03:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Have you ever wanted to break out of handcuffs, pick open a closed bag and shoot your buddy in the chest with a nerf gun? So have we, that's why TOOOL presents the Dozer Drill. A fast paced skill based game where you have to free yourself from handcuffs, open a closed bag, and retrieve the nerf gun to be the first to hit the target. Join us on Friday for qualifiers, through the con for unofficial games, and on Saturday for an official bracket tournament.\n\n\n","media":[],"title":"Dozier Drill Tournament","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Have you ever wanted to break out of handcuffs, pick open a closed bag and shoot your buddy in the chest with a nerf gun? So have we, that's why TOOOL presents the Dozer Drill. A fast paced skill based game where you have to free yourself from handcuffs, open a closed bag, and retrieve the nerf gun to be the first to hit the target. Join us on Friday for qualifiers, through the con for unofficial games, and on Saturday for an official bracket tournament.","updated_timestamp":{"seconds":1722209286,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T23:28:06Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":55933,"tag_ids":[46384,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03-A","hotel":"","short_name":"HW2-07-03-A","id":46383},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-28T23:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Bring your instruments, synths, and self for an open jam session\n\n\n","media":[],"title":"HDA Presents the open Synth Jam Session","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Bring your instruments, synths, and self for an open jam session","updated_timestamp":{"seconds":1722102603,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T17:50:03Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":55828,"tag_ids":[46404,46641],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46251,"name":"LVCC - L1 - W110 (HDA)","hotel":"","short_name":"W110 (HDA)","id":46280},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-27T17:50:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Austin School For The Driven","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1721785134,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T01:38:54Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":55760,"tag_ids":[46398,46641],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-24T01:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Defending a vessel's IT and OT systems while underway can be a matter of life and death. Cliff, Brad, and Phil present a framework for developing 24/7 network and security operations for vessels, addressing such technical topics as limited bandwidth/latency, detection and response, pre-planned actions, and an underway readiness dashboard. We will address technical and risk-management strategies for a SOC and NOC, including how we use a lab environment to simulate security operations for vessels underway.\n\n\n","media":[],"title":"Don't Give Up The Ship! Maritime SOC/NOC Afloat","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Defending a vessel's IT and OT systems while underway can be a matter of life and death. Cliff, Brad, and Phil present a framework for developing 24/7 network and security operations for vessels, addressing such technical topics as limited bandwidth/latency, detection and response, pre-planned actions, and an underway readiness dashboard. We will address technical and risk-management strategies for a SOC and NOC, including how we use a lab environment to simulate security operations for vessels underway.","updated_timestamp":{"seconds":1721781706,"nanoseconds":0},"speakers":[{"content_ids":[55351],"conference_id":133,"event_ids":[55743],"name":"Brad Proctor","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55949},{"content_ids":[55351],"conference_id":133,"event_ids":[55743],"name":"Cliff Neve","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MAD Security","title":"Vice President of Maritime Cybersecurity"}],"links":[],"pronouns":null,"media":[],"id":55950,"title":"Vice President of Maritime Cybersecurity at MAD Security"},{"content_ids":[55351],"conference_id":133,"event_ids":[55743],"name":"Philip Acosta","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GuROO LLC","title":"Founder and CEO"}],"links":[],"pronouns":null,"media":[],"id":55963,"title":"Founder and CEO at GuROO LLC"}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T00:41:46Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":55743,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55963},{"tag_id":46167,"sort_order":4,"person_id":55950},{"tag_id":46167,"sort_order":6,"person_id":55949}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-24T00:41:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"DC NextGen / Youth Challenge Area at Red Team Village","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1721595757,"nanoseconds":0},"speakers":[{"content_ids":[55273],"conference_id":133,"event_ids":[55663,55712,55713],"name":"RTV Staff","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@redteamvillage_)","sort_order":0,"url":"https://twitter.com/redteamvillage_"}],"media":[],"id":55852}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T21:02:37Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":55712,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55852}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Ascension","hotel":"","short_name":"Ascension","id":46504},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-21T21:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We all heard this story before - a critical vulnerability is discovered in a VPN server. It's exploited in the wild. Administrators rush to patch. Panic spreads across Twitter. \n\nAttackers have long sought to exploit VPN servers - they are accessible from the internet, expose a rich attack surface, and often lack in security and monitoring. Historically, VPNs were primarily abused to achieve a single objective: gaining entry into internal victim networks. While this is evidently very valuable, control over a VPN server shouldn't solely be seen as a gateway to the network, and can certainly be abused in various other ways.\n\nIn this talk, we will explore VPN post-exploitation - a new approach that consists of different techniques attackers can employ on the compromised VPN server to further progress their intrusion. To demonstrate this concept, we will inspect two of the most common VPN servers on the market - Ivanti Connect Secure and Fortigate, and show how an attacker with control over them can collect user credentials, move laterally, and maintain persistent access to the network.\n\nWe will conclude by detailing best practices and principles that should be followed by security teams when using VPN servers to reduce the risk from post-exploitation techniques.\n\n\n","media":[],"title":"Tunnel Vision: Exploring VPN Post-Exploitation Techniques","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T19:50:00Z","end_timestamp":{"seconds":1723319400,"nanoseconds":0},"android_description":"We all heard this story before - a critical vulnerability is discovered in a VPN server. It's exploited in the wild. Administrators rush to patch. Panic spreads across Twitter. \n\nAttackers have long sought to exploit VPN servers - they are accessible from the internet, expose a rich attack surface, and often lack in security and monitoring. Historically, VPNs were primarily abused to achieve a single objective: gaining entry into internal victim networks. While this is evidently very valuable, control over a VPN server shouldn't solely be seen as a gateway to the network, and can certainly be abused in various other ways.\n\nIn this talk, we will explore VPN post-exploitation - a new approach that consists of different techniques attackers can employ on the compromised VPN server to further progress their intrusion. To demonstrate this concept, we will inspect two of the most common VPN servers on the market - Ivanti Connect Secure and Fortigate, and show how an attacker with control over them can collect user credentials, move laterally, and maintain persistent access to the network.\n\nWe will conclude by detailing best practices and principles that should be followed by security teams when using VPN servers to reduce the risk from post-exploitation techniques.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55298],"conference_id":133,"event_ids":[55688],"name":"Ori David","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@oridavid123)","sort_order":0,"url":"https://twitter.com/oridavid123"}],"media":[],"id":55849}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T19:50:00.000-0000","id":55688,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55849}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Since we were children we wanted to go to the arcade and play for hours and hours for free. How about we do it now? In this talk I’m gonna show you some vulnerabilities that I discovered in the cashless system of one of the biggest companies in the world, with over 2,300 installations across 70 countries, from arcades in Brazil, amusement parks in the United Arab Emirates to a famous roller coaster in Las Vegas. We will talk about API security, access control and NFC among other things.\r\n\r\n## Description\r\n\r\nThe talk is divided into 10(+1) stages. Starting at Stage 0, I will relate the origin of the idea during H2HC Brazil in 2023. Initially, the proposal was an arcade in Brazil with a debit card system.\r\n\r\nIn Stage 1, I will present the company, the NFC card, an application to charge money and check our data, but without exploitable vulnerabilities due to the use of middleware.\r\n\r\nIn the next stage, the focus shifts to the company responsible for the debit card system. This Argentine company dominates the market, with more than 2300 installations in 70 countries, ranging from arcades to a famous roller coaster in Las Vegas. During the investigation, the /api endpoint on the server was identified, filtering out endpoints that did not return 404 or 200. DNS enumeration and the use of Shodan revealed an outdated info.php, as well as other servers with open ports and versions with vulnerabilities. Documentation was also found in /api/v2 without the necessary credentials.\r\n\r\nIn Stage 3, the IDOR and Broken Authentication vulnerabilities will be explained. Then I will present endpoints in the system that allow us to exploit these vulnerabilities and obtain card information and personal customer data.\r\n\r\nThen, it will be revealed that the company provides a mobile application. When decompiling some applications, keys and API endpoints were discovered. All APKs were similar, differing only in keys and endpoints. Now, with these credentials we have the ability to recharge credit to our debit card.\r\n\r\nIn Stage 5, we will explain the Account Takeover attack and how to execute it on the system via API. Also I’ll explain Race Condition found in the API.\r\n\r\nIn the next scenario, a server found in Shodan: The online event booking system. Confidential information was found here, such as all Argentinean invoices, logs and extra company information, obtained by script written by me.\r\n\r\nA reservation management portal was also identified with a Broken Access Control vulnerability, allowing us to view and modify all reservations, including modifying prices. It is important to note that all of these vulnerabilities affect ALL of the company's customers.\r\n\r\nAs we near the end, other servers will be quickly highlighted, such as the company's public Zendesk, allowing user creation and access to useful information. A U.S. case will be presented where a go-karting facility uses this system, allowing access to all monitors. Other examples include an amusement park company in Spain providing links to their park management consoles, and similar findings in Chile, Ecuador and Phoenix.\r\n\r\nThe last scenario will explain the NFC system, focusing on card reading and manipulation due to lack of security. Some attacks, such as changing the ID and referencing another card, will be shown. I’m also going to show the “feature” of emulating the card with the NFC of android phones, thus being able to emulate any card.\r\n\r\nThe idea of the talk is to demonstrate that even in 2024 there are significant systems with many users and with \"basic\" vulnerabilities known for years. Also I would like to encourage new generations to do ethical hacking and help generate a good relationship between hackers and companies. Computer security education and training are crucial to prevent attacks and protect our digital assets.\r\n\r\n## Outline\r\n\r\n- Stage 0\r\n - Introduction\r\n- Stage 1\r\n - About Brazilian arcade and cashless system\r\n - NFC Card\r\n - Website to charge money and view data\r\n- Stage 2\r\n - Company who provide the system\r\n - More than 2300 installations across 70 countries\r\n - Api endpoints\r\n- Stage 3\r\n - IDOR and Broken Authentication\r\n - A lot of user and cards data\r\n - Not just arcades. Roller coaster Vegas. Clients around the world\r\n- Stage 4\r\n - Mobile app for all the customers\r\n - Keys and endpoints in plain text (DEMO)\r\n - Endpoint to recharge credits\r\n- Stage 5\r\n - Account Takeover (DEMO)\r\n - Race Condition (DEMO)\r\n- Stage 6\r\n - Online Party Booking\r\n - A lot of confidential information\r\n - Script to get data (DEMO)\r\n- Stage 7: Booking Management portal\r\n - Broken Access Control\r\n - List and modify all the bookings\r\n- Stage 8: Side servers\r\n - Public zendesk with data\r\n - Go-karting in U.S.\r\n - Amusement park in Spain\r\n - Chile, Ecuador, Phoenix\r\n- Stage 9: NFC\r\n - Brazilian card\r\n - Leak security\r\n - Android NFC\r\n- Stage 10\r\n - A lot of customers in the U.S.\r\n - Conclusions\r\n - QA\r\n\n\n\n","media":[],"title":"Insert coin: Hacking arcades for fun","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T19:50:00Z","end_timestamp":{"seconds":1723319400,"nanoseconds":0},"android_description":"Since we were children we wanted to go to the arcade and play for hours and hours for free. How about we do it now? In this talk I’m gonna show you some vulnerabilities that I discovered in the cashless system of one of the biggest companies in the world, with over 2,300 installations across 70 countries, from arcades in Brazil, amusement parks in the United Arab Emirates to a famous roller coaster in Las Vegas. We will talk about API security, access control and NFC among other things.\r\n\r\n## Description\r\n\r\nThe talk is divided into 10(+1) stages. Starting at Stage 0, I will relate the origin of the idea during H2HC Brazil in 2023. Initially, the proposal was an arcade in Brazil with a debit card system.\r\n\r\nIn Stage 1, I will present the company, the NFC card, an application to charge money and check our data, but without exploitable vulnerabilities due to the use of middleware.\r\n\r\nIn the next stage, the focus shifts to the company responsible for the debit card system. This Argentine company dominates the market, with more than 2300 installations in 70 countries, ranging from arcades to a famous roller coaster in Las Vegas. During the investigation, the /api endpoint on the server was identified, filtering out endpoints that did not return 404 or 200. DNS enumeration and the use of Shodan revealed an outdated info.php, as well as other servers with open ports and versions with vulnerabilities. Documentation was also found in /api/v2 without the necessary credentials.\r\n\r\nIn Stage 3, the IDOR and Broken Authentication vulnerabilities will be explained. Then I will present endpoints in the system that allow us to exploit these vulnerabilities and obtain card information and personal customer data.\r\n\r\nThen, it will be revealed that the company provides a mobile application. When decompiling some applications, keys and API endpoints were discovered. All APKs were similar, differing only in keys and endpoints. Now, with these credentials we have the ability to recharge credit to our debit card.\r\n\r\nIn Stage 5, we will explain the Account Takeover attack and how to execute it on the system via API. Also I’ll explain Race Condition found in the API.\r\n\r\nIn the next scenario, a server found in Shodan: The online event booking system. Confidential information was found here, such as all Argentinean invoices, logs and extra company information, obtained by script written by me.\r\n\r\nA reservation management portal was also identified with a Broken Access Control vulnerability, allowing us to view and modify all reservations, including modifying prices. It is important to note that all of these vulnerabilities affect ALL of the company's customers.\r\n\r\nAs we near the end, other servers will be quickly highlighted, such as the company's public Zendesk, allowing user creation and access to useful information. A U.S. case will be presented where a go-karting facility uses this system, allowing access to all monitors. Other examples include an amusement park company in Spain providing links to their park management consoles, and similar findings in Chile, Ecuador and Phoenix.\r\n\r\nThe last scenario will explain the NFC system, focusing on card reading and manipulation due to lack of security. Some attacks, such as changing the ID and referencing another card, will be shown. I’m also going to show the “feature” of emulating the card with the NFC of android phones, thus being able to emulate any card.\r\n\r\nThe idea of the talk is to demonstrate that even in 2024 there are significant systems with many users and with \"basic\" vulnerabilities known for years. Also I would like to encourage new generations to do ethical hacking and help generate a good relationship between hackers and companies. Computer security education and training are crucial to prevent attacks and protect our digital assets.\r\n\r\n## Outline\r\n\r\n- Stage 0\r\n - Introduction\r\n- Stage 1\r\n - About Brazilian arcade and cashless system\r\n - NFC Card\r\n - Website to charge money and view data\r\n- Stage 2\r\n - Company who provide the system\r\n - More than 2300 installations across 70 countries\r\n - Api endpoints\r\n- Stage 3\r\n - IDOR and Broken Authentication\r\n - A lot of user and cards data\r\n - Not just arcades. Roller coaster Vegas. Clients around the world\r\n- Stage 4\r\n - Mobile app for all the customers\r\n - Keys and endpoints in plain text (DEMO)\r\n - Endpoint to recharge credits\r\n- Stage 5\r\n - Account Takeover (DEMO)\r\n - Race Condition (DEMO)\r\n- Stage 6\r\n - Online Party Booking\r\n - A lot of confidential information\r\n - Script to get data (DEMO)\r\n- Stage 7: Booking Management portal\r\n - Broken Access Control\r\n - List and modify all the bookings\r\n- Stage 8: Side servers\r\n - Public zendesk with data\r\n - Go-karting in U.S.\r\n - Amusement park in Spain\r\n - Chile, Ecuador, Phoenix\r\n- Stage 9: NFC\r\n - Brazilian card\r\n - Leak security\r\n - Android NFC\r\n- Stage 10\r\n - A lot of customers in the U.S.\r\n - Conclusions\r\n - QA","updated_timestamp":{"seconds":1721593585,"nanoseconds":0},"speakers":[{"content_ids":[55297,55959],"conference_id":133,"event_ids":[56575,55687],"name":"Ignacio Daniel Navarro","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Appication security / Ethical hacker"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ignavarro1/?locale=en_US"},{"description":"","title":"Twitter (@IgNavarro1)","sort_order":0,"url":"https://twitter.com/IgNavarro1"}],"media":[],"id":55850,"title":"Appication security / Ethical hacker"}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T20:26:25Z","links":[],"end":"2024-08-10T19:50:00.000-0000","id":55687,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55850}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-21T20:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Everyone else is doing automated testing - why aren't red teamers? Be confident your payload will execute, regardless of the options you picked, by integrating shellidate into your continuous integration pipelines!\n\n\n","media":[],"title":"Developing Better Payloads with Automated Testing","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T19:50:00Z","end_timestamp":{"seconds":1723319400,"nanoseconds":0},"android_description":"Everyone else is doing automated testing - why aren't red teamers? Be confident your payload will execute, regardless of the options you picked, by integrating shellidate into your continuous integration pipelines!","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55296],"conference_id":133,"event_ids":[55686],"name":"Nick McClendon","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@kuilinacs)","sort_order":0,"url":"https://twitter.com/kuilinacs"}],"media":[],"id":55851}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T19:50:00.000-0000","id":55686,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55851}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Extended Reality (XR) technologies offer tremendous new possibilities for socializing, entertainment, training, and more. Unfortunately, many disabled users find themselves excluded from XR entirely or exposed to severe privacy risks for using it. In this talk, Dylan Fox, Director of Operations for the XR Access Initiative at Cornell Tech, will discuss the core challenges disabled people face in using XR, the tensions between privacy and assistive capabilities, and the open-source efforts happening now to ensure XR is accessible to everyone.\n\n\n","media":[],"title":"XR for All: Accessibility and Privacy for Disabled Users","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:30:00Z","end_timestamp":{"seconds":1723318200,"nanoseconds":0},"android_description":"Extended Reality (XR) technologies offer tremendous new possibilities for socializing, entertainment, training, and more. Unfortunately, many disabled users find themselves excluded from XR entirely or exposed to severe privacy risks for using it. In this talk, Dylan Fox, Director of Operations for the XR Access Initiative at Cornell Tech, will discuss the core challenges disabled people face in using XR, the tensions between privacy and assistive capabilities, and the open-source efforts happening now to ensure XR is accessible to everyone.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54605],"conference_id":133,"event_ids":[54979],"name":"Dylan Fox","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cornell Tech","title":"Director of Operations, XR Access Initiative"}],"pronouns":null,"links":[{"description":"","title":"Website","sort_order":0,"url":"http://drfoxdesign.com/"}],"media":[],"id":54352,"title":"Director of Operations, XR Access Initiative at Cornell Tech"}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T19:30:00.000-0000","id":54979,"tag_ids":[46397,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54352}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This presentation will be a combination of history lesson, technical introduction, and some demonstration. The target audience are those who may never had a chance to experience early microcomputers but want to get an introduction to the world of “retro computing.\r\n\r\nToday everyone's laptop or smartphone either run an Intel, AMD, or ARM processor. And most probably can't tell you exactly what they have or know any details of them. It’s all a black box to most. But back in the 70s and 80s, computer hobbyists & hackers knew they had a Z80, 6502, 6809, 68000 or other processor, and often knew the details and could and did program them in assembly. But while the industry has moved past the Apple II, Atari 400/800/XL/XE, Commodore 64 et al, there are still many who continue to use and enjoy these computers. Even to build and create new and exciting items for them as well as brand new systems using this old tech.\r\n\r\nIn this presentation, we will delve into microprocessor history of the 8-bit and early 16-bit systems, with a particular focus on the MOS 6502, one of the most popular microprocessors. We will touch a little on the systems that used the 6502, and take a quick look into how to program the 6502, even showing a couple of 6502-based systems. Importantly for many, we will delve into some of the resources available for those wishing to enter this world also.\n\n\n","media":[],"title":"The wild and wonderful world of early Microprocessors (with a focus on the 6502)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"This presentation will be a combination of history lesson, technical introduction, and some demonstration. The target audience are those who may never had a chance to experience early microcomputers but want to get an introduction to the world of “retro computing.\r\n\r\nToday everyone's laptop or smartphone either run an Intel, AMD, or ARM processor. And most probably can't tell you exactly what they have or know any details of them. It’s all a black box to most. But back in the 70s and 80s, computer hobbyists & hackers knew they had a Z80, 6502, 6809, 68000 or other processor, and often knew the details and could and did program them in assembly. But while the industry has moved past the Apple II, Atari 400/800/XL/XE, Commodore 64 et al, there are still many who continue to use and enjoy these computers. Even to build and create new and exciting items for them as well as brand new systems using this old tech.\r\n\r\nIn this presentation, we will delve into microprocessor history of the 8-bit and early 16-bit systems, with a particular focus on the MOS 6502, one of the most popular microprocessors. We will touch a little on the systems that used the 6502, and take a quick look into how to program the 6502, even showing a couple of 6502-based systems. Importantly for many, we will delve into some of the resources available for those wishing to enter this world also.","updated_timestamp":{"seconds":1721176990,"nanoseconds":0},"speakers":[{"content_ids":[54604],"conference_id":133,"event_ids":[54978],"name":"Michael Brown","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"FRG Systems","title":"Security and Compliance Director"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@emb021)","sort_order":0,"url":"https://twitter.com/emb021"}],"media":[],"id":54303,"title":"Security and Compliance Director at FRG Systems"}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-17T00:43:10Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":54978,"tag_ids":[46169,46381,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54303}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-17T00:43:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Fresh from his DEFCON 31 marsec village talk, 'I am the Captain now', Paul has another year's experience at sea from which to share stories of taking control of vessels.\r\n\r\nAs it's timely, he will look at why the MV Dali incident wasn't a hack, dispelling ill-informed opinions from the wave of armchair experts that suddenly emerged, but more interestingly, ways that it so easily could have been a cyber event.\r\n\r\nFinally, maritime cyber regulation is starting to catch up, but so many operators and technology providers are likely to be caught out by IACS UR E26 & 27\n\n\n","media":[],"title":"I am still the Captain now!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:30:00Z","end_timestamp":{"seconds":1723318200,"nanoseconds":0},"android_description":"Fresh from his DEFCON 31 marsec village talk, 'I am the Captain now', Paul has another year's experience at sea from which to share stories of taking control of vessels.\r\n\r\nAs it's timely, he will look at why the MV Dali incident wasn't a hack, dispelling ill-informed opinions from the wave of armchair experts that suddenly emerged, but more interestingly, ways that it so easily could have been a cyber event.\r\n\r\nFinally, maritime cyber regulation is starting to catch up, but so many operators and technology providers are likely to be caught out by IACS UR E26 & 27","updated_timestamp":{"seconds":1720396209,"nanoseconds":0},"speakers":[{"content_ids":[54603],"conference_id":133,"event_ids":[54977],"name":"Paul Brownridge","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54330}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T23:50:09Z","links":[],"end":"2024-08-10T19:30:00.000-0000","id":54977,"tag_ids":[46169,46382,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54330}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-07T23:50:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"reversing can feel uber powerful... like you hold God's honest truth within your hands... most humans don't understand what you can see and comprehend.\r\n\r\nuntil someone tries to hide the truth from you... limit your knowledge... keep you from your glorious purpose!\r\n\r\nobfuscated code can be a real downer.\r\n\r\nthis talk focuses on the story of how i took on an interesting obfuscated target (an automotive modder's tool with ability to flash firmware and tweak engines), in fun and exciting ways.\r\n\r\nwe'll discuss several problems with obfuscated code, an approach i took (and tooling), playing in the guts of machine code, and customizations to binary analysis tools that came out of the journey...\r\n\r\nthere will be much hex, disassembly, green on black, total carnage.\r\n\r\nyou will walk away with powerful ideas and new tools to help you in your pursuit of truth. you will be entertained, enriched, educated, and hopefully inspired. instead of thinking that \"atlas is smart\" my goal is you feeling, and being, more powerful.\r\n\r\ncome with Vivisect installed to follow along!\r\n\r\n- [link](https://github.com/vivisect/vivisect)\r\n- [link](https://github.com/atlas0fd00m/vivisect)\r\n- [link](https://github.com/atlas0fd00m/VivisectION)\r\n- [link](https://vivisect.readthedocs.io/)\r\n\n\n\n","media":[],"title":"automobiles, alcohol, blood, sweat, and creative reversing of an obfuscated Car-Modding tool","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T19:45:00Z","end_timestamp":{"seconds":1723319100,"nanoseconds":0},"android_description":"reversing can feel uber powerful... like you hold God's honest truth within your hands... most humans don't understand what you can see and comprehend.\r\n\r\nuntil someone tries to hide the truth from you... limit your knowledge... keep you from your glorious purpose!\r\n\r\nobfuscated code can be a real downer.\r\n\r\nthis talk focuses on the story of how i took on an interesting obfuscated target (an automotive modder's tool with ability to flash firmware and tweak engines), in fun and exciting ways.\r\n\r\nwe'll discuss several problems with obfuscated code, an approach i took (and tooling), playing in the guts of machine code, and customizations to binary analysis tools that came out of the journey...\r\n\r\nthere will be much hex, disassembly, green on black, total carnage.\r\n\r\nyou will walk away with powerful ideas and new tools to help you in your pursuit of truth. you will be entertained, enriched, educated, and hopefully inspired. instead of thinking that \"atlas is smart\" my goal is you feeling, and being, more powerful.\r\n\r\ncome with Vivisect installed to follow along!\r\n\r\n- [link](https://github.com/vivisect/vivisect)\r\n- [link](https://github.com/atlas0fd00m/vivisect)\r\n- [link](https://github.com/atlas0fd00m/VivisectION)\r\n- [link](https://vivisect.readthedocs.io/)","updated_timestamp":{"seconds":1720463810,"nanoseconds":0},"speakers":[{"content_ids":[54527],"conference_id":133,"event_ids":[54900],"name":"atlas","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Twitter (@at1as)","sort_order":0,"url":"https://twitter.com/at1as"}],"media":[],"id":54140}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:36:50Z","links":[],"end":"2024-08-10T19:45:00.000-0000","id":54900,"tag_ids":[46166,46169,46419,46438,46882],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54140}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-08T18:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"GitHub Actions is quickly becoming the de facto CI/CD provider for open-source projects, startups, and enterprises. At the same time, GitHub’s security model is full of insecure defaults. This makes it easy for their customers to expose themselves to critical attacks from the public internet. The end result? A systemic vulnerability class that won’t go away.\r\n\r\nDuring our research, we identified GitHub Actions misconfigurations at scale that would allow threat actors to backdoor major open-source projects. An example of this is our attack on PyTorch, a prominent ML framework used by companies and researchers around the world.\r\n\r\nThrough this attack, we could contribute code directly to the main branch of the PyTorch repository, upload malicious releases, backdoor other PyTorch projects, and more. These attacks began by compromising self-hosted runners, which are machines that execute jobs in a GitHub Actions workflow. From there, we leveraged misconfigurations and GitHub “features” to elevate our privileges within GitHub Actions workflows.\r\n\r\nOur research campaign included dozens of reports, over $250,000 in bug bounties, and endless war stories. Tune in for a deep dive into the TTPs that allow turning a trivial runner compromise into a full supply chain attack.\r\n\r\n1. [link](https://adnanthekhan.com/2023/12/20/one-supply-chain-attack-to-rule-them-all/)\r\n2. [link](https://johnstawinski.com/2024/01/11/playing-with-fire-how-we-executed-a-critical-supply-chain-attack-on-pytorch/)\r\n3. [link](https://johnstawinski.com/2024/01/05/worse-than-solarwinds-three-steps-to-hack-blockchains-github-and-ml-through-github-actions/)\r\n\n\n\n","media":[],"title":"Grand Theft Actions: Abusing Self-Hosted GitHub Runners at Scale","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T19:45:00Z","end_timestamp":{"seconds":1723319100,"nanoseconds":0},"android_description":"GitHub Actions is quickly becoming the de facto CI/CD provider for open-source projects, startups, and enterprises. At the same time, GitHub’s security model is full of insecure defaults. This makes it easy for their customers to expose themselves to critical attacks from the public internet. The end result? A systemic vulnerability class that won’t go away.\r\n\r\nDuring our research, we identified GitHub Actions misconfigurations at scale that would allow threat actors to backdoor major open-source projects. An example of this is our attack on PyTorch, a prominent ML framework used by companies and researchers around the world.\r\n\r\nThrough this attack, we could contribute code directly to the main branch of the PyTorch repository, upload malicious releases, backdoor other PyTorch projects, and more. These attacks began by compromising self-hosted runners, which are machines that execute jobs in a GitHub Actions workflow. From there, we leveraged misconfigurations and GitHub “features” to elevate our privileges within GitHub Actions workflows.\r\n\r\nOur research campaign included dozens of reports, over $250,000 in bug bounties, and endless war stories. Tune in for a deep dive into the TTPs that allow turning a trivial runner compromise into a full supply chain attack.\r\n\r\n1. [link](https://adnanthekhan.com/2023/12/20/one-supply-chain-attack-to-rule-them-all/)\r\n2. [link](https://johnstawinski.com/2024/01/11/playing-with-fire-how-we-executed-a-critical-supply-chain-attack-on-pytorch/)\r\n3. [link](https://johnstawinski.com/2024/01/05/worse-than-solarwinds-three-steps-to-hack-blockchains-github-and-ml-through-github-actions/)","updated_timestamp":{"seconds":1720463005,"nanoseconds":0},"speakers":[{"content_ids":[54489],"conference_id":133,"event_ids":[54862],"name":"Adnan Khan","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Red Team Security Engineer"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/adnanekhan"},{"description":"","title":"adnanthekhan.com","sort_order":0,"url":"https://adnanthekhan.com"}],"media":[],"id":54087,"title":"Red Team Security Engineer"},{"content_ids":[54489],"conference_id":133,"event_ids":[54862],"name":"John Stawinski","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/john-stawinski-72ba87191/"},{"description":"","title":"Website","sort_order":0,"url":"https://johnstawinski.com"}],"media":[],"id":54196}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:23:25Z","links":[],"end":"2024-08-10T19:45:00.000-0000","id":54862,"tag_ids":[46166,46169,46419,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54087},{"tag_id":46167,"sort_order":2,"person_id":54196}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-08T18:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The enshittification of the internet wasn't inevitable. The old, good internet gave way to the enshitternet because we let our bosses enshittify it. We took away the constraints of competition, regulation, interop and tech worker power, and so when our bosses yanked on the big enshittification lever in the c-suite, it started to budge further and further, toward total enshittification. A new, good internet is possible - and necessary - and it needs *you*.\n\n\n","media":[],"title":"Disenshittify or die! How hackers can seize the means of computation and build a new, good internet that is hardened against our asshole bosses' insatiable horniness for enshittification.","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T19:45:00Z","end_timestamp":{"seconds":1723319100,"nanoseconds":0},"android_description":"The enshittification of the internet wasn't inevitable. The old, good internet gave way to the enshitternet because we let our bosses enshittify it. We took away the constraints of competition, regulation, interop and tech worker power, and so when our bosses yanked on the big enshittification lever in the c-suite, it started to budge further and further, toward total enshittification. A new, good internet is possible - and necessary - and it needs *you*.","updated_timestamp":{"seconds":1720307459,"nanoseconds":0},"speakers":[{"content_ids":[54488,54471],"conference_id":133,"event_ids":[54844,54861],"name":"Cory Doctorow","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Author"}],"pronouns":null,"links":[{"description":"","title":"Mastodon (@doctorow@mamot.fr)","sort_order":0,"url":"https://mamot.fr/@doctorow"},{"description":"","title":"Medium (@doctorow)","sort_order":0,"url":"https://medium.com/@doctorow"},{"description":"","title":"Tumblr (@mostlysignssomeportents)","sort_order":0,"url":"https://www.tumblr.com/mostlysignssomeportents"},{"description":"","title":"Twitter (@doctorow)","sort_order":0,"url":"https://twitter.com/doctorow"},{"description":"","title":"Website","sort_order":0,"url":"https://craphound.com"}],"media":[],"id":54119,"title":"Author"}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-06T23:10:59Z","links":[],"end":"2024-08-10T19:45:00.000-0000","id":54861,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54119}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"FACTION is an all-encompassing solution for streamlined security assessment workflows and enhancing collaboration within your teams. In addition, It's fully open source and extendable so it can integrate within diverse environments. FACTION's key benefits are that it cuts reporting time down to more than half for manual pen-tests, keeps tabs on all outstanding vulnerabilities with custom alerts based on your SLAs, becomes the hub of shared information for your assessments enabling other teammates to replay attacks you share, facilitates large scale assessment scheduling that typically becomes hard to manage when your teams are doing more than 100 assessments a year, and is fully extendable with REST APIs and FACTION Extensions.\n\n\n","media":[],"title":"FACTION","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"FACTION is an all-encompassing solution for streamlined security assessment workflows and enhancing collaboration within your teams. In addition, It's fully open source and extendable so it can integrate within diverse environments. FACTION's key benefits are that it cuts reporting time down to more than half for manual pen-tests, keeps tabs on all outstanding vulnerabilities with custom alerts based on your SLAs, becomes the hub of shared information for your assessments enabling other teammates to replay attacks you share, facilitates large scale assessment scheduling that typically becomes hard to manage when your teams are doing more than 100 assessments a year, and is fully extendable with REST APIs and FACTION Extensions.","updated_timestamp":{"seconds":1718922813,"nanoseconds":0},"speakers":[{"content_ids":[54198],"conference_id":133,"event_ids":[54567],"name":"Josh Summitt","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Faction Security","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":53745,"title":"Founder at Faction Security"}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:33:33Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249632"},{"label":"Project","type":"link","url":"https://github.com/factionsecurity/faction"}],"end":"2024-08-10T20:45:00.000-0000","id":54567,"tag_ids":[46169,46441,46443,46445,46453,46456,46462],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53745}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W308","hotel":"","short_name":"W308","id":46321},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-06-20T22:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In ever evolving software development world, security is also becoming fast paced. Hence, each product going through the pentest cycle has to be managed effectively and efficiently. Managing multiple pentests and testers is important. A single pane of glass view for managing pentests and testers is what the goal of this tool is.\n\n\n","media":[],"title":"MPT - Pentest in Action","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"In ever evolving software development world, security is also becoming fast paced. Hence, each product going through the pentest cycle has to be managed effectively and efficiently. Managing multiple pentests and testers is important. A single pane of glass view for managing pentests and testers is what the goal of this tool is.","updated_timestamp":{"seconds":1718922758,"nanoseconds":0},"speakers":[{"content_ids":[54195],"conference_id":133,"event_ids":[54564],"name":"Jyoti Raval","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Baker Hughes","title":"Senior Staff Product Security Leader"}],"links":[],"pronouns":null,"media":[],"id":53746,"title":"Senior Staff Product Security Leader at Baker Hughes"}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:32:38Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249631"},{"label":"Project","type":"link","url":"https://github.com/jenyraval/MPT"}],"end":"2024-08-10T20:45:00.000-0000","id":54564,"tag_ids":[46169,46441,46443],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53746}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W307","hotel":"","short_name":"W307","id":46322},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-06-20T22:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"GC2 is the first serverless command and control. This project aims to demonstrate how attackers could take advantage of third-party tools (Google Sheets and Google Drive) to execute commands and exfiltrate information from a compromised system. First released in 2021, became well known in April 2023 after being mentioned in Google's Threat Horizons Report.\n\n\n","media":[],"title":"GC2 - The First Serverless Command & Control","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"GC2 is the first serverless command and control. This project aims to demonstrate how attackers could take advantage of third-party tools (Google Sheets and Google Drive) to execute commands and exfiltrate information from a compromised system. First released in 2021, became well known in April 2023 after being mentioned in Google's Threat Horizons Report.","updated_timestamp":{"seconds":1718922703,"nanoseconds":0},"speakers":[{"content_ids":[54192],"conference_id":133,"event_ids":[54561],"name":"Lorenzo Grazian","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53753}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:31:43Z","links":[{"label":"Project","type":"link","url":"https://github.com/looCiprian/GC2-sheet"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249630"}],"end":"2024-08-10T20:45:00.000-0000","id":54561,"tag_ids":[46169,46441,46445,46446,46453],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53753}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W306","hotel":"","short_name":"W306","id":46323},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-06-20T22:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"CODASM aims to decrease a stageless payload's Shannon entropy, which was found to be a simple but annoying detection vector used by EDRs. It's a Python program that processes arbitrary binary inputs and produces a C program consisting of two parts: a buffer holding generated x86-64 ASM instructions with the original payload encoded into it, and a set of functions that can decode the ASM at runtime. The buffer is designed to be compiled into the final payload's .text section, thus it looks like regular (if not functional) code to AVs, EDRs and analysts. This encoding effectively decreases the payload's Shannon entropy but comes with a significant increase in output size. The demo will cover usage of the tool and dissection/reverse engineering of the resulting payload.\n\n\n","media":[],"title":"CODASM - Hiding Payloads in Plain .text","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"CODASM aims to decrease a stageless payload's Shannon entropy, which was found to be a simple but annoying detection vector used by EDRs. It's a Python program that processes arbitrary binary inputs and produces a C program consisting of two parts: a buffer holding generated x86-64 ASM instructions with the original payload encoded into it, and a set of functions that can decode the ASM at runtime. The buffer is designed to be compiled into the final payload's .text section, thus it looks like regular (if not functional) code to AVs, EDRs and analysts. This encoding effectively decreases the payload's Shannon entropy but comes with a significant increase in output size. The demo will cover usage of the tool and dissection/reverse engineering of the resulting payload.","updated_timestamp":{"seconds":1718922651,"nanoseconds":0},"speakers":[{"content_ids":[54170,54189],"conference_id":133,"event_ids":[54539,54558],"name":"Moritz Laurin Thomas","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NVISO ARES","title":"Senior Red Team Security Consultant"}],"links":[],"pronouns":null,"media":[],"id":53762,"title":"Senior Red Team Security Consultant at NVISO ARES"}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:30:51Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249629"}],"end":"2024-08-10T20:45:00.000-0000","id":54558,"tag_ids":[46169,46441,46445,46451,46453],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53762}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W305","hotel":"","short_name":"W305","id":46324},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-06-20T22:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Metasploit Framework released version 6.4 earlier this year, including multiple improvements to Kerberos-related attack workflows. The latest changes added support for forging diamond and sapphire tickets, as well as dumping tickets from compromised hosts. Metasploit users can now exploit unconstrained delegation in Active Directory environments for privilege escalation as well as use pass-the-ticket authentication for the Windows secrets dump module. These new Kerberos improvements increase the ways in which tickets can be forged, gathered, as well as used. Additionally, Metasploit has added support for new protocol based sessions, allowing users to interact with targets without uploading payloads, thus increasing their evasive capabilities. These new sessions can be established to database, SMB and LDAP servers. Once opened, they enable users to interact and run post modules with them, all without running a payload on the remote host. Finally, version 6.4 includes a complete overhaul of how Metasploit handles its own DNS queries. These improvements ensure that users pivoting their traffic over compromised hosts are not leaking their queries and offer a high degree of control over how queries should be resolved. This demonstration will cover these latest improvements and show how the changes can be combined for new, streamlined attack workflows using the latest Metasploit release.\n\n\n","media":[],"title":"The Metasploit Framework v6.4","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"The Metasploit Framework released version 6.4 earlier this year, including multiple improvements to Kerberos-related attack workflows. The latest changes added support for forging diamond and sapphire tickets, as well as dumping tickets from compromised hosts. Metasploit users can now exploit unconstrained delegation in Active Directory environments for privilege escalation as well as use pass-the-ticket authentication for the Windows secrets dump module. These new Kerberos improvements increase the ways in which tickets can be forged, gathered, as well as used. Additionally, Metasploit has added support for new protocol based sessions, allowing users to interact with targets without uploading payloads, thus increasing their evasive capabilities. These new sessions can be established to database, SMB and LDAP servers. Once opened, they enable users to interact and run post modules with them, all without running a payload on the remote host. Finally, version 6.4 includes a complete overhaul of how Metasploit handles its own DNS queries. These improvements ensure that users pivoting their traffic over compromised hosts are not leaking their queries and offer a high degree of control over how queries should be resolved. This demonstration will cover these latest improvements and show how the changes can be combined for new, streamlined attack workflows using the latest Metasploit release.","updated_timestamp":{"seconds":1718922585,"nanoseconds":0},"speakers":[{"content_ids":[54186],"conference_id":133,"event_ids":[54555],"name":"Jack Heysel","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Rapid7","title":"Senior Security Researcher"}],"links":[],"pronouns":null,"media":[],"id":53741,"title":"Senior Security Researcher at Rapid7"},{"content_ids":[54186],"conference_id":133,"event_ids":[54555],"name":"Spencer McIntyre","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Rapid7","title":"Security Research Manager"}],"links":[],"pronouns":null,"media":[],"id":53773,"title":"Security Research Manager at Rapid7"}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:29:45Z","links":[{"label":"Project","type":"link","url":"https://github.com/rapid7/metasploit-framework"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249628"}],"end":"2024-08-10T20:45:00.000-0000","id":54555,"tag_ids":[46169,46441,46453],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53741},{"tag_id":46167,"sort_order":4,"person_id":53773}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W304","hotel":"","short_name":"W304","id":46325},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-06-20T22:29:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"An open hardware design for BusKill cables that uses 3D printing and easily sourceable components. BusKill cables are hardware Dead Man’s Switches that use USB events to trigger a laptop to lock, shutdown, or self-destruct when the laptop is physically separated from the operator.\n\n\n","media":[],"title":"Open Hardware Design for BusKill Cord","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"An open hardware design for BusKill cables that uses 3D printing and easily sourceable components. BusKill cables are hardware Dead Man’s Switches that use USB events to trigger a laptop to lock, shutdown, or self-destruct when the laptop is physically separated from the operator.","updated_timestamp":{"seconds":1718922526,"nanoseconds":0},"speakers":[{"content_ids":[54183],"conference_id":133,"event_ids":[54552],"name":"Melanie Allen","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53760}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:28:46Z","links":[{"label":"Project","type":"link","url":"https://github.com/BusKill/usb-a-magnetic-breakaway"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249627"}],"end":"2024-08-10T20:45:00.000-0000","id":54552,"tag_ids":[46169,46441,46445,46449],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53760}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W303","hotel":"","short_name":"W303","id":46326},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-06-20T22:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00\n\n\n","media":[],"title":"Friends of Bill W","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00","updated_timestamp":{"seconds":1718771079,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T04:24:39Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249486"}],"end":"2024-08-10T20:00:00.000-0000","id":54486,"tag_ids":[46364,46401],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W301","hotel":"","short_name":"W301","id":46295},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-06-19T04:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cloud providers build their services a little like Jenga towers. They use their core services as the foundation of more popular customer-facing offerings. You may think you’re just creating a GCP cloud function in an empty account. In reality, with one click, you’re creating resources in six different services: a Cloud Build instance, a Storage Bucket, an Artifact Registry or a Container Registry, and possibly a Cloud Run instance and Eventarc triggers. The security of the entire stack is only as strong as the weakest link.\n\nBy looking at the entire stack, we can find privilege escalation techniques and even vulnerabilities that are hidden behind the stack. In my research, I was able to find a novel privilege escalation vulnerability and several privilege escalation techniques in GCP.\n\nThe talk will showcase a key concept, sometimes not discussed enough: cloud services are built on top of each other, and one click in the console can cause many things to happen behind the scenes. More services mean more risks and a larger attack surface.\n\nThe next part will dive deep into the vulnerable GCP cloud functions deployment flow. I will showcase the vulnerability I found in this flow, which enables an attacker to run code as the default Cloud Build service account by exploiting the deployment flow and the flawed trust between services resulting in a large fix and change in GCP IAM and Cloud Functions. This would grant an attacker high privileges to key services such as Storage, Artifact Registry, and Cloud Build.\n\nHowever, this talk is about more than just a vulnerability. By understanding cross-service dependency, we can reveal a broad attack surface for many possible privilege escalation vectors between services. I will demo a simple tool I wrote to find the hidden APIs that are called by the CSP when performing an action.\n\nBy the end of this talk, the audience will learn the dangers of treating cloud services like a black box. The talk explains the hidden deployment flow behind one important stack, and provides the tools to uncover the risks of many more.\n\n\n","media":[],"title":"One Click, Six Services: Abusing The Dangerous Multi-service Orchestration Pattern","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:15:00Z","end_timestamp":{"seconds":1723317300,"nanoseconds":0},"android_description":"Cloud providers build their services a little like Jenga towers. They use their core services as the foundation of more popular customer-facing offerings. You may think you’re just creating a GCP cloud function in an empty account. In reality, with one click, you’re creating resources in six different services: a Cloud Build instance, a Storage Bucket, an Artifact Registry or a Container Registry, and possibly a Cloud Run instance and Eventarc triggers. The security of the entire stack is only as strong as the weakest link.\n\nBy looking at the entire stack, we can find privilege escalation techniques and even vulnerabilities that are hidden behind the stack. In my research, I was able to find a novel privilege escalation vulnerability and several privilege escalation techniques in GCP.\n\nThe talk will showcase a key concept, sometimes not discussed enough: cloud services are built on top of each other, and one click in the console can cause many things to happen behind the scenes. More services mean more risks and a larger attack surface.\n\nThe next part will dive deep into the vulnerable GCP cloud functions deployment flow. I will showcase the vulnerability I found in this flow, which enables an attacker to run code as the default Cloud Build service account by exploiting the deployment flow and the flawed trust between services resulting in a large fix and change in GCP IAM and Cloud Functions. This would grant an attacker high privileges to key services such as Storage, Artifact Registry, and Cloud Build.\n\nHowever, this talk is about more than just a vulnerability. By understanding cross-service dependency, we can reveal a broad attack surface for many possible privilege escalation vectors between services. I will demo a simple tool I wrote to find the hidden APIs that are called by the CSP when performing an action.\n\nBy the end of this talk, the audience will learn the dangers of treating cloud services like a black box. The talk explains the hidden deployment flow behind one important stack, and provides the tools to uncover the risks of many more.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55491],"conference_id":133,"event_ids":[55920],"name":"Liv Matan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"terminatorLM","sort_order":0,"url":"https://terminatorLM"}],"media":[],"id":56022}],"begin_tsz":"2024-08-10T18:50:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-10T19:15:00.000-0000","id":55920,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723315800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56022}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-10T18:50:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"How the Deepfake & Synthetic Media Framework (DSMAF) can be applied to an election\ncontext to more effectively differentiate deceptive from legitimate content and to better\nunderstand the nature of the threats posed by deceptive online content (both deepfakes\nand non-deepfakes). This will include a demonstration of the 2024 U.S. Presidential\nElection Deepfake Threat Tracker and a tutorial for how to effectively use this resource.\n\n\n","media":[],"title":"The Threat of Deepfakes and Synthetic Media to Election Integrity","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:15:00Z","end_timestamp":{"seconds":1723317300,"nanoseconds":0},"android_description":"How the Deepfake & Synthetic Media Framework (DSMAF) can be applied to an election\ncontext to more effectively differentiate deceptive from legitimate content and to better\nunderstand the nature of the threats posed by deceptive online content (both deepfakes\nand non-deepfakes). This will include a demonstration of the 2024 U.S. Presidential\nElection Deepfake Threat Tracker and a tutorial for how to effectively use this resource.","updated_timestamp":{"seconds":1723183538,"nanoseconds":0},"speakers":[{"content_ids":[56188],"conference_id":133,"event_ids":[56842],"name":"Dr. Matthew Canham","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/matthew-c-971855100/"},{"description":"","title":"Website","sort_order":0,"url":"https://deepfakedashboard.com/"}],"media":[],"id":56566}],"begin_tsz":"2024-08-10T18:45:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T06:05:38Z","links":[],"end":"2024-08-10T19:15:00.000-0000","id":56842,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723315500,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56566}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T18:45:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"During the session, I will present an extensive array of over 15 distinct techniques and vulnerabilities that can be exploited for authentication bypass or account takeover. Some of the vulnerabilities I will cover include Session Puzzling, Session Fixation, Rate Limit Bypasses, Broken Brute-Force Protection, 2FA/OTP Misconfigurations, HTTP-Parameter Pollution, PHP Type Juggling, and many more. These insights will provide attendees with a comprehensive understanding of the various methods used by attackers to compromise authentication mechanisms and take control of user accounts.\n\n\n","media":[],"title":"Unlocking the Gates - Understanding Authentication Bypass Vulnerabilities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:10:00Z","end_timestamp":{"seconds":1723317000,"nanoseconds":0},"android_description":"During the session, I will present an extensive array of over 15 distinct techniques and vulnerabilities that can be exploited for authentication bypass or account takeover. Some of the vulnerabilities I will cover include Session Puzzling, Session Fixation, Rate Limit Bypasses, Broken Brute-Force Protection, 2FA/OTP Misconfigurations, HTTP-Parameter Pollution, PHP Type Juggling, and many more. These insights will provide attendees with a comprehensive understanding of the various methods used by attackers to compromise authentication mechanisms and take control of user accounts.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55705],"conference_id":133,"event_ids":[56221],"name":"Vikas Khanna","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56095}],"begin_tsz":"2024-08-10T18:40:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T19:10:00.000-0000","id":56221,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723315200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56095}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T18:40:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"AMA on Proxmark3 with Iceman","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T19:30:00Z","end_timestamp":{"seconds":1723318200,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723307096,"nanoseconds":0},"speakers":[{"content_ids":[56220],"conference_id":133,"event_ids":[56875],"name":"Iceman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56616}],"begin_tsz":"2024-08-10T18:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-10T16:24:56Z","links":[],"end":"2024-08-10T19:30:00.000-0000","id":56875,"tag_ids":[46390,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723314600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56616}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-10T18:30:00.000-0000","updated":"2024-08-10T16:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn about DARPA's approach to developing tools to identify and flag multi-model media assets that have been generated or malicious purposes under the Semantic Forensics (SemaFor) program.\n\n\n","media":[],"title":"Spotting Deepfakes in a World with Generative AI","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:50:00Z","end_timestamp":{"seconds":1723315800,"nanoseconds":0},"android_description":"Learn about DARPA's approach to developing tools to identify and flag multi-model media assets that have been generated or malicious purposes under the Semantic Forensics (SemaFor) program.","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[56134],"conference_id":133,"event_ids":[56777],"name":"Dr. William Corvey","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DARPA Information Innovation Office","title":"SEMAFOR Program Manager"}],"pronouns":"they/them","links":[{"description":"","title":"DARPA Profile","sort_order":0,"url":"https://www.darpa.mil/staff/dr-wil-corvey"},{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/wil-corvey-505a6310"}],"media":[],"id":56525,"title":"SEMAFOR Program Manager at DARPA Information Innovation Office"}],"begin_tsz":"2024-08-10T18:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-10T18:50:00.000-0000","id":56777,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723314600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56525}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-10T18:30:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Cybersecurity for Emerging Tech (panelists would include researchers or industry executives in emerging tech categories, like space, OT, hardware like drones, etc)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:30:00Z","end_timestamp":{"seconds":1723318200,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55969],"conference_id":133,"event_ids":[56585],"name":"Paulino Calderon","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":""}],"links":[],"pronouns":null,"media":[],"id":56305}],"begin_tsz":"2024-08-10T18:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-10T19:30:00.000-0000","id":56585,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723314600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56305}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-10T18:30:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Large Language Model (LLM) deployment and integration comes with a need for scalable evaluation of how these models respond to adversarial attacks. However, LLM security is a moving target: models produce unpredictable output, are constantly updated, and the potential adversary is highly diverse: anyone with access to the internet and a decent command of natural language. Further, what constitutes a weakness in one context may not be an issue in a different context; one-fits-all guardrails remain theoretical. It is time to rethink what constitutes ``LLM security’’, and pursue a holistic approach to LLM security evaluation, where exploration and discovery of issues are central. To this end, this paper introduces garak (Generative AI Red-teaming and Assessment Kit), a framework which can be used to discover and identify vulnerabilities in a target LLM or dialog system. garak probes an LLM in a structured fashion to discover potential vulnerabilities. The outputs of the framework describe a target model’s weaknesses, contribute to an informed discussion of what composes vulnerabilities in unique contexts, and can inform alignment and policy discussions for LLM deployment.\n\n\n","media":[],"title":"garak : A Framework for Large Language Model Red Teaming","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:30:00Z","end_timestamp":{"seconds":1723318200,"nanoseconds":0},"android_description":"Large Language Model (LLM) deployment and integration comes with a need for scalable evaluation of how these models respond to adversarial attacks. However, LLM security is a moving target: models produce unpredictable output, are constantly updated, and the potential adversary is highly diverse: anyone with access to the internet and a decent command of natural language. Further, what constitutes a weakness in one context may not be an issue in a different context; one-fits-all guardrails remain theoretical. It is time to rethink what constitutes ``LLM security’’, and pursue a holistic approach to LLM security evaluation, where exploration and discovery of issues are central. To this end, this paper introduces garak (Generative AI Red-teaming and Assessment Kit), a framework which can be used to discover and identify vulnerabilities in a target LLM or dialog system. garak probes an LLM in a structured fashion to discover potential vulnerabilities. The outputs of the framework describe a target model’s weaknesses, contribute to an informed discussion of what composes vulnerabilities in unique contexts, and can inform alignment and policy discussions for LLM deployment.","updated_timestamp":{"seconds":1722625241,"nanoseconds":0},"speakers":[{"content_ids":[55882,54175],"conference_id":133,"event_ids":[56467,54544],"name":"Erick Galinkin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NVIDIA","title":"Research Scientist"}],"links":[],"pronouns":null,"media":[],"id":53735,"title":"Research Scientist at NVIDIA"},{"content_ids":[55882,54175],"conference_id":133,"event_ids":[56467,54544],"name":"Leon Derczynski","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ITU Copenhagen","title":"Prof, Natural Language Processing"},{"organization":"NVIDIA","title":"Principal Research Scientist, LLM Security"}],"links":[],"pronouns":null,"media":[],"id":53749,"title":"Principal Research Scientist, LLM Security at NVIDIA"},{"content_ids":[55882],"conference_id":133,"event_ids":[56467],"name":"Jeffery Martin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NVIDIA","title":""}],"links":[],"pronouns":null,"media":[],"id":56247,"title":"NVIDIA"},{"content_ids":[55882],"conference_id":133,"event_ids":[56467],"name":"Subho Majumdar","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"vijil","title":""}],"links":[],"pronouns":null,"media":[],"id":56248,"title":"vijil"}],"begin_tsz":"2024-08-10T18:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T19:00:41Z","links":[],"end":"2024-08-10T19:30:00.000-0000","id":56467,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723314600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":53749},{"tag_id":46167,"sort_order":4,"person_id":53735},{"tag_id":46167,"sort_order":6,"person_id":56247},{"tag_id":46167,"sort_order":8,"person_id":56248}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-10T18:30:00.000-0000","updated":"2024-08-02T19:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn how to build a device to emulate magstripe using data intercepted from EMV chip and contactless interfaces\n\n\n","media":[],"title":"Emulating Magstripe with Arduino","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T19:10:00Z","end_timestamp":{"seconds":1723317000,"nanoseconds":0},"android_description":"Learn how to build a device to emulate magstripe using data intercepted from EMV chip and contactless interfaces","updated_timestamp":{"seconds":1722356245,"nanoseconds":0},"speakers":[{"content_ids":[55566,55567,55568],"conference_id":133,"event_ids":[56081,56082,56089,56091,56092],"name":"Leigh-Anne Galloway","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"UNDERLE LTD","title":"Director of Research"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/leighannegalloway/"},{"description":"","title":"Twitter (@L_Agalloway)","sort_order":0,"url":"https://twitter.com/L_Agalloway"}],"media":[],"id":56039,"title":"Director of Research at UNDERLE LTD"}],"begin_tsz":"2024-08-10T18:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T16:17:25Z","links":[],"end":"2024-08-10T19:10:00.000-0000","id":56089,"tag_ids":[46386,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723314600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56039}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-10T18:30:00.000-0000","updated":"2024-07-30T16:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Amid the Gen-AI revolution, notably through the rise of Large Language Models (LLMs), the cybersecurity landscape faces opportunities and challenges. These advanced AI models have successfully analyzed texts at unprecedented speeds, offering profound insights into vast data pools. However, this rapid technological growth has also paved the way for sophisticated Gen-AI-powered cyber threats that exploit these systems' adaptable, polymorphic nature, outpacing traditional defenses.\r\n\r\nThis presentation seeks to empower red teamers by unveiling the potential of open-source Gen-AI as a formidable ally in cybersecurity. Focusing on practical application, we will guide participants through constructing their own Gen-AI-based \"\"co-pilot,\"\" leveraging LLMs to enhance vulnerability identification and defense mechanisms.\r\n\r\nAttendees will be introduced to the fundamentals of Gen-AI, including cost-effective strategies for fine-tuning LLMs using custom datasets drawn from pentest reports, bug bounties, and more. The discussion will extend to innovative, memory-efficient training methods such as LORA (Low-Rank Adaptation) and Quantized Low-Rank Adaptation (QLORA), making training an LLM on a modest single GPU setup feasible.\r\n\r\nDesigned for beginners with no prior AI experience, this talk aims to equip red teamers with powerful, open-source AI tools to accelerate vulnerability detection. By harnessing Gen-AI, cybersecurity professionals can stay one step ahead, identifying and mitigating potential threats at machine speed, ensuring they outpace adversaries in the ongoing cyber battle.\n\n\n","media":[],"title":"My Smart Red Team Copilot","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:15:00Z","end_timestamp":{"seconds":1723317300,"nanoseconds":0},"android_description":"Amid the Gen-AI revolution, notably through the rise of Large Language Models (LLMs), the cybersecurity landscape faces opportunities and challenges. These advanced AI models have successfully analyzed texts at unprecedented speeds, offering profound insights into vast data pools. However, this rapid technological growth has also paved the way for sophisticated Gen-AI-powered cyber threats that exploit these systems' adaptable, polymorphic nature, outpacing traditional defenses.\r\n\r\nThis presentation seeks to empower red teamers by unveiling the potential of open-source Gen-AI as a formidable ally in cybersecurity. Focusing on practical application, we will guide participants through constructing their own Gen-AI-based \"\"co-pilot,\"\" leveraging LLMs to enhance vulnerability identification and defense mechanisms.\r\n\r\nAttendees will be introduced to the fundamentals of Gen-AI, including cost-effective strategies for fine-tuning LLMs using custom datasets drawn from pentest reports, bug bounties, and more. The discussion will extend to innovative, memory-efficient training methods such as LORA (Low-Rank Adaptation) and Quantized Low-Rank Adaptation (QLORA), making training an LLM on a modest single GPU setup feasible.\r\n\r\nDesigned for beginners with no prior AI experience, this talk aims to equip red teamers with powerful, open-source AI tools to accelerate vulnerability detection. By harnessing Gen-AI, cybersecurity professionals can stay one step ahead, identifying and mitigating potential threats at machine speed, ensuring they outpace adversaries in the ongoing cyber battle.","updated_timestamp":{"seconds":1721495283,"nanoseconds":0},"speakers":[{"content_ids":[55282,55199],"conference_id":133,"event_ids":[55589,55672],"name":"Gaspard Baye","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"AI Researcher & Ph.D. Candidate"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/bayegaspard/"},{"description":"","title":"Twitter (@bayegaspard)","sort_order":0,"url":"https://twitter.com/bayegaspard"},{"description":"","title":"Website","sort_order":0,"url":"https://umassd.edu"}],"media":[],"id":55802,"title":"AI Researcher & Ph.D. Candidate"}],"begin_tsz":"2024-08-10T18:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T17:08:03Z","links":[],"end":"2024-08-10T19:15:00.000-0000","id":55589,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723314600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55802}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T18:30:00.000-0000","updated":"2024-07-20T17:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for an insightful panel discussion where we bring together seasoned Bug Bounty Program Managers and adept bug bounty hunters. This panel aims to address pressing questions and share diverse perspectives on the evolving landscape of bug bounties. We will dive into the challenges faced by both hunters and managers, discuss strategies to enhance the impact of submissions, and explore the future of bug bounties in the face of emerging technologies, evolving trends, and threats. We will also highlight the importance of bug bounties in the current cybersecurity landscape and share the top elements that contribute to a successful bug bounty program. Lastly, we will provide recommendations for organizations looking to mature their bug bounty programs but are hesitant about expanding. This panel promises to be a valuable opportunity for learning, sharing, and networking for anyone involved or interested in the world of bug bounties.\n\n\n","media":[],"title":"Hunters and Gatherers: A Deep Dive into the World of Bug Bounties","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:30:00Z","end_timestamp":{"seconds":1723318200,"nanoseconds":0},"android_description":"Join us for an insightful panel discussion where we bring together seasoned Bug Bounty Program Managers and adept bug bounty hunters. This panel aims to address pressing questions and share diverse perspectives on the evolving landscape of bug bounties. We will dive into the challenges faced by both hunters and managers, discuss strategies to enhance the impact of submissions, and explore the future of bug bounties in the face of emerging technologies, evolving trends, and threats. We will also highlight the importance of bug bounties in the current cybersecurity landscape and share the top elements that contribute to a successful bug bounty program. Lastly, we will provide recommendations for organizations looking to mature their bug bounty programs but are hesitant about expanding. This panel promises to be a valuable opportunity for learning, sharing, and networking for anyone involved or interested in the world of bug bounties.","updated_timestamp":{"seconds":1721436315,"nanoseconds":0},"speakers":[{"content_ids":[54601],"conference_id":133,"event_ids":[55031],"name":"Jeff Guerra","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GitHub","title":"Sr. Product Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@s2jeff_gh)","sort_order":0,"url":"https://twitter.com/s2jeff_gh"}],"media":[],"id":54219,"title":"Sr. Product Security Engineer at GitHub"},{"content_ids":[54601],"conference_id":133,"event_ids":[55031],"name":"Johnathan Kuskos","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Chaotic Good Information Security (CGIS)","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":54220,"title":"Founder at Chaotic Good Information Security (CGIS)"},{"content_ids":[54601],"conference_id":133,"event_ids":[55031],"name":"Katie Trimble-Noble","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Director PSIRT & Bounty"}],"links":[],"pronouns":null,"media":[],"id":54221,"title":"Director PSIRT & Bounty"},{"content_ids":[54601],"conference_id":133,"event_ids":[55031],"name":"Sam (erbbysam) Erb","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@erbbysam)","sort_order":0,"url":"https://twitter.com/erbbysam"}],"media":[],"id":54229,"title":"Security Engineer at Google"},{"content_ids":[54601],"conference_id":133,"event_ids":[55031],"name":"Logan MacLaren","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GitHub","title":"Senior Product Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@maclarel_)","sort_order":0,"url":"https://twitter.com/maclarel_"}],"media":[],"id":54289,"title":"Senior Product Security Engineer at GitHub"}],"begin_tsz":"2024-08-10T18:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T00:45:15Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#hunters-and-gatherers"}],"end":"2024-08-10T19:30:00.000-0000","id":55031,"tag_ids":[46374,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723314600,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":54220},{"tag_id":46487,"sort_order":4,"person_id":54221},{"tag_id":46487,"sort_order":6,"person_id":54229},{"tag_id":46488,"sort_order":8,"person_id":54219},{"tag_id":46488,"sort_order":10,"person_id":54289}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-10T18:30:00.000-0000","updated":"2024-07-20T00:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hacking Education for better outcomes / teaching in the metaverse\n\n\n","media":[],"title":"Student Engagement Doesn't Have to Suck","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"Hacking Education for better outcomes / teaching in the metaverse","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54602],"conference_id":133,"event_ids":[54976],"name":"Dr. Muhsinah Morris","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Metaverse United, LLC","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":54283,"title":"Founder at Metaverse United, LLC"}],"begin_tsz":"2024-08-10T18:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":54976,"tag_ids":[46169,46397,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723314600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54283}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T18:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In February 2024, Microsoft announced the release of Sudo for Windows for Windows 11 Insider Preview[1]. Like the Unix sudo utility, it provides a method for users to run commands with elevated permissions. This talk will share the results of an analysis of Sudo for Windows, starting with a summary of the information provided by Microsoft. From there, we will explore the architecture used to coordinate the elevation of the specified process, the ALPC service used to communicate between elevated and non-elevated processes, how Rust interoperates with Windows APIs, and the path resolution process for files and relative paths. As part of that journey, we will discuss a few discovered security issues.\r\n\r\nThis presentation will be valuable to anyone with an interest in Windows reverse engineering or Rust memory safety. A conceptual understanding of Windows Inter-Process Communication (IPC) and heap allocation may make parts of the talk more approachable, but the main ideas will be accessible to anyone with a high-level understanding of process memory layout (stack vs heap).\r\n\r\n1. [link](https://devblogs.microsoft.com/commandline/introducing-sudo-for-windows/)\r\n2. [link](https://learn.microsoft.com/en-us/windows/sudo/)\r\n3. [link](https://github.com/microsoft/sudo)\r\n4. [link](https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html)\r\n5. [link](https://www.powershellgallery.com/packages/NtObjectManager/2.0.1)\r\n6. [link](https://github.com/microsoft/windows-rs)\r\n7. [link](https://github.com/rust-lang/rust)\r\n\n\n\n","media":[],"title":"Sudos and Sudon’ts - Peering inside Sudo for Windows","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T19:15:00Z","end_timestamp":{"seconds":1723317300,"nanoseconds":0},"android_description":"In February 2024, Microsoft announced the release of Sudo for Windows for Windows 11 Insider Preview[1]. Like the Unix sudo utility, it provides a method for users to run commands with elevated permissions. This talk will share the results of an analysis of Sudo for Windows, starting with a summary of the information provided by Microsoft. From there, we will explore the architecture used to coordinate the elevation of the specified process, the ALPC service used to communicate between elevated and non-elevated processes, how Rust interoperates with Windows APIs, and the path resolution process for files and relative paths. As part of that journey, we will discuss a few discovered security issues.\r\n\r\nThis presentation will be valuable to anyone with an interest in Windows reverse engineering or Rust memory safety. A conceptual understanding of Windows Inter-Process Communication (IPC) and heap allocation may make parts of the talk more approachable, but the main ideas will be accessible to anyone with a high-level understanding of process memory layout (stack vs heap).\r\n\r\n1. [link](https://devblogs.microsoft.com/commandline/introducing-sudo-for-windows/)\r\n2. [link](https://learn.microsoft.com/en-us/windows/sudo/)\r\n3. [link](https://github.com/microsoft/sudo)\r\n4. [link](https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html)\r\n5. [link](https://www.powershellgallery.com/packages/NtObjectManager/2.0.1)\r\n6. [link](https://github.com/microsoft/windows-rs)\r\n7. [link](https://github.com/rust-lang/rust)","updated_timestamp":{"seconds":1720463027,"nanoseconds":0},"speakers":[{"content_ids":[54486],"conference_id":133,"event_ids":[54859],"name":"Michael \"mtu\" Torres","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Senior Security Engineer, Network Infrastructure Security"}],"pronouns":"he/him","links":[{"description":"","title":"Github","sort_order":0,"url":"https://github.com/micrictor"},{"description":"","title":"blog.sectorr.dev","sort_order":0,"url":"https://blog.sectorr.dev"}],"media":[],"id":54137,"title":"Senior Security Engineer, Network Infrastructure Security at Google"}],"begin_tsz":"2024-08-10T18:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:23:47Z","links":[],"end":"2024-08-10T19:15:00.000-0000","id":54859,"tag_ids":[46166,46419,46437,46880],"village_id":null,"begin_timestamp":{"seconds":1723314600,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54137}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-10T18:30:00.000-0000","updated":"2024-07-08T18:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Quick Share (formerly Nearby Share) has enabled file sharing on Android for 4 years and expanded to Windows a year ago.\r\n\r\nGoogle's promotion of Quick Share for preinstallation on Windows, alongside the limited recent research, ignited our curiosity about its safety, leading to an investigation that uncovered more than we had imagined.\r\n\r\nWe studied its Protobuf-based protocol using hooks, built tools to communicate with Quick Share devices, and a fuzzer that found non-exploitable crashes in the Windows app. We then diverted to search for logical vulnerabilities, and boy oh boy, we regretted we hadn’t done it sooner.\r\n\r\nWe found 10 vulnerabilities both in Windows & Android allowing us to remotely write files into devices without approval, force the Windows app to crash in additional ways, redirect its traffic to our WiFi AP, traverse paths to the user’s folder, and more. However, we desired the holy grail, an RCE. Thus, we returned to the drawing board, where we realized that the RCE is already in our possession in a form of a complex chain.\r\n\r\nIn this talk, we’ll introduce QuickShell - An RCE attack chain on Windows combining 5 out of 10 vulnerabilities in Quick Share. We’ll provide an overview about Quick Share’s protocol, present our fuzzer, the found vulnerabilities, a new HTTPS MITM technique, and finally the RCE chain.\r\n\r\n[Reference link](https://www.cs.ox.ac.uk/files/10367/ndss19-paper367.pdf)\r\n\n\n\n","media":[],"title":"QuickShell: Sharing is caring about an RCE attack chain on Quick Share","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T19:15:00Z","end_timestamp":{"seconds":1723317300,"nanoseconds":0},"android_description":"Quick Share (formerly Nearby Share) has enabled file sharing on Android for 4 years and expanded to Windows a year ago.\r\n\r\nGoogle's promotion of Quick Share for preinstallation on Windows, alongside the limited recent research, ignited our curiosity about its safety, leading to an investigation that uncovered more than we had imagined.\r\n\r\nWe studied its Protobuf-based protocol using hooks, built tools to communicate with Quick Share devices, and a fuzzer that found non-exploitable crashes in the Windows app. We then diverted to search for logical vulnerabilities, and boy oh boy, we regretted we hadn’t done it sooner.\r\n\r\nWe found 10 vulnerabilities both in Windows & Android allowing us to remotely write files into devices without approval, force the Windows app to crash in additional ways, redirect its traffic to our WiFi AP, traverse paths to the user’s folder, and more. However, we desired the holy grail, an RCE. Thus, we returned to the drawing board, where we realized that the RCE is already in our possession in a form of a complex chain.\r\n\r\nIn this talk, we’ll introduce QuickShell - An RCE attack chain on Windows combining 5 out of 10 vulnerabilities in Quick Share. We’ll provide an overview about Quick Share’s protocol, present our fuzzer, the found vulnerabilities, a new HTTPS MITM technique, and finally the RCE chain.\r\n\r\n[Reference link](https://www.cs.ox.ac.uk/files/10367/ndss19-paper367.pdf)","updated_timestamp":{"seconds":1721090347,"nanoseconds":0},"speakers":[{"content_ids":[54485],"conference_id":133,"event_ids":[54858],"name":"Or Yair","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SafeBreach","title":"Security Research Team Lead"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/or-yair/"},{"description":"","title":"Twitter (@oryair1999)","sort_order":0,"url":"https://twitter.com/oryair1999"},{"description":"","title":"Website","sort_order":0,"url":"https://oryair.com"}],"media":[],"id":54145,"title":"Security Research Team Lead at SafeBreach"},{"content_ids":[54485],"conference_id":133,"event_ids":[54858],"name":"Shmuel Cohen","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SafeBreach","title":"Senior Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/the-shmuel-cohen/"},{"description":"","title":"Twitter (@BinWalker)","sort_order":0,"url":"https://twitter.com/BinWalker"}],"media":[],"id":54185,"title":"Senior Security Researcher at SafeBreach"}],"begin_tsz":"2024-08-10T18:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-16T00:39:07Z","links":[],"end":"2024-08-10T19:15:00.000-0000","id":54858,"tag_ids":[46166,46169,46419,46437,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723314600,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54145},{"tag_id":46167,"sort_order":2,"person_id":54185}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-10T18:30:00.000-0000","updated":"2024-07-16T00:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Introduction:\r\nWe will begin with an overview of event analysis systems and their challenges. Participants will learn about different types of data sources and logs, the prevalence of false positives, and the difficulty in identifying coordinated attacks. We will set the stage for the live, hands-on demonstration environment where participants can interact and apply what they learn in real-time. Importantly, no prior data science knowledge is required; all tasks will be performed using simple, user-friendly interfaces.\r\n\r\nIntroduction to MITRE ATT&CK Framework:\r\nAn essential part of our session is understanding the MITRE ATT&CK framework. We will cover its structure, including Tactics, Techniques, and Procedures (TTPs), and explain why mapping alerts to this framework is crucial for standardizing threat detection and enhancing our capabilities.\r\n\r\nLeveraging Open Source AI Tools:\r\nNext, we will delve into the open-source AI tools that will be used throughout the session. We will introduce families of algorithms including clustering and community detection, natural language processing with large language models (LLMs), and Markov chains. These tools are designed to be accessible and will be operated through straightforward interfaces. Participants will be guided through setting up a demo environment to follow along and interact with the exercises.\r\n\r\nData Preprocessing and Normalization:\r\nParticipants will learn how to import and clean data from various sources, normalize data formats, and handle missing data. We will highlight some methods to get rich test data. This step is crucial for ensuring that the subsequent analysis is accurate and reliable. The hands-on exercise will involve preprocessing a sample dataset in real-time, using easy-to-follow steps and intuitive interfaces.\r\n\r\nMapping Alerts to MITRE ATT&CK Techniques:\r\nWe will demonstrate techniques for mapping SIEM data to MITRE ATT&CK manually and using automated tools. The live demo will include a hands-on exercise where participants will map a sample dataset to MITRE ATT&CK Techniques, using AI to enhance mapping accuracy. All this will be done through simple interfaces that do not require deep technical knowledge.\r\n\r\nClustering Alerts into Contextualized Attack Steps:\r\nThis section focuses on methods such as clustering and community detection. Participants will learn the criteria for clustering alerts based on temporal, spatial, and technical attributes. They will engage in a hands-on exercise to cluster sample alerts and evaluate the quality and relevance of the clusters, again using user-friendly interfaces.\r\n\r\nBuilding Killchains:\r\nParticipants will understand the concept and importance of killchains in cybersecurity. We will demonstrate methods for linking attack steps into a cohesive killchain, with a hands-on exercise to create a killchain from clustered data. Participants will analyze killchains to identify patterns and coordinated attacks, all through accessible interfaces.\r\n\r\nGenerating Actionable Tickets:\r\nWe will outline the criteria for generating three types of tickets: FP Tickets, Incident Tickets, and Attack Story Tickets. Through a hands-on exercise, participants will generate sample tickets and learn how to ensure each ticket type is comprehensive and actionable. This process will be facilitated through simple interfaces that guide the user step-by-step.\r\n\r\nIntegrating and Automating the Workflow:\r\nFinally, we will discuss integrating this workflow into existing SOC setups and automating the process using scripts and tools. Participants will see how to maintain and update the system, ensuring continuous improvement in threat detection and response. The automation will be demonstrated in a way that requires minimal technical skills.\r\n\r\nQ&A and Troubleshooting:\r\nThe session will conclude with an open floor for questions, addressing common issues, and offering troubleshooting tips. Participants will also receive resources for further learning and support to continue enhancing their skills post-session.\r\n\r\nConclusion:\r\nBy the end of this interactive session, participants will have hands-on experience using open-source AI tools to enhance their SOC capabilities. They will be able to map alerts to MITRE ATT&CK Techniques, cluster data into meaningful attack steps, and build comprehensive killchains to uncover coordinated attacks. Additionally, they will learn to generate actionable tickets to facilitate immediate response and long-term improvements in their security posture. All of this will be achieved without needing advanced data science knowledge, thanks to the simple and intuitive interfaces provided.\r\n\r\nParticipants are encouraged to apply these techniques in their own environments and continue exploring the vast capabilities of open-source AI in cybersecurity. The live demo environment setup will provide a practical and engaging way to solidify these concepts and skills.\n\n\nGiven a SIEM loaded with alerts, logs and events from a variety of data sources, your task is to find the coordinated attack in the LOTS of noise of false positives & lone incidents. \r\n\r\nTogether we will use opensource AI tools to map all of the hetrogenous data on the SIEM to MITRE ATT&CK Techniques, and then Cluster based on a variety of attributes to form contetualized Attack Steps. We will then fuse these attack steps based on timeline, causality and assets involved into killchains to reveal coordinated attacks. \r\n\r\nYou are required to output the following tickets: \r\n1. FP Ticket that has clusters of false positives and tuning advisories & suggestions that should be forwarded to detection engineering to tune. \r\n\r\n2. Incident Ticket that has remediation & investigation advisories & action playbooks for the contextualized lone-incidents identified. \r\n\r\n3. Attack Story Ticket that has a correalted set of clusters of alerts & logs revealing a coordinated attack killchain affecting a variety of assets over a stretch of time.","media":[],"title":"Use opensource AI to map alerts & logs into techniques, clusters, and killchains","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:15:00Z","end_timestamp":{"seconds":1723317300,"nanoseconds":0},"android_description":"Introduction:\r\nWe will begin with an overview of event analysis systems and their challenges. Participants will learn about different types of data sources and logs, the prevalence of false positives, and the difficulty in identifying coordinated attacks. We will set the stage for the live, hands-on demonstration environment where participants can interact and apply what they learn in real-time. Importantly, no prior data science knowledge is required; all tasks will be performed using simple, user-friendly interfaces.\r\n\r\nIntroduction to MITRE ATT&CK Framework:\r\nAn essential part of our session is understanding the MITRE ATT&CK framework. We will cover its structure, including Tactics, Techniques, and Procedures (TTPs), and explain why mapping alerts to this framework is crucial for standardizing threat detection and enhancing our capabilities.\r\n\r\nLeveraging Open Source AI Tools:\r\nNext, we will delve into the open-source AI tools that will be used throughout the session. We will introduce families of algorithms including clustering and community detection, natural language processing with large language models (LLMs), and Markov chains. These tools are designed to be accessible and will be operated through straightforward interfaces. Participants will be guided through setting up a demo environment to follow along and interact with the exercises.\r\n\r\nData Preprocessing and Normalization:\r\nParticipants will learn how to import and clean data from various sources, normalize data formats, and handle missing data. We will highlight some methods to get rich test data. This step is crucial for ensuring that the subsequent analysis is accurate and reliable. The hands-on exercise will involve preprocessing a sample dataset in real-time, using easy-to-follow steps and intuitive interfaces.\r\n\r\nMapping Alerts to MITRE ATT&CK Techniques:\r\nWe will demonstrate techniques for mapping SIEM data to MITRE ATT&CK manually and using automated tools. The live demo will include a hands-on exercise where participants will map a sample dataset to MITRE ATT&CK Techniques, using AI to enhance mapping accuracy. All this will be done through simple interfaces that do not require deep technical knowledge.\r\n\r\nClustering Alerts into Contextualized Attack Steps:\r\nThis section focuses on methods such as clustering and community detection. Participants will learn the criteria for clustering alerts based on temporal, spatial, and technical attributes. They will engage in a hands-on exercise to cluster sample alerts and evaluate the quality and relevance of the clusters, again using user-friendly interfaces.\r\n\r\nBuilding Killchains:\r\nParticipants will understand the concept and importance of killchains in cybersecurity. We will demonstrate methods for linking attack steps into a cohesive killchain, with a hands-on exercise to create a killchain from clustered data. Participants will analyze killchains to identify patterns and coordinated attacks, all through accessible interfaces.\r\n\r\nGenerating Actionable Tickets:\r\nWe will outline the criteria for generating three types of tickets: FP Tickets, Incident Tickets, and Attack Story Tickets. Through a hands-on exercise, participants will generate sample tickets and learn how to ensure each ticket type is comprehensive and actionable. This process will be facilitated through simple interfaces that guide the user step-by-step.\r\n\r\nIntegrating and Automating the Workflow:\r\nFinally, we will discuss integrating this workflow into existing SOC setups and automating the process using scripts and tools. Participants will see how to maintain and update the system, ensuring continuous improvement in threat detection and response. The automation will be demonstrated in a way that requires minimal technical skills.\r\n\r\nQ&A and Troubleshooting:\r\nThe session will conclude with an open floor for questions, addressing common issues, and offering troubleshooting tips. Participants will also receive resources for further learning and support to continue enhancing their skills post-session.\r\n\r\nConclusion:\r\nBy the end of this interactive session, participants will have hands-on experience using open-source AI tools to enhance their SOC capabilities. They will be able to map alerts to MITRE ATT&CK Techniques, cluster data into meaningful attack steps, and build comprehensive killchains to uncover coordinated attacks. Additionally, they will learn to generate actionable tickets to facilitate immediate response and long-term improvements in their security posture. All of this will be achieved without needing advanced data science knowledge, thanks to the simple and intuitive interfaces provided.\r\n\r\nParticipants are encouraged to apply these techniques in their own environments and continue exploring the vast capabilities of open-source AI in cybersecurity. The live demo environment setup will provide a practical and engaging way to solidify these concepts and skills.\n\n\nGiven a SIEM loaded with alerts, logs and events from a variety of data sources, your task is to find the coordinated attack in the LOTS of noise of false positives & lone incidents. \r\n\r\nTogether we will use opensource AI tools to map all of the hetrogenous data on the SIEM to MITRE ATT&CK Techniques, and then Cluster based on a variety of attributes to form contetualized Attack Steps. We will then fuse these attack steps based on timeline, causality and assets involved into killchains to reveal coordinated attacks. \r\n\r\nYou are required to output the following tickets: \r\n1. FP Ticket that has clusters of false positives and tuning advisories & suggestions that should be forwarded to detection engineering to tune. \r\n\r\n2. Incident Ticket that has remediation & investigation advisories & action playbooks for the contextualized lone-incidents identified. \r\n\r\n3. Attack Story Ticket that has a correalted set of clusters of alerts & logs revealing a coordinated attack killchain affecting a variety of assets over a stretch of time.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[54634,55759,55495,55348,56206,55557],"conference_id":133,"event_ids":[55740,56072,55924,56284,56860,55008],"name":"Ezz Tahoun","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ezzeldinadel/"}],"media":[],"id":54240}],"begin_tsz":"2024-08-10T18:15:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-10T19:15:00.000-0000","id":56284,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723313700,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":4,"person_id":54240}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-10T18:15:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Home surveillance technology is a modern convenience that has been made accessible to the masses through the rise of IoT devices, namely cloud-connected Wi-Fi cameras. From parents monitoring their infants to homeowners watching their entryways, these cameras provide users with access to instant, high definition video from the convenience of a mobile phone, tablet, or PC. However, the affordability of these devices and relative ease of cloud access generally correlates to flawed security, putting users at risk. We set out to explore the attack surface of various Wi-Fi camera models to gain a deeper understanding of how these devices are being exploited. In the end, we devised methods to gain local root access, uncovered user privacy issues, discovered a zero-day vulnerability within a prominent IoT device management platform that allows attackers to gain remote control of millions of cameras worldwide and access sensitive user data, and revealed how these devices may be vulnerable to remote code execution attacks through completely unauthenticated means thanks to an inherently flawed implementation of their underlying peer to peer networking protocol. Along with demonstrating our exploits against live cameras, we will highlight the methods used to obtain our most significant findings and provide guidance on remediating the issues we encountered so these devices can be used safely in your household. We will also invite audience members to probe and attack a camera during our talk and earn a prize in the process!\n\n\n","media":[],"title":"What To Expect When You’re Exploiting: Attacking and Discovering Zero-Days in Baby Monitors and Wi-Fi Cameras","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"Home surveillance technology is a modern convenience that has been made accessible to the masses through the rise of IoT devices, namely cloud-connected Wi-Fi cameras. From parents monitoring their infants to homeowners watching their entryways, these cameras provide users with access to instant, high definition video from the convenience of a mobile phone, tablet, or PC. However, the affordability of these devices and relative ease of cloud access generally correlates to flawed security, putting users at risk. We set out to explore the attack surface of various Wi-Fi camera models to gain a deeper understanding of how these devices are being exploited. In the end, we devised methods to gain local root access, uncovered user privacy issues, discovered a zero-day vulnerability within a prominent IoT device management platform that allows attackers to gain remote control of millions of cameras worldwide and access sensitive user data, and revealed how these devices may be vulnerable to remote code execution attacks through completely unauthenticated means thanks to an inherently flawed implementation of their underlying peer to peer networking protocol. Along with demonstrating our exploits against live cameras, we will highlight the methods used to obtain our most significant findings and provide guidance on remediating the issues we encountered so these devices can be used safely in your household. We will also invite audience members to probe and attack a camera during our talk and earn a prize in the process!","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54600],"conference_id":133,"event_ids":[54975],"name":"Mark Mager","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Elastic","title":"Lead, Endpoint Protections Team"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@magerbomb)","sort_order":0,"url":"https://twitter.com/magerbomb"}],"media":[],"id":54301,"title":"Lead, Endpoint Protections Team at Elastic"},{"content_ids":[54600],"conference_id":133,"event_ids":[54975],"name":"Eric Forte","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Elastic","title":"Security Research Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@EricF0r73)","sort_order":0,"url":"https://twitter.com/EricF0r73"}],"media":[],"id":54358,"title":"Security Research Engineer at Elastic"}],"begin_tsz":"2024-08-10T18:15:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":54975,"tag_ids":[46383,46419,46437,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723313700,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54358},{"tag_id":46167,"sort_order":1,"person_id":54301}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-10T18:15:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As Azure services continue to expand and evolve, their associated authentication methodologies have also changed. Having mostly moved away from storing credentials in cleartext, most Azure services utilize Managed Identities to offer a more secure approach to access management. However, Managed Identities can bring their own challenges and risks.\nIn this talk, we delve into the nuanced landscape of Managed Identities across multiple Azure services. We explore how attackers exploit access to services with these identities to escalate privileges, move laterally, and establish persistence within Azure tenants. We will also provide helpful tips for defenders trying to identify these attacks. Finally, we will showcase a tool designed to automate attacks against User-Assigned Managed Identities.\n\n\n","media":[],"title":"Identity Theft is not a Joke, Azure!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:50:00Z","end_timestamp":{"seconds":1723315800,"nanoseconds":0},"android_description":"As Azure services continue to expand and evolve, their associated authentication methodologies have also changed. Having mostly moved away from storing credentials in cleartext, most Azure services utilize Managed Identities to offer a more secure approach to access management. However, Managed Identities can bring their own challenges and risks.\nIn this talk, we delve into the nuanced landscape of Managed Identities across multiple Azure services. We explore how attackers exploit access to services with these identities to escalate privileges, move laterally, and establish persistence within Azure tenants. We will also provide helpful tips for defenders trying to identify these attacks. Finally, we will showcase a tool designed to automate attacks against User-Assigned Managed Identities.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55490],"conference_id":133,"event_ids":[55919],"name":"Karl Fosaaen","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"kfosaaen","sort_order":0,"url":"https://kfosaaen"}],"media":[],"id":56010}],"begin_tsz":"2024-08-10T18:10:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-10T18:50:00.000-0000","id":55919,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723313400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56010}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-10T18:10:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Never hacked into anything before? Join us at the Voting Village to learn how to hack into a voting machine yourself! No hacking skills required.\n\n\n","media":[],"title":"First Time TSX Hacking Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"Never hacked into anything before? Join us at the Voting Village to learn how to hack into a voting machine yourself! No hacking skills required.","updated_timestamp":{"seconds":1723183539,"nanoseconds":0},"speakers":[{"content_ids":[56194],"conference_id":133,"event_ids":[56848],"name":"Tailor Tolliver","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/tailortolliver"},{"description":"","title":"Twitter (@digitalempress)","sort_order":0,"url":"https://twitter.com/digitalempress"}],"media":[],"id":56585}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T06:05:39Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":56848,"tag_ids":[46169,46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":56585}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"America is the second largest democracy in the world. India is the largest. Indonesia is the third. Often times democracy is associated with American Values, but democracies around the globe all share a common thread and have an impact on each other. Join us to hear word=d\n\n\n","media":[],"title":"Democracy From Around the World","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"America is the second largest democracy in the world. India is the largest. Indonesia is the third. Often times democracy is associated with American Values, but democracies around the globe all share a common thread and have an impact on each other. Join us to hear word=d","updated_timestamp":{"seconds":1723183539,"nanoseconds":0},"speakers":[{"content_ids":[56182,56193,56192],"conference_id":133,"event_ids":[56836,56846,56847],"name":"Harri Hursti","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/hhursti"},{"description":"","title":"Twitter (@harrihursti)","sort_order":0,"url":"https://twitter.com/harrihursti"},{"description":"","title":"Website","sort_order":0,"url":"https://votingvillage.org"}],"media":[],"id":56570}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T06:05:39Z","links":[],"end":"2024-08-10T18:45:00.000-0000","id":56847,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56570}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for an exhilarating container security CTF where you can go head-to-head with your peers. In this session, we will explore the world of container security, including image analysis, enumeration, and the most up-to-date container escape techniques. Put your skills to the test and compete for the top spot! Participants will gain valuable knowledge in container security and have the chance to win some exciting prizes. Don't miss out on this thrilling opportunity to showcase your expertise!\n\n\n","media":[],"title":"Activity: Capture the Container by Chainguard","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Join us for an exhilarating container security CTF where you can go head-to-head with your peers. In this session, we will explore the world of container security, including image analysis, enumeration, and the most up-to-date container escape techniques. Put your skills to the test and compete for the top spot! Participants will gain valuable knowledge in container security and have the chance to win some exciting prizes. Don't miss out on this thrilling opportunity to showcase your expertise!","updated_timestamp":{"seconds":1723007321,"nanoseconds":0},"speakers":[{"content_ids":[56162],"conference_id":133,"event_ids":[56806,56813],"name":"Jonathan Leitschuh","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56549}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T05:08:41Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":56813,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56549}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 3","hotel":"","short_name":"ASV Pod 3","id":46468},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-07T05:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Put your skills to the test in this challenge and try to find all the vulnerabilities in the code. We have a wide range of challenges, from easy to advanced in various languages. Can you find them all?\n\n\n","media":[],"title":"Activity: Vulnerability Hunt - The Snippets Edition","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Put your skills to the test in this challenge and try to find all the vulnerabilities in the code. We have a wide range of challenges, from easy to advanced in various languages. Can you find them all?","updated_timestamp":{"seconds":1723007517,"nanoseconds":0},"speakers":[{"content_ids":[56163,56167],"conference_id":133,"event_ids":[56807,56811,56814,56823],"name":"Mário Leitão-Teixeira","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56550}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T05:11:57Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":56811,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56550}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 1","hotel":"","short_name":"ASV Pod 1","id":46466},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-07T05:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this activity, participants will see an API Security presentation with examples and engage in a trivia game centered around the topic.\r\n\r\nLearn about the wide range of API vulnerabilities with real-world examples of data breaches and what it means to secure APIs through tests. And then it’s trivia time!\r\n\r\nParticipants will have to answer 10-15 questions on API Security based on their learnings. You will get swags for each answer you get right!\n\n\n","media":[],"title":"Activity: API Security 101: Testing and Trivia by Akto.io","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"In this activity, participants will see an API Security presentation with examples and engage in a trivia game centered around the topic.\r\n\r\nLearn about the wide range of API vulnerabilities with real-world examples of data breaches and what it means to secure APIs through tests. And then it’s trivia time!\r\n\r\nParticipants will have to answer 10-15 questions on API Security based on their learnings. You will get swags for each answer you get right!","updated_timestamp":{"seconds":1723007277,"nanoseconds":0},"speakers":[{"content_ids":[56161],"conference_id":133,"event_ids":[56805,56812],"name":"Ankita Gupta","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56546},{"content_ids":[56161],"conference_id":133,"event_ids":[56805,56812],"name":"Ankush Jain","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Akto","title":"Co-founder & CTO"}],"links":[],"pronouns":null,"media":[],"id":56547,"title":"Co-founder & CTO at Akto"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T05:07:57Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":56805,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56547},{"tag_id":46167,"sort_order":4,"person_id":56546}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 2","hotel":"","short_name":"ASV Pod 2","id":46467},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-07T05:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The modern cybersecurity realm is no longer one where defenders can work in a vacuum and be successful. Conversely, many people are starting to lose faith in the value of penetration testing as a mechanism to measure their organizational security posture. A collaborative milestone driven approach where Red and Blue teams operate in tandem, is necessary to ensure a proactive approach to enhancing the security of our organizations. This is where Purple Teaming comes into play. In this 2-hour hands-on workshop you will be introduced to Purple Team Exercises and play the role of a Cyber Threat Intelligence analyst, Red Team operator, and Blue Team security analyst. We have set up an isolated environment for each attendee to go through a Purple Team Exercise following the Purple Team Exercise Framework (PTEF). This event will give participants a chance to test out new tools, techniques, and procedures learned during the workshop.\n\n\n","media":[],"title":"Power To The Purple","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"The modern cybersecurity realm is no longer one where defenders can work in a vacuum and be successful. Conversely, many people are starting to lose faith in the value of penetration testing as a mechanism to measure their organizational security posture. A collaborative milestone driven approach where Red and Blue teams operate in tandem, is necessary to ensure a proactive approach to enhancing the security of our organizations. This is where Purple Teaming comes into play. In this 2-hour hands-on workshop you will be introduced to Purple Team Exercises and play the role of a Cyber Threat Intelligence analyst, Red Team operator, and Blue Team security analyst. We have set up an isolated environment for each attendee to go through a Purple Team Exercise following the Purple Team Exercise Framework (PTEF). This event will give participants a chance to test out new tools, techniques, and procedures learned during the workshop.","updated_timestamp":{"seconds":1722715708,"nanoseconds":0},"speakers":[{"content_ids":[55281,55993],"conference_id":133,"event_ids":[55671,56615],"name":"Trey Bilbrey","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SCYTHE Labs","title":"Lead"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/georgebilbrey"},{"description":"","title":"Twitter (@TCraf7)","sort_order":0,"url":"https://twitter.com/TCraf7"}],"media":[],"id":55832,"title":"Lead at SCYTHE Labs"},{"content_ids":[55993],"conference_id":133,"event_ids":[56615],"name":"Tyler Casey","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Deputy of SCYTHE Labs","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/tyler-j-casey"},{"description":"","title":"Twitter (@1qazCasey)","sort_order":0,"url":"https://twitter.com/1qazCasey"}],"media":[],"id":56332,"title":"Deputy of SCYTHE Labs"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T20:08:28Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":56615,"tag_ids":[46367,46734],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56332},{"tag_id":46484,"sort_order":4,"person_id":55832}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-03T20:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is an AMA/Podcast that will be recorded on-site.\n\n\n","media":[],"title":"Interview - RedHunt Labs (Kunal), Hosted by Anant Shrivastava","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"This is an AMA/Podcast that will be recorded on-site.","updated_timestamp":{"seconds":1722633249,"nanoseconds":0},"speakers":[{"content_ids":[55911],"conference_id":133,"event_ids":[56498],"name":"RedHunt Labs (Kunal)","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56273},{"content_ids":[55911],"conference_id":133,"event_ids":[56498],"name":"Anant Shrivastava","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56274}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T21:14:09Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":56498,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56273},{"tag_id":46167,"sort_order":4,"person_id":56274}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Quantum cryptography is unbreakable in principle but suffers from implementation vulnerabilities that may compromise the perfect protocol. I show examples of such vulnerabilities and tell about upcoming certification standards that verify the quality of countermeasures.\n\n\n","media":[],"title":"Hacking Quantum Key Distribution (QKD)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"Quantum cryptography is unbreakable in principle but suffers from implementation vulnerabilities that may compromise the perfect protocol. I show examples of such vulnerabilities and tell about upcoming certification standards that verify the quality of countermeasures.","updated_timestamp":{"seconds":1723307164,"nanoseconds":0},"speakers":[{"content_ids":[55850],"conference_id":133,"event_ids":[56437],"name":"Vadim Makarov","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56215}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-10T16:26:04Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":56437,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56215}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-10T16:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Social Engineering is a widely-covered topic. We'll focus on how it can be beneficial specifically during covert entry assessments for talking your way in/out of situations as well as to solicit information that you can apply throughout the assessment.\r\n\r\nIntroductory methods to modern covert entry Tactics, Techniques and Procedures (TTPs) for penetration testers.\r\n\r\nAn introduction to common and uncommon covert entry techniques that are used during physical security assessments. Whether you are a penetration tester, security coordinator, or the decision maker, these techniques will provide an insight into how expensive electronic and physical access controls can sometimes be bypassed by something as simple as a can of air, a piece of plastic, or even a smile. \r\n\r\nTim Roberts and Brent White of WeHackPeople.com and Dark Wolf Solutions, LLC will be sharing their experiences with covert and overt security tests over the years and walking participants through some real-life application of the techniques utilized during these assessments.\n\n\n","media":[],"title":"Social Engineering Improv Acting Techniques","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Social Engineering is a widely-covered topic. We'll focus on how it can be beneficial specifically during covert entry assessments for talking your way in/out of situations as well as to solicit information that you can apply throughout the assessment.\r\n\r\nIntroductory methods to modern covert entry Tactics, Techniques and Procedures (TTPs) for penetration testers.\r\n\r\nAn introduction to common and uncommon covert entry techniques that are used during physical security assessments. Whether you are a penetration tester, security coordinator, or the decision maker, these techniques will provide an insight into how expensive electronic and physical access controls can sometimes be bypassed by something as simple as a can of air, a piece of plastic, or even a smile. \r\n\r\nTim Roberts and Brent White of WeHackPeople.com and Dark Wolf Solutions, LLC will be sharing their experiences with covert and overt security tests over the years and walking participants through some real-life application of the techniques utilized during these assessments.","updated_timestamp":{"seconds":1722564593,"nanoseconds":0},"speakers":[{"content_ids":[55799],"conference_id":133,"event_ids":[56348],"name":"Tim Roberts","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Dark Wolf Solutions","title":"Covert Entry Specialist"}],"links":[],"pronouns":null,"media":[],"id":56186,"title":"Covert Entry Specialist at Dark Wolf Solutions"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T02:09:53Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":56348,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56186}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-02T02:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"SCAGoat is a deliberately written vulnerable application designed for performing and learning Software Composition Analysis (SCA). There are many vulnerable web applications available to learn web app pentesting however there are not much resources to learn SCA, essentially applications built on vulnerable Open Source Software(OSS)\r\n\r\n\n\n\n","media":[],"title":"Arsenal: SCAGoat","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"SCAGoat is a deliberately written vulnerable application designed for performing and learning Software Composition Analysis (SCA). There are many vulnerable web applications available to learn web app pentesting however there are not much resources to learn SCA, essentially applications built on vulnerable Open Source Software(OSS)","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55704],"conference_id":133,"event_ids":[56246],"name":"kvprashant","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56080},{"content_ids":[55704],"conference_id":133,"event_ids":[56246],"name":"Gaurav Joshi","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56115},{"content_ids":[55704],"conference_id":133,"event_ids":[56246],"name":"HK","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56117}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":56246,"tag_ids":[46169,46370,46438,46511],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"Tool 🛠, Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":56115},{"tag_id":46167,"sort_order":1,"person_id":56117},{"tag_id":46167,"sort_order":1,"person_id":56080}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Arsenal 1","hotel":"","short_name":"ASV Arsenal 1","id":46469},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The earlier we perform security interventions, the better. The best time? While we’re designing an application. This workshop will discuss the importance and use of Application Threat Modeling during app design, how to apply it to existing applications during later phases of development, then perform application threat modeling on an example web application using the Trike methodology. \r\n\r\nThe presented methodology is built on the concept that understanding the design of an application is all that is needed to create a threat model - and doing so can remove the uncertainties and brainstorming that other security threat modeling can require. Rather than requiring a deep security knowledge, all we need is to understand the application - something developers are uniquely suited to do. \n\n\n","media":[],"title":"Application Threat Modeling with Trike","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"The earlier we perform security interventions, the better. The best time? While we’re designing an application. This workshop will discuss the importance and use of Application Threat Modeling during app design, how to apply it to existing applications during later phases of development, then perform application threat modeling on an example web application using the Trike methodology. \r\n\r\nThe presented methodology is built on the concept that understanding the design of an application is all that is needed to create a threat model - and doing so can remove the uncertainties and brainstorming that other security threat modeling can require. Rather than requiring a deep security knowledge, all we need is to understand the application - something developers are uniquely suited to do.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55703],"conference_id":133,"event_ids":[56245],"name":"AreTillery","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56090}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":56245,"tag_ids":[46370,46734],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56090}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Classroom","hotel":"","short_name":"ASV Classroom","id":46465},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"BOLA is a prevalent vulnerability in modern APIs and web applications, topping the OWASP API risk chart, and ranking fourth in HackerOne Global Top 10. Its impact ranges from data exposure to total system control loss.\r\n\r\nWhile manually triggering known BOLAs is relatively straightforward, automatic detection is challenging due to the complexities of application logic, the wide range of inputs, and the stateful nature of modern web applications.\r\n\r\nTo tackle this, we leveraged LLMs to automate manual tasks such as understanding application logic, revealing endpoint dependency relationships, generating test cases, and interpreting results. Our AI-backed approach enables automating BOLA detection at scale, named BOLABuster.\r\n\r\nThough in its early stages, BOLABuster identified numerous vulnerabilities in open-source projects. In one case, we submitted 15 CVEs for a project, some leading to critical privilege escalation. Our latest disclosed vulnerability was CVE-2024-1313, a BOLA in Grafana,\n\n\n","media":[],"title":"BOLABuster: Harnessing LLMs for Automating BOLA Detection","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:30:00Z","end_timestamp":{"seconds":1723314600,"nanoseconds":0},"android_description":"BOLA is a prevalent vulnerability in modern APIs and web applications, topping the OWASP API risk chart, and ranking fourth in HackerOne Global Top 10. Its impact ranges from data exposure to total system control loss.\r\n\r\nWhile manually triggering known BOLAs is relatively straightforward, automatic detection is challenging due to the complexities of application logic, the wide range of inputs, and the stateful nature of modern web applications.\r\n\r\nTo tackle this, we leveraged LLMs to automate manual tasks such as understanding application logic, revealing endpoint dependency relationships, generating test cases, and interpreting results. Our AI-backed approach enables automating BOLA detection at scale, named BOLABuster.\r\n\r\nThough in its early stages, BOLABuster identified numerous vulnerabilities in open-source projects. In one case, we submitted 15 CVEs for a project, some leading to critical privilege escalation. Our latest disclosed vulnerability was CVE-2024-1313, a BOLA in Grafana,","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55702,55877],"conference_id":133,"event_ids":[56244,56462],"name":"Ravid Mazon","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56081},{"content_ids":[55702,55877],"conference_id":133,"event_ids":[56244,56462],"name":"Jay Chen","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56125}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T18:30:00.000-0000","id":56244,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56125},{"tag_id":46167,"sort_order":1,"person_id":56081}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Breaking and Defending Cloud Infrastructure: Red Team Evasion Tactics and Access Control Solutions","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:40:00Z","end_timestamp":{"seconds":1723315200,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722445651,"nanoseconds":0},"speakers":[{"content_ids":[55687],"conference_id":133,"event_ids":[56210],"name":"Amal Joy","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Highradius","title":"Security Engineer"}],"links":[],"pronouns":null,"media":[],"id":56054,"title":"Security Engineer at Highradius"},{"content_ids":[55687,55688],"conference_id":133,"event_ids":[56210,56211],"name":"Abhishek S","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Flipkart","title":"Security Engineer"}],"links":[],"pronouns":null,"media":[],"id":56058,"title":"Security Engineer at Flipkart"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:07:31Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-10T18:40:00.000-0000","id":56210,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56054},{"tag_id":46167,"sort_order":4,"person_id":56058}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-31T17:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn how in this hands-on lab with resident AR designer, Zaire Moore\n\n\n","media":[],"title":"AR + Art = interactive installations to bring your stories to life","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Learn how in this hands-on lab with resident AR designer, Zaire Moore","updated_timestamp":{"seconds":1722368995,"nanoseconds":0},"speakers":[{"content_ids":[55581],"conference_id":133,"event_ids":[56103],"name":"Zaire Moore","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"BlackTerminus","title":""}],"pronouns":"he/him","links":[{"description":"","title":"Website","sort_order":0,"url":"https://www.blackterminus.com"}],"media":[],"id":56046,"title":"BlackTerminus"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T19:49:55Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":56103,"tag_ids":[46397,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56046}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-06","hotel":"","short_name":"HW4-01-06","id":46354},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-30T19:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us at Telecom Village, DEFCON for an in-depth GPON workshop. We'll explore GPON technology basics, standards, capabilities, and deployment methods, while identifying vulnerabilities and advanced mitigation strategies. The workshop features a live GPON setup and performance test for hands-on experience. Ideal for telecom professionals, network engineers, cybersecurity experts, and tech enthusiasts eager to deepen their understanding of modern telecommunications.\n\n\n","media":[{"hash_sha256":"b6ea6eaaffc91f861291fb1dcdb0a880cc3024d6970d44752e3239102ca5adaa","filetype":"image/webp","hash_md5":"932301b968f0fa788b0dede64d948782","name":"content_telecom_gponunplugged.webp","is_logo":"Y","hash_crc32c":"ad846332","filesize":190896,"asset_id":824,"sort_order":1,"url":"https://info.defcon.org/blobs/content_telecom_gponunplugged.webp"}],"title":"GPON Unplugged","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"Join us at Telecom Village, DEFCON for an in-depth GPON workshop. We'll explore GPON technology basics, standards, capabilities, and deployment methods, while identifying vulnerabilities and advanced mitigation strategies. The workshop features a live GPON setup and performance test for hands-on experience. Ideal for telecom professionals, network engineers, cybersecurity experts, and tech enthusiasts eager to deepen their understanding of modern telecommunications.","updated_timestamp":{"seconds":1722352207,"nanoseconds":0},"speakers":[{"content_ids":[55557,55559,55562],"conference_id":133,"event_ids":[56072,56074,56077],"name":"Akib Sayyed","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Matrix Shell Technologies","title":"Founder and Director"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/akibsayyed/"},{"description":"","title":"Twitter (@akibsayyed)","sort_order":0,"url":"https://twitter.com/@akibsayyed"}],"media":[],"id":56031,"title":"Founder and Director at Matrix Shell Technologies"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T15:10:07Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":56077,"tag_ids":[46395,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56031}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W201","hotel":"","short_name":"W201","id":46281},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-30T15:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Lots of fun things are happening in amateur radio for those who like to hack on hardware and software. This talk is an introduction to some of them.\n\n\n","media":[],"title":"Ham Radio for Hackers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"Lots of fun things are happening in amateur radio for those who like to hack on hardware and software. This talk is an introduction to some of them.","updated_timestamp":{"seconds":1722185626,"nanoseconds":0},"speakers":[{"content_ids":[55433,55436],"conference_id":133,"event_ids":[55858,55861],"name":"Dan \"dan_kb6nu\" Romanchik","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Ham Radio Village","title":""}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@kb6nu@mastodon.radio)","sort_order":0,"url":"https://mastodon.radio/@kb6nu"},{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@kb6nu"},{"description":"","title":"Website","sort_order":0,"url":"https://www.kb6nu.com/"}],"media":[],"id":55974,"title":"Ham Radio Village"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T16:53:46Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":55861,"tag_ids":[46380,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55974}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W321","hotel":"","short_name":"W321","id":46337},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-28T16:53:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"(NOTE: This is an overflow class only if the first session is full)\r\n\r\nLearn how to hack the DCNextGen Badge and take it to another level!\n\n\n","media":[],"title":"Hack the Badge (Badge class level 2) (Overflow if Friday is too full)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"(NOTE: This is an overflow class only if the first session is full)\r\n\r\nLearn how to hack the DCNextGen Badge and take it to another level!","updated_timestamp":{"seconds":1722361438,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T17:43:58Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":55759,"tag_ids":[46398,46641],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-30T17:43:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Raspberry Pi was designed to make computing accessible and affordable for everyone. For this reason, it's especially useful in the domain of OT and ICS Security workforce development. In a domain frequently understaffed, underfunded and struggling to find interested, qualified candidates (heck, sometimes even just warm bodies!), budgets are tight if not non-existent when it comes to developing the skills needed to secure these systems. This talk will discuss the use of low-cost computing solutions to deliver learning objectives to everyone from existing professionals in a full-scale OT Cyber Defense Exercise to demonstrating ICS principles to the up-and-coming workforce of tomorrow. We'll show how such devices can pinch hit for GPS to provide NTP, act as a PLC, function as a sync server, replace packet squirrels, act as MITM devices, and even how to use them to model fully functioning cyber physical systems on a shoestring educator's budget.\r\n\r\n* These statements are the opinions of the researcher/educator presenting and have not been approved by Raspberry Pi Foundation.\n\n\n","media":[],"title":"Where's Waldo? Can you find the Raspberry Pi in the Cyber Defense Exercise?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:50:00Z","end_timestamp":{"seconds":1723315800,"nanoseconds":0},"android_description":"The Raspberry Pi was designed to make computing accessible and affordable for everyone. For this reason, it's especially useful in the domain of OT and ICS Security workforce development. In a domain frequently understaffed, underfunded and struggling to find interested, qualified candidates (heck, sometimes even just warm bodies!), budgets are tight if not non-existent when it comes to developing the skills needed to secure these systems. This talk will discuss the use of low-cost computing solutions to deliver learning objectives to everyone from existing professionals in a full-scale OT Cyber Defense Exercise to demonstrating ICS principles to the up-and-coming workforce of tomorrow. We'll show how such devices can pinch hit for GPS to provide NTP, act as a PLC, function as a sync server, replace packet squirrels, act as MITM devices, and even how to use them to model fully functioning cyber physical systems on a shoestring educator's budget.\r\n\r\n* These statements are the opinions of the researcher/educator presenting and have not been approved by Raspberry Pi Foundation.","updated_timestamp":{"seconds":1722395721,"nanoseconds":0},"speakers":[{"content_ids":[55350],"conference_id":133,"event_ids":[55742],"name":"Shane McFly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55967},{"content_ids":[55350],"conference_id":133,"event_ids":[55742],"name":"Brian Howard","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56053}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T03:15:21Z","links":[],"end":"2024-08-10T18:50:00.000-0000","id":55742,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55967},{"tag_id":46167,"sort_order":4,"person_id":56053}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-31T03:15:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Artificial Intelligence is increasingly being framed in dystopian ways even though the technology has been around for decades and the opportunities it brings are vast. In the past months, more Governments have announced proposals to make AI models and systems more secure. Through a panel session, we want to shine a light on these efforts, particularly those that are most relevant to the DEFCON community, such as recommendations on testing and red teaming as well as the need for vulnerability disclosure processes. This session aims to foster a better understanding of what hackers are seeing on the ground in terms of the vulnerabilities in AI models and to identify how more collaboration could be undertaken. The outcome of this session will be to provide a spotlight on data gaps in this area and to share insights that can positively inform future work, such as the development of international AI standards.\n\n\n","media":[],"title":"How can hackers support efforts to secure AI systems?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:20:00Z","end_timestamp":{"seconds":1723317600,"nanoseconds":0},"android_description":"Artificial Intelligence is increasingly being framed in dystopian ways even though the technology has been around for decades and the opportunities it brings are vast. In the past months, more Governments have announced proposals to make AI models and systems more secure. Through a panel session, we want to shine a light on these efforts, particularly those that are most relevant to the DEFCON community, such as recommendations on testing and red teaming as well as the need for vulnerability disclosure processes. This session aims to foster a better understanding of what hackers are seeing on the ground in terms of the vulnerabilities in AI models and to identify how more collaboration could be undertaken. The outcome of this session will be to provide a spotlight on data gaps in this area and to share insights that can positively inform future work, such as the development of international AI standards.","updated_timestamp":{"seconds":1721778782,"nanoseconds":0},"speakers":[{"content_ids":[55335],"conference_id":133,"event_ids":[55726],"name":"Anjuli Shere","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Directorate of the UK's Department for Science, Innovation and Technology","title":"Head of Cyber Advocacy in the Cyber Security"}],"links":[],"pronouns":null,"media":[],"id":55919,"title":"Head of Cyber Advocacy in the Cyber Security at Directorate of the UK's Department for Science, Innovation and Technology"},{"content_ids":[55335,55885],"conference_id":133,"event_ids":[55726,56470],"name":"Christine Lai","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DHS Cyber Security and Infrastructure Security Agency","title":"Cybersecurity Research Specialist"}],"links":[],"pronouns":null,"media":[],"id":55923,"title":"Cybersecurity Research Specialist at DHS Cyber Security and Infrastructure Security Agency"},{"content_ids":[55335],"conference_id":133,"event_ids":[55726],"name":"Wan Ding Yao","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Singapore GovTech’s Cyber Security Group","title":"AI Security Lead"}],"links":[],"pronouns":null,"media":[],"id":55942,"title":"AI Security Lead at Singapore GovTech’s Cyber Security Group"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-23T23:53:02Z","links":[],"end":"2024-08-10T19:20:00.000-0000","id":55726,"tag_ids":[46388,46419,46511],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":55942},{"tag_id":46487,"sort_order":4,"person_id":55923},{"tag_id":46487,"sort_order":6,"person_id":55919}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-23T23:53:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join me for a hands-on workshop delving into the fundamentals of the Rust programming language and its application in malware development. Designed for both curious beginners and seasoned developers, this session will cover the basics of Rust while also exploring the unique features that make Rust a powerful tool for crafting malware. Through guided exercises and real-world examples, participants will gain practical insights into how Rust can be leveraged to develop sophisticated, stealthy, and malicious software.\n\n\n","media":[],"title":"RustOps","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T18:50:00Z","end_timestamp":{"seconds":1723315800,"nanoseconds":0},"android_description":"Join me for a hands-on workshop delving into the fundamentals of the Rust programming language and its application in malware development. Designed for both curious beginners and seasoned developers, this session will cover the basics of Rust while also exploring the unique features that make Rust a powerful tool for crafting malware. Through guided exercises and real-world examples, participants will gain practical insights into how Rust can be leveraged to develop sophisticated, stealthy, and malicious software.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55294],"conference_id":133,"event_ids":[55684],"name":"Jose Plascencia","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@_GRIM3_)","sort_order":0,"url":"https://twitter.com/_GRIM3_"}],"media":[],"id":55845}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T18:50:00.000-0000","id":55684,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55845}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this Workshop, attendees will learn some of the most impactful techniques and tools to increase the value of OSINT to their organizations. A guided learning experience, instructors will immerse attendees in hands-on exercises.\n\n\n","media":[],"title":"OSINT for Hackers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T18:50:00Z","end_timestamp":{"seconds":1723315800,"nanoseconds":0},"android_description":"In this Workshop, attendees will learn some of the most impactful techniques and tools to increase the value of OSINT to their organizations. A guided learning experience, instructors will immerse attendees in hands-on exercises.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55293],"conference_id":133,"event_ids":[55683],"name":"Lee McWhorter","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55846},{"content_ids":[55293],"conference_id":133,"event_ids":[55683],"name":"Sandra Stibbards","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@Camelotinv)","sort_order":0,"url":"https://twitter.com/Camelotinv"}],"media":[],"id":55847}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T18:50:00.000-0000","id":55683,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55846},{"tag_id":46167,"sort_order":4,"person_id":55847}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Ascension","hotel":"","short_name":"Ascension","id":46504},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"What keeps me up at night? Is it that I can't break in anymore, or is it that we haven't figured out all the ways to break in? Over the years, we have seen moves to place our applications into smaller attacker surface spaces. We have seen those microservice environments abstract our attack surface. Did we eliminate all attacks? At the same time, we have an explosion of endpoints of applications that run interpreted languages and how those constraints can be broken. \n\nWhen organisms evolve in the wild, they do so under extreme pressure. Has the pressure to find new ways to get a foothold in environments allowed us to evolve? Attackers are crafty, and defenders have to keep up. This talk demonstrates a methodology and tools for moving from container-constrained environments. They are limited to shells and interpreters. Have you been stuck like this before? Let's get beyond that. How does this tool move beyond containers and constrained environments into Windows and other generic workloads? Let's not worry about LOLBins. Bring your land and get off the air-gapped island.\n\n\n","media":[],"title":"Island Hoping: Move from LOLBins to Living off Langs","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T18:50:00Z","end_timestamp":{"seconds":1723315800,"nanoseconds":0},"android_description":"What keeps me up at night? Is it that I can't break in anymore, or is it that we haven't figured out all the ways to break in? Over the years, we have seen moves to place our applications into smaller attacker surface spaces. We have seen those microservice environments abstract our attack surface. Did we eliminate all attacks? At the same time, we have an explosion of endpoints of applications that run interpreted languages and how those constraints can be broken. \n\nWhen organisms evolve in the wild, they do so under extreme pressure. Has the pressure to find new ways to get a foothold in environments allowed us to evolve? Attackers are crafty, and defenders have to keep up. This talk demonstrates a methodology and tools for moving from container-constrained environments. They are limited to shells and interpreters. Have you been stuck like this before? Let's get beyond that. How does this tool move beyond containers and constrained environments into Windows and other generic workloads? Let's not worry about LOLBins. Bring your land and get off the air-gapped island.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55292,55270],"conference_id":133,"event_ids":[55682,55660],"name":"Moses Frost","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@mosesrenegade)","sort_order":0,"url":"https://twitter.com/mosesrenegade"}],"media":[],"id":55817}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T18:50:00.000-0000","id":55682,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55817}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"While there are many phishlet templates available on the Internet, but it is rare that they work out-of-the-box for your specific scenario. \n\nThis workshop is designed for those who are new to the Evilginx tool, and may have not had hands-on experience developing custom phishlets on their local machine. This workshop aims to give attendees the tools needed to effectively configure phishlet 'yaml' files for their specific situation. Additionally, the workshop will survey the necessary components of the phishlet 'yaml' file, as well as covering useful features new to Evilginx3. \n\nThis workshop will not focus on the development of phishing emails, bypassing spam filters, or remotely deploying and protecting Evilginx infrastructure. \n\nThis workshop is meant for all levels of experience, but some familiarity with Evilginx prior to attendance will be extremely helpful.\n\n\n","media":[],"title":"Developing Evilginx Phishlets","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T18:50:00Z","end_timestamp":{"seconds":1723315800,"nanoseconds":0},"android_description":"While there are many phishlet templates available on the Internet, but it is rare that they work out-of-the-box for your specific scenario. \n\nThis workshop is designed for those who are new to the Evilginx tool, and may have not had hands-on experience developing custom phishlets on their local machine. This workshop aims to give attendees the tools needed to effectively configure phishlet 'yaml' files for their specific situation. Additionally, the workshop will survey the necessary components of the phishlet 'yaml' file, as well as covering useful features new to Evilginx3. \n\nThis workshop will not focus on the development of phishing emails, bypassing spam filters, or remotely deploying and protecting Evilginx infrastructure. \n\nThis workshop is meant for all levels of experience, but some familiarity with Evilginx prior to attendance will be extremely helpful.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55291],"conference_id":133,"event_ids":[55681],"name":"Michael Donley","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@th3d00rman)","sort_order":0,"url":"https://twitter.com/th3d00rman"}],"media":[],"id":55844}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T18:50:00.000-0000","id":55681,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55844}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join members of the newly launched OASIS Coalition for Secure AI (CoSAI) Open Project (https://www.coalitionforsecureai.org). This is an engaging forum hosted by the Red Team Village in collaboration with the AI Village.\r\n\r\nCoSAI’s members include Amazon, Anthropic, Chainguard, Cisco, Cohere, GenLab, Google, IBM, Intel, Microsoft, NVIDIA, OpenAI, PayPal, and Wiz.\r\n\r\nPanelists will discuss the first three technical workstreams that the group has identified:\r\n\r\n- Software Supply Chain Security for AI Systems: Enhancing composition and provenance tracking to secure AI applications.\r\n- Preparing Defenders for a Changing Cybersecurity Landscape: Addressing investments and integration challenges in AI and classical systems.\r\n- AI Security Governance: Developing best practices and risk assessment frameworks for AI security.\r\n\r\nAlso, learn how the CoSAI goals differ from other AI efforts and plans for collaboration. The panelists will emphasize the importance of diverse community input and will host an interactive segment on how you can contribute. Whether you are red-teaming an AI model or implementing AI-powered tools, don't miss this opportunity to gain insights into this open project and learn how you can contribute to shaping a secure AI future\n\n\n","media":[],"title":"Securing the Future with CoSAI: Identified Technical Workstreams and Call for Contributions","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T18:50:00Z","end_timestamp":{"seconds":1723315800,"nanoseconds":0},"android_description":"Join members of the newly launched OASIS Coalition for Secure AI (CoSAI) Open Project (https://www.coalitionforsecureai.org). This is an engaging forum hosted by the Red Team Village in collaboration with the AI Village.\r\n\r\nCoSAI’s members include Amazon, Anthropic, Chainguard, Cisco, Cohere, GenLab, Google, IBM, Intel, Microsoft, NVIDIA, OpenAI, PayPal, and Wiz.\r\n\r\nPanelists will discuss the first three technical workstreams that the group has identified:\r\n\r\n- Software Supply Chain Security for AI Systems: Enhancing composition and provenance tracking to secure AI applications.\r\n- Preparing Defenders for a Changing Cybersecurity Landscape: Addressing investments and integration challenges in AI and classical systems.\r\n- AI Security Governance: Developing best practices and risk assessment frameworks for AI security.\r\n\r\nAlso, learn how the CoSAI goals differ from other AI efforts and plans for collaboration. The panelists will emphasize the importance of diverse community input and will host an interactive segment on how you can contribute. Whether you are red-teaming an AI model or implementing AI-powered tools, don't miss this opportunity to gain insights into this open project and learn how you can contribute to shaping a secure AI future","updated_timestamp":{"seconds":1723246307,"nanoseconds":0},"speakers":[{"content_ids":[55290,55309,55957,55274],"conference_id":133,"event_ids":[55699,56573,55664,55680],"name":"Omar Santos","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@santosomar)","sort_order":0,"url":"https://twitter.com/santosomar"}],"media":[],"id":55860},{"content_ids":[55290],"conference_id":133,"event_ids":[55680],"name":"Jay White","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56610},{"content_ids":[55290],"conference_id":133,"event_ids":[55680],"name":"Paul Vixie","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56611},{"content_ids":[55290],"conference_id":133,"event_ids":[55680],"name":"Daniel Rohrer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56612},{"content_ids":[55290],"conference_id":133,"event_ids":[55680],"name":"Sarah Novotny","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56613},{"content_ids":[55290],"conference_id":133,"event_ids":[55680],"name":"Dan McInerney","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56614}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T23:31:47Z","links":[],"end":"2024-08-10T18:50:00.000-0000","id":55680,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55860},{"tag_id":46167,"sort_order":4,"person_id":56614},{"tag_id":46167,"sort_order":6,"person_id":56612},{"tag_id":46167,"sort_order":8,"person_id":56610},{"tag_id":46167,"sort_order":10,"person_id":56611},{"tag_id":46167,"sort_order":12,"person_id":56613}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-09T23:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Bug Hunter's Methodology (TBHM) is a series of talks done by Jason exposing new advents in tools, tactics, and procedures used in web pentesting, bug bounty, and red teaming. In this talk, Jason will explore the mindset of approaching a hardened web target and how he breaks up finding vulnerabilities across its' stack. Many talks can teach you how to exploit a certain vulnerability, less can teach you how to find out where they are in complex pieces of software. TBHM also covers Jason's personal tips/tricks in the areas of automation, content discovery, javascript analysis, spidering, parameter analysis, functionality \"\"\"\"heatmapping\"\"\"\", and more. The DEF CON edition will not be recorded and will release some free cutting edge content usually only available in Jasons live courses!\n\n\n","media":[],"title":"The Bug Hunters Methodology Live - DEF CON Edition","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T19:30:00Z","end_timestamp":{"seconds":1723318200,"nanoseconds":0},"android_description":"The Bug Hunter's Methodology (TBHM) is a series of talks done by Jason exposing new advents in tools, tactics, and procedures used in web pentesting, bug bounty, and red teaming. In this talk, Jason will explore the mindset of approaching a hardened web target and how he breaks up finding vulnerabilities across its' stack. Many talks can teach you how to exploit a certain vulnerability, less can teach you how to find out where they are in complex pieces of software. TBHM also covers Jason's personal tips/tricks in the areas of automation, content discovery, javascript analysis, spidering, parameter analysis, functionality \"\"\"\"heatmapping\"\"\"\", and more. The DEF CON edition will not be recorded and will release some free cutting edge content usually only available in Jasons live courses!","updated_timestamp":{"seconds":1721438351,"nanoseconds":0},"speakers":[{"content_ids":[55717,55180],"conference_id":133,"event_ids":[55568,56223],"name":"Jason Haddix","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Arcanum Security","title":""}],"pronouns":null,"links":[{"description":"","title":"Twitter (@jhaddx)","sort_order":0,"url":"https://twitter.com/jhaddx"}],"media":[],"id":54822,"title":"Arcanum Security"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T01:19:11Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#the-bug-hunters-methodology-live---def-con-edition"}],"end":"2024-08-10T19:30:00.000-0000","id":55568,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54822}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-20T01:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Most of the Internet today is running on a legacy version of the Internet Protocol: IPv4. Despite of this, the number of engineers, especially in security, who know how to use IPv6 is relatively low. In this talk we take you through why today’s Internet does not live up to its original vision, take you back to the past to show you what the IPv4 Internet used to look like, and, through this, reveal the secrets that will allow you finally understand IPv6.\n\n\n\n","media":[],"title":"Introduction to IPv6","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:30:00Z","end_timestamp":{"seconds":1723314600,"nanoseconds":0},"android_description":"Most of the Internet today is running on a legacy version of the Internet Protocol: IPv4. Despite of this, the number of engineers, especially in security, who know how to use IPv6 is relatively low. In this talk we take you through why today’s Internet does not live up to its original vision, take you back to the past to show you what the IPv4 Internet used to look like, and, through this, reveal the secrets that will allow you finally understand IPv6.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54599],"conference_id":133,"event_ids":[54974],"name":"Denis Smajlović","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Nova","title":""}],"links":[],"pronouns":null,"media":[],"id":54287,"title":"Nova"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T18:30:00.000-0000","id":54974,"tag_ids":[46169,46385,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54287}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Dive into the art of phishing with QR codes! We'll cover the fundamentals of QR code phishing, revealing how these innocuous-looking images are used to deceive users into a false sense of legitimacy. After touching upon the basics, we'll explore creative tactics for obfuscating and hiding QR codes to ensure they reach their intended targets. As a sidetrack, we'll delve into how emails are rendered within the Outlook Mail Application and showcase some neat tricks that exploit its limitations for hiding QR codes from modern defensive solutions. Overall, the talk is intended to help testers up their QR code phishing game!\n\n\n","media":[],"title":"Evading Modern Defenses When Phishing with Pixels","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:30:00Z","end_timestamp":{"seconds":1723314600,"nanoseconds":0},"android_description":"Dive into the art of phishing with QR codes! We'll cover the fundamentals of QR code phishing, revealing how these innocuous-looking images are used to deceive users into a false sense of legitimacy. After touching upon the basics, we'll explore creative tactics for obfuscating and hiding QR codes to ensure they reach their intended targets. As a sidetrack, we'll delve into how emails are rendered within the Outlook Mail Application and showcase some neat tricks that exploit its limitations for hiding QR codes from modern defensive solutions. Overall, the talk is intended to help testers up their QR code phishing game!","updated_timestamp":{"seconds":1722713220,"nanoseconds":0},"speakers":[{"content_ids":[54598],"conference_id":133,"event_ids":[54973],"name":"Melvin Langvik","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Kovert AS","title":"Offensive Security Team Lead"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/melvinlnor/"},{"description":"","title":"Twitter (@Flangvik)","sort_order":0,"url":"https://twitter.com/Flangvik"}],"media":[],"id":54311,"title":"Offensive Security Team Lead at Kovert AS"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T19:27:00Z","links":[],"end":"2024-08-10T18:30:00.000-0000","id":54973,"tag_ids":[46169,46367,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54311}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-03T19:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A quarter million people die from Hepatitis C yearly, and it's getting worse. But for the first time in history there is a cure (not just a treatment) for a virus, and it is for Hepatitis C. Take one 400mg pill of Sofosbuvir every day for twelve weeks, and you will be free of the virus. The catch? Those pills are $1,000 USD apiece because the molecule is the so-called \"Intellectual Property\" of Gilead Pharmaceuticals, and they refuse to share. If you have $84,000 USD, Hep C is not your problem. We have developed a way to make the entire course of treatment for $300 USD. This methodology also applies to other diseases. Like any science, the method of manufacture of drugs can be replicated, and we are going to give you all the necessary tools and show you the process top-to-bottom. Watch it happen live, participate, and learn to do it yourself: Use our digital research assistant to help you navigate the scientific literature, get a chemical synthesis pathway, generate code for the the MicroLab to run, and watch the medicine form in the reaction chamber. Finally, press some tablets. The feds say saving a life this way is BioTerrorism. We say: So Be It.\n\n\n","media":[],"title":"Eradicating Hepatitis C With BioTerrorism","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"A quarter million people die from Hepatitis C yearly, and it's getting worse. But for the first time in history there is a cure (not just a treatment) for a virus, and it is for Hepatitis C. Take one 400mg pill of Sofosbuvir every day for twelve weeks, and you will be free of the virus. The catch? Those pills are $1,000 USD apiece because the molecule is the so-called \"Intellectual Property\" of Gilead Pharmaceuticals, and they refuse to share. If you have $84,000 USD, Hep C is not your problem. We have developed a way to make the entire course of treatment for $300 USD. This methodology also applies to other diseases. Like any science, the method of manufacture of drugs can be replicated, and we are going to give you all the necessary tools and show you the process top-to-bottom. Watch it happen live, participate, and learn to do it yourself: Use our digital research assistant to help you navigate the scientific literature, get a chemical synthesis pathway, generate code for the the MicroLab to run, and watch the medicine form in the reaction chamber. Finally, press some tablets. The feds say saving a life this way is BioTerrorism. We say: So Be It.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54498,54597],"conference_id":133,"event_ids":[54871,54972],"name":"Mixæl Swan Laufer","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Four Thieves Vinegar Collective","title":"Chief Spokesperson"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@MichaelSLaufer)","sort_order":0,"url":"https://twitter.com/MichaelSLaufer"},{"description":"","title":"fourthievesvinegar.org","sort_order":0,"url":"https://fourthievesvinegar.org"}],"media":[],"id":54090,"title":"Chief Spokesperson at Four Thieves Vinegar Collective"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":54972,"tag_ids":[46371,46419,46438,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":4,"person_id":54090}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"For the past 20+ years binary exploitation has been seen as the ultimate challenge and prize, when exploiting large applications and operating systems. During this period, the question of \"How much longer will we be able to do this?\" has been asked countless times, and with good reason. Memory safety and corruption issues with low-level languages have been an enormous challenge for OS and application developers. There are certainly efforts to move to \"safer\" languages such as Rust, but those languages need to mature a bit longer before they're able to stand up to the capabilities of a language like C++. \r\n\r\nThanks to exploit mitigations and memory protections, a large number of these vulnerabilities are not exploitable. There are the mature mitigations, such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR), and then newer ones such as Control-flow Enforcement Technology (CET) and Virtualization Based Security (VBS). A large number of these mitigations are not enabled by default on the Windows OS, due to the fact that many need to be tested to ensure they do not break production applications. In this presentation, we will take a technical dive into the state of binary exploitation and the effectiveness of the many available mitigations, by looking at the way they're enforced.\n\n\n","media":[],"title":"The Rise and Fall of Binary Exploitation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"For the past 20+ years binary exploitation has been seen as the ultimate challenge and prize, when exploiting large applications and operating systems. During this period, the question of \"How much longer will we be able to do this?\" has been asked countless times, and with good reason. Memory safety and corruption issues with low-level languages have been an enormous challenge for OS and application developers. There are certainly efforts to move to \"safer\" languages such as Rust, but those languages need to mature a bit longer before they're able to stand up to the capabilities of a language like C++. \r\n\r\nThanks to exploit mitigations and memory protections, a large number of these vulnerabilities are not exploitable. There are the mature mitigations, such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR), and then newer ones such as Control-flow Enforcement Technology (CET) and Virtualization Based Security (VBS). A large number of these mitigations are not enabled by default on the Windows OS, due to the fact that many need to be tested to ensure they do not break production applications. In this presentation, we will take a technical dive into the state of binary exploitation and the effectiveness of the many available mitigations, by looking at the way they're enforced.","updated_timestamp":{"seconds":1720377465,"nanoseconds":0},"speakers":[{"content_ids":[54484],"conference_id":133,"event_ids":[54857],"name":"Stephen Sims","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SANS Institute","title":"Fellow Instructor"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@Steph3nSims)","sort_order":0,"url":"https://twitter.com/Steph3nSims"},{"description":"","title":"YouTube","sort_order":0,"url":"https://www.youtube.com/offbyonesecurity"}],"media":[],"id":54053,"title":"Fellow Instructor at SANS Institute"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T18:37:45Z","links":[],"end":"2024-08-10T18:45:00.000-0000","id":54857,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54053}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-07T18:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk brings back from the dead an attack surface that security vendors believed they had addressed a long time ago. \r\n\r\nWe will introduce a novel and stealthy technique to apply malicious shims on a process that does not require registry modification or SDB files and leaves no traces on the disk. \r\n\r\nThe reverse engineering of the shim infrastructure will be shown while focusing on undocumented API and the kernel driver of the infrastructure. \r\n\r\nThe various operations offered by the infrastructure will be analyzed from an offensive point of view, and the course we took to achieve this unique technique will be presented.\r\n\r\nIn addition, we will unveil an attack surface research that resulted in a noteworthy attack that manipulates 2 different OS components into performing DLL injection and privilege escalation. \r\n\r\nResearching the undocumented RPC interfaces of the service OfficeClickToRun.exe uncovered a method that can inject a DLL into another process running as “NT AUTHORITY\\SYSTEM”, which achieves privilege escalation. For this to work, specific conditions had to be met. \r\n\r\nThe conditions we tailored will be displayed as we abuse the Opportunistic Lock and App Compatibility (shim) mechanisms.\r\n\r\n1. [link](https://learn.microsoft.com/en-us/windows/win32/fileio/opportunistic-locks)\r\n2. [link](https://learn.microsoft.com/en-us/windows/win32/devnotes/application-compatibility-database)\r\n3. [link](https://www.blackhat.com/docs/eu-15/materials/eu-15-Pierce-Defending-Against-Malicious-Application-Compatibility-Shims-wp.pdf)\r\n4. [link](https://www.blackhat.com/docs/asia-14/materials/Erickson/WP-Asia-14-Erickson-Persist-It-Using-And-Abusing-Microsofts-Fix-It-Patches.pdf)\r\n\n\n\n","media":[],"title":"SHIM me what you got - Manipulating Shim and Office for Code Injection","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"This talk brings back from the dead an attack surface that security vendors believed they had addressed a long time ago. \r\n\r\nWe will introduce a novel and stealthy technique to apply malicious shims on a process that does not require registry modification or SDB files and leaves no traces on the disk. \r\n\r\nThe reverse engineering of the shim infrastructure will be shown while focusing on undocumented API and the kernel driver of the infrastructure. \r\n\r\nThe various operations offered by the infrastructure will be analyzed from an offensive point of view, and the course we took to achieve this unique technique will be presented.\r\n\r\nIn addition, we will unveil an attack surface research that resulted in a noteworthy attack that manipulates 2 different OS components into performing DLL injection and privilege escalation. \r\n\r\nResearching the undocumented RPC interfaces of the service OfficeClickToRun.exe uncovered a method that can inject a DLL into another process running as “NT AUTHORITY\\SYSTEM”, which achieves privilege escalation. For this to work, specific conditions had to be met. \r\n\r\nThe conditions we tailored will be displayed as we abuse the Opportunistic Lock and App Compatibility (shim) mechanisms.\r\n\r\n1. [link](https://learn.microsoft.com/en-us/windows/win32/fileio/opportunistic-locks)\r\n2. [link](https://learn.microsoft.com/en-us/windows/win32/devnotes/application-compatibility-database)\r\n3. [link](https://www.blackhat.com/docs/eu-15/materials/eu-15-Pierce-Defending-Against-Malicious-Application-Compatibility-Shims-wp.pdf)\r\n4. [link](https://www.blackhat.com/docs/asia-14/materials/Erickson/WP-Asia-14-Erickson-Persist-It-Using-And-Abusing-Microsofts-Fix-It-Patches.pdf)","updated_timestamp":{"seconds":1720463062,"nanoseconds":0},"speakers":[{"content_ids":[54483],"conference_id":133,"event_ids":[54856],"name":"David Shandalov","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Deep Instinct","title":"Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/david-shan"},{"description":"","title":"Twitter (@DavidShandalov)","sort_order":0,"url":"https://x.com/DavidShandalov"}],"media":[],"id":54056,"title":"Security Researcher at Deep Instinct"},{"content_ids":[54483],"conference_id":133,"event_ids":[54856],"name":"Ron Ben-Yizhak","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Deep Instinct","title":"Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ron-by/"},{"description":"","title":"Twitter (@RonB_Y)","sort_order":0,"url":"https://twitter.com/RonB_Y"}],"media":[],"id":54179,"title":"Security Researcher at Deep Instinct"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:24:22Z","links":[],"end":"2024-08-10T18:45:00.000-0000","id":54856,"tag_ids":[46166,46169,46419,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54179},{"tag_id":46167,"sort_order":4,"person_id":54056}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-08T18:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Held every year since DEF CON 19 in 2011 (R.I.P. Riviera), (Except during that COVID thing - but we are not going to talk about that COVID thing), the DEF CON (unofficial) Beard and Mustache Contest highlights the intersection of facial hair and hacker culture.\r\n\r\nFor 2024 there will be four categories for the competition you may only enter one:\r\n- Full beard: Self-explanatory, for the truly bearded.\r\n- Partial Beard: For those sporting Van Dykes, Goatees, Mutton Chops, and other partial beard styles.\r\n- Mustache only: Judging on the mustache only, even if bearded. Bring your Handlebars, Fu Manchus, or whatever adorns your upper lip.\r\n- Freestyle: Anything goes, including fake and creatively adorned beards. Creative women often do well in the Freestyle category.\n\n\n","media":[{"hash_sha256":"c54a44eced8cd556db211f7e18b77490d4b50b6e1c79ddeb722a89b164b2dce9","filetype":"image/png","hash_md5":"33d6985f3218f5929114392fd8c13f7d","name":"ct_beard.png","is_logo":"Y","hash_crc32c":"345a5418","filesize":5846,"asset_id":626,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_beard.png"}],"title":"DEF CON 32 Beard and Mustache Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Held every year since DEF CON 19 in 2011 (R.I.P. Riviera), (Except during that COVID thing - but we are not going to talk about that COVID thing), the DEF CON (unofficial) Beard and Mustache Contest highlights the intersection of facial hair and hacker culture.\r\n\r\nFor 2024 there will be four categories for the competition you may only enter one:\r\n- Full beard: Self-explanatory, for the truly bearded.\r\n- Partial Beard: For those sporting Van Dykes, Goatees, Mutton Chops, and other partial beard styles.\r\n- Mustache only: Judging on the mustache only, even if bearded. Bring your Handlebars, Fu Manchus, or whatever adorns your upper lip.\r\n- Freestyle: Anything goes, including fake and creatively adorned beards. Creative women often do well in the Freestyle category.","updated_timestamp":{"seconds":1719554480,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T06:01:20Z","links":[{"label":"Twitter (@DCBeardContest)","type":"link","url":"https://twitter.com/DCBeardContest"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249368"},{"label":"More Info","type":"link","url":"https://dcbeard.net/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249369"}],"end":"2024-08-10T20:00:00.000-0000","id":54611,"tag_ids":[46427,46439,46492],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46334,"name":"LVCC - L1 - North Lobby Contests/ACK Stage","hotel":"","short_name":"North Lobby Contests/ACK Stage","id":46332},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-06-28T06:01:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ham radio is the original group of electronic hackers, starting long before computers, circuit chips, or even transistors. Continuing this pioneer spirit, The Ham Radio Village is offering free ham radio exams again at DEF CON! All are welcome to come and take the exam and get their amateur radio license upon passing. All three levels (technician, general, and amateur extra) of exams will be offered during DEF CON at the Ham Radio Village. Examinees are encouraged to study the question pool and take practice exams on ham.study.\r\n\r\nEverything we do today involves wireless communications of some sort, and a basic knowledge of how radio works is crucial. Getting your amateur radio license and entering the world of amateur radio will better equip you with knowledge about what goes on in the radio frequency domain, and this can be applied to other RF topics (like RFID credentials, WiFi, or anything else that communicated wirelessly)\n\n\n","media":[{"hash_sha256":"8121f8bfb8be2b701aea4941904ae7a178b8b90e84dd6cf786636abf65c33a38","filetype":"image/png","hash_md5":"d4129f6c22e4e172784f5759c4bb75d9","name":"pme_hamexams.png","is_logo":"Y","hash_crc32c":"ff2e55b6","filesize":31886,"asset_id":680,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_hamexams.png"}],"title":"Ham Radio Exams","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Ham radio is the original group of electronic hackers, starting long before computers, circuit chips, or even transistors. Continuing this pioneer spirit, The Ham Radio Village is offering free ham radio exams again at DEF CON! All are welcome to come and take the exam and get their amateur radio license upon passing. All three levels (technician, general, and amateur extra) of exams will be offered during DEF CON at the Ham Radio Village. Examinees are encouraged to study the question pool and take practice exams on ham.study.\r\n\r\nEverything we do today involves wireless communications of some sort, and a basic knowledge of how radio works is crucial. Getting your amateur radio license and entering the world of amateur radio will better equip you with knowledge about what goes on in the radio frequency domain, and this can be applied to other RF topics (like RFID credentials, WiFi, or anything else that communicated wirelessly)","updated_timestamp":{"seconds":1718812742,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T15:59:02Z","links":[{"label":"Website","type":"link","url":"https://hamvillage.org/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249512"},{"label":"Registration (Free)","type":"link","url":"https://ham.study/sessions/669069be6af12f90943be578/1"},{"label":"Twitter (@HamRadioVillage)","type":"link","url":"https://twitter.com/HamRadioVillage"}],"end":"2024-08-11T00:00:00.000-0000","id":54509,"tag_ids":[46365,46380],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W320","hotel":"","short_name":"W320","id":46299},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-06-19T15:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this workshop you will learn how to assemble and use the village badge, and how it can be used to solve challenges in the CTF\n\n\n","media":[],"title":"Introduction to the Payment Village badge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"In this workshop you will learn how to assemble and use the village badge, and how it can be used to solve challenges in the CTF","updated_timestamp":{"seconds":1722356300,"nanoseconds":0},"speakers":[{"content_ids":[55566,55567,55568],"conference_id":133,"event_ids":[56081,56082,56089,56091,56092],"name":"Leigh-Anne Galloway","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"UNDERLE LTD","title":"Director of Research"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/leighannegalloway/"},{"description":"","title":"Twitter (@L_Agalloway)","sort_order":0,"url":"https://twitter.com/L_Agalloway"}],"media":[],"id":56039,"title":"Director of Research at UNDERLE LTD"}],"begin_tsz":"2024-08-10T17:45:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T16:18:20Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":56091,"tag_ids":[46386,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723311900,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56039}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-10T17:45:00.000-0000","updated":"2024-07-30T16:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the modern world of cybersecurity threats, ransomware groups pose a significant challenge to organizations worldwide. This talk, tailored for cybersecurity students and professionals, delves into practical techniques for tracking and dismantling these elusive adversaries. Attendees will explore methods such as monitoring the latest ransomware attacks, engaging with ransomware blogs on the dark web, and reaching out to victims to gather firsthand insights into the operations of these malicious entities. By combining these strategies, participants will gain a comprehensive understanding of how to unmask and combat ransomware groups, bolstering their defenses against this pervasive threat.\n\n\n","media":[],"title":"Unmasking Shadows: Strategies on Hunting Ransomware Groups","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:30:00Z","end_timestamp":{"seconds":1723314600,"nanoseconds":0},"android_description":"In the modern world of cybersecurity threats, ransomware groups pose a significant challenge to organizations worldwide. This talk, tailored for cybersecurity students and professionals, delves into practical techniques for tracking and dismantling these elusive adversaries. Attendees will explore methods such as monitoring the latest ransomware attacks, engaging with ransomware blogs on the dark web, and reaching out to victims to gather firsthand insights into the operations of these malicious entities. By combining these strategies, participants will gain a comprehensive understanding of how to unmask and combat ransomware groups, bolstering their defenses against this pervasive threat.","updated_timestamp":{"seconds":1721495264,"nanoseconds":0},"speakers":[{"content_ids":[55198],"conference_id":133,"event_ids":[55588],"name":"R.J. McCarley","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Principal Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/rjmp/"}],"media":[],"id":55794,"title":"Principal Security Researcher"}],"begin_tsz":"2024-08-10T17:45:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T17:07:44Z","links":[],"end":"2024-08-10T18:30:00.000-0000","id":55588,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723311900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55794}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T17:45:00.000-0000","updated":"2024-07-20T17:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Are you getting stuck on solving ciphers in challenges? Not sure who or what Caesar is? What is \"polyalphabetic\" or \"transposition\"? Is this even relevant to modern day cryptography? Come on over for the Intro to Ciphers talk! Talk time: 5-15 minutes\n\n\n","media":[],"title":"CPV: Intro to Cyphers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:45:00Z","end_timestamp":{"seconds":1723311900,"nanoseconds":0},"android_description":"Are you getting stuck on solving ciphers in challenges? Not sure who or what Caesar is? What is \"polyalphabetic\" or \"transposition\"? Is this even relevant to modern day cryptography? Come on over for the Intro to Ciphers talk! Talk time: 5-15 minutes","updated_timestamp":{"seconds":1722725880,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T22:58:00Z","links":[],"end":"2024-08-10T17:45:00.000-0000","id":56622,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-08-03T22:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In today's volatile geopolitical landscape, the security of critical infrastructure—such as power grids, water supplies, and transportation systems—has never been more important. As global tensions rise, these vital systems increasingly become targets for cyber threats from state and non-state actors alike. This talk will delve into the evolving landscape of cyber threats targeting these essential services, highlighting notable attacks and their devastating impacts. We will explore the methodologies employed by malicious actors, including advanced persistent threats and ransomware, and examine real-world case studies to understand the stakes involved. The discussion will also cover the latest strategies and technologies for protecting critical infrastructure, emphasizing a defense-in-depth approach.\n\n\n","media":[],"title":"Protecting the Backbone of Our Modern World","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:30:00Z","end_timestamp":{"seconds":1723314600,"nanoseconds":0},"android_description":"In today's volatile geopolitical landscape, the security of critical infrastructure—such as power grids, water supplies, and transportation systems—has never been more important. As global tensions rise, these vital systems increasingly become targets for cyber threats from state and non-state actors alike. This talk will delve into the evolving landscape of cyber threats targeting these essential services, highlighting notable attacks and their devastating impacts. We will explore the methodologies employed by malicious actors, including advanced persistent threats and ransomware, and examine real-world case studies to understand the stakes involved. The discussion will also cover the latest strategies and technologies for protecting critical infrastructure, emphasizing a defense-in-depth approach.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55968],"conference_id":133,"event_ids":[56584],"name":"Soledad Antelada Toledano","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Google -Office of the CISO"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/soledad-antelada-toledano/"},{"description":"","title":"Twitter (@girlscanhack)","sort_order":0,"url":"https://twitter.com/girlscanhack?lang=en"}],"media":[],"id":56304,"title":"Google -Office of the CISO"}],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-10T18:30:00.000-0000","id":56584,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56304}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Recent advancements in drone technology are opening new opportunities and applications in various industries across all domains. Drones are quickly becoming integrated into our everyday lives for commercial and recreational use like many IoT devices; however, these advancements also present new cybersecurity challenges as drones grow in popularity. This talk provides an introduction to drone security covering the core components of drone technology (e.g., hardware, software, firmware, and communication protocols), cybersecurity risks and mitigations, and cybersecurity best practices for drone operations. Attendees will gain an understanding of drone systems and important security measures that help protect these devices (and its operators) from emerging and evolving threats.\n\n\n","media":[],"title":"Introduction to Drone Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T18:30:00Z","end_timestamp":{"seconds":1723314600,"nanoseconds":0},"android_description":"Recent advancements in drone technology are opening new opportunities and applications in various industries across all domains. Drones are quickly becoming integrated into our everyday lives for commercial and recreational use like many IoT devices; however, these advancements also present new cybersecurity challenges as drones grow in popularity. This talk provides an introduction to drone security covering the core components of drone technology (e.g., hardware, software, firmware, and communication protocols), cybersecurity risks and mitigations, and cybersecurity best practices for drone operations. Attendees will gain an understanding of drone systems and important security measures that help protect these devices (and its operators) from emerging and evolving threats.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55834],"conference_id":133,"event_ids":[56384],"name":"Hahna Kane Latonick","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56195}],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T18:30:00.000-0000","id":56384,"tag_ids":[46366,46734],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56195}],"tags":"","conference_id":133,"location":{"parent_id":46259,"name":"LVCC - L1 - HW2-07-02 (Aerospace) - Workshops","hotel":"","short_name":"Workshops","id":46476},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"An introduction to Digital Forensics: Part2\n\n\nThis is Part 2 of the Blue Team Village developed 101 tutorial series. This tutorial, which will be delivered in two parts, covers Digital Forensics basics. If you have ever been interested in Digital Forensics this series is a great place to start learning. The tutorials will cover the basics, and helps answer many of the questions regarding Digital Forensics and it's use in modern day digital investigations.","media":[],"title":"Obsidian: Forensics 101 Part 2","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"An introduction to Digital Forensics: Part2\n\n\nThis is Part 2 of the Blue Team Village developed 101 tutorial series. This tutorial, which will be delivered in two parts, covers Digital Forensics basics. If you have ever been interested in Digital Forensics this series is a great place to start learning. The tutorials will cover the basics, and helps answer many of the questions regarding Digital Forensics and it's use in modern day digital investigations.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55753,55748],"conference_id":133,"event_ids":[56278,56272],"name":"Sarthak Taneja","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56145}],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":56272,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56145}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In-Person Contest\r\nFriday and Saturday: 10:30-18:00\r\nCTF begins Friday 10:30; CTF ends Saturday 18:00\r\n\r\nThe Blue Team Village (BTV) CTF is a cyber defense Capture the Flag inspired by a mix of trending nation-state actor kill chains and at least one custom insider threat story. You are an incident responder tasked to investigate several incidents involving different operating systems and OT devices. You will have access to SIEM and Packet captures; however, just like in real life, these tools have issues you must overcome to uncover what happened.\r\n\r\nExpect indexes to telemetry issues, raw data not extracted properly, and missing fields. Regex may be helpful. In addition, Arkime, the network monitoring tool, will only work partially and correctly. You must find ways to make the best of the telemetry provided, and remember that you can always extract the resulting pcaps!\r\n\r\nThe CTF challenges contestants to leverage diverse cyber defense skills, including Incident Response, Forensics, and Threat Hunting. Both host and network telemetry are required to solve all the flags.\r\n\r\nBTV’s Project Obsidian crew developed the CTF to allow anyone, regardless of skill or knowledge, to participate and sharpen their cyber defense skills. We recommend creating or joining a team if you are new to cyber defense. We highly recommend participating in the BTV’s Project Obsidian workshop sessions if you are new to cyber defense. Sessions cover many of the topics on the CTF and will help you along the way.\n\n\n","media":[],"title":"Blue Team Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"In-Person Contest\r\nFriday and Saturday: 10:30-18:00\r\nCTF begins Friday 10:30; CTF ends Saturday 18:00\r\n\r\nThe Blue Team Village (BTV) CTF is a cyber defense Capture the Flag inspired by a mix of trending nation-state actor kill chains and at least one custom insider threat story. You are an incident responder tasked to investigate several incidents involving different operating systems and OT devices. You will have access to SIEM and Packet captures; however, just like in real life, these tools have issues you must overcome to uncover what happened.\r\n\r\nExpect indexes to telemetry issues, raw data not extracted properly, and missing fields. Regex may be helpful. In addition, Arkime, the network monitoring tool, will only work partially and correctly. You must find ways to make the best of the telemetry provided, and remember that you can always extract the resulting pcaps!\r\n\r\nThe CTF challenges contestants to leverage diverse cyber defense skills, including Incident Response, Forensics, and Threat Hunting. Both host and network telemetry are required to solve all the flags.\r\n\r\nBTV’s Project Obsidian crew developed the CTF to allow anyone, regardless of skill or knowledge, to participate and sharpen their cyber defense skills. We recommend creating or joining a team if you are new to cyber defense. We highly recommend participating in the BTV’s Project Obsidian workshop sessions if you are new to cyber defense. Sessions cover many of the topics on the CTF and will help you along the way.","updated_timestamp":{"seconds":1722310974,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:42:54Z","links":[{"label":"More Info","type":"link","url":"https://www.blueteamvillage.org/ctf"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249405"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249404"}],"end":"2024-08-11T01:00:00.000-0000","id":56056,"tag_ids":[46373,46427,46439,46756],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W311-W313 (BTV)","hotel":"","short_name":"W311-W313 (BTV)","id":46296},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-07-30T03:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Terraform is a leading Infrastructure as Code (IaC) solution. It empowers developers to create custom providers for provisioning a wide array of infrastructure resources. Terraform provider functions as binary files on the server and interacts with terraform binary through RPC communication during terraform run. These providers, running as binary files on the Terraform server, enable developers to build custom functions that could be exploited to gain unauthorised access, potentially compromising the Terraform server, and exposing sensitive credentials and data.\n\nIn this talk, we'll explore the inner workings of custom provider modules and how their functions can be leveraged to exploit vulnerabilities in Terraform Enterprise. We will also cover developing a custom provider and utilities the same for gaining access to the terraform server extracting the cloud credentials. We will also present various architectural solutions around TFE and best practices for minimising these attack vectors. Furthermore, the session will provide actionable steps for assessing the security posture of custom providers to ensure a robust defence.\n\n\n","media":[],"title":"Terraform Unleashed: Crafting Custom Provider Exploits for Ultimate Control","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:10:00Z","end_timestamp":{"seconds":1723313400,"nanoseconds":0},"android_description":"Terraform is a leading Infrastructure as Code (IaC) solution. It empowers developers to create custom providers for provisioning a wide array of infrastructure resources. Terraform provider functions as binary files on the server and interacts with terraform binary through RPC communication during terraform run. These providers, running as binary files on the Terraform server, enable developers to build custom functions that could be exploited to gain unauthorised access, potentially compromising the Terraform server, and exposing sensitive credentials and data.\n\nIn this talk, we'll explore the inner workings of custom provider modules and how their functions can be leveraged to exploit vulnerabilities in Terraform Enterprise. We will also cover developing a custom provider and utilities the same for gaining access to the terraform server extracting the cloud credentials. We will also present various architectural solutions around TFE and best practices for minimising these attack vectors. Furthermore, the session will provide actionable steps for assessing the security posture of custom providers to ensure a robust defence.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55489],"conference_id":133,"event_ids":[55918],"name":"Alex Foley","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56008},{"content_ids":[55489],"conference_id":133,"event_ids":[55918],"name":"Rupali","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"rupali0405","sort_order":0,"url":"https://rupali0405"}],"media":[],"id":56009}],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-10T18:10:00.000-0000","id":55918,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56008},{"tag_id":46167,"sort_order":4,"person_id":56009}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"RF CTF Kick Off Day 2","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:25:00Z","end_timestamp":{"seconds":1723314300,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55443,55453,55461],"conference_id":133,"event_ids":[55868,55878,55886],"name":"RF Hackers","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@rfhackers"},{"description":"","title":"Website","sort_order":0,"url":"https://rfhackers.com/"}],"media":[],"id":55982}],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-10T18:25:00.000-0000","id":55878,"tag_ids":[46390,46511,46742],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55982}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"To make RFID access badges vendors in China have created eink badges where instead of printing a badge out you instead program the eink portion of the badge with an smartphone app and then program the RFID portion. At this time the ones that are sold are either black and white or black and white and red. There is no security implemented so all you need to do is download the app to reprogram the front of the badge. This makes anyone able to reprogram both the front and back of the badge.\n\n\n","media":[],"title":"Psychic Paper: Making eink access badges accessible for anyone","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:15:00Z","end_timestamp":{"seconds":1723313700,"nanoseconds":0},"android_description":"To make RFID access badges vendors in China have created eink badges where instead of printing a badge out you instead program the eink portion of the badge with an smartphone app and then program the RFID portion. At this time the ones that are sold are either black and white or black and white and red. There is no security implemented so all you need to do is download the app to reprogram the front of the badge. This makes anyone able to reprogram both the front and back of the badge.","updated_timestamp":{"seconds":1720396471,"nanoseconds":0},"speakers":[{"content_ids":[54596],"conference_id":133,"event_ids":[54971],"name":"Joshua Herman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@zitterbewegung)","sort_order":0,"url":"https://twitter.com/zitterbewegung"}],"media":[],"id":54234}],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T23:54:31Z","links":[],"end":"2024-08-10T18:15:00.000-0000","id":54971,"tag_ids":[46383,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54234}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-07-07T23:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Years ago, when I started working at the NSA, I said to myself, now I can see what’s really happening and what needs to be done to address our adversaries and put an end to cybercrime. Well, I was sure wrong. I worked in a few different offices and participated in hundreds of operations, only to find frustration time and time again. What happened? What was it that we just couldn’t put our finger on? Yes, we were successful in addressing criminal activity. Yes, we could successfully negotiate the contested cyberspace domain. But adversarial activity kept popping up on our radar. It was Whack-A-Mole 2.0. \r\n\r\nWas it the technologies we used? No, we had state-of-the-art capabilities. Was there a lack of technical training amongst operators? No, again, taxpayers coughed up plenty, and they got their money’s worth. I concluded that it was strategy; it was philosophy. Sure, we had all the technical capabilities in the world, but we were using everything wrong. \r\n\r\nI was in the Information Warfare Support Center. We were supposed to know what to do and how to do it! So, I started studying not only traditional but contemporary philosophy as well. I gained access to curricula in China, Russia, and the USA. This presentation informs the attendees of the adversarial philosophy taught in the military academies in China and Russia, which is taken from their curricula and papers published in various journals and practice today.\r\n\n\n\n","media":[],"title":"Tough Adversary? Don’t Blame Sun Tzu","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"Years ago, when I started working at the NSA, I said to myself, now I can see what’s really happening and what needs to be done to address our adversaries and put an end to cybercrime. Well, I was sure wrong. I worked in a few different offices and participated in hundreds of operations, only to find frustration time and time again. What happened? What was it that we just couldn’t put our finger on? Yes, we were successful in addressing criminal activity. Yes, we could successfully negotiate the contested cyberspace domain. But adversarial activity kept popping up on our radar. It was Whack-A-Mole 2.0. \r\n\r\nWas it the technologies we used? No, we had state-of-the-art capabilities. Was there a lack of technical training amongst operators? No, again, taxpayers coughed up plenty, and they got their money’s worth. I concluded that it was strategy; it was philosophy. Sure, we had all the technical capabilities in the world, but we were using everything wrong. \r\n\r\nI was in the Information Warfare Support Center. We were supposed to know what to do and how to do it! So, I started studying not only traditional but contemporary philosophy as well. I gained access to curricula in China, Russia, and the USA. This presentation informs the attendees of the adversarial philosophy taught in the military academies in China and Russia, which is taken from their curricula and papers published in various journals and practice today.","updated_timestamp":{"seconds":1720393845,"nanoseconds":0},"speakers":[{"content_ids":[54557],"conference_id":133,"event_ids":[54932],"name":"Gregory Carpenter","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"KnowledgeBridge International","title":"CSO"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/gcarpenter-cso-kbi/"},{"description":"","title":"Twitter (@gscarp12)","sort_order":0,"url":"https://twitter.com/gscarp12"}],"media":[],"id":54342,"title":"CSO at KnowledgeBridge International"}],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T23:10:45Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":54932,"tag_ids":[46367,46419,46511,46512,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54342}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-07-07T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"It's the holiday season and all through the air,\r\n\r\nMessages arrive, not with joy, but despair.\r\n\r\nA sinister plot unfolds, a digital dance,\r\n\r\nSmishing scammers striking, a threat to enhance.\r\n\r\nThis past holiday season saw a dramatic rise in SMS phishing (smishing) messages, specifically targeting people pretending to be the USPS. Almost everyone in the United States received one of these messages using a kit sold by the ‘Smishing Triad’. While many of us knew these were scams many more did not, including someone close to me.\r\n\r\nI knew I had to do something about it once I started receiving these texts myself. With my focus in web application testing, I immediately took interest in these smishing kits and how I could exploit them. After a thorough review, some collaboration with other researchers, and a little reverse engineering I was able to find two vulnerabilities in the scammer’s kits allowing me to login to the admin panels.\r\n\r\nUsing this I have been able to recover over 390k distinct credit cards that the scammers had gathered using over 40 admin panels and well over 900 unique domains. Along with this was info on the scammers themselves like login IPs, usernames, and some cracked passwords they use.\r\n\r\nThis talk will cover the technical details of how I reverse engineered this kit, found these vulnerabilities, and collected the victim and admin data for each of these sites.\r\n\r\nMy Blog:\r\n\r\n[link](https://blog.smithsecurity.biz/systematic-destruction-hacking-the-scammers-pt.-2)\r\n[link](https://blog.smithsecurity.biz/hacking-the-scammers)\r\n\n\n\n","media":[],"title":"Smishing Smackdown: Unraveling the Threads of USPS Smishing and Fighting Back","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T18:15:00Z","end_timestamp":{"seconds":1723313700,"nanoseconds":0},"android_description":"It's the holiday season and all through the air,\r\n\r\nMessages arrive, not with joy, but despair.\r\n\r\nA sinister plot unfolds, a digital dance,\r\n\r\nSmishing scammers striking, a threat to enhance.\r\n\r\nThis past holiday season saw a dramatic rise in SMS phishing (smishing) messages, specifically targeting people pretending to be the USPS. Almost everyone in the United States received one of these messages using a kit sold by the ‘Smishing Triad’. While many of us knew these were scams many more did not, including someone close to me.\r\n\r\nI knew I had to do something about it once I started receiving these texts myself. With my focus in web application testing, I immediately took interest in these smishing kits and how I could exploit them. After a thorough review, some collaboration with other researchers, and a little reverse engineering I was able to find two vulnerabilities in the scammer’s kits allowing me to login to the admin panels.\r\n\r\nUsing this I have been able to recover over 390k distinct credit cards that the scammers had gathered using over 40 admin panels and well over 900 unique domains. Along with this was info on the scammers themselves like login IPs, usernames, and some cracked passwords they use.\r\n\r\nThis talk will cover the technical details of how I reverse engineered this kit, found these vulnerabilities, and collected the victim and admin data for each of these sites.\r\n\r\nMy Blog:\r\n\r\n[link](https://blog.smithsecurity.biz/systematic-destruction-hacking-the-scammers-pt.-2)\r\n[link](https://blog.smithsecurity.biz/hacking-the-scammers)","updated_timestamp":{"seconds":1720463073,"nanoseconds":0},"speakers":[{"content_ids":[54482],"conference_id":133,"event_ids":[54855],"name":"S1nn3r","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Twitter (@S1n1st3rSecuri1)","sort_order":0,"url":"https://twitter.com/S1n1st3rSecuri1"},{"description":"","title":"blog.smithsecurity.biz/","sort_order":0,"url":"https://blog.smithsecurity.biz/"}],"media":[],"id":54096}],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:24:33Z","links":[],"end":"2024-08-10T18:15:00.000-0000","id":54855,"tag_ids":[46166,46419,46880],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54096}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-07-08T18:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In recent years, web cache attacks have become a popular way to steal sensitive data, deface websites, and deliver exploits. We've also seen parser inconsistencies causing critical vulnerabilities like HTTP Request Smuggling. This raises the question: what happens if we attack web caches' URL-parsers? \r\n\r\nIn this session, I'll introduce two powerful new techniques that exploit RFC ambiguities to bypass the limitations of web cache deception and poisoning attacks.\r\n\r\nFirst, I'll introduce Static Path Deception, a novel technique to completely compromise the confidentiality of an application. I’ll illustrate this with a case study showing how such a breach can be replicated in environments like Nginx behind Cloudflare.\r\n\r\nNext, I'll present Cache Key Confusion, and show how to exploit URL parsing inconsistencies in major platforms, including Microsoft Azure Cloud. I’ll then show how to achieve arbitrary cache poisoning and full denial of service.\r\n\r\nFinally, I'll reveal how to supercharge these vulnerabilities with a live demo that blends Cache Key Confusion with a “non-exploitable” open redirect to execute arbitrary JS code for complete site takeover.\r\n\r\nAttendees will depart armed with a set of innovative techniques, along with a definitive methodology to find and exploit these and other URL or HTTP discrepancies.\r\n\r\nWeb Cache Deception Attack - Omer Gil\r\n[link](https://www.blackhat.com/docs/us-17/wednesday/us-17-Gil-Web-Cache-Deception-Attack-wp.pdf)\r\n\r\nThis is the first time Web Cache Deception attacks were introduced and worked as a starting point for my research.\r\n\r\nWeb Cache Entanglement: Novel Pathways to Poisoning - James Kettle\r\n[link](https://portswigger.net/research/web-cache-entanglement)\r\n\r\nThis research worked as an inspiration to develop the cache poisoning techniques. I also used this paper to outline the state of the art in web cache exploitation and create a different approach using parser discrepancies.\r\n\r\nCached and confused: Web cache deception in the wild - Seyed Ali Mirheidari, Sajjad Arshad, Kaan Onarlioglu, Bruno Crispo, Engin Kirda and William Robertson.\r\n[link](https://www.usenix.org/system/files/sec20-mirheidari.pdf)\r\n\r\nThe web cache deception techniques using delimiters for path confusion were inspired by the 2020 USENIX presentation “Cached and confused: Web cache deception in the wild”. In that presentation, they briefly describe some variations of path confusion using four encoded characters. Although the objective of their paper was to show a large-scale study of web cache deception vulnerabilities in the wild, it also introduced the use of delimiters for path confusion. In my presentation I'll expand on this concept, providing a methodology to find all the delimiters used by a URL parser and explaining how to use them in new exploitation techniques.\r\n\r\nChatGPT Account Takeover - Wildcard Web Cache Deception - Harel Security Research\r\n[link](https://nokline.github.io/bugbounty/2024/02/04/ChatGPT-ATO.html)\r\n\r\nAlso, during the time this research was being conducted, a vulnerability using a single variation of one of the techniques (Static Path Confusion) was published as a write up.\r\n\n\n\n","media":[],"title":"Gotta Cache ‘em all: bending the rules of web cache exploitation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T18:15:00Z","end_timestamp":{"seconds":1723313700,"nanoseconds":0},"android_description":"In recent years, web cache attacks have become a popular way to steal sensitive data, deface websites, and deliver exploits. We've also seen parser inconsistencies causing critical vulnerabilities like HTTP Request Smuggling. This raises the question: what happens if we attack web caches' URL-parsers? \r\n\r\nIn this session, I'll introduce two powerful new techniques that exploit RFC ambiguities to bypass the limitations of web cache deception and poisoning attacks.\r\n\r\nFirst, I'll introduce Static Path Deception, a novel technique to completely compromise the confidentiality of an application. I’ll illustrate this with a case study showing how such a breach can be replicated in environments like Nginx behind Cloudflare.\r\n\r\nNext, I'll present Cache Key Confusion, and show how to exploit URL parsing inconsistencies in major platforms, including Microsoft Azure Cloud. I’ll then show how to achieve arbitrary cache poisoning and full denial of service.\r\n\r\nFinally, I'll reveal how to supercharge these vulnerabilities with a live demo that blends Cache Key Confusion with a “non-exploitable” open redirect to execute arbitrary JS code for complete site takeover.\r\n\r\nAttendees will depart armed with a set of innovative techniques, along with a definitive methodology to find and exploit these and other URL or HTTP discrepancies.\r\n\r\nWeb Cache Deception Attack - Omer Gil\r\n[link](https://www.blackhat.com/docs/us-17/wednesday/us-17-Gil-Web-Cache-Deception-Attack-wp.pdf)\r\n\r\nThis is the first time Web Cache Deception attacks were introduced and worked as a starting point for my research.\r\n\r\nWeb Cache Entanglement: Novel Pathways to Poisoning - James Kettle\r\n[link](https://portswigger.net/research/web-cache-entanglement)\r\n\r\nThis research worked as an inspiration to develop the cache poisoning techniques. I also used this paper to outline the state of the art in web cache exploitation and create a different approach using parser discrepancies.\r\n\r\nCached and confused: Web cache deception in the wild - Seyed Ali Mirheidari, Sajjad Arshad, Kaan Onarlioglu, Bruno Crispo, Engin Kirda and William Robertson.\r\n[link](https://www.usenix.org/system/files/sec20-mirheidari.pdf)\r\n\r\nThe web cache deception techniques using delimiters for path confusion were inspired by the 2020 USENIX presentation “Cached and confused: Web cache deception in the wild”. In that presentation, they briefly describe some variations of path confusion using four encoded characters. Although the objective of their paper was to show a large-scale study of web cache deception vulnerabilities in the wild, it also introduced the use of delimiters for path confusion. In my presentation I'll expand on this concept, providing a methodology to find all the delimiters used by a URL parser and explaining how to use them in new exploitation techniques.\r\n\r\nChatGPT Account Takeover - Wildcard Web Cache Deception - Harel Security Research\r\n[link](https://nokline.github.io/bugbounty/2024/02/04/ChatGPT-ATO.html)\r\n\r\nAlso, during the time this research was being conducted, a vulnerability using a single variation of one of the techniques (Static Path Confusion) was published as a write up.","updated_timestamp":{"seconds":1720463092,"nanoseconds":0},"speakers":[{"content_ids":[54481,55173],"conference_id":133,"event_ids":[55561,54854],"name":"Martin Doyhenard","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Portswigger","title":"Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@tincho_508)","sort_order":0,"url":"https://twitter.com/tincho_508"}],"media":[],"id":54190,"title":"Security Researcher at Portswigger"}],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:24:52Z","links":[],"end":"2024-08-10T18:15:00.000-0000","id":54854,"tag_ids":[46166,46169,46419,46437,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54190}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-07-08T18:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Welcome to Day 2 of the 11th CPV at DEF CON! A brief overview of the state of the village, talks for the day, plus what's available at the village and what's gone, we might actually run out of friendship bracelet supplies this time around…\n\n\n","media":[],"title":"CPV: Day 2 Welcome","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:30:00Z","end_timestamp":{"seconds":1723311000,"nanoseconds":0},"android_description":"Welcome to Day 2 of the 11th CPV at DEF CON! A brief overview of the state of the village, talks for the day, plus what's available at the village and what's gone, we might actually run out of friendship bracelet supplies this time around…","updated_timestamp":{"seconds":1722725863,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:25:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T22:57:43Z","links":[],"end":"2024-08-10T17:30:00.000-0000","id":56621,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723310700,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-10T17:25:00.000-0000","updated":"2024-08-03T22:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this workshop, you’ll learn to write BadUSB scripts to hack computers using a cute, cat-shaped hacking tool called the USB Nugget. You’ll learn to write scripts to get computers of any operating system to do your bidding in seconds, and also how to automate nearly any desired action remotely. If you want to learn scripting like the USB Rubber Ducky, but with a Wi-Fi interface and more, this workshop is for you! A computer with Google Chrome is required for this workshop.\n\n\n","media":[],"title":"Learn BadUSB Hacking With the USB Nugget","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"In this workshop, you’ll learn to write BadUSB scripts to hack computers using a cute, cat-shaped hacking tool called the USB Nugget. You’ll learn to write scripts to get computers of any operating system to do your bidding in seconds, and also how to automate nearly any desired action remotely. If you want to learn scripting like the USB Rubber Ducky, but with a Wi-Fi interface and more, this workshop is for you! A computer with Google Chrome is required for this workshop.","updated_timestamp":{"seconds":1722645221,"nanoseconds":0},"speakers":[{"content_ids":[55930,55931,55932,55933,55934,55935,55936,55937,55938,55939],"conference_id":133,"event_ids":[56521,56522,56523,56524,56525,56526,56527,56528,56529,56530],"name":"Kody K","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56287}],"begin_tsz":"2024-08-10T17:15:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:41Z","links":[{"label":"Purchase/Pre-Register","type":"link","url":"https://retia.io/products/learn-bad-usb-hacking-with-the-usb-nugget"}],"end":"2024-08-10T18:45:00.000-0000","id":56525,"tag_ids":[46383,46429,46734],"village_id":null,"begin_timestamp":{"seconds":1723310100,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56287}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:15:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Over the last 36 months, the cybersecurity landscape has evolved with unprecedented complexity, marked by ransomware, supply chain attacks, zero-days, remote work challenges, and more. Amid mass layoffs and pervasive mental burnout, organizations face daunting tasks in defending against escalating cyber threats. Layoffs exacerbate the skills gap, leaving teams stretched thin. Mental burnout hampers practitioners' abilities. In this talk, we'll explore the impacts of recent and chart a path forward for application security. As a lone AppSec professional, your choices will shape the future. Will you navigate through complexity or become lost in redundant complications?\n\n\n","media":[],"title":"Navigating the Cyber Security Labyrinth: Choose Your Own Security Adventure?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:55:00Z","end_timestamp":{"seconds":1723312500,"nanoseconds":0},"android_description":"Over the last 36 months, the cybersecurity landscape has evolved with unprecedented complexity, marked by ransomware, supply chain attacks, zero-days, remote work challenges, and more. Amid mass layoffs and pervasive mental burnout, organizations face daunting tasks in defending against escalating cyber threats. Layoffs exacerbate the skills gap, leaving teams stretched thin. Mental burnout hampers practitioners' abilities. In this talk, we'll explore the impacts of recent and chart a path forward for application security. As a lone AppSec professional, your choices will shape the future. Will you navigate through complexity or become lost in redundant complications?","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55701],"conference_id":133,"event_ids":[56232],"name":"punkcoder","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56121}],"begin_tsz":"2024-08-10T17:15:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T17:55:00.000-0000","id":56232,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723310100,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56121}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T17:15:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Find out how to participate in the Payment Village CTF\n\n\n","media":[],"title":"Introduction to Payment Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:20:00Z","end_timestamp":{"seconds":1723310400,"nanoseconds":0},"android_description":"Find out how to participate in the Payment Village CTF","updated_timestamp":{"seconds":1722356274,"nanoseconds":0},"speakers":[{"content_ids":[55566,55567,55568],"conference_id":133,"event_ids":[56081,56082,56089,56091,56092],"name":"Leigh-Anne Galloway","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"UNDERLE LTD","title":"Director of Research"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/leighannegalloway/"},{"description":"","title":"Twitter (@L_Agalloway)","sort_order":0,"url":"https://twitter.com/L_Agalloway"}],"media":[],"id":56039,"title":"Director of Research at UNDERLE LTD"}],"begin_tsz":"2024-08-10T17:15:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T16:17:54Z","links":[],"end":"2024-08-10T17:20:00.000-0000","id":56092,"tag_ids":[46386,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723310100,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56039}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-10T17:15:00.000-0000","updated":"2024-07-30T16:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Voting Village Opening Remarks","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:45:00Z","end_timestamp":{"seconds":1723311900,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723212565,"nanoseconds":0},"speakers":[{"content_ids":[56200,56182,56192],"conference_id":133,"event_ids":[56836,56846,56854],"name":"Catherine Terranova","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/catherine-terranova-8b209826a"},{"description":"","title":"Twitter (@catlovesvoting)","sort_order":0,"url":"https://twitter.com/catlovesvoting"},{"description":"","title":"Website","sort_order":0,"url":"https://votingvillage.org"}],"media":[],"id":56563},{"content_ids":[56182,56193,56192],"conference_id":133,"event_ids":[56836,56846,56847],"name":"Harri Hursti","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/hhursti"},{"description":"","title":"Twitter (@harrihursti)","sort_order":0,"url":"https://twitter.com/harrihursti"},{"description":"","title":"Website","sort_order":0,"url":"https://votingvillage.org"}],"media":[],"id":56570},{"content_ids":[56182,56192],"conference_id":133,"event_ids":[56836,56846],"name":"Matt Blaze","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@mattblaze)","sort_order":0,"url":"https://twitter.com/mattblaze"},{"description":"","title":"Website","sort_order":0,"url":"https://votingvillage.org"}],"media":[],"id":56577}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T14:09:25Z","links":[],"end":"2024-08-10T17:45:00.000-0000","id":56846,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56563},{"tag_id":46167,"sort_order":4,"person_id":56570},{"tag_id":46167,"sort_order":6,"person_id":56577}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-09T14:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Physical Security Village explores the world of hardware bypasses and techniques generally outside of the realm of cyber-security and lockpicking. Come learn some of these bypasses, how to fix them, and have the opportunity to try them out for yourself. \r\n\r\nWe’ll be covering the basics, like the under-the-door-tool and latch slipping attacks, as well as an in depth look at more complicated bypasses. Learn about elevator hacking, attacking alarm systems at the sensor and communication line, and cut-away and display models of common hardware to show how it works on the inside. \r\n\r\nLooking for a challenge? Show us you can use lock bypass to escape from a pair of standard handcuffs in under 30 seconds and receive a prize!\n\n\n","media":[],"title":"Physical Security Village Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The Physical Security Village explores the world of hardware bypasses and techniques generally outside of the realm of cyber-security and lockpicking. Come learn some of these bypasses, how to fix them, and have the opportunity to try them out for yourself. \r\n\r\nWe’ll be covering the basics, like the under-the-door-tool and latch slipping attacks, as well as an in depth look at more complicated bypasses. Learn about elevator hacking, attacking alarm systems at the sensor and communication line, and cut-away and display models of common hardware to show how it works on the inside. \r\n\r\nLooking for a challenge? Show us you can use lock bypass to escape from a pair of standard handcuffs in under 30 seconds and receive a prize!","updated_timestamp":{"seconds":1723044549,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T15:29:09Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56820,"tag_ids":[46387,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-07T15:29:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"ARPA-H accelerates better health outcomes for everyone by supporting the development of high-impact solutions to society's most challenging health problems. Join us in discussing why strong cybersecurity security is a critical piece of healthcare innovation and how ARPA-H is enabling this through the AIxCC, DIGIHEALS, and UPGRADE programs.\n\n\n","media":[],"title":"Securing Health Care: AIxCC, DIGIHEALS, and UPGRADE","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:45:00Z","end_timestamp":{"seconds":1723311900,"nanoseconds":0},"android_description":"ARPA-H accelerates better health outcomes for everyone by supporting the development of high-impact solutions to society's most challenging health problems. Join us in discussing why strong cybersecurity security is a critical piece of healthcare innovation and how ARPA-H is enabling this through the AIxCC, DIGIHEALS, and UPGRADE programs.","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[54533,55322,56132],"conference_id":133,"event_ids":[55714,56775,54906],"name":"Andrew Carney","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DARPA AI Cyber Challenge (AIxCC)","title":"Program Manager"},{"organization":"Advanced Research Projects Agency for Health (ARPA-H)","title":"Program Manager"}],"pronouns":null,"links":[{"description":"","title":"ARPA-H Profile","sort_order":0,"url":"https://arpa-h.gov/about/people/andrew-carney"}],"media":[],"id":54106,"title":"Program Manager at Advanced Research Projects Agency for Health (ARPA-H)"},{"content_ids":[56132],"conference_id":133,"event_ids":[56775],"name":"Dr. Jennifer Roberts, PhD","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ARPA-H","title":"Office Director of Resilient Systems"}],"pronouns":"she/her","links":[{"description":"","title":"ARPA-H Profile","sort_order":0,"url":"https://arpa-h.gov/about/people/jennifer-roberts"}],"media":[],"id":56521,"title":"Office Director of Resilient Systems at ARPA-H"},{"content_ids":[56132],"conference_id":133,"event_ids":[56775],"name":"Dr. Susan Coller Monarez, PhD","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ARPA-H","title":"Deputy Director"}],"pronouns":null,"links":[{"description":"","title":"ARPA-H Profile","sort_order":0,"url":"https://arpa-h.gov/about/people/susan-monarez"}],"media":[],"id":56522,"title":"Deputy Director at ARPA-H"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-10T17:45:00.000-0000","id":56775,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56521},{"tag_id":46167,"sort_order":4,"person_id":56522},{"tag_id":46167,"sort_order":6,"person_id":54106}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In addition to the CTF and talks which are elsewhere on the schedule, the RF Village is also a place to hang out and chat with like minded folks who share your interests.\n\n\n","media":[],"title":"Radio Frequency Village Events","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"In addition to the CTF and talks which are elsewhere on the schedule, the RF Village is also a place to hang out and chat with like minded folks who share your interests.","updated_timestamp":{"seconds":1722874415,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-05T16:13:35Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56767,"tag_ids":[46390,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-05T16:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"To celebrate DEF CON 32, the Hardware Hacking Village (HHV) is hosting a Rube Goldberg Machine (RGM) Event! This idea has been kicking around the HHV volunteer circle in one shape or another since at least DEF CON 20, so it’s about time that it happened! The goal is to create a series of devices that combine to form an end-to-end Rube Goldberg machine for transmitting messages. The hope is that all sorts of creative devices will be connected up to each other to move bits through various complicated and fun analog/digital methods. Ideas have ranged from simply wiring RX to TX — to using radios to bounce the message off the moon!\n\n\n","media":[],"title":"HHV Rube Goldberg Machine","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"To celebrate DEF CON 32, the Hardware Hacking Village (HHV) is hosting a Rube Goldberg Machine (RGM) Event! This idea has been kicking around the HHV volunteer circle in one shape or another since at least DEF CON 20, so it’s about time that it happened! The goal is to create a series of devices that combine to form an end-to-end Rube Goldberg machine for transmitting messages. The hope is that all sorts of creative devices will be connected up to each other to move bits through various complicated and fun analog/digital methods. Ideas have ranged from simply wiring RX to TX — to using radios to bounce the message off the moon!","updated_timestamp":{"seconds":1722821818,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-05T01:36:58Z","links":[{"label":"More Info","type":"link","url":"https://dchhv.org/events/hhv_rgb.html"}],"end":"2024-08-11T01:00:00.000-0000","id":56762,"tag_ids":[46381,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-05T01:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you have never participated in a Robo Sumo event before, welcome to the crowd! There are a number of resources online on this topic. We are lucky enough to have Pololu as a local resource. Their office is a short distance from the strip. They have have robots and parts to make robots. They can ship to your hotel if desired. Put something together and bring it down to show off and shove other bots around.\r\n\r\nPlease follow the \"more info\" link if you would like to know more.\n\n\n","media":[],"title":"Robo Sumo","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"If you have never participated in a Robo Sumo event before, welcome to the crowd! There are a number of resources online on this topic. We are lucky enough to have Pololu as a local resource. Their office is a short distance from the strip. They have have robots and parts to make robots. They can ship to your hotel if desired. Put something together and bring it down to show off and shove other bots around.\r\n\r\nPlease follow the \"more info\" link if you would like to know more.","updated_timestamp":{"seconds":1722821775,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-05T01:36:15Z","links":[{"label":"More Info","type":"link","url":"https://dchhv.org/events/robosumo.html"}],"end":"2024-08-11T01:00:00.000-0000","id":56760,"tag_ids":[46381,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-05T01:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Hardware Hacking and Soldering Skills Village Open (HHV-SSV)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722822007,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-05T01:40:07Z","links":[{"label":"Website","type":"link","url":"https://dchhv.org"}],"end":"2024-08-11T01:00:00.000-0000","id":56758,"tag_ids":[46381,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-05T01:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Welcome to the inaugural GameHacking.GG @ DEF CON 32, where gaming and cybersecurity intersect in exciting and interactive ways. Our mission is to delve into various aspects of game security, fostering an environment of exploration, play, and learning. The DEFCON32 event is constructed to make game security accessible and playable at all skill levels. \r\n\r\nAt the Game Hacking DEF CON 32 event, participants can engage in activities ranging from modding games to exploring the intricacies of memory hacking and multiplayer cheats. In future iterations of the event we hope to expand to learning about game malware and maybe even some hardware hacks. Whether you're a beginner or an experienced hacker, we will have presentations and activities to challenge your skills.\r\n\r\nBe part of the evolution of game security. Dive into our activities, engage with other game hackers, and explore opportunities to contribute to and support the Game Hacking Community. Let’s play, learn, exploit, and perhaps even profit.\n\n\n","media":[],"title":"Game Hacking Community Activities & CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Welcome to the inaugural GameHacking.GG @ DEF CON 32, where gaming and cybersecurity intersect in exciting and interactive ways. Our mission is to delve into various aspects of game security, fostering an environment of exploration, play, and learning. The DEFCON32 event is constructed to make game security accessible and playable at all skill levels. \r\n\r\nAt the Game Hacking DEF CON 32 event, participants can engage in activities ranging from modding games to exploring the intricacies of memory hacking and multiplayer cheats. In future iterations of the event we hope to expand to learning about game malware and maybe even some hardware hacks. Whether you're a beginner or an experienced hacker, we will have presentations and activities to challenge your skills.\r\n\r\nBe part of the evolution of game security. Dive into our activities, engage with other game hackers, and explore opportunities to contribute to and support the Game Hacking Community. Let’s play, learn, exploit, and perhaps even profit.","updated_timestamp":{"seconds":1722815557,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-04T23:52:37Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56753,"tag_ids":[46402,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-03","hotel":"","short_name":"HW4-01-03","id":46275},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-04T23:52:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Lonely Hackers Club is conducting some meshtastic activities during DEF CON 32. \r\n\r\nThe Lonely Hackers Club is hosting a CTF over Meshtastic. To participate you will need a Meshtastic node. There will be additional flags located in or near the LHC room. For more information check out our [Meshtastic page](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Getting Started\r\n\r\nLearn more [here](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Default LongFast Mesh + LHC Channel, Use before DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CgcSAQE6AgggChcSEMSWXxEzf_LVVi5jI8UQhWUaA2xoYxIMCAE4AUADSAFQHmgB)\r\n\r\n## DEFCONnect ShortFast Mesh + LHC Channel, Use during DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CjISIDhLvMAdwCLRgb82uGEh4fuWty5Vv3Qifp1q-0jWTLGhGgpERUZDT05uZWN0OgIIDQoXEhDEll8RM3_y1VYuYyPFEIVlGgNsaGMSEQgBEAY4AUADSAFQHmgBwAYB)\r\n\n\n\n","media":[],"title":"LHC Meshtastic Activities and CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Lonely Hackers Club is conducting some meshtastic activities during DEF CON 32. \r\n\r\nThe Lonely Hackers Club is hosting a CTF over Meshtastic. To participate you will need a Meshtastic node. There will be additional flags located in or near the LHC room. For more information check out our [Meshtastic page](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Getting Started\r\n\r\nLearn more [here](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Default LongFast Mesh + LHC Channel, Use before DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CgcSAQE6AgggChcSEMSWXxEzf_LVVi5jI8UQhWUaA2xoYxIMCAE4AUADSAFQHmgB)\r\n\r\n## DEFCONnect ShortFast Mesh + LHC Channel, Use during DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CjISIDhLvMAdwCLRgb82uGEh4fuWty5Vv3Qifp1q-0jWTLGhGgpERUZDT05uZWN0OgIIDQoXEhDEll8RM3_y1VYuYyPFEIVlGgNsaGMSEQgBEAY4AUADSAFQHmgBwAYB)","updated_timestamp":{"seconds":1722875831,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-05T16:37:11Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56749,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-05T16:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"\"Tamper-evident\" refers to a physical security technology that provides evidence of tampering (access, damage, repair, or replacement) to determine authenticity or integrity of a container or object(s). In practical terms, this can be a piece of tape that closes an envelope, a plastic detainer that secures a hasp, or an ink used to identify a legitimate document. Tamper-evident technologies are often confused with \"tamper resistant\" or \"tamper proof\" technologies which attempt to prevent tampering in the first place. Referred to individually as \"seals,\" many tamper technologies are easy to destroy, but a destroyed (or missing) seal would provide evidence of tampering! The goal of the TEV is to teach attendees how these technologies work and how many can be tampered with without leaving evidence.\r\n\r\nThe Tamper-Evident Village includes the following contests and events:\r\n\r\n- The Box; an electronic tamper challenge. An extremely realistic explosive with traps, alarms, and a timer ticking down. One mistake and BOOM, you're dead. Make every second count! Sign ups on-site when the TEV begins.\r\n- Tamper-Evident King of the Hill; a full-featured tamper challenge. Tamper single items at your leisure and attempt to beat the current best. There can be only ONE! No sign ups required, play on-site when the TEV begins.\r\n- Badge Counterfeiting Contest; submit your best forgery of a DEF CON human badge. Other target badges are also available for those looking for more counterfeit fun!\r\n- For your viewing pleasure, collections of high-security tamper-evident seals from around the world.\r\n- Presentations & demonstrations on various aspects of tamper-evident seals and methods to defeat them.\r\n- Hands-on fun with adhesive seals, mechanical seals, envelopes, and evidence bags.\n\n\n","media":[],"title":"Tamper Evident Village Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"\"Tamper-evident\" refers to a physical security technology that provides evidence of tampering (access, damage, repair, or replacement) to determine authenticity or integrity of a container or object(s). In practical terms, this can be a piece of tape that closes an envelope, a plastic detainer that secures a hasp, or an ink used to identify a legitimate document. Tamper-evident technologies are often confused with \"tamper resistant\" or \"tamper proof\" technologies which attempt to prevent tampering in the first place. Referred to individually as \"seals,\" many tamper technologies are easy to destroy, but a destroyed (or missing) seal would provide evidence of tampering! The goal of the TEV is to teach attendees how these technologies work and how many can be tampered with without leaving evidence.\r\n\r\nThe Tamper-Evident Village includes the following contests and events:\r\n\r\n- The Box; an electronic tamper challenge. An extremely realistic explosive with traps, alarms, and a timer ticking down. One mistake and BOOM, you're dead. Make every second count! Sign ups on-site when the TEV begins.\r\n- Tamper-Evident King of the Hill; a full-featured tamper challenge. Tamper single items at your leisure and attempt to beat the current best. There can be only ONE! No sign ups required, play on-site when the TEV begins.\r\n- Badge Counterfeiting Contest; submit your best forgery of a DEF CON human badge. Other target badges are also available for those looking for more counterfeit fun!\r\n- For your viewing pleasure, collections of high-security tamper-evident seals from around the world.\r\n- Presentations & demonstrations on various aspects of tamper-evident seals and methods to defeat them.\r\n- Hands-on fun with adhesive seals, mechanical seals, envelopes, and evidence bags.","updated_timestamp":{"seconds":1722801725,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-04T20:02:05Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56746,"tag_ids":[46394,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-04T20:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AppSec Village is proud to present our DEF CON Contest in partnership with SecDim.\r\n\r\nUnlike a typical CTF, this contest rewards the players who fix security vulnerabilities. You can choose between secure coding challenges or competing against other players in an Attack & Defence AppSec challenge, where you need to secure your app before being given a chance to hack other players’ apps 😈.\r\n\r\nYou can also develop your own AppSec challenge by following challenge contribution guidelines. All approved challenges will be hosted during AppSec Village @ DEF CON.\r\n\r\nThere are two categories of winners:\r\n- The player with the highest total points by the end of the event (August 11 at 12:00 PM PDT)\r\n- The best-contributed challenge submission\r\n\r\nThe Award Ceremony will be held at 12:45 PM PDT in the AppSec Village on August 11.\n\n\n","media":[],"title":"Fix the Flag Wargame","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T00:30:00Z","end_timestamp":{"seconds":1723336200,"nanoseconds":0},"android_description":"AppSec Village is proud to present our DEF CON Contest in partnership with SecDim.\r\n\r\nUnlike a typical CTF, this contest rewards the players who fix security vulnerabilities. You can choose between secure coding challenges or competing against other players in an Attack & Defence AppSec challenge, where you need to secure your app before being given a chance to hack other players’ apps 😈.\r\n\r\nYou can also develop your own AppSec challenge by following challenge contribution guidelines. All approved challenges will be hosted during AppSec Village @ DEF CON.\r\n\r\nThere are two categories of winners:\r\n- The player with the highest total points by the end of the event (August 11 at 12:00 PM PDT)\r\n- The best-contributed challenge submission\r\n\r\nThe Award Ceremony will be held at 12:45 PM PDT in the AppSec Village on August 11.","updated_timestamp":{"seconds":1722783756,"nanoseconds":0},"speakers":[{"content_ids":[55726],"conference_id":133,"event_ids":[56630,56631,56234],"name":"Harley Wilson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56118}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-04T15:02:36Z","links":[],"end":"2024-08-11T00:30:00.000-0000","id":56630,"tag_ids":[46370,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56118}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV CTF","hotel":"","short_name":"ASV CTF","id":46471},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-04T15:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The S.O.D.A. Machine Experience:\r\n\r\nImagine being at DEF CON, eager to dive into some serious hacking without being tethered to your laptop. The Shell On Demand Appliance is here to enhance your experience by providing access to anonymous virtual machine using cold hard cash. \r\n\r\nWhat is the Shell On Demand Appliance?\r\n\r\nThe S.O.D.A. machine is now located in the contest area at the DEF CON Scavenger Hunt booth, offering virtual machines accessible via the DEF CON network. A blend of hardware, software, art, and hacking, using recycled materials to create a sustainable tech experience. The built-in datacenter connects directly to the DEF CON network. Insert cash or coins into the machine to get started, the system deploys the VM to the network, and a receipt with your login credentials is printed. Users receive login credentials to access their virtual machine via remote shell. You can change the password, install tools and applications, and customize the VM to suit your needs. The updated system now provides secure access from anywhere in the world through a web browser or standard SSH client. Be sure to check out the BBS too!\r\n\r\nSupporting the Cause:\r\n\r\nAll proceeds from the S.O.D.A. Machine benefit the National Upcycled Computing Collective, Inc., a 501(c)(3) nonprofit organization dedicated to advancing research and education in computer science, technology, and engineering. Contributions are welcome at [https://www.paypal.com/paypalme/NUCC](https://www.paypal.com/paypalme/NUCC).\n\n\n","media":[],"title":"Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The S.O.D.A. Machine Experience:\r\n\r\nImagine being at DEF CON, eager to dive into some serious hacking without being tethered to your laptop. The Shell On Demand Appliance is here to enhance your experience by providing access to anonymous virtual machine using cold hard cash. \r\n\r\nWhat is the Shell On Demand Appliance?\r\n\r\nThe S.O.D.A. machine is now located in the contest area at the DEF CON Scavenger Hunt booth, offering virtual machines accessible via the DEF CON network. A blend of hardware, software, art, and hacking, using recycled materials to create a sustainable tech experience. The built-in datacenter connects directly to the DEF CON network. Insert cash or coins into the machine to get started, the system deploys the VM to the network, and a receipt with your login credentials is printed. Users receive login credentials to access their virtual machine via remote shell. You can change the password, install tools and applications, and customize the VM to suit your needs. The updated system now provides secure access from anywhere in the world through a web browser or standard SSH client. Be sure to check out the BBS too!\r\n\r\nSupporting the Cause:\r\n\r\nAll proceeds from the S.O.D.A. Machine benefit the National Upcycled Computing Collective, Inc., a 501(c)(3) nonprofit organization dedicated to advancing research and education in computer science, technology, and engineering. Contributions are welcome at [https://www.paypal.com/paypalme/NUCC](https://www.paypal.com/paypalme/NUCC).","updated_timestamp":{"seconds":1722781910,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-04T14:31:50Z","links":[{"label":"Mastodon (@soda@defcon.social)","type":"link","url":"https://defcon.social/@soda"},{"label":"Twitter (@ShellsOnDemand)","type":"link","url":"https://twitter.com/ShellsOnDemand"}],"end":"2024-08-11T01:00:00.000-0000","id":56628,"tag_ids":[46362,46427],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-02","hotel":"","short_name":"HW4-03-02","id":46369},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-04T14:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Adversarial AI: Disrupting Artificial Intelligence with Style","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722715708,"nanoseconds":0},"speakers":[{"content_ids":[54623,55698,55989],"conference_id":133,"event_ids":[56611,56229,54997],"name":"Chloé Messdaghi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"HiddenLayer","title":"Head of Threat Intelligence"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@ChloeMessdaghi)","sort_order":0,"url":"https://twitter.com/ChloeMessdaghi"}],"media":[],"id":54278,"title":"Head of Threat Intelligence at HiddenLayer"},{"content_ids":[54623,55878,55698,55989],"conference_id":133,"event_ids":[56611,56229,56463,54997],"name":"Kasimir Schulz","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"HiddenLayer","title":"Principal Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@abraxus7331)","sort_order":0,"url":"https://twitter.com/abraxus7331"}],"media":[],"id":54282,"title":"Principal Security Researcher at HiddenLayer"},{"content_ids":[55989],"conference_id":133,"event_ids":[56611],"name":"Sebastian Cesario","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"CTO & Co Founder, BforeAI","title":""}],"links":[],"pronouns":null,"media":[],"id":56326,"title":"CTO & Co Founder, BforeAI"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T20:08:28Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":56611,"tag_ids":[46367,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54278},{"tag_id":46167,"sort_order":4,"person_id":56326},{"tag_id":46167,"sort_order":6,"person_id":54282}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T20:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This area will feature guided breach simulation exercises for participants to engage with. There will be two activities, \"Breach-the-Hospital\" and \"Breach-the-Office,\" based on two LEGO sets. A simulated cyber range will be available for each scenario, providing an exact replica of an enterprise production environment. We will provide a detailed walkthrough of the attack scenarios, including Tools-Techniques-and-Procedures (TTPs) commands and how-to guides, demonstrating how to atatck and breach the hospital's infrastructure or the office environment. This exercise will give participants a clear understanding of how adversaries infiltrate corporate environments.\n\n\n","media":[],"title":"Hands-on Attack and Breach Simulation exercises","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"This area will feature guided breach simulation exercises for participants to engage with. There will be two activities, \"Breach-the-Hospital\" and \"Breach-the-Office,\" based on two LEGO sets. A simulated cyber range will be available for each scenario, providing an exact replica of an enterprise production environment. We will provide a detailed walkthrough of the attack scenarios, including Tools-Techniques-and-Procedures (TTPs) commands and how-to guides, demonstrating how to atatck and breach the hospital's infrastructure or the office environment. This exercise will give participants a clear understanding of how adversaries infiltrate corporate environments.","updated_timestamp":{"seconds":1722714024,"nanoseconds":0},"speakers":[{"content_ids":[55981,55982,55983,55994],"conference_id":133,"event_ids":[56597,56598,56599,56600,56601,56602,56603,56604,56605,56616],"name":"Adversary Village Crew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56320}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T19:40:24Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56604,"tag_ids":[46367,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56320}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV Hands-on Area","hotel":"","short_name":"ADV Hands-on Area","id":46478},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T19:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Adversary Simulator booth is a volunteer assisted activity, which has hands-on adversary emulation plans and exercises specific to a wide variety of threat-actors; these are meant to provide the participants with a better understanding of adversarial attack emulation. The booth will be hosting a simulated environment meant to recreate enterprise infrastructure, operational technology environment, which serves targets for various attack simulations.The hands-on simulator booth also hosts an activity, which would need the participants to generate their own adversary emulation plans to assess the efficacy of the defense systems based on publicly available cyber threat intelligence.\n\n\n","media":[],"title":"Adversary simulator and purple teaming hands-on booth","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Adversary Simulator booth is a volunteer assisted activity, which has hands-on adversary emulation plans and exercises specific to a wide variety of threat-actors; these are meant to provide the participants with a better understanding of adversarial attack emulation. The booth will be hosting a simulated environment meant to recreate enterprise infrastructure, operational technology environment, which serves targets for various attack simulations.The hands-on simulator booth also hosts an activity, which would need the participants to generate their own adversary emulation plans to assess the efficacy of the defense systems based on publicly available cyber threat intelligence.","updated_timestamp":{"seconds":1722713994,"nanoseconds":0},"speakers":[{"content_ids":[55981,55982,55983,55994],"conference_id":133,"event_ids":[56597,56598,56599,56600,56601,56602,56603,56604,56605,56616],"name":"Adversary Village Crew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56320}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T19:39:54Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56602,"tag_ids":[46367,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56320}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV Hands-on Area","hotel":"","short_name":"ADV Hands-on Area","id":46478},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T19:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Adversary Adventure is a Choose-Your-Own-Adventure model interactive table-top exercise game, where everyone can participate and choose various tasks. The participants can choose to play as an attacker who performs adversarial activities against a target, a defender who deals with a potential breach, as a CISO who is managing a ransomware attack, or even as management executives going through a table-top exercise.\n\n\n","media":[],"title":"Adversary-Adventure Table-top Game","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Adversary Adventure is a Choose-Your-Own-Adventure model interactive table-top exercise game, where everyone can participate and choose various tasks. The participants can choose to play as an attacker who performs adversarial activities against a target, a defender who deals with a potential breach, as a CISO who is managing a ransomware attack, or even as management executives going through a table-top exercise.","updated_timestamp":{"seconds":1722714013,"nanoseconds":0},"speakers":[{"content_ids":[55981,55982,55983,55994],"conference_id":133,"event_ids":[56597,56598,56599,56600,56601,56602,56603,56604,56605,56616],"name":"Adversary Village Crew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56320}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T19:40:13Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56600,"tag_ids":[46367,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56320}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV Hands-on Area","hotel":"","short_name":"ADV Hands-on Area","id":46478},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T19:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Caso de estudio sobre como se realizo el pentest de una Chapa inteligente que se pretendía utilizar en la Fascia de cajeros automáticos, al final, se logro encontrar una vulnerabilidad que ponía en riesgo la apertura de cualquier chapa perteneciente a la empresa fabricante, ya que las llaves AES que utiliza se podía extraer por medio de una vulnerabilidad IDOR. Con la información obtenida de llaves, y con información de logs de su app móvil permiten entender como se implementaba el algoritmo de encripcion. Finalmente se creo un BOT en telegram el cual resolviera los challenges que solicitaba la chapa para poder realizar la apertura. La Metodologia utilizada para el análisis no es nueva, se baso en el trabajo de presentaciones DEFCON anteriores, por lo que referencias a esos trabajo estaran incluidos en la presentación, la intención principal de la platica es que sirva como guía para el futuro análisis de este tipo de dispositivos.\n\n\n","media":[],"title":"Case Study: Hacking Smart Lock For Fun and Profit","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:30:00Z","end_timestamp":{"seconds":1723311000,"nanoseconds":0},"android_description":"Caso de estudio sobre como se realizo el pentest de una Chapa inteligente que se pretendía utilizar en la Fascia de cajeros automáticos, al final, se logro encontrar una vulnerabilidad que ponía en riesgo la apertura de cualquier chapa perteneciente a la empresa fabricante, ya que las llaves AES que utiliza se podía extraer por medio de una vulnerabilidad IDOR. Con la información obtenida de llaves, y con información de logs de su app móvil permiten entender como se implementaba el algoritmo de encripcion. Finalmente se creo un BOT en telegram el cual resolviera los challenges que solicitaba la chapa para poder realizar la apertura. La Metodologia utilizada para el análisis no es nueva, se baso en el trabajo de presentaciones DEFCON anteriores, por lo que referencias a esos trabajo estaran incluidos en la presentación, la intención principal de la platica es que sirva como guía para el futuro análisis de este tipo de dispositivos.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55967],"conference_id":133,"event_ids":[56583],"name":"Cesar Ortega Ortega","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Total Cyber-Sec - Cyber Security Consultant"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/cesar-ortega-298243173/"},{"description":"","title":"Twitter (@blackv0x45)","sort_order":0,"url":"https://x.com/blackv0x45"},{"description":"","title":"Website","sort_order":0,"url":"https://www.buymeacoffee.com/blackv0x45"}],"media":[],"id":56303,"title":"Total Cyber-Sec - Cyber Security Consultant"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-10T17:30:00.000-0000","id":56583,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56303}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is when you can go visit our awesome vendors. \r\n\r\nWe don't know which they will be accepting cash vs cards. That's up to each organization, and we do not have a list.\r\n\r\nWe also don't know if/when vendors will sell out of anything they may be selling.\n\n\n","media":[],"title":"Vendors and Exhibitors Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"This is when you can go visit our awesome vendors. \r\n\r\nWe don't know which they will be accepting cash vs cards. That's up to each organization, and we do not have a list.\r\n\r\nWe also don't know if/when vendors will sell out of anything they may be selling.","updated_timestamp":{"seconds":1722692937,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T13:48:57Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56571,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T13:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this interactive exercise, you'll learn how to talk to chips on a board via SPI, extract a firmware image, and analyze it to find vulnerabilities. Take your hardware hacking skills to the next level\n\n\n","media":[],"title":"Firmware Extraction and Analysis","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"In this interactive exercise, you'll learn how to talk to chips on a board via SPI, extract a firmware image, and analyze it to find vulnerabilities. Take your hardware hacking skills to the next level","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56551,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"With Google Cast Miracast or AirPlay smart TVs now have plenty of ways to get your favorite content on screen. But while the latest show is playing there is a complex system running underneath that is ripe for hacking. Bitdefender invites you to solve a few challenges that will get you diving into the inner workings of a smart TV.\n\n\n","media":[],"title":"Hack My TV","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"With Google Cast Miracast or AirPlay smart TVs now have plenty of ways to get your favorite content on screen. But while the latest show is playing there is a complex system running underneath that is ripe for hacking. Bitdefender invites you to solve a few challenges that will get you diving into the inner workings of a smart TV.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56549,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Rapid7 is back with more hands-on hardware hacking exercises. This year we will be guiding attendees through several exercises gaining root access for control and extraction of firmware and file system data. From TFTP kernel images over the network to single user mode access via modification of U-Boot. These exercises will guide you through the process of importing a kernel image over the network and executing it in memory for root access, along with understanding embedded device flash memory layout and how to transfer firmware images over the network for offline testing.  Also, we will walk through placing the IoT device in single user mode for root access and then rebuild the structure and needed drivers to bring the IoT embedded system out of single user mode for full access.\n\n\n","media":[],"title":"Hands-On Hardware Hacking – From Console to Root, Manipulating and Controlling a Protected System","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Rapid7 is back with more hands-on hardware hacking exercises. This year we will be guiding attendees through several exercises gaining root access for control and extraction of firmware and file system data. From TFTP kernel images over the network to single user mode access via modification of U-Boot. These exercises will guide you through the process of importing a kernel image over the network and executing it in memory for root access, along with understanding embedded device flash memory layout and how to transfer firmware images over the network for offline testing.  Also, we will walk through placing the IoT device in single user mode for root access and then rebuild the structure and needed drivers to bring the IoT embedded system out of single user mode for full access.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56547,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"How to get started, two steps\n\n Download the GE Appliances SmartHQ App “SmartHQ” available on the Google Play and iOS Stores to your mobile phone\n Create your GE Appliances Account to commission the appliance, connecting the appliance to your account. The app will walk you through this step.\n\nRouter Name SSID: HackAway\nRouter Name Password: With GEA\n\nIn-Scope: Only communications between the appliance, GE Appliances SmartHQ App, and the cloud connection for the appliance\n\nPlease leave your contact information and we will be in touch! Or you may visit our security webpage by typing “GEAppliances.com/security” into your Internet browser. We have a call center and PSIRT team ready to hear your questions!\n\n\n","media":[],"title":"Hardware Hacking GE Appliances","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"How to get started, two steps\n\n Download the GE Appliances SmartHQ App “SmartHQ” available on the Google Play and iOS Stores to your mobile phone\n Create your GE Appliances Account to commission the appliance, connecting the appliance to your account. The app will walk you through this step.\n\nRouter Name SSID: HackAway\nRouter Name Password: With GEA\n\nIn-Scope: Only communications between the appliance, GE Appliances SmartHQ App, and the cloud connection for the appliance\n\nPlease leave your contact information and we will be in touch! Or you may visit our security webpage by typing “GEAppliances.com/security” into your Internet browser. We have a call center and PSIRT team ready to hear your questions!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56545,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn the trade secrets of elite embedded security researchers and exploit developers. This hands-on workshop equips you with the QEMU and GDB skills needed to emulate and debug embedded system processes.\n\nFriday, August 9th / Saturday, August 10th\n\n 10:00 am - QEMU Primer\n 11:00 am - QEMU Emulation\n 2:00 pm - Debugging with QEMU and GDB\n 3:00 pm - Q&A for Workshops\n\n\n","media":[],"title":"Inside the Toolkit of Elite Embedded Security Experts - Hands-On Workshop: QEMU & GDB for Embedded Systems Analysis","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Learn the trade secrets of elite embedded security researchers and exploit developers. This hands-on workshop equips you with the QEMU and GDB skills needed to emulate and debug embedded system processes.\n\nFriday, August 9th / Saturday, August 10th\n\n 10:00 am - QEMU Primer\n 11:00 am - QEMU Emulation\n 2:00 pm - Debugging with QEMU and GDB\n 3:00 pm - Q&A for Workshops","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56543,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join Finite State live on the Tech Done Different Podcast live at 2:30 on the 9th with host Ted Harrington. Finite State and ISE will be discussing all things DEF CON 32 and the state of IoT security. This will be a live recording!\n\n\n","media":[],"title":"IoT Security at DEF CON 32","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Join Finite State live on the Tech Done Different Podcast live at 2:30 on the 9th with host Ted Harrington. Finite State and ISE will be discussing all things DEF CON 32 and the state of IoT security. This will be a live recording!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56541,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The IoT Village Hacking Playground is a set of hands-on labs developed to teach the tools and techniques for discovering and exploiting some of the common weaknesses found in IoT devices in just a few minutes. Work at your own pace following our IoT Hacking guides and if you get stuck, our instructors are on hand to provide assistance and answer any questions.\n\n\n","media":[],"title":"IoT Village Hacking Playground","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The IoT Village Hacking Playground is a set of hands-on labs developed to teach the tools and techniques for discovering and exploiting some of the common weaknesses found in IoT devices in just a few minutes. Work at your own pace following our IoT Hacking guides and if you get stuck, our instructors are on hand to provide assistance and answer any questions.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56539,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Defeat the Keysight CTF challenge for a chance to win a Riscuberry IoT hacking training kit with Riscure Academy online training. See one of the Keysight staff for details. LIGHT THE BEACONS and show us the flag!\n\n\n","media":[],"title":"Keysight CTF Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Defeat the Keysight CTF challenge for a chance to win a Riscuberry IoT hacking training kit with Riscure Academy online training. See one of the Keysight staff for details. LIGHT THE BEACONS and show us the flag!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56537,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join Drew Green, John Rodriguez, and Ken Pyle for a deep dive into identifying vulnerabilities in network devices. Explore and exploit weaknesses in a wireless mesh network and learn how advanced threats view your infrastructure.\n\n\n","media":[],"title":"Living off the Land inside your WiFi : Exploring and Exploiting Access Points and Routers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Join Drew Green, John Rodriguez, and Ken Pyle for a deep dive into identifying vulnerabilities in network devices. Explore and exploit weaknesses in a wireless mesh network and learn how advanced threats view your infrastructure.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[{"content_ids":[55300,55927],"conference_id":133,"event_ids":[56518,56535,55690,56536],"name":"John Rodriguez","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55853},{"content_ids":[55927],"conference_id":133,"event_ids":[56518,56535,56536],"name":"Drew Green","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56288},{"content_ids":[55927],"conference_id":133,"event_ids":[56518,56535,56536],"name":"Ken Pyle","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56289}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56535,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56288},{"tag_id":46167,"sort_order":4,"person_id":55853},{"tag_id":46167,"sort_order":6,"person_id":56289}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Intuit R3DC0N's Phisherman's Wharf will lead beginners looking to learn how phishing campaigns are managed. This short introductory lab will give you hands on experience creating a phish test campaign from a cached email and web site using GoPhish, leverage email lists, and observe the responses when the victims interact with the phish emails in MailHog.\n\nAccompanied by our expert guide, witness live hacking demonstrations showcasing the alarming simplicity behind breaching and controlling banned xIoT devices. Embrace the excitement. Join us at the Lab and let the hacking games begin!\n\n\n","media":[],"title":"Phisherman's Wharf - Phishing for Beginners","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Intuit R3DC0N's Phisherman's Wharf will lead beginners looking to learn how phishing campaigns are managed. This short introductory lab will give you hands on experience creating a phish test campaign from a cached email and web site using GoPhish, leverage email lists, and observe the responses when the victims interact with the phish emails in MailHog.\n\nAccompanied by our expert guide, witness live hacking demonstrations showcasing the alarming simplicity behind breaching and controlling banned xIoT devices. Embrace the excitement. Join us at the Lab and let the hacking games begin!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56533,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hack a (not-so) smart safe and win prizes from TCM Security! Attendees will be guided through a hands-on lab that demonstrates common tools and techniques to unpack and analyze firmware, hunt for files of interest, and reverse engineer binaries and libraries. In addition, you will learn how to trace functionality in IoT devices to their underlying binaries and libraries and further reverse engineer these to hunt for common vulnerabilities. By using these techniques, you will be able to find the vulnerable section of code in the smart safe and craft an exploit that will allow you to access the safe and win the loot inside.\n\n\n","media":[],"title":"Safe Hacking","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Hack a (not-so) smart safe and win prizes from TCM Security! Attendees will be guided through a hands-on lab that demonstrates common tools and techniques to unpack and analyze firmware, hunt for files of interest, and reverse engineer binaries and libraries. In addition, you will learn how to trace functionality in IoT devices to their underlying binaries and libraries and further reverse engineer these to hunt for common vulnerabilities. By using these techniques, you will be able to find the vulnerable section of code in the smart safe and craft an exploit that will allow you to access the safe and win the loot inside.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56531,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Do you have questions about what DEF CON Groups are? Do you need help finding a group near you? Feel free to come ask. Or, just come up and hang out.\n\n\n","media":[],"title":"DEF CON Groups - Open for questions and hanging out","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Do you have questions about what DEF CON Groups are? Do you need help finding a group near you? Feel free to come ask. Or, just come up and hang out.","updated_timestamp":{"seconds":1722636477,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T22:07:57Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56506,"tag_ids":[46399,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W236","hotel":"","short_name":"W236","id":46293},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T22:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join the Recon Village GEOSINT Challenge, where your geospatial intelligence skills will be put to the ultimate test. Navigate through complex scenarios, uncover hidden clues, and outsmart your competition. Sharpen your analytical prowess and prove your mastery in this thrilling contest of wits and strategy.\n\n\n","media":[],"title":"Recon Village GE(O)SINT Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"Join the Recon Village GEOSINT Challenge, where your geospatial intelligence skills will be put to the ultimate test. Navigate through complex scenarios, uncover hidden clues, and outsmart your competition. Sharpen your analytical prowess and prove your mastery in this thrilling contest of wits and strategy.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":56504,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This workshop aims to describe how to use Maltego CE with the common available transform sets. Additionally we will teach you how to extend the tool by integrating external datasources and OSINT tools thanks to the open-source maltego-trx library.\n\nOutline:\n- Overview\n- Datasources\n- Investigation basics\n- Creating your own entities\n- Building your own transforms\n- Demo\n- Lab:\n- Connecting an OSINT tool (holehe, whatsmyname…) \n- Q&A\n\nPrerequisites\n- Maltego Community Edition (requires Maltego ID registration for activation)\n- Python + pip\n- Maltego-trx library\n- Optional: your favourite IDE (VSCode, Pycharm…)\n\n\n","media":[],"title":"Maltego Community Workshop","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"This workshop aims to describe how to use Maltego CE with the common available transform sets. Additionally we will teach you how to extend the tool by integrating external datasources and OSINT tools thanks to the open-source maltego-trx library.\n\nOutline:\n- Overview\n- Datasources\n- Investigation basics\n- Creating your own entities\n- Building your own transforms\n- Demo\n- Lab:\n- Connecting an OSINT tool (holehe, whatsmyname…) \n- Q&A\n\nPrerequisites\n- Maltego Community Edition (requires Maltego ID registration for activation)\n- Python + pip\n- Maltego-trx library\n- Optional: your favourite IDE (VSCode, Pycharm…)","updated_timestamp":{"seconds":1722633249,"nanoseconds":0},"speakers":[{"content_ids":[55910],"conference_id":133,"event_ids":[56497],"name":"Carlos Fragoso","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56269}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T21:14:09Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":56497,"tag_ids":[46391,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56269}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is an AMA/Podcast that will be recorded on-site.\n\n\n","media":[],"title":"Interview - CATO Networks, Hosted by Dhruv Shah","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"This is an AMA/Podcast that will be recorded on-site.","updated_timestamp":{"seconds":1722633249,"nanoseconds":0},"speakers":[{"content_ids":[55909],"conference_id":133,"event_ids":[56496],"name":"CATO Networks","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56275},{"content_ids":[55909],"conference_id":133,"event_ids":[56496],"name":"Dhruv Shah","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56276}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T21:14:09Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":56496,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56275},{"tag_id":46167,"sort_order":4,"person_id":56276}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us at the AI Village for interactive demonstrations at the intersection of AI and security. Attempt to hijack and manipulate autonomous robots using large language models and generative AI. Fool your friends by creating deep fakes with a state-of-the-art setup from Bishop Fox, complete with DSLR camera, green screen, and props. Finally, put your social engineering awareness to the test with DARPA’s deep fake analysis system, designed to identify and attribute manipulated and synthetic media. Don’t miss this opportunity to engage with adversarial AI technologies and learn about their implications on the future, at DEF CON 32!\n\n\n","media":[],"title":"AI Village Demos","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Join us at the AI Village for interactive demonstrations at the intersection of AI and security. Attempt to hijack and manipulate autonomous robots using large language models and generative AI. Fool your friends by creating deep fakes with a state-of-the-art setup from Bishop Fox, complete with DSLR camera, green screen, and props. Finally, put your social engineering awareness to the test with DARPA’s deep fake analysis system, designed to identify and attribute manipulated and synthetic media. Don’t miss this opportunity to engage with adversarial AI technologies and learn about their implications on the future, at DEF CON 32!","updated_timestamp":{"seconds":1722626313,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T19:18:33Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56475,"tag_ids":[46368,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T19:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As artificial intelligence and machine learning increasingly become the backbone of our cybersecurity infrastructure, we face a new set of ethical challenges that go beyond traditional security concerns. This keynote dives into the critical issues of fairness, transparency, and accountability in AI-driven security systems. We’ll explore the relevance of AI ethics to safety and security testing, especially red teaming efforts. Finally, we’ll discuss the importance of ethical AI development in cybersecurity, emphasizing the need for diverse development teams, rigorous testing for biases, and ongoing audits of AI systems in production. This keynote aims to spark a crucial conversation in the hacker community about our responsibility to ensure that as we push the boundaries of AI in security, we don’t lose sight of the human values and ethical principles that should guide our work.\n\n\n","media":[],"title":"Keynote - AI-Powered Cybersecurity: The Importance of Red Teamers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"As artificial intelligence and machine learning increasingly become the backbone of our cybersecurity infrastructure, we face a new set of ethical challenges that go beyond traditional security concerns. This keynote dives into the critical issues of fairness, transparency, and accountability in AI-driven security systems. We’ll explore the relevance of AI ethics to safety and security testing, especially red teaming efforts. Finally, we’ll discuss the importance of ethical AI development in cybersecurity, emphasizing the need for diverse development teams, rigorous testing for biases, and ongoing audits of AI systems in production. This keynote aims to spark a crucial conversation in the hacker community about our responsibility to ensure that as we push the boundaries of AI in security, we don’t lose sight of the human values and ethical principles that should guide our work.","updated_timestamp":{"seconds":1722625241,"nanoseconds":0},"speakers":[{"content_ids":[55881],"conference_id":133,"event_ids":[56466],"name":"Nikki Pope","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NVIDIA","title":""}],"links":[],"pronouns":null,"media":[],"id":56246,"title":"NVIDIA"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T19:00:41Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":56466,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56246}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T19:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Quantum Key Distribution (QKD) has been heralded as the future of secure communications, but what does it really offer, and how does it work? This talk is a deep dive into the physics that underpins QKD, tailored for the technically curious and sceptical minds at DefCon. We’ll explore the foundational principles of quantum mechanics that make QKD possible, with a focus on the BB84 protocol and Continuous Variable QKD (CV-QKD). Additionally, we’ll compare these quantum methods with classical key exchange techniques, discussing their strengths and limitations in real-world applications—without the hype. Whether you’re a seasoned cryptographer or new to the field, this session will provide a practical and clear-eyed understanding of quantum key exchange.\n\n\n","media":[],"title":"Intro to QKD: Quantum Key Exchange: Beyond the Hype","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"Quantum Key Distribution (QKD) has been heralded as the future of secure communications, but what does it really offer, and how does it work? This talk is a deep dive into the physics that underpins QKD, tailored for the technically curious and sceptical minds at DefCon. We’ll explore the foundational principles of quantum mechanics that make QKD possible, with a focus on the BB84 protocol and Continuous Variable QKD (CV-QKD). Additionally, we’ll compare these quantum methods with classical key exchange techniques, discussing their strengths and limitations in real-world applications—without the hype. Whether you’re a seasoned cryptographer or new to the field, this session will provide a practical and clear-eyed understanding of quantum key exchange.","updated_timestamp":{"seconds":1723307201,"nanoseconds":0},"speakers":[{"content_ids":[55849],"conference_id":133,"event_ids":[56436],"name":"Ben Varcoe","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56214}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-10T16:26:41Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":56436,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56214}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-10T16:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Use spacestudio software to work through multiple challenges and scenarios. For instance:\r\n\r\nChallenge 1: Analysis of the performance of the next GEN of satellites to size the ground segment.\r\n\r\nChallenge 2: Assessment of propulsion system capabilities for initial orbit raising\r\n\r\nChallenges for spacetower flight dynamic software will also be available.\n\n\n","media":[],"title":"spacestudio and spacetower challenges","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Use spacestudio software to work through multiple challenges and scenarios. For instance:\r\n\r\nChallenge 1: Analysis of the performance of the next GEN of satellites to size the ground segment.\r\n\r\nChallenge 2: Assessment of propulsion system capabilities for initial orbit raising\r\n\r\nChallenges for spacetower flight dynamic software will also be available.","updated_timestamp":{"seconds":1722626556,"nanoseconds":0},"speakers":[{"content_ids":[55830],"conference_id":133,"event_ids":[56380,56408,56426],"name":"Exotrail","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56205},{"content_ids":[55824,55825,55830],"conference_id":133,"event_ids":[56374,56375,56380,56402,56403,56408,56420,56421,56426],"name":"Hack-A-Sat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56207}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T19:22:36Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56408,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56205},{"tag_id":46484,"sort_order":4,"person_id":56207}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T19:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Launch into the thrilling world of cybersecurity, specifically designed for space systems! Learn the fundamentals to safeguard ground stations, communication links, and spacecrafts.\n \nEngage in an immersive and fun CTF scenario. Apply your cybersecurity skills in real-time and see the direct impact of your decisions on our Space Systems Demonstrator. In this high-stakes scenario, you'll align with the Aurora Alliance in their critical mission to thwart Count Viktor Thunderclaw and the notorious Nebula Syndicate. The Syndicate threatens to destroy historic monuments around the world with their Space Laser unless their demands are met. Do you have what it takes to dismantle their malevolent plans?\n \nOur beginner-level CTF kicks off as soon as the village opens—no pre-registration necessary. Just bring your laptop to access the CTF platform and your favorite packet decoding software (i.e. Wireshark). Expect the CTF to take you less than 1 hour to complete. Team collaboration is encouraged, and if you encounter obstacles, numerous hints are available to guide you. Excel in the challenge, and you could walk away with a CT Cubed SAO, an exclusive prize while supplies last.\n\n\n","media":[],"title":"Space Systems Security CTF – Platform Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Launch into the thrilling world of cybersecurity, specifically designed for space systems! Learn the fundamentals to safeguard ground stations, communication links, and spacecrafts.\n \nEngage in an immersive and fun CTF scenario. Apply your cybersecurity skills in real-time and see the direct impact of your decisions on our Space Systems Demonstrator. In this high-stakes scenario, you'll align with the Aurora Alliance in their critical mission to thwart Count Viktor Thunderclaw and the notorious Nebula Syndicate. The Syndicate threatens to destroy historic monuments around the world with their Space Laser unless their demands are met. Do you have what it takes to dismantle their malevolent plans?\n \nOur beginner-level CTF kicks off as soon as the village opens—no pre-registration necessary. Just bring your laptop to access the CTF platform and your favorite packet decoding software (i.e. Wireshark). Expect the CTF to take you less than 1 hour to complete. Team collaboration is encouraged, and if you encounter obstacles, numerous hints are available to guide you. Excel in the challenge, and you could walk away with a CT Cubed SAO, an exclusive prize while supplies last.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55829],"conference_id":133,"event_ids":[56379,56407,56425],"name":"CT Cubed","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56204}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56407,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56204}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Space Grand Challenge (SGC) Program is a free virtual game-based cybersecurity/space competition CTF for middle and high school students built by Cal Poly students—Learn by Doing in action. The game is built on the UNITY gaming engine.\n\n\n","media":[],"title":"Space Grand Challenge Luna","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The Space Grand Challenge (SGC) Program is a free virtual game-based cybersecurity/space competition CTF for middle and high school students built by Cal Poly students—Learn by Doing in action. The game is built on the UNITY gaming engine.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55827,55828],"conference_id":133,"event_ids":[56377,56378,56405,56406,56423,56424],"name":"CalPoly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56203}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56406,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56203}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come take a picture with a CubeSat. And while you're there, learn a few things about it.\n\n\n","media":[],"title":"Selfie with a CubeSat","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Come take a picture with a CubeSat. And while you're there, learn a few things about it.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55827,55828],"conference_id":133,"event_ids":[56377,56378,56405,56406,56423,56424],"name":"CalPoly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56203}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56405,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56203}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Role play what would happen (or not happen) should a plane be maliciously targeted, or (like most) try and land a A320.\n\n\n","media":[],"title":"PTP Flight Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Role play what would happen (or not happen) should a plane be maliciously targeted, or (like most) try and land a A320.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55826],"conference_id":133,"event_ids":[56376,56404,56422],"name":"Pen Test Partners","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56188}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56404,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56188}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Enjoy some space math nostalgia with challenges from the past four years of Hack-A-Sat quals! Challenges require skills in astrodynamics, satellite operations, digital signal processing, reverse engineering, exploitation, and more! If you missed the last Hack-A-Sat qualifiers or just want to try again, now is your chance!\n\n10 challenges are available with a mix of difficulty. These will be available throughout all of DEF CON so work on them anywhere (even your hotel room). No team required and no scoreboard...so no pressure!\n\nChallenge developers will be available for hints/clues on the conference floor but may not be able to help with every challenge.\n\n\n","media":[],"title":"Hack-A-Sat Quals Challenges","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Enjoy some space math nostalgia with challenges from the past four years of Hack-A-Sat quals! Challenges require skills in astrodynamics, satellite operations, digital signal processing, reverse engineering, exploitation, and more! If you missed the last Hack-A-Sat qualifiers or just want to try again, now is your chance!\n\n10 challenges are available with a mix of difficulty. These will be available throughout all of DEF CON so work on them anywhere (even your hotel room). No team required and no scoreboard...so no pressure!\n\nChallenge developers will be available for hints/clues on the conference floor but may not be able to help with every challenge.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55824,55825,55830],"conference_id":133,"event_ids":[56374,56375,56380,56402,56403,56408,56420,56421,56426],"name":"Hack-A-Sat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56207},{"content_ids":[55824,55825],"conference_id":133,"event_ids":[56374,56375,56402,56403,56420,56421],"name":"Cromulence","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56213}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56403,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56207},{"tag_id":46484,"sort_order":4,"person_id":56213}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to know what happened to the Hack-A-Sat digital twins? We're bringing back our satellites and ground stations so you can see what it was like to be a team operating during finals!\n\nEstablish uplink using a ground station. Send commands to the satellite, observe effects and telemetry. 3D Cesium visualization of satellite in orbit and ground station locations. Grafana dashboards for sim data, etc. OpenC3 satellite operator interface for C2\n\n\n","media":[],"title":"Hack-A-Sat Digital Twin","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Want to know what happened to the Hack-A-Sat digital twins? We're bringing back our satellites and ground stations so you can see what it was like to be a team operating during finals!\n\nEstablish uplink using a ground station. Send commands to the satellite, observe effects and telemetry. 3D Cesium visualization of satellite in orbit and ground station locations. Grafana dashboards for sim data, etc. OpenC3 satellite operator interface for C2","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55824,55825,55830],"conference_id":133,"event_ids":[56374,56375,56380,56402,56403,56408,56420,56421,56426],"name":"Hack-A-Sat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56207},{"content_ids":[55824,55825],"conference_id":133,"event_ids":[56374,56375,56402,56403,56420,56421],"name":"Cromulence","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56213}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56402,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56207},{"tag_id":46484,"sort_order":4,"person_id":56213}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Dive into our interactive choose-your-own-adventure web interface and learn how to hack a drone in a fun, storyboard-based game. This graphical user interface simulates the process we use when hacking drones for the Air Force, allowing participants to make decisions and see the outcomes. It's a beginner-friendly activity that anyone can enjoy, offering insight into the steps involved in drone penetration testing.\n\n\n","media":[],"title":"Drone Hacking Choose Your Own Adventure","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Dive into our interactive choose-your-own-adventure web interface and learn how to hack a drone in a fun, storyboard-based game. This graphical user interface simulates the process we use when hacking drones for the Air Force, allowing participants to make decisions and see the outcomes. It's a beginner-friendly activity that anyone can enjoy, offering insight into the steps involved in drone penetration testing.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56401,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join our Drone Hacking Activity and get hands-on experience with hacking into drone microcontrollers. This three-step in-depth activity is designed to teach you about the vulnerabilities and security of autonomous systems. Using sample drones, participants will learn techniques used in government pen tests. This workshop is suitable for all skill levels, from beginners to advanced hackers. Come and test your skills in a real-world scenario and understand the intricacies of drone security.\n\n\n","media":[],"title":"Drone Hacking Activity","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Join our Drone Hacking Activity and get hands-on experience with hacking into drone microcontrollers. This three-step in-depth activity is designed to teach you about the vulnerabilities and security of autonomous systems. Using sample drones, participants will learn techniques used in government pen tests. This workshop is suitable for all skill levels, from beginners to advanced hackers. Come and test your skills in a real-world scenario and understand the intricacies of drone security.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56400,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Experience the thrill of flying a drone in our custom-built cage right on the showroom floor. This activity is designed for everyone to enjoy, from kids to adults. Fly mini drones around the cage and see how well you can control these agile little machines. It's a fun, interactive way to learn the basics of drone piloting in a safe environment.\n\n\n","media":[],"title":"Drone Flying Experience","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Experience the thrill of flying a drone in our custom-built cage right on the showroom floor. This activity is designed for everyone to enjoy, from kids to adults. Fly mini drones around the cage and see how well you can control these agile little machines. It's a fun, interactive way to learn the basics of drone piloting in a safe environment.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56399,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Put your drone hacking skills to the test in our Drone CTF. This advanced challenge requires participants to take over a drone mid-flight and develop a payload to hack a DJI drone. This CTF is perfect for those who have some experience in drone hacking or have participated in our Drone Hacking Workshop. It's a great opportunity to showcase your technical prowess and win some cool prizes.\n\n\n","media":[],"title":"Drone Capture the Flag (CTF)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Put your drone hacking skills to the test in our Drone CTF. This advanced challenge requires participants to take over a drone mid-flight and develop a payload to hack a DJI drone. This CTF is perfect for those who have some experience in drone hacking or have participated in our Drone Hacking Workshop. It's a great opportunity to showcase your technical prowess and win some cool prizes.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56398,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Can you spot suspicious items in packages? Try out your skills.\n\n\n","media":[],"title":"Detect a Threat","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Can you spot suspicious items in packages? Try out your skills.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55819],"conference_id":133,"event_ids":[56369,56397,56415],"name":"TSA","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56212}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56397,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56212}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"You are a new to the Airport IT staff at the IG International Airport Network Operations Center, working your first holiday travel weekend. It has been a busy day managing the network with the control tower reporting several small glitches.\n\nNo alerts have been raised in the network, and the glitches appeared to have been easily handled. While taking your last break of the day, you decide to take a short walk around the concourse to watch the sun set. Suddenly, your cell phone rings and the voice on the other end is a panicked Control Tower Operator. A short time earlier, the tower had observed the runway lights turn off, come back on, and are now randomly blinking. They also mentioned the Operator HMI (Human Machine Interface) controlling the Runway Lighting system is non-responsive and they are locked out of the Maintenance HMI to reboot the system. Time is critical – without the lights, the planes circling the airport cannot land. With limited fuel stores, the planes are unable to divert to another airport. You sit down at your terminal to pull up the maintenance manual and troubleshoot the problem only to discover you are locked out of your account. You are suddenly relieved that management would not let you deploy security updates to the network because they feared service interruptions may occur. Once you regain access to the system and have all the reference material available, you bring up the control logic for the runway lighting system on one screen and the HMIs on another and quickly realize this is not a normal system failure. An unknown hacker or hacker group has ceased and taken control of the system. They have manipulated the PLC’s (Programmable Logic Controller) and impacted the HMIs. Time is of the essence to restore operation to the Runway Lighting control system before the planes run out of fuel.\n\n\n","media":[],"title":"Defend the Airport CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"You are a new to the Airport IT staff at the IG International Airport Network Operations Center, working your first holiday travel weekend. It has been a busy day managing the network with the control tower reporting several small glitches.\n\nNo alerts have been raised in the network, and the glitches appeared to have been easily handled. While taking your last break of the day, you decide to take a short walk around the concourse to watch the sun set. Suddenly, your cell phone rings and the voice on the other end is a panicked Control Tower Operator. A short time earlier, the tower had observed the runway lights turn off, come back on, and are now randomly blinking. They also mentioned the Operator HMI (Human Machine Interface) controlling the Runway Lighting system is non-responsive and they are locked out of the Maintenance HMI to reboot the system. Time is critical – without the lights, the planes circling the airport cannot land. With limited fuel stores, the planes are unable to divert to another airport. You sit down at your terminal to pull up the maintenance manual and troubleshoot the problem only to discover you are locked out of your account. You are suddenly relieved that management would not let you deploy security updates to the network because they feared service interruptions may occur. Once you regain access to the system and have all the reference material available, you bring up the control logic for the runway lighting system on one screen and the HMIs on another and quickly realize this is not a normal system failure. An unknown hacker or hacker group has ceased and taken control of the system. They have manipulated the PLC’s (Programmable Logic Controller) and impacted the HMIs. Time is of the essence to restore operation to the Runway Lighting control system before the planes run out of fuel.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55818],"conference_id":133,"event_ids":[56368,56396,56414],"name":"IntelliGenesis and IG Labs","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56190}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56396,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56190}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Collect the clues, solve the puzzles, show off your aerospace knowledge and technical skills to win a limited edition PCB badge.\n\n\n","media":[],"title":"Darkstar Badge Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Collect the clues, solve the puzzles, show off your aerospace knowledge and technical skills to win a limited edition PCB badge.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55817],"conference_id":133,"event_ids":[56367,56395,56413],"name":"Lockheed Martin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56189}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56395,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56189}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The AMSAT Ground Control and CubeSat simulator emulates how satellite communications are used. Ground control communicates via UHF to the cubesat.\n\n\n","media":[],"title":"CubeSat Simulator","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The AMSAT Ground Control and CubeSat simulator emulates how satellite communications are used. Ground control communicates via UHF to the cubesat.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55816],"conference_id":133,"event_ids":[56366,56394,56412],"name":"AMSAT","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56200}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56394,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56200}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Bricks in the Air is a hands-on demo to teach the basics of low level protocols seen in aviation. The demo uses the I2C protocol and does not reveal actual security vulnerabilities in avionics or other systems in aviation.\n\n\n","media":[],"title":"Bricks in the Air","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Bricks in the Air is a hands-on demo to teach the basics of low level protocols seen in aviation. The demo uses the I2C protocol and does not reveal actual security vulnerabilities in avionics or other systems in aviation.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56393,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"ARINC 664 is an extension to IP networking that adds deterministic QoS for Aircraft Systems over Ethernet. Sit down and learn about how the extensions to 802.3 is used on aircraft, how that flight critical data is transferred in a timely matter, and how to manipulate the data on these networks. This progressive difficulty CTF provides a fun and informative way of approaching ARINC 664 networking.\n\n\n","media":[],"title":"ARINC 664 CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"ARINC 664 is an extension to IP networking that adds deterministic QoS for Aircraft Systems over Ethernet. Sit down and learn about how the extensions to 802.3 is used on aircraft, how that flight critical data is transferred in a timely matter, and how to manipulate the data on these networks. This progressive difficulty CTF provides a fun and informative way of approaching ARINC 664 networking.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55814],"conference_id":133,"event_ids":[56364,56392,56410],"name":"Boeing","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56202}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56392,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56202}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A variety of aviation infrastructure has been compromised by hackers. Immerse yourself into challenges where you are tasked as an aviation cyber defense participant to identify attacks/attackers, stop attacks, and restore normal operations. As a participant your first step is to register ahead and read the rules at: https://aisac.cyberskyline.com/events/aisac-defcon and bring your own laptop to the venue. You can participate in the virtual challenges from Friday, but the more critical in-person challenges are only available at certain times during Village open hours!\n\n\n","media":[],"title":"A-ISAC Aviation Cybersecurity Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"A variety of aviation infrastructure has been compromised by hackers. Immerse yourself into challenges where you are tasked as an aviation cyber defense participant to identify attacks/attackers, stop attacks, and restore normal operations. As a participant your first step is to register ahead and read the rules at: https://aisac.cyberskyline.com/events/aisac-defcon and bring your own laptop to the venue. You can participate in the virtual challenges from Friday, but the more critical in-person challenges are only available at certain times during Village open hours!","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55813],"conference_id":133,"event_ids":[56363,56391,56409],"name":"A-ISAC and Embry-Riddle Aeronautical University - Prescott","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56201}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56391,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56201}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Jayson Street - Keynote","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:30:00Z","end_timestamp":{"seconds":1723311000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722445614,"nanoseconds":0},"speakers":[{"content_ids":[55686,54463],"conference_id":133,"event_ids":[56353,56209,54836],"name":"Jayson E. Street","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"HackerAdventures.world","sort_order":0,"url":"https://HackerAdventures.world"},{"description":"","title":"Twitter (@jaysonstreet)","sort_order":0,"url":"https://twitter.com/jaysonstreet"},{"description":"","title":"Website","sort_order":0,"url":"https://JaysonEStreet.com"}],"media":[],"id":54170}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:06:54Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-10T17:30:00.000-0000","id":56353,"tag_ids":[46399,46400,46426,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54170}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W236","hotel":"","short_name":"W236","id":46293},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-31T17:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Small scale LAN party - Use one of our Windows 98 laptops or BYOB and hook it up! Seating will likely be limited depending on interest.\n\n\n","media":[],"title":"Small scale LAN party","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Small scale LAN party - Use one of our Windows 98 laptops or BYOB and hook it up! Seating will likely be limited depending on interest.","updated_timestamp":{"seconds":1722563871,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T01:57:51Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56338,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T01:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Although not scheduled we intend to have people in and out who can do repairs/soldering on older equipment should anything need it. If you have trouble with your vintage tech during con, we will do our best to help!\n\n\n","media":[],"title":"Retro Repair","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Although not scheduled we intend to have people in and out who can do repairs/soldering on older equipment should anything need it. If you have trouble with your vintage tech during con, we will do our best to help!","updated_timestamp":{"seconds":1722563919,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T01:58:39Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56337,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T01:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We will have several dumb terminals available for all sorts of things courtesy of SCAVHUNT!\n\n\n","media":[],"title":"Dumb Terminal fun","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"We will have several dumb terminals available for all sorts of things courtesy of SCAVHUNT!","updated_timestamp":{"seconds":1722563905,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T01:58:25Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56336,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T01:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Bring a retro artifact of your own for people to have fun with and demonstrate! (Note: Any artifact brought in for Show & Tell must also be taken back home with you, and although we will try our best to keep your artifact safe and operational, we suggest that you don't bring anything irreplaceable or that has sentimental value, as things could get destroyed or go missing.)\n\n\n","media":[],"title":"Show & Tell","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Bring a retro artifact of your own for people to have fun with and demonstrate! (Note: Any artifact brought in for Show & Tell must also be taken back home with you, and although we will try our best to keep your artifact safe and operational, we suggest that you don't bring anything irreplaceable or that has sentimental value, as things could get destroyed or go missing.)","updated_timestamp":{"seconds":1722563887,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T01:58:07Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56335,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T01:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The perfect introduction to network analysis, sniffing, and forensics. Do you want to understand the techniques people use to tap into a network, steal passwords and listen to conversations? Packet Inspector is the place to develop these skills! For well over a decade, the Wall of Sheep has shown people how important it is to use end-to-end encryption to keep sensitive information like passwords private. Using a license of the world famous Capture The Packet engine from Aries Security, we have created a unique way to teach hands-on skills in a controlled real-time environment.\n\n\n","media":[],"title":"Packet Inspector","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The perfect introduction to network analysis, sniffing, and forensics. Do you want to understand the techniques people use to tap into a network, steal passwords and listen to conversations? Packet Inspector is the place to develop these skills! For well over a decade, the Wall of Sheep has shown people how important it is to use end-to-end encryption to keep sensitive information like passwords private. Using a license of the world famous Capture The Packet engine from Aries Security, we have created a unique way to teach hands-on skills in a controlled real-time environment.","updated_timestamp":{"seconds":1722476832,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T01:47:12Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56314,"tag_ids":[46385,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T01:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Looking to upgrade your skills or see how you would fare in Capture The Packet? Come check out what Packet Detective has to offer! A step up in difficulty from Packet Inspector, Packet Detective will put your network hunting abilities to the test with real-world scenarios at the intermediate level. Take the next step in your journey towards network mastery in a friendly environment still focused on learning and take another step closer to preparing yourself for the competitive environment of Capture The Packet\n\n\n","media":[],"title":"Packet Detective","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Looking to upgrade your skills or see how you would fare in Capture The Packet? Come check out what Packet Detective has to offer! A step up in difficulty from Packet Inspector, Packet Detective will put your network hunting abilities to the test with real-world scenarios at the intermediate level. Take the next step in your journey towards network mastery in a friendly environment still focused on learning and take another step closer to preparing yourself for the competitive environment of Capture The Packet","updated_timestamp":{"seconds":1722476866,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T01:47:46Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56312,"tag_ids":[46385,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T01:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Knowing how to use the Linux command line is a critical skill for any good security practitioner. This trainer will have 10+ problems covering some of the most fundamental Linux commands. This trainer is for people new to field and for those who want to hone their Linux command line-fu.\n\n\n","media":[],"title":"Linux Trainer","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Knowing how to use the Linux command line is a critical skill for any good security practitioner. This trainer will have 10+ problems covering some of the most fundamental Linux commands. This trainer is for people new to field and for those who want to hone their Linux command line-fu.","updated_timestamp":{"seconds":1722476901,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T01:48:21Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56310,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Network-OS workshop will take you into the mysterious world which underpins modern computing and allows people to talk across the globe. This of course being the network itself. In this workshop you will familiarize yourself with the command line of network devices. Step by step, you will configure devices to talk to each other, share information about the computers connected to them, and relay their network information and traffic between each other. No experience needed, know how to type and copy/paste.\n\n\n","media":[],"title":"Network-OS: Be The Cloud","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The Network-OS workshop will take you into the mysterious world which underpins modern computing and allows people to talk across the globe. This of course being the network itself. In this workshop you will familiarize yourself with the command line of network devices. Step by step, you will configure devices to talk to each other, share information about the computers connected to them, and relay their network information and traffic between each other. No experience needed, know how to type and copy/paste.","updated_timestamp":{"seconds":1722476912,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T01:48:32Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56308,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Regular Expressions or RegEX are used everywhere! If you aspire to be a Pentester, Threat Hunter, Programmer, Network Engineer, DevOps or really anything in technology today, RegEx is a skill all the greats have and the majority of the industry are terrible at. Come learn or brush up on your RegEx skills in on our live trainer.\n\n\n","media":[],"title":"Regular Expressions (RegEx) Trainer","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Regular Expressions or RegEX are used everywhere! If you aspire to be a Pentester, Threat Hunter, Programmer, Network Engineer, DevOps or really anything in technology today, RegEx is a skill all the greats have and the majority of the industry are terrible at. Come learn or brush up on your RegEx skills in on our live trainer.","updated_timestamp":{"seconds":1722476922,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T01:48:42Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56306,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Use machine learning with Python to detect attacks in network packets including DNS tunneling, FTP brute force, and HTTP scanning. We will be using various Python tools such as iPython notebooks, scapy, and scikit-learn. Some Python experience is recommended, but if you don't know Python, come prepared to start with our Python tutorial!\n\n\n","media":[],"title":"Python + Packet Analysis + Machine Learning","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Use machine learning with Python to detect attacks in network packets including DNS tunneling, FTP brute force, and HTTP scanning. We will be using various Python tools such as iPython notebooks, scapy, and scikit-learn. Some Python experience is recommended, but if you don't know Python, come prepared to start with our Python tutorial!","updated_timestamp":{"seconds":1722476946,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T01:49:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56304,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T01:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Follow real world password attack steps against a mock target in order to better understand how to protect yourself and improve the security of your passwords!\n\n\n","media":[],"title":"Password lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Follow real world password attack steps against a mock target in order to better understand how to protect yourself and improve the security of your passwords!","updated_timestamp":{"seconds":1722540130,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T19:22:10Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56302,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T19:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"No description provided by creator\n\n\n","media":[],"title":"FleetDm","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"No description provided by creator","updated_timestamp":{"seconds":1722476980,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T01:49:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56300,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T01:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for an interactive workshop where we will walk you through the ins and outs of botnet deployment and operation via a command and control web server. Geared towards beginners, this workshop offers a hands-on approach to understanding how botnets function. You'll also learn an effective defense strategy against the botnet you have created. No experience needed we will give you everything you need!\n\n\n","media":[],"title":"Botnets","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Join us for an interactive workshop where we will walk you through the ins and outs of botnet deployment and operation via a command and control web server. Geared towards beginners, this workshop offers a hands-on approach to understanding how botnets function. You'll also learn an effective defense strategy against the botnet you have created. No experience needed we will give you everything you need!","updated_timestamp":{"seconds":1722476888,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T01:48:08Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56298,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"An introduction to Digital Forensics: Part1\n\n\nThis is Part 1 of the Blue Team Village developed 101 tutorial series. This tutorial, which will be delivered in two parts, covers Digital Forensics basics. If you have ever been interested in Digital Forensics this series is a great place to start learning. The tutorials will cover the basics, and helps answer many of the questions regarding Digital Forensics and it's use in modern day digital investigations.","media":[],"title":"Obsidian: Forensics 101 Part 1","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:30:00Z","end_timestamp":{"seconds":1723311000,"nanoseconds":0},"android_description":"An introduction to Digital Forensics: Part1\n\n\nThis is Part 1 of the Blue Team Village developed 101 tutorial series. This tutorial, which will be delivered in two parts, covers Digital Forensics basics. If you have ever been interested in Digital Forensics this series is a great place to start learning. The tutorials will cover the basics, and helps answer many of the questions regarding Digital Forensics and it's use in modern day digital investigations.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55753,55748],"conference_id":133,"event_ids":[56278,56272],"name":"Sarthak Taneja","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56145}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-10T17:30:00.000-0000","id":56278,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56145}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"-Introductions [5 minutes]\r\n-Cloud Threat Intelligence [5 minutes]\r\n-Threat Brief on Cloud Focused Adversaries: SCATTERED SPIDER\r\n-Cloud Security Assessments [5 minutes]\r\n\t-Introduction to Prowler\r\n-SadCloud Introduction [5 minutes]\r\n-Demo of Running Sadcloud [5 minutes]\r\n-Hands-On Exercise [40 minutes]\r\n\t-Participants given the option:\r\n -Create AWS Account\t\r\n\t\t-Use Access Keys \r\n\t -Participants setup AWS CLI\r\n\t-Participants run Sadcloud\r\n-Demo of Running Prowler [10 minutes]\r\n-Hands-On Exercise [30 minutes]\r\n\t-Participants run Prowler\r\n-Summary Review of Prowler output [10 minutes]\t\r\n-Debrief/Q&A [5 minutes]\r\n\r\nPlease download and install terraform and python requirements noted below for this training:\r\nSadcloud Requirements:\r\nTerraform version 0.12 or greater\r\nTerraform download: https://developer.hashicorp.com/terraform/install\r\n\r\nProwler Requirements:\r\nPython version 3.9, 3.10, or 3.11\r\nPython download: https://www.python.org/downloads/\n\n\nAttend this talk to get hands-on experience setting up an AWS environment, running cloud security tools to analyze its security, and mapping its security configuration against TTPs of a cloud conscious adversary. Cloud cyberattacks targeting enterprise environments have nearly tripled this past year, and cloud misconfigurations have become an open door to threat actors. Understanding cloud threat actors and how they are breaching cloud environments will help security professionals defend organizations with a cloud footprint. This workshop will showcase how to defend against the top cloud conscious adversaries and the most popular cyber attacks. During the workshop, participants will set up a demo AWS environment, identify security misconfigurations using Prowler, and map those findings to TTPs of a cloud conscious threat actor, SCATTERED SPIDER. Come to this workshop to gain practical skills that empower you to better secure your organization’s cloud environment against the modern adversary.","media":[],"title":"Securing the Cloud with Cloud Threat Intelligence and Open Source Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"-Introductions [5 minutes]\r\n-Cloud Threat Intelligence [5 minutes]\r\n-Threat Brief on Cloud Focused Adversaries: SCATTERED SPIDER\r\n-Cloud Security Assessments [5 minutes]\r\n\t-Introduction to Prowler\r\n-SadCloud Introduction [5 minutes]\r\n-Demo of Running Sadcloud [5 minutes]\r\n-Hands-On Exercise [40 minutes]\r\n\t-Participants given the option:\r\n -Create AWS Account\t\r\n\t\t-Use Access Keys \r\n\t -Participants setup AWS CLI\r\n\t-Participants run Sadcloud\r\n-Demo of Running Prowler [10 minutes]\r\n-Hands-On Exercise [30 minutes]\r\n\t-Participants run Prowler\r\n-Summary Review of Prowler output [10 minutes]\t\r\n-Debrief/Q&A [5 minutes]\r\n\r\nPlease download and install terraform and python requirements noted below for this training:\r\nSadcloud Requirements:\r\nTerraform version 0.12 or greater\r\nTerraform download: https://developer.hashicorp.com/terraform/install\r\n\r\nProwler Requirements:\r\nPython version 3.9, 3.10, or 3.11\r\nPython download: https://www.python.org/downloads/\n\n\nAttend this talk to get hands-on experience setting up an AWS environment, running cloud security tools to analyze its security, and mapping its security configuration against TTPs of a cloud conscious adversary. Cloud cyberattacks targeting enterprise environments have nearly tripled this past year, and cloud misconfigurations have become an open door to threat actors. Understanding cloud threat actors and how they are breaching cloud environments will help security professionals defend organizations with a cloud footprint. This workshop will showcase how to defend against the top cloud conscious adversaries and the most popular cyber attacks. During the workshop, participants will set up a demo AWS environment, identify security misconfigurations using Prowler, and map those findings to TTPs of a cloud conscious threat actor, SCATTERED SPIDER. Come to this workshop to gain practical skills that empower you to better secure your organization’s cloud environment against the modern adversary.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55749],"conference_id":133,"event_ids":[56274],"name":"Nivedita (Nivu) Jejurikar","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Mandiant","title":"Senior Consultant"}],"links":[],"pronouns":null,"media":[],"id":56155,"title":"Senior Consultant at Mandiant"},{"content_ids":[55749],"conference_id":133,"event_ids":[56274],"name":"Natalie Simpson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56173}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":56274,"tag_ids":[46373,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56173},{"tag_id":46167,"sort_order":1,"person_id":56155}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W309 (BTV Track 2 Workshops)","hotel":"","short_name":"W309 (BTV Track 2 Workshops)","id":46473},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Jayson Street - Keynote","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:30:00Z","end_timestamp":{"seconds":1723311000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722445614,"nanoseconds":0},"speakers":[{"content_ids":[55686,54463],"conference_id":133,"event_ids":[56353,56209,54836],"name":"Jayson E. Street","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"HackerAdventures.world","sort_order":0,"url":"https://HackerAdventures.world"},{"description":"","title":"Twitter (@jaysonstreet)","sort_order":0,"url":"https://twitter.com/jaysonstreet"},{"description":"","title":"Website","sort_order":0,"url":"https://JaysonEStreet.com"}],"media":[],"id":54170}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:06:54Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-10T17:30:00.000-0000","id":56209,"tag_ids":[46399,46400,46426,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54170}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-31T17:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"BadVR Data Exploration through VR visualization. See RF signals, cellular signals and step into the data with a hands-on VR experience\n\n\n","media":[],"title":"Signals Are Everywhere","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"BadVR Data Exploration through VR visualization. See RF signals, cellular signals and step into the data with a hands-on VR experience","updated_timestamp":{"seconds":1722369079,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T19:51:19Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56108,"tag_ids":[46397,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-06","hotel":"","short_name":"HW4-01-06","id":46354},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T19:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Idaho National Laboratory in collaboration with the Cybersecurity & Infrastructure Security Agency (CISA) will showcase the critical importance of safeguarding Industrial Control Systems (ICS) against cyber threats. Through a mixed reality game, the interactive VR experience illustrates the impacts of a cybersecurity attack on infrastructure, and highlights the intricate engineering processes that power our communities. By emphasizing the interdependencies within our Nation’s infrastructure, the VR challenges underscore the necessity of robust cybersecurity measures to ensure the reliability and security of essential services. Come restore power back to our city, virtually! (NOTE: this gamified interactive VR experience not technical in nature, and does not require cybersecurity or infrastructure knowledge to participate\n\n\n","media":[],"title":"ICS Village + XR Village Turn the lights on!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Idaho National Laboratory in collaboration with the Cybersecurity & Infrastructure Security Agency (CISA) will showcase the critical importance of safeguarding Industrial Control Systems (ICS) against cyber threats. Through a mixed reality game, the interactive VR experience illustrates the impacts of a cybersecurity attack on infrastructure, and highlights the intricate engineering processes that power our communities. By emphasizing the interdependencies within our Nation’s infrastructure, the VR challenges underscore the necessity of robust cybersecurity measures to ensure the reliability and security of essential services. Come restore power back to our city, virtually! (NOTE: this gamified interactive VR experience not technical in nature, and does not require cybersecurity or infrastructure knowledge to participate","updated_timestamp":{"seconds":1722917237,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-06T04:07:17Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56107,"tag_ids":[46397,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-06","hotel":"","short_name":"HW4-01-06","id":46354},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-06T04:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"# Open Events - All Days\r\n\r\n## AIxCC - Artificial Intelligence Cyber Challenge\r\n\r\nExperience a dynamic model city with illuminated buildings and projections that bring to life the Semifinals of the AI Cyber Challenge (AIxCC) - a two-year competition to safeguard the software critical to modern life. You'll experience the thrill of the game events and the critical stakes of cybersecurity in an immersive setting that also offers an inspiring educational journey.\r\n\r\n## Social Engineering Village - SE Youth Challenge\r\n\r\nThe Social Engineering Community needs your help and it’s not exactly a big deal, but without your help, the entire universe is going to implode. Fortunately, some creative beings designed a failsafe just for this specific purpose, the Def Con Social Engineering Youth Challenge at DEF CON 32!\r\n\r\n## Adversary Village - Table top adventure\r\n\r\nTabletop adversary adventure!\r\n\r\n## Biohacking Village - Learn about bio-technology and biohacking! \r\n\r\nHands on medical device hacking and village tour\r\n\r\n## Ham Radio Vilage - Find the Fox, Decode a SSTV broadcast, get your Ham Radio License!\r\n\r\nFox Hunt!: Try to find the fox radio transmitter. SSTV: Send an SSTV broadcast and see it decoded by someone else Ham Radio Exam: Get your ham radio license at DEF CON!\r\n\r\n## Crypto Privacy Village - Gold Bug Puzzle\r\n\r\nAn invitation to a house party at the home of the Mysterious Marquise. What does it mean that it’s for those with “an adventurous spirit and enjoyment of puzzles”? And how can the doorknocker reveal anything? Find out in the Junior Cryptographer’s Corner of the CPV Gold Bug Puzzle.\r\n\r\n## Data Duplication Village - Multiple: HDD Teardown, Decryption Challenge, Error detection and correction\r\n\r\n- **HDD Teardown**: Take apart and see how hard drives work.\r\n- **Decryption Challenge**: Learn how file encryption / decryption works and solve a challenge.\r\n- **Error Detection and Correction**: Use a simple binary code system, errors are introduced in the data string. Teaching basic parity checking or checksum algorithms to identify and correct the errors, demonstrating a fundamental data integrity concept.\r\n\r\n## Hardware Hacking Village - Open Soldering lessons\r\n\r\nThe folks at the Hardware Hacking Village can teach you soldering! Bring your soldering kits and learn this valuable hacker and life skill. \r\n\r\n# Friday, Saturday 13:00 - 16:00\r\n\r\n## Car Hacking Village Scavenger Hunt\r\n\r\nThe Car Hacking Village (CHV) put together a wonderland of fun for kids of all ages to explore. Stop by at our CHV Kids Booth during our hours of operation and dive into the rabbit hole of car hacking with our team. As you explore the CHV Village, you will not only learn about car hacking, but will also get to collect fun swag at every stop. Join us on this adventure through the car hacking wonderland and let your scavenger hunt begin.\n\n\n","media":[],"title":"Open Events for DCNextGen","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"# Open Events - All Days\r\n\r\n## AIxCC - Artificial Intelligence Cyber Challenge\r\n\r\nExperience a dynamic model city with illuminated buildings and projections that bring to life the Semifinals of the AI Cyber Challenge (AIxCC) - a two-year competition to safeguard the software critical to modern life. You'll experience the thrill of the game events and the critical stakes of cybersecurity in an immersive setting that also offers an inspiring educational journey.\r\n\r\n## Social Engineering Village - SE Youth Challenge\r\n\r\nThe Social Engineering Community needs your help and it’s not exactly a big deal, but without your help, the entire universe is going to implode. Fortunately, some creative beings designed a failsafe just for this specific purpose, the Def Con Social Engineering Youth Challenge at DEF CON 32!\r\n\r\n## Adversary Village - Table top adventure\r\n\r\nTabletop adversary adventure!\r\n\r\n## Biohacking Village - Learn about bio-technology and biohacking! \r\n\r\nHands on medical device hacking and village tour\r\n\r\n## Ham Radio Vilage - Find the Fox, Decode a SSTV broadcast, get your Ham Radio License!\r\n\r\nFox Hunt!: Try to find the fox radio transmitter. SSTV: Send an SSTV broadcast and see it decoded by someone else Ham Radio Exam: Get your ham radio license at DEF CON!\r\n\r\n## Crypto Privacy Village - Gold Bug Puzzle\r\n\r\nAn invitation to a house party at the home of the Mysterious Marquise. What does it mean that it’s for those with “an adventurous spirit and enjoyment of puzzles”? And how can the doorknocker reveal anything? Find out in the Junior Cryptographer’s Corner of the CPV Gold Bug Puzzle.\r\n\r\n## Data Duplication Village - Multiple: HDD Teardown, Decryption Challenge, Error detection and correction\r\n\r\n- **HDD Teardown**: Take apart and see how hard drives work.\r\n- **Decryption Challenge**: Learn how file encryption / decryption works and solve a challenge.\r\n- **Error Detection and Correction**: Use a simple binary code system, errors are introduced in the data string. Teaching basic parity checking or checksum algorithms to identify and correct the errors, demonstrating a fundamental data integrity concept.\r\n\r\n## Hardware Hacking Village - Open Soldering lessons\r\n\r\nThe folks at the Hardware Hacking Village can teach you soldering! Bring your soldering kits and learn this valuable hacker and life skill. \r\n\r\n# Friday, Saturday 13:00 - 16:00\r\n\r\n## Car Hacking Village Scavenger Hunt\r\n\r\nThe Car Hacking Village (CHV) put together a wonderland of fun for kids of all ages to explore. Stop by at our CHV Kids Booth during our hours of operation and dive into the rabbit hole of car hacking with our team. As you explore the CHV Village, you will not only learn about car hacking, but will also get to collect fun swag at every stop. Join us on this adventure through the car hacking wonderland and let your scavenger hunt begin.","updated_timestamp":{"seconds":1722363207,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T18:13:27Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56098,"tag_ids":[46362,46398,46427],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T18:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This year we have more challenges and more prizes!\n\n\n","media":[],"title":"Payment Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"This year we have more challenges and more prizes!","updated_timestamp":{"seconds":1723074146,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T23:42:26Z","links":[{"label":"More Info","type":"link","url":"https://www.paymentvillage.org/challenges"}],"end":"2024-08-10T23:30:00.000-0000","id":56093,"tag_ids":[46386,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-07T23:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This panel discussion will delve into the critical intersection of artificial intelligence and cybersecurity in the context of the rapidly evolving 5G network environment. By bringing together experts in AI, 5G network security, and AI-driven solutions\n\n\n","media":[],"title":"AI-Driven Cyber Resilience: Surviving the 5G Threat Landscape","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"This panel discussion will delve into the critical intersection of artificial intelligence and cybersecurity in the context of the rapidly evolving 5G network environment. By bringing together experts in AI, 5G network security, and AI-driven solutions","updated_timestamp":{"seconds":1722352030,"nanoseconds":0},"speakers":[{"content_ids":[54634,55759,55495,55348,56206,55557],"conference_id":133,"event_ids":[55740,56072,55924,56284,56860,55008],"name":"Ezz Tahoun","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ezzeldinadel/"}],"media":[],"id":54240},{"content_ids":[55557,55559,55562],"conference_id":133,"event_ids":[56072,56074,56077],"name":"Akib Sayyed","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Matrix Shell Technologies","title":"Founder and Director"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/akibsayyed/"},{"description":"","title":"Twitter (@akibsayyed)","sort_order":0,"url":"https://twitter.com/@akibsayyed"}],"media":[],"id":56031,"title":"Founder and Director at Matrix Shell Technologies"},{"content_ids":[55557],"conference_id":133,"event_ids":[56072],"name":"Niklas Lindroos","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Nokia Corporation","title":"Head of PSIRT and Advanced Security Testing lab"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/niklas-lindroos-02745/"}],"media":[],"id":56033,"title":"Head of PSIRT and Advanced Security Testing lab at Nokia Corporation"},{"content_ids":[55557],"conference_id":133,"event_ids":[56072],"name":"Shina Liu","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56034}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T15:07:10Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":56072,"tag_ids":[46395,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":56034},{"tag_id":46487,"sort_order":4,"person_id":56033},{"tag_id":46487,"sort_order":6,"person_id":54240},{"tag_id":46487,"sort_order":8,"person_id":56031}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W201","hotel":"","short_name":"W201","id":46281},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T15:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is a contest about bribery. Bribery is not only allowed, it is required as part of the contest, since it's the only way to move up the leaderboard. Judges will evaluate the value of any given bribe (for example, an unusual sticker, etc.), and award points accordingly. Boring bribes will be rejected (i.e. cash). Players can expect to learn how to make a persuasive argument, and the nature of value in an (often) pay-to-win world that we live in.\n\n\n","media":[{"hash_sha256":"d105c229ff2832a2a53e6bea90a820933908ef621ae9acf81589053a04e47e5d","filetype":"image/png","hash_md5":"6ecf3ddaa155976e729164a6f9138690","name":"ct_wallofbribesjpg.png","is_logo":"Y","hash_crc32c":"3ba9ff1a","filesize":102976,"asset_id":640,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_wallofbribesjpg.png"}],"title":"A Wall of Bribes","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"This is a contest about bribery. Bribery is not only allowed, it is required as part of the contest, since it's the only way to move up the leaderboard. Judges will evaluate the value of any given bribe (for example, an unusual sticker, etc.), and award points accordingly. Boring bribes will be rejected (i.e. cash). Players can expect to learn how to make a persuasive argument, and the nature of value in an (often) pay-to-win world that we live in.","updated_timestamp":{"seconds":1722311882,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:58:02Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249429"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249428"}],"end":"2024-08-10T23:00:00.000-0000","id":56068,"tag_ids":[46427,46439,46750],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-F","hotel":"","short_name":"HW4-02-02-F","id":46367},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Adversary Village proudly presents \"Adversary Wars CTF\", an official contest at DEF CON, where the participants will have to pose as adversaries and replicate adversarial actions against each element of a “target” organization. Adversary Wars would have real world simulation of CTF scenarios and challenges, where the participants can perform various attacks and learn new attack vectors, TTPs, techniques, etc. To visualize the CTF environment, the contest area will feature a miniature model of the city made using interlocking-plastic-bricks. The breached components OR organization buildings will be physically marked in the city model as the CTF progresses.\r\n\r\nWe are excited to be back at DEF CON as an official contest this year. Adversary Wars CTF will be located in the contest area for DEF CON 32.​\n\n\n","media":[{"hash_sha256":"07ddc9c91f6e59f3933f548603872f890309c05b353352836dc4896ef7fce215","filetype":"image/png","hash_md5":"cafd57b9dc99beb382a7e36477b02aad","name":"ct_adversary.png","is_logo":"Y","hash_crc32c":"b7d5aeab","filesize":104609,"asset_id":623,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_adversary.png"}],"title":"Adversary Wars CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Adversary Village proudly presents \"Adversary Wars CTF\", an official contest at DEF CON, where the participants will have to pose as adversaries and replicate adversarial actions against each element of a “target” organization. Adversary Wars would have real world simulation of CTF scenarios and challenges, where the participants can perform various attacks and learn new attack vectors, TTPs, techniques, etc. To visualize the CTF environment, the contest area will feature a miniature model of the city made using interlocking-plastic-bricks. The breached components OR organization buildings will be physically marked in the city model as the CTF progresses.\r\n\r\nWe are excited to be back at DEF CON as an official contest this year. Adversary Wars CTF will be located in the contest area for DEF CON 32.​","updated_timestamp":{"seconds":1722713515,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T19:31:55Z","links":[{"label":"Twitter (@AdversaryVillag)","type":"link","url":"https://twitter.com/AdversaryVillag"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249425"},{"label":"More Info","type":"link","url":"https://adversaryvillage.org/adversary-wars-ctf/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249426"}],"end":"2024-08-11T01:00:00.000-0000","id":56066,"tag_ids":[46367,46427,46439,46751],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-05","hotel":"","short_name":"HW4-03-05","id":46372},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T19:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The AutoDriving CTF contest focuses on the emerging security challenges in autonomous driving systems. Various levels of self-driving functionalities, such as AI-powered perception, sensor fusion and route planning, are entering the product portfolio of automobile companies. From the security perspective, these AI-powered components not only contain common security problems such as memory safety bugs, but also introduce new threats such as physical adversarial attacks and sensor manipulations. Two popular examples of physical adversarial attacks are camouflage stickers that interfere with vehicle detection systems, and road graffitis that disturb lane keeping systems. The AI-powered navigation and control relies on the fusion of multiple sensor inputs, and many of the sensor inputs can be manipulated by malicious attackers. These manipulations combined with logical bugs in autonomous driving systems pose severe threats to road safety.\r\n\r\nWe design autonomous driving CTF (AutoDriving CTF) contests around the security challenges specific to these self-driving functions and components.\r\n\r\nThe goals of the AutoDriving CTF are the followings:\r\n\r\n- Demonstrate security implications of autonomous driving system design decisions through hands-on challenges, increase the awareness of potential risks in security professionals, and encourage them to propose defense solutions and tools to detect such risks.\r\n- Provide CTF challenges that allow players to learn attack and defense practices related to autonomous driving in a well-controlled, repeatable, and visible environment.\r\n- Build a set of vulnerable autonomous driving components that can be used for security research and defense evaluation.\r\n\r\nThe contest is based on a Jeopardy style of CTF game with a set of independent challenges. A typical contest challenge includes a backend that runs autonomous driving components in simulated or real environments, and a frontend that interacts with the players. This year's contest will follow the style of last year and includes the following types of challenges:\r\n\r\n- “attack”: such as constructing adversarial patches and spoofing fake sensor inputs,\r\n- “forensics”: such as investigating a security incident related to autonomous driving,\r\n- “detection”: such as detecting spoofed sensor inputs and fake obstacles,\r\n- “crashme on road!”: such as creating dangerous traffic scenarios to expose logical errors in autonomous driving systems.\r\n- “smart planner”: such as creating intelligent path planners for dangerous tasks that are difficult for human drivers\r\n\r\nMost of these challenges will be developed using game-engine based autonomous driving simulators, such as CARLA and SVL. The following link contains some challenge videos, summaries from AutoDriving CTF at DEF CON 29 and DEF CON 30\r\nhttps://drive.google.com/drive/folders/1JSVarIaQBmseLC9XqkfrxnRQto4WM225?usp=sharing\r\nhttps://www.youtube.com/channel/UCPPsKbVpxwk-464KIzr8xKw\r\n\r\n# What's new in 2024\r\nThis year, we will unlock new traffic conflict scenarios that are observed from real-world driving logs such as Jaywalk and double parked vehicles. New difficulty levels will be added to challenges in such scenarios by integrating real downstream AI modules such as object tracking from open-source autonomous driving software like Apollo, Autoware and OpenPilot.\r\n\r\nIn order to enable the audience to experience the challenges more directly, we plan to set up a vehicle wheel controller on site and provide a driving game this year. Audiences can drive themselves to compete with the self-driving vehicle in some of the challenges. Driving game demo:\r\nhttps://drive.google.com/drive/folders/1LIzJJ1I3Eqj_e0_ntX5eFu82U9ObiEYB?usp=sharing\r\n\r\n# For players\r\n- What do players need to do to participate AutoDriving CTF?\r\nMost of the challenges do not require domain knowledge of autonomous driving software or adversarial machine learning, although knowledge of those helps. For example, the players can generate images the way they like (e.g., drawing, photoshopping) to fool the AI-components or write a short python script to control the vehicle. Some challenges, such as incident forensics likely would require players to learn domain knowledge such as sensor information format and how fusion works.\r\n\r\n- What do we expect players to learn through the CTF event?\r\nPlayers can (1) gain a deep understanding of real-world autonomous driving systems' design, implementation, and their corresponding security properties and characteristics; and (2) learn the attack and defense practices related to autonomous driving in a well-controlled, repeatable, visible, and engaging environment.\n\n\n","media":[{"hash_sha256":"375569510e5615465450cb3678a63b8069acd85e1636cca316295fc89cf599d6","filetype":"image/png","hash_md5":"06d063cea5818c71eee33a32d18b836d","name":"ct_autodriving.png","is_logo":"Y","hash_crc32c":"db78dfca","filesize":20241,"asset_id":624,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_autodriving.png"}],"title":"[CANCELED] AutoDriving CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The AutoDriving CTF contest focuses on the emerging security challenges in autonomous driving systems. Various levels of self-driving functionalities, such as AI-powered perception, sensor fusion and route planning, are entering the product portfolio of automobile companies. From the security perspective, these AI-powered components not only contain common security problems such as memory safety bugs, but also introduce new threats such as physical adversarial attacks and sensor manipulations. Two popular examples of physical adversarial attacks are camouflage stickers that interfere with vehicle detection systems, and road graffitis that disturb lane keeping systems. The AI-powered navigation and control relies on the fusion of multiple sensor inputs, and many of the sensor inputs can be manipulated by malicious attackers. These manipulations combined with logical bugs in autonomous driving systems pose severe threats to road safety.\r\n\r\nWe design autonomous driving CTF (AutoDriving CTF) contests around the security challenges specific to these self-driving functions and components.\r\n\r\nThe goals of the AutoDriving CTF are the followings:\r\n\r\n- Demonstrate security implications of autonomous driving system design decisions through hands-on challenges, increase the awareness of potential risks in security professionals, and encourage them to propose defense solutions and tools to detect such risks.\r\n- Provide CTF challenges that allow players to learn attack and defense practices related to autonomous driving in a well-controlled, repeatable, and visible environment.\r\n- Build a set of vulnerable autonomous driving components that can be used for security research and defense evaluation.\r\n\r\nThe contest is based on a Jeopardy style of CTF game with a set of independent challenges. A typical contest challenge includes a backend that runs autonomous driving components in simulated or real environments, and a frontend that interacts with the players. This year's contest will follow the style of last year and includes the following types of challenges:\r\n\r\n- “attack”: such as constructing adversarial patches and spoofing fake sensor inputs,\r\n- “forensics”: such as investigating a security incident related to autonomous driving,\r\n- “detection”: such as detecting spoofed sensor inputs and fake obstacles,\r\n- “crashme on road!”: such as creating dangerous traffic scenarios to expose logical errors in autonomous driving systems.\r\n- “smart planner”: such as creating intelligent path planners for dangerous tasks that are difficult for human drivers\r\n\r\nMost of these challenges will be developed using game-engine based autonomous driving simulators, such as CARLA and SVL. The following link contains some challenge videos, summaries from AutoDriving CTF at DEF CON 29 and DEF CON 30\r\nhttps://drive.google.com/drive/folders/1JSVarIaQBmseLC9XqkfrxnRQto4WM225?usp=sharing\r\nhttps://www.youtube.com/channel/UCPPsKbVpxwk-464KIzr8xKw\r\n\r\n# What's new in 2024\r\nThis year, we will unlock new traffic conflict scenarios that are observed from real-world driving logs such as Jaywalk and double parked vehicles. New difficulty levels will be added to challenges in such scenarios by integrating real downstream AI modules such as object tracking from open-source autonomous driving software like Apollo, Autoware and OpenPilot.\r\n\r\nIn order to enable the audience to experience the challenges more directly, we plan to set up a vehicle wheel controller on site and provide a driving game this year. Audiences can drive themselves to compete with the self-driving vehicle in some of the challenges. Driving game demo:\r\nhttps://drive.google.com/drive/folders/1LIzJJ1I3Eqj_e0_ntX5eFu82U9ObiEYB?usp=sharing\r\n\r\n# For players\r\n- What do players need to do to participate AutoDriving CTF?\r\nMost of the challenges do not require domain knowledge of autonomous driving software or adversarial machine learning, although knowledge of those helps. For example, the players can generate images the way they like (e.g., drawing, photoshopping) to fool the AI-components or write a short python script to control the vehicle. Some challenges, such as incident forensics likely would require players to learn domain knowledge such as sensor information format and how fusion works.\r\n\r\n- What do we expect players to learn through the CTF event?\r\nPlayers can (1) gain a deep understanding of real-world autonomous driving systems' design, implementation, and their corresponding security properties and characteristics; and (2) learn the attack and defense practices related to autonomous driving in a well-controlled, repeatable, visible, and engaging environment.","updated_timestamp":{"seconds":1723168346,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T01:52:26Z","links":[{"label":"Twitter (@autodrivingctf)","type":"link","url":"https://twitter.com/autodrivingctf"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249420"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249419"}],"end":"2024-08-11T01:00:00.000-0000","id":56063,"tag_ids":[46426,46439,46752],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-05-B","hotel":"","short_name":"HW4-01-05-B","id":46352},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-09T01:52:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”\n\n\n","media":[{"hash_sha256":"428e14f21b35d7673729fe64d1b505c806155472894b40ffe1ce7324527577b1","filetype":"image/png","hash_md5":"97e55dc0e441e94ee6f15b141155b4f9","name":"ct_bic-ctf.png","is_logo":"Y","hash_crc32c":"4ce34dd1","filesize":257047,"asset_id":628,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_bic-ctf.png"}],"title":"Blacks in Cyber CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"The BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”","updated_timestamp":{"seconds":1722311050,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:44:10Z","links":[{"label":"More Info","type":"link","url":"https://www.blacksincyberconf.com/ctf"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249409"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249410"}],"end":"2024-08-11T00:00:00.000-0000","id":56058,"tag_ids":[46372,46426,46439,46755],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:44:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This event was born out of the fires of DEF CON. Through years of analyzing network traffic for the Wall of Sheep and teaching others how to do the same, we built this system as a way to help the growing numbers in our community learn (fast). Then it quickly turned into the first defensive based CTF at DEF CON and is one of the longer running competitions at con with a twist... Each year we practically re-invent ourselves, bringing the latest tools & techniques along with never seen before content across 17 categories to unleash hell on the mostly-unsuspecting attendees. For ’24 we have added tons of new content, and new types of challenges never seen before.\r\n\r\nCome compete in the world's most challenging cyber defense competition based on the Aries Security Cyber Range. Tear through the challenges, traverse a hostile enterprise class network, and diligently analyze what is found in order to make it out unscathed. Not only glory, but prizes await those that emerge victorious from this upgraded labyrinth, so only the best prepared and battle hardened will escape the crucible.\n\n\n","media":[{"hash_sha256":"39238a01b06f0ddf4e2a678a63b07a1fb93094a3716dee47fac88ff443b09b2f","filetype":"image/png","hash_md5":"bb82eeecc603d6d9d05f319875161b0f","name":"ct_ctp.png","is_logo":"Y","hash_crc32c":"a13f862e","filesize":72882,"asset_id":631,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_ctp.png"}],"title":"Capture the Packet","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"This event was born out of the fires of DEF CON. Through years of analyzing network traffic for the Wall of Sheep and teaching others how to do the same, we built this system as a way to help the growing numbers in our community learn (fast). Then it quickly turned into the first defensive based CTF at DEF CON and is one of the longer running competitions at con with a twist... Each year we practically re-invent ourselves, bringing the latest tools & techniques along with never seen before content across 17 categories to unleash hell on the mostly-unsuspecting attendees. For ’24 we have added tons of new content, and new types of challenges never seen before.\r\n\r\nCome compete in the world's most challenging cyber defense competition based on the Aries Security Cyber Range. Tear through the challenges, traverse a hostile enterprise class network, and diligently analyze what is found in order to make it out unscathed. Not only glory, but prizes await those that emerge victorious from this upgraded labyrinth, so only the best prepared and battle hardened will escape the crucible.","updated_timestamp":{"seconds":1722476750,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T01:45:50Z","links":[{"label":"More Info","type":"link","url":"https://www.capturethepacket.com"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249401"},{"label":"Twitter (@capturetp)","type":"link","url":"https://twitter.com/capturetp"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249402"}],"end":"2024-08-11T01:00:00.000-0000","id":56053,"tag_ids":[46385,46427,46439,46757],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T01:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The inception of this distinctive event occurred at DEF CON 31, initiated by a fortuitous encounter with CookieT while participating in LineCon for merch. Our shared passions fostered an immediate bond, and it was amidst this camaraderie that the idea for a future challenge germinated. Having previously engaged participants with puzzle-embedded challenge coins, I (Chasse) was inspired to expand the concept beyond a mere cipher. The aim was to design a contest that would appeal across a broad spectrum of skill levels by integrating a variety of puzzles, both modern and traditional, to attract a wider audience from a complete beginner new to the hackerspace to the more seasoned and advanced hacker. Observing the collective enthusiasm as participants unraveled the first simple coin puzzle was exhilarating, yet the quick resolution of the puzzle occasionally detracted from the overall experience for more advanced puzzle solvers. Throughout DEF CON 31, CookieT and I explored the feasibility of a web-based challenge CTF, laying the foundation for what would evolve into a pioneering contest and experience. Later Raven emerged from the shadows of cyberspace to help us chisel out the contest from Zeroes and Ones\r\n\r\nWith the announcement of DEF CON 32's theme, our concept was honed, ready to blend our creative talents into this year's challenge. We crafted an innovative combination of a narrative-driven journey game, scavenger hunt, and web-based Capture The Flag (CTF) challenges, all meticulously aligned with the DEC CON 32 \"Engage\" theme. This contest emerges as a holistic platform, introducing DEF CON newcomers to core security principles through an engaging narrative. Spanning a variety of fields including OSINT, cryptography, radio, telephony, password, and web security. It promises a rich, diverse experience! Participants, automatically divided into teams, are propelled on a quest to decode puzzles and unearth flags, with challenges designed to suit everyone from novices to veterans seeking sophisticated, intricate challenges. This contest transcends the conventional competition framework, evolving into an artful endeavor that illustrates the symbiosis of storytelling and technical puzzles to create a deeply immersive learning adventure. Imagined as an interactive storybook, it invites attendees to navigate their own routes, making their own choices that lead them through a story-rich exploration of security concepts and engagement even with each other.\r\n\r\nThe technical infrastructure of this experience is built on varied technologies. The main website, https://www.chassepartie.com, is developed with Ruby on Rails 7.1 and hosted on Heroku, with CloudFlare acting as our Web Application Firewall (WAF). This site functions as the scoreboard and narrative hub of the contest. Additionally, we have set up an XCP-NG hypervisor to host approximately 10 to 15 virtual machines as targets for participant engagement. Augmented reality markers are also in place, intended for deployment in communal areas like sticker boards, to enhance the experience. These elements are interwoven with the storyline, guiding attendees through what we believe is an unprecedented adventure-style CTF challenge named Chasse Partie Systems – Dystopian Apocalypse Resistance Terminal.\r\n\r\nSo come and join us on our deviant journey, what are you waiting for?\n\n\n","media":[{"hash_sha256":"95a6fc9488a5c31ed3edb2848eb2a24498095a0de6f93552e7bc6ffe48c215cf","filetype":"image/png","hash_md5":"5ed77e41c595c690f459fe08cc26c28a","name":"ct_chasse-partie-ctf-v2.png","is_logo":"Y","hash_crc32c":"292aa419","filesize":303387,"asset_id":668,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_chasse-partie-ctf-v2.png"}],"title":"Chasse Partie Systems CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The inception of this distinctive event occurred at DEF CON 31, initiated by a fortuitous encounter with CookieT while participating in LineCon for merch. Our shared passions fostered an immediate bond, and it was amidst this camaraderie that the idea for a future challenge germinated. Having previously engaged participants with puzzle-embedded challenge coins, I (Chasse) was inspired to expand the concept beyond a mere cipher. The aim was to design a contest that would appeal across a broad spectrum of skill levels by integrating a variety of puzzles, both modern and traditional, to attract a wider audience from a complete beginner new to the hackerspace to the more seasoned and advanced hacker. Observing the collective enthusiasm as participants unraveled the first simple coin puzzle was exhilarating, yet the quick resolution of the puzzle occasionally detracted from the overall experience for more advanced puzzle solvers. Throughout DEF CON 31, CookieT and I explored the feasibility of a web-based challenge CTF, laying the foundation for what would evolve into a pioneering contest and experience. Later Raven emerged from the shadows of cyberspace to help us chisel out the contest from Zeroes and Ones\r\n\r\nWith the announcement of DEF CON 32's theme, our concept was honed, ready to blend our creative talents into this year's challenge. We crafted an innovative combination of a narrative-driven journey game, scavenger hunt, and web-based Capture The Flag (CTF) challenges, all meticulously aligned with the DEC CON 32 \"Engage\" theme. This contest emerges as a holistic platform, introducing DEF CON newcomers to core security principles through an engaging narrative. Spanning a variety of fields including OSINT, cryptography, radio, telephony, password, and web security. It promises a rich, diverse experience! Participants, automatically divided into teams, are propelled on a quest to decode puzzles and unearth flags, with challenges designed to suit everyone from novices to veterans seeking sophisticated, intricate challenges. This contest transcends the conventional competition framework, evolving into an artful endeavor that illustrates the symbiosis of storytelling and technical puzzles to create a deeply immersive learning adventure. Imagined as an interactive storybook, it invites attendees to navigate their own routes, making their own choices that lead them through a story-rich exploration of security concepts and engagement even with each other.\r\n\r\nThe technical infrastructure of this experience is built on varied technologies. The main website, https://www.chassepartie.com, is developed with Ruby on Rails 7.1 and hosted on Heroku, with CloudFlare acting as our Web Application Firewall (WAF). This site functions as the scoreboard and narrative hub of the contest. Additionally, we have set up an XCP-NG hypervisor to host approximately 10 to 15 virtual machines as targets for participant engagement. Augmented reality markers are also in place, intended for deployment in communal areas like sticker boards, to enhance the experience. These elements are interwoven with the storyline, guiding attendees through what we believe is an unprecedented adventure-style CTF challenge named Chasse Partie Systems – Dystopian Apocalypse Resistance Terminal.\r\n\r\nSo come and join us on our deviant journey, what are you waiting for?","updated_timestamp":{"seconds":1722310816,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:40:16Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249395"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249396"}],"end":"2024-08-11T01:00:00.000-0000","id":56050,"tag_ids":[46426,46439,46758],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-E","hotel":"","short_name":"HW4-01-04-E","id":46347},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you ever wanted to break stuff on the cloud, or if you like rabbit holes that take you places you did not think you would go to, follow complicated story lines to only find you could have reached to the flag without scratching your head so much - then this CTF is for you!\r\n\r\nOur CTF is a two days jeopardy style contest where we have a bunch of challenges hosted across multiple Cloud providers across multiple categories of difficulty.\r\n\r\nYou can register as teams or go solo, use hints or stay away from them, in the end it will be all for glory or nothing. Plus the prizes. Did we not mention the prizes? :D\n\n\n","media":[{"hash_sha256":"84030b2ecb5f077fa506dcc16c49a685cf98f05b8c10202c417c064233eb4829","filetype":"image/png","hash_md5":"4b19e13df1a3f66b5f8b392d76ca707e","name":"ct_cloud.png","is_logo":"Y","hash_crc32c":"45aa66f3","filesize":58121,"asset_id":669,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_cloud.png"}],"title":"Cloud Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"If you ever wanted to break stuff on the cloud, or if you like rabbit holes that take you places you did not think you would go to, follow complicated story lines to only find you could have reached to the flag without scratching your head so much - then this CTF is for you!\r\n\r\nOur CTF is a two days jeopardy style contest where we have a bunch of challenges hosted across multiple Cloud providers across multiple categories of difficulty.\r\n\r\nYou can register as teams or go solo, use hints or stay away from them, in the end it will be all for glory or nothing. Plus the prizes. Did we not mention the prizes? :D","updated_timestamp":{"seconds":1722310678,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:37:58Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249392"},{"label":"Twitter (@cloudvillage_dc)","type":"link","url":"https://twitter.com/cloudvillage_dc"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249393"}],"end":"2024-08-11T01:00:00.000-0000","id":56047,"tag_ids":[46376,46426,46439,46759],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"CMD+CTRL Web App Hacking Challenge gives you the opportunity to showcase your red team skills by attacking real web applications. The CMD+CTRL platform is a hacking game designed to teach the fundamentals of web application security. Explore vulnerable web applications, discover security flaws, and exploit those flaws to earn points and climb up the scoreboard. After attacking an application for yourself, you'll have a better understanding of the vulnerabilities that put real world systems at risk.\r\n\r\nAt DEF CON 32: We will be replaying some of our Cyber Range Greatest Hits. We will be running 4 different Ranges with over a 150 challenges possible!\n\n\n","media":[{"hash_sha256":"9c8df8b7b1bfaa7f9a6f76d47c2ddafcb15c60bfc6ba40d764dfaf8bc3583cde","filetype":"image/png","hash_md5":"a6d499b0f825c7c532b2eaf562131129","name":"ct_cmdctrl.png","is_logo":"Y","hash_crc32c":"9670e5ce","filesize":4017,"asset_id":630,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_cmdctrl.png"}],"title":"CMD+CTRL at DEF CON 32","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"CMD+CTRL Web App Hacking Challenge gives you the opportunity to showcase your red team skills by attacking real web applications. The CMD+CTRL platform is a hacking game designed to teach the fundamentals of web application security. Explore vulnerable web applications, discover security flaws, and exploit those flaws to earn points and climb up the scoreboard. After attacking an application for yourself, you'll have a better understanding of the vulnerabilities that put real world systems at risk.\r\n\r\nAt DEF CON 32: We will be replaying some of our Cyber Range Greatest Hits. We will be running 4 different Ranges with over a 150 challenges possible!","updated_timestamp":{"seconds":1722310603,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:36:43Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249390"},{"label":"More Info","type":"link","url":"https://defcon32.cmdnctrl.net"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249389"}],"end":"2024-08-11T01:00:00.000-0000","id":56044,"tag_ids":[46427,46439,46760],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-D","hotel":"","short_name":"HW4-03-06-D","id":46377},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Zoogleta has been scheming to corporatize and enshittify the Internet through regulatory capture, squashing indy devs, and commodifying users.\r\n\r\nYou've been contacted by journalists and whistleblowers who need help sifting through some big dumps of encrypted data and password hashes.\r\n\r\nHelp them so they can publish the smoking gun, crash Zoogleta's stock price, and get their leadership and the corrupt politicians they own arrested by exposing their internal dirt, for great justice.\r\n\r\nTime is of the essence! You will have 48 hours to crack as many files and hashes as possible.\r\n\r\nOpen to all; preregistration is recommended. Compete in the Street class for individuals or small teams, or in Pro if you do not want to sleep all weekend. Check out past years' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/\n\n\n","media":[{"hash_sha256":"8c55b933bea038dc88c4628f4a2689a38cb05c0482e20738f947c7c0a6d0bd03","filetype":"image/png","hash_md5":"1747482750537af24b802702bb112b7e","name":"ct_crackmeifyoucan.png","is_logo":"Y","hash_crc32c":"398a67a5","filesize":50685,"asset_id":721,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_crackmeifyoucan.png"}],"title":"CrackMeIfYouCan","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Zoogleta has been scheming to corporatize and enshittify the Internet through regulatory capture, squashing indy devs, and commodifying users.\r\n\r\nYou've been contacted by journalists and whistleblowers who need help sifting through some big dumps of encrypted data and password hashes.\r\n\r\nHelp them so they can publish the smoking gun, crash Zoogleta's stock price, and get their leadership and the corrupt politicians they own arrested by exposing their internal dirt, for great justice.\r\n\r\nTime is of the essence! You will have 48 hours to crack as many files and hashes as possible.\r\n\r\nOpen to all; preregistration is recommended. Compete in the Street class for individuals or small teams, or in Pro if you do not want to sleep all weekend. Check out past years' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/","updated_timestamp":{"seconds":1722310455,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:34:15Z","links":[{"label":"More Info","type":"link","url":"https://www.crackmeifyoucan.com"},{"label":"Sub-Forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250053"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250054"},{"label":"Mastodon (@CrackMeIfYouCan@infosec.exchange)","type":"link","url":"https://infosec.exchange/@CrackMeIfYouCan"}],"end":"2024-08-11T01:00:00.000-0000","id":56041,"tag_ids":[46428,46439,46761],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-05","hotel":"","short_name":"HW4-01-05","id":46349},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:34:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Various cyber tools and techniques have been utilized based on information from past attacks. Game players will learn about different cyber security frameworks, cyber-attack processes, and how they can use utilised in a fun way. The game is built to teach key cyber terms, theory and apply techniques based on real-world scenarios.\r\n\r\nAs a player, you are part of a Global Cyber Protection Team (GCPT) assigned to the mission to prevent various attacks on critical infrastructure. Your task is to use the available information that your team has at your disposal to stop the adversary from achieving their objective.\r\n\r\nPlayers will find themselves in a variety of future scenarios based on a specific industry/sector focus e.g. manufacturing, utilities, defense, finance. The task will be to defend each individual network/system to govern, identify, detect, respond and recover against abnormal/suspicious activities on the network. You will be working against a global hacker network who are threatening to disrupt the overall operations of global critical infrastructure sites for their own nefarious means.\r\n\r\nYour team must protect various networks/systems as part of a global environment. If 5 or more systems are compromised and deactivated, the hacker network successfully disabled the global environment and can assume control of the entire environment. It is your mission to protect the environment and ensure the availability of the global system.\n\n\n","media":[{"hash_sha256":"590434b852585a01a647426db34529416f6624082c827bbd32d1ef45e5ef4651","filetype":"image/png","hash_md5":"1e73edab68d1da1d66c84a992554e685","name":"ct_cyberdefender.png","is_logo":"Y","hash_crc32c":"5a341827","filesize":92175,"asset_id":632,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_cyberdefender.png"}],"title":"Cyber Defender - The Game","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Various cyber tools and techniques have been utilized based on information from past attacks. Game players will learn about different cyber security frameworks, cyber-attack processes, and how they can use utilised in a fun way. The game is built to teach key cyber terms, theory and apply techniques based on real-world scenarios.\r\n\r\nAs a player, you are part of a Global Cyber Protection Team (GCPT) assigned to the mission to prevent various attacks on critical infrastructure. Your task is to use the available information that your team has at your disposal to stop the adversary from achieving their objective.\r\n\r\nPlayers will find themselves in a variety of future scenarios based on a specific industry/sector focus e.g. manufacturing, utilities, defense, finance. The task will be to defend each individual network/system to govern, identify, detect, respond and recover against abnormal/suspicious activities on the network. You will be working against a global hacker network who are threatening to disrupt the overall operations of global critical infrastructure sites for their own nefarious means.\r\n\r\nYour team must protect various networks/systems as part of a global environment. If 5 or more systems are compromised and deactivated, the hacker network successfully disabled the global environment and can assume control of the entire environment. It is your mission to protect the environment and ensure the availability of the global system.","updated_timestamp":{"seconds":1722310334,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:32:14Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249384"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249385"}],"end":"2024-08-11T01:00:00.000-0000","id":56037,"tag_ids":[46439,46762],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-C","hotel":"","short_name":"HW4-03-06-C","id":46376},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Darknet-NG is an Alternate Reality Game (ARG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The \"Learning Quests\" help the agent gather knowledge from all across the other villages at the conference, while the \"Challenge Quests\" help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year's final challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site https://darknet-ng.network and join our growing Discord Community!\n\n\n","media":[{"hash_sha256":"1b2e0f8d162af1a6bd8a463fa27176b2afd439a1dc61b7817c2c855763a600ed","filetype":"image/png","hash_md5":"e7442de5c5eb4549170a56163423cd5e","name":"ct_darknet.png","is_logo":"Y","hash_crc32c":"f77e820f","filesize":49081,"asset_id":633,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_darknet.png"}],"title":"Darknet-NG","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Darknet-NG is an Alternate Reality Game (ARG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The \"Learning Quests\" help the agent gather knowledge from all across the other villages at the conference, while the \"Challenge Quests\" help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year's final challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site https://darknet-ng.network and join our growing Discord Community!","updated_timestamp":{"seconds":1722310268,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:31:08Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249382"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249381"},{"label":"More Info","type":"link","url":"https://darknet-ng.network"},{"label":"Twitter (@DarknetNg)","type":"link","url":"https://twitter.com/DarknetNg"}],"end":"2024-08-11T01:00:00.000-0000","id":56034,"tag_ids":[46426,46439,46763],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-D","hotel":"","short_name":"HW4-02-01-D","id":46359},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DARPA and ARPA-H’s Artificial Intelligence Cyber Challenge (AIxCC) will bring together the foremost experts in AI and cybersecurity to safeguard the software critical to all Americans. AIxCC is a two-year competition that asks competitors to design novel AI systems to secure this critical code and will award a cumulative $29.5 million in prizes to Teams with the best systems. In 2024, top teams will be awarded prizes of $2 million each, and will advance to the finals at DEF CON 33. The AIxCC Experience at DEF CON 32 is an immersive and interactive competition environment and educational space to inspire people and organizations to accelerate the development of AI-enabled cyber defenses. Attendees will explore a futuristic city where they can learn all about the competition, the technology, and the power of AI to help secure the software we all depend on.\r\n\r\nRegistration for AIxCC is no longer open to new contestants. AIxCC Preliminary Events were held March – July 2024.\r\n\r\nSemifinalists will be announced here: https://aicyberchallenge.com/\n\n\n","media":[{"hash_sha256":"ff926fdb8070905e8485c17bfc79608b27202a7548f2ddcc058bbb89ea639e83","filetype":"image/png","hash_md5":"cbceb546139e5ed4e4a61a0b7fcaf58a","name":"ct_aixcc.png","is_logo":"Y","hash_crc32c":"661f6649","filesize":94474,"asset_id":625,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_aixcc.png"}],"title":"DARPA's Artificial Intelligence Cyber Challenge (AIxCC)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"DARPA and ARPA-H’s Artificial Intelligence Cyber Challenge (AIxCC) will bring together the foremost experts in AI and cybersecurity to safeguard the software critical to all Americans. AIxCC is a two-year competition that asks competitors to design novel AI systems to secure this critical code and will award a cumulative $29.5 million in prizes to Teams with the best systems. In 2024, top teams will be awarded prizes of $2 million each, and will advance to the finals at DEF CON 33. The AIxCC Experience at DEF CON 32 is an immersive and interactive competition environment and educational space to inspire people and organizations to accelerate the development of AI-enabled cyber defenses. Attendees will explore a futuristic city where they can learn all about the competition, the technology, and the power of AI to help secure the software we all depend on.\r\n\r\nRegistration for AIxCC is no longer open to new contestants. AIxCC Preliminary Events were held March – July 2024.\r\n\r\nSemifinalists will be announced here: https://aicyberchallenge.com/","updated_timestamp":{"seconds":1722310204,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:30:04Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249422"},{"label":"More Info","type":"link","url":"https://aicyberchallenge.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249423"}],"end":"2024-08-11T01:00:00.000-0000","id":56031,"tag_ids":[46427,46439,46764],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-06 (AIxCC)","hotel":"","short_name":"HW3-05-06 (AIxCC)","id":46268},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The DEF CON Kubernetes Capture the Flag (CTF) contest features a Kubernetes-based CTF challenge, where teams and individuals can build and test their Kubernetes hacking skills. Each team/individual is given access to a single Kubernetes cluster that contains a set of serial challenges, winning flags and points as they progress. Later flags pose more difficulty, but count for more points.\r\n\r\nA scoreboard tracks the teams’ current and final scores. In the event of a tie, the first team to achieve the score wins that tie.\n\n\n","media":[{"hash_sha256":"a5a762ead7376172dae80fa2c3959bd1e4a22190a057721df654c025d0edfd7f","filetype":"image/png","hash_md5":"01005631367ac14ee6f758e7b45997bc","name":"ct_kubernetes-ctf.png","is_logo":"Y","hash_crc32c":"160f25aa","filesize":16051,"asset_id":636,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_kubernetes-ctf.png"}],"title":"DC Kubernetes Capture the Flag (CTF)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"The DEF CON Kubernetes Capture the Flag (CTF) contest features a Kubernetes-based CTF challenge, where teams and individuals can build and test their Kubernetes hacking skills. Each team/individual is given access to a single Kubernetes cluster that contains a set of serial challenges, winning flags and points as they progress. Later flags pose more difficulty, but count for more points.\r\n\r\nA scoreboard tracks the teams’ current and final scores. In the event of a tie, the first team to achieve the score wins that tie.","updated_timestamp":{"seconds":1722310069,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:27:49Z","links":[{"label":"More Info","type":"link","url":"https://containersecurityctf.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249379"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249378"}],"end":"2024-08-11T00:00:00.000-0000","id":56029,"tag_ids":[46428,46439,46765],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-E","hotel":"","short_name":"HW4-02-01-E","id":46360},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Threat Modeling is arguably the single most important activity in an application security program and if performed early can identify a wide range of potential flaws before a single line of code has been written. While being so critically important there is no single correct way to perform Threat Modeling, many techniques, methodologies and/or tools exist.\r\n\r\nAs part of our challenge we will present contestants with the exact same design and compare the outputs they produce against a number of categories in order to identify a winner and crown DEF CON’s Next Top Threat Model(er).\n\n\n","media":[{"hash_sha256":"9f1c45d1825d2b7b5cd93c07c1a6bba41550b5cc76e52275ba0f3d3e33abf1b7","filetype":"image/png","hash_md5":"a4ccc4bb2dc371a268d25b115dd92920","name":"ct_dcnttm.png","is_logo":"Y","hash_crc32c":"a36d8a48","filesize":16951,"asset_id":634,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_dcnttm.png"}],"title":"DC’s Next Top Threat Model (DCNTTM)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Threat Modeling is arguably the single most important activity in an application security program and if performed early can identify a wide range of potential flaws before a single line of code has been written. While being so critically important there is no single correct way to perform Threat Modeling, many techniques, methodologies and/or tools exist.\r\n\r\nAs part of our challenge we will present contestants with the exact same design and compare the outputs they produce against a number of categories in order to identify a winner and crown DEF CON’s Next Top Threat Model(er).","updated_timestamp":{"seconds":1722309815,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:23:35Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249371"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249372"},{"label":"More Info","type":"link","url":"https://threatmodel.us"}],"end":"2024-08-11T01:00:00.000-0000","id":56027,"tag_ids":[46426,46439,46766],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-05-A","hotel":"","short_name":"HW4-01-05-A","id":46351},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Whether you're a seasoned DEFCON veteran or a curious newcomer, the DEFCON Scavenger Hunt promises to challenge your skills, tickle your wits, and ignite your hacker spirit. Our list is a portal to mystery, mischief, and mayhem. Assemble your team of up to five members, interpret the items, and submit your findings at the booth to our esteemed judges. Go beyond the basics for bonus points. Legends are born here.\r\n\r\nCasual players will enjoy doing a handful of items, but you will need to devote your entire weekend if you want to win. It's not just about fame, glory, or boxes of swag; the true allure is the camaraderie of fellow hackers, the knowledge that you've etched your mark on DEFCON history, and the ultimate badge of honor: bragging rights. Nothing says \"I'm a hacker\" quite like being triumphant at the DEFCON Scavenger Hunt contest.\r\n\r\nSee you at the booth!\n\n\n","media":[{"hash_sha256":"0bbb61282ddf3bcc0d027a7ffb0cb2f0dc6fcf32814b48e53488203695f478b3","filetype":"image/png","hash_md5":"d8ada9124833199cadf2f291b0178024","name":"ct_scav-hunt.png","is_logo":"Y","hash_crc32c":"fa957778","filesize":20774,"asset_id":639,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_scav-hunt.png"}],"title":"DEF CON Scavenger Hunt","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Whether you're a seasoned DEFCON veteran or a curious newcomer, the DEFCON Scavenger Hunt promises to challenge your skills, tickle your wits, and ignite your hacker spirit. Our list is a portal to mystery, mischief, and mayhem. Assemble your team of up to five members, interpret the items, and submit your findings at the booth to our esteemed judges. Go beyond the basics for bonus points. Legends are born here.\r\n\r\nCasual players will enjoy doing a handful of items, but you will need to devote your entire weekend if you want to win. It's not just about fame, glory, or boxes of swag; the true allure is the camaraderie of fellow hackers, the knowledge that you've etched your mark on DEFCON history, and the ultimate badge of honor: bragging rights. Nothing says \"I'm a hacker\" quite like being triumphant at the DEFCON Scavenger Hunt contest.\r\n\r\nSee you at the booth!","updated_timestamp":{"seconds":1722309542,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:19:02Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249365"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249366"},{"label":"Twitter (@defconscavhunt)","type":"link","url":"https://twitter.com/defconscavhunt"},{"label":"More Info","type":"link","url":"https://www.defconscavhunt.com"}],"end":"2024-08-11T01:00:00.000-0000","id":56024,"tag_ids":[46427,46439,46767],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-02","hotel":"","short_name":"HW4-03-02","id":46369},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hybrid Contest\r\nOn-site Hours: Friday and Saturday 10:00-18:00; Sunday: 10:00-12:00\r\nBecomes available online Thursday 12:00\r\nOnline and In-Person platforms will close Sunday 12:00\r\nPlayers will only be able to turn in scavenger hunt items during On-site Hours.\r\n\r\nThis Pac-Man themed set of challenges takes Players on a journey through learning and demonstrating hacker and information security skills to earn points. With multiple subject-matter specific challenge groups and tracks, this hacker challenge game has something for everyone. You, dear Player, are Hac-Man (or Ms. Hac-Man, or Hac-Person), making your way through various dark mazes eating pellets, fruit, and ghosts. Each ghost represents a hacker puzzle or skills challenge. Upon completing each challenge, you’ll be awarded points and can continue on to attempt further challenges. Many challenges have unlockable hints and location information, which you can unlock by spending your collected fruit.\r\n\r\nThere is a leaderboard! As you collect points, you’ll show up on this leaderboard. The top 10 Players at the end of the game will be awarded various prizes from a prize pool.\n\n\n","media":[{"hash_sha256":"cc6847194df5b5f393d21dbe7eae61dd116d6ba9425fa3ecf526ffe8e72fcd79","filetype":"image/png","hash_md5":"a8e899829eca14ba61dacae2a6508d0a","name":"ct_hac-man_v2.png","is_logo":"Y","hash_crc32c":"e972f1c8","filesize":99075,"asset_id":782,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hac-man_v2.png"}],"title":"Hac-Man","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Hybrid Contest\r\nOn-site Hours: Friday and Saturday 10:00-18:00; Sunday: 10:00-12:00\r\nBecomes available online Thursday 12:00\r\nOnline and In-Person platforms will close Sunday 12:00\r\nPlayers will only be able to turn in scavenger hunt items during On-site Hours.\r\n\r\nThis Pac-Man themed set of challenges takes Players on a journey through learning and demonstrating hacker and information security skills to earn points. With multiple subject-matter specific challenge groups and tracks, this hacker challenge game has something for everyone. You, dear Player, are Hac-Man (or Ms. Hac-Man, or Hac-Person), making your way through various dark mazes eating pellets, fruit, and ghosts. Each ghost represents a hacker puzzle or skills challenge. Upon completing each challenge, you’ll be awarded points and can continue on to attempt further challenges. Many challenges have unlockable hints and location information, which you can unlock by spending your collected fruit.\r\n\r\nThere is a leaderboard! As you collect points, you’ll show up on this leaderboard. The top 10 Players at the end of the game will be awarded various prizes from a prize pool.","updated_timestamp":{"seconds":1722309229,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:13:49Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249354"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249355"},{"label":"More Info","type":"link","url":"https://scramble.roguesignal.io/GM_HACM24"}],"end":"2024-08-11T01:00:00.000-0000","id":56016,"tag_ids":[46426,46439,46769],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-C","hotel":"","short_name":"HW4-02-01-C","id":46358},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We would like to see cancer become a thing of the past, and you can help. How? Join the Hacker Cooling Contraption Challenge, brought to you by the TeleChallenge. Here's how it works:\r\n\r\n1. Accept our Challenge. If you accept the Challenge, you're also committing to nominate three people to join you.\r\n2. Take a video of yourself dumping a bucket of ice water over your head in combination with a Contraption of your construction to lower your temperature and raise awareness of cancer. Trust us, it's way easier to do this during the summer in Vegas than at Halifax Analytica headquarters in the winter.\r\n3. Post the audio to the TeleChallenge voice BBS challenging up to three others using their phone number, or post a video to https://defcon.social or your social media of choice using the hashtag #HackerCoolingContraption and the following:\r\n - Your handle\r\n - Who challenged you\r\n - A statement of acceptance (\"I agree that I am responsible for my own hacker cooling actions, I understand that water is wet, and I promise not to sue the TeleChallenge or DEF CON\" or something to that effect)\r\n - The handles of 3 people you are nominating\r\n - A link to a nonprofit cancer research project or charity of your choice that you have chosen to support\r\n - A mention of your contribution (including cash, cryptocurrency, volunteer hours, or computing resources), if any\r\n\r\nSuggested: Make a contribution of your choice to support cancer research. You may want to check nonprofit and charity quality here: https://www.charitynavigator.org/\r\n\r\nRULES\r\n\r\n1. You can use up to 4 items obtained either from the TeleChallenge booth or at a dollar store costing no more than $5 plus tax, plus duct tape, along with a single one-gallon bucket or container full of conventional ice and water (solely H2O!) to build your Contraption.\r\n2. Only hand tools may be used.\r\n3. No hackers may be harmed in the execution of the Challenge. Contraption may cool to no colder than -3 degrees Celcius.\r\n4. You may wear no less than a bathing suit (due to dress code requirements at pools).\r\n5. Contraptions will be judged only for full participants of the Challenge, meaning you have made three nominations and at least two nominees have also participated.\r\n6. Judging criteria: Efficacy, creativity, flair, hax.\n\n\n","media":[{"hash_sha256":"1162bb14d1418b4cae3817411de665ed741ed2268a0dcc68a84b299605b611cb","filetype":"image/png","hash_md5":"a28c768a3e779e17ac17c6310bf89f1e","name":"ct_telechallenge.png","is_logo":"Y","hash_crc32c":"a0fffafe","filesize":8220,"asset_id":660,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_telechallenge.png"}],"title":"Hacker Cooling Contraption Challenge, brought to you by the TeleChallenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"We would like to see cancer become a thing of the past, and you can help. How? Join the Hacker Cooling Contraption Challenge, brought to you by the TeleChallenge. Here's how it works:\r\n\r\n1. Accept our Challenge. If you accept the Challenge, you're also committing to nominate three people to join you.\r\n2. Take a video of yourself dumping a bucket of ice water over your head in combination with a Contraption of your construction to lower your temperature and raise awareness of cancer. Trust us, it's way easier to do this during the summer in Vegas than at Halifax Analytica headquarters in the winter.\r\n3. Post the audio to the TeleChallenge voice BBS challenging up to three others using their phone number, or post a video to https://defcon.social or your social media of choice using the hashtag #HackerCoolingContraption and the following:\r\n - Your handle\r\n - Who challenged you\r\n - A statement of acceptance (\"I agree that I am responsible for my own hacker cooling actions, I understand that water is wet, and I promise not to sue the TeleChallenge or DEF CON\" or something to that effect)\r\n - The handles of 3 people you are nominating\r\n - A link to a nonprofit cancer research project or charity of your choice that you have chosen to support\r\n - A mention of your contribution (including cash, cryptocurrency, volunteer hours, or computing resources), if any\r\n\r\nSuggested: Make a contribution of your choice to support cancer research. You may want to check nonprofit and charity quality here: https://www.charitynavigator.org/\r\n\r\nRULES\r\n\r\n1. You can use up to 4 items obtained either from the TeleChallenge booth or at a dollar store costing no more than $5 plus tax, plus duct tape, along with a single one-gallon bucket or container full of conventional ice and water (solely H2O!) to build your Contraption.\r\n2. Only hand tools may be used.\r\n3. No hackers may be harmed in the execution of the Challenge. Contraption may cool to no colder than -3 degrees Celcius.\r\n4. You may wear no less than a bathing suit (due to dress code requirements at pools).\r\n5. Contraptions will be judged only for full participants of the Challenge, meaning you have made three nominations and at least two nominees have also participated.\r\n6. Judging criteria: Efficacy, creativity, flair, hax.","updated_timestamp":{"seconds":1722309155,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:12:35Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249290"},{"label":"More Info","type":"link","url":"https://www.telechallenge.org"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249289"}],"end":"2024-08-11T01:00:00.000-0000","id":56013,"tag_ids":[46426,46439,46770],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-B","hotel":"","short_name":"HW4-02-02-B","id":46363},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Friday: Free play 10:00 - 15:00, \r\nPrelim Round 1: 16:00 - 17:00, \r\nPrelim Round 2: 17:00 - 18:00, \r\nRegistration closes: 18:00\r\n\r\nSaturday: Prelim Round 3: 11:00, \r\nPrelim Round 4: 12:00,\r\nSemi Finals Round 1: 14:00,\r\nSemi Finals Round 2: 15:00,\r\nFinals: 17:00\r\n\r\nHackFortress is a unique blend of Team Fortress 2 and a computer security contest. Teams are made up of 6 TF2 players and 4 hackers. TF2 players duke it out while hackers are busy with challenges like application security, network security, social engineering, or reverse engineering. As teams start scoring they can redeem points in the hack fortress store for bonuses. Bonuses range from crits for the TF2, lighting the opposing team on fire, or preventing the other teams hackers from accessing the store. HackFortress challenges range from beginner to advanced, from serious to absurd.\n\n\n","media":[{"hash_sha256":"ce9475936b2cf60c1c9cfa45f28e7cb875f88b8c5110474733a3a061693cd6df","filetype":"image/png","hash_md5":"4203eed2fd0b606da1243ec118062eb8","name":"ct_hack_fortress2.png","is_logo":"Y","hash_crc32c":"2ee22324","filesize":7500,"asset_id":644,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hack_fortress2.png"}],"title":"HackFortress","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Friday: Free play 10:00 - 15:00, \r\nPrelim Round 1: 16:00 - 17:00, \r\nPrelim Round 2: 17:00 - 18:00, \r\nRegistration closes: 18:00\r\n\r\nSaturday: Prelim Round 3: 11:00, \r\nPrelim Round 4: 12:00,\r\nSemi Finals Round 1: 14:00,\r\nSemi Finals Round 2: 15:00,\r\nFinals: 17:00\r\n\r\nHackFortress is a unique blend of Team Fortress 2 and a computer security contest. Teams are made up of 6 TF2 players and 4 hackers. TF2 players duke it out while hackers are busy with challenges like application security, network security, social engineering, or reverse engineering. As teams start scoring they can redeem points in the hack fortress store for bonuses. Bonuses range from crits for the TF2, lighting the opposing team on fire, or preventing the other teams hackers from accessing the store. HackFortress challenges range from beginner to advanced, from serious to absurd.","updated_timestamp":{"seconds":1722308803,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:06:43Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249347"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249348"},{"label":"More Info","type":"link","url":"https://hackfortress.net"}],"end":"2024-08-11T01:00:00.000-0000","id":56011,"tag_ids":[46427,46439,46771],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-A","hotel":"","short_name":"HW4-01-04-A","id":46276},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Grab some solder and update your JTAGulator! The Hardware Hacking Village (HHV) is back with another DEF CON hardware hacking-focused Capture the Flag (CTF) competition. This is a jeopardy style CTF, designed to challenge participants in various aspects of hardware hacking. Whether you're new to hardware hacking or experienced and just looking for something to do while you wait for your fault injection to trigger, all are welcome and challenges range from beginner to advanced.\n\n\n","media":[{"hash_sha256":"f74360633c6039f39c940ac261531b9070b375ca03df7934820a6e6936b3f328","filetype":"image/png","hash_md5":"6e367f9dca843f023ac7435893d4516f","name":"ct_hhvctf.png","is_logo":"Y","hash_crc32c":"5abd42a5","filesize":24398,"asset_id":647,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hhvctf.png"}],"title":"Hardware Hacking Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Grab some solder and update your JTAGulator! The Hardware Hacking Village (HHV) is back with another DEF CON hardware hacking-focused Capture the Flag (CTF) competition. This is a jeopardy style CTF, designed to challenge participants in various aspects of hardware hacking. Whether you're new to hardware hacking or experienced and just looking for something to do while you wait for your fault injection to trigger, all are welcome and challenges range from beginner to advanced.","updated_timestamp":{"seconds":1722308581,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:03:01Z","links":[{"label":"More Info","type":"link","url":"https://dchhv.org/challenges/dc32"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249338"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249339"},{"label":"CTF Announcement / Prereqs","type":"link","url":"https://dchhv.org/announcement/ctf/dc32/2024/08/01/dc32-hhv-challenges.html"}],"end":"2024-08-11T01:00:00.000-0000","id":56007,"tag_ids":[46381,46427,46439,46773],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:03:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This event was born out of the desire to teach an often-overlooked hardware and networking skill, and to provide the opportunity for experienced people to mentor others as they learn. DEF CON provides the perfect environment for people with no prior training to learn something useful and new. Hardwired networks are often overlooked in today’s world of cellular connection and Wi-Fi, but they still play an important part in the backbone of information sharing. We believe that while cutting-edge technologies are thrilling, traditional skills-building still has its place, and we want to provide that opportunity to the DEF CON community.\r\n\r\nDon't know how to make a network cable and want to learn? Has it been years? Or do you think you're a pro? Come see if you can... make the best cable at con by cut/wire/crimp.\n\n\n","media":[],"title":"HardWired","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"This event was born out of the desire to teach an often-overlooked hardware and networking skill, and to provide the opportunity for experienced people to mentor others as they learn. DEF CON provides the perfect environment for people with no prior training to learn something useful and new. Hardwired networks are often overlooked in today’s world of cellular connection and Wi-Fi, but they still play an important part in the backbone of information sharing. We believe that while cutting-edge technologies are thrilling, traditional skills-building still has its place, and we want to provide that opportunity to the DEF CON community.\r\n\r\nDon't know how to make a network cable and want to learn? Has it been years? Or do you think you're a pro? Come see if you can... make the best cable at con by cut/wire/crimp.","updated_timestamp":{"seconds":1722476715,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T01:45:15Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249337"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249336"}],"end":"2024-08-11T01:00:00.000-0000","id":56004,"tag_ids":[46385,46427,46439,46774],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T01:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A powerful corporation, notorious for its unethical practices, leveraged their extensive data resources gathered from users, and their psychological profiles, to subdue the population into compliance. The immune few, realizing the extent of the corporate conspiracy, band together to expose and dismantle the corporation's grip on society. These individuals must navigate a dangerous world of surveillance and betrayal. Their mission is to ignite a global awakening and reclaim freedom from corporate domination.\r\n\r\nPlayers will have to join the mission and participate in a CTF that would be beneficial for beginners and experienced players alike. The challenge categories will be Web, Cryptography, Forensics, PWN(binary exploitation) and Reverse Engineering. Various difficulty challenges from each category will be featured.\n\n\n","media":[{"hash_sha256":"f55b0da621d4ee7bcd1f6dd77fc6c800e20904a3840e9c4e47aee632f1571436","filetype":"image/png","hash_md5":"a396fd3e8349dccb4058656168c13a48","name":"ct_htbctfdatadystopia.png","is_logo":"Y","hash_crc32c":"bdc31b88","filesize":412581,"asset_id":663,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_htbctfdatadystopia.png"}],"title":"HTB CTF: Data Dystopia","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"A powerful corporation, notorious for its unethical practices, leveraged their extensive data resources gathered from users, and their psychological profiles, to subdue the population into compliance. The immune few, realizing the extent of the corporate conspiracy, band together to expose and dismantle the corporation's grip on society. These individuals must navigate a dangerous world of surveillance and betrayal. Their mission is to ignite a global awakening and reclaim freedom from corporate domination.\r\n\r\nPlayers will have to join the mission and participate in a CTF that would be beneficial for beginners and experienced players alike. The challenge categories will be Web, Cryptography, Forensics, PWN(binary exploitation) and Reverse Engineering. Various difficulty challenges from each category will be featured.","updated_timestamp":{"seconds":1722308173,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:56:13Z","links":[{"label":"Website","type":"link","url":"https://ctf.hackthebox.com/"},{"label":"Twitter (@hackthebox_eu)","type":"link","url":"https://twitter.com/hackthebox_eu"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249333"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249334"}],"end":"2024-08-11T01:00:00.000-0000","id":56001,"tag_ids":[46427,46439,46775],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06","hotel":"","short_name":"HW4-03-06","id":46373},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The ICS Village CTF offers hands-on experiences with industrial control systems, which bridge technology with physics. Attendees engage with industry experts while solving challenges like a red vs blue manufacturing network process coupled with OT-specific jeopardy-stye challenges. This contest highlights vulnerabilities in industrial equipment and OT protocols. By simulating attacks on critical infrastructure, participants develop and practice DEFCON-level skills, enhancing their understanding with critical infrastructure and the world we rely on.\n\n\n","media":[{"hash_sha256":"8f0942a63e6e9852cd8a122722da50a5f820039a33fbf629d8e0bbb0bc3c2a25","filetype":"image/png","hash_md5":"6f799941f98600f913350895408f1f4c","name":"ct_ics.png","is_logo":"Y","hash_crc32c":"765e2955","filesize":196108,"asset_id":648,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_ics.png"}],"title":"ICS CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The ICS Village CTF offers hands-on experiences with industrial control systems, which bridge technology with physics. Attendees engage with industry experts while solving challenges like a red vs blue manufacturing network process coupled with OT-specific jeopardy-stye challenges. This contest highlights vulnerabilities in industrial equipment and OT protocols. By simulating attacks on critical infrastructure, participants develop and practice DEFCON-level skills, enhancing their understanding with critical infrastructure and the world we rely on.","updated_timestamp":{"seconds":1722308131,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:55:31Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249319"},{"label":"Website","type":"link","url":"https://www.icsvillage.com/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249318"}],"end":"2024-08-11T01:00:00.000-0000","id":55998,"tag_ids":[46427,46439,46776],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The IoT village pi eating contest is a challenge where participants put their hardwear hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins.\r\n\r\nIn this brand new challenge, participants put their hardware hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins!\r\n\n\n\n","media":[],"title":"IoT Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The IoT village pi eating contest is a challenge where participants put their hardwear hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins.\r\n\r\nIn this brand new challenge, participants put their hardware hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins!","updated_timestamp":{"seconds":1722622146,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T18:09:06Z","links":[{"label":"More Info","type":"link","url":"https://scoreboard.iotvillage.org/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249449"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249448"}],"end":"2024-08-11T01:00:00.000-0000","id":55995,"tag_ids":[46427,46439,46777],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T18:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Your friend called. They had their place raided. They swear it's a setup. But now they're in jail and you're the only hope they have. Can you collect the evidence that will let them walk free? Where should you look? The evidence is everywhere, and it could be anywhere. You might be sitting on it. You might be standing near it. It might be stuck to something. It might be lying in plain sight. Find the disks and bring them to us. All they said to you before they hung up was \"It's in that place where I put that thing that time.\" Good luck.\n\n\n","media":[{"hash_sha256":"db1774578686bfa55ffe22e4d5bf679dab09062d63c06832d97909d59778ea4d","filetype":"image/png","hash_md5":"f0232799ba2c7fdc7ee2f1d7b10e849b","name":"ct_place-thing-time.png","is_logo":"Y","hash_crc32c":"657c9823","filesize":110028,"asset_id":649,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_place-thing-time.png"}],"title":"It's In That Place Where I Put That Thing That Time","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Your friend called. They had their place raided. They swear it's a setup. But now they're in jail and you're the only hope they have. Can you collect the evidence that will let them walk free? Where should you look? The evidence is everywhere, and it could be anywhere. You might be sitting on it. You might be standing near it. It might be stuck to something. It might be lying in plain sight. Find the disks and bring them to us. All they said to you before they hung up was \"It's in that place where I put that thing that time.\" Good luck.","updated_timestamp":{"seconds":1722308045,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:54:05Z","links":[{"label":"Twitter (@iitpwiptttt)","type":"link","url":"https://twitter.com/iitpwiptttt"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249330"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249331"}],"end":"2024-08-11T01:00:00.000-0000","id":55993,"tag_ids":[46427,46439,46778],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Do you fancy doing live recon on Real Organizations? Then activate Yourself. And compete in a unique HACKER challenge.\r\n\r\nThis year we are launching a new nail biting Contest, i.e Live Recon where participants will compete with each other to perform a deep osint and recon on the target organization. Here are the details:\r\n\r\nAbout the contest: \r\n\r\nJoin us for an electrifying two-day Live Reconnaissance Event. Whether you're a seasoned security expert, a curious newcomer or a bugbounty pro, this is your chance to test your skills in a high-octane environment.\r\n\r\nYour Mission\r\n\r\nGet ready to perform live reconnaissance on a curated list of companies. Dig deep and unearth critical information that could be game-changing. Use your analytical prowess and sharp instincts to explore, probe, and uncover hidden data.\r\n\r\nWhy Join the Hunt?\r\n\r\nExperience Real-World Challenges: Face off against real-world scenarios.\r\nCompete and Collaborate: Work with the best minds in the field.\r\nLearn from the Masters: Recon on a massive scale.\r\nScore Epic Prizes: Walk away with cool rewards.\r\n\r\nWho's Invited?\r\n\r\nIf you’ve got a passion for cybersecurity and Recon, this event is for you. Whether you’re a university student, a pro pentester, or a hobbyist eager to sharpen your skills, we want you! Teams are encouraged to register and bring a mix of talents to tackle these challenges head-on.\r\n\r\nGet Ready to Recon!\r\n\r\nUnleash your inner hacker and join us for a reconnaissance adventure you won’t forget!\r\n\r\nPlease note that this is an in-person event, and winners need to be at DEFCON to collect their prizes. However, once we have announced the targets, participants can play it from anywhere online (as this is Recon on public and live targets).\n\n\n","media":[{"hash_sha256":"36b1cb39348fc89252495c82a59fed87e9402509b5593fa03e8584b902578e59","filetype":"image/png","hash_md5":"654118f3f087503d0daabf099ea97615","name":"ct_recon_ctf.png","is_logo":"Y","hash_crc32c":"2011d9de","filesize":76906,"asset_id":718,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_recon_ctf.png"}],"title":"Live Recon Contest in Progress","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Do you fancy doing live recon on Real Organizations? Then activate Yourself. And compete in a unique HACKER challenge.\r\n\r\nThis year we are launching a new nail biting Contest, i.e Live Recon where participants will compete with each other to perform a deep osint and recon on the target organization. Here are the details:\r\n\r\nAbout the contest: \r\n\r\nJoin us for an electrifying two-day Live Reconnaissance Event. Whether you're a seasoned security expert, a curious newcomer or a bugbounty pro, this is your chance to test your skills in a high-octane environment.\r\n\r\nYour Mission\r\n\r\nGet ready to perform live reconnaissance on a curated list of companies. Dig deep and unearth critical information that could be game-changing. Use your analytical prowess and sharp instincts to explore, probe, and uncover hidden data.\r\n\r\nWhy Join the Hunt?\r\n\r\nExperience Real-World Challenges: Face off against real-world scenarios.\r\nCompete and Collaborate: Work with the best minds in the field.\r\nLearn from the Masters: Recon on a massive scale.\r\nScore Epic Prizes: Walk away with cool rewards.\r\n\r\nWho's Invited?\r\n\r\nIf you’ve got a passion for cybersecurity and Recon, this event is for you. Whether you’re a university student, a pro pentester, or a hobbyist eager to sharpen your skills, we want you! Teams are encouraged to register and bring a mix of talents to tackle these challenges head-on.\r\n\r\nGet Ready to Recon!\r\n\r\nUnleash your inner hacker and join us for a reconnaissance adventure you won’t forget!\r\n\r\nPlease note that this is an in-person event, and winners need to be at DEFCON to collect their prizes. However, once we have announced the targets, participants can play it from anywhere online (as this is Recon on public and live targets).","updated_timestamp":{"seconds":1722633597,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T21:19:57Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250009"},{"label":"More Info","type":"link","url":"https://reconvillage.org/live-recon-contest"},{"label":"Sub-Forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250008"}],"end":"2024-08-10T20:00:00.000-0000","id":55991,"tag_ids":[46391,46427,46439,46779],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T21:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"You have been randomly selected for additional security training. Be on the look out for one of our drives, USBs or surprise devices out here in Vegas, and follow along on @LonelyHardDrive for further clues to start hacking away at the puzzles. This is required for all LonelyCorp employees and Betty Pagefile is counting on you!\n\n\n","media":[{"hash_sha256":"d3413916446363608deee0d63c7e2efb8eee7c303fcaafc76eab10c25b274594","filetype":"image/png","hash_md5":"a8a23a326ef1c818a3403a1ef3e87269","name":"ct_lonelyhd.png","is_logo":"Y","hash_crc32c":"9ea33847","filesize":79993,"asset_id":650,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_lonelyhd.png"}],"title":"Lonely Hard Drive","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"You have been randomly selected for additional security training. Be on the look out for one of our drives, USBs or surprise devices out here in Vegas, and follow along on @LonelyHardDrive for further clues to start hacking away at the puzzles. This is required for all LonelyCorp employees and Betty Pagefile is counting on you!","updated_timestamp":{"seconds":1722307767,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:49:27Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249324"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249325"},{"label":"Discord","type":"link","url":"https://discord.gg/68pRuKdCpW"}],"end":"2024-08-11T01:00:00.000-0000","id":55988,"tag_ids":[46427,46439,46780],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-F","hotel":"","short_name":"HW4-02-02-F","id":46367},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"How far will you go? Or, more accurately, how far was your tag's last reported location? Pre-register your team to receive one of a dozen tags, and check out our socials (@LonelyHardDrive) to watch the tags move across the map!\n\n\n","media":[{"hash_sha256":"98201efca440cba174db564a38cc3207a4c951759d79e47ef2bb817534cbff0e","filetype":"image/png","hash_md5":"8e4dc2835c8f08abfaa5b9162b29447b","name":"ct_lonelytag.png","is_logo":"Y","hash_crc32c":"89bc5644","filesize":82759,"asset_id":651,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_lonelytag.png"}],"title":"Lonely Tag","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"How far will you go? Or, more accurately, how far was your tag's last reported location? Pre-register your team to receive one of a dozen tags, and check out our socials (@LonelyHardDrive) to watch the tags move across the map!","updated_timestamp":{"seconds":1722307717,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:48:37Z","links":[{"label":"Discord","type":"link","url":"https://discord.gg/68pRuKdCpW"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249328"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249327"},{"label":"Twitter (@LonelyHardDrive)","type":"link","url":"https://twitter.com/LonelyHardDrive"}],"end":"2024-08-11T01:00:00.000-0000","id":55985,"tag_ids":[46427,46439,46781],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-F","hotel":"","short_name":"HW4-02-02-F","id":46367},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"MARC I: Malware Analysis Report Competition I\r\n\r\nIn MARC I (Malware Analysis Report Competition I), participants collect and analyze real malware, then write an analysis report like a story, covering the entire scope of who, what, when, where, why, and how they found and analyzed the malware.\r\n\r\nMARC I was created by Lena Yu (aka LambdaMamba) to provide malware enthusiasts with an opportunity to learn and showcase their passion and skills. Mastering malware analysis means mastering language. Essentially, we take a highly technical concept and simplify it into something that many can understand, similar to how a compiler translates high-level language into low-level language that a wide range of systems can understand.\r\n\r\nWhen participants open-source and publish their work, it greatly contributes to improving the field of cyber defense. Let's make malware analysis knowledge go viral!\r\n\r\n\r\nBOMBE: Battle of Malware Bypass and EDR\r\n\r\nTry to capture malware by writing your own EDR, or become the malware to bypass detection! BOMBE (Battle of Malware Bypass and EDR) is a unique match where malware and EDR systems compete against each other inside a single VM boxing ring.\r\n\r\nOur participants can choose if they want to be malware creator or EDR developer. Malware creators aim to exfiltrate credentials and transmit them to our designated server. On the other side, EDR developers will focus on detecting the malware's activities and report its findings. Both the malware and EDR, created by our participants, will battle each other directly inside a single VM. As they face off, they’ll earn points for wins, moving up on the leaderboard. We also encourage them to keep improving their malware or EDR systems, system logs will be released after a few rounds.\r\n\r\nBOMBE was created by Wei-Chieh Chao (aka oalieno) and Tien-Chih Lin (aka Dange). It is not just a competition, it's a learning platform. Participants engage with real-world scenarios, learning the circumstances between malware and EDR, a never-ending bypass and detect game. Showcase your skills! Whether you're a wizard at weaving undetectable malware or a mastermind in sophisticated defenses, this is your stage. Demonstrate your capabilities to a global audience, including potential employers and industry leaders.\n\n\n","media":[{"hash_sha256":"6c6addafa55c0e71b8e6dc3fff0f1a9a32e4399a6b80efaece158e3fdf69dd77","filetype":"image/png","hash_md5":"ddda3a35809fc47bf728f63f829e258d","name":"ct_marcibombe.png","is_logo":"Y","hash_crc32c":"040f1340","filesize":22325,"asset_id":652,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_marcibombe.png"}],"title":"Malware Contests: MARC I & BOMBE","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"MARC I: Malware Analysis Report Competition I\r\n\r\nIn MARC I (Malware Analysis Report Competition I), participants collect and analyze real malware, then write an analysis report like a story, covering the entire scope of who, what, when, where, why, and how they found and analyzed the malware.\r\n\r\nMARC I was created by Lena Yu (aka LambdaMamba) to provide malware enthusiasts with an opportunity to learn and showcase their passion and skills. Mastering malware analysis means mastering language. Essentially, we take a highly technical concept and simplify it into something that many can understand, similar to how a compiler translates high-level language into low-level language that a wide range of systems can understand.\r\n\r\nWhen participants open-source and publish their work, it greatly contributes to improving the field of cyber defense. Let's make malware analysis knowledge go viral!\r\n\r\n\r\nBOMBE: Battle of Malware Bypass and EDR\r\n\r\nTry to capture malware by writing your own EDR, or become the malware to bypass detection! BOMBE (Battle of Malware Bypass and EDR) is a unique match where malware and EDR systems compete against each other inside a single VM boxing ring.\r\n\r\nOur participants can choose if they want to be malware creator or EDR developer. Malware creators aim to exfiltrate credentials and transmit them to our designated server. On the other side, EDR developers will focus on detecting the malware's activities and report its findings. Both the malware and EDR, created by our participants, will battle each other directly inside a single VM. As they face off, they’ll earn points for wins, moving up on the leaderboard. We also encourage them to keep improving their malware or EDR systems, system logs will be released after a few rounds.\r\n\r\nBOMBE was created by Wei-Chieh Chao (aka oalieno) and Tien-Chih Lin (aka Dange). It is not just a competition, it's a learning platform. Participants engage with real-world scenarios, learning the circumstances between malware and EDR, a never-ending bypass and detect game. Showcase your skills! Whether you're a wizard at weaving undetectable malware or a mastermind in sophisticated defenses, this is your stage. Demonstrate your capabilities to a global audience, including potential employers and industry leaders.","updated_timestamp":{"seconds":1722307667,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:47:47Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249321"},{"label":"More Info","type":"link","url":"https://digitalplaguedoctors.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249322"},{"label":"Twitter (@DigitalPlagueDr)","type":"link","url":"https://twitter.com/DigitalPlagueDr"}],"end":"2024-08-11T01:00:00.000-0000","id":55982,"tag_ids":[46427,46439,46782],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-03","hotel":"","short_name":"HW4-03-03","id":46370},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Get ready to dive into the excitement of the third annual Octopus Game at DEF CON! Octopus Game is your chance to connect with fellow attendees while exploring all the fun and fascinating aspects of DEF CON. Whether you're new to DEF CON, a beginner at code-breaking, or simply seeking a stress-free contest, this is the perfect opportunity for you. Test your skills in clue reading and code-breaking as you join in on the fun!\r\n\r\nYou and your fellow pirates will embark on an exhilarating journey, armed with clues that unveil the path to the lost treasure of a legendary pirate, now guarded by the mighty Kraken. These quests will guide you through the vibrant landscape of the Con, offering a glimpse into the myriad opportunities and experiences awaiting exploration. Designed to welcome newcomers to the hacking world, this contest fosters connections among attendees and contributors alike. Whether you choose to collaborate with a small group or brave the challenge solo, the decision is yours. Yet, amidst the excitement, remember that only one can emerge victorious. With challenges tailored for entry-level participants and a kid-friendly environment, come join us for a thrilling adventure into the depths of the Kraken's Conundrum.\n\n\n","media":[{"hash_sha256":"d965b5442c0a42e3e2532515477829fb650b66f56a09c1dc92ce7ea7b4f49215","filetype":"image/png","hash_md5":"5f9b31f3696397acc630b3f69415c627","name":"ct_octogame.png","is_logo":"Y","hash_crc32c":"a3e9435a","filesize":258126,"asset_id":653,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_octogame.png"}],"title":"Octopus Game","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Get ready to dive into the excitement of the third annual Octopus Game at DEF CON! Octopus Game is your chance to connect with fellow attendees while exploring all the fun and fascinating aspects of DEF CON. Whether you're new to DEF CON, a beginner at code-breaking, or simply seeking a stress-free contest, this is the perfect opportunity for you. Test your skills in clue reading and code-breaking as you join in on the fun!\r\n\r\nYou and your fellow pirates will embark on an exhilarating journey, armed with clues that unveil the path to the lost treasure of a legendary pirate, now guarded by the mighty Kraken. These quests will guide you through the vibrant landscape of the Con, offering a glimpse into the myriad opportunities and experiences awaiting exploration. Designed to welcome newcomers to the hacking world, this contest fosters connections among attendees and contributors alike. Whether you choose to collaborate with a small group or brave the challenge solo, the decision is yours. Yet, amidst the excitement, remember that only one can emerge victorious. With challenges tailored for entry-level participants and a kid-friendly environment, come join us for a thrilling adventure into the depths of the Kraken's Conundrum.","updated_timestamp":{"seconds":1722307468,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:44:28Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249313"},{"label":"More Info","type":"link","url":"https://www.mirolabs.info/octopus-game-dc32"},{"label":"Twitter (@OctopusGameDC)","type":"link","url":"https://twitter.com/OctopusGameDC"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249314"}],"end":"2024-08-11T01:00:00.000-0000","id":55979,"tag_ids":[46427,46439,46783],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-A","hotel":"","short_name":"HW4-03-06-A","id":46374},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:44:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The contest will be hosted on the Publicly Switched Telephone Network and will be live for access 24/7, with real world PSTN phone numbers to dial into.\r\n\r\nThe Hacked Existence team will be hosting a telecom based CTF. The CTF will be hosted on live VoIP lines routed through a modified asterisk PBX. This will allow participants to dial in to the CTF from a real world telephone routable phone number allowing them to hunt the PBX for flags. The flags will be based around utilizing historically accurate tactics, techniques, and procedures to manipulate emulated old school switching systems.\r\n\r\nThe purpose of our contest is to bring awareness around the still existing weaknesses in our telecom infrastructure and Interactive Voice Response Systems. Ideally visitors to our contest area will participate in the CTF allowing them to get a better understanding of telecom hacking in the year 2024 as well as a respect for the art of phreaking from yesteryears.\n\n\n","media":[{"hash_sha256":"a381d77389722eccd24a6d26091b74111ffeb39431dfba6ccc946470f7aa0c06","filetype":"image/png","hash_md5":"abb9c88d83bd9789b6436e200d1beba3","name":"ct_phreak-me.png","is_logo":"Y","hash_crc32c":"bce4e12c","filesize":27257,"asset_id":655,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_phreak-me.png"}],"title":"PhreakMe presented by HackedExistence","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The contest will be hosted on the Publicly Switched Telephone Network and will be live for access 24/7, with real world PSTN phone numbers to dial into.\r\n\r\nThe Hacked Existence team will be hosting a telecom based CTF. The CTF will be hosted on live VoIP lines routed through a modified asterisk PBX. This will allow participants to dial in to the CTF from a real world telephone routable phone number allowing them to hunt the PBX for flags. The flags will be based around utilizing historically accurate tactics, techniques, and procedures to manipulate emulated old school switching systems.\r\n\r\nThe purpose of our contest is to bring awareness around the still existing weaknesses in our telecom infrastructure and Interactive Voice Response Systems. Ideally visitors to our contest area will participate in the CTF allowing them to get a better understanding of telecom hacking in the year 2024 as well as a respect for the art of phreaking from yesteryears.","updated_timestamp":{"seconds":1722307355,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:42:35Z","links":[{"label":"Twitter (@mainframed767)","type":"link","url":"https://twitter.com/mainframed767"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249310"},{"label":"Twitter (@HackedExistence)","type":"link","url":"https://twitter.com/HackedExistence"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249311"}],"end":"2024-08-11T01:00:00.000-0000","id":55976,"tag_ids":[46426,46439,46784],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-C","hotel":"","short_name":"HW4-02-02-C","id":46364},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The inaugural Pinball High Score contest at DEF CON will run Friday and Saturday: 10:00-18:00, Sunday 10:00-13:00 with games available for daily High Score contests, daily challenges and open qualifying for a main tournament. The daily contests will allow any attendee to play pinball games and attempt to record a qualifying high score on each of the unique games. At 18:00 on Saturday main tournament qualifying will end and the top 8 players with the highest combined scores across all eligible machines will qualify for the Sunday finals event where they could become the first DEF CON Pinball Champion!\r\n \r\nAchieving a high score may sound simple but pinball rulesets are very complex and the skill to complete a “Wizard Mode” or achieve a high score requires research, practice, knowledge and execution. Out of the box thinking, analytical skills and pattern recognition are traits that pinball players must exhibit to be successful and some games have rule sets that can be studied and exploited to achieve a high score. Hackers are at an advantage here and while this is just a pinball contest, I expect that the community is ready for this challenge.\r\n \r\nStern Pinball has prepared an exclusive DEF CON 32 digital badge that will be available for any attendee to earn for playing in this event. Additional DEF CON specific Insider Connect badges may be unlocked during game play.\r\n \r\nPinball developers have a long history of including Easter Eggs/COWS in games. Easter eggs “may” also be available for attendees to discover during the conference. Undocumented Easter eggs found by players during the event will be documented, verified and recognized.\n\n\n","media":[{"hash_sha256":"9f1e99841fcfbdb0775e2e05980c102dddd97013cf9cc0bfce930a55d91246ec","filetype":"image/png","hash_md5":"5b36f9ed87f65efbdf841e5c77a6041f","name":"ct_Pinball.png","is_logo":"Y","hash_crc32c":"cbbfc253","filesize":614281,"asset_id":664,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_Pinball.png"}],"title":"Pinball High Score Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The inaugural Pinball High Score contest at DEF CON will run Friday and Saturday: 10:00-18:00, Sunday 10:00-13:00 with games available for daily High Score contests, daily challenges and open qualifying for a main tournament. The daily contests will allow any attendee to play pinball games and attempt to record a qualifying high score on each of the unique games. At 18:00 on Saturday main tournament qualifying will end and the top 8 players with the highest combined scores across all eligible machines will qualify for the Sunday finals event where they could become the first DEF CON Pinball Champion!\r\n \r\nAchieving a high score may sound simple but pinball rulesets are very complex and the skill to complete a “Wizard Mode” or achieve a high score requires research, practice, knowledge and execution. Out of the box thinking, analytical skills and pattern recognition are traits that pinball players must exhibit to be successful and some games have rule sets that can be studied and exploited to achieve a high score. Hackers are at an advantage here and while this is just a pinball contest, I expect that the community is ready for this challenge.\r\n \r\nStern Pinball has prepared an exclusive DEF CON 32 digital badge that will be available for any attendee to earn for playing in this event. Additional DEF CON specific Insider Connect badges may be unlocked during game play.\r\n \r\nPinball developers have a long history of including Easter Eggs/COWS in games. Easter eggs “may” also be available for attendees to discover during the conference. Undocumented Easter eggs found by players during the event will be documented, verified and recognized.","updated_timestamp":{"seconds":1722307304,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:41:44Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249307"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249308"}],"end":"2024-08-11T01:00:00.000-0000","id":55973,"tag_ids":[46427,46439,46785],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-A","hotel":"","short_name":"HW4-02-01-A","id":46356},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:41:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There’s a new emerging tech in town, and it’s name is Quantum! Following the past two years of Quantum CTF events held at the Quantum Village, we are pleased, proud, and excited to announce that our Q-CTF is indeed returning as Codename; QOLOSSUS! Pit your wits against the Atom, and come and see what devilish challenges from our Quantum Quizmasters await. Come and show your quantum prowess, and mastery of superposition and entanglement - design algorithms to break cryptography, hack our simulated quantum communications, and score points in our IRL activities. |Good Luck!〉\n\n\n","media":[{"hash_sha256":"199f4b2ea70f9102e0afb69f5030e3ee8f63e989d287fb95999ae10866455522","filetype":"image/png","hash_md5":"9b669ac9bfd767cb8376444b58c08733","name":"ct_quantum.png","is_logo":"Y","hash_crc32c":"4d94b7ec","filesize":133235,"asset_id":665,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_quantum.png"}],"title":"QOLOSSUS","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"There’s a new emerging tech in town, and it’s name is Quantum! Following the past two years of Quantum CTF events held at the Quantum Village, we are pleased, proud, and excited to announce that our Q-CTF is indeed returning as Codename; QOLOSSUS! Pit your wits against the Atom, and come and see what devilish challenges from our Quantum Quizmasters await. Come and show your quantum prowess, and mastery of superposition and entanglement - design algorithms to break cryptography, hack our simulated quantum communications, and score points in our IRL activities. |Good Luck!〉","updated_timestamp":{"seconds":1722307112,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:38:32Z","links":[{"label":"Website","type":"link","url":"https://quantumvillage.org/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249316"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249303"}],"end":"2024-08-11T01:00:00.000-0000","id":55970,"tag_ids":[46426,46439,46786],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is going to be an interactive live game that is driven by a near future storyline in which deepfakes and forgeries are so difficult to detect that bad actors and foreign governments are fully engaged in a war over people's minds. At the same time, the world is sitting on the brink of the so-called \"singularity,\" as AI advancements have completely blurred the line between artificial and natural cognition, and the Turing test has been rendered decisively moot.\r\n\r\nTeams will join the game and follow the storyline to clues that will give them hints about who they can trust and who they can't. The clues will follow the pattern of deepfakes and forgeries, asking players to figure out what's real and what's not, focusing on hacker and defcon focus areas such as authentication, trust, social engineering, hardware and software manipulation and more. They will be given a rich story that will lead them to research the underlying issues in trust and anonymous trust systems. They will also encounter challenges and tutorials on video and image validation and cryptographically safe messaging.\n\n\n","media":[{"hash_sha256":"5623af21fb9072f5866b3488e326d3582c44c0756e9bbfa94eae7e26318a73eb","filetype":"image/png","hash_md5":"ebb531e8ad802f8d5fb24e19e23f46f4","name":"ct_reali7y-overrun.png","is_logo":"Y","hash_crc32c":"14fd2e42","filesize":577690,"asset_id":701,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_reali7y-overrun.png"}],"title":"REALI7Y OVERRUN","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"This is going to be an interactive live game that is driven by a near future storyline in which deepfakes and forgeries are so difficult to detect that bad actors and foreign governments are fully engaged in a war over people's minds. At the same time, the world is sitting on the brink of the so-called \"singularity,\" as AI advancements have completely blurred the line between artificial and natural cognition, and the Turing test has been rendered decisively moot.\r\n\r\nTeams will join the game and follow the storyline to clues that will give them hints about who they can trust and who they can't. The clues will follow the pattern of deepfakes and forgeries, asking players to figure out what's real and what's not, focusing on hacker and defcon focus areas such as authentication, trust, social engineering, hardware and software manipulation and more. They will be given a rich story that will lead them to research the underlying issues in trust and anonymous trust systems. They will also encounter challenges and tutorials on video and image validation and cryptographically safe messaging.","updated_timestamp":{"seconds":1722306602,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:30:02Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249299"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249298"}],"end":"2024-08-11T01:00:00.000-0000","id":55967,"tag_ids":[46426,46439,46787],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-E","hotel":"","short_name":"HW4-02-02-E","id":46366},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Red Alert ICS CTF is a competition for Hackers by Hackers, organized by the RedAlert Lab of NSHC Security. The event exclusively focuses on having the participants clear a series of challenges and break through several layers of security in our OT environment and eventually take over complete control of the ICS components.\r\n\r\nRed Alert ICS CTF is back with a ton of fun challenges after successfully running the CTF since DEF CON 26. Red Alert ICS CTF is proud to be among the Black Badge contests at DEF CON 31 and DEF CON 26.\r\n\r\nThe contest would house real world ICS (Industrial Control System) equipment from various vendors on showcasing different sectors of critical infrastructure. The participants would be able to view and engage with the devices in real time and understand how each of them control each of the aspects of the testbed and leverage this to compromise the devices.\r\n\r\nRed Alert ICS CTF at DEF CON 32 would also be offering players the unique opportunity to compromise the latest cyber ranges on Maritime Cyber Security.\n\n\n","media":[{"hash_sha256":"201a70cf75d615a3c181f84f46b40a9beef121ef55f3c3e4998383da2228c638","filetype":"image/png","hash_md5":"ef3ab1513d15d09e91e3dcaf6fb35b22","name":"ct_red-alert.png","is_logo":"Y","hash_crc32c":"f7736a86","filesize":69710,"asset_id":656,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_red-alert.png"}],"title":"Red Alert ICS CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Red Alert ICS CTF is a competition for Hackers by Hackers, organized by the RedAlert Lab of NSHC Security. The event exclusively focuses on having the participants clear a series of challenges and break through several layers of security in our OT environment and eventually take over complete control of the ICS components.\r\n\r\nRed Alert ICS CTF is back with a ton of fun challenges after successfully running the CTF since DEF CON 26. Red Alert ICS CTF is proud to be among the Black Badge contests at DEF CON 31 and DEF CON 26.\r\n\r\nThe contest would house real world ICS (Industrial Control System) equipment from various vendors on showcasing different sectors of critical infrastructure. The participants would be able to view and engage with the devices in real time and understand how each of them control each of the aspects of the testbed and leverage this to compromise the devices.\r\n\r\nRed Alert ICS CTF at DEF CON 32 would also be offering players the unique opportunity to compromise the latest cyber ranges on Maritime Cyber Security.","updated_timestamp":{"seconds":1722306363,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:26:03Z","links":[{"label":"Twitter (@icsctf)","type":"link","url":"https://twitter.com/icsctf"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249300"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249301"}],"end":"2024-08-11T00:00:00.000-0000","id":55965,"tag_ids":[46427,46439,46788],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-07","hotel":"","short_name":"HW4-03-07","id":46379},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Embark on a thrilling espionage adventure with spyVspy! This contest imagines a world of spy games where contestants employ basic hacking, cryptography, and rogue skills to solve puzzles and uncover hidden caches strategically scattered throughout DEF CON (and beyond).\r\n\r\nContestants will engage in a real-world treasure hunt, where the locations of hidden caches are revealed by solving the types of puzzles you'd expect to see at DEF CON. Traditional ciphers, lockpicking, OSINT, and very basic hacking/pentesting skills may be required.\r\n\r\nspyVspy is intended for players of all skill levels. Whether you're a seasoned double-agent or just learning to be a covert operative, you will be able to compete and have fun in this event. Whatever skills you think you're missing can probably be learned on-the-job anyway.\n\n\n","media":[{"hash_sha256":"b4d44cbd1ea93b8d4beb26fc184ef1b07c25bae5cb3591d5eb6ed2201bd9c641","filetype":"image/png","hash_md5":"218e2aaa3cbe5d809d9df6088aee84e6","name":"ct_spy-v-spy.png","is_logo":"Y","hash_crc32c":"d9229745","filesize":66941,"asset_id":659,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_spy-v-spy.png"}],"title":"spyVspy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Embark on a thrilling espionage adventure with spyVspy! This contest imagines a world of spy games where contestants employ basic hacking, cryptography, and rogue skills to solve puzzles and uncover hidden caches strategically scattered throughout DEF CON (and beyond).\r\n\r\nContestants will engage in a real-world treasure hunt, where the locations of hidden caches are revealed by solving the types of puzzles you'd expect to see at DEF CON. Traditional ciphers, lockpicking, OSINT, and very basic hacking/pentesting skills may be required.\r\n\r\nspyVspy is intended for players of all skill levels. Whether you're a seasoned double-agent or just learning to be a covert operative, you will be able to compete and have fun in this event. Whatever skills you think you're missing can probably be learned on-the-job anyway.","updated_timestamp":{"seconds":1722306255,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:24:15Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249293"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249292"},{"label":"More Info","type":"link","url":"https://www.fottr.io"}],"end":"2024-08-11T01:00:00.000-0000","id":55963,"tag_ids":[46427,46439,46790],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-G","hotel":"","short_name":"HW4-02-02-G","id":46368},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to protect your noggin from Taylor Swift's PsyOps plot for global domination? Have you angered our new AI Overlords, and now need to hide? Or do those alien mind control rays just have you feeling down lately? Fear not, for we here at the Tin Foil Hat Contest have your back for all of these! Come find us in the contest area, and we'll have you build a tin foil hat which is guaranteed to provide top quality protection for your cerebellum . How you ask? SCIENCE!\r\n\r\nShow us your skills by building a tin foil hat to shield your subversive thoughts, then test it out for effectiveness.\r\n\r\nThere are 2 categories: stock and unlimited. The hat in each category that causes the most signal attenuation will receive the \"Substance\" award for that category. We all know that hacker culture is all about looking good though, so a single winner will be selected for \"Style\". We provide all contestants a meter of foil, but you're welcome to acquire and use as much as you want from other sources.\n\n\n","media":[{"hash_sha256":"42c96b1d2d57e4404b3a35c61c6906b58924587cd2dbbb939a132aceb42ee2f9","filetype":"image/png","hash_md5":"5a06d9fefa99c82c9e62b9913a487e95","name":"ct_tinfoilhat.png","is_logo":"Y","hash_crc32c":"b23075e1","filesize":167200,"asset_id":693,"sort_order":2,"url":"https://info.defcon.org/blobs/ct_tinfoilhat.png"}],"title":"Tinfoil Hat Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Want to protect your noggin from Taylor Swift's PsyOps plot for global domination? Have you angered our new AI Overlords, and now need to hide? Or do those alien mind control rays just have you feeling down lately? Fear not, for we here at the Tin Foil Hat Contest have your back for all of these! Come find us in the contest area, and we'll have you build a tin foil hat which is guaranteed to provide top quality protection for your cerebellum . How you ask? SCIENCE!\r\n\r\nShow us your skills by building a tin foil hat to shield your subversive thoughts, then test it out for effectiveness.\r\n\r\nThere are 2 categories: stock and unlimited. The hat in each category that causes the most signal attenuation will receive the \"Substance\" award for that category. We all know that hacker culture is all about looking good though, so a single winner will be selected for \"Style\". We provide all contestants a meter of foil, but you're welcome to acquire and use as much as you want from other sources.","updated_timestamp":{"seconds":1722305549,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:12:29Z","links":[{"label":"Twitter (@DC_Tin_Foil_Hat)","type":"link","url":"https://twitter.com/DC_Tin_Foil_Hat"},{"label":"More Info","type":"link","url":"https://www.psychoholics.org/tfh"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249286"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249287"}],"end":"2024-08-11T00:00:00.000-0000","id":55960,"tag_ids":[46427,46439,46791],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-D","hotel":"","short_name":"HW4-01-04-D","id":46279},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Travel the seven seas to the seven wonders across time to test your skills across both old and new worlds. Every journey's end yields its own reward, but there is only one who can claim to be the first to the summit. Bring your entire tech arsenal or just a phone. Start at the broken compass and push forward into the known to seek the unknown. Wonders, plunder, and glory to those who test the waters and themselves.\n\n\n","media":[{"hash_sha256":"c00793a49e66e3875320bb6aa8a333a128342b9aff35ce0f359a692aa3adfcef","filetype":"image/png","hash_md5":"a764d88ab305ab55ecd270635fc1d6e7","name":"ct_venator-aurum.png","is_logo":"Y","hash_crc32c":"f705c79f","filesize":162235,"asset_id":661,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_venator-aurum.png"}],"title":"venator aurum - A Treasure Hunt","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Travel the seven seas to the seven wonders across time to test your skills across both old and new worlds. Every journey's end yields its own reward, but there is only one who can claim to be the first to the summit. Bring your entire tech arsenal or just a phone. Start at the broken compass and push forward into the known to seek the unknown. Wonders, plunder, and glory to those who test the waters and themselves.","updated_timestamp":{"seconds":1722305020,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:03:40Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249282"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249283"},{"label":"More Info","type":"link","url":"https://venatoraurum.org"}],"end":"2024-08-11T01:00:00.000-0000","id":55956,"tag_ids":[46427,46439,46792],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:03:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Red Team Capture the Flag (CTF) competition is back at DEFCON! It is a challenging and exciting event that tests the skills of participants in offensive security.\r\n\r\nThe Red Team CTF is designed to simulate real-world challenges in which attackers are put to the test. Participants are expected to use a wide range of hacking techniques, tools, and skills to identify and exploit vulnerabilities.\r\n\r\nTeams are typically composed of experienced hackers, penetration testers, and security researchers who have a deep understanding of the latest cybersecurity threats and attack techniques. They must work together to uncover and exploit vulnerabilities and solve challenges.\r\n\r\nThe Red Team CTF at DEFCON is considered one of the most challenging and prestigious CTF competitions in the world, with participants coming from all over the globe to compete. It is a high-pressure, high-stakes event that tests the limits of participants' technical and strategic abilities, and offers a unique opportunity to showcase their skills and knowledge in front of a global audience of Hackers.\n\n\n","media":[{"hash_sha256":"2bf4c805c5199cf58ff7b99c52832fc1bf226ca9687e583667a7725b361d989e","filetype":"image/png","hash_md5":"61c3a856daea14c6fd3d7d213a8048f9","name":"v_redteam2024.png","is_logo":"Y","hash_crc32c":"f14aab22","filesize":209749,"asset_id":719,"sort_order":1,"url":"https://info.defcon.org/blobs/v_redteam2024.png"}],"title":"Red Team Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"The Red Team Capture the Flag (CTF) competition is back at DEFCON! It is a challenging and exciting event that tests the skills of participants in offensive security.\r\n\r\nThe Red Team CTF is designed to simulate real-world challenges in which attackers are put to the test. Participants are expected to use a wide range of hacking techniques, tools, and skills to identify and exploit vulnerabilities.\r\n\r\nTeams are typically composed of experienced hackers, penetration testers, and security researchers who have a deep understanding of the latest cybersecurity threats and attack techniques. They must work together to uncover and exploit vulnerabilities and solve challenges.\r\n\r\nThe Red Team CTF at DEFCON is considered one of the most challenging and prestigious CTF competitions in the world, with participants coming from all over the globe to compete. It is a high-pressure, high-stakes event that tests the limits of participants' technical and strategic abilities, and offers a unique opportunity to showcase their skills and knowledge in front of a global audience of Hackers.","updated_timestamp":{"seconds":1722304921,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:02:01Z","links":[{"label":"Sub-Forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250035"}],"end":"2024-08-11T00:00:00.000-0000","id":55953,"tag_ids":[46392,46427,46439,46789],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-05-C","hotel":"","short_name":"HW4-01-05-C","id":46353},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In-Person Contest\r\nFriday and Saturday: 10:00-18:00; Sunday: 10:00-12:00\r\n\r\nThe Return of ? Cube \r\n\r\n? Cube returns, weaving a tale that transcends the ordinary. This year, engagement is not just a theme—it's a journey through the multidimensional realms of hacking. Progressive Puzzles: Unlock the secrets of each compartment as you journey through progressively harder puzzles. From the Front's gentle introduction to the Top's formidable challenges, the Cube invites you to engage with the spectrum of cybersecurity domains. Physical Entry Unleashed: In a bold evolution, physical entry becomes a key component. Navigate the tangible aspects of physical entry, decoding not only in the digital realm but also as you immerse yourself physically in the enigmatic sides of ? Cube. Cryptic Narratives: As each compartment unfolds, the narrative of engagement takes shape. The puzzles, touching on encryption, penetration testing, and beyond. Silent Intricacies: Engage not only with the puzzles but also with the silent intricacies woven into the physical challenges. Decrypt messages, decipher patterns, and embrace the essence of Defcon as you navigate the unseen and the tangible. Embark on the Engage Journey: ? Cube calls upon the curious and the bold. Embark on a journey where the puzzles transcend the digital divide, demanding both mental acuity and physical prowess. H4QEG5LCMUQEAICEMVTGG33OEAZTEICSMVQWI6JAORXSAZLOM5QWOZJ7\n\n\n","media":[{"hash_sha256":"d0e2dbb822f2d701836ee0e14952d5df4b6d830bfa606ab2b50a5a1edab2dabd","filetype":"image/png","hash_md5":"c33dfe5aaced7041c948e7b2e45ba78f","name":"ct_0x3f-cube.png","is_logo":"Y","hash_crc32c":"6b1ba7fa","filesize":272722,"asset_id":622,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_0x3f-cube.png"}],"title":"? Cube","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"In-Person Contest\r\nFriday and Saturday: 10:00-18:00; Sunday: 10:00-12:00\r\n\r\nThe Return of ? Cube \r\n\r\n? Cube returns, weaving a tale that transcends the ordinary. This year, engagement is not just a theme—it's a journey through the multidimensional realms of hacking. Progressive Puzzles: Unlock the secrets of each compartment as you journey through progressively harder puzzles. From the Front's gentle introduction to the Top's formidable challenges, the Cube invites you to engage with the spectrum of cybersecurity domains. Physical Entry Unleashed: In a bold evolution, physical entry becomes a key component. Navigate the tangible aspects of physical entry, decoding not only in the digital realm but also as you immerse yourself physically in the enigmatic sides of ? Cube. Cryptic Narratives: As each compartment unfolds, the narrative of engagement takes shape. The puzzles, touching on encryption, penetration testing, and beyond. Silent Intricacies: Engage not only with the puzzles but also with the silent intricacies woven into the physical challenges. Decrypt messages, decipher patterns, and embrace the essence of Defcon as you navigate the unseen and the tangible. Embark on the Engage Journey: ? Cube calls upon the curious and the bold. Embark on a journey where the puzzles transcend the digital divide, demanding both mental acuity and physical prowess. H4QEG5LCMUQEAICEMVTGG33OEAZTEICSMVQWI6JAORXSAZLOM5QWOZJ7","updated_timestamp":{"seconds":1722304182,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T01:49:42Z","links":[{"label":"More Info","type":"link","url":"https://0x3fcube.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249434"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249433"}],"end":"2024-08-11T01:00:00.000-0000","id":55950,"tag_ids":[46427,46439,46749],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02","hotel":"","short_name":"HW4-02-02","id":46361},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T01:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AND!XOR creates electronic badges filled with hacker challenges. We love doing this, especially coming up with unique ways for hackers to earn them. Introducing the newest member of our hacker-fam: 5N4CK3Y (Snackey). 5N4CK3Y is a vending machine hardware hacking project from AND!XOR. We retrofitted it into an IoT CTF based badge dispensing machine, bling and all. Find a flag on our web hosted CTF platform, you get a 5N4CK3Y dispense code, punch it in, and a badge is vended to you! There are a variety of challenges to earn a badge as well others to continue working on the badge itself once obtained. These span from hardware hacking, reverse engineering, OSINT, network security, and cryptography to name a few. There's a little bit of everything, so it's a perfect way to learn something at one of the many DEF CON villages and talking with people you meet, then attempt one of the CTF challenges to dispense a badge. Hardware hacking is our passion and we want people to learn on badges, but more importantly that there's a lot to learn at DEF CON so our CTF will hopefully serve a desire to learn something new and meet new friends while trying to earn a badge and hack it further.\n\n\n","media":[{"hash_sha256":"8ac69ab38e4119808de39c34aef0629a1bcfb5eb60ab6d7d351a3e37b5533f13","filetype":"image/png","hash_md5":"689e0fcdb0dd612c191cd25482435f76","name":"ct_5n4ck3y.png","is_logo":"Y","hash_crc32c":"dc7e4cd6","filesize":6283,"asset_id":621,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_5n4ck3y.png"}],"title":"5N4CK3Y Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"AND!XOR creates electronic badges filled with hacker challenges. We love doing this, especially coming up with unique ways for hackers to earn them. Introducing the newest member of our hacker-fam: 5N4CK3Y (Snackey). 5N4CK3Y is a vending machine hardware hacking project from AND!XOR. We retrofitted it into an IoT CTF based badge dispensing machine, bling and all. Find a flag on our web hosted CTF platform, you get a 5N4CK3Y dispense code, punch it in, and a badge is vended to you! There are a variety of challenges to earn a badge as well others to continue working on the badge itself once obtained. These span from hardware hacking, reverse engineering, OSINT, network security, and cryptography to name a few. There's a little bit of everything, so it's a perfect way to learn something at one of the many DEF CON villages and talking with people you meet, then attempt one of the CTF challenges to dispense a badge. Hardware hacking is our passion and we want people to learn on badges, but more importantly that there's a lot to learn at DEF CON so our CTF will hopefully serve a desire to learn something new and meet new friends while trying to earn a badge and hack it further.","updated_timestamp":{"seconds":1722304084,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T01:48:04Z","links":[{"label":"Twitter (@ANDnXOR)","type":"link","url":"https://twitter.com/ANDnXOR"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249432"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249431"}],"end":"2024-08-11T01:00:00.000-0000","id":55947,"tag_ids":[46427,46439,46748],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-B","hotel":"","short_name":"HW4-02-01-B","id":46357},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Car Hacking Village CTF is a fun interactive challenge which gives contestants first hand experience to interact with automotive technologies. We work with multiple automotive OEMs and suppliers to ensure our challenges give a real-world experience to car hacking. We understand hacking cars can be expensive, so please come check out our village and flex your skills in hacking automotive technologies.\r\n\r\nWith the largest collection of hackers in one area, there's no better way to understand the security state of an industry without bringing it to security professionals to break. Over the past 10 years, the Car Hacking Village has been the focal point of interest for new hackers entering the automotive industry to learn, be a part of and actually test out automotive technologies. We plan to use this event to keep drawing attention to the automotive security industry through hands-on challenges.\n\n\n","media":[{"hash_sha256":"e781ae0757165e1901f38152e551557644051f49e9b80b6665d211c8d0436358","filetype":"image/png","hash_md5":"e839c04dbe99f926b0ae9ee3ee703da3","name":"ct_car-hacking.png","is_logo":"Y","hash_crc32c":"fbca36e3","filesize":111066,"asset_id":629,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_car-hacking.png"}],"title":"Car Hacking Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The Car Hacking Village CTF is a fun interactive challenge which gives contestants first hand experience to interact with automotive technologies. We work with multiple automotive OEMs and suppliers to ensure our challenges give a real-world experience to car hacking. We understand hacking cars can be expensive, so please come check out our village and flex your skills in hacking automotive technologies.\r\n\r\nWith the largest collection of hackers in one area, there's no better way to understand the security state of an industry without bringing it to security professionals to break. Over the past 10 years, the Car Hacking Village has been the focal point of interest for new hackers entering the automotive industry to learn, be a part of and actually test out automotive technologies. We plan to use this event to keep drawing attention to the automotive security industry through hands-on challenges.","updated_timestamp":{"seconds":1722273461,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-29T17:17:41Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249399"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249398"},{"label":"Twitter (@CarHackVillage)","type":"link","url":"https://twitter.com/CarHackVillage"},{"label":"More Info","type":"link","url":"https://www.carhackingvillage.com/"}],"end":"2024-08-11T01:00:00.000-0000","id":55944,"tag_ids":[46375,46427,46439,46747],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-01","hotel":"","short_name":"HW4-01-01","id":46273},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-29T17:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"## CHV 101\r\n\r\nThis booth will have several reverse engineer demonstrations and an automotive threat intelligence review. \r\n\r\n- Reverse Engineering Demonstration(s)\r\n- Live vehicle communications via remote controls\r\n- EV-based Hardware-in-the-Loop (HIL) demonstrations\r\n- Automotive Threat Intelligence\r\n- How to gather threat intelligence related to the automotive industry\r\n- What the current threat landscape looks like today\r\n\r\n## CHV CTF\r\n\r\nThere will be 10-15 automotive security CTF challenges this year ranging from reverse engineering, telemetry, grand theft auto, crypto, vehicle networks, and exploitation. \r\n\r\n1st place prize is a car!\r\n\r\n## CHV Kids\r\n\r\nA fun scavenger hunt designed for DCNextGen kids to participate in and learn about the Car Hacking Village. \r\n\r\nThere will be swag items handed out to the kids as they move through the scavenger hunt. \r\n\r\n## CHV Mechanics\r\n\r\nThere will be 1 Semi-Truck and 2 Electric Vehicles on site for people to plug into. \r\n\r\nDEFCON attendees must follow the rules for each of the vehicles. There will be large ORANGE signs with the rules detailed on them.\n\n\n","media":[{"hash_sha256":"ccde738b12c7c58aff986949ac20eaf7066dfb8d710349a422699273aa0579a1","filetype":"image/png","hash_md5":"fc0eba7a6d691cdd9aa385cd0bb1eece","name":"v_CarHacking.png","is_logo":"Y","hash_crc32c":"d845a1a6","filesize":249973,"asset_id":601,"sort_order":0,"url":"https://info.defcon.org/blobs/v_CarHacking.png"}],"title":"Car Hacking Village Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"## CHV 101\r\n\r\nThis booth will have several reverse engineer demonstrations and an automotive threat intelligence review. \r\n\r\n- Reverse Engineering Demonstration(s)\r\n- Live vehicle communications via remote controls\r\n- EV-based Hardware-in-the-Loop (HIL) demonstrations\r\n- Automotive Threat Intelligence\r\n- How to gather threat intelligence related to the automotive industry\r\n- What the current threat landscape looks like today\r\n\r\n## CHV CTF\r\n\r\nThere will be 10-15 automotive security CTF challenges this year ranging from reverse engineering, telemetry, grand theft auto, crypto, vehicle networks, and exploitation. \r\n\r\n1st place prize is a car!\r\n\r\n## CHV Kids\r\n\r\nA fun scavenger hunt designed for DCNextGen kids to participate in and learn about the Car Hacking Village. \r\n\r\nThere will be swag items handed out to the kids as they move through the scavenger hunt. \r\n\r\n## CHV Mechanics\r\n\r\nThere will be 1 Semi-Truck and 2 Electric Vehicles on site for people to plug into. \r\n\r\nDEFCON attendees must follow the rules for each of the vehicles. There will be large ORANGE signs with the rules detailed on them.","updated_timestamp":{"seconds":1722273345,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-29T17:15:45Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55941,"tag_ids":[46375,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-01","hotel":"","short_name":"HW4-01-01","id":46273},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-29T17:15:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A scenario-driven Capture the Flag contest, pits teams of participants against adversaries and a clock, to protect human life and public safety. Participants compete against each other on both real and simulated medical devices, integrated into the fully immersive Biohacking Village: Device Lab, laid out as a working hospital. \r\n\r\nChallenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with protocols like DICOM, HL7 and FHIR.\r\n\r\n# 2024 Capture the Flag Challenge\r\n\r\nWelcome, elite hackers and cyber sleuths, to a CTF experience like no other - the \"Code D.A.R.K. : Biohacking Village CTF Challenge\".\r\n \r\nMerge the worlds of biology and cybersecurity in an adrenaline-pumping contest that tests your skills in ways you've never imagined. Thrilling and challenging cybersecurity adventure centered around a hospital setting as a scenario where participants engage in a race against time to secure or retrieve critical medical data, navigating through various cybersecurity puzzles and challenges, where participants act as guardians of critical biological data. \r\n\r\nUnravel Biological Mysteries: Dive into a narrative where biotechnology meets cyber-warfare. Decode genetic puzzles, breach virtual lab networks, and outsmart bioinformatics security systems.\r\n\r\nElevate Your Hacking Game: Challenge yourself with unique biocybersecurity scenarios. This isn't your typical CTF - it's a fusion of biotech intrigue and hardcore hacking.\r\n\r\nCompete and Collaborate: Team up with fellow biohackers and cyber warriors. Share knowledge, strategize, and show off your skills in a community where biology and bits intersect.\r\n\r\nGear Up for a Cyber-Biotech Showdown\r\n\r\nImmersive Scenarios: Each challenge is a step into a world where safeguarding biological data is as critical as securing digital assets.\r\n\r\nSkill Diversity: Whether you're a veteran hacker or a biotech enthusiast, Code D.A.R.K. offers a range of puzzles that cater to a wide array of skills and interests.\r\n\r\n - OT/IT\r\n - Medical devices\r\n - Hospital infrastructure\r\n - Regulatory and international affairs\r\n - Robotics\r\n - Data\r\n - **Mark your calendars** and set your alarms because the action kicks off on Friday, August 9th at 1000 PDT.\r\n - **Play from anywhere in the world!** CTF open hours are as follows: \r\n - Friday, August 9th from 10am PST - 6pm PDT\r\n - Saturday, August 10th from 10am PST - 6pm PDT\r\n - Sunday, August 11th from 10am PST - 12pm PDT\r\n\r\n# RULES\r\n\r\n## REGISTRATION\r\n\r\nParticipants may only register once for this challenge. If participants register for this challenge more than once, the whole teams with a participant that registered multiple times will be disqualified.\r\n\r\nBy registering, participants agree that their accounts may be rejected or terminated and all submissions by them and/or their Team may be disqualified if any of the information in their account is incorrect.\r\n\r\nParticipants must agree to and abide by the [Code of Conduct](https://www.villageb.io/code-of-conduct) while participating in the Biohacking Village Capture the Flag. Anyone who will conduct themselves against the CoC will be eliminated from competition and banned forever.\r\n\r\n## TEAMS\r\n\r\nAfter participants register individually, they may work alone (team of one) or on one team with other challenge participants. To work on a team, they may either create a new team or join one that is pre-existing ( if a participant wishes to join a team or offer others to join, they can do so in the #ctf-st-elvis-teambuilding Discord Channel)\r\n\r\nThe maximum number of team members is five (5).\r\n\r\nAll teams must designate a Team Captain. A Team Captain serves as the official contact person for a team: this person should provide accurate and complete contact information to ensure that CTF organizers can reach their team if needed.\r\n\r\nEach member of the team must be a registered participant in the CTF.\r\n\r\nIf participants choose to join a team, then they may not simultaneously participate as an individual or another team. \r\n\r\n## CHALLENGE SUBMISSIONS\r\n\r\nAll submissions must be received during the Challenge period. Submissions posted after the posted time frame will be disqualified.\r\n\r\nParticipants may get an answer but it will forfeit their points for that challenge. Even if the flag they tried before was similar. The decision to get the answer is final for zero points.\r\n\r\n## CHALLENGE SCORING\r\n\r\nEach submission has set value known beforehand in the challenge description\r\n\r\nThe winning teams will be decided based on the number of the accumulated points during the CTF timeframe. In case two teams accumulate the same amount of points, the team that reached the amount of points in question faster will be the winner.\r\n\r\n## CHALLENGE DISQUALIFICATION\r\n\r\nWhole team gets disqualified if any of the following applies:\r\n\r\n - One or multiple team members have registered more than once\r\n - One or multiple team members will not follow [Code of Conduct](https://www.villageb.io/code-of-conduct) (applies to any of the Biohacking village platforms or social media)\r\n - Any offensive behaviour such as attacking the Biohacking Village infrastructure, denial of service, or escaping the boundaries set by the CTF or Device Lab environment\r\n\r\n## PRIVACY\r\n\r\nUnless stated otherwise on the mainsite, we do not share any information about participants with anyone. Some events or conferences might have/require other rules, in that case it will be noted on the CTFd site.\n\n\n","media":[{"hash_sha256":"b29c833000316f6b3af2c5cc50e33ccb1756f89fb27d54aba3d5a961337c91de","filetype":"image/png","hash_md5":"8209d940757db7a341e0db2b17618f70","name":"ct_bhv-ctf.png","is_logo":"Y","hash_crc32c":"2c477ed5","filesize":54217,"asset_id":627,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_bhv-ctf.png"}],"title":"Biohacking Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"A scenario-driven Capture the Flag contest, pits teams of participants against adversaries and a clock, to protect human life and public safety. Participants compete against each other on both real and simulated medical devices, integrated into the fully immersive Biohacking Village: Device Lab, laid out as a working hospital. \r\n\r\nChallenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with protocols like DICOM, HL7 and FHIR.\r\n\r\n# 2024 Capture the Flag Challenge\r\n\r\nWelcome, elite hackers and cyber sleuths, to a CTF experience like no other - the \"Code D.A.R.K. : Biohacking Village CTF Challenge\".\r\n \r\nMerge the worlds of biology and cybersecurity in an adrenaline-pumping contest that tests your skills in ways you've never imagined. Thrilling and challenging cybersecurity adventure centered around a hospital setting as a scenario where participants engage in a race against time to secure or retrieve critical medical data, navigating through various cybersecurity puzzles and challenges, where participants act as guardians of critical biological data. \r\n\r\nUnravel Biological Mysteries: Dive into a narrative where biotechnology meets cyber-warfare. Decode genetic puzzles, breach virtual lab networks, and outsmart bioinformatics security systems.\r\n\r\nElevate Your Hacking Game: Challenge yourself with unique biocybersecurity scenarios. This isn't your typical CTF - it's a fusion of biotech intrigue and hardcore hacking.\r\n\r\nCompete and Collaborate: Team up with fellow biohackers and cyber warriors. Share knowledge, strategize, and show off your skills in a community where biology and bits intersect.\r\n\r\nGear Up for a Cyber-Biotech Showdown\r\n\r\nImmersive Scenarios: Each challenge is a step into a world where safeguarding biological data is as critical as securing digital assets.\r\n\r\nSkill Diversity: Whether you're a veteran hacker or a biotech enthusiast, Code D.A.R.K. offers a range of puzzles that cater to a wide array of skills and interests.\r\n\r\n - OT/IT\r\n - Medical devices\r\n - Hospital infrastructure\r\n - Regulatory and international affairs\r\n - Robotics\r\n - Data\r\n - **Mark your calendars** and set your alarms because the action kicks off on Friday, August 9th at 1000 PDT.\r\n - **Play from anywhere in the world!** CTF open hours are as follows: \r\n - Friday, August 9th from 10am PST - 6pm PDT\r\n - Saturday, August 10th from 10am PST - 6pm PDT\r\n - Sunday, August 11th from 10am PST - 12pm PDT\r\n\r\n# RULES\r\n\r\n## REGISTRATION\r\n\r\nParticipants may only register once for this challenge. If participants register for this challenge more than once, the whole teams with a participant that registered multiple times will be disqualified.\r\n\r\nBy registering, participants agree that their accounts may be rejected or terminated and all submissions by them and/or their Team may be disqualified if any of the information in their account is incorrect.\r\n\r\nParticipants must agree to and abide by the [Code of Conduct](https://www.villageb.io/code-of-conduct) while participating in the Biohacking Village Capture the Flag. Anyone who will conduct themselves against the CoC will be eliminated from competition and banned forever.\r\n\r\n## TEAMS\r\n\r\nAfter participants register individually, they may work alone (team of one) or on one team with other challenge participants. To work on a team, they may either create a new team or join one that is pre-existing ( if a participant wishes to join a team or offer others to join, they can do so in the #ctf-st-elvis-teambuilding Discord Channel)\r\n\r\nThe maximum number of team members is five (5).\r\n\r\nAll teams must designate a Team Captain. A Team Captain serves as the official contact person for a team: this person should provide accurate and complete contact information to ensure that CTF organizers can reach their team if needed.\r\n\r\nEach member of the team must be a registered participant in the CTF.\r\n\r\nIf participants choose to join a team, then they may not simultaneously participate as an individual or another team. \r\n\r\n## CHALLENGE SUBMISSIONS\r\n\r\nAll submissions must be received during the Challenge period. Submissions posted after the posted time frame will be disqualified.\r\n\r\nParticipants may get an answer but it will forfeit their points for that challenge. Even if the flag they tried before was similar. The decision to get the answer is final for zero points.\r\n\r\n## CHALLENGE SCORING\r\n\r\nEach submission has set value known beforehand in the challenge description\r\n\r\nThe winning teams will be decided based on the number of the accumulated points during the CTF timeframe. In case two teams accumulate the same amount of points, the team that reached the amount of points in question faster will be the winner.\r\n\r\n## CHALLENGE DISQUALIFICATION\r\n\r\nWhole team gets disqualified if any of the following applies:\r\n\r\n - One or multiple team members have registered more than once\r\n - One or multiple team members will not follow [Code of Conduct](https://www.villageb.io/code-of-conduct) (applies to any of the Biohacking village platforms or social media)\r\n - Any offensive behaviour such as attacking the Biohacking Village infrastructure, denial of service, or escaping the boundaries set by the CTF or Device Lab environment\r\n\r\n## PRIVACY\r\n\r\nUnless stated otherwise on the mainsite, we do not share any information about participants with anyone. Some events or conferences might have/require other rules, in that case it will be noted on the CTFd site.","updated_timestamp":{"seconds":1722215343,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-29T01:09:03Z","links":[{"label":"More Info","type":"link","url":"https://www.villageb.io/capture-the-flag"}],"end":"2024-08-11T01:00:00.000-0000","id":55938,"tag_ids":[46371,46427,46439,46746],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-07","hotel":"","short_name":"HW3-05-07","id":46269},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-29T01:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Device Lab is highly-collaborative environment where security researchers test medical instruments, applications, and devices in real-time from participating Medical Device Manufacturers. Any potential issues are reported directly to the manufacturer, and coordinated vulnerability disclosures are produced.\r\n\r\nAs part of their product security programs, their proactive initiatives to test their products, and to enhance the cybersecurity of their medical technologies, select medical device makers are teaming up with the Biohacking Village.\r\n\r\nThese manufacturers are inviting security researchers to learn and to test their products in dedicated spaces set aside for them. Their staff will answer questions, educate researchers, and triage any potential security issues. Researchers who perform testing should expect to follow the manufacturers’ published coordinated vulnerability disclosure policy and report any potential issues found so they can be addressed. Security researchers must sign the Hippocratic Oath for Hackers and agree to the framework of boundaries and rules of engagement during and post conference engagement.\r\n\r\nWe have 10 manufacturers with 21 devices. You can find more information about the devices and each manufacturer's Vulnerability Disclosure Policy [here](https://www.villageb.io/device-lab).\n\n\n","media":[{"hash_sha256":"b57047f46800afe2ff021580e4f9e39ea7252a7f51b0f0fb3ba1a9f748a50de9","filetype":"image/png","hash_md5":"aa9ea400be95b7313ae2d044541cb9b4","name":"v_biohacking_village.png","is_logo":"Y","hash_crc32c":"83f838d1","filesize":47901,"asset_id":581,"sort_order":0,"url":"https://info.defcon.org/blobs/v_biohacking_village.png"}],"title":"Biohacking Village: Device Lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The Device Lab is highly-collaborative environment where security researchers test medical instruments, applications, and devices in real-time from participating Medical Device Manufacturers. Any potential issues are reported directly to the manufacturer, and coordinated vulnerability disclosures are produced.\r\n\r\nAs part of their product security programs, their proactive initiatives to test their products, and to enhance the cybersecurity of their medical technologies, select medical device makers are teaming up with the Biohacking Village.\r\n\r\nThese manufacturers are inviting security researchers to learn and to test their products in dedicated spaces set aside for them. Their staff will answer questions, educate researchers, and triage any potential security issues. Researchers who perform testing should expect to follow the manufacturers’ published coordinated vulnerability disclosure policy and report any potential issues found so they can be addressed. Security researchers must sign the Hippocratic Oath for Hackers and agree to the framework of boundaries and rules of engagement during and post conference engagement.\r\n\r\nWe have 10 manufacturers with 21 devices. You can find more information about the devices and each manufacturer's Vulnerability Disclosure Policy [here](https://www.villageb.io/device-lab).","updated_timestamp":{"seconds":1722214645,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-29T00:57:25Z","links":[{"label":"More Info","type":"link","url":"https://www.villageb.io/device-lab"},{"label":"Hippocractic Oath for Hackers","type":"link","url":"https://www.villageb.io/hippocractic-oath"}],"end":"2024-08-11T01:00:00.000-0000","id":55936,"tag_ids":[46371,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-07","hotel":"","short_name":"HW3-05-07","id":46269},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-29T00:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"When discussing the various cloud providers within the last decade, Google Cloud Platform (GCP) is often seen as the smaller provider following AWS and Azure with regards to market share. While GCP might appear smaller than its rival cloud providers, it still is very much in use today, and with this use comes the opportunities for developing pentesting tools. As I've been learning GCP over the last year, I have been making a framework in python (much like Pacu for AWS) specifically for GCP. This includes enumeration modules for some of the core services (Cloud Storage, Cloud Functions, Cloud Compute, IAM) along with the incorporation of numerous exploit modules, many of them rooted in Rhino Security's currently public GCP exploit repository (https://github.com/RhinoSecurityLabs/GCP-IAM-Privilege-Escalation/tree/master). In addition, the framework is built such that it should be easy for a first-time GCP user or beginner to code and develop modules that focus on purely navigating individual resources and easily drop those into the framework. The overall goal is to make an up-to-date, maintained enumeration and exploit toolset for GCP pentesters/red teams/researchers alike that reduces the barrier of entry for learning GCP by allowing average users to make their own modules that easily incorporate with the overall framework.\n\n\n","media":[],"title":"GCPwn: A Pentester's GCP Tool","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:30:00Z","end_timestamp":{"seconds":1723311000,"nanoseconds":0},"android_description":"When discussing the various cloud providers within the last decade, Google Cloud Platform (GCP) is often seen as the smaller provider following AWS and Azure with regards to market share. While GCP might appear smaller than its rival cloud providers, it still is very much in use today, and with this use comes the opportunities for developing pentesting tools. As I've been learning GCP over the last year, I have been making a framework in python (much like Pacu for AWS) specifically for GCP. This includes enumeration modules for some of the core services (Cloud Storage, Cloud Functions, Cloud Compute, IAM) along with the incorporation of numerous exploit modules, many of them rooted in Rhino Security's currently public GCP exploit repository (https://github.com/RhinoSecurityLabs/GCP-IAM-Privilege-Escalation/tree/master). In addition, the framework is built such that it should be easy for a first-time GCP user or beginner to code and develop modules that focus on purely navigating individual resources and easily drop those into the framework. The overall goal is to make an up-to-date, maintained enumeration and exploit toolset for GCP pentesters/red teams/researchers alike that reduces the barrier of entry for learning GCP by allowing average users to make their own modules that easily incorporate with the overall framework.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55488],"conference_id":133,"event_ids":[55917],"name":"Scott Weston","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"WebbinRoot","sort_order":0,"url":"https://WebbinRoot"}],"media":[],"id":56019}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-10T17:30:00.000-0000","id":55917,"tag_ids":[46169,46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":56019}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Chill out space to relax with us in a safe place. Grab a non-alcoholic drink, unleash your creativity and unwind with our art therapy, and connect with women and underrepresented communities working in security and privacy.\n\n\n","media":[],"title":"WISP Community & Inclusion Room","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Chill out space to relax with us in a safe place. Grab a non-alcoholic drink, unleash your creativity and unwind with our art therapy, and connect with women and underrepresented communities working in security and privacy.","updated_timestamp":{"seconds":1722206838,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T22:47:18Z","links":[{"label":"Website","type":"link","url":"https://www.wisporg.com/"}],"end":"2024-08-11T01:00:00.000-0000","id":55899,"tag_ids":[46410,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-04","hotel":"","short_name":"HW3-05-04","id":46266},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-28T22:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This contest is simple, and is designed to teach you the basics of transmitter direction finding and “fox hunting”. We offer multiple levels of difficulty – whether you’ve never done a fox hunt before or are a seasoned pro, you can participate in the hunt! Learning how to locate the source of radio signals is an important tool you can add to your hacker arsenal. Whether you’re hunting for a source of interference, a rogue wireless AP, or tracking down the FCC’s monitoring vans, the real-world skills you will gain from this contest will be invaluable.\r\n\r\nTo participate in the beginner IR foxhunt you will need a device that can receive IR light in the 900nm range – such as many cell phones and digital cameras!\r\n\r\nTo participate in the RF foxhunt(s) you will need a radio or a scanner that can receive signals in the 2m and/or 70cm Amateur Radio Bands (144.000 MHz - 146.000 MHz, 420.000 MHZ - 450.000 MHz)\n\n\n","media":[{"hash_sha256":"eaa2e18ed376870b0b3ebb931ebea74844c1032d6e048968b87b07d86e184b3a","filetype":"image/png","hash_md5":"0f6296e86e5676264624f7692fbe4ca2","name":"ct_ham-fox-hunt.png","is_logo":"Y","hash_crc32c":"c9eab3b2","filesize":83132,"asset_id":646,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_ham-fox-hunt.png"}],"title":"Ham Radio Fox Hunt","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"This contest is simple, and is designed to teach you the basics of transmitter direction finding and “fox hunting”. We offer multiple levels of difficulty – whether you’ve never done a fox hunt before or are a seasoned pro, you can participate in the hunt! Learning how to locate the source of radio signals is an important tool you can add to your hacker arsenal. Whether you’re hunting for a source of interference, a rogue wireless AP, or tracking down the FCC’s monitoring vans, the real-world skills you will gain from this contest will be invaluable.\r\n\r\nTo participate in the beginner IR foxhunt you will need a device that can receive IR light in the 900nm range – such as many cell phones and digital cameras!\r\n\r\nTo participate in the RF foxhunt(s) you will need a radio or a scanner that can receive signals in the 2m and/or 70cm Amateur Radio Bands (144.000 MHz - 146.000 MHz, 420.000 MHZ - 450.000 MHz)","updated_timestamp":{"seconds":1722184768,"nanoseconds":0},"speakers":[{"content_ids":[55432],"conference_id":133,"event_ids":[55855,55856,55857],"name":"Ham Radio Village Staff","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@HamRadioVillage"},{"description":"","title":"Website","sort_order":0,"url":"https://hamvillage.org"}],"media":[],"id":55973}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T16:39:28Z","links":[{"label":"More Info","type":"link","url":"https://hamvillage.org/dc32/"}],"end":"2024-08-11T01:00:00.000-0000","id":55856,"tag_ids":[46380,46427,46439,46743],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":55973}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-A","hotel":"","short_name":"HW4-02-02-A","id":46362},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-28T16:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"All content areas generally open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722141200,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T04:33:20Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55850,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-28T04:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this game capture the flag you will be presented with real configurations of real wireless and radio technologies to attack. Practice your skill and learn new ones from Radio Frequency IDentification (RFID) through Software Defined Radio (SDR) and up to Bluetooth and WiFi. There may even be Infrared, if you have the eye for it.\r\n\r\nRF Hackers Sanctuary is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 32. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\r\n\r\nWe cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\r\n\r\nThis game doesn’t let you sit still either, as there are numerous fox hunts, testing your skill in tracking various signals. If running around the conference looking for WiFi, Bluetooth, or even a Tire Pressure Monitoring System (TPMS) device sounds like fun, we are your source of a higher step count.\r\n\r\nThere will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.\n\n\n","media":[{"hash_sha256":"5f981ba5433d67bf2f8834a45bb258444769b295ae92186f2f68a4af3895f9c6","filetype":"image/png","hash_md5":"72e07d62ad0bbc2e291d84f343f14ae7","name":"ct_rfhs.png","is_logo":"Y","hash_crc32c":"5c2623fd","filesize":55723,"asset_id":657,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_rfhs.png"}],"title":"Radio Frequency Capture the Flag","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"In this game capture the flag you will be presented with real configurations of real wireless and radio technologies to attack. Practice your skill and learn new ones from Radio Frequency IDentification (RFID) through Software Defined Radio (SDR) and up to Bluetooth and WiFi. There may even be Infrared, if you have the eye for it.\r\n\r\nRF Hackers Sanctuary is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 32. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\r\n\r\nWe cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\r\n\r\nThis game doesn’t let you sit still either, as there are numerous fox hunts, testing your skill in tracking various signals. If running around the conference looking for WiFi, Bluetooth, or even a Tire Pressure Monitoring System (TPMS) device sounds like fun, we are your source of a higher step count.\r\n\r\nThere will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.","updated_timestamp":{"seconds":1722114431,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T21:07:11Z","links":[{"label":"Website","type":"link","url":"https://rfhackers.com"},{"label":"Scoreboard","type":"link","url":"https://scoreboard.rfhackers.com/"}],"end":"2024-08-11T01:00:00.000-0000","id":55845,"tag_ids":[46390,46439,46742],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-27T21:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Don’t Panic! The Social Engineering Community needs your help save the galaxy! We need brave and creative minds for our Youth Challenge to help us solve a series of challenges that will trigger the implosion failsafe.\n\n\n","media":[{"hash_sha256":"644e222049d8075294958387f5d1fe445f0b2475478877de25e0b67fa14294fb","filetype":"image/png","hash_md5":"c853babc9f241a502510097ea15bda71","name":"ct_secv_youth.png","is_logo":"Y","hash_crc32c":"8a3466fb","filesize":167278,"asset_id":690,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_secv_youth.png"}],"title":"Social Engineering Community Youth Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Don’t Panic! The Social Engineering Community needs your help save the galaxy! We need brave and creative minds for our Youth Challenge to help us solve a series of challenges that will trigger the implosion failsafe.","updated_timestamp":{"seconds":1722103348,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T18:02:28Z","links":[{"label":"More Info","type":"link","url":"https://www.se.community/youth-challenge/"}],"end":"2024-08-11T01:00:00.000-0000","id":55842,"tag_ids":[46393,46439,46740],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-27T18:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for the thrilling and BRAND NEW competition where professional social engineers battle a cutting-edge AI team to see who can achieve the most objectives, followed by an insightful panel discussion.\n\n\n","media":[],"title":"John Henry Competition - Human vs. AI & Panel Discussion","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:30:00Z","end_timestamp":{"seconds":1723318200,"nanoseconds":0},"android_description":"Join us for the thrilling and BRAND NEW competition where professional social engineers battle a cutting-edge AI team to see who can achieve the most objectives, followed by an insightful panel discussion.","updated_timestamp":{"seconds":1722103199,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T17:59:59Z","links":[{"label":"More Info","type":"link","url":"https://www.se.community/john-henry-competition/"}],"end":"2024-08-10T19:30:00.000-0000","id":55838,"tag_ids":[46393,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-27T17:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come check out the Social Engineering Community Village!\n\n\n","media":[],"title":"Social Engineering Community Village Hours","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Come check out the Social Engineering Community Village!","updated_timestamp":{"seconds":1722102714,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T17:51:54Z","links":[{"label":"More Info","type":"link","url":"https://www.se.community/schedule/"}],"end":"2024-08-11T01:00:00.000-0000","id":55830,"tag_ids":[46393,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-27T17:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to tinker with locks and tools the likes of which you've only seen in movies featuring secret agents, daring heists, or covert entry teams?\r\n\r\nThen come on by the Lockpick Village, run by The Open Organization Of Lockpickers, where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised.\r\n\r\nThe Lockpick Village is a physical security demonstration and participation area. Visitors can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficultly to try it themselves.\r\n\r\nExperts will be on hand to demonstrate and plenty of trial locks, pick tools, and other devices will be available for you to handle. By exploring the faults and flaws in many popular lock designs, you can not only learn about the fun hobby of sport-picking, but also gain a much stronger knowledge about the best methods and practices for protecting your own property.\r\n\r\nA popular spot for new lock pickers! Highly recommended you stop by. The Lockpick Village is always kid friendly and welcomes folks of all ages. We do require that the parents stay with the kids.\n\n\n","media":[],"title":"Lockpicking Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Want to tinker with locks and tools the likes of which you've only seen in movies featuring secret agents, daring heists, or covert entry teams?\r\n\r\nThen come on by the Lockpick Village, run by The Open Organization Of Lockpickers, where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised.\r\n\r\nThe Lockpick Village is a physical security demonstration and participation area. Visitors can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficultly to try it themselves.\r\n\r\nExperts will be on hand to demonstrate and plenty of trial locks, pick tools, and other devices will be available for you to handle. By exploring the faults and flaws in many popular lock designs, you can not only learn about the fun hobby of sport-picking, but also gain a much stronger knowledge about the best methods and practices for protecting your own property.\r\n\r\nA popular spot for new lock pickers! Highly recommended you stop by. The Lockpick Village is always kid friendly and welcomes folks of all ages. We do require that the parents stay with the kids.","updated_timestamp":{"seconds":1722093520,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T15:18:40Z","links":[{"label":"Website","type":"link","url":"https://www.toool.us/"},{"label":"Twitter (@toool)","type":"link","url":"https://twitter.com/toool"}],"end":"2024-08-11T01:00:00.000-0000","id":55820,"tag_ids":[46384,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03-A","hotel":"","short_name":"HW2-07-03-A","id":46383},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-27T15:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Embedded systems are everywhere in our daily lives, from the smart devices in our homes to the systems that control critical infrastructure. These systems exist at the intersection of hardware and software, built to accomplish a specific task. However, unlike general-purpose computers, embedded systems are typically designed for a particular case of use and have limited resources. This makes them both challenging and fascinating to work with, especially from a security perspective. Often these disciplines are dealt with individually, but understanding the custom relationships between hardware and software is vital to performing security research on these devices.\r\n\r\nThe embedded device CTF contest is an exciting opportunity to explore the intricacies of these systems and test your skills in a competitive environment. Contestants are challenged to find vulnerabilities in the firmware or hardware and exploit them to gain access or control over the device. The contest offers a unique opportunity to explore embedded devices' inner workings and understand their design's security implications.\r\n\r\nNew devices will be dramatically introduced at set intervals throughout the competition, and point values will decrease over time. This keeps contestants guessing and on their toes, forcing them to adapt and use their skills to tackle new challenges. It also offers a chance to learn about different types of devices and how they function, broadening participants' knowledge and experience.\r\n\r\nBy participating in the contest, contestants can develop a deep understanding of how these systems operate and how to secure them against potential attacks. Additionally, the contest encourages participants to think outside the box and approach problems creatively, honing their problem-solving skills. The competition provides a valuable opportunity to network with like-minded individuals and a chance to learn from others in the field hands-on.\r\n\r\nOverall, the embedded device CTF contest is an exciting and educational experience that showcases the unique challenges and rewards of working with embedded devices. With the rise of the Internet of Things and the increasing integration of technology in our daily lives, embedded devices are becoming more ubiquitous, making this contest relevant and worth checking out. Whether you're a seasoned security professional or just starting in the field, the contest offers a chance to learn, test your skills, and have fun in a dynamic and competitive environment.\r\n\r\nThis is the main event at Embedded Systems Village. Come and show off your skills at hacking our collection of vulnerable embedded devices and find flags to score points! New this year we have a 101 track where each team will have their own set of emulated devices, as well as embedded challenges from the MITRE eCTF and some boss-level embedded challenges from Toyota Tsusho Systems US!\n\n\n","media":[{"hash_sha256":"a696b6f750fbe91d74ff91917f95bfe709d70e794beab35ff900219f1c87bdb9","filetype":"image/png","hash_md5":"173fb1fa87976ebc72de68fcb9171698","name":"ct_embedded.png","is_logo":"Y","hash_crc32c":"85767de7","filesize":121480,"asset_id":641,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_embedded.png"}],"title":"Embedded CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Embedded systems are everywhere in our daily lives, from the smart devices in our homes to the systems that control critical infrastructure. These systems exist at the intersection of hardware and software, built to accomplish a specific task. However, unlike general-purpose computers, embedded systems are typically designed for a particular case of use and have limited resources. This makes them both challenging and fascinating to work with, especially from a security perspective. Often these disciplines are dealt with individually, but understanding the custom relationships between hardware and software is vital to performing security research on these devices.\r\n\r\nThe embedded device CTF contest is an exciting opportunity to explore the intricacies of these systems and test your skills in a competitive environment. Contestants are challenged to find vulnerabilities in the firmware or hardware and exploit them to gain access or control over the device. The contest offers a unique opportunity to explore embedded devices' inner workings and understand their design's security implications.\r\n\r\nNew devices will be dramatically introduced at set intervals throughout the competition, and point values will decrease over time. This keeps contestants guessing and on their toes, forcing them to adapt and use their skills to tackle new challenges. It also offers a chance to learn about different types of devices and how they function, broadening participants' knowledge and experience.\r\n\r\nBy participating in the contest, contestants can develop a deep understanding of how these systems operate and how to secure them against potential attacks. Additionally, the contest encourages participants to think outside the box and approach problems creatively, honing their problem-solving skills. The competition provides a valuable opportunity to network with like-minded individuals and a chance to learn from others in the field hands-on.\r\n\r\nOverall, the embedded device CTF contest is an exciting and educational experience that showcases the unique challenges and rewards of working with embedded devices. With the rise of the Internet of Things and the increasing integration of technology in our daily lives, embedded devices are becoming more ubiquitous, making this contest relevant and worth checking out. Whether you're a seasoned security professional or just starting in the field, the contest offers a chance to learn, test your skills, and have fun in a dynamic and competitive environment.\r\n\r\nThis is the main event at Embedded Systems Village. Come and show off your skills at hacking our collection of vulnerable embedded devices and find flags to score points! New this year we have a 101 track where each team will have their own set of emulated devices, as well as embedded challenges from the MITRE eCTF and some boss-level embedded challenges from Toyota Tsusho Systems US!","updated_timestamp":{"seconds":1722037378,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-26T23:42:58Z","links":[{"label":"Twitter (@EmbeddedVillage)","type":"link","url":"https://twitter.com/EmbeddedVillage"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249361"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249360"},{"label":"More Info","type":"link","url":"https://www.embeddedvillage.org"}],"end":"2024-08-11T01:00:00.000-0000","id":55810,"tag_ids":[46379,46439,46739],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-26T23:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come and explore embedded communication by sniffing wireless traffic, exploring embedded servers, and finding flags hidden within.\n\n\n","media":[],"title":"Wireless & Networking workshop","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Come and explore embedded communication by sniffing wireless traffic, exploring embedded servers, and finding flags hidden within.","updated_timestamp":{"seconds":1722303624,"nanoseconds":0},"speakers":[{"content_ids":[55408],"conference_id":133,"event_ids":[55802,55809,55817],"name":"Alex Kelly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56029}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T01:40:24Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55809,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56029}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T01:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hack your first embedded system! Sit down at our provided laptops and be guided through exploiting an IP camera, then learn how you can set up the emulated camera (and other devices) at home with Ludus!\n\n\n","media":[],"title":"Emulating (and Hacking) Embedded Devices","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Hack your first embedded system! Sit down at our provided laptops and be guided through exploiting an IP camera, then learn how you can set up the emulated camera (and other devices) at home with Ludus!","updated_timestamp":{"seconds":1722037241,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-26T23:40:41Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55808,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-26T23:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come try a hands-on workshop on embedded computing using the new RP2350 processor from Raspberry Pi.  Lean about the security architecture in modern embedded microprocessors and tinker with it in person! Think you have what it takes to break our stuff? Come learn, say hi and give it a try!\n\n\n","media":[],"title":"Secure Microcontroller Workshop","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Come try a hands-on workshop on embedded computing using the new RP2350 processor from Raspberry Pi.  Lean about the security architecture in modern embedded microprocessors and tinker with it in person! Think you have what it takes to break our stuff? Come learn, say hi and give it a try!","updated_timestamp":{"seconds":1723217513,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T15:31:53Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55807,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-09T15:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This series of self-guided labs will introduce even the most novice hacker to the world of embedded device firmware and software exploitation. First-come first-served, don't miss a chance try out these labs and get started with embedded device hacking.\n\n\n","media":[],"title":"101 Labs: Firmware and Software exploitation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"This series of self-guided labs will introduce even the most novice hacker to the world of embedded device firmware and software exploitation. First-come first-served, don't miss a chance try out these labs and get started with embedded device hacking.","updated_timestamp":{"seconds":1722037224,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-26T23:40:24Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55806,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-26T23:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you've never popped open an embedded device and tried to get a simple shell, this is the lab for you. This is a first-come first-served workshop where you can walk through the step by step instructions to finding and connecting to a debug interface on an embedded device.\n\n\n","media":[],"title":"101 Labs: Hardware Lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"If you've never popped open an embedded device and tried to get a simple shell, this is the lab for you. This is a first-come first-served workshop where you can walk through the step by step instructions to finding and connecting to a debug interface on an embedded device.","updated_timestamp":{"seconds":1722037214,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-26T23:40:14Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55805,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-26T23:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Curious about hacking chips using fault-injection? Take your first steps in our (free) glitching workshops! We provide you with hardware & guidance to conduct your first fault-injection attacks, all you need is a laptop running Python & OpenOCD: Reproduce the nRF52 \"AirTag\" glitch or learn how to glitch one of the chips used in crypto-wallets to store millions of dollars.\r\n\r\nWe will also have a secret challenge announced on site!\r\n\r\nLab provided by hextree.io\n\n\n","media":[],"title":"Hardware Hacking: Glitching Lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Curious about hacking chips using fault-injection? Take your first steps in our (free) glitching workshops! We provide you with hardware & guidance to conduct your first fault-injection attacks, all you need is a laptop running Python & OpenOCD: Reproduce the nRF52 \"AirTag\" glitch or learn how to glitch one of the chips used in crypto-wallets to store millions of dollars.\r\n\r\nWe will also have a secret challenge announced on site!\r\n\r\nLab provided by hextree.io","updated_timestamp":{"seconds":1722037194,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-26T23:39:54Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55804,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-26T23:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ever see someone walking around DEF CON and wonder “what is up with the hard hats?”\r\n\r\nThe Hard Hat Brigade brings hackers together in the spirit of endless curiosity and tinkering. We use a common platform (hats) to combine art (bling) and hacker functionality (warez) to inspire others to explore outside of their comfort zones in a safe and welcoming community.\r\n\r\nWe encourage everyone to explore their creativity using art, electronics, mechanical design, or any other medium that piques their interest. Hats are inexpensive, widely available, and easy to modify to suit your needs. We started with hard hats but are not limited to any type of hat, so you have the freedom to choose whatever hat suits your fancy.\r\n\r\nDespite everyone using a common platform, every creation is unique and embodies the personality of the creator. Walking around DEF CON, you can display your creation for all to see, and many will stop to ask you about what you have created. This allows you to talk about your experience, as well as inspire others to explore new ideas of their own.\r\n\r\nOne of the challenges at hacker summer camp has been finding people to connect with. By leveraging hard hats as a canvas, HHB has solved this challenge with something that is incredibly accessible while also offering a ton of variety. Gazing upon these creations, they reflect back the uniqueness of all the awesome hackers that we’ve been able to meet. In years past, we’ve had the opportunity to see how so many talented and creative hackers tackle the challenge of using the venerable hard hat as their muse. Just as fun, charming and skilled as so many attendees are, the hard hat has been a great vessel to carry their awesome projects. \r\n\r\nStop by our community space and make your trip memorable by trying on a hat, learning and sharing building techniques, networking with other hat loving hackers, and expressing yourself in your own hacker way. Keep on hacking!\n\n\n","media":[],"title":"Hard Hat Brigade - Community Space Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Ever see someone walking around DEF CON and wonder “what is up with the hard hats?”\r\n\r\nThe Hard Hat Brigade brings hackers together in the spirit of endless curiosity and tinkering. We use a common platform (hats) to combine art (bling) and hacker functionality (warez) to inspire others to explore outside of their comfort zones in a safe and welcoming community.\r\n\r\nWe encourage everyone to explore their creativity using art, electronics, mechanical design, or any other medium that piques their interest. Hats are inexpensive, widely available, and easy to modify to suit your needs. We started with hard hats but are not limited to any type of hat, so you have the freedom to choose whatever hat suits your fancy.\r\n\r\nDespite everyone using a common platform, every creation is unique and embodies the personality of the creator. Walking around DEF CON, you can display your creation for all to see, and many will stop to ask you about what you have created. This allows you to talk about your experience, as well as inspire others to explore new ideas of their own.\r\n\r\nOne of the challenges at hacker summer camp has been finding people to connect with. By leveraging hard hats as a canvas, HHB has solved this challenge with something that is incredibly accessible while also offering a ton of variety. Gazing upon these creations, they reflect back the uniqueness of all the awesome hackers that we’ve been able to meet. In years past, we’ve had the opportunity to see how so many talented and creative hackers tackle the challenge of using the venerable hard hat as their muse. Just as fun, charming and skilled as so many attendees are, the hard hat has been a great vessel to carry their awesome projects. \r\n\r\nStop by our community space and make your trip memorable by trying on a hat, learning and sharing building techniques, networking with other hat loving hackers, and expressing yourself in your own hacker way. Keep on hacking!","updated_timestamp":{"seconds":1721968701,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-26T04:38:21Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55795,"tag_ids":[46403,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-02","hotel":"","short_name":"HW2-08-02","id":46261},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-26T04:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"(NOTE: This is an overflow class only if the first session is full)\r\n\r\nLearn how to program the DCNextGen Badge\n\n\n","media":[],"title":"Intro to Circuit Python (Badge class level 1) (Overflow if Friday is too full)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"(NOTE: This is an overflow class only if the first session is full)\r\n\r\nLearn how to program the DCNextGen Badge","updated_timestamp":{"seconds":1721785100,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T01:38:20Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":55758,"tag_ids":[46398,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-24T01:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the digital age, the agriculture industry has embraced advanced technologies to enhance productivity and efficiency. Central to this transformation are Industrial Control Systems (ICS), which manage everything from irrigation and fertilization to harvesting and storage. However, the integration of ICS in agriculture has also introduced a new vector of vulnerabilities and cyber threats.\r\n\r\nThis presentation will delve into the critical need to secure ICS in the agriculture sector against an ever-growing array of cyber threats. We will explore the unique challenges that agriculture faces, including the dispersed nature of operations, the integration of legacy systems with modern technologies, and the reliance on remote access and IoT devices.\n\n\n","media":[],"title":"Securing the Harvest: Cyber Defense for Agricultural Control Systems","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:55:00Z","end_timestamp":{"seconds":1723312500,"nanoseconds":0},"android_description":"In the digital age, the agriculture industry has embraced advanced technologies to enhance productivity and efficiency. Central to this transformation are Industrial Control Systems (ICS), which manage everything from irrigation and fertilization to harvesting and storage. However, the integration of ICS in agriculture has also introduced a new vector of vulnerabilities and cyber threats.\r\n\r\nThis presentation will delve into the critical need to secure ICS in the agriculture sector against an ever-growing array of cyber threats. We will explore the unique challenges that agriculture faces, including the dispersed nature of operations, the integration of legacy systems with modern technologies, and the reliance on remote access and IoT devices.","updated_timestamp":{"seconds":1721781676,"nanoseconds":0},"speakers":[{"content_ids":[55340,55349],"conference_id":133,"event_ids":[55732,55741],"name":"Ray Baeza","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Agriculture Defense Group","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":55964,"title":"Founder at Agriculture Defense Group"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T00:41:16Z","links":[],"end":"2024-08-10T17:55:00.000-0000","id":55741,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55964}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-24T00:41:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the era of innovation and growth, technology and evolving landscape of cloud services, hybrid environments has become crucial for running smooth business operations. Integration between Cloud and On-Premise environments has helped organizations to build a bridge to fill the gap and increased flexibility, scalability, and agility in these digital world. This presentation delves into the complexities of various Azure offerings, investigating how malicious actors can exploit them to breach on-prem server. \n\nWe initiate our talk with a robust device management solution, demonstrating how attackers can enlist devices and manipulate certain functionalities to execute commands, which give complete access to Employee's Devices. Transitioning to another Azure feature, we dissect a connectivity option that enables PowerShell Remoting, effectively bridging the gap between Azure and on-premises servers.\n\nOur exploration extends to Hybrid Workers which can be utilized to execute commands on on-premises servers, providing attackers with a stealthy pathway and can also be misused for persistence. We then examine Azure Arc and its Custom Script Extension, illustrating how it can be leveraged to execute commands within on-premises environments from the cloud.\n\nThe talk extends to the realm of Azure DevOps, where we shed light on abuse use case associated with custom agents being used for pipeline operations, granting unauthorized entry to on-prem resources. And finally, attention is drawn to the exploitation of web-based vulnerabilities, such as Remote Code Execution (RCE), to establish a foothold in on-prem networks which leverages Azure services for hosting on-prem applications.\n\n\n","media":[],"title":"The Hybrid Horizon: Unleashing the Power of Azure Hybrid Integrations","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T17:50:00Z","end_timestamp":{"seconds":1723312200,"nanoseconds":0},"android_description":"In the era of innovation and growth, technology and evolving landscape of cloud services, hybrid environments has become crucial for running smooth business operations. Integration between Cloud and On-Premise environments has helped organizations to build a bridge to fill the gap and increased flexibility, scalability, and agility in these digital world. This presentation delves into the complexities of various Azure offerings, investigating how malicious actors can exploit them to breach on-prem server. \n\nWe initiate our talk with a robust device management solution, demonstrating how attackers can enlist devices and manipulate certain functionalities to execute commands, which give complete access to Employee's Devices. Transitioning to another Azure feature, we dissect a connectivity option that enables PowerShell Remoting, effectively bridging the gap between Azure and on-premises servers.\n\nOur exploration extends to Hybrid Workers which can be utilized to execute commands on on-premises servers, providing attackers with a stealthy pathway and can also be misused for persistence. We then examine Azure Arc and its Custom Script Extension, illustrating how it can be leveraged to execute commands within on-premises environments from the cloud.\n\nThe talk extends to the realm of Azure DevOps, where we shed light on abuse use case associated with custom agents being used for pipeline operations, granting unauthorized entry to on-prem resources. And finally, attention is drawn to the exploitation of web-based vulnerabilities, such as Remote Code Execution (RCE), to establish a foothold in on-prem networks which leverages Azure services for hosting on-prem applications.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55289],"conference_id":133,"event_ids":[55679],"name":"Chirag Savla","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@chiragsavla94)","sort_order":0,"url":"https://twitter.com/chiragsavla94"}],"media":[],"id":55837},{"content_ids":[55289],"conference_id":133,"event_ids":[55679],"name":"Raunak Parmar","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@trouble1_raunak)","sort_order":0,"url":"https://twitter.com/trouble1_raunak"}],"media":[],"id":55838}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T17:50:00.000-0000","id":55679,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55837},{"tag_id":46167,"sort_order":4,"person_id":55838}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Ascension","hotel":"","short_name":"Ascension","id":46504},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Offensive security is an unfamiliar concept to most physical security practitioners. Yet we still rely on physical security teams to protect our hardware, network, ports, and assets. Physical security professionals are often non-technical, former law enforcement/military, and are focused on protecting people instead of property. This talk will bridge the gap between physical and cyber red teaming, covering the best approaches, common pitfalls, dangers, and benefits of testing physical security programs as part of a red team assessment. From the difficulty of “patching” physical vulnerabilities to examples of red teams gone wrong and how to approach physical security teams without being viewed as an actual adversary - you will walk away with a broader perspective and the ability to be a better partner when conducting physical red team assessments.\n\n\n","media":[],"title":"Physical Red Teaming for Offensive Cyber Teams","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T17:50:00Z","end_timestamp":{"seconds":1723312200,"nanoseconds":0},"android_description":"Offensive security is an unfamiliar concept to most physical security practitioners. Yet we still rely on physical security teams to protect our hardware, network, ports, and assets. Physical security professionals are often non-technical, former law enforcement/military, and are focused on protecting people instead of property. This talk will bridge the gap between physical and cyber red teaming, covering the best approaches, common pitfalls, dangers, and benefits of testing physical security programs as part of a red team assessment. From the difficulty of “patching” physical vulnerabilities to examples of red teams gone wrong and how to approach physical security teams without being viewed as an actual adversary - you will walk away with a broader perspective and the ability to be a better partner when conducting physical red team assessments.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55288],"conference_id":133,"event_ids":[55678],"name":"Shawn Abelson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55840},{"content_ids":[55288],"conference_id":133,"event_ids":[55678],"name":"Ana Aslanishvili","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55841}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T17:50:00.000-0000","id":55678,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55840},{"tag_id":46167,"sort_order":4,"person_id":55841}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Satellites form a critical infrastructure for our modern world, enabling global communications, navigation, weather forecasting, and more. However, the growing reliance on satellites also highlights a troubling concern: their cybersecurity vulnerabilities.\r\n\r\nFirstly, I provide a technical overview of how satellite communications work, covering aspects such as signal transmission, encryption, and decryption. This leads into an examination of vulnerabilities, including insecure communication channels, outdated encryption algorithms, and hardware flaws, which can be exploited by malicious actors.\r\n\r\nThen shift focus to the practical aspects of satellite hacking, outlining key methods such as signal interception, replay attacks, and jamming. We introduce essential tools for these tasks, including GNU Radio, SDR (Software-Defined Radio), that will be used practically.\r\n\r\nCase studies are also discussed, providing insights into high-profile satellite hacking incidents. These real-world examples and personal war stories serve to highlight the various methods used, lessons learned, and challenges faced by red teams in this domain, including signal interference and staying ahead of security updates.\r\nThe paper concludes with guidance for red teams and cybersecurity professionals. I offer advice on setting up a satellite hacking environment, conducting effective penetration testing, and reporting findings. \r\n\r\nIn summary, this talk aims to illuminate the vulnerabilities of satellite systems and provide red teams with the technical, ethical, and practical knowledge necessary to navigate this unique domain responsibly.\n\n\n","media":[],"title":"Hacking the Skies – Satellite Red Teaming","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T17:50:00Z","end_timestamp":{"seconds":1723312200,"nanoseconds":0},"android_description":"Satellites form a critical infrastructure for our modern world, enabling global communications, navigation, weather forecasting, and more. However, the growing reliance on satellites also highlights a troubling concern: their cybersecurity vulnerabilities.\r\n\r\nFirstly, I provide a technical overview of how satellite communications work, covering aspects such as signal transmission, encryption, and decryption. This leads into an examination of vulnerabilities, including insecure communication channels, outdated encryption algorithms, and hardware flaws, which can be exploited by malicious actors.\r\n\r\nThen shift focus to the practical aspects of satellite hacking, outlining key methods such as signal interception, replay attacks, and jamming. We introduce essential tools for these tasks, including GNU Radio, SDR (Software-Defined Radio), that will be used practically.\r\n\r\nCase studies are also discussed, providing insights into high-profile satellite hacking incidents. These real-world examples and personal war stories serve to highlight the various methods used, lessons learned, and challenges faced by red teams in this domain, including signal interference and staying ahead of security updates.\r\nThe paper concludes with guidance for red teams and cybersecurity professionals. I offer advice on setting up a satellite hacking environment, conducting effective penetration testing, and reporting findings. \r\n\r\nIn summary, this talk aims to illuminate the vulnerabilities of satellite systems and provide red teams with the technical, ethical, and practical knowledge necessary to navigate this unique domain responsibly.","updated_timestamp":{"seconds":1721595297,"nanoseconds":0},"speakers":[{"content_ids":[55287],"conference_id":133,"event_ids":[55677],"name":"Agostino Panico","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@Van1sh_BSidesIT)","sort_order":0,"url":"https://twitter.com/Van1sh_BSidesIT"}],"media":[],"id":55842}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T20:54:57Z","links":[],"end":"2024-08-10T17:50:00.000-0000","id":55677,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55842}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-21T20:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This presentation is part of a graduate research project that delves into the vulnerabilities of Machine Learning (ML) models specifically designed to detect DNS Over HTTPS (DoH) tunnels. Previous research has primarily focused on developing models that prioritize accuracy and explainability. However, these studies have often overlooked the potential of adversarial attacks, leaving the models vulnerable to common adversarial attacks like black-box attacks. This presentation will demonstrate that all cutting-edge DoH tunnel detection models are vulnerable to black-box attacks. Our approach leverages real-world input data generated by DoH tunnel tools, which are constrained in the attack algorithm.\r\n\r\nMoreover, we will show specific vulnerable features that model developers should avoid. When this feature type is considered, we successfully evaded all DoH tunnel detection models without using advanced techniques.\r\n\r\nNotably, the audience can use the same methods to evade most Machine Learning-Based Network Intrusion Detection Systems, underlining our findings' immediate and practical implications.\r\n\r\nght Scholarship at the University of Arizona and the University of Florida, focusing on malware analysis. Additionally, Emanuel actively contributes to the OWASP Top 10 for LLM Apps. Committed to advancing cybersecurity technology, he shares his expertise through speaking engagements and research collaborations.\r\n\r\nThis presentation will dive into attacking ML DoH tunnel detection models using adversarial attack techniques for evasion. The key discussion points are as follows:\r\n\r\n1 DNS tunnels\r\nIn this section, we will discuss the evolution of DNS. We will explain why DNS over HTTPS (DoH) was conceived, what motivations drove it, and why vulnerabilities from its predecessor tried to mitigate them. Next, we will demonstrate how attackers can leverage DNS and DoH to create tunnels, which are covert channels for communication that bypass traditional network security measures. These tunnels can be used to exfiltrate information or as C&C (Command and Control) communication channels for malicious activities. Additionally, we will highlight the most popular tools for creating these tunnels using DoH.\r\n\r\n2 DoH Tunnel Detection Models\r\nThis section will discuss the primary datasets the scientific community uses to create ML models for detecting DoH tunnels. We will highlight how to extract features from DoH requests and which are the most used. We will also address the gaps and bad practices in these datasets that lead to developing vulnerable models. Additionally, we will show the best practices for building DoH tunnel detection models, such as choosing the best algorithms, implementing robust feature engineering techniques, and selecting the most relevant features for the model.\r\n\r\n3 Adversarial Attacks\r\nThis section will introduce adversarial attacks, a type of attack that aims to deceive or mislead a machine learning model by providing it with maliciously crafted input data. We will explain how 'white' and 'black' attacks on ML models are executed and how they differ. Furthermore, we will explain how to adapt 'black-box attacks, a type of adversarial attack where the attacker does not know the internal workings of the model, to target DoH tunnel detection models and similar models.\r\n\r\n4 Attacking (DEMOs)\r\nThis section will present demos covering the following scenarios: First, we will demonstrate how basic black-box attacks work for attacking DoH tunnel detection models. Next, we will show a demo using previous attacks, but this time, we will incorporate real-world inputs from DoH tunnel detection tools, constraining the attack algorithm. We will also identify vulnerable features within the dataset that attackers can exploit to bypass the DoH tunnel detection models. Additionally, we will release a patched open-source tool, dnstt, to consider all considered scenarios.\r\nNote: The demonstrations will be conducted live, but we will have pre-recorded videos to ensure continuity in case of any issues.\r\n\r\n5 Defending\r\nThis section will explain how to defend against the attacks presented earlier and demonstrate 'good practices and techniques' for protecting against them. We will also show how to build a robust model trained with adversarial attack samples generated from previous attacks, which can help improve the model's resilience to future attacks.\r\n\r\n6 Next Steps\r\nIn the final section, we will outline the future steps in our research and discuss the remaining gaps. We warmly invite new contributors to join our research efforts, as your insights and expertise can significantly advance our understanding in this field.\r\nLinks:\r\n\r\nExperiments (Attacking DoH tunnel detection models): [link](https://drive.google.com/drive/folders/1XJnemvBNs9wAW1LHWfT2ZVZnzbSyqx-z?usp=sharing)\r\n\r\nBlack Box Attack: Zero Order Optimization Attack, constrained to support real doh tunnel tools inputs: [link](https://drive.google.com/drive/folders/1_1tK9YfqtUVxSaVjsQHMpKhFrgmX_eAT?usp=sharing)\r\n\r\nDnstt patch (ongoing): You can now run it separately (dnstt + patch). The provided code does exactly that: [link](https://drive.google.com/drive/folders/1qkhwAXBCy0wWasGH4RsTs06WcJqiTehE?usp=sharing)\r\n\n\n\n","media":[],"title":"DoH Deception: Evading ML-Based Tunnel Detection with Black-Box Attack Techniques","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T17:50:00Z","end_timestamp":{"seconds":1723312200,"nanoseconds":0},"android_description":"This presentation is part of a graduate research project that delves into the vulnerabilities of Machine Learning (ML) models specifically designed to detect DNS Over HTTPS (DoH) tunnels. Previous research has primarily focused on developing models that prioritize accuracy and explainability. However, these studies have often overlooked the potential of adversarial attacks, leaving the models vulnerable to common adversarial attacks like black-box attacks. This presentation will demonstrate that all cutting-edge DoH tunnel detection models are vulnerable to black-box attacks. Our approach leverages real-world input data generated by DoH tunnel tools, which are constrained in the attack algorithm.\r\n\r\nMoreover, we will show specific vulnerable features that model developers should avoid. When this feature type is considered, we successfully evaded all DoH tunnel detection models without using advanced techniques.\r\n\r\nNotably, the audience can use the same methods to evade most Machine Learning-Based Network Intrusion Detection Systems, underlining our findings' immediate and practical implications.\r\n\r\nght Scholarship at the University of Arizona and the University of Florida, focusing on malware analysis. Additionally, Emanuel actively contributes to the OWASP Top 10 for LLM Apps. Committed to advancing cybersecurity technology, he shares his expertise through speaking engagements and research collaborations.\r\n\r\nThis presentation will dive into attacking ML DoH tunnel detection models using adversarial attack techniques for evasion. The key discussion points are as follows:\r\n\r\n1 DNS tunnels\r\nIn this section, we will discuss the evolution of DNS. We will explain why DNS over HTTPS (DoH) was conceived, what motivations drove it, and why vulnerabilities from its predecessor tried to mitigate them. Next, we will demonstrate how attackers can leverage DNS and DoH to create tunnels, which are covert channels for communication that bypass traditional network security measures. These tunnels can be used to exfiltrate information or as C&C (Command and Control) communication channels for malicious activities. Additionally, we will highlight the most popular tools for creating these tunnels using DoH.\r\n\r\n2 DoH Tunnel Detection Models\r\nThis section will discuss the primary datasets the scientific community uses to create ML models for detecting DoH tunnels. We will highlight how to extract features from DoH requests and which are the most used. We will also address the gaps and bad practices in these datasets that lead to developing vulnerable models. Additionally, we will show the best practices for building DoH tunnel detection models, such as choosing the best algorithms, implementing robust feature engineering techniques, and selecting the most relevant features for the model.\r\n\r\n3 Adversarial Attacks\r\nThis section will introduce adversarial attacks, a type of attack that aims to deceive or mislead a machine learning model by providing it with maliciously crafted input data. We will explain how 'white' and 'black' attacks on ML models are executed and how they differ. Furthermore, we will explain how to adapt 'black-box attacks, a type of adversarial attack where the attacker does not know the internal workings of the model, to target DoH tunnel detection models and similar models.\r\n\r\n4 Attacking (DEMOs)\r\nThis section will present demos covering the following scenarios: First, we will demonstrate how basic black-box attacks work for attacking DoH tunnel detection models. Next, we will show a demo using previous attacks, but this time, we will incorporate real-world inputs from DoH tunnel detection tools, constraining the attack algorithm. We will also identify vulnerable features within the dataset that attackers can exploit to bypass the DoH tunnel detection models. Additionally, we will release a patched open-source tool, dnstt, to consider all considered scenarios.\r\nNote: The demonstrations will be conducted live, but we will have pre-recorded videos to ensure continuity in case of any issues.\r\n\r\n5 Defending\r\nThis section will explain how to defend against the attacks presented earlier and demonstrate 'good practices and techniques' for protecting against them. We will also show how to build a robust model trained with adversarial attack samples generated from previous attacks, which can help improve the model's resilience to future attacks.\r\n\r\n6 Next Steps\r\nIn the final section, we will outline the future steps in our research and discuss the remaining gaps. We warmly invite new contributors to join our research efforts, as your insights and expertise can significantly advance our understanding in this field.\r\nLinks:\r\n\r\nExperiments (Attacking DoH tunnel detection models): [link](https://drive.google.com/drive/folders/1XJnemvBNs9wAW1LHWfT2ZVZnzbSyqx-z?usp=sharing)\r\n\r\nBlack Box Attack: Zero Order Optimization Attack, constrained to support real doh tunnel tools inputs: [link](https://drive.google.com/drive/folders/1_1tK9YfqtUVxSaVjsQHMpKhFrgmX_eAT?usp=sharing)\r\n\r\nDnstt patch (ongoing): You can now run it separately (dnstt + patch). The provided code does exactly that: [link](https://drive.google.com/drive/folders/1qkhwAXBCy0wWasGH4RsTs06WcJqiTehE?usp=sharing)","updated_timestamp":{"seconds":1721595334,"nanoseconds":0},"speakers":[{"content_ids":[55286],"conference_id":133,"event_ids":[55676],"name":"Emanuel Valente","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@emanu_valente)","sort_order":0,"url":"https://twitter.com/emanu_valente"}],"media":[],"id":55843}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T20:55:34Z","links":[],"end":"2024-08-10T17:50:00.000-0000","id":55676,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55843}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-21T20:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Antivirus (AV) solutions, serving as the last line of defense on users’ endpoint devices, have evolved into highly complex entities. Often operated as 'black boxes' from user’s perspective due to proprietary and security reasons, the principle of 'security through obscurity' - though far from ideal - remains prevalent in the cat-and-mouse game between defenders and attackers. This dynamic places researchers and attackers in similar positions; while malware authors can fingerprint AV detection mechanisms through various evasion techniques, researchers can employ similar methods to identify improvement opportunities in security products.\nThis study evaluates the effectiveness and performance of AV solutions against 18 open-source evasion frameworks. Notably, no AV solution could detect all samples from open-source evasion tools, and conversely, no evasion tool could bypass all contemporary AVs. This limitation is primarily attributed to the AVs’ reliance on signature and heuristic engines to balance between performance, security and access (false-positive rates). To delve deeper into AV detection capabilities across signature, heuristic, and behavioral evasions, we built BOAZ - an evasion tool serving both as a research instrument and an evasion framework. Through empirical experimentation, our findings reveal not only the varied performance of AV solutions against different evasion frameworks and techniques but also the potential for strategically combining these techniques to penetrate secured environments without needing commercial tools or zero-day exploits. Effectively, by understanding the building blocks of AV detection and evasion phases, anyone can develop their own evasion tool.\n\n\n","media":[],"title":"BOAZ, Yet Another layered Evasion Tool: Unveiling the Secrets Behind Antivirus Testing","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T17:50:00Z","end_timestamp":{"seconds":1723312200,"nanoseconds":0},"android_description":"Antivirus (AV) solutions, serving as the last line of defense on users’ endpoint devices, have evolved into highly complex entities. Often operated as 'black boxes' from user’s perspective due to proprietary and security reasons, the principle of 'security through obscurity' - though far from ideal - remains prevalent in the cat-and-mouse game between defenders and attackers. This dynamic places researchers and attackers in similar positions; while malware authors can fingerprint AV detection mechanisms through various evasion techniques, researchers can employ similar methods to identify improvement opportunities in security products.\nThis study evaluates the effectiveness and performance of AV solutions against 18 open-source evasion frameworks. Notably, no AV solution could detect all samples from open-source evasion tools, and conversely, no evasion tool could bypass all contemporary AVs. This limitation is primarily attributed to the AVs’ reliance on signature and heuristic engines to balance between performance, security and access (false-positive rates). To delve deeper into AV detection capabilities across signature, heuristic, and behavioral evasions, we built BOAZ - an evasion tool serving both as a research instrument and an evasion framework. Through empirical experimentation, our findings reveal not only the varied performance of AV solutions against different evasion frameworks and techniques but also the potential for strategically combining these techniques to penetrate secured environments without needing commercial tools or zero-day exploits. Effectively, by understanding the building blocks of AV detection and evasion phases, anyone can develop their own evasion tool.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55285],"conference_id":133,"event_ids":[55675],"name":"Thomas X Meng","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55839}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T17:50:00.000-0000","id":55675,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55839}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Nikkia Henderson is a 14 year tenured federal government employee. In her current role she is a Senior Advisor at the Cybersecurity Infrastructure Security Agency (CISA). She serves a Cyber Supply Chain Risk Management (C-SCRM) Strategy and Governance Program lead, within CISA’s Cybersecurity Division. Ms. Henderson is also the President of the Women in Cybersecurity Mid Atlantic Affiliate, where she serves as a \"cybHERprenuer\" who is passionate about helping Cybersecurity/IT professionals define their vision, mission, and federal career path. In this session, Ms. Henderson shares her journey into a federal cyber career. She will highlight her challenges as well as milestones that catapulted her to where she is today!\n\n\n","media":[],"title":"Fumbling into FedCyber","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:45:00Z","end_timestamp":{"seconds":1723311900,"nanoseconds":0},"android_description":"Nikkia Henderson is a 14 year tenured federal government employee. In her current role she is a Senior Advisor at the Cybersecurity Infrastructure Security Agency (CISA). She serves a Cyber Supply Chain Risk Management (C-SCRM) Strategy and Governance Program lead, within CISA’s Cybersecurity Division. Ms. Henderson is also the President of the Women in Cybersecurity Mid Atlantic Affiliate, where she serves as a \"cybHERprenuer\" who is passionate about helping Cybersecurity/IT professionals define their vision, mission, and federal career path. In this session, Ms. Henderson shares her journey into a federal cyber career. She will highlight her challenges as well as milestones that catapulted her to where she is today!","updated_timestamp":{"seconds":1721495243,"nanoseconds":0},"speakers":[{"content_ids":[55186,55197],"conference_id":133,"event_ids":[55576,55587],"name":"Nikkia Henderson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Program Operations Lead"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/nikkiahenderson/"}],"media":[],"id":55809,"title":"Program Operations Lead"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T17:07:23Z","links":[],"end":"2024-08-10T17:45:00.000-0000","id":55587,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55809}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-20T17:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hybrid Contest\r\nContest available online Friday 12:00 to Saturday 17:00\r\n\r\nThe BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”\n\n\n","media":[{"hash_sha256":"428e14f21b35d7673729fe64d1b505c806155472894b40ffe1ce7324527577b1","filetype":"image/png","hash_md5":"97e55dc0e441e94ee6f15b141155b4f9","name":"ct_bic-ctf.png","is_logo":"Y","hash_crc32c":"4ce34dd1","filesize":257047,"asset_id":628,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_bic-ctf.png"}],"title":"Blacks in Cyber CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Hybrid Contest\r\nContest available online Friday 12:00 to Saturday 17:00\r\n\r\nThe BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”","updated_timestamp":{"seconds":1721487832,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T15:03:52Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":55575,"tag_ids":[46372,46426,46439],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-20T15:03:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Every bug hunter knows the initial steps: reconnaissance, fuzzing, and asset enumeration, But what if I told you there's a way to get everything you need internally and have it handed to you on a silver platter? Join me as I share my journey as part of different security teams across my career. I'll reveal the methods and tricks I've developed to utilize internal systems to retrieve crucial data, significantly boosting productivity in finding and exploiting flaws in our code. I'll present success stories and real-life examples where researchers uncovered critical vulnerabilities with internal assistance. Additionally, I'll delve into the tactics and techniques I employ to obtain this valuable data, providing program owners with insights to elevate their game—if they dare to expose this information.\n\n\n","media":[],"title":"Leveraging Internal Systems for Enhanced Bug Bounty Success","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"Every bug hunter knows the initial steps: reconnaissance, fuzzing, and asset enumeration, But what if I told you there's a way to get everything you need internally and have it handed to you on a silver platter? Join me as I share my journey as part of different security teams across my career. I'll reveal the methods and tricks I've developed to utilize internal systems to retrieve crucial data, significantly boosting productivity in finding and exploiting flaws in our code. I'll present success stories and real-life examples where researchers uncovered critical vulnerabilities with internal assistance. Additionally, I'll delve into the tactics and techniques I employ to obtain this valuable data, providing program owners with insights to elevate their game—if they dare to expose this information.","updated_timestamp":{"seconds":1721438318,"nanoseconds":0},"speakers":[{"content_ids":[55179],"conference_id":133,"event_ids":[55567],"name":"Rotem Bar","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"@rotembar","sort_order":0,"url":"https://twitter.com/rotembar"}],"media":[],"id":54835}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T01:18:38Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#leveraging-internal-systems-for-enhanced-bug-bounty-success"}],"end":"2024-08-10T18:00:00.000-0000","id":55567,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54835}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-20T01:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Resume Reviews offer attendees the opportunity to have their resumes critiqued by industry professionals. This activity provides personalized feedback and tips on how to improve resumes to stand out in the cybersecurity job market. It's a great way for participants to enhance their professional profiles and increase their chances of landing their desired roles.\n\n\n","media":[],"title":"Resume Reviews","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Resume Reviews offer attendees the opportunity to have their resumes critiqued by industry professionals. This activity provides personalized feedback and tips on how to improve resumes to stand out in the cybersecurity job market. It's a great way for participants to enhance their professional profiles and increase their chances of landing their desired roles.","updated_timestamp":{"seconds":1721487270,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T14:54:30Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":55413,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Lonely Hackers Club Community Room Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1721276328,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-18T04:18:48Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55409,"tag_ids":[46406,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-18T04:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Unofficial Sticker Swap is a casual and engaging activity where attendees can trade and collect unique stickers. This event fosters a sense of community and allows participants to showcase their creativity and personal style. \n\n\n","media":[],"title":"LHC's Unofficial Sticker Swap Table","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The Unofficial Sticker Swap is a casual and engaging activity where attendees can trade and collect unique stickers. This event fosters a sense of community and allows participants to showcase their creativity and personal style.","updated_timestamp":{"seconds":1721487294,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T14:54:54Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55406,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Keyboard Corner hosts typing challenges that test the speed and accuracy of attendees' typing skills on various keyboards. Participants can compete for high scores and bragging rights in a friendly and competitive setting. This activity adds an element of fun and excitement to the conference while highlighting the importance of efficient typing in cybersecurity.\n\n\n","media":[],"title":"Egor's Keyboard Corner","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Keyboard Corner hosts typing challenges that test the speed and accuracy of attendees' typing skills on various keyboards. Participants can compete for high scores and bragging rights in a friendly and competitive setting. This activity adds an element of fun and excitement to the conference while highlighting the importance of efficient typing in cybersecurity.","updated_timestamp":{"seconds":1721487260,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T14:54:20Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55403,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We reopen at 10:00am and accept drives until we reach capacity (usually late Friday or early Saturday).  Then we copy and copy all the things until we just can't copy any more - first come, first served.  Don't forget - some require 8TB drives now. We run around the clock until we run out of time on Sunday morning with the last possible pickup being before 11:00am on Sunday.\r\n\r\n# About Us\r\n\r\nThe Data Duplication Village has all the updated bits and bytes available from infocon.org packed up into nice, neat packages. If you're looking for a copy of all the things, we've got what you need to fill up all your storage including a few nice hash tables and all of the DefCon talks. Add to that just about every other security con talk known to hacker-kind! Our village provides a \"free-to-you\" service of direct access to terabytes of useful data to help build those hacking skills and talk with other storage enthusiasts.\r\n\r\nCheck the schedule and/or dcddv.org for the most up-to-date information.\r\n\r\n## How It Works\r\n\r\nThe DDV provides a core set of drive duplicators and data content options. We accept 8TB and larger drives on a first come, first served basis and duplicate 'till we can no longer see straight. Bring in your blank SATA3 drives - check them in early - to get the data you want. Come back in about 24 hours to pick up your data-packed drive. Space allowing, we'll accept drives all the way through until Saturday morning - but remember, it's FIFO - get those drives in early!\r\n\r\n## What You Get\r\n\r\nWe're working on more content right up until the last minute so keep checking on dcddv.org for the latest. This year, we're adding new data to duplicate! Humans will be able to choose from the following data sources for duplication:\r\n\r\n- A) Infocon.org Archive - 6TB archive of all the past hacking convention videos that DT could find, built on last years collection and always adding more for your data consuming appetite.\r\n- B) Rainbow tables 1 of 3 - 6TB from freerainbowtables.com, the Lanman, MSQLSHA1, and NTLM hash tables plus freerainbowtables.com tools\r\n- C) Rainbow tables 2 of 3 - 6TB from freerainbowtables.com, the A5/1 GSM, and MD5 tables plus freerainbowtables.com tools\r\n- D) Vx Underground Archive - 8TB archive of the latest papers, samples, and code from Vx Underground\r\n- E) Rainbow tables 3 of 3 - 8TB of New NTLM-9 hash tables and a copy of the Infocon.org mirrors\r\n\n\n\n","media":[],"title":"DDV open and accepting drives for duplication","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"We reopen at 10:00am and accept drives until we reach capacity (usually late Friday or early Saturday).  Then we copy and copy all the things until we just can't copy any more - first come, first served.  Don't forget - some require 8TB drives now. We run around the clock until we run out of time on Sunday morning with the last possible pickup being before 11:00am on Sunday.\r\n\r\n# About Us\r\n\r\nThe Data Duplication Village has all the updated bits and bytes available from infocon.org packed up into nice, neat packages. If you're looking for a copy of all the things, we've got what you need to fill up all your storage including a few nice hash tables and all of the DefCon talks. Add to that just about every other security con talk known to hacker-kind! Our village provides a \"free-to-you\" service of direct access to terabytes of useful data to help build those hacking skills and talk with other storage enthusiasts.\r\n\r\nCheck the schedule and/or dcddv.org for the most up-to-date information.\r\n\r\n## How It Works\r\n\r\nThe DDV provides a core set of drive duplicators and data content options. We accept 8TB and larger drives on a first come, first served basis and duplicate 'till we can no longer see straight. Bring in your blank SATA3 drives - check them in early - to get the data you want. Come back in about 24 hours to pick up your data-packed drive. Space allowing, we'll accept drives all the way through until Saturday morning - but remember, it's FIFO - get those drives in early!\r\n\r\n## What You Get\r\n\r\nWe're working on more content right up until the last minute so keep checking on dcddv.org for the latest. This year, we're adding new data to duplicate! Humans will be able to choose from the following data sources for duplication:\r\n\r\n- A) Infocon.org Archive - 6TB archive of all the past hacking convention videos that DT could find, built on last years collection and always adding more for your data consuming appetite.\r\n- B) Rainbow tables 1 of 3 - 6TB from freerainbowtables.com, the Lanman, MSQLSHA1, and NTLM hash tables plus freerainbowtables.com tools\r\n- C) Rainbow tables 2 of 3 - 6TB from freerainbowtables.com, the A5/1 GSM, and MD5 tables plus freerainbowtables.com tools\r\n- D) Vx Underground Archive - 8TB archive of the latest papers, samples, and code from Vx Underground\r\n- E) Rainbow tables 3 of 3 - 8TB of New NTLM-9 hash tables and a copy of the Infocon.org mirrors","updated_timestamp":{"seconds":1722478167,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T02:09:27Z","links":[{"label":"More Info","type":"link","url":"https://dcddv.org"}],"end":"2024-08-11T00:00:00.000-0000","id":55189,"tag_ids":[46378,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W225","hotel":"","short_name":"W225","id":46291},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T02:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"OSINT is a great mechanism for the collection of data, but what do you do with all of it once it’s collected? It can take significant time with the human eye to analyze each image or video. Furthermore, you may miss important artifacts in the foreground or background. Computer vision can churn through the plethora of data to pull out the relevant evidence at lightning speed. For the last 5 years we’ve been exploring the use of Azure and AWS for computer vision to rapidly process large sets of image and video data acquisitions for forensic evidence.Through the use of AI we have analyzed thousands of images and videos to perform object detection, facial recognition, OCR, voice to text analysis, and more. In this session we’ll explore the use of cloud platforms to exponentially increase your analysis of uncovering key artifacts to your case using demos and real world examples. We then apply chronolocation analysis to allow an investigator to paint a true-life narrative, for example an individual with a weapon at a location at a particular time. We’ll provide live demos of common scenarios to reveal benefits to processing your data collections in a rapid, efficient, comprehensive, and accurate manner. We’ll then wrap-up the presentation with additional AI computer vision recommendations and resources.\n\n\n","media":[],"title":"Using AI Computer Vision in Your OSINT Data Analysis","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"OSINT is a great mechanism for the collection of data, but what do you do with all of it once it’s collected? It can take significant time with the human eye to analyze each image or video. Furthermore, you may miss important artifacts in the foreground or background. Computer vision can churn through the plethora of data to pull out the relevant evidence at lightning speed. For the last 5 years we’ve been exploring the use of Azure and AWS for computer vision to rapidly process large sets of image and video data acquisitions for forensic evidence.Through the use of AI we have analyzed thousands of images and videos to perform object detection, facial recognition, OCR, voice to text analysis, and more. In this session we’ll explore the use of cloud platforms to exponentially increase your analysis of uncovering key artifacts to your case using demos and real world examples. We then apply chronolocation analysis to allow an investigator to paint a true-life narrative, for example an individual with a weapon at a location at a particular time. We’ll provide live demos of common scenarios to reveal benefits to processing your data collections in a rapid, efficient, comprehensive, and accurate manner. We’ll then wrap-up the presentation with additional AI computer vision recommendations and resources.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54595],"conference_id":133,"event_ids":[54970],"name":"Mike Raggo","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54318}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":54970,"tag_ids":[46169,46385,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54318}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This presentation delves into the intricate process of generating a Software Bill of Materials (SBOM) for the Bob the Minions WiFi router by Davolink—a device whose firmware isn't publicly available. Traditional SBOM creation methods rely on readily accessible firmware, but Davolink's restricted release policies necessitated an unconventional approach. This talk covers the step-by-step journey of hardware disassembly, firmware extraction via SPI flash and JTAG/SWD interfaces, and the tools and techniques employed. Finally, we'll demonstrate how the recovered firmware is used to generate a comprehensive SBOM, highlighting any security vulnerabilities discovered and reported to the vendor. This session aims to provide attendees with practical insights into overcoming SBOM generation challenges in the IoT domain through hands-on hardware hacking, and leveraging the firmware and SBOMs for vulnerability discovery, as well as security improvement.\n\n\n","media":[],"title":"SBOMs the Hard Way: Hacking Bob the Minion","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:30:00Z","end_timestamp":{"seconds":1723311000,"nanoseconds":0},"android_description":"This presentation delves into the intricate process of generating a Software Bill of Materials (SBOM) for the Bob the Minions WiFi router by Davolink—a device whose firmware isn't publicly available. Traditional SBOM creation methods rely on readily accessible firmware, but Davolink's restricted release policies necessitated an unconventional approach. This talk covers the step-by-step journey of hardware disassembly, firmware extraction via SPI flash and JTAG/SWD interfaces, and the tools and techniques employed. Finally, we'll demonstrate how the recovered firmware is used to generate a comprehensive SBOM, highlighting any security vulnerabilities discovered and reported to the vendor. This session aims to provide attendees with practical insights into overcoming SBOM generation challenges in the IoT domain through hands-on hardware hacking, and leveraging the firmware and SBOMs for vulnerability discovery, as well as security improvement.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54594],"conference_id":133,"event_ids":[54969],"name":"Larry Pesce","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"\"Paul's Security Weekly\" podcast","title":"Co-Founder and Co-Host"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@haxorthematrix)","sort_order":0,"url":"https://twitter.com/haxorthematrix"}],"media":[],"id":54319,"title":"Co-Founder and Co-Host at \"Paul's Security Weekly\" podcast"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T17:30:00.000-0000","id":54969,"tag_ids":[46169,46383,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54319}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the vast expanse of space, holographic teleportation—a futuristic blend of holography and teleportation—has revolutionized astronaut communication. Imagine beaming a lifelike 3D image of yourself across light-years. Now, consider its potential in medicine: remote surgeries, expert consultations, and training—where distance dissolves, and expertise transcends borders. Buckle up; holoconnect is our cosmic ticket to healing!\n\n\n","media":[],"title":"Bridging Space and Medicine","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"In the vast expanse of space, holographic teleportation—a futuristic blend of holography and teleportation—has revolutionized astronaut communication. Imagine beaming a lifelike 3D image of yourself across light-years. Now, consider its potential in medicine: remote surgeries, expert consultations, and training—where distance dissolves, and expertise transcends borders. Buckle up; holoconnect is our cosmic ticket to healing!","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54592],"conference_id":133,"event_ids":[54967],"name":"Fernando De La Peña Llaca","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Aexa Aerospace","title":""}],"links":[],"pronouns":null,"media":[],"id":54288,"title":"Aexa Aerospace"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":54967,"tag_ids":[46169,46371,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54288}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ever since the pandemic and the rising popularity of work-from-home and hybrid models, there has been an increase in the usage of browsers, particularly video conferencing and collaboration applications. While some extensions enhance the user experience, some can gravely affect users' privacy and security. \r\n\r\nOver the past few years, extensions have gained recognition for nefarious activities, from simple color picker extensions to productivity-first AI extensions. And now more than ever, attackers are leveraging malicious extensions to steal user data, promote ads, affiliate marketing, and more. Realizing the abuse, Google pivoted from the MV2 model to the latest MV3, providing better security and locking down the extension from running rampant. While some security measures have been introduced in MV3, it is far from safe. In this talk, we will be demonstrating a suite of attacks, while requiring the least amount of permissions, which 95% of extensions on the Chrome store have. We will showcase stealth stealing of webcam feed, audio streams, clipboard data, and stealing credentials from other extensions like password managers. \r\n\r\nMV3 also introduced security measures to block the usage of functions like eval and new Function that allowed arbitrary code execution. We’ll showcase how an extension can still do arbitrary code execution effectively bypassing the MV3 restrictions. \r\n\r\nIn this talk, we will also propose changes to the extension security model to prevent the lurking loopholes. We will also be demonstrating how malicious extensions can interfere with other extensions and steal sensitive information such as Credit card, passwords, OTP, etc, from other extensions. \r\n\n\n\n","media":[],"title":"Sneaky Extensions: The MV3 Escape Artists","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:30:00Z","end_timestamp":{"seconds":1723311000,"nanoseconds":0},"android_description":"Ever since the pandemic and the rising popularity of work-from-home and hybrid models, there has been an increase in the usage of browsers, particularly video conferencing and collaboration applications. While some extensions enhance the user experience, some can gravely affect users' privacy and security. \r\n\r\nOver the past few years, extensions have gained recognition for nefarious activities, from simple color picker extensions to productivity-first AI extensions. And now more than ever, attackers are leveraging malicious extensions to steal user data, promote ads, affiliate marketing, and more. Realizing the abuse, Google pivoted from the MV2 model to the latest MV3, providing better security and locking down the extension from running rampant. While some security measures have been introduced in MV3, it is far from safe. In this talk, we will be demonstrating a suite of attacks, while requiring the least amount of permissions, which 95% of extensions on the Chrome store have. We will showcase stealth stealing of webcam feed, audio streams, clipboard data, and stealing credentials from other extensions like password managers. \r\n\r\nMV3 also introduced security measures to block the usage of functions like eval and new Function that allowed arbitrary code execution. We’ll showcase how an extension can still do arbitrary code execution effectively bypassing the MV3 restrictions. \r\n\r\nIn this talk, we will also propose changes to the extension security model to prevent the lurking loopholes. We will also be demonstrating how malicious extensions can interfere with other extensions and steal sensitive information such as Credit card, passwords, OTP, etc, from other extensions.","updated_timestamp":{"seconds":1720393807,"nanoseconds":0},"speakers":[{"content_ids":[54555,54470,55984,55899],"conference_id":133,"event_ids":[56606,56486,54843,54930],"name":"Vivek Ramachandran","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SquareX","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/vivekramachandran/"},{"description":"","title":"Twitter (@vivekramac)","sort_order":0,"url":"https://x.com/vivekramac"}],"media":[],"id":54075,"title":"Founder at SquareX"},{"content_ids":[54555],"conference_id":133,"event_ids":[54930],"name":"Shourya Pratap Singh","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SquareX","title":"Principal Software Engineer"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/shouryaps/"},{"description":"","title":"Twitter (@shouryaps)","sort_order":0,"url":"https://x.com/shouryaps"}],"media":[],"id":55879,"title":"Principal Software Engineer at SquareX"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T23:10:07Z","links":[],"end":"2024-08-10T17:30:00.000-0000","id":54930,"tag_ids":[46169,46367,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":54075},{"tag_id":46167,"sort_order":4,"person_id":55879}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-07T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Pwnies are an annual awards ceremony celebrating and making fun of the achievements and failures of security researchers and the wider security community. Every year, members of the infosec community nominate the best research and exploits they’ve seen. The Pwnie Award nominations are judged by a panel of respected security researchers and former pwnie award recipients – the closest to a jury of peers a hacker is likely to ever get. At this event DEF CON attendees will get a first person look at some of the most groundbreaking research and hacks in the cyber security community of the past year, and the winners get some well deserved recognition from the broader community for the great work they’ve done. \n\n\n","media":[],"title":"The Pwnie Awards","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T17:45:00Z","end_timestamp":{"seconds":1723311900,"nanoseconds":0},"android_description":"The Pwnies are an annual awards ceremony celebrating and making fun of the achievements and failures of security researchers and the wider security community. Every year, members of the infosec community nominate the best research and exploits they’ve seen. The Pwnie Award nominations are judged by a panel of respected security researchers and former pwnie award recipients – the closest to a jury of peers a hacker is likely to ever get. At this event DEF CON attendees will get a first person look at some of the most groundbreaking research and hacks in the cyber security community of the past year, and the winners get some well deserved recognition from the broader community for the great work they’ve done.","updated_timestamp":{"seconds":1720307459,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-06T23:10:59Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249529"},{"label":"Website","type":"link","url":"https://pwnies.com/"},{"label":"Twitter (@pwnieawards)","type":"link","url":"https://twitter.com/pwnieawards"}],"end":"2024-08-10T17:45:00.000-0000","id":54853,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"MicroPython is a firmware environment for quickly developing and deploying software onto microcontroller systems. It is used in a variety of industrial and scientific applications, as well as (most importantly) in some DEF CON #badgelife projects. It's easy to learn and use for rapid prototyping.\r\n\r\nFor hackers interested in reverse engineering compiled or obfuscated MicroPython code, there are some obstacles. MicroPython is an implementation of CPython, not a port, so it has its own compiled bytecode language that existing reverse engineering tools aren't designed to parse. Also, modules can be \"frozen\", compiled directly into the microcontroller firmware, and may be difficult to locate and parse when microcontroller firmware is extracted and analyzed.\r\n\r\nIn this talk, Wesley will walk the audience through the process of identifying \"frozen\"/compiled modules in a firmware image without debug symbols using the Ghidra disassembler. The relevant module, string, object, and raw code data structures will be detailed, so that everything required to rebuild a non-frozen module can recovered. Once a compiled module is reconstructed, Wesley will present a detailed example of reading and understanding MicroPython compiled bytecode, for the purpose of reverse engineering the purpose and implementation of the module.\r\n\r\n- Micropython source code\r\n- Official documentation, including:\r\n - .mpy files: [link](https://docs.micropython.org/en/latest/reference/mpyfiles.html)\r\n - Micropython internals: [link](https://docs.micropython.org/en/latest/develop/index.html)\r\n- \"Securing a MicroPython System\" [link](https://github.com/micropython/micropython/wiki/Securing-a-MicroPython-system)\r\n- The collected Raspberry Pi Pico documentation for my test environment [link](https://www.raspberrypi.com/documentation/microcontrollers/raspberry-pi-pico.html#documentation)\r\n- Andrew Leech - \"Profiling Pathogens with (micro) Python\" [link](https://www.youtube.com/watch?v=YovngSLXoxw)\r\n- Kevin McAleer - \"Securing Passwords with MicroPython\" [link](https://www.youtube.com/watch?v=fl3UNaUoYzc)\r\n- C. Spindler - \"MicroPython used in industrial applications\" [link](https://www.youtube.com/watch?v=xDPdvjNxyWs)\r\n- \"MicroPython and the European Space Agency\" [link](https://forum.micropython.org/viewtopic.php?f=8&t=744)\r\n\n\n\n","media":[],"title":"Reverse Engineering MicroPython Frozen Modules: Data Structures, Reconstruction, and Reading Bytecode","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T17:45:00Z","end_timestamp":{"seconds":1723311900,"nanoseconds":0},"android_description":"MicroPython is a firmware environment for quickly developing and deploying software onto microcontroller systems. It is used in a variety of industrial and scientific applications, as well as (most importantly) in some DEF CON #badgelife projects. It's easy to learn and use for rapid prototyping.\r\n\r\nFor hackers interested in reverse engineering compiled or obfuscated MicroPython code, there are some obstacles. MicroPython is an implementation of CPython, not a port, so it has its own compiled bytecode language that existing reverse engineering tools aren't designed to parse. Also, modules can be \"frozen\", compiled directly into the microcontroller firmware, and may be difficult to locate and parse when microcontroller firmware is extracted and analyzed.\r\n\r\nIn this talk, Wesley will walk the audience through the process of identifying \"frozen\"/compiled modules in a firmware image without debug symbols using the Ghidra disassembler. The relevant module, string, object, and raw code data structures will be detailed, so that everything required to rebuild a non-frozen module can recovered. Once a compiled module is reconstructed, Wesley will present a detailed example of reading and understanding MicroPython compiled bytecode, for the purpose of reverse engineering the purpose and implementation of the module.\r\n\r\n- Micropython source code\r\n- Official documentation, including:\r\n - .mpy files: [link](https://docs.micropython.org/en/latest/reference/mpyfiles.html)\r\n - Micropython internals: [link](https://docs.micropython.org/en/latest/develop/index.html)\r\n- \"Securing a MicroPython System\" [link](https://github.com/micropython/micropython/wiki/Securing-a-MicroPython-system)\r\n- The collected Raspberry Pi Pico documentation for my test environment [link](https://www.raspberrypi.com/documentation/microcontrollers/raspberry-pi-pico.html#documentation)\r\n- Andrew Leech - \"Profiling Pathogens with (micro) Python\" [link](https://www.youtube.com/watch?v=YovngSLXoxw)\r\n- Kevin McAleer - \"Securing Passwords with MicroPython\" [link](https://www.youtube.com/watch?v=fl3UNaUoYzc)\r\n- C. Spindler - \"MicroPython used in industrial applications\" [link](https://www.youtube.com/watch?v=xDPdvjNxyWs)\r\n- \"MicroPython and the European Space Agency\" [link](https://forum.micropython.org/viewtopic.php?f=8&t=744)","updated_timestamp":{"seconds":1720462876,"nanoseconds":0},"speakers":[{"content_ids":[55326,54479,54212],"conference_id":133,"event_ids":[55718,54585,54852],"name":"Wesley McGrew","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MartinFederal","title":"Senior Cybersecurity Fellow"}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@mcgrew@defcon.social)","sort_order":0,"url":"https://defcon.social/@mcgrew"},{"description":"","title":"MixCloud","sort_order":0,"url":"https://www.mixcloud.com/wesmcgrew/stream/"},{"description":"","title":"Twitter (@McGrewSecurity)","sort_order":0,"url":"https://twitter.com/McGrewSecurity"}],"media":[],"id":54044,"title":"Senior Cybersecurity Fellow at MartinFederal"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:21:16Z","links":[],"end":"2024-08-10T17:45:00.000-0000","id":54852,"tag_ids":[46166,46169,46419,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54044}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-08T18:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Physical access control systems are often exploited in a number of ways. It could be weaknesses found within the credential itself, the antiquated communication protocol, the hardware itself, or the firmware it is running. But more often than not, it is a combination of factors that allow a variety of attacks from multiple dimensions. Some are extremely trivial and require little to no skill to perform, whereas some attacks require a bit more setup and knowledge of how the underlying technology works. We will go into detail on how these systems work, why verifying mutual authentication is important for physical access control systems and the exploits that can be accomplished, as well as ways to mitigate these exploits to make your facility more secure. This talk will include interactive demos involving official HID readers and hardware, proxmark3, and the flipper zero.\r\n\r\n- [link](https://www.hidglobal.com/doclib/files/resource_files/an0109_a.2_credential_id_markings_application_note.pdf)\r\n- [link](https://gist.github.com/bettse/36f25f9a2fcca74d773587cc8e780766)\r\n- [link](https://ipvm.com/reports/hid-downgrade)\r\n- [link](https://ipvm.com/reports/iclass-se-not-cracked)\r\n- [link](https://github.com/RfidResearchGroup/proxmark3/blob/master/doc/hid_downgrade.md)\r\n\n\n\n","media":[],"title":"Mutual authentication is optional","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T17:20:00Z","end_timestamp":{"seconds":1723310400,"nanoseconds":0},"android_description":"Physical access control systems are often exploited in a number of ways. It could be weaknesses found within the credential itself, the antiquated communication protocol, the hardware itself, or the firmware it is running. But more often than not, it is a combination of factors that allow a variety of attacks from multiple dimensions. Some are extremely trivial and require little to no skill to perform, whereas some attacks require a bit more setup and knowledge of how the underlying technology works. We will go into detail on how these systems work, why verifying mutual authentication is important for physical access control systems and the exploits that can be accomplished, as well as ways to mitigate these exploits to make your facility more secure. This talk will include interactive demos involving official HID readers and hardware, proxmark3, and the flipper zero.\r\n\r\n- [link](https://www.hidglobal.com/doclib/files/resource_files/an0109_a.2_credential_id_markings_application_note.pdf)\r\n- [link](https://gist.github.com/bettse/36f25f9a2fcca74d773587cc8e780766)\r\n- [link](https://ipvm.com/reports/hid-downgrade)\r\n- [link](https://ipvm.com/reports/iclass-se-not-cracked)\r\n- [link](https://github.com/RfidResearchGroup/proxmark3/blob/master/doc/hid_downgrade.md)","updated_timestamp":{"seconds":1720462829,"nanoseconds":0},"speakers":[{"content_ids":[54478],"conference_id":133,"event_ids":[54851],"name":"Xavier Zhang","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":"he/him","media":[],"id":54101}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:20:29Z","links":[],"end":"2024-08-10T17:20:00.000-0000","id":54851,"tag_ids":[46166,46169,46419,46880],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54101}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-08T18:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"CSC ServiceWorks is a large vendor of pay-to-play laundry machines in apartments and condomiums. Most are Speed Queens, but newer CSC-branded machines use an app for payment and have custom circuitry inside. Many however accept quarters as well. We show that, when all else fails, you can always physically bypass the coin slot to run the machines for free.\r\n\r\n00. [link](https://www.cscsw.com/)\r\n01. [link](https://www.getcscgo.com/)\r\n02. [link](https://www.getwashfree.com/)\r\n03. [link](https://www.law.com/delbizcourt/2023/03/16/mobile-payments-company-alleges-laundry-machine-operator-faked-partnership-move-to-develop-competing-system/)\r\n04. [link](https://www.cscadminfeesettlement.com/)\r\n05. [link](https://www.bbb.org/us/ny/melville/profile/laundry-equipment/csc-serviceworks-inc-0121-73322/customer-reviews)\r\n06. [link](https://www.yelp.com/biz/csc-serviceworks-industry)\r\n07. [link](https://goo.gl/maps/5qch79evK6jSyXug6)\r\n08. [link](https://michael.orlitzky.com/documents/csc/sdgx09wf-manual.pdf)\r\n09. [link](https://michael.orlitzky.com/documents/csc/sfnbcasp-manual.pdf)\r\n10. [link](https://michael.orlitzky.com/documents/csc/sfnncasp-manual.pdf)\r\n11. [link](https://covertinstruments.com/products/covert-tubular-lock-pick)\r\n12. [link](https://www.toool.us/lockpicking-laws.php)\r\n13. [link](https://alliancelaundry.com/)\r\n14. [link](https://parts.alliancelaundry.com/i-7549723-alliance-54612-washer-dryer-key-gr-800.html)\r\n15. [link](https://www.amazon.com/dp/B079L6VWCH)\r\n16. [link](https://www.tiktok.com/@depressedinfluencer/video/7127426562961640750)\r\n17. [link](https://www.youtube.com/watch?v=70W5fyZGYvA)\r\n18. [link](https://www.youtube.com/watch?v=3vn-pGqZGp0)\r\n19. [link](https://www.amazon.com/dp/B0973V2W67)\r\n20. [link](https://michael.orlitzky.com/articles/csc_serviceworks_laundry_machine_coin_bypass.xhtml)\r\n\n\n\n","media":[],"title":"Laundering Money","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T17:20:00Z","end_timestamp":{"seconds":1723310400,"nanoseconds":0},"android_description":"CSC ServiceWorks is a large vendor of pay-to-play laundry machines in apartments and condomiums. Most are Speed Queens, but newer CSC-branded machines use an app for payment and have custom circuitry inside. Many however accept quarters as well. We show that, when all else fails, you can always physically bypass the coin slot to run the machines for free.\r\n\r\n00. [link](https://www.cscsw.com/)\r\n01. [link](https://www.getcscgo.com/)\r\n02. [link](https://www.getwashfree.com/)\r\n03. [link](https://www.law.com/delbizcourt/2023/03/16/mobile-payments-company-alleges-laundry-machine-operator-faked-partnership-move-to-develop-competing-system/)\r\n04. [link](https://www.cscadminfeesettlement.com/)\r\n05. [link](https://www.bbb.org/us/ny/melville/profile/laundry-equipment/csc-serviceworks-inc-0121-73322/customer-reviews)\r\n06. [link](https://www.yelp.com/biz/csc-serviceworks-industry)\r\n07. [link](https://goo.gl/maps/5qch79evK6jSyXug6)\r\n08. [link](https://michael.orlitzky.com/documents/csc/sdgx09wf-manual.pdf)\r\n09. [link](https://michael.orlitzky.com/documents/csc/sfnbcasp-manual.pdf)\r\n10. [link](https://michael.orlitzky.com/documents/csc/sfnncasp-manual.pdf)\r\n11. [link](https://covertinstruments.com/products/covert-tubular-lock-pick)\r\n12. [link](https://www.toool.us/lockpicking-laws.php)\r\n13. [link](https://alliancelaundry.com/)\r\n14. [link](https://parts.alliancelaundry.com/i-7549723-alliance-54612-washer-dryer-key-gr-800.html)\r\n15. [link](https://www.amazon.com/dp/B079L6VWCH)\r\n16. [link](https://www.tiktok.com/@depressedinfluencer/video/7127426562961640750)\r\n17. [link](https://www.youtube.com/watch?v=70W5fyZGYvA)\r\n18. [link](https://www.youtube.com/watch?v=3vn-pGqZGp0)\r\n19. [link](https://www.amazon.com/dp/B0973V2W67)\r\n20. [link](https://michael.orlitzky.com/articles/csc_serviceworks_laundry_machine_coin_bypass.xhtml)","updated_timestamp":{"seconds":1720462817,"nanoseconds":0},"speakers":[{"content_ids":[54477],"conference_id":133,"event_ids":[54850],"name":"Michael Orlitzky","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"michael.orlitzky.com/","sort_order":0,"url":"https://michael.orlitzky.com/"}],"media":[],"id":54108}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:20:17Z","links":[],"end":"2024-08-10T17:20:00.000-0000","id":54850,"tag_ids":[46166,46419,46879],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54108}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-08T18:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The year is 1984… Ronald Reagan is President, it is a “New Mourning in America.” In Texas, a small cabal of malcontents meet in an abandoned slaughterhouse, decorated with heavy metal band posters, satanic iconography, and, most ominously, the skull of a DEAD COW… As pirated copies of speedmetal and punk music play in the background, these erstwhile revolutionaries speak of their disillusion with The Way Things Are, and their obsession with their new computers. All over America, teens were waking to not just the typical dissatisfaction of adolescence, but the awareness that via these new modes of communication and interaction, they could meet like-minded others, have some illicit fun, and maybe, just maybe, change the goddamn world.\r\n\r\n1984 wasn’t the beginning of hacking, but brought perhaps the first real blossoming of the culture. The spread of the personal computer, and the modem, brought the birth of not just cDc, but the Legion of Doom, and 2600 Magazine. 1985 would bring Phrack Magazine, and a true explosion in the written culture, with t-files becoming the currency of the Truly Elite. In this session, members of cDc, 2600, LoD, MoD, and r00t will talk about what made them hackers and phreaks, swap stories, and answer questions posed by Prof. Walter Scheirer of the University of Notre Dame and audience Q&A.\n\n\n","media":[],"title":"CULT OF THE DEAD COW & Friends Present: Prime Cuts from Hacker History - 40 Years of 31337","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"The year is 1984… Ronald Reagan is President, it is a “New Mourning in America.” In Texas, a small cabal of malcontents meet in an abandoned slaughterhouse, decorated with heavy metal band posters, satanic iconography, and, most ominously, the skull of a DEAD COW… As pirated copies of speedmetal and punk music play in the background, these erstwhile revolutionaries speak of their disillusion with The Way Things Are, and their obsession with their new computers. All over America, teens were waking to not just the typical dissatisfaction of adolescence, but the awareness that via these new modes of communication and interaction, they could meet like-minded others, have some illicit fun, and maybe, just maybe, change the goddamn world.\r\n\r\n1984 wasn’t the beginning of hacking, but brought perhaps the first real blossoming of the culture. The spread of the personal computer, and the modem, brought the birth of not just cDc, but the Legion of Doom, and 2600 Magazine. 1985 would bring Phrack Magazine, and a true explosion in the written culture, with t-files becoming the currency of the Truly Elite. In this session, members of cDc, 2600, LoD, MoD, and r00t will talk about what made them hackers and phreaks, swap stories, and answer questions posed by Prof. Walter Scheirer of the University of Notre Dame and audience Q&A.","updated_timestamp":{"seconds":1720377096,"nanoseconds":0},"speakers":[{"content_ids":[54476],"conference_id":133,"event_ids":[54849],"name":"Patrick “Lord Digital” Kroupa","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54094},{"content_ids":[54476],"conference_id":133,"event_ids":[54849],"name":"Emmanuel Goldstein","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54130},{"content_ids":[54476],"conference_id":133,"event_ids":[54849],"name":"John Threat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54166},{"content_ids":[54476],"conference_id":133,"event_ids":[54849],"name":"Walter J. Scheirer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54175},{"content_ids":[54476],"conference_id":133,"event_ids":[54849],"name":"X","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54177},{"content_ids":[54476],"conference_id":133,"event_ids":[54849],"name":"Deth Veggie","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Bsky","sort_order":0,"url":"https://bsky.app/profile/dethveggie.bsky.social"}],"media":[],"id":54189},{"content_ids":[54476],"conference_id":133,"event_ids":[54849],"name":"TommydCat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54192}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T18:31:36Z","links":[],"end":"2024-08-10T18:45:00.000-0000","id":54849,"tag_ids":[46166,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54189},{"tag_id":46167,"sort_order":4,"person_id":54175},{"tag_id":46167,"sort_order":6,"person_id":54094},{"tag_id":46167,"sort_order":8,"person_id":54166},{"tag_id":46167,"sort_order":10,"person_id":54130},{"tag_id":46167,"sort_order":12,"person_id":54177},{"tag_id":46167,"sort_order":14,"person_id":54192}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-07T18:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DEF CON has made HDA a community, and we now have a community room! This room will be dedicated to the attendees with ADA needs, their friends, helpers, and anyone who wants to hang out and be social! So far we plan on providing charging stations, chill out sessions, an open call for a modular synth jam session, and more to come! Let's all work together to make DEFCON Awesomely Accessible!\r\n\r\n(Please note that on Thursday, we will be open only to provide assistance to those in need. Regular community programming will begin on Friday.)\r\n\r\nHang out, chill out deck out your mobility device and more!\n\n\n","media":[],"title":"HDA Community - Open for Accessibility Questions/Help","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T07:00:00Z","end_timestamp":{"seconds":1723359600,"nanoseconds":0},"android_description":"DEF CON has made HDA a community, and we now have a community room! This room will be dedicated to the attendees with ADA needs, their friends, helpers, and anyone who wants to hang out and be social! So far we plan on providing charging stations, chill out sessions, an open call for a modular synth jam session, and more to come! Let's all work together to make DEFCON Awesomely Accessible!\r\n\r\n(Please note that on Thursday, we will be open only to provide assistance to those in need. Regular community programming will begin on Friday.)\r\n\r\nHang out, chill out deck out your mobility device and more!","updated_timestamp":{"seconds":1722140938,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T04:28:58Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/242670"},{"label":"Official HDA Policy","type":"link","url":"https://defcon.org/html/links/dc-hda.html"}],"end":"2024-08-11T07:00:00.000-0000","id":54572,"tag_ids":[46362,46404],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46251,"name":"LVCC - L1 - W110 (HDA)","hotel":"","short_name":"W110 (HDA)","id":46280},"spans_timebands":"Y","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-28T04:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"MITRE Caldera is a scalable, automated adversary emulation, open-source cybersecurity platform developed by MITRE. It empowers cyber practitioners to save time, money, and energy through automated security assessments. Caldera not only tests and evaluates detection/analytic and response platforms, but it also provides the capability for your red team to perform manual assessments with computer assistance. This is achieved by augmenting existing offensive toolsets. The framework can be extended to integrate with any custom tools you may have. The development team behind the platform is a group of red teamers, software developers, exploit writers, cyber threat analysts, AI researchers, cybersecurity engineers, and computer scientists. They all pursue the common goal of building a premier adversary emulation platform for our security defenders around the world.\n\n\n","media":[],"title":"MITRE Caldera","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"MITRE Caldera is a scalable, automated adversary emulation, open-source cybersecurity platform developed by MITRE. It empowers cyber practitioners to save time, money, and energy through automated security assessments. Caldera not only tests and evaluates detection/analytic and response platforms, but it also provides the capability for your red team to perform manual assessments with computer assistance. This is achieved by augmenting existing offensive toolsets. The framework can be extended to integrate with any custom tools you may have. The development team behind the platform is a group of red teamers, software developers, exploit writers, cyber threat analysts, AI researchers, cybersecurity engineers, and computer scientists. They all pursue the common goal of building a premier adversary emulation platform for our security defenders around the world.","updated_timestamp":{"seconds":1718922800,"nanoseconds":0},"speakers":[{"content_ids":[55986,54197],"conference_id":133,"event_ids":[56608,54566],"name":"Mark Perry","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MITRE Corp","title":"Lead Applied Cyber Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/mark-perry-2a4a8451"}],"media":[],"id":53755,"title":"Lead Applied Cyber Security Engineer at MITRE Corp"},{"content_ids":[55986,54197],"conference_id":133,"event_ids":[56608,54566],"name":"Rachel Murphy","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MITRE Corp","title":"Cyber Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/rachelcmurphy"}],"media":[],"id":53769,"title":"Cyber Security Engineer at MITRE Corp"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:33:20Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249626"},{"label":"Project","type":"link","url":"https://github.com/mitre/caldera "}],"end":"2024-08-10T18:45:00.000-0000","id":54566,"tag_ids":[46169,46441,46445,46455],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53755},{"tag_id":46167,"sort_order":4,"person_id":53769}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W308","hotel":"","short_name":"W308","id":46321},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-06-20T22:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Imagine GCHQ's CyberChef integrated in BurpSuite with live modification of requests at your fingertips. That's exactly what we had in mind when we built the Cyber Security Transformation Chef (CSTC) a few years ago. The CSTC is an extension to the popular BurpSuite Proxy built for experts working with web applications. It enables users to define recipes that are applied to outgoing or incoming HTTP requests/responses automatically. Whatever quirks and specialties an application might challenge you with during an assessment, the CSTC has you covered. Furthermore, it allows to quickly apply custom formatting to a chosen message, if a more detailed analysis is needed. After the initial release the CSTC is finally back! It contains new features and improvements such as many new operations to be used in recipes, inclusion of community requested features and a refactoring of the codebase. Alongside the CTSC we will launch a new public repository with recipes we found useful in our experience as penetration testers and of course open for contribution by the community. This helps the community to solve common challenges and getting started working with the CSTC.\n\n\n","media":[],"title":"Cyber Security Transformation Chef (CSTC)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"Imagine GCHQ's CyberChef integrated in BurpSuite with live modification of requests at your fingertips. That's exactly what we had in mind when we built the Cyber Security Transformation Chef (CSTC) a few years ago. The CSTC is an extension to the popular BurpSuite Proxy built for experts working with web applications. It enables users to define recipes that are applied to outgoing or incoming HTTP requests/responses automatically. Whatever quirks and specialties an application might challenge you with during an assessment, the CSTC has you covered. Furthermore, it allows to quickly apply custom formatting to a chosen message, if a more detailed analysis is needed. After the initial release the CSTC is finally back! It contains new features and improvements such as many new operations to be used in recipes, inclusion of community requested features and a refactoring of the codebase. Alongside the CTSC we will launch a new public repository with recipes we found useful in our experience as penetration testers and of course open for contribution by the community. This helps the community to solve common challenges and getting started working with the CSTC.","updated_timestamp":{"seconds":1718922742,"nanoseconds":0},"speakers":[{"content_ids":[55732,54194],"conference_id":133,"event_ids":[56259,54563],"name":"Florian Haag","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"usd AG","title":"Managing Security Consultant"}],"links":[],"pronouns":null,"media":[],"id":53737,"title":"Managing Security Consultant at usd AG"},{"content_ids":[55732,54194],"conference_id":133,"event_ids":[56259,54563],"name":"Matthias Göhring","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"usd AG","title":"Security Consultant and Penetration Tester"}],"links":[],"pronouns":null,"media":[],"id":53759,"title":"Security Consultant and Penetration Tester at usd AG"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:32:22Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249625"},{"label":"Project","type":"link","url":"https://github.com/usdAG/cstc"}],"end":"2024-08-10T18:45:00.000-0000","id":54563,"tag_ids":[46169,46441,46443,46453],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53737},{"tag_id":46167,"sort_order":4,"person_id":53759}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W307","hotel":"","short_name":"W307","id":46322},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-06-20T22:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As the landscape of industrial control systems (ICS) evolves, the security vulnerabilities inherent in these systems have become increasingly important. In response to this escalating situation, in this paper, we present the development of a virtualized cybersecurity research testbed tailored for these environments. Addressing the challenge of limited access to proprietary OT network data for research purposes, our this talk proposes a comprehensive framework for simulating industrial environments, aiming to facilitate the development and testing of cybersecurity solutions by providing functionalities for network traffic logging, attack impact simulation, generation of labeled multivariate time series sensor datasets, among others, bridging the gap between theoretical research and practical application needs, especially in situations of low data availability and data-driven cybersecurity research.\n\n\n","media":[],"title":"Testbed Virtual Factory","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"As the landscape of industrial control systems (ICS) evolves, the security vulnerabilities inherent in these systems have become increasingly important. In response to this escalating situation, in this paper, we present the development of a virtualized cybersecurity research testbed tailored for these environments. Addressing the challenge of limited access to proprietary OT network data for research purposes, our this talk proposes a comprehensive framework for simulating industrial environments, aiming to facilitate the development and testing of cybersecurity solutions by providing functionalities for network traffic logging, attack impact simulation, generation of labeled multivariate time series sensor datasets, among others, bridging the gap between theoretical research and practical application needs, especially in situations of low data availability and data-driven cybersecurity research.","updated_timestamp":{"seconds":1718922689,"nanoseconds":0},"speakers":[{"content_ids":[54191],"conference_id":133,"event_ids":[54560],"name":"Borja Pintos Castro","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Gradiant","title":"Researcher, Security and Privacy Area"}],"links":[],"pronouns":null,"media":[],"id":53727,"title":"Researcher, Security and Privacy Area at Gradiant"},{"content_ids":[54191],"conference_id":133,"event_ids":[54560],"name":"Camilo Piñón Blanco","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53728}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:31:29Z","links":[{"label":"Project","type":"link","url":"https://github.com/Gradiant/virtual-factory "},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249624"}],"end":"2024-08-10T18:45:00.000-0000","id":54560,"tag_ids":[46169,46441,46445],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53727},{"tag_id":46167,"sort_order":4,"person_id":53728}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W306","hotel":"","short_name":"W306","id":46323},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-06-20T22:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"5Ghoul Fuzzer is an over-the-air security testing tool and fuzzing framework that leverages a rogue 5G NR base station to systematically create test cases targeting 5G-capable smartphones or Qualcomm USB-based modems. Moreover, such framework contains test case scripts to launch attacks exploiting 10 implementation-level vulnerabilities ranging from DoS to Downgrades that affect commercial 5G modems from major chipset vendors such as Qualcomm and MediaTek. The tool is released open sourced, but it is also continuously experimented with newer devices. For example, there are two more 5G implementation vulnerabilities that are under embargo and will be released by the end of this month in the open source repository and website maintained for the project.\n\n\n","media":[],"title":"5Ghoul Framework - 5G NR Attacks & 5G OTA Fuzzing","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"5Ghoul Fuzzer is an over-the-air security testing tool and fuzzing framework that leverages a rogue 5G NR base station to systematically create test cases targeting 5G-capable smartphones or Qualcomm USB-based modems. Moreover, such framework contains test case scripts to launch attacks exploiting 10 implementation-level vulnerabilities ranging from DoS to Downgrades that affect commercial 5G modems from major chipset vendors such as Qualcomm and MediaTek. The tool is released open sourced, but it is also continuously experimented with newer devices. For example, there are two more 5G implementation vulnerabilities that are under embargo and will be released by the end of this month in the open source repository and website maintained for the project.","updated_timestamp":{"seconds":1718922629,"nanoseconds":0},"speakers":[{"content_ids":[54188],"conference_id":133,"event_ids":[54557],"name":"Matheus Eduardo Garbelini","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Singapore University of Technology and Design (SUTD)","title":"Research Fellow"}],"links":[],"pronouns":null,"media":[],"id":53756,"title":"Research Fellow at Singapore University of Technology and Design (SUTD)"},{"content_ids":[54188],"conference_id":133,"event_ids":[54557],"name":"Sudipta Chattopadhyay","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Singapore University of Technology and Design (SUTD)","title":"Associate Professor"}],"links":[],"pronouns":null,"media":[],"id":53774,"title":"Associate Professor at Singapore University of Technology and Design (SUTD)"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:30:29Z","links":[{"label":"Project","type":"link","url":"https://github.com/asset-group/5ghoul-5g-nr-attacks "},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249623"}],"end":"2024-08-10T18:45:00.000-0000","id":54557,"tag_ids":[46169,46441,46452,46453],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53756},{"tag_id":46167,"sort_order":4,"person_id":53774}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W305","hotel":"","short_name":"W305","id":46324},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-06-20T22:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Tempest is a command and control framework written in 100% Rust. It began as a research project and personal challenge, but has grown into a very effective c2 framework. The original concept was to write a simple yet effective c2 framework, and design continues to focus on this simple goal. Because it started out as a research project with a learning goal, the framework is not directly based on any existing c2 frameworks and the vast majority of code will not be found anywhere else.\n\n\n","media":[],"title":"Tempest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"Tempest is a command and control framework written in 100% Rust. It began as a research project and personal challenge, but has grown into a very effective c2 framework. The original concept was to write a simple yet effective c2 framework, and design continues to focus on this simple goal. Because it started out as a research project with a learning goal, the framework is not directly based on any existing c2 frameworks and the vast majority of code will not be found anywhere else.","updated_timestamp":{"seconds":1718922566,"nanoseconds":0},"speakers":[{"content_ids":[55305,54185],"conference_id":133,"event_ids":[55695,54554],"name":"Kirk Trychel","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Box.com","title":"Senior Red Team Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@teach2breach)","sort_order":0,"url":"https://twitter.com/teach2breach"}],"media":[],"id":53748,"title":"Senior Red Team Engineer at Box.com"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:29:26Z","links":[{"label":"Project","type":"link","url":"https://github.com/Teach2Breach/tempest"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249622"}],"end":"2024-08-10T18:45:00.000-0000","id":54554,"tag_ids":[46169,46441,46445,46453],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53748}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W304","hotel":"","short_name":"W304","id":46325},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-06-20T22:29:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Maestro is a post-exploitation tool designed to interact with Intune/EntraID from a C2 agent on a user's workstation without requiring knowledge of the user's password or Azure authentication flows, token manipulation, and web-based administration console. Maestro makes interacting with Intune and EntraID from C2 much easier, as the operator does not need to obtain the user's cleartext password, extract primary refresh token (PRT) cookies from the system, run additional tools or a browser session over a SOCKS proxy, or deal with Azure authentication flows, tokens, or conditional access policies in order to execute actions in Azure on behalf of the logged-in user. Maestro enables attack paths between on-prem and Azure. For example, by running Maestro on an Intune admin's machine, you can execute PowerShell scripts on any enrolled device without ever knowing the admin's credentials!\n\n\n","media":[],"title":"Maestro","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"Maestro is a post-exploitation tool designed to interact with Intune/EntraID from a C2 agent on a user's workstation without requiring knowledge of the user's password or Azure authentication flows, token manipulation, and web-based administration console. Maestro makes interacting with Intune and EntraID from C2 much easier, as the operator does not need to obtain the user's cleartext password, extract primary refresh token (PRT) cookies from the system, run additional tools or a browser session over a SOCKS proxy, or deal with Azure authentication flows, tokens, or conditional access policies in order to execute actions in Azure on behalf of the logged-in user. Maestro enables attack paths between on-prem and Azure. For example, by running Maestro on an Intune admin's machine, you can execute PowerShell scripts on any enrolled device without ever knowing the admin's credentials!","updated_timestamp":{"seconds":1718922506,"nanoseconds":0},"speakers":[{"content_ids":[54209,54182],"conference_id":133,"event_ids":[54551,54582],"name":"Chris Thompson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SpecterOps","title":"Principal Consultant"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@_Mayyhem)","sort_order":0,"url":"https://twitter.com/_Mayyhem"}],"media":[],"id":53730,"title":"Principal Consultant at SpecterOps"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:28:26Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249621"},{"label":"Project","type":"link","url":"https://github.com/Mayyhem/Maestro"}],"end":"2024-08-10T18:45:00.000-0000","id":54551,"tag_ids":[46169,46441,46444,46453],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53730}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W303","hotel":"","short_name":"W303","id":46326},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-06-20T22:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"All merch sales are USD CASH ONLY. No cards will be accepted.\r\n\r\nThe published hours for the merch area are only an approximation: supplies are limited, and when merch is sold out, the merch area will close for the year. (We intend to update this schedule to reflect their true operating status, but this is strictly best-effort.) \r\n\r\nNote that the closing hours here are **when sales must have ended**. For example, if sales must end by 18:00, and we estimate that it will take 2 hours to clear the queue, doors are likely to close around 16:00. Because of this dynamic nature, we can't predict the length of the line or when doors will be closed.\n\n\n","media":[],"title":"Merch (formerly swag) Area Open -- README","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"All merch sales are USD CASH ONLY. No cards will be accepted.\r\n\r\nThe published hours for the merch area are only an approximation: supplies are limited, and when merch is sold out, the merch area will close for the year. (We intend to update this schedule to reflect their true operating status, but this is strictly best-effort.) \r\n\r\nNote that the closing hours here are **when sales must have ended**. For example, if sales must end by 18:00, and we estimate that it will take 2 hours to clear the queue, doors are likely to close around 16:00. Because of this dynamic nature, we can't predict the length of the line or when doors will be closed.","updated_timestamp":{"seconds":1722140898,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T16:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T04:28:18Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":55854,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723305600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W212 (DEF CON Merch)","hotel":"","short_name":"W212 (DEF CON Merch)","id":46285},"spans_timebands":"N","begin":"2024-08-10T16:00:00.000-0000","updated":"2024-07-28T04:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We’ve developed an interactive workshop for all those who want to learn secure coding practices and/or experience attacking with up-to-date technologies.\nWe prefer simplicity:\nAttacks are performed with swagger and C# scripts, and exploit XSS, CSRF, SSRF, and SQLI. We’ll also steal secrets and cookies.\nSecure coding practices are summarized in an easy-to-remember acronym (PREVENT).\nParticipants will transform RecipeRealm, a naive webapi+angular recipes repository, into a secure solution.\nThrough the hands-on real-world coding exercises, we will cover dealing with a vulnerable third party, using the built-in defense mechanism of Angular, implementing antiCSRF mechanisms, coding a secure data layer, and how to protect a web API from being exploited to get information about our internal assets.\n\n\n","media":[],"title":"Sharp Security from All Angles: Mastering Security in .NET Core 8 and Angular 17 Applications","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"We’ve developed an interactive workshop for all those who want to learn secure coding practices and/or experience attacking with up-to-date technologies.\nWe prefer simplicity:\nAttacks are performed with swagger and C# scripts, and exploit XSS, CSRF, SSRF, and SQLI. We’ll also steal secrets and cookies.\nSecure coding practices are summarized in an easy-to-remember acronym (PREVENT).\nParticipants will transform RecipeRealm, a naive webapi+angular recipes repository, into a secure solution.\nThrough the hands-on real-world coding exercises, we will cover dealing with a vulnerable third party, using the built-in defense mechanism of Angular, implementing antiCSRF mechanisms, coding a secure data layer, and how to protect a web API from being exploited to get information about our internal assets.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54231],"conference_id":133,"event_ids":[54604],"name":"Or Sahar","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Secure From Scratch","title":"Co-founder"}],"links":[],"pronouns":null,"media":[],"id":53860,"title":"Co-founder at Secure From Scratch"},{"content_ids":[54231],"conference_id":133,"event_ids":[54604],"name":"Yariv Tal","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53875}],"begin_tsz":"2024-08-10T16:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Sahar_DC32.eventbrite.com"}],"end":"2024-08-10T20:00:00.000-0000","id":54604,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723305600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53860},{"tag_id":46167,"sort_order":1,"person_id":53875}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dean Martin","hotel":"","short_name":"Dean Martin","id":46327},"spans_timebands":"N","begin":"2024-08-10T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"\"Pentesting ICS is too easy and you are looking for a new challenge? Attend this workshop to discover and practice how to secure Industrial Control Systems! This workshop is designed to show some key cybersecurity measures to implement on Industrial Control Systems.\nWe’ll bring a realistic but simple ICS setup and let you secure it step by step. After a short introduction, we’ll deep dive in several hands-on exercises: ICS inventory, backups, network security, system hardening and detection.\n\"\n\n\n","media":[],"title":"Industrial Control Systems: how to secure them in practice!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"\"Pentesting ICS is too easy and you are looking for a new challenge? Attend this workshop to discover and practice how to secure Industrial Control Systems! This workshop is designed to show some key cybersecurity measures to implement on Industrial Control Systems.\nWe’ll bring a realistic but simple ICS setup and let you secure it step by step. After a short introduction, we’ll deep dive in several hands-on exercises: ICS inventory, backups, network security, system hardening and detection.\n\"","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54225,54230],"conference_id":133,"event_ids":[54598,54603],"name":"Alexandrine Torrents","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Wavestone","title":"Cybersecurity Expert"}],"links":[],"pronouns":null,"media":[],"id":53831,"title":"Cybersecurity Expert at Wavestone"}],"begin_tsz":"2024-08-10T16:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Torrents_DC32.eventbrite.com"}],"end":"2024-08-10T20:00:00.000-0000","id":54603,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723305600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53831}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Sands","hotel":"","short_name":"Sands","id":46331},"spans_timebands":"N","begin":"2024-08-10T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We live in a time of unexpected transformation. Machines can hold conversations, compose prose and poetry, and generate very convincing deepfakes. The field of AI where this all happens – deep learning – has a long history, starting with one simple building block: the neural network.\nIn this workshop, we will tour through the evolution of neural networks and discover that much of their evolution occurred in the world of low-level programming. Using C, C++ and a bit of assembly language, we will learn the fundamentals behind neural networks in their various forms, and build a foundation of knowledge that will allow us to understand how we arrived at large language models, the current state of the art. Most importantly, we will discover how far we can stretch everyday hardware to run deep learning models that solve interesting problems.\n\n\n","media":[],"title":"Hacking The Metal: A Spark of Intelligence","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"We live in a time of unexpected transformation. Machines can hold conversations, compose prose and poetry, and generate very convincing deepfakes. The field of AI where this all happens – deep learning – has a long history, starting with one simple building block: the neural network.\nIn this workshop, we will tour through the evolution of neural networks and discover that much of their evolution occurred in the world of low-level programming. Using C, C++ and a bit of assembly language, we will learn the fundamentals behind neural networks in their various forms, and build a foundation of knowledge that will allow us to understand how we arrived at large language models, the current state of the art. Most importantly, we will discover how far we can stretch everyday hardware to run deep learning models that solve interesting problems.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54229],"conference_id":133,"event_ids":[54602],"name":"eigentourist","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53839}],"begin_tsz":"2024-08-10T16:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://eigentourist_DC32.eventbrite.com"}],"end":"2024-08-10T20:00:00.000-0000","id":54602,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723305600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53839}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Desert Inn","hotel":"","short_name":"Desert Inn","id":46328},"spans_timebands":"N","begin":"2024-08-10T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This training will cover how to discover vulnerabilities in custom Salesforce applications hosted on the Salesforce PaaS platform. This is not hacking Salesforce itself, but instead custom applications deployed by customers of Salesforce. You should already know OWASP Top 10 fundamentals such as how XSS or injection attacks work. You will learn how to find vulnerabilities specific to Salesforce apps such as SOQL injection, SOSL, cross-site scripting filter bypasses, and bypassing access controls of hidden functions to exfiltrate data.\nA new open-source tool “PaaS Cloud Goat” will be used to provide a simulated vulnerable Salesforce application for testing. Students will be expected to use a MitM proxy tool (Burp Suite) to craft malicious attacks to exploit the application. This training will provide a lab manual and live walk-through of the attack process and methods. We will also cover source code review and practice how to find vulnerabilities in code and translate them to working exploits of the simulator app.\n\nTakeaways:\n1. Hands-on learning opportunity of pen testing custom Salesforce applications\n2. Detailed training documentation material about the underlying flaws\n3. Consolidated list of common Salesforce application vulnerabilities\n\n\n","media":[],"title":"Hacking Apps on Salesforce","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"This training will cover how to discover vulnerabilities in custom Salesforce applications hosted on the Salesforce PaaS platform. This is not hacking Salesforce itself, but instead custom applications deployed by customers of Salesforce. You should already know OWASP Top 10 fundamentals such as how XSS or injection attacks work. You will learn how to find vulnerabilities specific to Salesforce apps such as SOQL injection, SOSL, cross-site scripting filter bypasses, and bypassing access controls of hidden functions to exfiltrate data.\nA new open-source tool “PaaS Cloud Goat” will be used to provide a simulated vulnerable Salesforce application for testing. Students will be expected to use a MitM proxy tool (Burp Suite) to craft malicious attacks to exploit the application. This training will provide a lab manual and live walk-through of the attack process and methods. We will also cover source code review and practice how to find vulnerabilities in code and translate them to working exploits of the simulator app.\n\nTakeaways:\n1. Hands-on learning opportunity of pen testing custom Salesforce applications\n2. Detailed training documentation material about the underlying flaws\n3. Consolidated list of common Salesforce application vulnerabilities","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54228],"conference_id":133,"event_ids":[54601],"name":"Rodney David Beede","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Principal Consultant"}],"pronouns":null,"links":[{"description":"","title":"Website","sort_order":0,"url":"https://www.rodneybeede.com"}],"media":[],"id":53864,"title":"Principal Consultant"}],"begin_tsz":"2024-08-10T16:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Beede_DC32.eventbrite.com"}],"end":"2024-08-10T20:00:00.000-0000","id":54601,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723305600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53864}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Frontier","hotel":"","short_name":"Frontier","id":46330},"spans_timebands":"N","begin":"2024-08-10T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Capture the Flag (CTF) is a competition where teams and individuals compete to solve security challenges. The one that collects most flags the fastest wins the competition (and typically, prizes).\nCTF-101 is an interactive workshop where we attendees learn about CTF competitions and common security vulnerabilities in a game-like environment. A couple of challenges are presented throughout the session and our hosts walk through how to solve them and provide support as attendees try to solve the challenges during the live hacking part of the workshop. Plus, there’s a leaderboard for attendees to track their progress.\n\n\n","media":[],"title":"Capture the Flag 101","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Capture the Flag (CTF) is a competition where teams and individuals compete to solve security challenges. The one that collects most flags the fastest wins the competition (and typically, prizes).\nCTF-101 is an interactive workshop where we attendees learn about CTF competitions and common security vulnerabilities in a game-like environment. A couple of challenges are presented throughout the session and our hosts walk through how to solve them and provide support as attendees try to solve the challenges during the live hacking part of the workshop. Plus, there’s a leaderboard for attendees to track their progress.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54227],"conference_id":133,"event_ids":[54600],"name":"Micah Silverman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Snyk","title":"Director of Security Relations"}],"links":[],"pronouns":null,"media":[],"id":53857,"title":"Director of Security Relations at Snyk"}],"begin_tsz":"2024-08-10T16:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Silverman_DC32.eventbrite.com"}],"end":"2024-08-10T20:00:00.000-0000","id":54600,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723305600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53857}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dunes","hotel":"","short_name":"Dunes","id":46329},"spans_timebands":"N","begin":"2024-08-10T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you find something that seems to have been lost, please take that item to the nearest NFO Node. The item will enter the DEF CON Lost & Found system. \r\n\r\nIf you've lost something, the only way to check on it (or reclaim it) is by going to the Lost & Found department yourself. The Lost & Found department is in room LVCC - L2 - W238. You may also call Lost & Found at [+1 (725) 377-5045](tel:+17253775045).\r\n\r\nThe Lost & Found department plans to be open Thursday - Saturday, during all hours that the conference operates. On Sunday, the Lost & Found department will open with the venue at 08:00, but will close at the beginning of DEF CON 32 Closing Ceremonies (15:00). Shortly thereafter, all remaining lost items will be transferred to the LVCC West Lobby Security Office. If you need to reach LVCC's West Lobby Security Office, you may call [+1 (702) 943-3532](tel:+17029433532).\n\n\n","media":[],"title":"Lost & Found","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T09:00:00Z","end_timestamp":{"seconds":1723366800,"nanoseconds":0},"android_description":"If you find something that seems to have been lost, please take that item to the nearest NFO Node. The item will enter the DEF CON Lost & Found system. \r\n\r\nIf you've lost something, the only way to check on it (or reclaim it) is by going to the Lost & Found department yourself. The Lost & Found department is in room LVCC - L2 - W238. You may also call Lost & Found at [+1 (725) 377-5045](tel:+17253775045).\r\n\r\nThe Lost & Found department plans to be open Thursday - Saturday, during all hours that the conference operates. On Sunday, the Lost & Found department will open with the venue at 08:00, but will close at the beginning of DEF CON 32 Closing Ceremonies (15:00). Shortly thereafter, all remaining lost items will be transferred to the LVCC West Lobby Security Office. If you need to reach LVCC's West Lobby Security Office, you may call [+1 (702) 943-3532](tel:+17029433532).","updated_timestamp":{"seconds":1722195318,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T15:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T19:35:18Z","links":[],"end":"2024-08-11T09:00:00.000-0000","id":55888,"tag_ids":[46362,46744],"village_id":null,"begin_timestamp":{"seconds":1723302000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W238 (Lost & Found)","hotel":"","short_name":"W238 (Lost & Found)","id":46338},"spans_timebands":"Y","begin":"2024-08-10T15:00:00.000-0000","updated":"2024-07-28T19:35:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Our human registration process this year will be very similar to previous years. Please be patient. All of the times listed here are **approximate**. \r\n\r\n# Basics\r\n\r\n### Who needs a badge?\r\n\r\nA badge is required for each human age 8 and older.\r\n\r\n### Human?\r\n\r\nYou are a human if you do not know otherwise. People that are not humans include goons, official speaker, village/community/contest/creator staff, press, black badge holders, or similar. If you are not a human, you need to register separately. If you don't know how, see an NFO goon (NFO Node, formerly known as an infobooth, is where you can get help). The remainder of this message applies only to humans.\r\n\r\n### Lines? Linecon?\r\n\r\nLinecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)\r\n\r\nOnline badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales. \r\n\r\nPlease help us make this a great experience for everyone by **following directions given by goons**. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join. \r\n\r\n# Ways to buy a badge\r\n\r\n- $480 [online purchase](https://shop.defcon.org/products/def-con-32-las-vegas-convention-center) until August 1, 2024. Tickets are transferable. Please read the details on the linked page.\r\n- $460 cash purchase on-site.\r\n- As part of a BlackHat registration.\r\n\r\n### Online Purchase\r\n\r\nYou will be emailed a QR code to the email address provided when you bought your badge. Please guard that QR code as though it is cash -- it can only be redeemed once, and anyone can redeem it if they have it (including a photo of it). Badges are picked-up on-site -- they will not be mailed or shipped.\r\n\r\nWe can scan the QR code either from your phone's display or from a printed copy. You **must** have the QR code with you in order to obtain your badge. As you approach the front of the line, if you are going to show your QR code on an electronic device, please ensure that your display is set to maximum brightness. \r\n\r\nIf you pre-registered, but ultimately are unable to attend DEF CON and want to cancel your purchase, the **only** way to get a refund is from the original online source. We are unable to provide any refunds on-site at DEF CON. There is a fee to have your badge canceled: $34 until July 15, and $84 on and after July 15.\r\n\r\nOnline purchases are provided a receipt via email when the purchase is made.\r\n\r\nOnline purchase -- often referred to as pre-registration -- does not allow you to skip any line/queue to pick up your badge. Once you arrive on-site, you will need to join the existing line for human registration. There may or may not be a dedicated line for pre-registration badge pickup, depending on when you arrive, how long the line is, available staff, etc.\r\n\r\n### Cash Purchase\r\n\r\nBadges will be available for purchase on-site at DEF CON. All badge sales are **cash only**. No checks, money orders, credit cards, etc., will be accepted. In order to keep the registration line moving as quickly as possible, please have **exact change** ready as you near the front of the line.\r\n\r\nThere are no refunds given for cash sales. If you have any doubt about your desire to buy a badge, please refrain from doing so.\r\n\r\nWe are unable to provide printed receipts at the time of the sale. A generic receipt for the cash sale of a badge will be made available on media.defcon.org after the conference. You are welcome to print your own copy of the receipt on plain paper.\r\n\r\n### Via BlackHat \r\n\r\nIf you attend BlackHat, it is possible to purchase a DEF CON badge with your BlackHat registration. If you did so, please get your DEF CON badge from BlackHat before they close. \r\n\r\nBlackHat should send you an email with instructions for how to obtain your DEF CON badge. In case you missed it, you can go to the second floor, at the concierge desk, halfway down Black Hat Blvd.\r\n\r\n# Misc\r\n\r\nWant to buy multiple badges? No problem! We're happy to sell you however many badges you want to pay for.\r\n\r\nIf you lose your badge, there is unfortunately no way for us to replace it. You'll have to buy a replacement at full price. Please don't lose your badge. :( \r\n\r\nIf you are being accompanied by a full-time caretaker (such as someone who will push your wheelchair, and will accompany you at all times), please ask to speak to a Registration Goon. Your caretaker will receive a paper badge that will permit them to accompany you everywhere you go.\r\n\r\n# Still need help?\r\n\r\nIf you have questions about anything regarding human registration that are not addressed here, please ask to speak to a Registration Goon.\n\n\n","media":[{"hash_sha256":"8a300e1ae98ec2a54a4a5b4a5378f42ca3196613b8cfeec201265c89f74bada7","filetype":"image/webp","hash_md5":"d5dca56d644276270ebb606349e06742","name":"defcon32preregistrationartc.webp","is_logo":"Y","hash_crc32c":"4ef042a8","filesize":249642,"asset_id":815,"sort_order":1,"url":"https://info.defcon.org/blobs/defcon32preregistrationartc.webp"}],"title":"Human Registration Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T02:00:00Z","end_timestamp":{"seconds":1723341600,"nanoseconds":0},"android_description":"Our human registration process this year will be very similar to previous years. Please be patient. All of the times listed here are **approximate**. \r\n\r\n# Basics\r\n\r\n### Who needs a badge?\r\n\r\nA badge is required for each human age 8 and older.\r\n\r\n### Human?\r\n\r\nYou are a human if you do not know otherwise. People that are not humans include goons, official speaker, village/community/contest/creator staff, press, black badge holders, or similar. If you are not a human, you need to register separately. If you don't know how, see an NFO goon (NFO Node, formerly known as an infobooth, is where you can get help). The remainder of this message applies only to humans.\r\n\r\n### Lines? Linecon?\r\n\r\nLinecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)\r\n\r\nOnline badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales. \r\n\r\nPlease help us make this a great experience for everyone by **following directions given by goons**. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join. \r\n\r\n# Ways to buy a badge\r\n\r\n- $480 [online purchase](https://shop.defcon.org/products/def-con-32-las-vegas-convention-center) until August 1, 2024. Tickets are transferable. Please read the details on the linked page.\r\n- $460 cash purchase on-site.\r\n- As part of a BlackHat registration.\r\n\r\n### Online Purchase\r\n\r\nYou will be emailed a QR code to the email address provided when you bought your badge. Please guard that QR code as though it is cash -- it can only be redeemed once, and anyone can redeem it if they have it (including a photo of it). Badges are picked-up on-site -- they will not be mailed or shipped.\r\n\r\nWe can scan the QR code either from your phone's display or from a printed copy. You **must** have the QR code with you in order to obtain your badge. As you approach the front of the line, if you are going to show your QR code on an electronic device, please ensure that your display is set to maximum brightness. \r\n\r\nIf you pre-registered, but ultimately are unable to attend DEF CON and want to cancel your purchase, the **only** way to get a refund is from the original online source. We are unable to provide any refunds on-site at DEF CON. There is a fee to have your badge canceled: $34 until July 15, and $84 on and after July 15.\r\n\r\nOnline purchases are provided a receipt via email when the purchase is made.\r\n\r\nOnline purchase -- often referred to as pre-registration -- does not allow you to skip any line/queue to pick up your badge. Once you arrive on-site, you will need to join the existing line for human registration. There may or may not be a dedicated line for pre-registration badge pickup, depending on when you arrive, how long the line is, available staff, etc.\r\n\r\n### Cash Purchase\r\n\r\nBadges will be available for purchase on-site at DEF CON. All badge sales are **cash only**. No checks, money orders, credit cards, etc., will be accepted. In order to keep the registration line moving as quickly as possible, please have **exact change** ready as you near the front of the line.\r\n\r\nThere are no refunds given for cash sales. If you have any doubt about your desire to buy a badge, please refrain from doing so.\r\n\r\nWe are unable to provide printed receipts at the time of the sale. A generic receipt for the cash sale of a badge will be made available on media.defcon.org after the conference. You are welcome to print your own copy of the receipt on plain paper.\r\n\r\n### Via BlackHat \r\n\r\nIf you attend BlackHat, it is possible to purchase a DEF CON badge with your BlackHat registration. If you did so, please get your DEF CON badge from BlackHat before they close. \r\n\r\nBlackHat should send you an email with instructions for how to obtain your DEF CON badge. In case you missed it, you can go to the second floor, at the concierge desk, halfway down Black Hat Blvd.\r\n\r\n# Misc\r\n\r\nWant to buy multiple badges? No problem! We're happy to sell you however many badges you want to pay for.\r\n\r\nIf you lose your badge, there is unfortunately no way for us to replace it. You'll have to buy a replacement at full price. Please don't lose your badge. :( \r\n\r\nIf you are being accompanied by a full-time caretaker (such as someone who will push your wheelchair, and will accompany you at all times), please ask to speak to a Registration Goon. Your caretaker will receive a paper badge that will permit them to accompany you everywhere you go.\r\n\r\n# Still need help?\r\n\r\nIf you have questions about anything regarding human registration that are not addressed here, please ask to speak to a Registration Goon.","updated_timestamp":{"seconds":1722991207,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T15:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T00:40:07Z","links":[],"end":"2024-08-11T02:00:00.000-0000","id":54480,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723302000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"N","begin":"2024-08-10T15:00:00.000-0000","updated":"2024-08-07T00:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Thursday, Friday, Saturday and Sunday: 05:00 to 08:00, with random pop up meetings throughout the day in the con space.\r\n\r\nDefcon.run is an evolution of the now long running DEF CON 4x5K running event. Due to stupendous growth, we’ve been forced to change up the format. This year's activity will look to match up folks for fun runs, and rucks (!), in small distributed groups around Las Vegas. It’s the same old event but at a distributed scale!\r\n\r\nShow up in the morning, go for a run with folks, have a good time!\r\n\r\nWe’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances. Full Information at https://defcon.run\n\n\n","media":[],"title":"Defcon.run","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-10T15:00:00Z","end_timestamp":{"seconds":1723302000,"nanoseconds":0},"android_description":"Thursday, Friday, Saturday and Sunday: 05:00 to 08:00, with random pop up meetings throughout the day in the con space.\r\n\r\nDefcon.run is an evolution of the now long running DEF CON 4x5K running event. Due to stupendous growth, we’ve been forced to change up the format. This year's activity will look to match up folks for fun runs, and rucks (!), in small distributed groups around Las Vegas. It’s the same old event but at a distributed scale!\r\n\r\nShow up in the morning, go for a run with folks, have a good time!\r\n\r\nWe’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances. Full Information at https://defcon.run","updated_timestamp":{"seconds":1718813049,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T12:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T16:04:09Z","links":[{"label":"More Info","type":"link","url":"https://defcon.run"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249585"}],"end":"2024-08-10T15:00:00.000-0000","id":54514,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723291200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-10T12:00:00.000-0000","updated":"2024-06-19T16:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A fun gathering space for the lgbtqia+ community to listen to DJ dance music and party together. An inclusive and vibrant option with others in the community.\n\n\n","media":[{"hash_sha256":"3a6fa4c17091c405658cdeadb9a5fcbe435c2ffb12d53be100f2f3af8f315790","filetype":"image/png","hash_md5":"6d963769b73e2a6193ecd792b1c7a2dd","name":"pme_queercon_party_v3.png","is_logo":"Y","hash_crc32c":"1cbb05b9","filesize":182588,"asset_id":720,"sort_order":3,"url":"https://info.defcon.org/blobs/pme_queercon_party_v3.png"}],"title":"QueerCon","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-10T08:00:00Z","end_timestamp":{"seconds":1723276800,"nanoseconds":0},"android_description":"A fun gathering space for the lgbtqia+ community to listen to DJ dance music and party together. An inclusive and vibrant option with others in the community.","updated_timestamp":{"seconds":1718812377,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T05:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T15:52:57Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249563"},{"label":"Twitter (@queercon)","type":"link","url":"https://twitter.com/queercon"},{"label":"Website","type":"link","url":"https://queercon.org"},{"label":"Discord","type":"link","url":"https://queercon.lgbt/discord"}],"end":"2024-08-10T08:00:00.000-0000","id":54502,"tag_ids":[46363],"village_id":null,"begin_timestamp":{"seconds":1723266000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W325 - W326","hotel":"","short_name":"W325 - W326","id":46312},"spans_timebands":"Y","begin":"2024-08-10T05:00:00.000-0000","updated":"2024-06-19T15:52:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Arcade Party is back! Come play your favorite classic arcade games while jamming out to Keith Myers DJing. Your favorite custom built 16 player LED foosball table will be ready for some competitive games. This epic party, free for DEF CON 32 attendees to enjoy and play, is hosted by the Military Cyber Professionals Association (a tech ed charity) and friends.\n\n\n","media":[{"hash_sha256":"89bcd0031a654a292e0705bf8fd4cdf59ffc350be3885c256a2f49bb5955da9b","filetype":"image/png","hash_md5":"7f18305e5d04016eb7279d679cc1b817","name":"pme_arcade.png","is_logo":"Y","hash_crc32c":"daac354a","filesize":139632,"asset_id":670,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_arcade.png"}],"title":"Arcade Party","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-10T09:00:00Z","end_timestamp":{"seconds":1723280400,"nanoseconds":0},"android_description":"The Arcade Party is back! Come play your favorite classic arcade games while jamming out to Keith Myers DJing. Your favorite custom built 16 player LED foosball table will be ready for some competitive games. This epic party, free for DEF CON 32 attendees to enjoy and play, is hosted by the Military Cyber Professionals Association (a tech ed charity) and friends.","updated_timestamp":{"seconds":1718812537,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T04:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T15:55:37Z","links":[{"label":"Website","type":"link","url":"https://arcadeparty.org"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249555"}],"end":"2024-08-10T09:00:00.000-0000","id":54504,"tag_ids":[46363],"village_id":null,"begin_timestamp":{"seconds":1723262400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46251,"name":"LVCC - L1 - W106-W109 (Chillout 1)","hotel":"","short_name":"W106-W109 (Chillout 1)","id":46309},"spans_timebands":"Y","begin":"2024-08-10T04:00:00.000-0000","updated":"2024-06-19T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Returning for their 7th year, Gothcon invites you to come dance the night away with a line-up of some of the community's best dark dance music DJ's from across the US! Dress however you would like in whatever makes you feel comfortable and happy, and all are welcome (except nazis). Follow @dcgothcon on X for current updates on lineup and other surprises we have in store.\n\n\n","media":[{"hash_sha256":"2ab025f6f007cf790e52d516d01744556a09145e0c5f87af32adc2b9b7308777","filetype":"image/png","hash_md5":"bfe70242ac992e5f98535eae66f74988","name":"pme_gothcon.png","is_logo":"Y","hash_crc32c":"2b4b0174","filesize":50428,"asset_id":678,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_gothcon.png"}],"title":"GOTHCON 2024","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-10T09:00:00Z","end_timestamp":{"seconds":1723280400,"nanoseconds":0},"android_description":"Returning for their 7th year, Gothcon invites you to come dance the night away with a line-up of some of the community's best dark dance music DJ's from across the US! Dress however you would like in whatever makes you feel comfortable and happy, and all are welcome (except nazis). Follow @dcgothcon on X for current updates on lineup and other surprises we have in store.","updated_timestamp":{"seconds":1718812428,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T04:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T15:53:48Z","links":[{"label":"Twitter (@dcgothcon)","type":"link","url":"https://twitter.com/dcgothcon"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249558"}],"end":"2024-08-10T09:00:00.000-0000","id":54503,"tag_ids":[46363],"village_id":null,"begin_timestamp":{"seconds":1723262400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W324, W327","hotel":"","short_name":"W322-W324, W327","id":46306},"spans_timebands":"Y","begin":"2024-08-10T04:00:00.000-0000","updated":"2024-06-19T15:53:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join Capitol Technology University for a night of fun, drinks, and networking amongst like-minded peers! Capitol Tech's industry-expert leadership will be discussing exciting career paths in cybersecurity, as well as the future of cyber higher education.\n\n\n","media":[],"title":"Capitol Technology University (CTU)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-10T09:00:00Z","end_timestamp":{"seconds":1723280400,"nanoseconds":0},"android_description":"Join Capitol Technology University for a night of fun, drinks, and networking amongst like-minded peers! Capitol Tech's industry-expert leadership will be discussing exciting career paths in cybersecurity, as well as the future of cyber higher education.","updated_timestamp":{"seconds":1720286483,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T04:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T17:21:23Z","links":[{"label":"Website","type":"link","url":"https://www.captechu.edu/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249566"},{"label":"Twitter (@captechu)","type":"link","url":"https://twitter.com/captechu"}],"end":"2024-08-10T09:00:00.000-0000","id":54501,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723262400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"Y","begin":"2024-08-10T04:00:00.000-0000","updated":"2024-07-06T17:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"- 20:00 - 21:00 - Call the Cops\r\n- 21:00 - 22:00 - DJ Habbs\r\n- 22:00 - 23:00 - PankleDank\r\n- 23:00 - 00:00 - Scotch & Bubbles\r\n- 00:00 - 01:00- DJ St3rling\r\n- 01:00 - 02:00 - Archwisp\n\n\n","media":[{"hash_sha256":"37c328609dbb27ade483ed096a41ef0d2739c44ebc6da349232eb17330cb547a","filetype":"image/png","hash_md5":"cb6c252c790f17fe52b4764837f12eb5","name":"dc32_ae_flyer_friday.png","is_logo":"Y","hash_crc32c":"9c684eda","filesize":981965,"asset_id":818,"sort_order":0,"url":"https://info.defcon.org/blobs/dc32_ae_flyer_friday.png"}],"title":"Music Set / Entertainment (Cyberpunk Bar Friday, ACK Stage)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#2d40ff","name":"Entertainment","updated_tsz":"2024-08-04T15:14:13Z","id":46737},"end_tsz":"2024-08-10T09:00:00Z","end_timestamp":{"seconds":1723280400,"nanoseconds":0},"android_description":"- 20:00 - 21:00 - Call the Cops\r\n- 21:00 - 22:00 - DJ Habbs\r\n- 22:00 - 23:00 - PankleDank\r\n- 23:00 - 00:00 - Scotch & Bubbles\r\n- 00:00 - 01:00- DJ St3rling\r\n- 01:00 - 02:00 - Archwisp","updated_timestamp":{"seconds":1721791203,"nanoseconds":0},"speakers":[{"content_ids":[55327],"conference_id":133,"event_ids":[55719],"name":"Archwisp","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55881},{"content_ids":[55327],"conference_id":133,"event_ids":[55719],"name":"Call the Cops","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55882},{"content_ids":[55327],"conference_id":133,"event_ids":[55719],"name":"DJ Habbs","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55888},{"content_ids":[55327],"conference_id":133,"event_ids":[55719],"name":"DJ St3rling","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55890},{"content_ids":[55327],"conference_id":133,"event_ids":[55719],"name":"PankleDank","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55906},{"content_ids":[55327],"conference_id":133,"event_ids":[55719],"name":"Scotch & Bubbles","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55909}],"begin_tsz":"2024-08-10T03:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T03:20:03Z","links":[{"label":"Instagram","type":"link","url":"https://www.instagram.com/defcon_music/"},{"label":"Mastodon (@Defcon_Music@defcon.social)","type":"link","url":"https://defcon.social/@Defcon_Music"},{"label":"Twitter (@defcon_music)","type":"link","url":"https://twitter.com/defcon_music"},{"label":"DEF CON Music Website","type":"link","url":"https://defconmusic.org"}],"end":"2024-08-10T09:00:00.000-0000","id":55719,"tag_ids":[46737],"village_id":null,"begin_timestamp":{"seconds":1723258800,"nanoseconds":0},"includes":"","people":[{"tag_id":46486,"sort_order":2,"person_id":55909},{"tag_id":46486,"sort_order":4,"person_id":55906},{"tag_id":46486,"sort_order":6,"person_id":55890},{"tag_id":46486,"sort_order":8,"person_id":55888},{"tag_id":46486,"sort_order":10,"person_id":55882},{"tag_id":46486,"sort_order":12,"person_id":55881}],"tags":"","conference_id":133,"location":{"parent_id":46334,"name":"LVCC - L1 - North Lobby Contests/ACK Stage","hotel":"","short_name":"North Lobby Contests/ACK Stage","id":46332},"spans_timebands":"Y","begin":"2024-08-10T03:00:00.000-0000","updated":"2024-07-24T03:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"- 20:00 - 20:45 - Icetre Normal\r\n- 20:45 - 21:30 - Ohm-I & The NPC Collective\r\n- 21:30 - 22:15 - Dual Core\r\n- 22:15 - 23:00 - YTCracker\r\n- 23:00 - 00:00 - MC Frontalot\r\n- 00:00 - 00:15 - Costume Contest\r\n- 00:15 - 01:15 - ZEE\r\n- 01:15 - 02:00 - TRIODE\n\n\n","media":[{"hash_sha256":"37c328609dbb27ade483ed096a41ef0d2739c44ebc6da349232eb17330cb547a","filetype":"image/png","hash_md5":"cb6c252c790f17fe52b4764837f12eb5","name":"dc32_ae_flyer_friday.png","is_logo":"Y","hash_crc32c":"9c684eda","filesize":981965,"asset_id":818,"sort_order":1,"url":"https://info.defcon.org/blobs/dc32_ae_flyer_friday.png"}],"title":"Music Set / Entertainment (Retro Sci-Fi Friday, SYN Stage)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#2d40ff","name":"Entertainment","updated_tsz":"2024-08-04T15:14:13Z","id":46737},"end_tsz":"2024-08-10T09:00:00Z","end_timestamp":{"seconds":1723280400,"nanoseconds":0},"android_description":"- 20:00 - 20:45 - Icetre Normal\r\n- 20:45 - 21:30 - Ohm-I & The NPC Collective\r\n- 21:30 - 22:15 - Dual Core\r\n- 22:15 - 23:00 - YTCracker\r\n- 23:00 - 00:00 - MC Frontalot\r\n- 00:00 - 00:15 - Costume Contest\r\n- 00:15 - 01:15 - ZEE\r\n- 01:15 - 02:00 - TRIODE","updated_timestamp":{"seconds":1721791215,"nanoseconds":0},"speakers":[{"content_ids":[55324,55325],"conference_id":133,"event_ids":[55716,55717],"name":"Costume Contest","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55884},{"content_ids":[55324],"conference_id":133,"event_ids":[55716],"name":"Dual Core","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55893},{"content_ids":[55324],"conference_id":133,"event_ids":[55716],"name":"Icetre Normal","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55896},{"content_ids":[55324],"conference_id":133,"event_ids":[55716],"name":"MC Frontalot","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55900},{"content_ids":[55324],"conference_id":133,"event_ids":[55716],"name":"Ohm-I & The NPC Collective","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55905},{"content_ids":[55324],"conference_id":133,"event_ids":[55716],"name":"TRIODE","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55914},{"content_ids":[55324,55265],"conference_id":133,"event_ids":[55716,55655],"name":"YTCracker","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55915},{"content_ids":[55324],"conference_id":133,"event_ids":[55716],"name":"ZEE","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55916}],"begin_tsz":"2024-08-10T03:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T03:20:15Z","links":[{"label":"Mastodon (@Defcon_Music@defcon.social)","type":"link","url":"https://defcon.social/@Defcon_Music"},{"label":"DEF CON Music Website","type":"link","url":"https://defconmusic.org"},{"label":"Instagram","type":"link","url":"https://www.instagram.com/defcon_music/"},{"label":"Twitter (@defcon_music)","type":"link","url":"https://twitter.com/defcon_music"}],"end":"2024-08-10T09:00:00.000-0000","id":55716,"tag_ids":[46737],"village_id":null,"begin_timestamp":{"seconds":1723258800,"nanoseconds":0},"includes":"","people":[{"tag_id":46486,"sort_order":2,"person_id":55916},{"tag_id":46486,"sort_order":4,"person_id":55915},{"tag_id":46486,"sort_order":6,"person_id":55914},{"tag_id":46486,"sort_order":8,"person_id":55905},{"tag_id":46486,"sort_order":10,"person_id":55900},{"tag_id":46486,"sort_order":12,"person_id":55896},{"tag_id":46486,"sort_order":14,"person_id":55893},{"tag_id":46486,"sort_order":16,"person_id":55884}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W231-W233 (Chillout 2)","hotel":"","short_name":"W231-W233 (Chillout 2)","id":46316},"spans_timebands":"Y","begin":"2024-08-10T03:00:00.000-0000","updated":"2024-07-24T03:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Hacker Jeopardy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T05:00:00Z","end_timestamp":{"seconds":1723266000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1720319460,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T03:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T02:31:00Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249351"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249350"},{"label":"Twitter (@HackerJeopardy)","type":"link","url":"https://twitter.com/HackerJeopardy"}],"end":"2024-08-10T05:00:00.000-0000","id":54918,"tag_ids":[46427,46439,46509],"village_id":null,"begin_timestamp":{"seconds":1723258800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01:02 (Tracks 1-2)","hotel":"","short_name":"HW1-11-01:02 (Tracks 1-2)","id":46320},"spans_timebands":"N","begin":"2024-08-10T03:00:00.000-0000","updated":"2024-07-07T02:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"DEF CON Movie Night","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-10T06:59:00Z","end_timestamp":{"seconds":1723273140,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1718567253,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T03:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-16T19:47:33Z","links":[],"end":"2024-08-10T06:59:00.000-0000","id":54526,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723258800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W320","hotel":"","short_name":"W320","id":46299},"spans_timebands":"N","begin":"2024-08-10T03:00:00.000-0000","updated":"2024-06-16T19:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We are the event to go to if you want to hang out, enjoy the festivities, sing along, and show ones hidden talent.\n\n\n","media":[{"hash_sha256":"9dc542b73ed2f180e9da92ab6b96c13fdbf77524457592bb5909be0995f48bd8","filetype":"image/png","hash_md5":"9397f4fba28c3ec1eb0298b7768f7f87","name":"pme_hackerkaraoke.png","is_logo":"Y","hash_crc32c":"83073e75","filesize":10913,"asset_id":679,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_hackerkaraoke.png"}],"title":"Hacker Karaoke","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-10T09:00:00Z","end_timestamp":{"seconds":1723280400,"nanoseconds":0},"android_description":"We are the event to go to if you want to hang out, enjoy the festivities, sing along, and show ones hidden talent.","updated_timestamp":{"seconds":1718812577,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T03:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T15:56:17Z","links":[{"label":"Website","type":"link","url":"https://www.hackerkaraoke.org/"},{"label":"Twitter (@hackerkaraoke)","type":"link","url":"https://twitter.com/hackerkaraoke"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249524"}],"end":"2024-08-10T09:00:00.000-0000","id":54505,"tag_ids":[46363,46886],"village_id":null,"begin_timestamp":{"seconds":1723258800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"Y","begin":"2024-08-10T03:00:00.000-0000","updated":"2024-06-19T15:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you’re a lawyer (recently unfrozen or otherwise), a judge or a law student please make a note to join Jeff McNamara for a friendly get-together, drinks, and conversation.\n\n\n","media":[],"title":"Lawyers Meet","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-10T05:00:00Z","end_timestamp":{"seconds":1723266000,"nanoseconds":0},"android_description":"If you’re a lawyer (recently unfrozen or otherwise), a judge or a law student please make a note to join Jeff McNamara for a friendly get-together, drinks, and conversation.","updated_timestamp":{"seconds":1718771901,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T02:30:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T04:38:21Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249498"}],"end":"2024-08-10T05:00:00.000-0000","id":54492,"tag_ids":[46364],"village_id":null,"begin_timestamp":{"seconds":1723257000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W228","hotel":"","short_name":"W228","id":46505},"spans_timebands":"N","begin":"2024-08-10T02:30:00.000-0000","updated":"2024-06-19T04:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"19:00 - 21:00\r\nBIC Village \"Chat & Chew\" Networking Session\r\nLight Music & Food! Network with our sponsors, partners, volunteers, members and visitors!\r\n\r\n21:00 - 02:00\r\nBIC Village Party with DJ Roma\r\nAs the sun sets, gather around for a celebration of Reggae, Soca, Dancehall, Hiphop, Pop, R&B, Regional Hits and Caribbean Dance Style! All Flags Welcome! Rep Your Flag!\r\n\n\n\n","media":[{"hash_sha256":"e759c97b8dd0cee530e6e1c5d7ad3659f96fef07b697cb2bdd0e510da241bf46","filetype":"image/png","hash_md5":"6a0db077e162380c6cd1b4a6ba31db6a","name":"pme_bic_v2.png","is_logo":"Y","hash_crc32c":"0d19ee0d","filesize":70655,"asset_id":694,"sort_order":2,"url":"https://info.defcon.org/blobs/pme_bic_v2.png"}],"title":"Blacks in Cyber Lituation 2.0","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-10T09:00:00Z","end_timestamp":{"seconds":1723280400,"nanoseconds":0},"android_description":"19:00 - 21:00\r\nBIC Village \"Chat & Chew\" Networking Session\r\nLight Music & Food! Network with our sponsors, partners, volunteers, members and visitors!\r\n\r\n21:00 - 02:00\r\nBIC Village Party with DJ Roma\r\nAs the sun sets, gather around for a celebration of Reggae, Soca, Dancehall, Hiphop, Pop, R&B, Regional Hits and Caribbean Dance Style! All Flags Welcome! Rep Your Flag!","updated_timestamp":{"seconds":1721494886,"nanoseconds":0},"speakers":[{"content_ids":[54135],"conference_id":133,"event_ids":[54528],"name":"BIC Village Staff","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55785},{"content_ids":[54135],"conference_id":133,"event_ids":[54528],"name":"DJ Roma","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55786}],"begin_tsz":"2024-08-10T02:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T17:01:26Z","links":[{"label":"Website","type":"link","url":"https://blacksincyberconf.com"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249500"},{"label":"Twitter (@blackincyberco1)","type":"link","url":"https://twitter.com/blackincyberco1"}],"end":"2024-08-10T09:00:00.000-0000","id":54528,"tag_ids":[46363,46372],"village_id":null,"begin_timestamp":{"seconds":1723255200,"nanoseconds":0},"includes":"","people":[{"tag_id":46486,"sort_order":2,"person_id":55785},{"tag_id":46486,"sort_order":4,"person_id":55786}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"Y","begin":"2024-08-10T02:00:00.000-0000","updated":"2024-07-20T17:01:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"BlanketFort Con: Come for the chill vibes and diversity, stay for the Blanket Fort Building, Cool Lights, Music, and Kid Friendly \\ Safe environment. Now with less Gluten and more animal onesies!\n\n\n","media":[{"hash_sha256":"6ea0fc25c2bec0f14879a6700d16eb88d1f7d8c03f0e82b27054ad7cd59cc955","filetype":"image/png","hash_md5":"a17b8af8b903b8faad86c03072cb1772","name":"pme_blanketfort.png","is_logo":"Y","hash_crc32c":"274b05b3","filesize":177003,"asset_id":672,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_blanketfort.png"}],"title":"BlanketFort Con","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-10T08:00:00Z","end_timestamp":{"seconds":1723276800,"nanoseconds":0},"android_description":"BlanketFort Con: Come for the chill vibes and diversity, stay for the Blanket Fort Building, Cool Lights, Music, and Kid Friendly \\ Safe environment. Now with less Gluten and more animal onesies!","updated_timestamp":{"seconds":1718774986,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T02:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T05:29:46Z","links":[{"label":"Twitter (@blanketfortcon)","type":"link","url":"https://twitter.com/blanketfortcon"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249503"}],"end":"2024-08-10T08:00:00.000-0000","id":54493,"tag_ids":[46363],"village_id":null,"begin_timestamp":{"seconds":1723255200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W305-W306","hotel":"","short_name":"W305-W306","id":46308},"spans_timebands":"Y","begin":"2024-08-10T02:00:00.000-0000","updated":"2024-06-19T05:29:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If someone had told us this silly contest would be in its 8th year there's no way we would have believed it. Even when we thought \"hey, the gag is getting old, maybe it's time to hang it up\" that turned out to be the year we'd gotten the most accolades from con goers during and after the contest. That was enough to recharge us and decide we'll do this until DC no longer exists. Proud isn't a grand enough word to describe how we feel to still be here and still making people laugh/feel better about themselves not being as stupid as us.\r\n\r\nBut to answer Why Us? WSIIA has always been about community. Whether you killed your deck or went down in a spectacular blaze of flames, this game is nothing without the people who play it and the audience who watches it. And if we're not doing it for the community, why the fuck are we even here? We'll remain here as long as you'll have us, riding on a wing, a prayer, and airplane bottles of Malort all the way to Year 10. Now on to the boilerplate pitch:\r\n\r\nWe're an unholy union of improv comedy, hacking and slide deck sado-masochism.\r\n\r\nOur team of slide monkeys will create a stupid amount of short slide decks on whatever nonsense tickles our fancies. Slides are not exclusive to technology, they can and will be about anything. Contestants will take the stage and choose a random number corresponding to a specific slide deck. They will then improvise a minimum 5 minute / maximum 10 minute lightning talk, becoming instant subject matter experts on whatever topic/stream of consciousness appears on the screen.\r\n\r\nWhether you delight in the chaos of watching your fellow hackers squirm or would like to sacrifice yourself to the Contest Gods, it’s a night of schadenfreude for the whole family.\n\n\n","media":[{"hash_sha256":"5e8dfc6e407a3aeca9319841423afb116e262a48359ee4814661bc42b197da59","filetype":"image/png","hash_md5":"e7d376c55b9fabc5c1777f11c4a785d3","name":"ct_whose-slide.png","is_logo":"Y","hash_crc32c":"945f7b1a","filesize":317661,"asset_id":662,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_whose-slide.png"}],"title":"Whose Slide Is It Anyway?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T02:30:00Z","end_timestamp":{"seconds":1723257000,"nanoseconds":0},"android_description":"If someone had told us this silly contest would be in its 8th year there's no way we would have believed it. Even when we thought \"hey, the gag is getting old, maybe it's time to hang it up\" that turned out to be the year we'd gotten the most accolades from con goers during and after the contest. That was enough to recharge us and decide we'll do this until DC no longer exists. Proud isn't a grand enough word to describe how we feel to still be here and still making people laugh/feel better about themselves not being as stupid as us.\r\n\r\nBut to answer Why Us? WSIIA has always been about community. Whether you killed your deck or went down in a spectacular blaze of flames, this game is nothing without the people who play it and the audience who watches it. And if we're not doing it for the community, why the fuck are we even here? We'll remain here as long as you'll have us, riding on a wing, a prayer, and airplane bottles of Malort all the way to Year 10. Now on to the boilerplate pitch:\r\n\r\nWe're an unholy union of improv comedy, hacking and slide deck sado-masochism.\r\n\r\nOur team of slide monkeys will create a stupid amount of short slide decks on whatever nonsense tickles our fancies. Slides are not exclusive to technology, they can and will be about anything. Contestants will take the stage and choose a random number corresponding to a specific slide deck. They will then improvise a minimum 5 minute / maximum 10 minute lightning talk, becoming instant subject matter experts on whatever topic/stream of consciousness appears on the screen.\r\n\r\nWhether you delight in the chaos of watching your fellow hackers squirm or would like to sacrifice yourself to the Contest Gods, it’s a night of schadenfreude for the whole family.","updated_timestamp":{"seconds":1720319807,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T01:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T02:36:47Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249279"},{"label":"Twitter (@WhoseSlide)","type":"link","url":"https://twitter.com/WhoseSlide"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249280"}],"end":"2024-08-10T02:30:00.000-0000","id":54919,"tag_ids":[46427,46439,46510],"village_id":null,"begin_timestamp":{"seconds":1723253400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01:02 (Tracks 1-2)","hotel":"","short_name":"HW1-11-01:02 (Tracks 1-2)","id":46320},"spans_timebands":"N","begin":"2024-08-10T01:30:00.000-0000","updated":"2024-07-07T02:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[{"hash_sha256":"42942f2f0d75cd05a694bb9d4031dbbd4d0a6949e073116c271141f3cf5d53e8","filetype":"image/png","hash_md5":"e08c3b9a3211a2fe5a24ef021c1e2210","name":"pme_policy_mixer.png","is_logo":"Y","hash_crc32c":"1e6e3fad","filesize":181661,"asset_id":700,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_policy_mixer.png"}],"title":"Policy Mixer @ DEF CON","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-10T05:30:00Z","end_timestamp":{"seconds":1723267800,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1718567333,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T01:30:00Z","timeband_id":1147,"updated_tsz":"2024-06-16T19:48:53Z","links":[],"end":"2024-08-10T05:30:00.000-0000","id":54530,"tag_ids":[46364,46388],"village_id":null,"begin_timestamp":{"seconds":1723253400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-10T01:30:00.000-0000","updated":"2024-06-16T19:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DEF CON Franklin will infuse research from the hacker community into national security and foreign policy debates. We aim to lift up groundbreaking work happening across villages and deliver this critical research to key policymakers across the globe. Aside from policy work, Franklin will empower individual members of the community to volunteer directly with under-resourced critical infrastructure that support our world.\n\n\n","media":[],"title":"DEF CON Franklin Project","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T01:20:00Z","end_timestamp":{"seconds":1723252800,"nanoseconds":0},"android_description":"DEF CON Franklin will infuse research from the hacker community into national security and foreign policy debates. We aim to lift up groundbreaking work happening across villages and deliver this critical research to key policymakers across the globe. Aside from policy work, Franklin will empower individual members of the community to volunteer directly with under-resourced critical infrastructure that support our world.","updated_timestamp":{"seconds":1722388692,"nanoseconds":0},"speakers":[{"content_ids":[55332,55685],"conference_id":133,"event_ids":[55723,56208],"name":"Jacob H Braun","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Office of the National Cyber Director (ONCD)","title":"Acting Principal Deputy National Cyber Director"}],"links":[],"pronouns":null,"media":[],"id":55928,"title":"Acting Principal Deputy National Cyber Director at Office of the National Cyber Director (ONCD)"}],"begin_tsz":"2024-08-10T01:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T01:18:12Z","links":[],"end":"2024-08-10T01:20:00.000-0000","id":56208,"tag_ids":[46166,46419,46881],"village_id":null,"begin_timestamp":{"seconds":1723251600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55928}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-10T01:00:00.000-0000","updated":"2024-07-31T01:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Chillout to etherial / downtempo tunes and hang with your community\n\n\n","media":[],"title":"HDA Chillout w/ Dj Delchi","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T07:00:00Z","end_timestamp":{"seconds":1723273200,"nanoseconds":0},"android_description":"Chillout to etherial / downtempo tunes and hang with your community","updated_timestamp":{"seconds":1722102497,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T01:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-27T17:48:17Z","links":[],"end":"2024-08-10T07:00:00.000-0000","id":54574,"tag_ids":[46404,46641],"village_id":null,"begin_timestamp":{"seconds":1723251600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46251,"name":"LVCC - L1 - W110 (HDA)","hotel":"","short_name":"W110 (HDA)","id":46280},"spans_timebands":"Y","begin":"2024-08-10T01:00:00.000-0000","updated":"2024-07-27T17:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Clemson University's Media Forensics Center spearheaded an investigation into the extensive disinformation network orchestrated by John Mark Dougan, an alleged corrupt Sheriff's Deputy now residing in Russia. This presentation will focus on Clemson's employment of OSINT techniques, emphasizing our thorough examination of digital forensic artifacts and metadata analysis.\n\nThrough advanced OSINT techniques, our team analyzed server logs, domain registrations, and internet protocol (IP) addresses, unraveling a sophisticated web of over 160 disinformation websites designed to mimic legitimate news outlets. By dissecting these digital breadcrumbs, we traced the network's infrastructure and operational tactics, uncovering the strategies Dougan employed to disseminate false narratives. During the process we discovered how narratives were laundered, and LLMs were utilized to create inflammatory content.\n\nThe session will provide a detailed look at the methods used to collect and interpret metadata and artifacts, which revealed the hidden connections between the fake sites and Dougan's operations. We will discuss how our forensic analysis uncovered patterns of digital behavior, allowing us to attribute the network's activities to Dougan and understand the broader implications for more transparent public discourse.\n\nJoin us as we share the intricacies of our forensic process, demonstrating how Clemson's expertise in media forensics and metadata analysis played a critical role in exposing a key player in Russia's disinformation efforts. This talk will equip attendees with a deeper appreciation of the vital role OSINT plays in modern intelligence operations and the ongoing battle against digital deception.\n\n\n","media":[],"title":"OSINT at Clemson: Unmasking John Mark Dougan's Disinformation Empire","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:15:00Z","end_timestamp":{"seconds":1723252500,"nanoseconds":0},"android_description":"Clemson University's Media Forensics Center spearheaded an investigation into the extensive disinformation network orchestrated by John Mark Dougan, an alleged corrupt Sheriff's Deputy now residing in Russia. This presentation will focus on Clemson's employment of OSINT techniques, emphasizing our thorough examination of digital forensic artifacts and metadata analysis.\n\nThrough advanced OSINT techniques, our team analyzed server logs, domain registrations, and internet protocol (IP) addresses, unraveling a sophisticated web of over 160 disinformation websites designed to mimic legitimate news outlets. By dissecting these digital breadcrumbs, we traced the network's infrastructure and operational tactics, uncovering the strategies Dougan employed to disseminate false narratives. During the process we discovered how narratives were laundered, and LLMs were utilized to create inflammatory content.\n\nThe session will provide a detailed look at the methods used to collect and interpret metadata and artifacts, which revealed the hidden connections between the fake sites and Dougan's operations. We will discuss how our forensic analysis uncovered patterns of digital behavior, allowing us to attribute the network's activities to Dougan and understand the broader implications for more transparent public discourse.\n\nJoin us as we share the intricacies of our forensic process, demonstrating how Clemson's expertise in media forensics and metadata analysis played a critical role in exposing a key player in Russia's disinformation efforts. This talk will equip attendees with a deeper appreciation of the vital role OSINT plays in modern intelligence operations and the ongoing battle against digital deception.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55908],"conference_id":133,"event_ids":[56495],"name":"Steven Sheffield","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56268}],"begin_tsz":"2024-08-10T00:45:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-10T01:15:00.000-0000","id":56495,"tag_ids":[46391,46511],"village_id":null,"begin_timestamp":{"seconds":1723250700,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56268}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T00:45:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Whether you believe all the talk of Quantum Computing and its threats to classical cryptography, or are more curious for how it’ll definitely stop climate change, fix AI, and give us world peace🌈 - we have identified the need to put a spotlight on the threat to quantum computers. With all the potential advantages, quantum computers will need access to some of the most highly sensitive data to carry out their quantum calculations. However, this makes them an ideal target for attackers, and we want to enumerate this threat model with YOU!\n\n\n","media":[],"title":"Threat Modelling: Quantum Computers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Whether you believe all the talk of Quantum Computing and its threats to classical cryptography, or are more curious for how it’ll definitely stop climate change, fix AI, and give us world peace🌈 - we have identified the need to put a spotlight on the threat to quantum computers. With all the potential advantages, quantum computers will need access to some of the most highly sensitive data to carry out their quantum calculations. However, this makes them an ideal target for attackers, and we want to enumerate this threat model with YOU!","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T00:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56435,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723249800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T00:30:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In recent years, the use of dash cams has surged, making them an essential component of modern vehicles. To enhance user convenience, many dash cams are now equipped with network connectivity. This growth in the dash cam market has heightened the importance of vehicle and personal data security. However, network-connected dash cams pose potential security risks to their availability and key functionalities. In this presentation, we will comprehensively analyze dash cams from various countries, including South Korea, the USA, Germany, and China, as well as built-in dash cams. During our analysis, we discovered numerous zero-day vulnerabilities (such as OS Command Injection, Logical Bugs, and insufficient authentication) that pose significant security threats. Vulnerabilities were primarily found during the dash cam boot process, configuration changes, and communications via custom protocols.\r\n\r\nWe will detail the dash cam analysis process in the following sequence:\r\n- [Analysis Process]\r\n - Acquiring firmware through official websites or apps\r\n - Extracting the file system to analyze the initial boot logic\r\n - Analyzing the boot logic to identify vulnerabilities or debugging ports to gain shell access\r\n - Utilizing the obtained shell for remote debugging of the main system\r\n\r\nInterestingly, our analysis of 10 different dash cams revealed that 4 devices used the same OEM board from a common manufacturer. These 4 devices shared similar vulnerabilities, and exploiting a vulnerability found in one device allowed us to successfully exploit all of them. Our research uncovered common security vulnerabilities across multiple dash cams, and we will discuss measures to prevent these vulnerabilities. We will particularly focus on analyzing the custom protocols used by dash cams and the security risks associated with them. This presentation aims to raise awareness of potential security threats in dash cams and encourage manufacturers to produce more secure products. We hope to drive industry standards and best practices to ensure the safety and security of these increasingly critical devices. By sharing our findings, we aim to highlight the importance of dash cam security and provide insights that can lead to more secure designs and implementations.\n\n\n","media":[],"title":"Inside Dash Cam: Custom Protocols and Discovered 0-days","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"In recent years, the use of dash cams has surged, making them an essential component of modern vehicles. To enhance user convenience, many dash cams are now equipped with network connectivity. This growth in the dash cam market has heightened the importance of vehicle and personal data security. However, network-connected dash cams pose potential security risks to their availability and key functionalities. In this presentation, we will comprehensively analyze dash cams from various countries, including South Korea, the USA, Germany, and China, as well as built-in dash cams. During our analysis, we discovered numerous zero-day vulnerabilities (such as OS Command Injection, Logical Bugs, and insufficient authentication) that pose significant security threats. Vulnerabilities were primarily found during the dash cam boot process, configuration changes, and communications via custom protocols.\r\n\r\nWe will detail the dash cam analysis process in the following sequence:\r\n- [Analysis Process]\r\n - Acquiring firmware through official websites or apps\r\n - Extracting the file system to analyze the initial boot logic\r\n - Analyzing the boot logic to identify vulnerabilities or debugging ports to gain shell access\r\n - Utilizing the obtained shell for remote debugging of the main system\r\n\r\nInterestingly, our analysis of 10 different dash cams revealed that 4 devices used the same OEM board from a common manufacturer. These 4 devices shared similar vulnerabilities, and exploiting a vulnerability found in one device allowed us to successfully exploit all of them. Our research uncovered common security vulnerabilities across multiple dash cams, and we will discuss measures to prevent these vulnerabilities. We will particularly focus on analyzing the custom protocols used by dash cams and the security risks associated with them. This presentation aims to raise awareness of potential security threats in dash cams and encourage manufacturers to produce more secure products. We hope to drive industry standards and best practices to ensure the safety and security of these increasingly critical devices. By sharing our findings, we aim to highlight the importance of dash cam security and provide insights that can lead to more secure designs and implementations.","updated_timestamp":{"seconds":1720395499,"nanoseconds":0},"speakers":[{"content_ids":[54591],"conference_id":133,"event_ids":[54966],"name":"Hyo Jin Lee","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ZIEN","title":"Senior Researcher, R&D Team"}],"links":[],"pronouns":null,"media":[],"id":54253,"title":"Senior Researcher, R&D Team at ZIEN"},{"content_ids":[54591],"conference_id":133,"event_ids":[54966],"name":"Hanryeol Park","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ZIEN Lab","title":"Senior Researcher"}],"links":[],"pronouns":null,"media":[],"id":54667,"title":"Senior Researcher at ZIEN Lab"}],"begin_tsz":"2024-08-10T00:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T23:38:19Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":54966,"tag_ids":[46383,46419,46437,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723249800,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":2,"person_id":54253},{"tag_id":46167,"sort_order":4,"person_id":54667}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T00:30:00.000-0000","updated":"2024-07-07T23:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In 2021 we could get access to all personal bank accounts at the largest bank in Norway by using a single page paper form sent by snailmail. In addition to stealing all their money, we could also see all account transactions for the last 10 years, with details. In 2024 we have done the same thing to another bank. Why didn't the banks learn the first time? In this talk we'll explain what we did, lessons learned and why paper ID still is relevant and important to us all.\n\n\n","media":[],"title":"Fool us Once, fool us twice... Hacking Norwegian Banks","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"In 2021 we could get access to all personal bank accounts at the largest bank in Norway by using a single page paper form sent by snailmail. In addition to stealing all their money, we could also see all account transactions for the last 10 years, with details. In 2024 we have done the same thing to another bank. Why didn't the banks learn the first time? In this talk we'll explain what we did, lessons learned and why paper ID still is relevant and important to us all.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54590],"conference_id":133,"event_ids":[54965],"name":"Cecilie Wian","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54294},{"content_ids":[54590],"conference_id":133,"event_ids":[54965],"name":"Per Thorsheim","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"PasswordsCon","title":"Founder & Organizer"}],"links":[],"pronouns":null,"media":[],"id":54312,"title":"Founder & Organizer at PasswordsCon"}],"begin_tsz":"2024-08-10T00:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":54965,"tag_ids":[46377,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723249800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54294},{"tag_id":46167,"sort_order":1,"person_id":54312}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-10T00:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"What's it like to spend a career as a cyberdefender for the DoD and the nation, but homed inside of an intelligence agency? In this talk, I'll offer a historical and personal perspective based on 35 years at the National Security Agency as a vulnerability analyst for the defense, from junior analyst to executive manager. The common element across my career was the search for vulnerabilities in the name of defense - finding them, making sense of them, leading organizations to find them, and then translating that knowledge into action to prevent or manage them. I'll share lessons learned as cyberdefense evolved from a focus on mathematics and cryptography to systems and software; and from government security to a global internet. And we'll focus on the mission, technical, and cultural interplay of cyberdefense and offense/intelligence as it played out at NSA. War stories, culture clashes, bureaucratic mazes? Of course! But in the end, better security for all.\r\n\r\nCommunications Security, Computer Security, Information Security, Information Assurance, Defensive Information Operations, and several more - I'm very lucky to have ridden the World-Wide Wave we now call cybersecurity.\r\n\r\nAnd I am very proud to have spent 35 years in Federal Service at the National Security Agency as part of the Information Assurance mission. The common element across my career was the search for vulnerabilities in the name of defense - finding vulnerabilities, making sense of them, leading organizations to find them, and then translating that knowledge into action to prevent or manage them.\r\n\r\nThat final challenge consumed the last third of my government career. How can we translate what we learn through product testing, Red Teams, Blue Teams, systems analysis, etc. into operational guidance, best practices, requirements, training, and security improvements? How can we bridge the gap between telling people what they are doing wrong, and helping them do what's right? This led to projects like the release of NSA Security Guides to the public (www.nsa.gov), involvement in open standards for security automation and information sharing, and an activity now known as the Critical Security Controls.\r\n\r\nSince retirement in 2012, I have been able to continue to serve the cause of cyber defense through our work at the non-profit Center for Internet Security, and the Council on CyberSecurity before that. And I am very active in more volunteer cybersecurity causes than I can recall.\n\n\n","media":[],"title":"Stranger in a Changed Land","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T00:50:00Z","end_timestamp":{"seconds":1723251000,"nanoseconds":0},"android_description":"What's it like to spend a career as a cyberdefender for the DoD and the nation, but homed inside of an intelligence agency? In this talk, I'll offer a historical and personal perspective based on 35 years at the National Security Agency as a vulnerability analyst for the defense, from junior analyst to executive manager. The common element across my career was the search for vulnerabilities in the name of defense - finding them, making sense of them, leading organizations to find them, and then translating that knowledge into action to prevent or manage them. I'll share lessons learned as cyberdefense evolved from a focus on mathematics and cryptography to systems and software; and from government security to a global internet. And we'll focus on the mission, technical, and cultural interplay of cyberdefense and offense/intelligence as it played out at NSA. War stories, culture clashes, bureaucratic mazes? Of course! But in the end, better security for all.\r\n\r\nCommunications Security, Computer Security, Information Security, Information Assurance, Defensive Information Operations, and several more - I'm very lucky to have ridden the World-Wide Wave we now call cybersecurity.\r\n\r\nAnd I am very proud to have spent 35 years in Federal Service at the National Security Agency as part of the Information Assurance mission. The common element across my career was the search for vulnerabilities in the name of defense - finding vulnerabilities, making sense of them, leading organizations to find them, and then translating that knowledge into action to prevent or manage them.\r\n\r\nThat final challenge consumed the last third of my government career. How can we translate what we learn through product testing, Red Teams, Blue Teams, systems analysis, etc. into operational guidance, best practices, requirements, training, and security improvements? How can we bridge the gap between telling people what they are doing wrong, and helping them do what's right? This led to projects like the release of NSA Security Guides to the public (www.nsa.gov), involvement in open standards for security automation and information sharing, and an activity now known as the Critical Security Controls.\r\n\r\nSince retirement in 2012, I have been able to continue to serve the cause of cyber defense through our work at the non-profit Center for Internet Security, and the Council on CyberSecurity before that. And I am very active in more volunteer cybersecurity causes than I can recall.","updated_timestamp":{"seconds":1720310096,"nanoseconds":0},"speakers":[{"content_ids":[54474],"conference_id":133,"event_ids":[54847],"name":"Tony Sager","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Center for Internet Security (CIS)","title":"Senior VP & Chief Evangelist"}],"links":[],"pronouns":null,"media":[],"id":54110,"title":"Senior VP & Chief Evangelist at Center for Internet Security (CIS)"}],"begin_tsz":"2024-08-10T00:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:54:56Z","links":[],"end":"2024-08-10T00:50:00.000-0000","id":54847,"tag_ids":[46166,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723249800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54110}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-10T00:30:00.000-0000","updated":"2024-07-06T23:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Over the past decade, infotainment systems have experienced a growth in functionality, broader adoption, and central incorporation into vehicle architecture. Due to the ever-growing role of wireless protocols such as Bluetooth and a known lack of patches alongside the difficulty of patch installation, this poses a new attack surface and a genuine threat to the users. Meanwhile, the tools and methodologies required for testing are scattered across the Internet, absent and need a rigorous setup.\r\n\r\nIn this talk, we share a comprehensive framework BlueToolkit to test and replay Bluetooth Classic vulnerabilities. Additionally, we release new exploits and a privilege escalation attack vector.\r\n\r\nWe show how we used the toolkit to find 64 new vulnerabilities in 22 modern cars and the Garmin Flight Stream flight management system used in several aircraft types. Our work equips hackers with insights and necessary information on novel vulnerabilities that could be used to steal information from target cars, establish MitM position or escalate privileges to hijack victims’ accounts and MFA codes stealthily.\r\n\r\nOverall, we show vulnerabilities in cars, aircraft and smartphones. We believe our research will be beneficial in finding new vulnerabilities and making Bluetooth research more accessible and reproducible.\r\n\r\nReferences:\r\n\r\n- BlueToolkit - Bluetooth Classic vulnerability testing framework link (all exploits will be uploaded after 9th of August)\r\n- MapAccountHijack - Tool that allows hijacking services by exploiting widely used Bluetooth Classic functionality link - [link](https://github.com/sgxgsx/mapAccountHijack) (accessible after 9th of August)\r\n- D. Antonioli and M. Payer. On the insecurity of vehicles against protocol-level bluetooth threats. In 2022 IEEE Security and Privacy Workshops (SPW), pages 353–362, Los Alamitos, CA, USA, May 2022. IEEE Computer Society.\r\n- Cross-Sectional Analysis of the Bluetooth Stack of Modern Cars - (The link will be updated)\r\n- Wenjian Xu. Stealthily Access Your Android Phones: Bypass The Bluetooth Authentication. link, 2020.\r\n- Tyler Tucker, Hunter Searle, Kevin Butler, and Patrick Traynor. Blue’s clues: Practical discovery of non-discoverable bluetooth devices. In 2023 IEEE Symposium on Security and Privacy (SP), pages 3098–3112, 2023.\r\n- Maximilian von Tschirschnitz, Ludwig Peuckert, Fabian Franzen, and Jens Grossklags. Method confusion attack on bluetooth pairing. In 2021 IEEE Symposium on Security and Privacy (SP), pages 1332–1347, 2021.\r\n- Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen. The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation of Bluetooth BR/EDR. In USENIX Security Symposium (SEC), August 2019\r\n\n\n\n","media":[],"title":"Exploiting Bluetooth - from your car to the bank account$$","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T01:15:00Z","end_timestamp":{"seconds":1723252500,"nanoseconds":0},"android_description":"Over the past decade, infotainment systems have experienced a growth in functionality, broader adoption, and central incorporation into vehicle architecture. Due to the ever-growing role of wireless protocols such as Bluetooth and a known lack of patches alongside the difficulty of patch installation, this poses a new attack surface and a genuine threat to the users. Meanwhile, the tools and methodologies required for testing are scattered across the Internet, absent and need a rigorous setup.\r\n\r\nIn this talk, we share a comprehensive framework BlueToolkit to test and replay Bluetooth Classic vulnerabilities. Additionally, we release new exploits and a privilege escalation attack vector.\r\n\r\nWe show how we used the toolkit to find 64 new vulnerabilities in 22 modern cars and the Garmin Flight Stream flight management system used in several aircraft types. Our work equips hackers with insights and necessary information on novel vulnerabilities that could be used to steal information from target cars, establish MitM position or escalate privileges to hijack victims’ accounts and MFA codes stealthily.\r\n\r\nOverall, we show vulnerabilities in cars, aircraft and smartphones. We believe our research will be beneficial in finding new vulnerabilities and making Bluetooth research more accessible and reproducible.\r\n\r\nReferences:\r\n\r\n- BlueToolkit - Bluetooth Classic vulnerability testing framework link (all exploits will be uploaded after 9th of August)\r\n- MapAccountHijack - Tool that allows hijacking services by exploiting widely used Bluetooth Classic functionality link - [link](https://github.com/sgxgsx/mapAccountHijack) (accessible after 9th of August)\r\n- D. Antonioli and M. Payer. On the insecurity of vehicles against protocol-level bluetooth threats. In 2022 IEEE Security and Privacy Workshops (SPW), pages 353–362, Los Alamitos, CA, USA, May 2022. IEEE Computer Society.\r\n- Cross-Sectional Analysis of the Bluetooth Stack of Modern Cars - (The link will be updated)\r\n- Wenjian Xu. Stealthily Access Your Android Phones: Bypass The Bluetooth Authentication. link, 2020.\r\n- Tyler Tucker, Hunter Searle, Kevin Butler, and Patrick Traynor. Blue’s clues: Practical discovery of non-discoverable bluetooth devices. In 2023 IEEE Symposium on Security and Privacy (SP), pages 3098–3112, 2023.\r\n- Maximilian von Tschirschnitz, Ludwig Peuckert, Fabian Franzen, and Jens Grossklags. Method confusion attack on bluetooth pairing. In 2021 IEEE Symposium on Security and Privacy (SP), pages 1332–1347, 2021.\r\n- Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen. The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation of Bluetooth BR/EDR. In USENIX Security Symposium (SEC), August 2019","updated_timestamp":{"seconds":1723043971,"nanoseconds":0},"speakers":[{"content_ids":[54473,54638],"conference_id":133,"event_ids":[54846,55012],"name":"Vladyslav Zubkov","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Bug Bounty Hunter"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@0a_yso)","sort_order":0,"url":"https://twitter.com/0a_yso"}],"media":[],"id":54167,"title":"Bug Bounty Hunter"},{"content_ids":[54581,54473,54638],"conference_id":133,"event_ids":[54846,54956,55012],"name":"Martin Strohmeier","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cyber Defence Campus","title":"Senior Scientist"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@masorx)","sort_order":0,"url":"https://twitter.com/masorx"}],"media":[],"id":54277,"title":"Senior Scientist at Cyber Defence Campus"}],"begin_tsz":"2024-08-10T00:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T15:19:31Z","links":[],"end":"2024-08-10T01:15:00.000-0000","id":54846,"tag_ids":[46166,46419,46437,46438,46880],"village_id":null,"begin_timestamp":{"seconds":1723249800,"nanoseconds":0},"includes":"Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54167},{"tag_id":46167,"sort_order":4,"person_id":54277}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-10T00:30:00.000-0000","updated":"2024-08-07T15:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Electronic Frontier Foundation (EFF) is excited to be back at DEF CON. Our expert panelists will offer brief updates on EFF's work defending your digital rights, before opening the floor for attendees to ask their questions. This dynamic conversation centers challenges DEF CON attendees actually face, and is an opportunity to connect on common causes.\n\n\n","media":[{"hash_sha256":"7b7bd026f71c59052acf693ce976f5e20b58b9edeb4e40890d05877ead510ab4","filetype":"image/png","hash_md5":"44aad98ef90370dbcd750fb166152c04","name":"pme_ask_eff.png","is_logo":"Y","hash_crc32c":"d53db871","filesize":55431,"asset_id":697,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_ask_eff.png"}],"title":"Ask the EFF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-10T04:30:00Z","end_timestamp":{"seconds":1723264200,"nanoseconds":0},"android_description":"Electronic Frontier Foundation (EFF) is excited to be back at DEF CON. Our expert panelists will offer brief updates on EFF's work defending your digital rights, before opening the floor for attendees to ask their questions. This dynamic conversation centers challenges DEF CON attendees actually face, and is an opportunity to connect on common causes.","updated_timestamp":{"seconds":1718775964,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T00:30:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T05:46:04Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249535"}],"end":"2024-08-10T04:30:00.000-0000","id":54498,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723249800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W307-W308","hotel":"","short_name":"W307-W308","id":46311},"spans_timebands":"N","begin":"2024-08-10T00:30:00.000-0000","updated":"2024-06-19T05:46:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Fireside Chat with Past Challenge Participants\n\n\n","media":[],"title":"How Competitions Can Fuel Innovation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Fireside Chat with Past Challenge Participants","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[56131,56133,56129],"conference_id":133,"event_ids":[56772,56774,56776],"name":"Matt Knight","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"OpenAI","title":"Head of Security"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/matthewfknight/"},{"description":"","title":"Twitter (@embeddedsec)","sort_order":0,"url":"https://x.com/embeddedsec"}],"media":[],"id":56517,"title":"Head of Security at OpenAI"},{"content_ids":[56131],"conference_id":133,"event_ids":[56774],"name":"Mike Walker","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft Research","title":"Senior Director"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/stryde"},{"description":"","title":"Microsoft Research Profile","sort_order":0,"url":"https://www.microsoft.com/en-us/research/people/walkerm/?msockid=349c7eef314d698e05206a7b30d4686c"}],"media":[],"id":56520,"title":"Senior Director at Microsoft Research"},{"content_ids":[56131],"conference_id":133,"event_ids":[56774],"name":"Ruoyu \"Fish\" Wang","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"School of Computing and Augmented Intelligence","title":"Assistant Professor"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@LtFish_)","sort_order":0,"url":"https://twitter.com/LtFish_"}],"media":[],"id":56523,"title":"Assistant Professor at School of Computing and Augmented Intelligence"}],"begin_tsz":"2024-08-10T00:20:00Z","timeband_id":1147,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56774,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723249200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56520},{"tag_id":46167,"sort_order":4,"person_id":56517},{"tag_id":46167,"sort_order":6,"person_id":56523}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-10T00:20:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join the Founders of the Social Engineering Community as they break down this year’s Vishing Competition (#SECVC). They’ll talk about how the competition is organized, and some of the big takeaways, trends, and surprises (both good and bad) from the OSINT and Vishing Plan reports. They’ll also recount some of the highlights from this year’s live calls.\n\n\n","media":[],"title":"Presentation: The 2024 #SECVC Debrief","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Join the Founders of the Social Engineering Community as they break down this year’s Vishing Competition (#SECVC). They’ll talk about how the competition is organized, and some of the big takeaways, trends, and surprises (both good and bad) from the OSINT and Vishing Plan reports. They’ll also recount some of the highlights from this year’s live calls.","updated_timestamp":{"seconds":1722102936,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T00:15:00Z","timeband_id":1147,"updated_tsz":"2024-07-27T17:55:36Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55834,"tag_ids":[46393,46511],"village_id":null,"begin_timestamp":{"seconds":1723248900,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-10T00:15:00.000-0000","updated":"2024-07-27T17:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Most hackers have a complicated, love-hate relationship with DNS: teleporting a fundamental building block of the internet from the 80’s without major overhauls is a recipe for some interesting exploits and frustrations.\n\nDNS enumeration is a critical process in penetration testing and essential to security practitioners: the faster we can conduct DNS enumeration, the more potential vulnerabilities we can find.\n\nWe developed an ultra-fast open-source DNS scanner, SanicDNS, using multiple parallelisation techniques. The result is a scanner that is two orders of magnitude faster than other popular tools. I will take attendees under the hood of the code, sharing what techniques yield the best results, the challenges encountered and their workarounds, and my tips for those considering the same endeavour.\n\nThe practical applications of SanicDNS far exceed those of everything that preceded it. With this novel scanner, it is possible to identify DNS misconfigurations and conduct Nameserver takeover scans across the entire internet in realtime. This opens up a world of new possibilities for conducting reconnaissance.\n\nSanicDNS will be released for open-source at Defcon with easy-to-use installation instructions for the community.\n\n\n","media":[],"title":"Pushing the limits of mass DNS scanning","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:45:00Z","end_timestamp":{"seconds":1723250700,"nanoseconds":0},"android_description":"Most hackers have a complicated, love-hate relationship with DNS: teleporting a fundamental building block of the internet from the 80’s without major overhauls is a recipe for some interesting exploits and frustrations.\n\nDNS enumeration is a critical process in penetration testing and essential to security practitioners: the faster we can conduct DNS enumeration, the more potential vulnerabilities we can find.\n\nWe developed an ultra-fast open-source DNS scanner, SanicDNS, using multiple parallelisation techniques. The result is a scanner that is two orders of magnitude faster than other popular tools. I will take attendees under the hood of the code, sharing what techniques yield the best results, the challenges encountered and their workarounds, and my tips for those considering the same endeavour.\n\nThe practical applications of SanicDNS far exceed those of everything that preceded it. With this novel scanner, it is possible to identify DNS misconfigurations and conduct Nameserver takeover scans across the entire internet in realtime. This opens up a world of new possibilities for conducting reconnaissance.\n\nSanicDNS will be released for open-source at Defcon with easy-to-use installation instructions for the community.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55710,55907],"conference_id":133,"event_ids":[56250,56494],"name":"Jasper Insinger","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56123}],"begin_tsz":"2024-08-10T00:05:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-10T00:45:00.000-0000","id":56494,"tag_ids":[46391,46511],"village_id":null,"begin_timestamp":{"seconds":1723248300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56123}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T00:05:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"It’s 2007 when the Dutch Ministry of Internal Affairs orders a ban on voting\nmachines. Voting machines that have been in use for over a decade by then. The\nreason? The Dutch Secret Service has declared the TEMPEST radiation emitted by\nthe voting machines makes it possible for someone outside the polling station to\nsee what someone is voting.\nBut that is just the tip of the voting machine-ice berg. What came before is two\nyears of a foundation started by a group off Dutch hackers that fought to prove\nthat voting machines in their current form are unreliable, cannot be checked and\ncan be manipulated to show any result you want, regardless of the votes that are\ngiven as input.\nWhat followed is a lengthy report of a government ordered commission that\ndescribes 8 principles of trustworthy elections. These principles are very difficult to\nadhere to using voting machines, even modern voting machines. The reason for\nthis are some fundamental issues that come with computers: a lack of\ntransparency for those without a technical background as well as the issue of\nvoting secrecy (nobody being able to tell what a specific person voted for).\nIn this presentation; I outline the history of the Dutch voting machines and their\ndemise, what a group of hackers had to do with this, as well as the fundamental\nissues that we still struggle with to this day. Listeners can take this information as\nlessons for their own election processes.\nMind you, we are not saying not to use voting machines. We are not against the\nidea of voting machines. However, the issues we as the Netherlands are struggling\nwith have still not been resolved to this very day.\n\n\n","media":[],"title":"Hacking the Vote: How Hackers Caused the Downfall of the Dutch Voting Machines","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:45:00Z","end_timestamp":{"seconds":1723250700,"nanoseconds":0},"android_description":"It’s 2007 when the Dutch Ministry of Internal Affairs orders a ban on voting\nmachines. Voting machines that have been in use for over a decade by then. The\nreason? The Dutch Secret Service has declared the TEMPEST radiation emitted by\nthe voting machines makes it possible for someone outside the polling station to\nsee what someone is voting.\nBut that is just the tip of the voting machine-ice berg. What came before is two\nyears of a foundation started by a group off Dutch hackers that fought to prove\nthat voting machines in their current form are unreliable, cannot be checked and\ncan be manipulated to show any result you want, regardless of the votes that are\ngiven as input.\nWhat followed is a lengthy report of a government ordered commission that\ndescribes 8 principles of trustworthy elections. These principles are very difficult to\nadhere to using voting machines, even modern voting machines. The reason for\nthis are some fundamental issues that come with computers: a lack of\ntransparency for those without a technical background as well as the issue of\nvoting secrecy (nobody being able to tell what a specific person voted for).\nIn this presentation; I outline the history of the Dutch voting machines and their\ndemise, what a group of hackers had to do with this, as well as the fundamental\nissues that we still struggle with to this day. Listeners can take this information as\nlessons for their own election processes.\nMind you, we are not saying not to use voting machines. We are not against the\nidea of voting machines. However, the issues we as the Netherlands are struggling\nwith have still not been resolved to this very day.","updated_timestamp":{"seconds":1723183539,"nanoseconds":0},"speakers":[{"content_ids":[56191],"conference_id":133,"event_ids":[56845],"name":"Fleur van Leusden","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/fleur-%F0%9F%8E%99%F0%9F%A6%8A-van-leusden-356bb054"}],"media":[],"id":56568}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:05:39Z","links":[],"end":"2024-08-10T00:45:00.000-0000","id":56845,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56568}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Red Teaming is broken; this panel will fix it.","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722715708,"nanoseconds":0},"speakers":[{"content_ids":[55988],"conference_id":133,"event_ids":[56610],"name":"Suneel Sundar","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Director of Research & Development, Center for Threat-Informed Defense","title":""}],"links":[],"pronouns":null,"media":[],"id":56322,"title":"Director of Research & Development, Center for Threat-Informed Defense"},{"content_ids":[55988],"conference_id":133,"event_ids":[56610],"name":"Niru Ragupathy","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Security Engineer - Manager at Google","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/niru-ragupathy-99078233/"},{"description":"","title":"Twitter (@ninjacorgi)","sort_order":0,"url":"https://twitter.com/ninjacorgi"}],"media":[],"id":56323,"title":"Security Engineer - Manager at Google"},{"content_ids":[55988],"conference_id":133,"event_ids":[56610],"name":"Joe Vest","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Author of Red Team Development and Operations","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/joe-vest"},{"description":"","title":"Twitter (@joevest)","sort_order":0,"url":"https://twitter.com/joevest"}],"media":[],"id":56324,"title":"Author of Red Team Development and Operations"},{"content_ids":[55988],"conference_id":133,"event_ids":[56610],"name":"Drinor Selmanaj","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Founder of Sentry Cybersecurity and Defense","title":""}],"links":[],"pronouns":null,"media":[],"id":56325,"title":"Founder of Sentry Cybersecurity and Defense"}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T20:08:28Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56610,"tag_ids":[46367,46511],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56322},{"tag_id":46167,"sort_order":4,"person_id":56323},{"tag_id":46167,"sort_order":6,"person_id":56324},{"tag_id":46167,"sort_order":8,"person_id":56325}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-08-03T20:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"En este panel vamos a revisar desde la perspectiva de diferentes profesionales los desafios de hacer ciberseguridad en LATAM, los conocimientos o falta de ellos que se pueden evidenciar en diferentes sectores y las necesidades de habilidades existentes actuales en la region para mantener un ecosistema protegido de las amenazas que deben ser enfrentadas a diario\n\n\n","media":[],"title":"Cybersecurity Overview over LATAM- Skills, Challenges, Knowledge, Perspectives","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"En este panel vamos a revisar desde la perspectiva de diferentes profesionales los desafios de hacer ciberseguridad en LATAM, los conocimientos o falta de ellos que se pueden evidenciar en diferentes sectores y las necesidades de habilidades existentes actuales en la region para mantener un ecosistema protegido de las amenazas que deben ser enfrentadas a diario","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55966],"conference_id":133,"event_ids":[56582],"name":"Leonardo Pigñer","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"CEO y Co-Founder Ekoparty"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/lpigner"},{"description":"","title":"Twitter (@kfs)","sort_order":0,"url":"https://twitter.com/kfs"}],"media":[],"id":56300,"title":"CEO y Co-Founder Ekoparty"},{"content_ids":[55966],"conference_id":133,"event_ids":[56582],"name":"Katherina Canales","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Directora Ejecutiva de la Corporación de Ciberseguridad Minera"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@kathecanales)","sort_order":0,"url":"https://twitter.com/kathecanales"},{"description":"","title":"cl.linkedin.com/in/katherina-canales","sort_order":0,"url":"https://cl.linkedin.com/in/katherina-canales"}],"media":[],"id":56301,"title":"Directora Ejecutiva de la Corporación de Ciberseguridad Minera"},{"content_ids":[55966],"conference_id":133,"event_ids":[56582],"name":"Victor Santos","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"CEO da Clavis Segurança da Informação"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@victor_batista)","sort_order":0,"url":"https://twitter.com/victor_batista"},{"description":"","title":"br.linkedin.com/in/victor-ssantos","sort_order":0,"url":"https://br.linkedin.com/in/victor-ssantos"}],"media":[],"id":56302,"title":"CEO da Clavis Segurança da Informação"}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56582,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56300},{"tag_id":46167,"sort_order":4,"person_id":56301},{"tag_id":46167,"sort_order":6,"person_id":56302}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Homeland security agencies have been rapidly developing AI-powered solutions to enhance their operational effectiveness. As AI-powered systems become more ubiquitous, a greater emphasis must be placed on Cybersecurity. A career police officer, Yeow Boon understands first-hand the myriad ways AI can augment Homeland Security operations. In his current roles as the Deputy Chief Executive (Development) and Chief Information Officer of Singapore’s Home Team Science and Technology Agency (HTX), Yeow Boon oversees the agency's transformation, and by extension, the AI transformation of Singapore’s Home Team. Concurrently, he has to ensure that any risks involved in the increased attack surface associated with the development of AI-powered technologies are mitigated. In his speech, Yeow Boon will highlight the critical role of Cybersecurity in AI-driven homeland security. From the development stage to organisational best practices, he emphasises the importance of keeping Cybersecurity at the forefront of any agency’s AI transformation. During this session, look forward to gaining insights into the latest Cybersecurity threats in AI-driven Homeland Security and how to combat them.\n\n\n","media":[],"title":"Singapore - Safeguarding the Nation: The Vital Role of Cybersecurity in AI-Driven Homeland Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:45:00Z","end_timestamp":{"seconds":1723250700,"nanoseconds":0},"android_description":"Homeland security agencies have been rapidly developing AI-powered solutions to enhance their operational effectiveness. As AI-powered systems become more ubiquitous, a greater emphasis must be placed on Cybersecurity. A career police officer, Yeow Boon understands first-hand the myriad ways AI can augment Homeland Security operations. In his current roles as the Deputy Chief Executive (Development) and Chief Information Officer of Singapore’s Home Team Science and Technology Agency (HTX), Yeow Boon oversees the agency's transformation, and by extension, the AI transformation of Singapore’s Home Team. Concurrently, he has to ensure that any risks involved in the increased attack surface associated with the development of AI-powered technologies are mitigated. In his speech, Yeow Boon will highlight the critical role of Cybersecurity in AI-driven homeland security. From the development stage to organisational best practices, he emphasises the importance of keeping Cybersecurity at the forefront of any agency’s AI transformation. During this session, look forward to gaining insights into the latest Cybersecurity threats in AI-driven Homeland Security and how to combat them.","updated_timestamp":{"seconds":1722642952,"nanoseconds":0},"speakers":[{"content_ids":[54453,56178,55917],"conference_id":133,"event_ids":[56832,54826,56508],"name":"Bill Woodcock","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Packet Clearing House","title":"Executive Director"}],"links":[],"pronouns":null,"media":[],"id":54077,"title":"Executive Director at Packet Clearing House"},{"content_ids":[55917],"conference_id":133,"event_ids":[56508],"name":"NG Yeow Boon","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Singapore’s Home Team Science and Technology Agency","title":""}],"links":[],"pronouns":null,"media":[],"id":56285,"title":"Singapore’s Home Team Science and Technology Agency"}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T23:55:52Z","links":[],"end":"2024-08-10T00:45:00.000-0000","id":56508,"tag_ids":[46388,46419,46511],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56285},{"tag_id":46167,"sort_order":4,"person_id":54077}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-08-02T23:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"DevSecOps of Quantum Computers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:30:00Z","end_timestamp":{"seconds":1723249800,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-10T00:30:00.000-0000","id":56434,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There are loads of ways to get through a door without actually attacking the lock itself, including using the egress hardware, access control hardware, and countless other techniques to gain entry. Learn how to do these attacks in this talk!\n\n\n","media":[],"title":"Bypass 101","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"There are loads of ways to get through a door without actually attacking the lock itself, including using the egress hardware, access control hardware, and countless other techniques to gain entry. Learn how to do these attacks in this talk!","updated_timestamp":{"seconds":1723044255,"nanoseconds":0},"speakers":[{"content_ids":[54561,54621,55796],"conference_id":133,"event_ids":[56873,56345,54936,54995],"name":"Karen Ng","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GGR Security","title":"Risk Analyst"}],"links":[],"pronouns":null,"media":[],"id":54281,"title":"Risk Analyst at GGR Security"}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T15:24:15Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56345,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54281}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-08-07T15:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"CTI (Cyber Threat Intelligence) is hard, dumb, silly, a co$t center, a chaotic mess, nonsensical magic…dead. Let this panel change your mind that it is more than a threat feed or a too-long-to-read report. Where is the value?!?!?!\n\n\nJoin us while we navigate the squishy love-hate relationship with CTI. Can we deliver on showing there is value to CTI? You be the judge...","media":[],"title":"CTI is Dead, Long Live CTI: Reassessing Blue Team's Squishiest Value Proposition (BTV Panel)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"CTI (Cyber Threat Intelligence) is hard, dumb, silly, a co$t center, a chaotic mess, nonsensical magic…dead. Let this panel change your mind that it is more than a threat feed or a too-long-to-read report. Where is the value?!?!?!\n\n\nJoin us while we navigate the squishy love-hate relationship with CTI. Can we deliver on showing there is value to CTI? You be the judge...","updated_timestamp":{"seconds":1723185796,"nanoseconds":0},"speakers":[{"content_ids":[55757],"conference_id":133,"event_ids":[56282],"name":"Aurora Johnson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SpyCloud Labs","title":""}],"links":[],"pronouns":null,"media":[],"id":56135,"title":"SpyCloud Labs"},{"content_ids":[55757],"conference_id":133,"event_ids":[56282],"name":"Jamie Williams","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Palo Alto Networks Unit 42","title":""}],"links":[],"pronouns":null,"media":[],"id":56143,"title":"Palo Alto Networks Unit 42"},{"content_ids":[55757],"conference_id":133,"event_ids":[56282],"name":"Ch33r10","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56153},{"content_ids":[55757],"conference_id":133,"event_ids":[56282],"name":"Rebecca Ford","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56162},{"content_ids":[55757],"conference_id":133,"event_ids":[56282],"name":"Ben Goerz","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56168}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:43:16Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56282,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56135},{"tag_id":46167,"sort_order":1,"person_id":56168},{"tag_id":46167,"sort_order":1,"person_id":56153},{"tag_id":46167,"sort_order":1,"person_id":56143},{"tag_id":46167,"sort_order":1,"person_id":56162}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-08-09T06:43:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"From theory to practice: dive into the lessons learned from building and defending an LLM application. This talk offers firsthand insights into the challenges and breakthroughs experienced while developing and securing large language models in real-world settings. We'll explore critical vulnerabilities, innovative defense strategies, and practical tips for enhancing the robustness of AI applications. Join us to gain actionable knowledge that can help you navigate the evolving landscape of AI security with confidence. \n\n\n","media":[],"title":"When Chatbots Go Rogue – Lessons Learned from Building and Defending LLM Applications","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:30:00Z","end_timestamp":{"seconds":1723249800,"nanoseconds":0},"android_description":"From theory to practice: dive into the lessons learned from building and defending an LLM application. This talk offers firsthand insights into the challenges and breakthroughs experienced while developing and securing large language models in real-world settings. We'll explore critical vulnerabilities, innovative defense strategies, and practical tips for enhancing the robustness of AI applications. Join us to gain actionable knowledge that can help you navigate the evolving landscape of AI security with confidence.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55699,55712,55722],"conference_id":133,"event_ids":[56228,56230,56252],"name":"Andra","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56103},{"content_ids":[55699],"conference_id":133,"event_ids":[56230],"name":"Javan Rasokat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56124}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T00:30:00.000-0000","id":56230,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56103},{"tag_id":46167,"sort_order":1,"person_id":56124}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us at Telecom Village, DEFCON for the SIM Card Testing Workshop. We'll cover SIM card functionality, communication protocols, reading and writing techniques, and introduce SIM card algorithms and authentication. Explore emerging eSIM technology and its communication methods. This hands-on workshop equips participants with practical skills in testing and manipulating SIM cards, providing a comprehensive understanding of both traditional SIM and eSIM technologies\n\n\n","media":[{"hash_sha256":"6ee1b484dd03eebefd7ebb357ab4d4ce86c4d9d3dd85b0efbdb8e2bb7a9cb76f","filetype":"image/webp","hash_md5":"423704fc7b2c7a9326f0af152ffb0717","name":"content_telecom_simplysecure.webp","is_logo":"Y","hash_crc32c":"84c49c1a","filesize":141946,"asset_id":825,"sort_order":1,"url":"https://info.defcon.org/blobs/content_telecom_simplysecure.webp"}],"title":"SIMply Secure","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Join us at Telecom Village, DEFCON for the SIM Card Testing Workshop. We'll cover SIM card functionality, communication protocols, reading and writing techniques, and introduce SIM card algorithms and authentication. Explore emerging eSIM technology and its communication methods. This hands-on workshop equips participants with practical skills in testing and manipulating SIM cards, providing a comprehensive understanding of both traditional SIM and eSIM technologies","updated_timestamp":{"seconds":1722352190,"nanoseconds":0},"speakers":[{"content_ids":[55561],"conference_id":133,"event_ids":[56076],"name":"Zibran Sayyed","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/zibran-sayyed-81b27618a/"},{"description":"","title":"Twitter (@ZibranSayyed23)","sort_order":0,"url":"https://twitter.com/ZibranSayyed23"}],"media":[],"id":56036}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T15:09:50Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56076,"tag_ids":[46395,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56036}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W201","hotel":"","short_name":"W201","id":46281},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-07-30T15:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk, I will share my journey from a novice to a seasoned hunter. I will explore how I used to report low-impact, informative bugs when I first started, and how I progressively improved by learning from the community, embracing failures/duplicates, and incorporating feedback from triage teams and clients. This journey of continuous learning and adaptation led me from reporting low vulnerabilities to effectively chaining and converting them into critical impacts.\n\nThis session is designed for both aspiring and experienced bug bounty hunters. By reflecting on a decade of lessons learned, I will aim to provide valuable takeaways that can help others navigate their own paths in bug bounty hunting and enhance their skills.\n\nAdditionally, one Synack triage team member will join me on this talk to help differentiate triage thinking from bug bounty hunters' thinking, providing valuable insights into the collaborative process of vulnerability reporting to acceptance.\n\n\n","media":[],"title":"Reflections on a Decade in Bug Bounties: Experiences and Major Takeaways","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"In this talk, I will share my journey from a novice to a seasoned hunter. I will explore how I used to report low-impact, informative bugs when I first started, and how I progressively improved by learning from the community, embracing failures/duplicates, and incorporating feedback from triage teams and clients. This journey of continuous learning and adaptation led me from reporting low vulnerabilities to effectively chaining and converting them into critical impacts.\n\nThis session is designed for both aspiring and experienced bug bounty hunters. By reflecting on a decade of lessons learned, I will aim to provide valuable takeaways that can help others navigate their own paths in bug bounty hunting and enhance their skills.\n\nAdditionally, one Synack triage team member will join me on this talk to help differentiate triage thinking from bug bounty hunters' thinking, providing valuable insights into the collaborative process of vulnerability reporting to acceptance.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54589,55734],"conference_id":133,"event_ids":[56261,54964],"name":"Nikhil \"niks\" Shrivastava","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@niksthehacker)","sort_order":0,"url":"https://twitter.com/niksthehacker"}],"media":[],"id":54340},{"content_ids":[54589,55734],"conference_id":133,"event_ids":[56261,54964],"name":"Charles Waterhouse","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56108}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#reflections-on-a-decade-in-bug-bounties"}],"end":"2024-08-10T01:00:00.000-0000","id":54964,"tag_ids":[46374,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56108},{"tag_id":46167,"sort_order":4,"person_id":54340}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk reveals stunning vulnerability findings in leading solar manufacturers that, when exploited, the stake is the grid. We'll explore three massive vulns in the management platform and discuss how they can be weaponized to become chilling nation security risks.\n\n\n","media":[],"title":"Beyond Sunset: Exposing the Occultations Lurking in Large-Scale Off-Grid Solar Systems","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:30:00Z","end_timestamp":{"seconds":1723249800,"nanoseconds":0},"android_description":"This talk reveals stunning vulnerability findings in leading solar manufacturers that, when exploited, the stake is the grid. We'll explore three massive vulns in the management platform and discuss how they can be weaponized to become chilling nation security risks.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54588],"conference_id":133,"event_ids":[54963],"name":"Dan Berte","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Bitdefender","title":"Manager, IoT Vulnerability Research Program"}],"links":[],"pronouns":null,"media":[],"id":54271,"title":"Manager, IoT Vulnerability Research Program at Bitdefender"},{"content_ids":[54588],"conference_id":133,"event_ids":[54963],"name":"Alexandru Lazar","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Bitdefender","title":"Security Researcher"}],"links":[],"pronouns":null,"media":[],"id":54286,"title":"Security Researcher at Bitdefender"}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T00:30:00.000-0000","id":54963,"tag_ids":[46383,46419,46437,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54286},{"tag_id":46167,"sort_order":1,"person_id":54271}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Using AI to pre-generate gamifie CTFs so hard even the admins won't know the answers. Exploring the visionary concept of using gamified, AI-generated barrier mazes for futuristic authentication and encryption inspired by manga. But in the great words of your Mom and mine, if we aren't breaking into something, then what is David Maynor even doing there?\n\n\n","media":[],"title":"Be the Ghost in the Shell Barrier Mazes FTW","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Using AI to pre-generate gamifie CTFs so hard even the admins won't know the answers. Exploring the visionary concept of using gamified, AI-generated barrier mazes for futuristic authentication and encryption inspired by manga. But in the great words of your Mom and mine, if we aren't breaking into something, then what is David Maynor even doing there?","updated_timestamp":{"seconds":1722376084,"nanoseconds":0},"speakers":[{"content_ids":[54587,55310],"conference_id":133,"event_ids":[55700,54962],"name":"David \"Icer\" Maynor","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ThreatHunter.ai","title":"Secret Keeper"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@Dave_Maynor)","sort_order":0,"url":"https://twitter.com/Dave_Maynor"}],"media":[],"id":54339,"title":"Secret Keeper at ThreatHunter.ai"}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T21:48:04Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":54962,"tag_ids":[46397,46419,46437,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54339}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-07-30T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A lot of security research have recently focused on various wireless communication protocols, targeting smartphones, wireless mice and keyboards and even cars. In order to demonstrate these attacks, researchers developed dedicated tools that for most of them include some specialized firmware of their own but also rely on various unique custom host/device communication protocols. These tools work great but are strongly tied to some specific hardware that at some point will not be available anymore, or require hackers to buy more hardware to carry on to have fun with. Why not making these tools compatible with more hardware ? And why researchers always have to create their own host/device protocol when it comes to using a dedicated hardware ? Why not having one flexible protocol and related tools to rule them all ?\r\n\r\nWe will present in this talk WHAD, a framework that provides an extensible host/device communication protocol, dedicated protocol stacks and way more for hackers who love having fun with wireless protocols. WHAD makes interoperability possible between tools by allowing different hardware devices to be used if they provide the required capabilities, giving the opportunity to create advanced tools without having to care about the hardware and its firmware in most of the cases!\r\n\r\n- [Atlas 2012] Atlas. SubGHz or Bust, 2012. Available at [link](https://media.blackhat.com/bh-us-12/Briefings/Atlas/BH_US_12_Atlas_GHZ_Workshop_Slides.pdf). \r\n- [Blu 2019] Bluetooth SIG. Bluetooth Core Specification, 2019. \r\n- [Cauquil 2016] Damien Cauquil. BtleJuice: The Bluetooth Smart MiTM framework. In DEF CON, volume 24, 2016. \r\n- [Cauquil 2017b] Damien Cauquil. Sniffing BTLE with the Micro:Bit. PoC or GTFO, vol. 17, pages 13–20, 2017. \r\n- [Cauquil 2017c] Damien Cauquil. Weaponizing the BBC Micro:Bit. In DEF CON, volume 25, 2017. Available at [link](https://media.defcon.org/DEFCON25/DEFCON25presentations/DEFCON25-Damien-Cauquil-Weaponizing-the-BBC-MicroBit-UPDATED.pdf).\r\n- [Cauquil 2018] Damien Cauquil. You’d better secure your BLE devices or we’ll kick your butts ! In DEF CON, volume 26, 2018. Available at [link](https://media.defcon.org/DEFCON26/DEFCON26presentations/DEFCON-26-Damien-Cauquil-Secure-Your-BLE-Devices-Updated.pdf).\r\n- [Cauquil 2019] Damien Cauquil. Defeating Bluetooth Low Energy 5 PRNG for fun and jamming. In DEF CON, volume 27, 2019. Available at [link](https://media.defcon.org/DEFCON27/DEFCON27presentations/DEFCON-27-Damien-Cauquil-Defeating-Bluetooth-Low-Energy-5-PRNG-for-fun-and-jamming.PDF). \r\n- [Cayre 2019a] Romain Cayre, Vincent Nicomette, Guillaume Auriol, Eric Alata, Mohamed Kaâniche and Geraldine Marconato. Mirage: towards a Metasploit-like framework for IoT. In 2019 IEEE 30th International Symposium on Software Reliability Engineering (ISSRE), Berlin, Germany, October 2019.\r\n- [Cayre 2021b] Romain Cayre, Florent Galtier, Guillaume Auriol, Vincent Nicomette, Mohamed Kaâniche and Géraldine Marconato. InjectaBLE: Injecting malicious traffic into established Bluetooth Low Energy connections. In IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2021), Taipei (virtual), Taiwan, June 2021. \r\n- [Cayre 2021c] Romain Cayre, Florent Galtier, Guillaume Auriol, Vincent Nicomette, Mohamed Kaâniche and Géraldine Marconato. WazaBee: attacking Zigbee networks by diverting Bluetooth Low Energy chips. In IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2021), Taipei (virtual), Taiwan, June 2021.\r\n- [Cayre 2021d] Romain Cayre, Géraldine Marconato, Florent Galtier, Mohamed Kaâniche, Vincent Nicomette and Guillaume Auriol. Cross-protocol attacks: weaponizing a smartphone by diverting its Bluetooth controller. In 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Abu Dhabi, United Arab Emirates, June 2021. \r\n- [Cayre 2021e] Romain Cayre, Damien Cauquil and Aurélien Francillon. ESPwn32: hacking with ESP32 system-on-chips.In 17th IEEE Workshop on Offensive Technologies (WOOT 2023), co-located with IEEE S&P 2023, San Francisco, United States, May 2023.\r\n- [Goodspeed 2011a] Travis Goodspeed. Promiscuity is the nRF24L01+’s Duty. Available at [link](http://travisgoodspeed.blogspot.com/2011/02/promiscuity-is-nrf24l01s-duty.html), 2011. \r\n- [IEE 2020] IEEE Standard for Low-Rate Wireless Networks. IEEE Std 802.15.4 2020 (Revision of IEEE Std 802.15.4-2015), pages 1–800, 2020. \r\n- [Jasek 2016] Sławomir Jasek. Gattacking Bluetooth Smart Devices. In BlackHat USA, 2016. Available at [link](http://gattack.io/whitepaper.pdf).\r\n- [LOG 2019] LogiTacker GitHub Repository, 2019. Available at [link](https://github.com/RoganDawes/LOGITacker)\r\n- [LoR 2017] LoRa Alliance, Inc. LoRaWan Specification, 2017.\r\n- [Newlin 2016a] Marc Newlin. MouseJack : White Paper. In DEF CON, volume 24, 2016. Available at [link](https://github.com/BastilleResearch/mousejack/blob/master/doc/pdf/DEFCON-24-Marc-Newlin-MouseJack-Injecting-Keystrokes-Into-Wireless-Mice.whitepaper.pdf).\r\n- [Olawumi 2014] Olayemi Olawumi, Keijo Haataja, Mikko Asikainen, Niko Vidgren and Pekka Toivanen. Three practical attacks against ZigBee security: Attack scenario definitions, practical experiments, countermeasures, and lessons learned. In 2014 14th International Conference on Hybrid Intelligent Systems, pages 199–206, 2014.\r\n- [Qasim Khan 2019] Sultan Qasim Khan. Sniffle: A sniffer for Bluetooth 5 (LE), 2019. Available at [link](https://hardwear.io/netherlands-2019/presentation/sniffle-talk-hardwear-io-nl-2019.pdf).\r\n- [Ryan 2013a] Mike Ryan. Bluetooth: With Low Energy Comes Low Security. In 7th USENIX Workshop on Offensive Technologies (WOOT 13), Washington, D.C., August 2013. USENIX Association. \r\n- [Vidgren 2013a] N. Vidgren, K. Haataja, J. L. Patiño-Andres, J. J. Ramírez-Sanchis and P. Toivanen. Security Threats in ZigBee-Enabled Systems: Vulnerability Evaluation, Practical Experiments, Countermeasures, and Lessons Learned. In 2013 46th Hawaii International Conference on System Sciences, pages 5132–5138, 2013.\r\n- [Wright 2009] Joshua Wright. KillerBee: Practical ZigBee Exploitation Framework, 2009. Available at [link](http://www.willhackforsushi.com/presentations/toorcon11-wright.pdf).\r\n- [Zillner 2015] T. Zillner. ZigBee Exploited: The good , the bad and the ugly. In BlackHat, 2015.\r\n\n\n\n","media":[],"title":"One for all and all for WHAD: wireless shenanigans made easy !","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T00:45:00Z","end_timestamp":{"seconds":1723250700,"nanoseconds":0},"android_description":"A lot of security research have recently focused on various wireless communication protocols, targeting smartphones, wireless mice and keyboards and even cars. In order to demonstrate these attacks, researchers developed dedicated tools that for most of them include some specialized firmware of their own but also rely on various unique custom host/device communication protocols. These tools work great but are strongly tied to some specific hardware that at some point will not be available anymore, or require hackers to buy more hardware to carry on to have fun with. Why not making these tools compatible with more hardware ? And why researchers always have to create their own host/device protocol when it comes to using a dedicated hardware ? Why not having one flexible protocol and related tools to rule them all ?\r\n\r\nWe will present in this talk WHAD, a framework that provides an extensible host/device communication protocol, dedicated protocol stacks and way more for hackers who love having fun with wireless protocols. WHAD makes interoperability possible between tools by allowing different hardware devices to be used if they provide the required capabilities, giving the opportunity to create advanced tools without having to care about the hardware and its firmware in most of the cases!\r\n\r\n- [Atlas 2012] Atlas. SubGHz or Bust, 2012. Available at [link](https://media.blackhat.com/bh-us-12/Briefings/Atlas/BH_US_12_Atlas_GHZ_Workshop_Slides.pdf). \r\n- [Blu 2019] Bluetooth SIG. Bluetooth Core Specification, 2019. \r\n- [Cauquil 2016] Damien Cauquil. BtleJuice: The Bluetooth Smart MiTM framework. In DEF CON, volume 24, 2016. \r\n- [Cauquil 2017b] Damien Cauquil. Sniffing BTLE with the Micro:Bit. PoC or GTFO, vol. 17, pages 13–20, 2017. \r\n- [Cauquil 2017c] Damien Cauquil. Weaponizing the BBC Micro:Bit. In DEF CON, volume 25, 2017. Available at [link](https://media.defcon.org/DEFCON25/DEFCON25presentations/DEFCON25-Damien-Cauquil-Weaponizing-the-BBC-MicroBit-UPDATED.pdf).\r\n- [Cauquil 2018] Damien Cauquil. You’d better secure your BLE devices or we’ll kick your butts ! In DEF CON, volume 26, 2018. Available at [link](https://media.defcon.org/DEFCON26/DEFCON26presentations/DEFCON-26-Damien-Cauquil-Secure-Your-BLE-Devices-Updated.pdf).\r\n- [Cauquil 2019] Damien Cauquil. Defeating Bluetooth Low Energy 5 PRNG for fun and jamming. In DEF CON, volume 27, 2019. Available at [link](https://media.defcon.org/DEFCON27/DEFCON27presentations/DEFCON-27-Damien-Cauquil-Defeating-Bluetooth-Low-Energy-5-PRNG-for-fun-and-jamming.PDF). \r\n- [Cayre 2019a] Romain Cayre, Vincent Nicomette, Guillaume Auriol, Eric Alata, Mohamed Kaâniche and Geraldine Marconato. Mirage: towards a Metasploit-like framework for IoT. In 2019 IEEE 30th International Symposium on Software Reliability Engineering (ISSRE), Berlin, Germany, October 2019.\r\n- [Cayre 2021b] Romain Cayre, Florent Galtier, Guillaume Auriol, Vincent Nicomette, Mohamed Kaâniche and Géraldine Marconato. InjectaBLE: Injecting malicious traffic into established Bluetooth Low Energy connections. In IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2021), Taipei (virtual), Taiwan, June 2021. \r\n- [Cayre 2021c] Romain Cayre, Florent Galtier, Guillaume Auriol, Vincent Nicomette, Mohamed Kaâniche and Géraldine Marconato. WazaBee: attacking Zigbee networks by diverting Bluetooth Low Energy chips. In IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2021), Taipei (virtual), Taiwan, June 2021.\r\n- [Cayre 2021d] Romain Cayre, Géraldine Marconato, Florent Galtier, Mohamed Kaâniche, Vincent Nicomette and Guillaume Auriol. Cross-protocol attacks: weaponizing a smartphone by diverting its Bluetooth controller. In 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Abu Dhabi, United Arab Emirates, June 2021. \r\n- [Cayre 2021e] Romain Cayre, Damien Cauquil and Aurélien Francillon. ESPwn32: hacking with ESP32 system-on-chips.In 17th IEEE Workshop on Offensive Technologies (WOOT 2023), co-located with IEEE S&P 2023, San Francisco, United States, May 2023.\r\n- [Goodspeed 2011a] Travis Goodspeed. Promiscuity is the nRF24L01+’s Duty. Available at [link](http://travisgoodspeed.blogspot.com/2011/02/promiscuity-is-nrf24l01s-duty.html), 2011. \r\n- [IEE 2020] IEEE Standard for Low-Rate Wireless Networks. IEEE Std 802.15.4 2020 (Revision of IEEE Std 802.15.4-2015), pages 1–800, 2020. \r\n- [Jasek 2016] Sławomir Jasek. Gattacking Bluetooth Smart Devices. In BlackHat USA, 2016. Available at [link](http://gattack.io/whitepaper.pdf).\r\n- [LOG 2019] LogiTacker GitHub Repository, 2019. Available at [link](https://github.com/RoganDawes/LOGITacker)\r\n- [LoR 2017] LoRa Alliance, Inc. LoRaWan Specification, 2017.\r\n- [Newlin 2016a] Marc Newlin. MouseJack : White Paper. In DEF CON, volume 24, 2016. Available at [link](https://github.com/BastilleResearch/mousejack/blob/master/doc/pdf/DEFCON-24-Marc-Newlin-MouseJack-Injecting-Keystrokes-Into-Wireless-Mice.whitepaper.pdf).\r\n- [Olawumi 2014] Olayemi Olawumi, Keijo Haataja, Mikko Asikainen, Niko Vidgren and Pekka Toivanen. Three practical attacks against ZigBee security: Attack scenario definitions, practical experiments, countermeasures, and lessons learned. In 2014 14th International Conference on Hybrid Intelligent Systems, pages 199–206, 2014.\r\n- [Qasim Khan 2019] Sultan Qasim Khan. Sniffle: A sniffer for Bluetooth 5 (LE), 2019. Available at [link](https://hardwear.io/netherlands-2019/presentation/sniffle-talk-hardwear-io-nl-2019.pdf).\r\n- [Ryan 2013a] Mike Ryan. Bluetooth: With Low Energy Comes Low Security. In 7th USENIX Workshop on Offensive Technologies (WOOT 13), Washington, D.C., August 2013. USENIX Association. \r\n- [Vidgren 2013a] N. Vidgren, K. Haataja, J. L. Patiño-Andres, J. J. Ramírez-Sanchis and P. Toivanen. Security Threats in ZigBee-Enabled Systems: Vulnerability Evaluation, Practical Experiments, Countermeasures, and Lessons Learned. In 2013 46th Hawaii International Conference on System Sciences, pages 5132–5138, 2013.\r\n- [Wright 2009] Joshua Wright. KillerBee: Practical ZigBee Exploitation Framework, 2009. Available at [link](http://www.willhackforsushi.com/presentations/toorcon11-wright.pdf).\r\n- [Zillner 2015] T. Zillner. ZigBee Exploited: The good , the bad and the ugly. In BlackHat, 2015.","updated_timestamp":{"seconds":1720462949,"nanoseconds":0},"speakers":[{"content_ids":[54472],"conference_id":133,"event_ids":[54845],"name":"Damien Cauquil","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Quarkslab","title":"Security Engineer"}],"pronouns":"he/him","links":[{"description":"","title":"mamot.fr/@virtualabs","sort_order":0,"url":"https://mamot.fr/@virtualabs"},{"description":"","title":"quarkslab.com","sort_order":0,"url":"https://quarkslab.com"}],"media":[],"id":54069,"title":"Security Engineer at Quarkslab"},{"content_ids":[54472],"conference_id":133,"event_ids":[54845],"name":"Romain Cayre","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"EURECOM","title":"Assistant Professor, Software and System Security (S3) Group"}],"pronouns":null,"links":[{"description":"","title":"Mastodon (@rcayre@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@rcayre"},{"description":"","title":"Twitter (@CayreRomain)","sort_order":0,"url":"https://twitter.com/CayreRomain"},{"description":"","title":"Website","sort_order":0,"url":"https://www.s3.eurecom.fr/~rcayre/"}],"media":[],"id":54198,"title":"Assistant Professor, Software and System Security (S3) Group at EURECOM"}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:22:29Z","links":[],"end":"2024-08-10T00:45:00.000-0000","id":54845,"tag_ids":[46166,46169,46419,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54069},{"tag_id":46167,"sort_order":2,"person_id":54198}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-07-08T18:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In a world where technology and software are intertwined with our daily lives more than ever, a silent threat grows in the shadows.\n\nEnd-of-life devices—abandoned by manufacturers - power our homes, hospitals, businesses and critical infrastructure. From the depths of the cyber underground, malicious software from cybercriminal and nation-state actors is seizing these forgotten devices and conscripting them into botnets and other malicious infrastructure.\n\nFor example, Black Lotus Labs revealed a chilling trend: 40,000 small office home office (SOHO) routers compromised and enrolled in the sinister 'Faceless' botnet - now powered by devices you own and thought were safe.\n\nAnd it's not just routers. Critical medical devices, essential security hardware—smart home appliances. No gadget is safe. And, with the Internet of Things set to double in the next decade, billions of vulnerable devices marketed and sold to connect us risk robbing, dividing and defeating us in the years to come: a process one expert has termed “enshittification.”\n\nAfter years of warnings from the cybersecurity community, alarms are finally sounding in the halls of power. But more is needed: a clarion call to reset, to redefine ownership and security in an age of smart, connected devices before it's too late.\n\nIn this panel you’ll be enlisted to join the fight. You’ll hear from experts working at the forefront of a fight to challenge the status quo and seek solutions to safeguard our digital futures.Are you ready to stand up for your right to a secure, connected world? The battle for control, for transparency- for a sustainable and resilient digital future begins now!\n\n\n","media":[],"title":"Bricked & Abandoned: How To Keep The IoT From Becoming An Internet of Trash","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T00:45:00Z","end_timestamp":{"seconds":1723250700,"nanoseconds":0},"android_description":"In a world where technology and software are intertwined with our daily lives more than ever, a silent threat grows in the shadows.\n\nEnd-of-life devices—abandoned by manufacturers - power our homes, hospitals, businesses and critical infrastructure. From the depths of the cyber underground, malicious software from cybercriminal and nation-state actors is seizing these forgotten devices and conscripting them into botnets and other malicious infrastructure.\n\nFor example, Black Lotus Labs revealed a chilling trend: 40,000 small office home office (SOHO) routers compromised and enrolled in the sinister 'Faceless' botnet - now powered by devices you own and thought were safe.\n\nAnd it's not just routers. Critical medical devices, essential security hardware—smart home appliances. No gadget is safe. And, with the Internet of Things set to double in the next decade, billions of vulnerable devices marketed and sold to connect us risk robbing, dividing and defeating us in the years to come: a process one expert has termed “enshittification.”\n\nAfter years of warnings from the cybersecurity community, alarms are finally sounding in the halls of power. But more is needed: a clarion call to reset, to redefine ownership and security in an age of smart, connected devices before it's too late.\n\nIn this panel you’ll be enlisted to join the fight. You’ll hear from experts working at the forefront of a fight to challenge the status quo and seek solutions to safeguard our digital futures.Are you ready to stand up for your right to a secure, connected world? The battle for control, for transparency- for a sustainable and resilient digital future begins now!","updated_timestamp":{"seconds":1720307459,"nanoseconds":0},"speakers":[{"content_ids":[54488,54471],"conference_id":133,"event_ids":[54844,54861],"name":"Cory Doctorow","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Author"}],"pronouns":null,"links":[{"description":"","title":"Mastodon (@doctorow@mamot.fr)","sort_order":0,"url":"https://mamot.fr/@doctorow"},{"description":"","title":"Medium (@doctorow)","sort_order":0,"url":"https://medium.com/@doctorow"},{"description":"","title":"Tumblr (@mostlysignssomeportents)","sort_order":0,"url":"https://www.tumblr.com/mostlysignssomeportents"},{"description":"","title":"Twitter (@doctorow)","sort_order":0,"url":"https://twitter.com/doctorow"},{"description":"","title":"Website","sort_order":0,"url":"https://craphound.com"}],"media":[],"id":54119,"title":"Author"},{"content_ids":[54471],"conference_id":133,"event_ids":[54844],"name":"Tarah Wheeler","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Red Queen Dynamics","title":"Founder and CEO"},{"organization":"Council on Foreign Relations","title":"Senior Fellow in Global Cyber Policy"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@tarah)","sort_order":0,"url":"https://twitter.com/tarah"},{"description":"","title":"Website","sort_order":0,"url":"https://tarah.org"}],"media":[],"id":54135,"title":"Senior Fellow in Global Cyber Policy at Council on Foreign Relations"},{"content_ids":[54624,54441,54471],"conference_id":133,"event_ids":[54814,54844,54998],"name":"Dennis Giese","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Twitter (@dgi_DE)","sort_order":0,"url":"https://twitter.com/dgi_DE"},{"description":"","title":"Website","sort_order":0,"url":"https://dontvacuum.me"}],"media":[],"id":54142},{"content_ids":[54471],"conference_id":133,"event_ids":[54844],"name":"Paul Roberts","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Secure Repairs","title":"Founder"},{"organization":"The Security Ledger","title":"Publisher and Editor in Chief"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@paulfroberts)","sort_order":0,"url":"https://twitter.com/paulfroberts"},{"description":"","title":"Website","sort_order":0,"url":"https://pfroberts.com"}],"media":[],"id":54143,"title":"Publisher and Editor in Chief at The Security Ledger"},{"content_ids":[54471],"conference_id":133,"event_ids":[54844],"name":"Chris Wysopal","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Veracode","title":"CTO"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@WeldPond)","sort_order":0,"url":"https://twitter.com/WeldPond"},{"description":"","title":"Twitter (@veracode)","sort_order":0,"url":"https://twitter.com/veracode"}],"media":[],"id":54144,"title":"CTO at Veracode"}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:59Z","links":[],"end":"2024-08-10T00:45:00.000-0000","id":54844,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54143},{"tag_id":46167,"sort_order":4,"person_id":54144},{"tag_id":46167,"sort_order":6,"person_id":54119},{"tag_id":46167,"sort_order":8,"person_id":54135},{"tag_id":46167,"sort_order":10,"person_id":54142}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Secure Web Gateways (SWGs) are cloud-based SSL-intercepting proxies and an important component of enterprise Secure Access Service Edge (SASE) or Security Service Edge (SSE) solutions. SWGs ensure secure web access for enterprise users by doing malware protection, threat prevention, URL filtering, and content inspection of sensitive data, among other critical security measures. \r\n\r\nOur research indicates that in today's world of complex web applications and protocols, SWGs often fail to deliver on their promise. We will demonstrate a new class of attacks: “Last Mile Reassembly Attacks,” which, as of this writing, can bypass every SWG in the Gartner Magic Quadrant for SASE and SSE - this includes the largest public market cybersecurity companies in the world. Additionally, we will release an open-source attack toolkit for researchers and red teams to test these attacks on their security solutions and better understand their security exposure.\r\n\r\nWe aim for our talk to compel SWG vendors to rethink cloud-based client-side web attack detection models, and for enterprises to rethink how they look at securing their users against web threats. \r\n\r\nSecure Web Gateway Basics: [link](https://www.cloudflare.com/learning/access-management/what-is-a-secure-web-gateway/)\r\nSSL Interception and Attacks: [link](https://www.secureworks.com/research/transitive-trust)\n\n\n","media":[],"title":"Breaking Secure Web Gateways (SWG) for Fun and Profit","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T00:45:00Z","end_timestamp":{"seconds":1723250700,"nanoseconds":0},"android_description":"Secure Web Gateways (SWGs) are cloud-based SSL-intercepting proxies and an important component of enterprise Secure Access Service Edge (SASE) or Security Service Edge (SSE) solutions. SWGs ensure secure web access for enterprise users by doing malware protection, threat prevention, URL filtering, and content inspection of sensitive data, among other critical security measures. \r\n\r\nOur research indicates that in today's world of complex web applications and protocols, SWGs often fail to deliver on their promise. We will demonstrate a new class of attacks: “Last Mile Reassembly Attacks,” which, as of this writing, can bypass every SWG in the Gartner Magic Quadrant for SASE and SSE - this includes the largest public market cybersecurity companies in the world. Additionally, we will release an open-source attack toolkit for researchers and red teams to test these attacks on their security solutions and better understand their security exposure.\r\n\r\nWe aim for our talk to compel SWG vendors to rethink cloud-based client-side web attack detection models, and for enterprises to rethink how they look at securing their users against web threats. \r\n\r\nSecure Web Gateway Basics: [link](https://www.cloudflare.com/learning/access-management/what-is-a-secure-web-gateway/)\r\nSSL Interception and Attacks: [link](https://www.secureworks.com/research/transitive-trust)","updated_timestamp":{"seconds":1720462685,"nanoseconds":0},"speakers":[{"content_ids":[54555,54470,55984,55899],"conference_id":133,"event_ids":[56606,56486,54843,54930],"name":"Vivek Ramachandran","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SquareX","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/vivekramachandran/"},{"description":"","title":"Twitter (@vivekramac)","sort_order":0,"url":"https://x.com/vivekramac"}],"media":[],"id":54075,"title":"Founder at SquareX"},{"content_ids":[54470],"conference_id":133,"event_ids":[54843],"name":"Jeswin Mathai","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SquareX","title":"Chief Architect"}],"links":[],"pronouns":null,"media":[],"id":54099,"title":"Chief Architect at SquareX"}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:18:05Z","links":[],"end":"2024-08-10T00:45:00.000-0000","id":54843,"tag_ids":[46166,46169,46419,46437,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54075},{"tag_id":46167,"sort_order":2,"person_id":54099}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-07-08T18:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00\n\n\n","media":[],"title":"Friends of Bill W","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00","updated_timestamp":{"seconds":1718771079,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T04:24:39Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249486"}],"end":"2024-08-10T01:00:00.000-0000","id":54490,"tag_ids":[46364,46401],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W301","hotel":"","short_name":"W301","id":46295},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-06-19T04:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Heather Adkins will pull from over 25 years of experience, including responding to major security incidents that impacted national security, to detail how the threat landscape has evolved into what it is today with the introduction of AI. She'll provide lessons learned by the industry in applying AI for security over the years, and explain how AI can be used in arming cyber defenders tasked with protecting the critical infrastructure we rely upon every day.\n\n\n","media":[],"title":"No Time for Complacency: The Stakes of AI in Cybersecurity","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:15:00Z","end_timestamp":{"seconds":1723248900,"nanoseconds":0},"android_description":"Heather Adkins will pull from over 25 years of experience, including responding to major security incidents that impacted national security, to detail how the threat landscape has evolved into what it is today with the introduction of AI. She'll provide lessons learned by the industry in applying AI for security over the years, and explain how AI can be used in arming cyber defenders tasked with protecting the critical infrastructure we rely upon every day.","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[56130,56129],"conference_id":133,"event_ids":[56772,56773],"name":"Heather Adkins","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Vice President of Security Engineering"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/argvee"},{"description":"","title":"Twitter (@argvee)","sort_order":0,"url":"https://twitter.com/argvee"}],"media":[],"id":56515,"title":"Vice President of Security Engineering at Google"}],"begin_tsz":"2024-08-09T23:55:00Z","timeband_id":1147,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-10T00:15:00.000-0000","id":56773,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723247700,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56515}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-09T23:55:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this presentation, we explore the integration of chatbots and large language models (LLMs) like ChatGPT in cybersecurity. We begin by explaining chatbots and LLMs, their operation, and their relevance to cybersecurity. We'll discuss practical applications on both defensive and offensive sides. Defensively, chatbots can automate tasks such as log parsing, web scraping, and data analysis, and aid in educating team members on complex security concepts. Offensively, chatbots can be employed for social engineering, phishing simulations, and automating attack techniques. Real-world examples demonstrate how ChatGPT supports security engineering by generating Python scripts, creating cybersecurity content, and assisting with complex projects. By the end, you'll understand the potential of chatbots and LLMs in enhancing cybersecurity workflows.\n\n\n","media":[],"title":"Chatbots for Cybersecurity","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"In this presentation, we explore the integration of chatbots and large language models (LLMs) like ChatGPT in cybersecurity. We begin by explaining chatbots and LLMs, their operation, and their relevance to cybersecurity. We'll discuss practical applications on both defensive and offensive sides. Defensively, chatbots can automate tasks such as log parsing, web scraping, and data analysis, and aid in educating team members on complex security concepts. Offensively, chatbots can be employed for social engineering, phishing simulations, and automating attack techniques. Real-world examples demonstrate how ChatGPT supports security engineering by generating Python scripts, creating cybersecurity content, and assisting with complex projects. By the end, you'll understand the potential of chatbots and LLMs in enhancing cybersecurity workflows.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55306,55904,55965,55957],"conference_id":133,"event_ids":[56573,56581,55696,56491],"name":"Lenin Alevski","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Security Engineer"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/alevsk/"},{"description":"","title":"Twitter (@alevsk)","sort_order":0,"url":"https://twitter.com/alevsk"},{"description":"","title":"Website","sort_order":0,"url":"https://www.alevsk.com/"}],"media":[],"id":55862,"title":"Security Engineer at Google"}],"begin_tsz":"2024-08-09T23:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":56581,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723246200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55862}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-09T23:30:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come learn about Meshtastic, the long-range, low-power, encrypted off-grid messaging protocol. We'll be setting up our Meshtastic Nuggets, going over the setup options, and exploring the advanced options that make Meshtastic more useful. We'll cover setting encryption, choosing a device role, and connecting over serial, web, and bluetooth. We'll also look at some of the optional modules, like broadcasting sensor telemetry data or adding a GPS.\n\n\n","media":[],"title":"Meshtastic Meetup","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Come learn about Meshtastic, the long-range, low-power, encrypted off-grid messaging protocol. We'll be setting up our Meshtastic Nuggets, going over the setup options, and exploring the advanced options that make Meshtastic more useful. We'll cover setting encryption, choosing a device role, and connecting over serial, web, and bluetooth. We'll also look at some of the optional modules, like broadcasting sensor telemetry data or adding a GPS.","updated_timestamp":{"seconds":1722645221,"nanoseconds":0},"speakers":[{"content_ids":[55930,55931,55932,55933,55934,55935,55936,55937,55938,55939],"conference_id":133,"event_ids":[56521,56522,56523,56524,56525,56526,56527,56528,56529,56530],"name":"Kody K","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56287}],"begin_tsz":"2024-08-09T23:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:41Z","links":[{"label":"Purchase/Pre-Register","type":"link","url":"https://retia.io/products/meshtastic-meetup"}],"end":"2024-08-10T01:00:00.000-0000","id":56524,"tag_ids":[46383,46429,46734],"village_id":null,"begin_timestamp":{"seconds":1723246200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56287}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T23:30:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Winners of Day One announced and prizes given out\n\n\n","media":[],"title":"Payment Village CTF Day One Results","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"Winners of Day One announced and prizes given out","updated_timestamp":{"seconds":1722356387,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T23:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T16:19:47Z","links":[{"label":"More Info","type":"link","url":"https://www.paymentvillage.org/challenges"}],"end":"2024-08-10T00:00:00.000-0000","id":56086,"tag_ids":[46386,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723246200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-09T23:30:00.000-0000","updated":"2024-07-30T16:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The submitted talk will include the intro technical details of Meshtastic. However, the majority of this talk is aimed at the planning, mapping, business and personal contacts of site owners (and the headaches involved), success and failures of our project and node builds. As well as some advanced settings to hide your node deployments in some creative ways. More of a how to build out your mesh network rather than a technical deep dive.\n\n\n","media":[],"title":"Meshtastic Adventures: Triumphs, Tribulations, and Total Mesh-ups.","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:25:00Z","end_timestamp":{"seconds":1723249500,"nanoseconds":0},"android_description":"The submitted talk will include the intro technical details of Meshtastic. However, the majority of this talk is aimed at the planning, mapping, business and personal contacts of site owners (and the headaches involved), success and failures of our project and node builds. As well as some advanced settings to hide your node deployments in some creative ways. More of a how to build out your mesh network rather than a technical deep dive.","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55452],"conference_id":133,"event_ids":[55877],"name":"m1ddl3w4r3","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@anonymousperp)","sort_order":0,"url":"https://twitter.com/anonymousperp"}],"media":[],"id":55992}],"begin_tsz":"2024-08-09T23:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-10T00:25:00.000-0000","id":55877,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723246200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55992}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-09T23:30:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"James \"Jimmy\" Donaldson, better known by his online handle Mr. Beast, is the most successful YouTuber of all time. The digital superstar has often spoken about how learning to make digital content with a group was the reason he was able to grow so quickly. By collaborating with a small cohort of people who shared his passion, each individual was able to not only learn from one another's unique skills, but most importantly, they learned from each other's failures and made corrections to avoid those pitfalls themselves. This workshop is designed to help you learn to apply this same principle to Bug Bounty Hunting and grow exponentially faster than you can on your own.\r\n\r\nAfter sharing some success stories from his own journey, Harrison Richardson (rs0n) will lead the audience in forming small bug bounty hunting groups optimized for success. Attendees will be grouped based on their technical skills, bug bounty experience, and work experience to build an effective cohort. Next, rs0n will guide each group in selecting a public Bug Bounty Program based on their combined skills and will coach the groups individually on working together to find and report bugs. Special emphasis will be placed on learning to take essential notes and build a custom hunting methodology that works for you and your team. Finally, rs0n will host a live Q&A session to answer any \"burning\" questions the participants have about bug bounty hunting and/or transitioning to a career of Application Security.\r\n\r\nThere have been massive strides made in the bug bounty industry over the past few years, but one problem continues to persist. Researchers at all levels view other bug bounty hunters as competition who will steal their techniques. The goal of this workshop is not only to teach the skills needed to effectively collaborate on bug bounty programs, but also to demonstrate the immense value of collaboration when learning offensive security.\n\n\n","media":[],"title":"LFG! Forming a Bug Bounty Hunting Party","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"James \"Jimmy\" Donaldson, better known by his online handle Mr. Beast, is the most successful YouTuber of all time. The digital superstar has often spoken about how learning to make digital content with a group was the reason he was able to grow so quickly. By collaborating with a small cohort of people who shared his passion, each individual was able to not only learn from one another's unique skills, but most importantly, they learned from each other's failures and made corrections to avoid those pitfalls themselves. This workshop is designed to help you learn to apply this same principle to Bug Bounty Hunting and grow exponentially faster than you can on your own.\r\n\r\nAfter sharing some success stories from his own journey, Harrison Richardson (rs0n) will lead the audience in forming small bug bounty hunting groups optimized for success. Attendees will be grouped based on their technical skills, bug bounty experience, and work experience to build an effective cohort. Next, rs0n will guide each group in selecting a public Bug Bounty Program based on their combined skills and will coach the groups individually on working together to find and report bugs. Special emphasis will be placed on learning to take essential notes and build a custom hunting methodology that works for you and your team. Finally, rs0n will host a live Q&A session to answer any \"burning\" questions the participants have about bug bounty hunting and/or transitioning to a career of Application Security.\r\n\r\nThere have been massive strides made in the bug bounty industry over the past few years, but one problem continues to persist. Researchers at all levels view other bug bounty hunters as competition who will steal their techniques. The goal of this workshop is not only to teach the skills needed to effectively collaborate on bug bounty programs, but also to demonstrate the immense value of collaboration when learning offensive security.","updated_timestamp":{"seconds":1721438271,"nanoseconds":0},"speakers":[{"content_ids":[55178],"conference_id":133,"event_ids":[55566],"name":"Harrison Richardson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"@rs0n_live","sort_order":0,"url":"https://twitter.com/rs0n_live"}],"media":[],"id":54818}],"begin_tsz":"2024-08-09T23:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T01:17:51Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#lfg-forming-a-bug-bounty-hunting-party"}],"end":"2024-08-10T01:00:00.000-0000","id":55566,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723246200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54818}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-09T23:30:00.000-0000","updated":"2024-07-20T01:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Taking attendees through the full badge making process from ideation to ordering and producing at scale\n\n\n","media":[],"title":"So you wanna know how to make badges","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:30:00Z","end_timestamp":{"seconds":1723249800,"nanoseconds":0},"android_description":"Taking attendees through the full badge making process from ideation to ordering and producing at scale","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54586],"conference_id":133,"event_ids":[54961],"name":"c0ldbru","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Mastodon (@c0ldbru@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@c0ldbru"},{"description":"","title":"Twitter (@c0ldbru)","sort_order":0,"url":"https://twitter.com/c0ldbru"}],"media":[],"id":54328}],"begin_tsz":"2024-08-09T23:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T00:30:00.000-0000","id":54961,"tag_ids":[46169,46407,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723246200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54328}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-09T23:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Storytelling of a highly complex Red Team with multiple initial accesses only with Social Engineering. could anyone do it? Yes. \r\n\r\nUnder the format of Storytelling this presentation aims to take attendees first person through a RedTeam service with multiple initial accesses with 100% Social Engineering. How to present critical vulnerabilities in a public way without exposing the target company? This live comic will show us how, through one of its protagonists and with practical examples made with the attendees themselves. How does a professional Social Engineering unit work? What are the roles and tasks? How to emulate the reach of a cybercriminal gang in less than three weeks? This dojo aims to show the methodologies and techniques applied in the field to obtain relevant findings, even reaching critical infrastructure without raising alerts and in an extremely limited time. From the first meeting with the client, information gathering, vector selection, exploitation, pretexting to the physical intrusion, even reaching the datacenter. We will demonstrate how luck is no longer an element to consider when your work is SE from Monday to Friday and you have to perform this type of service every month. \n\n\n","media":[],"title":"Master Splinter’s initial physical access dojo: Storytelling of a complex adversarial attack","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"Storytelling of a highly complex Red Team with multiple initial accesses only with Social Engineering. could anyone do it? Yes. \r\n\r\nUnder the format of Storytelling this presentation aims to take attendees first person through a RedTeam service with multiple initial accesses with 100% Social Engineering. How to present critical vulnerabilities in a public way without exposing the target company? This live comic will show us how, through one of its protagonists and with practical examples made with the attendees themselves. How does a professional Social Engineering unit work? What are the roles and tasks? How to emulate the reach of a cybercriminal gang in less than three weeks? This dojo aims to show the methodologies and techniques applied in the field to obtain relevant findings, even reaching critical infrastructure without raising alerts and in an extremely limited time. From the first meeting with the client, information gathering, vector selection, exploitation, pretexting to the physical intrusion, even reaching the datacenter. We will demonstrate how luck is no longer an element to consider when your work is SE from Monday to Friday and you have to perform this type of service every month.","updated_timestamp":{"seconds":1722712977,"nanoseconds":0},"speakers":[{"content_ids":[54585],"conference_id":133,"event_ids":[54960],"name":"Daniel Isler","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Dreamlab Technologies Chile","title":"Team Leader, Fr1endly RATs"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/daniel-isler/"},{"description":"","title":"Twitter (@Fr1endlyRATs)","sort_order":0,"url":"https://twitter.com/Fr1endlyRATs"}],"media":[],"id":54367,"title":"Team Leader, Fr1endly RATs at Dreamlab Technologies Chile"}],"begin_tsz":"2024-08-09T23:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T19:22:57Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":54960,"tag_ids":[46367,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723246200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54367}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T23:30:00.000-0000","updated":"2024-08-03T19:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Introduction to industrial control systems: \r\n- What is ICS \r\n- Purdue model\r\n- How ICS is architected\r\n- Attacker view of ICS architecture\r\n- How to build your own ICS lab \r\n- Equipment \r\n- How to learn / conduct vulnerability research\r\n\n\n\n","media":[],"title":"ICS 101","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"Introduction to industrial control systems: \r\n- What is ICS \r\n- Purdue model\r\n- How ICS is architected\r\n- Attacker view of ICS architecture\r\n- How to build your own ICS lab \r\n- Equipment \r\n- How to learn / conduct vulnerability research","updated_timestamp":{"seconds":1720984389,"nanoseconds":0},"speakers":[{"content_ids":[54584,55984],"conference_id":133,"event_ids":[56606,54959],"name":"Bryson Bort ","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54266},{"content_ids":[54584,54574],"conference_id":133,"event_ids":[54949,54959],"name":"Tom VanNorman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ICS Village","title":""}],"links":[],"pronouns":null,"media":[],"id":54316,"title":"ICS Village"}],"begin_tsz":"2024-08-09T23:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-14T19:13:09Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":54959,"tag_ids":[46382,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723246200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54266},{"tag_id":46167,"sort_order":1,"person_id":54316}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-09T23:30:00.000-0000","updated":"2024-07-14T19:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Pawning countries at top level domain by just buying one specific domain name ‘wpad.tld’, come hear about this more the 25+ years old issue and the research from running eight different wpad.tld domains for more than one year that turn into more the 1+ billion DNS request and more then 600+GB of Apache log data with leaked information from the clients.\r\n\r\nThis is the story about how easy it is to just buying one domain and then many hundreds of thousands of Internet clients will get auto pwned without knowing it and start sending traffic to this man-in-the-middle setup there is bypassing encryption and can change content with the ability to get the clients to download harmful content and execute it.\r\n\r\nThe talk will explain the technical behind this issue and showcase why and how clients will be trick into this Man-in-the-middle trap.\r\n\r\n1. Description of wpad and the function, include listing the security issue. [link](https://en.wikipedia.org/wiki/Web_Proxy_Auto-Discovery_Protocol)\r\n2. Navigator Proxy Auto-Config File Format from March 1996 [link](https://web.archive.org/web/20070307124216/http://wp.netscape.com/eng/mozilla/2.0/relnotes/demo/proxy-live.html)\r\n3. INTERNET-DRAFT 1999 for Web Proxy Auto-Discovery Protocol [link](https://datatracker.ietf.org/doc/html/draft-ietf-wrec-wpad-01)\r\n4. Microsoft Security Bulletin MS99-054 Critical Vulnerability from 1999 [link](https://learn.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-054)\r\n5. Description of the wpad PAC javascript format. [link](https://findproxyforurl.com/)\r\n6. Pentesting tool with function as a WPAD Proxy Server to capture credentials from clients. [link](https://github.com/SpiderLabs/Responder)\r\n7. WPAD Name Collision Vulnerability [link](https://www.cisa.gov/news-events/alerts/2016/05/23/wpad-name-collision-vulnerability)\r\n8. WPAD Vulnerability [link](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10183) [link](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16996)\r\n9. ICANN - Root Cause Analysis - wpad.domain.name [link](https://www.icann.org/en/system/files/files/root-cause-analysis-wpad-18jan23-en.pdf)\r\n10. Windows proxy settings ultimate guide part – WPAD/PAC configuration file\r\n - [link](https://igorpuhalo.wordpress.com/2022/03/02/windows-proxy-settings-ultimate-guide-part-i-wininet-vs-winhttp/)\r\n - [link](https://igorpuhalo.wordpress.com/2022/07/15/windows-proxy-settings-ultimate-guide-part-ii-configuring-proxy-settings/)\r\n - [link](https://igorpuhalo.wordpress.com/2022/08/09/windows-proxy-settings-ultimate-guide-part-iii-wpad-pac-configuration-file/)\r\n\n\n\n","media":[],"title":"Why are you still, using my server for your internet access.","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T00:15:00Z","end_timestamp":{"seconds":1723248900,"nanoseconds":0},"android_description":"Pawning countries at top level domain by just buying one specific domain name ‘wpad.tld’, come hear about this more the 25+ years old issue and the research from running eight different wpad.tld domains for more than one year that turn into more the 1+ billion DNS request and more then 600+GB of Apache log data with leaked information from the clients.\r\n\r\nThis is the story about how easy it is to just buying one domain and then many hundreds of thousands of Internet clients will get auto pwned without knowing it and start sending traffic to this man-in-the-middle setup there is bypassing encryption and can change content with the ability to get the clients to download harmful content and execute it.\r\n\r\nThe talk will explain the technical behind this issue and showcase why and how clients will be trick into this Man-in-the-middle trap.\r\n\r\n1. Description of wpad and the function, include listing the security issue. [link](https://en.wikipedia.org/wiki/Web_Proxy_Auto-Discovery_Protocol)\r\n2. Navigator Proxy Auto-Config File Format from March 1996 [link](https://web.archive.org/web/20070307124216/http://wp.netscape.com/eng/mozilla/2.0/relnotes/demo/proxy-live.html)\r\n3. INTERNET-DRAFT 1999 for Web Proxy Auto-Discovery Protocol [link](https://datatracker.ietf.org/doc/html/draft-ietf-wrec-wpad-01)\r\n4. Microsoft Security Bulletin MS99-054 Critical Vulnerability from 1999 [link](https://learn.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-054)\r\n5. Description of the wpad PAC javascript format. [link](https://findproxyforurl.com/)\r\n6. Pentesting tool with function as a WPAD Proxy Server to capture credentials from clients. [link](https://github.com/SpiderLabs/Responder)\r\n7. WPAD Name Collision Vulnerability [link](https://www.cisa.gov/news-events/alerts/2016/05/23/wpad-name-collision-vulnerability)\r\n8. WPAD Vulnerability [link](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10183) [link](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16996)\r\n9. ICANN - Root Cause Analysis - wpad.domain.name [link](https://www.icann.org/en/system/files/files/root-cause-analysis-wpad-18jan23-en.pdf)\r\n10. Windows proxy settings ultimate guide part – WPAD/PAC configuration file\r\n - [link](https://igorpuhalo.wordpress.com/2022/03/02/windows-proxy-settings-ultimate-guide-part-i-wininet-vs-winhttp/)\r\n - [link](https://igorpuhalo.wordpress.com/2022/07/15/windows-proxy-settings-ultimate-guide-part-ii-configuring-proxy-settings/)\r\n - [link](https://igorpuhalo.wordpress.com/2022/08/09/windows-proxy-settings-ultimate-guide-part-iii-wpad-pac-configuration-file/)","updated_timestamp":{"seconds":1720462754,"nanoseconds":0},"speakers":[{"content_ids":[54469],"conference_id":133,"event_ids":[54842],"name":"Thomas Boejstrup Johansen","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/thomas-b%C3%B8jstrup-johansen-3b45b44/"},{"description":"","title":"Twitter (@ToomsDK)","sort_order":0,"url":"https://twitter.com/ToomsDK"}],"media":[],"id":54169}],"begin_tsz":"2024-08-09T23:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:19:14Z","links":[],"end":"2024-08-10T00:15:00.000-0000","id":54842,"tag_ids":[46166,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723246200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54169}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-09T23:30:00.000-0000","updated":"2024-07-08T18:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Knowing where and how your mobile and IoT devices communicate on the Internet is essential for ensuring privacy and security.\r\n\r\nIn the past, it has been easy to follow their communication through a WIFI connection that you control. However, your devices are becoming more locked down and utilize mobile networks such as 4G and 5G for communication. As the devices communicate directly through mobile network base stations operated by Internet Service Providers (ISPs), tampering with or even monitoring their communication is outside your reach.\r\n\r\nWhile it is possible to set up a private base station, it requires expensive components and is hard to operate. However, many ISPs have begun offering private Access Point Names (APNs) to allow you to have a private network inside the ISP infrastructure.\r\n\r\nThis talk will show how you can affordably leverage ISP-operated mobile networks and their private APN services to control your mobile devices' network traffic. This technique lets you inspect, filter, and tamper with your mobile devices' IP traffic for offensive and defensive cyber security needs, such as penetration testing IoT devices or monitoring mobile device endpoints for malicious traffic.\r\n\r\n- [link](https://librecellular.org/)\r\n- Janne Taponen - Economizing Mobile Network Warfare: Budget-Friendly Baseband Fuzzing - T2 2024 Conference\r\n- XiaoHuiHui - All the 4G Modules Could Be Hacked - DEF CON 27 Conference [link](https://www.youtube.com/watch?v=OORUkEsannA)\n\n\n","media":[],"title":"Leveraging private APNs for mobile network traffic analysis","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T00:15:00Z","end_timestamp":{"seconds":1723248900,"nanoseconds":0},"android_description":"Knowing where and how your mobile and IoT devices communicate on the Internet is essential for ensuring privacy and security.\r\n\r\nIn the past, it has been easy to follow their communication through a WIFI connection that you control. However, your devices are becoming more locked down and utilize mobile networks such as 4G and 5G for communication. As the devices communicate directly through mobile network base stations operated by Internet Service Providers (ISPs), tampering with or even monitoring their communication is outside your reach.\r\n\r\nWhile it is possible to set up a private base station, it requires expensive components and is hard to operate. However, many ISPs have begun offering private Access Point Names (APNs) to allow you to have a private network inside the ISP infrastructure.\r\n\r\nThis talk will show how you can affordably leverage ISP-operated mobile networks and their private APN services to control your mobile devices' network traffic. This technique lets you inspect, filter, and tamper with your mobile devices' IP traffic for offensive and defensive cyber security needs, such as penetration testing IoT devices or monitoring mobile device endpoints for malicious traffic.\r\n\r\n- [link](https://librecellular.org/)\r\n- Janne Taponen - Economizing Mobile Network Warfare: Budget-Friendly Baseband Fuzzing - T2 2024 Conference\r\n- XiaoHuiHui - All the 4G Modules Could Be Hacked - DEF CON 27 Conference [link](https://www.youtube.com/watch?v=OORUkEsannA)","updated_timestamp":{"seconds":1720462702,"nanoseconds":0},"speakers":[{"content_ids":[54468],"conference_id":133,"event_ids":[54841],"name":"Aapo Oksman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Juurin Oy","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/AapoOksman"}],"media":[],"id":54203,"title":"Founder at Juurin Oy"}],"begin_tsz":"2024-08-09T23:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:18:22Z","links":[],"end":"2024-08-10T00:15:00.000-0000","id":54841,"tag_ids":[46166,46169,46419,46880],"village_id":null,"begin_timestamp":{"seconds":1723246200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54203}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-09T23:30:00.000-0000","updated":"2024-07-08T18:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A comprehensive presentation on the evolving landscape of elections in Maricopa County since the continuous 2020 Presidential Election. We will begin with an introduction to Maricopa County, highlighting its demographic and political significance. Following this, we will outline the key dates and events in the 2024 election calendar, ensuring you are well-prepared for the upcoming electoral cycle. Delving into the voting methods available to Maricopa residents, including in-person, mail-in, and early voting options, emphasizing accessibility and convenience we will explore major changes implemented since the 2020 elections.  Focusing on improvements in technology, security, and voter engagement, and reflect on the critical lessons learned from the 2022 elections that have shaped current practices and policies.Looking ahead to the 2024 elections, we will provide an overview of anticipated challenges and opportunities for voter participation. Security is paramount, and we will detail the physical security enhancements made at the voting tabulation center, as well as the strategies and protocols in place for effective coordination with law enforcement. Understanding and mitigating insider threats is essential, and we will cover the measures taken to protect against internal risks. We will also review recent statutory changes affecting elections and their implications for voters and election officials. Finally, we will highlight the importance of social media training for election staff to combat misinformation and engage with the community effectively. Join us for this informative session to gain a deeper understanding of Maricopa County’s election processes and the continuous efforts to enhance transparency, security, and voter confidence.\n\n\n","media":[],"title":"Maricopa County -Preparing for the 2024 Elections Cycle","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"A comprehensive presentation on the evolving landscape of elections in Maricopa County since the continuous 2020 Presidential Election. We will begin with an introduction to Maricopa County, highlighting its demographic and political significance. Following this, we will outline the key dates and events in the 2024 election calendar, ensuring you are well-prepared for the upcoming electoral cycle. Delving into the voting methods available to Maricopa residents, including in-person, mail-in, and early voting options, emphasizing accessibility and convenience we will explore major changes implemented since the 2020 elections.  Focusing on improvements in technology, security, and voter engagement, and reflect on the critical lessons learned from the 2022 elections that have shaped current practices and policies.Looking ahead to the 2024 elections, we will provide an overview of anticipated challenges and opportunities for voter participation. Security is paramount, and we will detail the physical security enhancements made at the voting tabulation center, as well as the strategies and protocols in place for effective coordination with law enforcement. Understanding and mitigating insider threats is essential, and we will cover the measures taken to protect against internal risks. We will also review recent statutory changes affecting elections and their implications for voters and election officials. Finally, we will highlight the importance of social media training for election staff to combat misinformation and engage with the community effectively. Join us for this informative session to gain a deeper understanding of Maricopa County’s election processes and the continuous efforts to enhance transparency, security, and voter confidence.","updated_timestamp":{"seconds":1723183538,"nanoseconds":0},"speakers":[{"content_ids":[56190],"conference_id":133,"event_ids":[56844],"name":"Jason Butryn","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/company/maricopa-county/"},{"description":"","title":"Twitter (@recordersoffice)","sort_order":0,"url":"https://twitter.com/recordersoffice"},{"description":"","title":"Website","sort_order":0,"url":"https://recorder.maricopa.gov/"}],"media":[],"id":56573},{"content_ids":[56190,56202],"conference_id":133,"event_ids":[56844,56856],"name":"Nate Young","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/company/maricopa-county/"},{"description":"","title":"Twitter (@recordersoffice)","sort_order":0,"url":"https://twitter.com/recordersoffice"},{"description":"","title":"Website","sort_order":0,"url":"https://recorder.maricopa.gov/"}],"media":[],"id":56579}],"begin_tsz":"2024-08-09T23:15:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:05:38Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":56844,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723245300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56579},{"tag_id":46167,"sort_order":4,"person_id":56573}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-09T23:15:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The ethical and secure disclosure of vulnerabilities in AI has emerged as a pivotal challenge, compounded by the need to address biases and misinformation that often cloud the true nature of these vulnerabilities. This talk delves into the intricate dynamics of vulnerability disclosure within AI, balancing transparency with security. We'll dissect the unique challenges AI presents, such as data bias exploitation and model manipulation, which can amplify the impact of vulnerabilities. Through a lens of real-world examples and recent disclosures, we'll navigate the complexities of responsible vulnerability management in AI. Our discussion will not only aim to shed light on these critical issues but also inspire a unified approach to refining disclosure processes. This concerted effort is vital for enhancing the integrity of AI systems and bolstering public trust in their use.\n\n\n","media":[],"title":"I've got 99 problems but a prompt injection ain't watermelon","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:45:00Z","end_timestamp":{"seconds":1723247100,"nanoseconds":0},"android_description":"The ethical and secure disclosure of vulnerabilities in AI has emerged as a pivotal challenge, compounded by the need to address biases and misinformation that often cloud the true nature of these vulnerabilities. This talk delves into the intricate dynamics of vulnerability disclosure within AI, balancing transparency with security. We'll dissect the unique challenges AI presents, such as data bias exploitation and model manipulation, which can amplify the impact of vulnerabilities. Through a lens of real-world examples and recent disclosures, we'll navigate the complexities of responsible vulnerability management in AI. Our discussion will not only aim to shed light on these critical issues but also inspire a unified approach to refining disclosure processes. This concerted effort is vital for enhancing the integrity of AI systems and bolstering public trust in their use.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[54623,55698,55989],"conference_id":133,"event_ids":[56611,56229,54997],"name":"Chloé Messdaghi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"HiddenLayer","title":"Head of Threat Intelligence"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@ChloeMessdaghi)","sort_order":0,"url":"https://twitter.com/ChloeMessdaghi"}],"media":[],"id":54278,"title":"Head of Threat Intelligence at HiddenLayer"},{"content_ids":[54623,55878,55698,55989],"conference_id":133,"event_ids":[56611,56229,56463,54997],"name":"Kasimir Schulz","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"HiddenLayer","title":"Principal Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@abraxus7331)","sort_order":0,"url":"https://twitter.com/abraxus7331"}],"media":[],"id":54282,"title":"Principal Security Researcher at HiddenLayer"}],"begin_tsz":"2024-08-09T23:15:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T23:45:00.000-0000","id":56229,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723245300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54278},{"tag_id":46167,"sort_order":6,"person_id":54282}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-09T23:15:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AIxCC Collaborator Panel Discussion\n\n\n","media":[],"title":"Industry Panel: The Modern Evolution of LLMs","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:45:00Z","end_timestamp":{"seconds":1723247100,"nanoseconds":0},"android_description":"AIxCC Collaborator Panel Discussion","updated_timestamp":{"seconds":1722920674,"nanoseconds":0},"speakers":[{"content_ids":[56130,56129],"conference_id":133,"event_ids":[56772,56773],"name":"Heather Adkins","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Vice President of Security Engineering"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/argvee"},{"description":"","title":"Twitter (@argvee)","sort_order":0,"url":"https://twitter.com/argvee"}],"media":[],"id":56515,"title":"Vice President of Security Engineering at Google"},{"content_ids":[56135,56129],"conference_id":133,"event_ids":[56772,56778],"name":"Jason Clinton","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Anthropic","title":"Chief Information Security Officer"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/jason-d-clinton/"},{"description":"","title":"Twitter (@JasonDClinton)","sort_order":0,"url":"https://twitter.com/JasonDClinton"}],"media":[],"id":56516,"title":"Chief Information Security Officer at Anthropic"},{"content_ids":[56131,56133,56129],"conference_id":133,"event_ids":[56772,56774,56776],"name":"Matt Knight","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"OpenAI","title":"Head of Security"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/matthewfknight/"},{"description":"","title":"Twitter (@embeddedsec)","sort_order":0,"url":"https://x.com/embeddedsec"}],"media":[],"id":56517,"title":"Head of Security at OpenAI"},{"content_ids":[56129],"conference_id":133,"event_ids":[56772],"name":"Dr. Matt Turek","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DARPA","title":"Deputy Office Director for DARPA's Information Innovation Office (I2O)"}],"pronouns":"he/him","links":[{"description":"","title":"DARPA Profile","sort_order":0,"url":"https://www.darpa.mil/staff/dr-matt-turek"},{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/matt-turek-0b2b665"}],"media":[],"id":56519,"title":"Deputy Office Director for DARPA's Information Innovation Office (I2O) at DARPA"},{"content_ids":[56129],"conference_id":133,"event_ids":[56772],"name":"David Weston","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":""}],"links":[],"pronouns":null,"media":[],"id":56533,"title":"Microsoft"}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-06T05:04:34Z","links":[],"end":"2024-08-09T23:45:00.000-0000","id":56772,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46488,"sort_order":2,"person_id":56519},{"tag_id":46487,"sort_order":4,"person_id":56515},{"tag_id":46487,"sort_order":6,"person_id":56516},{"tag_id":46487,"sort_order":8,"person_id":56517},{"tag_id":46487,"sort_order":10,"person_id":56533}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-08-06T05:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We’ll walk through the structures of a PDF, analyzing each part of it, demonstrating how Threat Actors work in the inclusion of malicious components in the structures of the file, in addition to demonstrating the collection of IOC(Indicators of Attack)s and how to build IOA(Indicators of Attack) for analysis by behavior, to anticipate new attacks. Demonstrating structures in the binaries as a PDF(header/ body/cross-reference table/trailer) and performing a comparison of malicious PDFs, explaining how each session works within a binary, what are the techniques used such as packers, obfuscation with JavaScript (PDF) and more, explaining too about some anti-disassembly techniques, demonstrating as a is the action of these malware’s and where it would be possible to “include” a malicious code.\n\n\n","media":[],"title":"Structural Insights: PDF Analysis for Detecting and Defending Against Threats","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:30:00Z","end_timestamp":{"seconds":1723246200,"nanoseconds":0},"android_description":"We’ll walk through the structures of a PDF, analyzing each part of it, demonstrating how Threat Actors work in the inclusion of malicious components in the structures of the file, in addition to demonstrating the collection of IOC(Indicators of Attack)s and how to build IOA(Indicators of Attack) for analysis by behavior, to anticipate new attacks. Demonstrating structures in the binaries as a PDF(header/ body/cross-reference table/trailer) and performing a comparison of malicious PDFs, explaining how each session works within a binary, what are the techniques used such as packers, obfuscation with JavaScript (PDF) and more, explaining too about some anti-disassembly techniques, demonstrating as a is the action of these malware’s and where it would be possible to “include” a malicious code.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55303,55493,55964],"conference_id":133,"event_ids":[56580,55693,55922],"name":"Filipi Pires","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"senhasegura","title":"Security and Threat Researcher and Cybersecurity Advocate"},{"organization":"Black&White Technology","title":"Founder"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/filipipires/"},{"description":"","title":"Twitter (@FilipiPires)","sort_order":0,"url":"https://twitter.com/FilipiPires"},{"description":"","title":"Website","sort_order":0,"url":"https://filipipires.com"}],"media":[],"id":55857,"title":"Founder at Black&White Technology"}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-09T23:30:00.000-0000","id":56580,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55857}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is an AMA/Podcast that will be recorded on-site.\n\n\n","media":[],"title":"Interview - the gumshoo, Hosted by Ram","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"This is an AMA/Podcast that will be recorded on-site.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55905],"conference_id":133,"event_ids":[56492],"name":"Ram","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56261},{"content_ids":[55905],"conference_id":133,"event_ids":[56492],"name":"the gumshoo","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56283}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":56492,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56283},{"tag_id":46167,"sort_order":4,"person_id":56261}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Christina will speak to the latest MITRE ATLAS community efforts focused on capturing and sharing cross community data on real world AI incidents, expanding the community’s data on vulnerabilities that can arise when using open-source AI models or data, especially for vulnerabilities that fall outside of the scope of CVE/CWE, and developing mitigations to defend against these AI security threats and vulnerabilities.\r\n\r\nMITRE ATLAS () is a public knowledge base of adversary tactics and techniques based on real-world attack observations and realistic demonstrations from artificial intelligence (AI) red teams and security groups. There are a growing number of vulnerabilities in AI-enabled systems as the incorporation of AI increases the attack surfaces of existing systems beyond those of traditional cyberattacks. We developed ATLAS to raise community awareness and readiness for these unique threats, vulnerabilities, and risks in the broader AI assurance landscape.\n\n\n","media":[],"title":"AI Village Day 1 Keynote – Poison, injection, evasion, oh my! Grounding AI security threats in data driven reality","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"Christina will speak to the latest MITRE ATLAS community efforts focused on capturing and sharing cross community data on real world AI incidents, expanding the community’s data on vulnerabilities that can arise when using open-source AI models or data, especially for vulnerabilities that fall outside of the scope of CVE/CWE, and developing mitigations to defend against these AI security threats and vulnerabilities.\r\n\r\nMITRE ATLAS () is a public knowledge base of adversary tactics and techniques based on real-world attack observations and realistic demonstrations from artificial intelligence (AI) red teams and security groups. There are a growing number of vulnerabilities in AI-enabled systems as the incorporation of AI increases the attack surfaces of existing systems beyond those of traditional cyberattacks. We developed ATLAS to raise community awareness and readiness for these unique threats, vulnerabilities, and risks in the broader AI assurance landscape.","updated_timestamp":{"seconds":1722628416,"nanoseconds":0},"speakers":[{"content_ids":[55892],"conference_id":133,"event_ids":[56479],"name":"Christina Liaghati","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56260}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:53:36Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":56479,"tag_ids":[46368,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56260}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-08-02T19:53:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk explores security issues in quantum computing, identifying attack vectors on major platforms like IBM and IonQ. We examine vulnerabilities in popular quantum software development kits (SDKs) and workflows, highlighting flaws in authentication token management and supply chain attacks that inject malicious circuits.\n\nWe also review existing literature on vulnerabilities in Quantum Processing Units (QPUs) and present new attacks that exploit qubit reset quality to infer results from prior computations and tamper with subsequent ones. Additionally, we demonstrate how crosstalk can inject faults into circuits run by other tenants on the same QPU.\n\nQuantum computing holds immense potential, but so does the responsibility to secure it. By understanding and addressing these vulnerabilities today, we can build a more secure quantum ecosystem.\n\n\n","media":[],"title":"Attack Vectors of Quantum Computers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"This talk explores security issues in quantum computing, identifying attack vectors on major platforms like IBM and IonQ. We examine vulnerabilities in popular quantum software development kits (SDKs) and workflows, highlighting flaws in authentication token management and supply chain attacks that inject malicious circuits.\n\nWe also review existing literature on vulnerabilities in Quantum Processing Units (QPUs) and present new attacks that exploit qubit reset quality to infer results from prior computations and tamper with subsequent ones. Additionally, we demonstrate how crosstalk can inject faults into circuits run by other tenants on the same QPU.\n\nQuantum computing holds immense potential, but so does the responsibility to secure it. By understanding and addressing these vulnerabilities today, we can build a more secure quantum ecosystem.","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[{"content_ids":[55846],"conference_id":133,"event_ids":[56433],"name":"Sorin Boloș","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56224},{"content_ids":[55846],"conference_id":133,"event_ids":[56433],"name":"Adrian Coleșa","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56225}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":56433,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56224},{"tag_id":46167,"sort_order":4,"person_id":56225}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Are you looking to install or upgrade a physical access control system? Having installed, repaired and upgraded dozens of large and small access control system installations, I have found that many vendors install a minimum viable product that can leave your new system unreliable and trivial to bypass.\r\n\r\nThis session will give you the tools and knowledge you need to work with your installer to implement your system using best practices in the following areas:\r\n\r\n- Wiring, supervision, encryption and tamper-resistance\r\n- Choosing clone-resistant badges and securely programming badge readers\r\n- Securing controller equipment and managing issued badges\r\n- Maintaining the system for maximum security and uptime\n\n\n","media":[],"title":"Access Control done right the first time","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:30:00Z","end_timestamp":{"seconds":1723246200,"nanoseconds":0},"android_description":"Are you looking to install or upgrade a physical access control system? Having installed, repaired and upgraded dozens of large and small access control system installations, I have found that many vendors install a minimum viable product that can leave your new system unreliable and trivial to bypass.\r\n\r\nThis session will give you the tools and knowledge you need to work with your installer to implement your system using best practices in the following areas:\r\n\r\n- Wiring, supervision, encryption and tamper-resistance\r\n- Choosing clone-resistant badges and securely programming badge readers\r\n- Securing controller equipment and managing issued badges\r\n- Maintaining the system for maximum security and uptime","updated_timestamp":{"seconds":1722564561,"nanoseconds":0},"speakers":[{"content_ids":[54625,55797],"conference_id":133,"event_ids":[56346,54999],"name":"Tim Clevenger","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SailPoint","title":"Cybersecurity Network Engineer"}],"links":[],"pronouns":null,"media":[],"id":54335,"title":"Cybersecurity Network Engineer at SailPoint"}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T02:09:21Z","links":[],"end":"2024-08-09T23:30:00.000-0000","id":56346,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":4,"person_id":54335}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-08-02T02:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This panel will consist of leaders and practitioners from multiple areas of the security and hacking space, working together to unite the Red Team and the Blue Team.\n\n\n","media":[],"title":"Blue Goes Purple: Purple Teams for Fun and Profit (A BTV & RTV Panel)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"This panel will consist of leaders and practitioners from multiple areas of the security and hacking space, working together to unite the Red Team and the Blue Team.","updated_timestamp":{"seconds":1722814527,"nanoseconds":0},"speakers":[{"content_ids":[54652,55750],"conference_id":133,"event_ids":[56275,55025],"name":"Catherine J. Ullman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"University at Buffalo","title":"Principle Technology Architect, Security"}],"links":[],"pronouns":null,"media":[],"id":54297,"title":"Principle Technology Architect, Security at University at Buffalo"},{"content_ids":[55272,55750],"conference_id":133,"event_ids":[55662,56275],"name":"Ralph May","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Black Hills Information Security (BHIS)","title":"Security Analyst and Penetration Tester"}],"links":[],"pronouns":null,"media":[],"id":55826,"title":"Security Analyst and Penetration Tester at Black Hills Information Security (BHIS)"},{"content_ids":[55750],"conference_id":133,"event_ids":[56275],"name":"Jake Williams","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56152},{"content_ids":[55750],"conference_id":133,"event_ids":[56275],"name":"Meaghan Neill","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"EY Canada","title":"Threat Hunter and DFIR Analyst"}],"links":[],"pronouns":null,"media":[],"id":56165,"title":"Threat Hunter and DFIR Analyst at EY Canada"},{"content_ids":[55750],"conference_id":133,"event_ids":[56275],"name":"Matthew Nickerson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56593}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-04T23:35:27Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":56275,"tag_ids":[46373,46392,46511],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54297},{"tag_id":46167,"sort_order":4,"person_id":56152},{"tag_id":46167,"sort_order":6,"person_id":56165},{"tag_id":46167,"sort_order":8,"person_id":55826},{"tag_id":46167,"sort_order":10,"person_id":56593}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-08-04T23:35:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This presentation is a practical introduction into 802.11ah HaLow WiFi. It starts with a brief description of the IEEE 802.11ah standard, history, and specification and includes a short survey of currently available 802.11ah chipsets and devices. One of these, the TaiXin TXW8301 chipset, is described in detail including hardware, firmware, configuration, and software tools. The radio waveform characteristics are presented as is information in using SDRs to capture and decode the WiFi frames. The presentation concludes with a brief description of the practical uses of 802.11ah devices.\n\n\n","media":[],"title":"A Short Introduction to 802.11ah Long Range WiFi HaLow with TaiXin TXW8301 devices","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:25:00Z","end_timestamp":{"seconds":1723245900,"nanoseconds":0},"android_description":"This presentation is a practical introduction into 802.11ah HaLow WiFi. It starts with a brief description of the IEEE 802.11ah standard, history, and specification and includes a short survey of currently available 802.11ah chipsets and devices. One of these, the TaiXin TXW8301 chipset, is described in detail including hardware, firmware, configuration, and software tools. The radio waveform characteristics are presented as is information in using SDRs to capture and decode the WiFi frames. The presentation concludes with a brief description of the practical uses of 802.11ah devices.","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55451],"conference_id":133,"event_ids":[55876],"name":"Ronald Broberg","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Dark Wolf Solutions","title":""}],"pronouns":null,"links":[{"description":"","title":"Twitter (@noiq15)","sort_order":0,"url":"https://twitter.com/noiq15"}],"media":[],"id":55990,"title":"Dark Wolf Solutions"},{"content_ids":[55451],"conference_id":133,"event_ids":[55876],"name":"Robert Van Etta","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Dark Wolf Solutions","title":"Senior Penetration Tester"}],"links":[],"pronouns":null,"media":[],"id":55991,"title":"Senior Penetration Tester at Dark Wolf Solutions"}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-09T23:25:00.000-0000","id":55876,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55990},{"tag_id":46167,"sort_order":4,"person_id":55991}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the complex landscape of modern cybersecurity, identifying coordinated attacks within massive volumes of operational & security data is a formidable challenge. Security professionals often grapple with distinguishing these attacks from numerous false positives and isolated incidents. This talk will illuminate how data science can be harnessed to transform tons of ICS events, logs, and alerts into a bunch of clusters, a few kill chains, and fewer actionable insights, with open-source models.\r\n\r\nJoin us on a journey to enhance ICS security operations efficacy and efficiency.\r\n\r\nIn the intricate and ever-evolving landscape of modern cybersecurity, pinpointing coordinated attacks amid vast volumes of security data is an immensely challenging task. Security professionals constantly wrestle with distinguishing genuine threats from a sea of false positives and isolated incidents. This talk will shed light on how data science can be leveraged to transform an overwhelming number of events, logs, and alerts into manageable clusters, insightful kill chains, and actionable insights using open-source models.\r\n\r\nAttendees will gain a comprehensive understanding of the necessary steps to preprocess and normalize diverse data sources, map them to standardized threat models, and use AI-driven methods to contextualize and correlate security events. The session will also cover how to generate different types of tickets, such as false positive advisories, incident reports, and detailed attack stories, to streamline response efforts and enhance IT & OT security operations' overall efficacy and efficiency.\n\n\n","media":[],"title":"Correlating & contextualizing OT events/alerts/logs using weakly supervised AI","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:55:00Z","end_timestamp":{"seconds":1723247700,"nanoseconds":0},"android_description":"In the complex landscape of modern cybersecurity, identifying coordinated attacks within massive volumes of operational & security data is a formidable challenge. Security professionals often grapple with distinguishing these attacks from numerous false positives and isolated incidents. This talk will illuminate how data science can be harnessed to transform tons of ICS events, logs, and alerts into a bunch of clusters, a few kill chains, and fewer actionable insights, with open-source models.\r\n\r\nJoin us on a journey to enhance ICS security operations efficacy and efficiency.\r\n\r\nIn the intricate and ever-evolving landscape of modern cybersecurity, pinpointing coordinated attacks amid vast volumes of security data is an immensely challenging task. Security professionals constantly wrestle with distinguishing genuine threats from a sea of false positives and isolated incidents. This talk will shed light on how data science can be leveraged to transform an overwhelming number of events, logs, and alerts into manageable clusters, insightful kill chains, and actionable insights using open-source models.\r\n\r\nAttendees will gain a comprehensive understanding of the necessary steps to preprocess and normalize diverse data sources, map them to standardized threat models, and use AI-driven methods to contextualize and correlate security events. The session will also cover how to generate different types of tickets, such as false positive advisories, incident reports, and detailed attack stories, to streamline response efforts and enhance IT & OT security operations' overall efficacy and efficiency.","updated_timestamp":{"seconds":1721781657,"nanoseconds":0},"speakers":[{"content_ids":[54634,55759,55495,55348,56206,55557],"conference_id":133,"event_ids":[55740,56072,55924,56284,56860,55008],"name":"Ezz Tahoun","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ezzeldinadel/"}],"media":[],"id":54240}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T00:40:57Z","links":[],"end":"2024-08-09T23:55:00.000-0000","id":55740,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54240}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-24T00:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Kubernetes is an extremely popular, open source container orchestration system, that is used by organizations large and small. Kubernetes’s design philosophy leaves security to the system administrators, letting them pick and choose which security mechanisms they want to enable or disable. As such, it can leave Kubernetes deployments quite vulnerable.\n\nIn an attempt to abuse this fact, we began looking for potential exploitation avenues. Eventually, we were able to identify several vulnerabilities in different Kubernetes components that could enable a low privileged attacker to execute code, escalate privileges and exfiltrate data. We also found flaws in Kubernetes sidecar project: “gitsync”. These flaws will not be patched, meaning mitigation hinges only on the awareness of security personnel. \n\nIn this talk we will go through the methodology we used to find these kinds of vulnerabilities, share our thought process on how to exploit them and show how attackers can easily execute commands with SYSTEM privileges. We will also discuss Kubernetes’s design philosophy and how it can allow these types of opportunities.\n\n\n","media":[],"title":"Thinking Outside the Kube - Finding and Exploiting Command Injections in Kubernetes","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T23:50:00Z","end_timestamp":{"seconds":1723247400,"nanoseconds":0},"android_description":"Kubernetes is an extremely popular, open source container orchestration system, that is used by organizations large and small. Kubernetes’s design philosophy leaves security to the system administrators, letting them pick and choose which security mechanisms they want to enable or disable. As such, it can leave Kubernetes deployments quite vulnerable.\n\nIn an attempt to abuse this fact, we began looking for potential exploitation avenues. Eventually, we were able to identify several vulnerabilities in different Kubernetes components that could enable a low privileged attacker to execute code, escalate privileges and exfiltrate data. We also found flaws in Kubernetes sidecar project: “gitsync”. These flaws will not be patched, meaning mitigation hinges only on the awareness of security personnel. \n\nIn this talk we will go through the methodology we used to find these kinds of vulnerabilities, share our thought process on how to exploit them and show how attackers can easily execute commands with SYSTEM privileges. We will also discuss Kubernetes’s design philosophy and how it can allow these types of opportunities.","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55284],"conference_id":133,"event_ids":[55674],"name":"Tomer Peled","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@TomerPeled92)","sort_order":0,"url":"https://twitter.com/TomerPeled92"}],"media":[],"id":55836}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T23:50:00.000-0000","id":55674,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55836}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the world of cybersecurity, the kitchen is always hot, and at this year’s Defcon in Las Vegas, we’re cooking up something special in the Red Team Village. Our dish of the day? A deep dive into the exploitation of Electron applications, served with a side of humor and a dash of intrigue.\n\nElectron applications, while popular, have been found to have a soft underbelly. This talk will demonstrate how these applications can be abused to access directories protected by the Transparency, Consent, and Control (TCC) framework. We’ll also show how these applications can be manipulated to maintain persistence by inserting backdoors, effectively turning them into bridges for privilege escalation.\n\nWe’ll walk you through the anatomy of an Electron app, laying out the exploitation scenarios in detail. We’ll serve up a course of case studies, featuring apps that were once vulnerable but have since been patched, and those that remain vulnerable because their manufacturers do not consider these issues as vulnerabilities (let's see if after this talk they won't fix it). These examples will highlight the loopholes that both red team simulations and real attackers can exploit.\n\nOur menu will also include a discussion on the importance of hardening Electron applications. Without proper hardening, these apps can easily be used as access points for privilege escalation and backdoor implantation. We’ll present techniques that cater to the unique characteristics of some apps, which have diverse permissions in the system.\n\nFor dessert, we’ll delve into the more sinister side of these vulnerabilities. Some applications have entitlements that enable access to the camera and audio, which can be exploited to monitor victims. We’ll demonstrate how these entitlements can be abused, adding a chilling finish to our meal.\n\nThroughout the talk, we’ll be showcasing XX CVE’s that we’ve acquired, providing a real-world context to our discussion. We’ll also demonstrate two tools that we’ve created, which will add some spice to our presentation.\n\nSo, join us as we whip up a batch of Mac-n-Cheese, serving you delicious Electron techniques that will leave you hungry for more. This talk is a must-attend for anyone interested in understanding the potential vulnerabilities in Electron applications and how to exploit them. Bon appétit, Red Teamers!\n\n\n","media":[],"title":"Mac-n-Cheese: How to Cook Up Delicious Electron Techniques for Red Teamers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T23:50:00Z","end_timestamp":{"seconds":1723247400,"nanoseconds":0},"android_description":"In the world of cybersecurity, the kitchen is always hot, and at this year’s Defcon in Las Vegas, we’re cooking up something special in the Red Team Village. Our dish of the day? A deep dive into the exploitation of Electron applications, served with a side of humor and a dash of intrigue.\n\nElectron applications, while popular, have been found to have a soft underbelly. This talk will demonstrate how these applications can be abused to access directories protected by the Transparency, Consent, and Control (TCC) framework. We’ll also show how these applications can be manipulated to maintain persistence by inserting backdoors, effectively turning them into bridges for privilege escalation.\n\nWe’ll walk you through the anatomy of an Electron app, laying out the exploitation scenarios in detail. We’ll serve up a course of case studies, featuring apps that were once vulnerable but have since been patched, and those that remain vulnerable because their manufacturers do not consider these issues as vulnerabilities (let's see if after this talk they won't fix it). These examples will highlight the loopholes that both red team simulations and real attackers can exploit.\n\nOur menu will also include a discussion on the importance of hardening Electron applications. Without proper hardening, these apps can easily be used as access points for privilege escalation and backdoor implantation. We’ll present techniques that cater to the unique characteristics of some apps, which have diverse permissions in the system.\n\nFor dessert, we’ll delve into the more sinister side of these vulnerabilities. Some applications have entitlements that enable access to the camera and audio, which can be exploited to monitor victims. We’ll demonstrate how these entitlements can be abused, adding a chilling finish to our meal.\n\nThroughout the talk, we’ll be showcasing XX CVE’s that we’ve acquired, providing a real-world context to our discussion. We’ll also demonstrate two tools that we’ve created, which will add some spice to our presentation.\n\nSo, join us as we whip up a batch of Mac-n-Cheese, serving you delicious Electron techniques that will leave you hungry for more. This talk is a must-attend for anyone interested in understanding the potential vulnerabilities in Electron applications and how to exploit them. Bon appétit, Red Teamers!","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55283],"conference_id":133,"event_ids":[55673],"name":"Roberto Soares","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@espreto)","sort_order":0,"url":"https://twitter.com/espreto"}],"media":[],"id":55834}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T23:50:00.000-0000","id":55673,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55834}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Amid the Gen-AI revolution, notably through the rise of Large Language Models (LLMs), the cybersecurity landscape faces opportunities and challenges. These advanced AI models have successfully analyzed texts at unprecedented speeds, offering profound insights into vast data pools. However, this rapid technological growth has paved the way for sophisticated Gen-AI-powered cyber threats that exploit these systems' adaptable, polymorphic nature, outpacing traditional defenses.\r\n\r\nThis presentation seeks to empower red teamers by unveiling the potential of open-source Gen-AI as a formidable ally in cybersecurity. Focusing on practical application, we will guide participants through constructing their own Gen-AI-based \"co-pilot,\" leveraging LLMs to enhance vulnerability identification and defense mechanisms. \r\n\r\nAttendees will be introduced to the fundamentals of Gen-AI, including cost-effective strategies for fine-tuning LLMs using custom datasets drawn from pentest reports, bug bounties, and more. The discussion will extend to innovative, memory-efficient training methods such as LORA (Low-Rank Adaptation) and Quantized Low-Rank Adaptation (QLORA), making training an LLM on a modest single GPU setup feasible. \r\n\r\nDesigned for beginners with no prior AI experience, this talk aims to equip red teamers with powerful, open-source AI tools to accelerate vulnerability detection. By harnessing Gen-AI, cybersecurity professionals can stay one step ahead, identifying and mitigating potential threats at machine speed, ensuring they outpace adversaries in the ongoing cyber battle.\n\n\n","media":[],"title":"Building Your Red-Teaming Co-Pilot: Navigating the New Cyber Era with Pretrained Gen-AI","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T23:50:00Z","end_timestamp":{"seconds":1723247400,"nanoseconds":0},"android_description":"Amid the Gen-AI revolution, notably through the rise of Large Language Models (LLMs), the cybersecurity landscape faces opportunities and challenges. These advanced AI models have successfully analyzed texts at unprecedented speeds, offering profound insights into vast data pools. However, this rapid technological growth has paved the way for sophisticated Gen-AI-powered cyber threats that exploit these systems' adaptable, polymorphic nature, outpacing traditional defenses.\r\n\r\nThis presentation seeks to empower red teamers by unveiling the potential of open-source Gen-AI as a formidable ally in cybersecurity. Focusing on practical application, we will guide participants through constructing their own Gen-AI-based \"co-pilot,\" leveraging LLMs to enhance vulnerability identification and defense mechanisms. \r\n\r\nAttendees will be introduced to the fundamentals of Gen-AI, including cost-effective strategies for fine-tuning LLMs using custom datasets drawn from pentest reports, bug bounties, and more. The discussion will extend to innovative, memory-efficient training methods such as LORA (Low-Rank Adaptation) and Quantized Low-Rank Adaptation (QLORA), making training an LLM on a modest single GPU setup feasible. \r\n\r\nDesigned for beginners with no prior AI experience, this talk aims to equip red teamers with powerful, open-source AI tools to accelerate vulnerability detection. By harnessing Gen-AI, cybersecurity professionals can stay one step ahead, identifying and mitigating potential threats at machine speed, ensuring they outpace adversaries in the ongoing cyber battle.","updated_timestamp":{"seconds":1721595356,"nanoseconds":0},"speakers":[{"content_ids":[55282,55199],"conference_id":133,"event_ids":[55589,55672],"name":"Gaspard Baye","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"AI Researcher & Ph.D. Candidate"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/bayegaspard/"},{"description":"","title":"Twitter (@bayegaspard)","sort_order":0,"url":"https://twitter.com/bayegaspard"},{"description":"","title":"Website","sort_order":0,"url":"https://umassd.edu"}],"media":[],"id":55802,"title":"AI Researcher & Ph.D. Candidate"}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T20:55:56Z","links":[],"end":"2024-08-09T23:50:00.000-0000","id":55672,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55802}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-21T20:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The world is currently undergoing a rapid digital transformation sometimes referred to as the fourth industrial revolution. During this transformation, it is increasingly clear that many scientific fields are not prepared for this change. One specific area is agriculture. As the sector which creates global food supply, this critical infrastructure requires detailed assessment and research via newly developed technologies (Millett et al, 2019; Peccoud et al, 2018) . Despite its fundamental significance to modern civilization, many aspects of industrial agriculture have not yet adapted to the digital world. This is evident in the many vulnerabilities currently present within agricultural systems, as well as the lacking and fragmented nature of policy dictating cybersecurity stances– the field which intersects both cybersecurity and biosecurity to protect several areas within life sciences (Murch et al, 2018; Duncan et al, 2019; U.S. Department of Agriculture, 2022) . These looming oversights create dangers to advanced agricultural systems, which in turn poses risk to businesses, economies, and individuals. While there are various methods to reduce these risk factors, they ultimately depend on the careful consideration of cyberbiosecurity (CBS) by all involved. This includes the system developers, equipment engineers, and especially the end users - all of us. A conscientious team-effort can work to diminish risks and ultimately provide a safer environment for advanced agriculture and all who depend on it. This analysis explores numerous vulnerabilities within the system of advanced agriculture, discusses potential solutions to the escalating risks they present, and considers the achievable future of an advanced agricultural system which further implements the role of CBS.\n\n\n","media":[],"title":"The Implications of Cyberbiosecurity in Advanced Agricultural Systems","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"The world is currently undergoing a rapid digital transformation sometimes referred to as the fourth industrial revolution. During this transformation, it is increasingly clear that many scientific fields are not prepared for this change. One specific area is agriculture. As the sector which creates global food supply, this critical infrastructure requires detailed assessment and research via newly developed technologies (Millett et al, 2019; Peccoud et al, 2018) . Despite its fundamental significance to modern civilization, many aspects of industrial agriculture have not yet adapted to the digital world. This is evident in the many vulnerabilities currently present within agricultural systems, as well as the lacking and fragmented nature of policy dictating cybersecurity stances– the field which intersects both cybersecurity and biosecurity to protect several areas within life sciences (Murch et al, 2018; Duncan et al, 2019; U.S. Department of Agriculture, 2022) . These looming oversights create dangers to advanced agricultural systems, which in turn poses risk to businesses, economies, and individuals. While there are various methods to reduce these risk factors, they ultimately depend on the careful consideration of cyberbiosecurity (CBS) by all involved. This includes the system developers, equipment engineers, and especially the end users - all of us. A conscientious team-effort can work to diminish risks and ultimately provide a safer environment for advanced agriculture and all who depend on it. This analysis explores numerous vulnerabilities within the system of advanced agriculture, discusses potential solutions to the escalating risks they present, and considers the achievable future of an advanced agricultural system which further implements the role of CBS.","updated_timestamp":{"seconds":1721495223,"nanoseconds":0},"speakers":[{"content_ids":[55196],"conference_id":133,"event_ids":[55586],"name":"Simone Stephen","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Security Researcher"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/simone-stephen/"}],"media":[],"id":55810,"title":"Security Researcher"}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T17:07:03Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":55586,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55810}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-20T17:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Name the Noob is a fun and interactive session where seasoned hackers create unique handles for new attendees. This activity helps newbies integrate into the hacking community and gives them a memorable start to their cybersecurity journey.\n\n\n","media":[],"title":"Name the Noob","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Name the Noob is a fun and interactive session where seasoned hackers create unique handles for new attendees. This activity helps newbies integrate into the hacking community and gives them a memorable start to their cybersecurity journey.","updated_timestamp":{"seconds":1721487277,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T14:54:37Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55415,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Building an AI product for the everyday person is challenging - doing it in a privacy focused way is nearly impossible without support from the right people. I'll walk through the techniques we're using at Rabbit to secure customer data and provide people a choice as to where their data goes.\n\nWe'll cover the pipelines that\n- Collect and Manage customer identity after they login to a site\n- Log, Anonymize, and Process customer voice interactions\n- Provide \"just in time\" access to customer data for personalized RAG-like models\n\nAs a community, I think we're well within our rights to demand control over the data we provide to companies. This talk aims to provide engineers with a list of ideas on \"what right could look like\", and general attendees a list of things that are possible, so they know its ok to ask for them.\n\n\n","media":[],"title":"Data On Demand: The challenges of building a privacy focused AI Device","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"Building an AI product for the everyday person is challenging - doing it in a privacy focused way is nearly impossible without support from the right people. I'll walk through the techniques we're using at Rabbit to secure customer data and provide people a choice as to where their data goes.\n\nWe'll cover the pipelines that\n- Collect and Manage customer identity after they login to a site\n- Log, Anonymize, and Process customer voice interactions\n- Provide \"just in time\" access to customer data for personalized RAG-like models\n\nAs a community, I think we're well within our rights to demand control over the data we provide to companies. This talk aims to provide engineers with a list of ideas on \"what right could look like\", and general attendees a list of things that are possible, so they know its ok to ask for them.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54583],"conference_id":133,"event_ids":[54958],"name":"Matt Domko","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"(in)famous AI Walkie Talkie Manufacturer","title":"Head of Security"}],"links":[],"pronouns":null,"media":[],"id":54366,"title":"Head of Security at (in)famous AI Walkie Talkie Manufacturer"}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":54958,"tag_ids":[46377,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54366}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Almost since the internet was made widely available to the general public, average technology users have fallen prey to threats from malicious spam, malware, phishing, smishing, scams, fraud, and ransomware. In most of the US, primary and secondary education (in the US, comprising kindergarten through 12th grade) now incorporate computing technology as an integral part of the classroom, and some families introduce computing platforms to children in their toddler and preschool years. Despite our society's growing dependence on computing technology in the world of education, there remain no national standards or curricula for the teaching of data privacy or information security principles. This disconnect sets future generations up for failure, and a continuation of a cycle of ignorance that perpetuates cybercrime victimization. This presentation makes the case that schools must adopt and incorporate concepts of data privacy, information security, defense against fraud and phishing, and internet safety, in age-appropriate ways, into lesson plans at all grade levels. Further, school districts and independent schools must take steps to protect themselves from the threat of ransomware, data breaches, and other forms of criminal activity. \n\n\n","media":[],"title":"Cybersecurity Schoolhouse Rock","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:30:00Z","end_timestamp":{"seconds":1723246200,"nanoseconds":0},"android_description":"Almost since the internet was made widely available to the general public, average technology users have fallen prey to threats from malicious spam, malware, phishing, smishing, scams, fraud, and ransomware. In most of the US, primary and secondary education (in the US, comprising kindergarten through 12th grade) now incorporate computing technology as an integral part of the classroom, and some families introduce computing platforms to children in their toddler and preschool years. Despite our society's growing dependence on computing technology in the world of education, there remain no national standards or curricula for the teaching of data privacy or information security principles. This disconnect sets future generations up for failure, and a continuation of a cycle of ignorance that perpetuates cybercrime victimization. This presentation makes the case that schools must adopt and incorporate concepts of data privacy, information security, defense against fraud and phishing, and internet safety, in age-appropriate ways, into lesson plans at all grade levels. Further, school districts and independent schools must take steps to protect themselves from the threat of ransomware, data breaches, and other forms of criminal activity.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54582],"conference_id":133,"event_ids":[54957],"name":"Avi McGrady","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54315}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T23:30:00.000-0000","id":54957,"tag_ids":[46388,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54315}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Automatic Dependent Surveillance – Contract (ADS-C) is a satellite-based aviation datalink application used to monitor aircraft in remote regions. It is a crucial method for air traffic control to track aircraft where other protocols such as ADS-B lack connectivity. Even though it has been conceived more than 30 years ago, and other legacy communication protocols in aviation have shown to be vulnerable, ADS-C’s security has not been investigated so far in the literature. We conduct a first investigation to close this gap. First, we compile a comprehensive overview of the history, impact, and technical details of ADS-C and its lower layers. Second, we build two software-defined radio receivers in order to analyze over 120’000 real-world ADS-C messages. We further illustrate ADS-C’s lack of authentication by implementing an ADS-C transmitter, which is capable of generating and sending arbitrary ADS-C messages. Finally, we use the channel control offered through a software-defined ADS-C receiver and transmitter as a basis for an in-depth analysis of the protocol weaknesses of the ADS-C system. The found vulnerabilities range from passively tracking aircraft to actively altering the position of actual aircraft through attacks on the downlink and the uplink. We assess the difficulty and impact of these attacks and discuss potential countermeasures.\n\nWe will further look at satellite-based ADS-B receivers and discuss their security and how they relate to ADS-C.\n\n\n","media":[],"title":"Analyzing the Security of Satellite-Based Air Traffic Control","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:30:00Z","end_timestamp":{"seconds":1723246200,"nanoseconds":0},"android_description":"Automatic Dependent Surveillance – Contract (ADS-C) is a satellite-based aviation datalink application used to monitor aircraft in remote regions. It is a crucial method for air traffic control to track aircraft where other protocols such as ADS-B lack connectivity. Even though it has been conceived more than 30 years ago, and other legacy communication protocols in aviation have shown to be vulnerable, ADS-C’s security has not been investigated so far in the literature. We conduct a first investigation to close this gap. First, we compile a comprehensive overview of the history, impact, and technical details of ADS-C and its lower layers. Second, we build two software-defined radio receivers in order to analyze over 120’000 real-world ADS-C messages. We further illustrate ADS-C’s lack of authentication by implementing an ADS-C transmitter, which is capable of generating and sending arbitrary ADS-C messages. Finally, we use the channel control offered through a software-defined ADS-C receiver and transmitter as a basis for an in-depth analysis of the protocol weaknesses of the ADS-C system. The found vulnerabilities range from passively tracking aircraft to actively altering the position of actual aircraft through attacks on the downlink and the uplink. We assess the difficulty and impact of these attacks and discuss potential countermeasures.\n\nWe will further look at satellite-based ADS-B receivers and discuss their security and how they relate to ADS-C.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54581,54473,54638],"conference_id":133,"event_ids":[54846,54956,55012],"name":"Martin Strohmeier","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cyber Defence Campus","title":"Senior Scientist"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@masorx)","sort_order":0,"url":"https://twitter.com/masorx"}],"media":[],"id":54277,"title":"Senior Scientist at Cyber Defence Campus"}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T23:30:00.000-0000","id":54956,"tag_ids":[46366,46419,46437,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54277}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A quarter of a million people die from Hepatitis C every year. Fifty million people are currently infected, and a million more are infected each year. But for the first time in history there is a cure (not just a treatment) for a virus, and it is for Hepatitis C. Take one 400mg pill of Sofosbuvir every day for twelve weeks, and you will be free of the virus. The catch? Those pills are one thousand US dollars apiece because the molecule is the \"Intellectual Property\" of Gilead Pharmaceuticals, and they refuse to share. So if you have $84,000 USD, Hep C is not your problem. But for everyone else, The Four Thieves Vinegar Collective has developed a way to make the entire course of treatment for $300 USD. This methodology also applies to other diseases. Like any science, the method of manufacture of drugs can be replicated, and we are going to give you all the necessary tools and show you the process top-to-bottom. Watch it happen live, participate, and learn to do it yourself: Use our digital research assistant to help you navigate the scientific literature, feed your medicine of choice into ChemHacktica to get a chemical synthesis pathway, put that procedure into the Recipe Press to generate code for the new version of the MicroLab to run, and watch the medicine form in the reaction chamber. Finally come on stage, press some tablets, and make your own thousand-dollar pill for four dollars in materials. The feds say saving a life this way is bioterrorism. We say: So Be It.\n\n\n","media":[],"title":"Eradicating Hepatitis C With BioTerrorism","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T23:45:00Z","end_timestamp":{"seconds":1723247100,"nanoseconds":0},"android_description":"A quarter of a million people die from Hepatitis C every year. Fifty million people are currently infected, and a million more are infected each year. But for the first time in history there is a cure (not just a treatment) for a virus, and it is for Hepatitis C. Take one 400mg pill of Sofosbuvir every day for twelve weeks, and you will be free of the virus. The catch? Those pills are one thousand US dollars apiece because the molecule is the \"Intellectual Property\" of Gilead Pharmaceuticals, and they refuse to share. So if you have $84,000 USD, Hep C is not your problem. But for everyone else, The Four Thieves Vinegar Collective has developed a way to make the entire course of treatment for $300 USD. This methodology also applies to other diseases. Like any science, the method of manufacture of drugs can be replicated, and we are going to give you all the necessary tools and show you the process top-to-bottom. Watch it happen live, participate, and learn to do it yourself: Use our digital research assistant to help you navigate the scientific literature, feed your medicine of choice into ChemHacktica to get a chemical synthesis pathway, put that procedure into the Recipe Press to generate code for the new version of the MicroLab to run, and watch the medicine form in the reaction chamber. Finally come on stage, press some tablets, and make your own thousand-dollar pill for four dollars in materials. The feds say saving a life this way is bioterrorism. We say: So Be It.","updated_timestamp":{"seconds":1720659957,"nanoseconds":0},"speakers":[{"content_ids":[54498,54597],"conference_id":133,"event_ids":[54871,54972],"name":"Mixæl Swan Laufer","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Four Thieves Vinegar Collective","title":"Chief Spokesperson"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@MichaelSLaufer)","sort_order":0,"url":"https://twitter.com/MichaelSLaufer"},{"description":"","title":"fourthievesvinegar.org","sort_order":0,"url":"https://fourthievesvinegar.org"}],"media":[],"id":54090,"title":"Chief Spokesperson at Four Thieves Vinegar Collective"}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-11T01:05:57Z","links":[],"end":"2024-08-09T23:45:00.000-0000","id":54871,"tag_ids":[46166,46169,46419,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54090}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-11T01:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Did you ever receive an empty email and immediately think it might be a reconnaissance attack? What if opening such an email in your Outlook client could trigger remote code execution through an invisible form? Yes, all forms are COM objects, and CVE-2024-21378 has flung open the gates to Outlook RCE chaos.\r\n\r\nIn our session, \"Outlook Unleashing RCE Chaos: CVE-2024-30103\" we'll dive into how this seemingly innocuous vulnerability can lead to mayhem. This vulnerability paved the way for us to discover a series of new remote code execution vulnerabilities in Outlook, including CVE-2024-30103. But we’re not stopping there.\r\n\r\nAdditionally, we'll uncover other vulnerabilities that can cause NTLM leaks from your domain-joined devices.\r\n\r\nSo, how did we get here? Join us as we construct an evolution timeline of this attack surface. From the origins of these exploits to their current incarnations, we'll cover it all. And because we believe in building a safer digital world, we'll conclude with specific, actionable recommendations on how to minimize these threats.\r\n\r\n1. [link](https://www.netspi.com/blog/technical-blog/red-team-operations/microsoft-outlook-remote-code-execution-cve-2024-21378/)\r\n2. [link](https://www.mdsec.co.uk/2023/03/exploiting-cve-2023-23397-microsoft-outlook-elevation-of-privilege-vulnerability/)\r\n3. [link](https://www.akamai.com/blog/security-research/important-outlook-vulnerability-bypass-windows-api)\r\n4. [link](https://www.varonis.com/blog/outlook-vulnerability-new-ways-to-leak-ntlm-hashes)\r\n5. [link](https://research.checkpoint.com/2024/the-risks-of-the-monikerlink-bug-in-microsoft-outlook-and-the-big-picture/)\r\n6. [link](https://sensepost.com/blog/2017/outlook-forms-and-shells/)\r\n\n\n\n","media":[],"title":"Outlook Unleashing RCE Chaos: CVE-2024-30103 & CVE-2024-38021","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T23:45:00Z","end_timestamp":{"seconds":1723247100,"nanoseconds":0},"android_description":"Did you ever receive an empty email and immediately think it might be a reconnaissance attack? What if opening such an email in your Outlook client could trigger remote code execution through an invisible form? Yes, all forms are COM objects, and CVE-2024-21378 has flung open the gates to Outlook RCE chaos.\r\n\r\nIn our session, \"Outlook Unleashing RCE Chaos: CVE-2024-30103\" we'll dive into how this seemingly innocuous vulnerability can lead to mayhem. This vulnerability paved the way for us to discover a series of new remote code execution vulnerabilities in Outlook, including CVE-2024-30103. But we’re not stopping there.\r\n\r\nAdditionally, we'll uncover other vulnerabilities that can cause NTLM leaks from your domain-joined devices.\r\n\r\nSo, how did we get here? Join us as we construct an evolution timeline of this attack surface. From the origins of these exploits to their current incarnations, we'll cover it all. And because we believe in building a safer digital world, we'll conclude with specific, actionable recommendations on how to minimize these threats.\r\n\r\n1. [link](https://www.netspi.com/blog/technical-blog/red-team-operations/microsoft-outlook-remote-code-execution-cve-2024-21378/)\r\n2. [link](https://www.mdsec.co.uk/2023/03/exploiting-cve-2023-23397-microsoft-outlook-elevation-of-privilege-vulnerability/)\r\n3. [link](https://www.akamai.com/blog/security-research/important-outlook-vulnerability-bypass-windows-api)\r\n4. [link](https://www.varonis.com/blog/outlook-vulnerability-new-ways-to-leak-ntlm-hashes)\r\n5. [link](https://research.checkpoint.com/2024/the-risks-of-the-monikerlink-bug-in-microsoft-outlook-and-the-big-picture/)\r\n6. [link](https://sensepost.com/blog/2017/outlook-forms-and-shells/)","updated_timestamp":{"seconds":1720462515,"nanoseconds":0},"speakers":[{"content_ids":[54465],"conference_id":133,"event_ids":[54838],"name":"Michael Gorelik ","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Morphisec","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"Github","sort_order":0,"url":"https://github.com/smgorelik"},{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/smgoreli/"},{"description":"","title":"Twitter (@smgoreli)","sort_order":0,"url":"https://twitter.com/smgoreli"}],"media":[],"id":54138,"title":"Founder at Morphisec"},{"content_ids":[54465],"conference_id":133,"event_ids":[54838],"name":"Arnold Osipov","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Morphisec","title":"Distinguished Malware Researcher"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/arnoldosipov/"},{"description":"","title":"Twitter (@osipov_ar)","sort_order":0,"url":"https://twitter.com/osipov_ar"}],"media":[],"id":54184,"title":"Distinguished Malware Researcher at Morphisec"}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:15:15Z","links":[],"end":"2024-08-09T23:45:00.000-0000","id":54838,"tag_ids":[46166,46169,46419,46437,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54138},{"tag_id":46167,"sort_order":2,"person_id":54184}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-08T18:15:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Making the DEF CON 32 Badge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1720307458,"nanoseconds":0},"speakers":[{"content_ids":[54445],"conference_id":133,"event_ids":[54818],"name":"Mar Williams","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54206}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:58Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":54818,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54206}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We are back with another Pub Quiz at DEF CON. Here at Pub Quiz, we felt the need to add additional prizes for 4th and 5th place. We had a very successful one last year and we have made some improvements to make it every better. So do you like Pub Quizzes?? If you do then get your butts to join us in participating in the 2nd Pub Quiz at DEF CON 32. \r\n\r\nQuiz will consist of 7 rounds question will include 90’s/2000’s TV and Movies, DefCon trivia, music, anime, and a little sex. The theme for our Pub Quiz will be all things that make DEF CON attendees exceptional. There will be a little something for everyone. The quiz will consist of visual and audio rounds along with some Con questions; we need to make sure we stimulate you peeps. We encourage people to get into teams of 5 or 6. \r\n\r\nThis is a social event, so we try to get people into Teams. You never know you may meet the love of your life. Did I mention CASH! Yes we will have cold hard cash prizes for the 1st, 2nd, 3rd, 4th, and 5th high scoring groups. As always if we do have ties will be break those ties with a good old fashion dance off from a person of the tied teams. The hosts and a few goons will help in judging. \n\n\n","media":[{"hash_sha256":"94ee76407dd35e39514ab4f3441d703fecc64829dcf606c96fb811bc51d3cb63","filetype":"image/png","hash_md5":"d5f32bb1825ea4a6de07651c9ab076aa","name":"ct_PubQuizLogo.png","is_logo":"Y","hash_crc32c":"1650df37","filesize":503062,"asset_id":706,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_PubQuizLogo.png"}],"title":"Pub Quiz","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T02:00:00Z","end_timestamp":{"seconds":1723255200,"nanoseconds":0},"android_description":"We are back with another Pub Quiz at DEF CON. Here at Pub Quiz, we felt the need to add additional prizes for 4th and 5th place. We had a very successful one last year and we have made some improvements to make it every better. So do you like Pub Quizzes?? If you do then get your butts to join us in participating in the 2nd Pub Quiz at DEF CON 32. \r\n\r\nQuiz will consist of 7 rounds question will include 90’s/2000’s TV and Movies, DefCon trivia, music, anime, and a little sex. The theme for our Pub Quiz will be all things that make DEF CON attendees exceptional. There will be a little something for everyone. The quiz will consist of visual and audio rounds along with some Con questions; we need to make sure we stimulate you peeps. We encourage people to get into teams of 5 or 6. \r\n\r\nThis is a social event, so we try to get people into Teams. You never know you may meet the love of your life. Did I mention CASH! Yes we will have cold hard cash prizes for the 1st, 2nd, 3rd, 4th, and 5th high scoring groups. As always if we do have ties will be break those ties with a good old fashion dance off from a person of the tied teams. The hosts and a few goons will help in judging.","updated_timestamp":{"seconds":1719556108,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T06:28:28Z","links":[{"label":"Sub-Forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249844"}],"end":"2024-08-10T02:00:00.000-0000","id":54615,"tag_ids":[46427,46439,46495],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46334,"name":"LVCC - L1 - North Lobby Contests/ACK Stage","hotel":"","short_name":"North Lobby Contests/ACK Stage","id":46332},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-06-28T06:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come by this informal mixer to meet others in the lgbtqia+ community who are a part of this wonderful world that is InfoSec. This is a safe and inclusive space to meet and talk to others with your shared experience and is a nice environment to network and unwind with a drink.\n\n\n","media":[{"hash_sha256":"2656c5ebc25f87c2aace541797f643642da570a63fff5f24da518c3d6d472944","filetype":"image/png","hash_md5":"ed87e0dc24f65f5259a7bdff54921872","name":"pme_queercon-mixer.png","is_logo":"Y","hash_crc32c":"f9440803","filesize":140037,"asset_id":682,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_queercon-mixer.png"}],"title":"QueerCon Mixer","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Come by this informal mixer to meet others in the lgbtqia+ community who are a part of this wonderful world that is InfoSec. This is a safe and inclusive space to meet and talk to others with your shared experience and is a nice environment to network and unwind with a drink.","updated_timestamp":{"seconds":1718813154,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T16:05:54Z","links":[{"label":"Twitter (@queercon)","type":"link","url":"https://twitter.com/queercon"},{"label":"Discord","type":"link","url":"https://queercon.lgbt/discord"},{"label":"Website","type":"link","url":"https://queercon.org"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249580"}],"end":"2024-08-10T01:00:00.000-0000","id":54517,"tag_ids":[46364],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W231-W233 (Chillout 2)","hotel":"","short_name":"W231-W233 (Chillout 2)","id":46316},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-06-19T16:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"They say Atlanta is the city too busy to hate, but it also has too much traffic for its widespread hacker fam to get together in a single meetup. So instead, we're meeting up in the desert during DEF CON! The one time of year when intown, northern burbs, south siders, and anyone else connected to DC404's 25+ year legacy can catch up and share stories. Join us and meet your fellow ATL hackers!\n\n\n","media":[{"hash_sha256":"66ebdc9c4e2c3e3a195aab289ccec4572a3ccd41d88fd7dda7f49e7bec73d87a","filetype":"image/png","hash_md5":"9759ea1982692e75a5fa7b327478690a","name":"pme_dc404.png","is_logo":"Y","hash_crc32c":"e8e5952c","filesize":100009,"asset_id":673,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_dc404.png"}],"title":"DCG Atlanta (DC404,678,770,470)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-10T02:00:00Z","end_timestamp":{"seconds":1723255200,"nanoseconds":0},"android_description":"They say Atlanta is the city too busy to hate, but it also has too much traffic for its widespread hacker fam to get together in a single meetup. So instead, we're meeting up in the desert during DEF CON! The one time of year when intown, northern burbs, south siders, and anyone else connected to DC404's 25+ year legacy can catch up and share stories. Join us and meet your fellow ATL hackers!","updated_timestamp":{"seconds":1718776129,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T05:48:49Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249509"},{"label":"Discord","type":"link","url":"https://discord.gg/eHm7NnZ"},{"label":"Website","type":"link","url":"https://dc404.org"}],"end":"2024-08-10T02:00:00.000-0000","id":54499,"tag_ids":[46364],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W236","hotel":"","short_name":"W236","id":46293},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-06-19T05:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In The Netherlands it's a tradition to catch up with your colleagues just before the end of the workday on Friday when the weekend starts to kick in. In The Netherlands this is called the \"VrijMiBo\" (Vrijdag/Friday - Middag/Afternoon Borrel/Drink)\r\n\r\n\"VrijMiBo/Friday afternoon Drink\" at DEF CON is a perfect moment to talk about what your favorite thing is at DEF CON, show your cool handmade badges, impress other hackers about your latest hacks, make new friends, gossip about your boss and show your cat or dog pictures.\r\n\r\nVrijdag Middag Borrel, Freitag Mittags Getränk, Apéritif du vendredi après-midi, trago de viernes por la tarde.\n\n\n","media":[{"hash_sha256":"5cb51792ae9d7b45008db3ac093873d39ad77ba26cbd87d0724da6090da08323","filetype":"image/png","hash_md5":"44c753fc5d3d3e514e994a75aa1fd8fa","name":"pme_defcon_holland.png","is_logo":"Y","hash_crc32c":"af6d53fb","filesize":9457,"asset_id":696,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_defcon_holland.png"}],"title":"DEF CON Holland Group Presents: VrijMiBo","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-10T02:00:00Z","end_timestamp":{"seconds":1723255200,"nanoseconds":0},"android_description":"In The Netherlands it's a tradition to catch up with your colleagues just before the end of the workday on Friday when the weekend starts to kick in. In The Netherlands this is called the \"VrijMiBo\" (Vrijdag/Friday - Middag/Afternoon Borrel/Drink)\r\n\r\n\"VrijMiBo/Friday afternoon Drink\" at DEF CON is a perfect moment to talk about what your favorite thing is at DEF CON, show your cool handmade badges, impress other hackers about your latest hacks, make new friends, gossip about your boss and show your cat or dog pictures.\r\n\r\nVrijdag Middag Borrel, Freitag Mittags Getränk, Apéritif du vendredi après-midi, trago de viernes por la tarde.","updated_timestamp":{"seconds":1718775458,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T05:37:38Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249506"}],"end":"2024-08-10T02:00:00.000-0000","id":54496,"tag_ids":[46364],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"HallwayCon Lounge past W234","hotel":"","short_name":"HallwayCon Lounge past W234","id":46310},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-06-19T05:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Holding upwards of $400,000, ATMs continue to be a target of opportunity and have seen over a 600% increase in crime in just the last few years. During this time, I led security research with another colleague into the enterprise ATM industry resulting in the discovery of 6 zero-day vulnerabilities affecting Diebold Nixdorf’s Vynamic Security Suite (VSS), the most prolific ATM security solution in the market. 10 minutes or less is all that a malicious actor would need to gain full control of any system running VSS via offline code injection and decryption of the primary Windows OS. Diebold Nixdorf is one of three major North American enterprise class ATM manufacturers with a global presence in the financial, casino/gaming, and point-of-sale markets. Similar attack surfaces are currently being used in the wild and impact millions of systems across the globe. Furthermore, VSS is known to be present throughout the US gaming industry, including most of the ATM/cash-out systems across Vegas.\r\n\r\nIn this session, I will walk through my research, review the discovery process, and dive into the technical intricacies of each vulnerability. The Full Disk Encryption module of VSS conducts a complex integrity validation process to ensure a trusted system state, performed as a layered approach during system initialization. Examination of this workflow will highlight various deficiencies that I will demonstrate through PoC exploitation.\r\n\r\nEach vulnerability presented in this session has been observed to have a recursive impact across all major versions of VSS and represents a systemic ongoing risk. We will explore the root-cause, vendor remediation steps, and short-comings thereof – perpetuating the attack narrative. In conclusion, proper mitigation techniques and procedures will be covered, providing valuable insights into defending against potential compromise.\n\n\n","media":[],"title":"Where’s the Money: Defeating ATM Disk Encryption","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:30:00Z","end_timestamp":{"seconds":1723246200,"nanoseconds":0},"android_description":"Holding upwards of $400,000, ATMs continue to be a target of opportunity and have seen over a 600% increase in crime in just the last few years. During this time, I led security research with another colleague into the enterprise ATM industry resulting in the discovery of 6 zero-day vulnerabilities affecting Diebold Nixdorf’s Vynamic Security Suite (VSS), the most prolific ATM security solution in the market. 10 minutes or less is all that a malicious actor would need to gain full control of any system running VSS via offline code injection and decryption of the primary Windows OS. Diebold Nixdorf is one of three major North American enterprise class ATM manufacturers with a global presence in the financial, casino/gaming, and point-of-sale markets. Similar attack surfaces are currently being used in the wild and impact millions of systems across the globe. Furthermore, VSS is known to be present throughout the US gaming industry, including most of the ATM/cash-out systems across Vegas.\r\n\r\nIn this session, I will walk through my research, review the discovery process, and dive into the technical intricacies of each vulnerability. The Full Disk Encryption module of VSS conducts a complex integrity validation process to ensure a trusted system state, performed as a layered approach during system initialization. Examination of this workflow will highlight various deficiencies that I will demonstrate through PoC exploitation.\r\n\r\nEach vulnerability presented in this session has been observed to have a recursive impact across all major versions of VSS and represents a systemic ongoing risk. We will explore the root-cause, vendor remediation steps, and short-comings thereof – perpetuating the attack narrative. In conclusion, proper mitigation techniques and procedures will be covered, providing valuable insights into defending against potential compromise.","updated_timestamp":{"seconds":1721146927,"nanoseconds":0},"speakers":[{"content_ids":[54580,54437],"conference_id":133,"event_ids":[54810,54955],"name":"Matt Burch","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Independent Vulnerability Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@emptynebuli)","sort_order":0,"url":"https://twitter.com/emptynebuli"}],"media":[],"id":54049,"title":"Independent Vulnerability Researcher"}],"begin_tsz":"2024-08-09T22:50:00Z","timeband_id":1147,"updated_tsz":"2024-07-16T16:22:07Z","links":[],"end":"2024-08-09T23:30:00.000-0000","id":54955,"tag_ids":[46383,46419,46437,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723243800,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54049}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-09T22:50:00.000-0000","updated":"2024-07-16T16:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"After doing recon on a target you probably end up with more URLs, domains and IPs that you can handle, and when time is limited, how do you prioritize them? Recon MindMap (RMM) is a tool that will simplify the task of organizing and sorting all these assets. RMM can help you to generate complex domain structures, visualize them using your favorite mind map tools, make informed decisions, and improve your reports visual appeal.\n\nDuring the talk I’ll discuss the motivations behind building this tool and what problem it solves, the algorithm behind, scenarios and use cases for this tool, how to contribute to the project and what’s next for RMM.\n\nRMM it's opensource and it's available at https://github.com/Alevsk/rmm\n\n\n","media":[],"title":"Recon MindMap: Organize, Visualize, and Prioritize Your Recon Data Efficiently","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:20:00Z","end_timestamp":{"seconds":1723245600,"nanoseconds":0},"android_description":"After doing recon on a target you probably end up with more URLs, domains and IPs that you can handle, and when time is limited, how do you prioritize them? Recon MindMap (RMM) is a tool that will simplify the task of organizing and sorting all these assets. RMM can help you to generate complex domain structures, visualize them using your favorite mind map tools, make informed decisions, and improve your reports visual appeal.\n\nDuring the talk I’ll discuss the motivations behind building this tool and what problem it solves, the algorithm behind, scenarios and use cases for this tool, how to contribute to the project and what’s next for RMM.\n\nRMM it's opensource and it's available at https://github.com/Alevsk/rmm","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55306,55904,55965,55957],"conference_id":133,"event_ids":[56573,56581,55696,56491],"name":"Lenin Alevski","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Security Engineer"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/alevsk/"},{"description":"","title":"Twitter (@alevsk)","sort_order":0,"url":"https://twitter.com/alevsk"},{"description":"","title":"Website","sort_order":0,"url":"https://www.alevsk.com/"}],"media":[],"id":55862,"title":"Security Engineer at Google"}],"begin_tsz":"2024-08-09T22:45:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T23:20:00.000-0000","id":56491,"tag_ids":[46391,46511],"village_id":null,"begin_timestamp":{"seconds":1723243500,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55862}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T22:45:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the ever-evolving landscape of containerized applications, ensuring the integrity and security of your container images is paramount. Join us for an immersive, hands-on workshop titled \"Hands-On Container Image Security: Mastering Sigstore for Unbreachable Integrity,\" where we'll dive deep into securing your container images using the cutting-edge open-source tools Cosign and Rekor from the Sigstore project.\n\nThis workshop will provide a comprehensive, practical introduction to Sigstore tools, demonstrating how they can be seamlessly integrated into your DevOps workflows. We'll begin with a brief overview of the common security challenges associated with container images and how Sigstore addresses these issues by providing automated and tamper-proof signing and verification processes.\n\nParticipants will then engage in hands-on exercises, where they'll:\n1. Learn to sign container images and verify their integrity using Cosign. We'll guide you through setting up Cosign, signing your first image, and verifying its signature, ensuring you have a solid understanding of this powerful tool.\n2. Delve into using Rekor, Sigstore's transparency log, to record and verify signed image metadata. You'll experience firsthand how Rekor enhances security by providing an immutable log of all signed images, ensuring accountability and traceability.\n3. Discover how to seamlessly integrate these tools into your existing DevOps pipelines, automating the signing and verification process, and ensuring that only trusted and verified images make it to production environments.\n\nBy the end of this workshop, you'll have gained hands-on experience with Sigstore tools and a deep understanding of how to implement them in your own environment. This session is tailored for DevOps engineers, security professionals, and software developers who are committed to enhancing their container security practices.\n\nDon't miss this unique opportunity to acquire practical knowledge and skills in securing your container images. Join us and learn how to leverage Sigstore's powerful tools to ensure your container images are secure, verified, and trustworthy, safeguarding your applications from potential threats.\n\n\n","media":[],"title":"Hands-On Container Image Security: Mastering Sigstore for Unbreachable Integrity","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T00:40:00Z","end_timestamp":{"seconds":1723250400,"nanoseconds":0},"android_description":"In the ever-evolving landscape of containerized applications, ensuring the integrity and security of your container images is paramount. Join us for an immersive, hands-on workshop titled \"Hands-On Container Image Security: Mastering Sigstore for Unbreachable Integrity,\" where we'll dive deep into securing your container images using the cutting-edge open-source tools Cosign and Rekor from the Sigstore project.\n\nThis workshop will provide a comprehensive, practical introduction to Sigstore tools, demonstrating how they can be seamlessly integrated into your DevOps workflows. We'll begin with a brief overview of the common security challenges associated with container images and how Sigstore addresses these issues by providing automated and tamper-proof signing and verification processes.\n\nParticipants will then engage in hands-on exercises, where they'll:\n1. Learn to sign container images and verify their integrity using Cosign. We'll guide you through setting up Cosign, signing your first image, and verifying its signature, ensuring you have a solid understanding of this powerful tool.\n2. Delve into using Rekor, Sigstore's transparency log, to record and verify signed image metadata. You'll experience firsthand how Rekor enhances security by providing an immutable log of all signed images, ensuring accountability and traceability.\n3. Discover how to seamlessly integrate these tools into your existing DevOps pipelines, automating the signing and verification process, and ensuring that only trusted and verified images make it to production environments.\n\nBy the end of this workshop, you'll have gained hands-on experience with Sigstore tools and a deep understanding of how to implement them in your own environment. This session is tailored for DevOps engineers, security professionals, and software developers who are committed to enhancing their container security practices.\n\nDon't miss this unique opportunity to acquire practical knowledge and skills in securing your container images. Join us and learn how to leverage Sigstore's powerful tools to ensure your container images are secure, verified, and trustworthy, safeguarding your applications from potential threats.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55487],"conference_id":133,"event_ids":[55916],"name":"Mohammed Ilyas Ahmed","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"beingilyasahmed","sort_order":0,"url":"https://beingilyasahmed"}],"media":[],"id":56015},{"content_ids":[55487],"conference_id":133,"event_ids":[55916],"name":"Syed Aamiruddin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56016}],"begin_tsz":"2024-08-09T22:40:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-10T00:40:00.000-0000","id":55916,"tag_ids":[46376,46734],"village_id":null,"begin_timestamp":{"seconds":1723243200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56015},{"tag_id":46167,"sort_order":4,"person_id":56016}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T22:40:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"BTV Conversations explores creative, personal, or cutting-edge Blue Team topics in an interactive, conversational format.\r\n\r\nCtrlAltFu will share personal experiences combatting work stress and burnout through physical activity, and invite a conversation about others’ experiences and strategies to combat burnout.\n\n\n","media":[],"title":"BTV Conversations: Touch Grass to Combat Burnout","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:30:00Z","end_timestamp":{"seconds":1723246200,"nanoseconds":0},"android_description":"BTV Conversations explores creative, personal, or cutting-edge Blue Team topics in an interactive, conversational format.\r\n\r\nCtrlAltFu will share personal experiences combatting work stress and burnout through physical activity, and invite a conversation about others’ experiences and strategies to combat burnout.","updated_timestamp":{"seconds":1723186128,"nanoseconds":0},"speakers":[{"content_ids":[56205],"conference_id":133,"event_ids":[56859],"name":"CtrlAltFu","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56589}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:48:48Z","links":[],"end":"2024-08-09T23:30:00.000-0000","id":56859,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56589}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W311-W313 (BTV)","hotel":"","short_name":"W311-W313 (BTV)","id":46296},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-08-09T06:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk will cover common voting machine myths and dispel common voting machine cases and fallacies that are prevalent in the media during election cycles and disinformation from social media and ‘experts’ from the perspective of a CIA HUMINT/Technical Officer now in the Cybersecurity field investigating corporate espionage and intentional sabotage. I will show- with pictures and evidence from previous Voting Machine Village work- that the sensational news headlines are not related to the reality of digital voting.\n\n\n","media":[],"title":"Breaking Through Election Myths","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:15:00Z","end_timestamp":{"seconds":1723245300,"nanoseconds":0},"android_description":"This talk will cover common voting machine myths and dispel common voting machine cases and fallacies that are prevalent in the media during election cycles and disinformation from social media and ‘experts’ from the perspective of a CIA HUMINT/Technical Officer now in the Cybersecurity field investigating corporate espionage and intentional sabotage. I will show- with pictures and evidence from previous Voting Machine Village work- that the sensational news headlines are not related to the reality of digital voting.","updated_timestamp":{"seconds":1723183538,"nanoseconds":0},"speakers":[{"content_ids":[56189],"conference_id":133,"event_ids":[56843],"name":"Will Baggett","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/will-baggett-4969048/"},{"description":"","title":"Twitter (@iosforensic)","sort_order":0,"url":"https://twitter.com/iosforensic"}],"media":[],"id":56587}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:05:38Z","links":[],"end":"2024-08-09T23:15:00.000-0000","id":56843,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56587}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"It's time to go beyond hacking the planet! Join us for an offensive cybersecurity in space workshop. We will discuss the challenges that are introduced when attacking space vehicles and work with space industry software such as COSMOS, the ground station software used by NASA, and a modified version of NOS3, NASA's satellite simulator. Attendees will have access to cloud environments that contain an operator station, a ground station, and a simulated satellite. We will walk you through the basics of accessing, operating, and of course, attacking these stations for the ultimate goal of taking control of the satellite.\n\n\n","media":[],"title":"Space Pirate Simulator","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T00:30:00Z","end_timestamp":{"seconds":1723249800,"nanoseconds":0},"android_description":"It's time to go beyond hacking the planet! Join us for an offensive cybersecurity in space workshop. We will discuss the challenges that are introduced when attacking space vehicles and work with space industry software such as COSMOS, the ground station software used by NASA, and a modified version of NOS3, NASA's satellite simulator. Attendees will have access to cloud environments that contain an operator station, a ground station, and a simulated satellite. We will walk you through the basics of accessing, operating, and of course, attacking these stations for the ultimate goal of taking control of the satellite.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55833],"conference_id":133,"event_ids":[56383],"name":"Michael Butler","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56193},{"content_ids":[55833],"conference_id":133,"event_ids":[56383],"name":"Jacob Oakley","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56194}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T00:30:00.000-0000","id":56383,"tag_ids":[46366,46734],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56193},{"tag_id":46484,"sort_order":4,"person_id":56194}],"tags":"","conference_id":133,"location":{"parent_id":46259,"name":"LVCC - L1 - HW2-07-02 (Aerospace) - Workshops","hotel":"","short_name":"Workshops","id":46476},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Microhard is a Canadian-based company that specializes in long range \"robust\" radio equipment. They are used in SCADA environments, point-of-sale terminals, power utilities, and more. From a security standpoint, however, some of their products are anything but \"robust\". And they have a habit of hiding their vulnerability fixes behind intentionally vague release notes, which will make this even more fun! (No, I'm not bitter at all) Command injections and buffer overflows abound, as well as a lesson or two in the need for a \"robust\" secure development process.\n\n\n","media":[],"title":"Microhard? More like MicroEASY...to exploit...","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Microhard is a Canadian-based company that specializes in long range \"robust\" radio equipment. They are used in SCADA environments, point-of-sale terminals, power utilities, and more. From a security standpoint, however, some of their products are anything but \"robust\". And they have a habit of hiding their vulnerability fixes behind intentionally vague release notes, which will make this even more fun! (No, I'm not bitter at all) Command injections and buffer overflows abound, as well as a lesson or two in the need for a \"robust\" secure development process.","updated_timestamp":{"seconds":1722479563,"nanoseconds":0},"speakers":[{"content_ids":[55775],"conference_id":133,"event_ids":[56316],"name":"Ricky \"HeadlessZeke\" Lawshae","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Keysight","title":"Principal Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@HeadlessZeke)","sort_order":0,"url":"https://twitter.com/HeadlessZeke"}],"media":[],"id":54323,"title":"Principal Security Researcher at Keysight"}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T02:32:43Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56316,"tag_ids":[46169,46383,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":54323}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-08-01T02:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Who can tag me in a post? If I move this file to another folder, who now has access? If my owner breaks up with his friend, will I still get a bone?\r\n\r\nWhether you're a human, or a dog, let's face it, authorisation is hard. Role-based access control is a great starting point but hard to scale. Attribute-based access control scales better, but neither are much good at answering more complex conditions, like whether friends-of-friends can read your posts. For such situations, we generally have to wrap this up into business logic.\r\n\r\nThis is where relationship-based access control (ReBAC) comes in, offering a nuanced approach to accessing resources without codifying that into the applications.\r\n\r\nIn this session, we'll look at how to define these relationships, experience live demos, and discover how we can deploy our own fine-grained authorisation service. Expect some tail-wagging insights and a few laughs as we explore access control from a canine's point of view.\n\n\n","media":[],"title":"Fine Grained Authorisation with Relationship-Based Access Control","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Who can tag me in a post? If I move this file to another folder, who now has access? If my owner breaks up with his friend, will I still get a bone?\r\n\r\nWhether you're a human, or a dog, let's face it, authorisation is hard. Role-based access control is a great starting point but hard to scale. Attribute-based access control scales better, but neither are much good at answering more complex conditions, like whether friends-of-friends can read your posts. For such situations, we generally have to wrap this up into business logic.\r\n\r\nThis is where relationship-based access control (ReBAC) comes in, offering a nuanced approach to accessing resources without codifying that into the applications.\r\n\r\nIn this session, we'll look at how to define these relationships, experience live demos, and discover how we can deploy our own fine-grained authorisation service. Expect some tail-wagging insights and a few laughs as we explore access control from a canine's point of view.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55743],"conference_id":133,"event_ids":[56243],"name":"Ben Dechrai","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56106}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56243,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56106}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Welcome to the next generation of wardriving, where we encourage you to step outside, breathe in the fresh air, and shred the streets as you’re collecting ALL the WIFI. In this presentation, we'll dive into the world of Warwheeling, a novel twist on wardriving that involves using a onewheel or any PEV as your mobile exploration hub.\n\n\n","media":[],"title":"Warwheeling: The Wireless Sk8r","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:55:00Z","end_timestamp":{"seconds":1723244100,"nanoseconds":0},"android_description":"Welcome to the next generation of wardriving, where we encourage you to step outside, breathe in the fresh air, and shred the streets as you’re collecting ALL the WIFI. In this presentation, we'll dive into the world of Warwheeling, a novel twist on wardriving that involves using a onewheel or any PEV as your mobile exploration hub.","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55450],"conference_id":133,"event_ids":[55875],"name":"r1otctrl","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"SOCC Analyst"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@r1otctrl)","sort_order":0,"url":"https://twitter.com/r1otctrl"}],"media":[],"id":55989,"title":"SOCC Analyst"}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-09T22:55:00.000-0000","id":55875,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55989}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the rapidly evolving landscape of cybersecurity, operational technology (OT) systems are increasingly becoming prime targets for cyber attacks. As a result, the adoption of effective incident response plans and threat hunting strategies has become essential for organizations to protect their critical OT infrastructure. This presentation will discuss the importance of OT incident response and threat hunting, as well as the challenges faced by the OT industry in implementing these cybersecurity measures.\r\n\r\nOne of the key challenges in the OT industry is the complexity and interconnectivity of OT systems, which often consist of legacy equipment and proprietary protocols that can be difficult to monitor and secure. Additionally, the lack of visibility into OT networks and the limited availability of skilled cybersecurity professionals with OT expertise pose significant obstacles in detecting and responding to cyber threats in a timely manner. Moreover, the convergence of IT and OT environments further complicates incident response efforts, as organizations must navigate the unique requirements and operational constraints of both domains.\r\n\r\nDespite these challenges, we will provide you with tools and frameworks to help overcome them by implementing a proactive approach to incident response and threat hunting in OT environments. This includes conducting architecture, passive, and active defense mechanisms and strategies in the OT environments. By addressing these challenges head-on and fostering collaboration between IT and OT teams, organizations can enhance their cybersecurity posture and effectively defend against cyber threats targeting their OT systems.\n\n\n","media":[],"title":"OT Incident response and Threat Hunting","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:55:00Z","end_timestamp":{"seconds":1723244100,"nanoseconds":0},"android_description":"In the rapidly evolving landscape of cybersecurity, operational technology (OT) systems are increasingly becoming prime targets for cyber attacks. As a result, the adoption of effective incident response plans and threat hunting strategies has become essential for organizations to protect their critical OT infrastructure. This presentation will discuss the importance of OT incident response and threat hunting, as well as the challenges faced by the OT industry in implementing these cybersecurity measures.\r\n\r\nOne of the key challenges in the OT industry is the complexity and interconnectivity of OT systems, which often consist of legacy equipment and proprietary protocols that can be difficult to monitor and secure. Additionally, the lack of visibility into OT networks and the limited availability of skilled cybersecurity professionals with OT expertise pose significant obstacles in detecting and responding to cyber threats in a timely manner. Moreover, the convergence of IT and OT environments further complicates incident response efforts, as organizations must navigate the unique requirements and operational constraints of both domains.\r\n\r\nDespite these challenges, we will provide you with tools and frameworks to help overcome them by implementing a proactive approach to incident response and threat hunting in OT environments. This includes conducting architecture, passive, and active defense mechanisms and strategies in the OT environments. By addressing these challenges head-on and fostering collaboration between IT and OT teams, organizations can enhance their cybersecurity posture and effectively defend against cyber threats targeting their OT systems.","updated_timestamp":{"seconds":1721781635,"nanoseconds":0},"speakers":[{"content_ids":[55347],"conference_id":133,"event_ids":[55739],"name":"Adam Robbie","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Palo Alto Networks","title":"Head of OT Security Research"}],"links":[],"pronouns":null,"media":[],"id":55946,"title":"Head of OT Security Research at Palo Alto Networks"},{"content_ids":[55347],"conference_id":133,"event_ids":[55739],"name":"Bradley Nash","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ExxonMobil Corporation","title":"IIT Perimeter Security Supervisor"}],"links":[],"pronouns":null,"media":[],"id":56052,"title":"IIT Perimeter Security Supervisor at ExxonMobil Corporation"}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T00:40:35Z","links":[],"end":"2024-08-09T22:55:00.000-0000","id":55739,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55946},{"tag_id":46167,"sort_order":4,"person_id":56052}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-07-24T00:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Space missions have increasingly been the subject in the context of security breaches and satellite hacks. The majority of discussions revolve around direct communication and access to spacecraft through means such as Software Defined Radio. However, the reality is that this approach isn't practical for most adversaries, as it requires substantial resources and is easily detectable due to the power and radio frequencies required to command a spacecraft. Instead, adversaries might shift their focus away from the Space Segment and opt for a more practical approach, such as accessing and exploiting the Ground Segment vulnerabilities and flaws in order to gain control over spacecraft. Every space mission comprises custom-made hardware and software components, which interact with each other utilizing dedicated protocols and standards designed and developed for this sole purpose. Numerous potential failure points can adversely impact a space mission, many of which persist on the ground. Considering the essential services they facilitate and the extent to which contemporary society relies on space technology, each component utilized in space missions should be regarded as integral to critical infrastructure and treated as such, particularly from a security standpoint. This study centers on the Space Link Extension (SLE) protocol, which is employed as a standard for communication between mission data systems and ground stations by various space agencies and organizations, including NASA and ESA. We will address the security concerns inherent in the SLE protocol. At the same time, we demonstrate methods and techniques malicious actors can employ to conduct a Denial of Service (DoS) or tap into the ground station communications, gaining control over an actual spacecraft. We will conclude this publication by presenting the reader with a possible mitigation strategy that we believe should be employed at the SLE protocol level. Additionally, we will outline a forecast for future work, detailing both planned endeavors and those already in progress, to further expand on this research.\n\n\n","media":[],"title":"Ground Control to Major Threat - Hacking the Space Link Extension Protocol","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Space missions have increasingly been the subject in the context of security breaches and satellite hacks. The majority of discussions revolve around direct communication and access to spacecraft through means such as Software Defined Radio. However, the reality is that this approach isn't practical for most adversaries, as it requires substantial resources and is easily detectable due to the power and radio frequencies required to command a spacecraft. Instead, adversaries might shift their focus away from the Space Segment and opt for a more practical approach, such as accessing and exploiting the Ground Segment vulnerabilities and flaws in order to gain control over spacecraft. Every space mission comprises custom-made hardware and software components, which interact with each other utilizing dedicated protocols and standards designed and developed for this sole purpose. Numerous potential failure points can adversely impact a space mission, many of which persist on the ground. Considering the essential services they facilitate and the extent to which contemporary society relies on space technology, each component utilized in space missions should be regarded as integral to critical infrastructure and treated as such, particularly from a security standpoint. This study centers on the Space Link Extension (SLE) protocol, which is employed as a standard for communication between mission data systems and ground stations by various space agencies and organizations, including NASA and ESA. We will address the security concerns inherent in the SLE protocol. At the same time, we demonstrate methods and techniques malicious actors can employ to conduct a Denial of Service (DoS) or tap into the ground station communications, gaining control over an actual spacecraft. We will conclude this publication by presenting the reader with a possible mitigation strategy that we believe should be employed at the SLE protocol level. Additionally, we will outline a forecast for future work, detailing both planned endeavors and those already in progress, to further expand on this research.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54578,54631],"conference_id":133,"event_ids":[54953,55005],"name":"Andrzej Olchawa","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/andrzejolchawa"},{"description":"","title":"Twitter (@0x4ndy)","sort_order":0,"url":"https://x.com/0x4ndy"},{"description":"","title":"andy.codes","sort_order":0,"url":"https://andy.codes"}],"media":[],"id":54248}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":54953,"tag_ids":[46169,46366,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54248}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Years progress, time passes, and medical devices are still vulnerable, with Hospital computer and network security being a hot topic on the minds of citizens and CISA/FDA/etc. If we do not get better now, things will get much worse in the future. My talk will cover some general mistakes observed within the Medical device topography, misnomers about SBOM and what it is and what it accomplishes, ideas for roadmaps for more secure devices and environments and discussions around CVEs relating to the medical device topography.\n\n\n","media":[],"title":"Dysfunctional Unity: The Road to Nowhere","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Years progress, time passes, and medical devices are still vulnerable, with Hospital computer and network security being a hot topic on the minds of citizens and CISA/FDA/etc. If we do not get better now, things will get much worse in the future. My talk will cover some general mistakes observed within the Medical device topography, misnomers about SBOM and what it is and what it accomplishes, ideas for roadmaps for more secure devices and environments and discussions around CVEs relating to the medical device topography.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54208,54577],"conference_id":133,"event_ids":[54581,54952],"name":"Michael \"v3ga\" Aguilar","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Secureworks Adversary Group","title":"Principle Consultant"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/v3gahax"},{"description":"","title":"Twitter (@v3ga_hax )","sort_order":0,"url":"https://twitter.com/v3ga_hax "}],"media":[],"id":53858,"title":"Principle Consultant at Secureworks Adversary Group"}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":54952,"tag_ids":[46169,46371,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":4,"person_id":53858}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this presentation, the core AI Red Team at Meta will take you on a journey through the story of Red Teaming the Llama 3 Large Language Model. This talk is perfect for anyone eager to delve into the complexity of advanced model Red Teaming and safety, as well as how to perform their own research to find new attacks should attend this talk. We’ll begin by exploring what AI Red Teaming is truly about, before exploring Meta’s process and approaches on the topic. The team will detail our methodology for discovering new risks within complex AI capabilities, how emergent capabilities may breed emergent risks, what types of attacks we’re looking to perform across different model capabilities and how or why the attacks even work. Moreover, we’ll explore insights into which lessons from decades of security expertise can – and cannot – be applied as we venture into a new era of AI trust and safety.\n\nThe team will then move on to how we used automation to scale attacks up, our novel approach to multi-turn adversarial AI agents and the systems we built to benchmark safety across a set of different high-risk areas. We also plan to discuss advanced cyber-attacks (both human and automated), Meta’s open benchmark CyberSecEvals and touch on Red Teaming for national security threats presented by state-of-the-art models. For each of these areas we’ll touch on various assessment and measurement challenges, ending on where we see the AI Red Teaming industry gaps, as well as where AI Safety is heading at a rapid pace.\n\n\n","media":[],"title":"Taming the Beast: Inside the Llama 3 Red Team Process","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T23:15:00Z","end_timestamp":{"seconds":1723245300,"nanoseconds":0},"android_description":"In this presentation, the core AI Red Team at Meta will take you on a journey through the story of Red Teaming the Llama 3 Large Language Model. This talk is perfect for anyone eager to delve into the complexity of advanced model Red Teaming and safety, as well as how to perform their own research to find new attacks should attend this talk. We’ll begin by exploring what AI Red Teaming is truly about, before exploring Meta’s process and approaches on the topic. The team will detail our methodology for discovering new risks within complex AI capabilities, how emergent capabilities may breed emergent risks, what types of attacks we’re looking to perform across different model capabilities and how or why the attacks even work. Moreover, we’ll explore insights into which lessons from decades of security expertise can – and cannot – be applied as we venture into a new era of AI trust and safety.\n\nThe team will then move on to how we used automation to scale attacks up, our novel approach to multi-turn adversarial AI agents and the systems we built to benchmark safety across a set of different high-risk areas. We also plan to discuss advanced cyber-attacks (both human and automated), Meta’s open benchmark CyberSecEvals and touch on Red Teaming for national security threats presented by state-of-the-art models. For each of these areas we’ll touch on various assessment and measurement challenges, ending on where we see the AI Red Teaming industry gaps, as well as where AI Safety is heading at a rapid pace.","updated_timestamp":{"seconds":1720307459,"nanoseconds":0},"speakers":[{"content_ids":[54464],"conference_id":133,"event_ids":[54837],"name":"Maya Pavlova","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Meta","title":"Software Engineer, GenAI Trust & Safety"}],"links":[],"pronouns":null,"media":[],"id":54048,"title":"Software Engineer, GenAI Trust & Safety at Meta"},{"content_ids":[54464],"conference_id":133,"event_ids":[54837],"name":"Ivan Evtimov","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Meta","title":"Red Teaming Research Scientist, Gen AI Trust & Safety"}],"links":[],"pronouns":null,"media":[],"id":54078,"title":"Red Teaming Research Scientist, Gen AI Trust & Safety at Meta"},{"content_ids":[54464],"conference_id":133,"event_ids":[54837],"name":"Joanna Bitton","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Meta","title":"Software Engineer, GenAI Trust & Safety"}],"links":[],"pronouns":null,"media":[],"id":54181,"title":"Software Engineer, GenAI Trust & Safety at Meta"},{"content_ids":[54464],"conference_id":133,"event_ids":[54837],"name":"Aaron \"dyn\" Grattafiori","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Meta","title":"Lead, AI Red Teaming"}],"links":[],"pronouns":"he/him","media":[],"id":54205,"title":"Lead, AI Red Teaming at Meta"}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:59Z","links":[],"end":"2024-08-09T23:15:00.000-0000","id":54837,"tag_ids":[46166,46419,46880],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54205},{"tag_id":46167,"sort_order":4,"person_id":54078},{"tag_id":46167,"sort_order":6,"person_id":54181},{"tag_id":46167,"sort_order":8,"person_id":54048}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AI is transforming social engineering. Using tools like ChatGPT, Gemini, and Copilot, attackers can make phishing and vishing attacks nearly impossible to distinguish from legitimate Interactions. This presentation will demonstrate how virtually anyone with a pulse can now use AI to craft sophisticated phishing sites and conduct vishing operations with unprecedented subtlety and effectiveness. These next-generation techniques are transforming the landscape of social engineering. \r\n\r\nYou will learn how to replicate these advanced techniques to elevate your own social-engineering game. You will learn how criminals can manipulate AI tools to simulate real-world attacks and gain a deeper insight into their tactics. You’ll learn how to use A.I. to enhance how you attack now & ways for it to supplement skills you don’t currently have. \r\n\r\nYou will learn how to leverage these techniques to transform an organization’s, traditional, “security awareness” mentality into a “situational awareness” mindset. Using real-world examples, we demonstrate turning potential threats into teachable moments. \r\n\r\nThis session is essential for anyone looking to harness the power of AI in hacking and Red Teaming. We offer practical skills to engage employees and enhance your approach to social engineering both offensively and defensively. And yes, we do this with a certain theme in mind as I ENGAGE the audience as we boldly go where no Hackers have gone before!\r\n\r\n1. [link](https://www.nytimes.com/1973/03/25/archives/the-horseless-carriage-means-troublele.html)\r\n2. [link](https://www.seacoastnh.com/electricity-sparks-fears-in-1900/)\r\n3. [link](https://www.technologyreview.com/2024/01/27/1087041/technological-unemployment-elon-musk-jobs-ai/)\r\n4. [link](https://www.euronews.com/health/2023/12/31/scientists-discover-the-first-new-antibiotics-in-over-60-years-using-ai)\r\n5. [link](https://www.languagemagazine.com/2023/05/31/the-importance-of-artificial-intelligence-in-education-for-all-students/)\r\n6. [link](https://www.weforum.org/agenda/2024/02/ai-combat-climate-change/)\r\n7. [link](https://cyberconiq.com/blog/how-hackers-are-using-ai-for-social-engineering/)\r\n8. [link](https://www.forbes.com/sites/forbestechcouncil/2023/05/26/how-ai-is-changing-social-engineering-forever/?sh=1f0ac29f321b)\r\n9. [link](https://chat.openai.com/)\r\n10. [link](https://www.politifact.com/factchecks/2024/jan/22/robocaller/fake-joe-biden-robocall-in-new-hampshire-tells-dem/)\r\n11. [link](https://thehackernews.com/2024/02/chinese-hackers-using-deepfakes-in.html)\r\n12. [link](https://www.entrepreneur.com/business-news/a-deepfake-phone-call-dupes-an-employee-into-giving-away/414109)\r\n13. [link](https://www.facebook.com/0copter/posts/2435859133141081/)\r\n14. [link](https://hackerrangers.com/)\r\n\n\n\n","media":[],"title":"Social Engineering Like you’re Picard","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T23:15:00Z","end_timestamp":{"seconds":1723245300,"nanoseconds":0},"android_description":"AI is transforming social engineering. Using tools like ChatGPT, Gemini, and Copilot, attackers can make phishing and vishing attacks nearly impossible to distinguish from legitimate Interactions. This presentation will demonstrate how virtually anyone with a pulse can now use AI to craft sophisticated phishing sites and conduct vishing operations with unprecedented subtlety and effectiveness. These next-generation techniques are transforming the landscape of social engineering. \r\n\r\nYou will learn how to replicate these advanced techniques to elevate your own social-engineering game. You will learn how criminals can manipulate AI tools to simulate real-world attacks and gain a deeper insight into their tactics. You’ll learn how to use A.I. to enhance how you attack now & ways for it to supplement skills you don’t currently have. \r\n\r\nYou will learn how to leverage these techniques to transform an organization’s, traditional, “security awareness” mentality into a “situational awareness” mindset. Using real-world examples, we demonstrate turning potential threats into teachable moments. \r\n\r\nThis session is essential for anyone looking to harness the power of AI in hacking and Red Teaming. We offer practical skills to engage employees and enhance your approach to social engineering both offensively and defensively. And yes, we do this with a certain theme in mind as I ENGAGE the audience as we boldly go where no Hackers have gone before!\r\n\r\n1. [link](https://www.nytimes.com/1973/03/25/archives/the-horseless-carriage-means-troublele.html)\r\n2. [link](https://www.seacoastnh.com/electricity-sparks-fears-in-1900/)\r\n3. [link](https://www.technologyreview.com/2024/01/27/1087041/technological-unemployment-elon-musk-jobs-ai/)\r\n4. [link](https://www.euronews.com/health/2023/12/31/scientists-discover-the-first-new-antibiotics-in-over-60-years-using-ai)\r\n5. [link](https://www.languagemagazine.com/2023/05/31/the-importance-of-artificial-intelligence-in-education-for-all-students/)\r\n6. [link](https://www.weforum.org/agenda/2024/02/ai-combat-climate-change/)\r\n7. [link](https://cyberconiq.com/blog/how-hackers-are-using-ai-for-social-engineering/)\r\n8. [link](https://www.forbes.com/sites/forbestechcouncil/2023/05/26/how-ai-is-changing-social-engineering-forever/?sh=1f0ac29f321b)\r\n9. [link](https://chat.openai.com/)\r\n10. [link](https://www.politifact.com/factchecks/2024/jan/22/robocaller/fake-joe-biden-robocall-in-new-hampshire-tells-dem/)\r\n11. [link](https://thehackernews.com/2024/02/chinese-hackers-using-deepfakes-in.html)\r\n12. [link](https://www.entrepreneur.com/business-news/a-deepfake-phone-call-dupes-an-employee-into-giving-away/414109)\r\n13. [link](https://www.facebook.com/0copter/posts/2435859133141081/)\r\n14. [link](https://hackerrangers.com/)","updated_timestamp":{"seconds":1720462568,"nanoseconds":0},"speakers":[{"content_ids":[55686,54463],"conference_id":133,"event_ids":[56353,56209,54836],"name":"Jayson E. Street","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"HackerAdventures.world","sort_order":0,"url":"https://HackerAdventures.world"},{"description":"","title":"Twitter (@jaysonstreet)","sort_order":0,"url":"https://twitter.com/jaysonstreet"},{"description":"","title":"Website","sort_order":0,"url":"https://JaysonEStreet.com"}],"media":[],"id":54170}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:16:08Z","links":[],"end":"2024-08-09T23:15:00.000-0000","id":54836,"tag_ids":[46166,46169,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54170}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-07-08T18:16:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"“What do you mean I can’t bring my car keys into this building?” \r\n\r\n“No internet?? But how do I download things from GitHub?” \r\n\r\nJoin a recovering government attorney and an open-source hacker for a fiery debate that dives into the world of DoD cybersecurity inefficiencies. Rebecca, a former DoD lawyer, pairs her intricate understanding of perplexing government policies with Eddie’s fresh, critical (and dare we say naive?) insights from the private sector. This session will explore the frustrating “how” behind the government’s “why,” from slow booting government laptops to the realities of “military-grade technology.” Together, they will challenge the status quo, proposing innovative, open-source inspired solutions to streamline and secure DoD operations. Expect a dynamic exchange filled with real-world frustrations, enlightening explanations, and a hacker’s touch on how to fix what’s broken.\n\n\n","media":[],"title":"Open Source Hacker Vs. Government Lawyer: Clashing Views on Fixing Tech in the DoD\r\n","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"“What do you mean I can’t bring my car keys into this building?” \r\n\r\n“No internet?? But how do I download things from GitHub?” \r\n\r\nJoin a recovering government attorney and an open-source hacker for a fiery debate that dives into the world of DoD cybersecurity inefficiencies. Rebecca, a former DoD lawyer, pairs her intricate understanding of perplexing government policies with Eddie’s fresh, critical (and dare we say naive?) insights from the private sector. This session will explore the frustrating “how” behind the government’s “why,” from slow booting government laptops to the realities of “military-grade technology.” Together, they will challenge the status quo, proposing innovative, open-source inspired solutions to streamline and secure DoD operations. Expect a dynamic exchange filled with real-world frustrations, enlightening explanations, and a hacker’s touch on how to fix what’s broken.","updated_timestamp":{"seconds":1720394584,"nanoseconds":0},"speakers":[{"content_ids":[54576],"conference_id":133,"event_ids":[54951],"name":"Eddie Zaneski","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Defense Unicorns","title":"Open Source Tech Lead"}],"links":[],"pronouns":null,"media":[],"id":54257,"title":"Open Source Tech Lead at Defense Unicorns"},{"content_ids":[54576],"conference_id":133,"event_ids":[54951],"name":"Rebecca Lively","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Defense Unicorns","title":"Polymath"}],"links":[],"pronouns":null,"media":[],"id":54365,"title":"Polymath at Defense Unicorns"}],"begin_tsz":"2024-08-09T22:15:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T23:23:04Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":54951,"tag_ids":[46388,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723241700,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54257},{"tag_id":46167,"sort_order":1,"person_id":54365}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-09T22:15:00.000-0000","updated":"2024-07-07T23:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A CI/CD pipeline is a sequence of steps designed to automate the software delivery process. DevOps environments consist of multiple systems that collaborate to facilitate CI/CD pipelines. However, DevOps systems are significant targets for attackers due to their possession of credentials and access keys for various components, including domain accounts, databases, and cloud assets.\nEpyon is a versatile tool for red teamers to target common DevOps systems. It is open source and written entirely in Golang. Moreover, it features multiple modules, such as GitLab, SonarQube, and Azure DevOps.\nDuring this demonstration, I will present examples (based on real project experiences) of how to utilize Epyon for privilege escalation and lateral movement within a DevOps environment.\n\n\n","media":[],"title":"Epyon - Attacking DevOps environments","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:40:00Z","end_timestamp":{"seconds":1723243200,"nanoseconds":0},"android_description":"A CI/CD pipeline is a sequence of steps designed to automate the software delivery process. DevOps environments consist of multiple systems that collaborate to facilitate CI/CD pipelines. However, DevOps systems are significant targets for attackers due to their possession of credentials and access keys for various components, including domain accounts, databases, and cloud assets.\nEpyon is a versatile tool for red teamers to target common DevOps systems. It is open source and written entirely in Golang. Moreover, it features multiple modules, such as GitLab, SonarQube, and Azure DevOps.\nDuring this demonstration, I will present examples (based on real project experiences) of how to utilize Epyon for privilege escalation and lateral movement within a DevOps environment.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55486],"conference_id":133,"event_ids":[55915],"name":"Victor Pasknel","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"pasknel","sort_order":0,"url":"https://pasknel"}],"media":[],"id":56018}],"begin_tsz":"2024-08-09T22:10:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T22:40:00.000-0000","id":55915,"tag_ids":[46169,46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723241400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":56018}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T22:10:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Curious about mobile phone privacy? Come on over for this workshop with lots of direct Q&A!\n\n\n","media":[],"title":"Basic Mobile Phone Privacy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T22:30:00Z","end_timestamp":{"seconds":1723242600,"nanoseconds":0},"android_description":"Curious about mobile phone privacy? Come on over for this workshop with lots of direct Q&A!","updated_timestamp":{"seconds":1723249495,"nanoseconds":0},"speakers":[{"content_ids":[54553,56218],"conference_id":133,"event_ids":[56872,56878,54928],"name":"Grey Fox","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54320}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-10T00:24:55Z","links":[],"end":"2024-08-09T22:30:00.000-0000","id":56872,"tag_ids":[46377,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54320}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-10T00:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Generative AI vs Crusty NCO","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723225140,"nanoseconds":0},"speakers":[{"content_ids":[56210],"conference_id":133,"event_ids":[56864],"name":"Col Travis Hartman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56602}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T17:39:00Z","links":[],"end":"2024-08-09T22:45:00.000-0000","id":56864,"tag_ids":[46409,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56602}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W213-W214","hotel":"","short_name":"W213-W214","id":46286},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-09T17:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Before you can deal with secrets sprawl, you first need to understand how deep the issue of plaintext secrets can be. Improperly stored and shared secrets are a problem beyond just the top layer of code you put in production. It affects feature branches, old commits, logs, and communication and collaboration tools.\r\n\r\nIn this exercise, you will be challenged to find all the secrets and then use a special tool to quickly validate the secrets and your work. Walk away from this exercise ready to apply the lessons learned to make your organization safer in no time.\n\n\n","media":[],"title":"Activity: Spot the Secrets: Finding Secrets Throughout Your Environments by GitGuardian","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"Before you can deal with secrets sprawl, you first need to understand how deep the issue of plaintext secrets can be. Improperly stored and shared secrets are a problem beyond just the top layer of code you put in production. It affects feature branches, old commits, logs, and communication and collaboration tools.\r\n\r\nIn this exercise, you will be challenged to find all the secrets and then use a special tool to quickly validate the secrets and your work. Walk away from this exercise ready to apply the lessons learned to make your organization safer in no time.","updated_timestamp":{"seconds":1723007453,"nanoseconds":0},"speakers":[{"content_ids":[56165],"conference_id":133,"event_ids":[56809,56817,56818],"name":"mcdwayne","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56551}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T05:10:53Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":56817,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56551}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 2","hotel":"","short_name":"ASV Pod 2","id":46467},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-07T05:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for a revealing exploration of open-source trust and its vulnerabilities. In this captivating activity, we will delve into the fascinating world of developer credibility and the unsettling phenomenon of faking GitHub contributions. With open source becoming an integral part of software development, we find ourselves relying on strangers to provide us with code. Trust is often based on factors like the number of stars on a package or the credibility of the package’s maintainer on GitHub. However, what if I told you that all of this could be convincingly spoofed?\n\n\n","media":[],"title":"Activity: Hacking Developers’ Trust – Faking GitHub Contribution by Checkmarx","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"Join us for a revealing exploration of open-source trust and its vulnerabilities. In this captivating activity, we will delve into the fascinating world of developer credibility and the unsettling phenomenon of faking GitHub contributions. With open source becoming an integral part of software development, we find ourselves relying on strangers to provide us with code. Trust is often based on factors like the number of stars on a package or the credibility of the package’s maintainer on GitHub. However, what if I told you that all of this could be convincingly spoofed?","updated_timestamp":{"seconds":1723007375,"nanoseconds":0},"speakers":[{"content_ids":[55713,56163],"conference_id":133,"event_ids":[56807,56814,56239],"name":"Ori Ron","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56076},{"content_ids":[55713,56163],"conference_id":133,"event_ids":[56807,56814,56239],"name":"Tal Folkman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56087},{"content_ids":[56163,56167],"conference_id":133,"event_ids":[56807,56811,56814,56823],"name":"Mário Leitão-Teixeira","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56550}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T05:09:35Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":56807,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56087},{"tag_id":46167,"sort_order":4,"person_id":56076},{"tag_id":46167,"sort_order":6,"person_id":56550}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 3","hotel":"","short_name":"ASV Pod 3","id":46468},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-07T05:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Our software systems are vulnerable. Imagine a world where they're not. DARPA's Information Innovation Office discusses the agency's mission in closing the software vulnerability gap\n\n\n","media":[],"title":"Closing the Software Vulnerability Gap","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"Our software systems are vulnerable. Imagine a world where they're not. DARPA's Information Innovation Office discusses the agency's mission in closing the software vulnerability gap","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[56128],"conference_id":133,"event_ids":[56771],"name":"Dr. Kathleen Fisher","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DARPA","title":"DARPA Information Innovation Office Director"}],"pronouns":"she/her","links":[{"description":"","title":"DARPA Profile","sort_order":0,"url":"https://www.darpa.mil/staff/dr-kathleen-fisher"},{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/kathleen-fisher-4000964"}],"media":[],"id":56518,"title":"DARPA Information Innovation Office Director at DARPA"}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-09T22:45:00.000-0000","id":56771,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56518}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Hands-on workshop","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722715708,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T20:08:28Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":56609,"tag_ids":[46367,46734],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-03T20:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"One of the major problems faced by law enforcement and investigators is the process of identifying threat actors who use the tor network. The purpose of this work is to show that sometimes these Threat Actors fall into the same problems as other victims of malicious artifacts on the Internet.\n\n\n","media":[],"title":"Removing OPSEC from Cyber Predators and Threat Actors","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"One of the major problems faced by law enforcement and investigators is the process of identifying threat actors who use the tor network. The purpose of this work is to show that sometimes these Threat Actors fall into the same problems as other victims of malicious artifacts on the Internet.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55963,55976],"conference_id":133,"event_ids":[56579,56592],"name":"Thiago Bordini","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Head Cyber Threat Intelligence"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@tbordini)","sort_order":0,"url":"https://www.twitter.com/tbordini"}],"media":[],"id":56298,"title":"Head Cyber Threat Intelligence"}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56579,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56298}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is an AMA/Podcast that will be recorded on-site.\n\n\n","media":[],"title":"Interview - Scott Helme, Hosted by Shubham","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"This is an AMA/Podcast that will be recorded on-site.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55903],"conference_id":133,"event_ids":[56490],"name":"Scott Helme","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56281},{"content_ids":[55903],"conference_id":133,"event_ids":[56490],"name":"Shubham","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56282}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56490,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56281},{"tag_id":46167,"sort_order":4,"person_id":56282}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"After this interactive talk, you will never see images the same way again. This enlightening session explores the dynamic realm of GEOINT (Geospatial Intelligence), a captivating subset of OSINT (Open Source Intelligence) that unlocks a wealth of hidden insights within images and videos. From identifying objects, landscapes, and aircraft to interpreting symbols, shadows, and reflections, we'll go deep into the art of imagery analysis. Learn how to decode the language of trees, signs, text and logos, and uncover the strategic implications behind seemingly mundane details using common browser tools. This talk promises to equip you with mind-blowing skills that you can easily learn as I take you through multiple demos.\n\n\n","media":[],"title":"GeoINT Mastery: A pixel is worth a thousand words","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"After this interactive talk, you will never see images the same way again. This enlightening session explores the dynamic realm of GEOINT (Geospatial Intelligence), a captivating subset of OSINT (Open Source Intelligence) that unlocks a wealth of hidden insights within images and videos. From identifying objects, landscapes, and aircraft to interpreting symbols, shadows, and reflections, we'll go deep into the art of imagery analysis. Learn how to decode the language of trees, signs, text and logos, and uncover the strategic implications behind seemingly mundane details using common browser tools. This talk promises to equip you with mind-blowing skills that you can easily learn as I take you through multiple demos.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55276,55902],"conference_id":133,"event_ids":[55666,56489],"name":"Mishaal Khan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@mish3alkhan)","sort_order":0,"url":"https://twitter.com/mish3alkhan"}],"media":[],"id":55829}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T22:45:00.000-0000","id":56489,"tag_ids":[46391,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55829}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"One of the best parts of DEF CON is the glitz and glam of Vegas, the gambling capital of the world. Many have explored hacking casinos (on and off stage). Unfortunately, it’s just not like it is portrayed in the Oceans franchise.. in real life there’s much less action, no George Clooney, and it’s a lot harder to pull off a heist than it seems.\n\nWell fortunately I’m not your typical hacker, I’m an AI hacker. I use adversarial machine learning techniques to disrupt, deceive and disclose information from Artificial Intelligence systems. I chose my target carefully: Canberra Casino. It’s the best casino in my city.. It’s also the only casino but that’s not the point.\n\nThe casino industry is at an interesting inflection point. Many large casinos have already adopted AI for surveillance and gameplay monitoring, smaller casinos are starting to make the transition, and there’s only a couple of companies in the world that provide this software. It’s ripe for exploitation.\n\nIn this talk I’m going to show you how I bypassed casino AI systems - facial recognition, surveillance systems and game monitoring. AI Security is the new cyber security threat, and attacks on AI systems could have broad implications including misdiagnoses in medical imaging, navigation errors in autonomous vehicles.. and successful casino heists.\n\n\n","media":[],"title":"On Your Ocean’s 11 Team, I’m the AI Guy (technically Girl)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"One of the best parts of DEF CON is the glitz and glam of Vegas, the gambling capital of the world. Many have explored hacking casinos (on and off stage). Unfortunately, it’s just not like it is portrayed in the Oceans franchise.. in real life there’s much less action, no George Clooney, and it’s a lot harder to pull off a heist than it seems.\n\nWell fortunately I’m not your typical hacker, I’m an AI hacker. I use adversarial machine learning techniques to disrupt, deceive and disclose information from Artificial Intelligence systems. I chose my target carefully: Canberra Casino. It’s the best casino in my city.. It’s also the only casino but that’s not the point.\n\nThe casino industry is at an interesting inflection point. Many large casinos have already adopted AI for surveillance and gameplay monitoring, smaller casinos are starting to make the transition, and there’s only a couple of companies in the world that provide this software. It’s ripe for exploitation.\n\nIn this talk I’m going to show you how I bypassed casino AI systems - facial recognition, surveillance systems and game monitoring. AI Security is the new cyber security threat, and attacks on AI systems could have broad implications including misdiagnoses in medical imaging, navigation errors in autonomous vehicles.. and successful casino heists.","updated_timestamp":{"seconds":1722625241,"nanoseconds":0},"speakers":[{"content_ids":[54612,54447,55880],"conference_id":133,"event_ids":[56465,54820,54986],"name":"Harriet Farlow","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Mileva Security Labs","title":"CEO"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/harriet-farlow-654963b7/"},{"description":"","title":"YouTube","sort_order":0,"url":"https://www.youtube.com/@HarrietHacks"},{"description":"","title":"www.harriethacks.com/","sort_order":0,"url":"https://www.harriethacks.com/"},{"description":"","title":"www.mileva.com.au/about-us","sort_order":0,"url":"https://www.mileva.com.au/about-us"}],"media":[],"id":54195,"title":"CEO at Mileva Security Labs"}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:00:41Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56465,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54195}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-02T19:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this two-part presentation, we will explore the workings of trapped-ion quantum computers. The first part provides an introduction to the fundamental concepts of quantum computation, as well as the scientific principles behind implementing these concepts with lasers and trapped ions. The second part delves into the practical aspects of trapped-ion quantum computing by following a quantum circuit through the process of compilation and execution by control electronics.\n\n\n","media":[],"title":"Trapped Ion Quantum Computing Systems - Behind The Scenes: from the physics to control electronics","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"In this two-part presentation, we will explore the workings of trapped-ion quantum computers. The first part provides an introduction to the fundamental concepts of quantum computation, as well as the scientific principles behind implementing these concepts with lasers and trapped ions. The second part delves into the practical aspects of trapped-ion quantum computing by following a quantum circuit through the process of compilation and execution by control electronics.","updated_timestamp":{"seconds":1722865255,"nanoseconds":0},"speakers":[{"content_ids":[55845],"conference_id":133,"event_ids":[56432],"name":"Daiwei Zhu","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56222},{"content_ids":[55845],"conference_id":133,"event_ids":[56432],"name":"Rick Altherr","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56223}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-05T13:40:55Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56432,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56222},{"tag_id":46167,"sort_order":4,"person_id":56223}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-05T13:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Regardless of where it is hosted, a codebase could end up in the hands of malicious actors. Aside from the open source scenario, attackers may utilize sophisticated techniques to access and download it. An example is Okta's 2022 breach, in which the source code of the identity and access management platform was obtained from GitHub.\r\n\r\nDevelopers are advised to adopt a shift-left approach, uncovering as many code flaws as possible before releasing it to the public.\r\n\r\n\"The Open Source Fortress\" will provide a framework for detecting vulnerabilities in codebases with open-source tools. The examples imply the discovery of vulnerabilities in a custom, purposefully vulnerable codebase written in C and Python. Static techniques such as symbolic execution, secret scanning, code querying, and dependency scanning will be discussed, as will dynamic techniques such as fuzzing.\n\n\n","media":[],"title":"The Open Source Fortress: Finding Vulnerabilities in Your Codebase Using Open Source Tools","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T00:30:00Z","end_timestamp":{"seconds":1723249800,"nanoseconds":0},"android_description":"Regardless of where it is hosted, a codebase could end up in the hands of malicious actors. Aside from the open source scenario, attackers may utilize sophisticated techniques to access and download it. An example is Okta's 2022 breach, in which the source code of the identity and access management platform was obtained from GitHub.\r\n\r\nDevelopers are advised to adopt a shift-left approach, uncovering as many code flaws as possible before releasing it to the public.\r\n\r\n\"The Open Source Fortress\" will provide a framework for detecting vulnerabilities in codebases with open-source tools. The examples imply the discovery of vulnerabilities in a custom, purposefully vulnerable codebase written in C and Python. Static techniques such as symbolic execution, secret scanning, code querying, and dependency scanning will be discussed, as will dynamic techniques such as fuzzing.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55740],"conference_id":133,"event_ids":[56266],"name":"iosifache","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56116}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T00:30:00.000-0000","id":56266,"tag_ids":[46370,46734],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56116}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Classroom","hotel":"","short_name":"ASV Classroom","id":46465},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As the adoption of CI/CD practices continues to grow, securing these pipelines has become increasingly important. However, identifying vulnerabilities in CI/CD pipelines can be daunting, especially at scale. In this talk, we present our tooling, which we intend to release as open-source software to the public that helped us uncover hundreds of vulnerabilities in popular open-source projects' CI/CD pipelines.\r\n\r\nRAVEN (Risk Analysis and Vulnerability Enumeration for CI/CD) is a powerful security tool designed to perform massive scans for GitHub Actions CI workflows and digest the discovered data into a Neo4j database. With RAVEN, we were able to identify and address potential security vulnerabilities in some of the most popular repositories hosted on GitHub, including FreeCodeCamp, Fluent UI by Microsoft, and much more. \r\nThis tool provides a reliable and scalable solution for security analysis, enabling users to query the database and gain insights about their codebase's security posture\n\n\n","media":[],"title":"Arsenal: Introducing RAVEN - Discovering and Analyzing CI/CD Vulnerabilities in Scale","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"As the adoption of CI/CD practices continues to grow, securing these pipelines has become increasingly important. However, identifying vulnerabilities in CI/CD pipelines can be daunting, especially at scale. In this talk, we present our tooling, which we intend to release as open-source software to the public that helped us uncover hundreds of vulnerabilities in popular open-source projects' CI/CD pipelines.\r\n\r\nRAVEN (Risk Analysis and Vulnerability Enumeration for CI/CD) is a powerful security tool designed to perform massive scans for GitHub Actions CI workflows and digest the discovered data into a Neo4j database. With RAVEN, we were able to identify and address potential security vulnerabilities in some of the most popular repositories hosted on GitHub, including FreeCodeCamp, Fluent UI by Microsoft, and much more. \r\nThis tool provides a reliable and scalable solution for security analysis, enabling users to query the database and gain insights about their codebase's security posture","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55724,55742],"conference_id":133,"event_ids":[56242,56255],"name":"Oreen Livni","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56075},{"content_ids":[55724,55742],"conference_id":133,"event_ids":[56242,56255],"name":"Elad Pticha","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56111}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56242,"tag_ids":[46169,46370,46438,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"Tool 🛠, Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":56111},{"tag_id":46167,"sort_order":1,"person_id":56075}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Arsenal 2","hotel":"","short_name":"ASV Arsenal 2","id":46470},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"HunterBounter is an open-source tool designed to automate the scanning processes of tools like OpenVAS and ZAP Proxy using multiple Docker containers. Each container establishes a VPN connection to bypass security measures like IP bans during automated scans. The tool simplifies automated scanning for bug bounty hunters and penetration testers. Development is ongoing to integrate more open-source products for mobile, web application, and network scanning.\r\n\r\nMore information about the tool:\r\nhttps://hunterbounter.com\r\nSource code:\r\nhttps://github.com/hunterbounter\r\n\r\nDemo Platform:\r\nhttps://panel.hunterbounter.com\r\nUsername:\r\nAppSecVillage\r\nPassword:\r\ngX8Q.Ja7!RMHD.kzSp!Zyu?AWGV\n\n\n","media":[],"title":"Arsenal: HunterBounter - Swiss Army Knife for Bug Bounty","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"HunterBounter is an open-source tool designed to automate the scanning processes of tools like OpenVAS and ZAP Proxy using multiple Docker containers. Each container establishes a VPN connection to bypass security measures like IP bans during automated scans. The tool simplifies automated scanning for bug bounty hunters and penetration testers. Development is ongoing to integrate more open-source products for mobile, web application, and network scanning.\r\n\r\nMore information about the tool:\r\nhttps://hunterbounter.com\r\nSource code:\r\nhttps://github.com/hunterbounter\r\n\r\nDemo Platform:\r\nhttps://panel.hunterbounter.com\r\nUsername:\r\nAppSecVillage\r\nPassword:\r\ngX8Q.Ja7!RMHD.kzSp!Zyu?AWGV","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55741],"conference_id":133,"event_ids":[56241],"name":"Utku Yildirim","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56093}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56241,"tag_ids":[46169,46370,46438,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"Tool 🛠, Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":56093}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Arsenal 1","hotel":"","short_name":"ASV Arsenal 1","id":46469},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us at Telecom Village, DEFCON for a workshop on 2G and 3G network architectures and SS7 protocols. Gain a deep understanding of GSM and 3G networks, discover SS7 vulnerabilities, and engage in hands-on activities to simulate and analyze SS7 attacks. Designed for telecom professionals, cybersecurity enthusiasts, and researchers, this session aims to enhance your knowledge and security awareness in legacy telecom infrastructures\n\n\n","media":[{"hash_sha256":"7d3bdf3ae394c5e5397b08f6342618b88ed69dd84ce34f5a64cc3d532a303a4f","filetype":"image/webp","hash_md5":"d511b3850ee1b7e3d01cff37209be59b","name":"content_telecom_telecomtimemachine.webp","is_logo":"Y","hash_crc32c":"2053e9e5","filesize":161152,"asset_id":826,"sort_order":1,"url":"https://info.defcon.org/blobs/content_telecom_telecomtimemachine.webp"}],"title":"Telecom Time Machine","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"Join us at Telecom Village, DEFCON for a workshop on 2G and 3G network architectures and SS7 protocols. Gain a deep understanding of GSM and 3G networks, discover SS7 vulnerabilities, and engage in hands-on activities to simulate and analyze SS7 attacks. Designed for telecom professionals, cybersecurity enthusiasts, and researchers, this session aims to enhance your knowledge and security awareness in legacy telecom infrastructures","updated_timestamp":{"seconds":1722352176,"nanoseconds":0},"speakers":[{"content_ids":[55560],"conference_id":133,"event_ids":[56075],"name":"Nadeem Bagwan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/nadeem-bagwan-777856126/"}],"media":[],"id":56032}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T15:09:36Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":56075,"tag_ids":[46395,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56032}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W201","hotel":"","short_name":"W201","id":46281},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-30T15:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Breaking into the capture the flag (CTF) world can be daunting and many people are overwhelmed when faced with participation in these events and challenges. With how beneficial the various challenges can be to both beginners and seasoned professionals, we want to demystify this world and help people get the most out of them. This is a full hands-on course on how to do CTFs, tools and more. Bring your laptops!\n\n\n","media":[],"title":"C2Society / DC702 Intro to CTFs","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Breaking into the capture the flag (CTF) world can be daunting and many people are overwhelmed when faced with participation in these events and challenges. With how beneficial the various challenges can be to both beginners and seasoned professionals, we want to demystify this world and help people get the most out of them. This is a full hands-on course on how to do CTFs, tools and more. Bring your laptops!","updated_timestamp":{"seconds":1722361378,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T17:42:58Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55757,"tag_ids":[46398,46641],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-30T17:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ethernet for Plant Automation (EPA) is one of the global variety of IEC 61158 standards, developed as a regionalized versions of Fieldbus standards, used predominantly in industrial settings with prohibitive latency and durability requirements. EPA in particular seems to be used exclusively in the People's Republic of China, and largely for power stations.\r\n\r\nIn this talk, I will cover the standard through both IEC and GB/T documents, both in English and Mandarin, the protocol's history used in sensitive national projects, and what supporting the standard is like. I'll even dive in to some example software and hardware that use the standard, and show some POC code for interacting with EPA devices, should you be lucky enough to find yourself on a network with an EPA-supported router or PLC.\n\n\n","media":[],"title":"The People's Republic of Fieldbus: What to know about EPA","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:25:00Z","end_timestamp":{"seconds":1723242300,"nanoseconds":0},"android_description":"Ethernet for Plant Automation (EPA) is one of the global variety of IEC 61158 standards, developed as a regionalized versions of Fieldbus standards, used predominantly in industrial settings with prohibitive latency and durability requirements. EPA in particular seems to be used exclusively in the People's Republic of China, and largely for power stations.\r\n\r\nIn this talk, I will cover the standard through both IEC and GB/T documents, both in English and Mandarin, the protocol's history used in sensitive national projects, and what supporting the standard is like. I'll even dive in to some example software and hardware that use the standard, and show some POC code for interacting with EPA devices, should you be lucky enough to find yourself on a network with an EPA-supported router or PLC.","updated_timestamp":{"seconds":1721781610,"nanoseconds":0},"speakers":[{"content_ids":[55346],"conference_id":133,"event_ids":[55738],"name":"Jonathan Reiter","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55957}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T00:40:10Z","links":[],"end":"2024-08-09T22:25:00.000-0000","id":55738,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55957}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-24T00:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"On April 30th, the White House released National Security Memorandum-22 (NSM) on Critical Infrastructure Security and Resilience, which updates national policy on how the U.S. government protects and secures critical infrastructure from cyber and all-hazard threats. NSM-22 recognizes the changed risk landscape over the past decade and leverages the enhanced authorities of federal departments and agencies to implement a new risk management cycle that prioritizes collaborating with partners to identify and mitigate sector, cross-sector, and nationally significant risk. The culmination of this cycle is the creation of the National Infrastructure Risk Management Plan (National Plan)—thereby replacing the 2013 National Infrastructure Protection Plan—and will guide the Federal effort to mitigate cross-sector and national risks to critical infrastructure. As the National Coordinator for critical infrastructure security and resilience, CISA will develop this National Plan to be forward-looking and one that employs all available Federal tools, resources, and authorities to manage and reduce national-level risks, including those cascading across critical infrastructure sectors. In other words, the National Plan will be the federal government’s comprehensive plan to mitigate and manage cross-sector risk. And that is why CISA is asking for you to help us and Sector Risk Management Agencies (SRMAs) over the course of the year as we develop this foundational document. During this session, two of the CISA leads when it comes to drafting this document will briefly walk through their approach, and then the rest of the session will be devoted to guided discussion and feedback.\n\n\n","media":[],"title":"NSM-22 and the National Risk Management Plan: CISA Wants to Hear from You on How to Protect Our Nation’s Critical Infrastructure","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:45:00Z","end_timestamp":{"seconds":1723247100,"nanoseconds":0},"android_description":"On April 30th, the White House released National Security Memorandum-22 (NSM) on Critical Infrastructure Security and Resilience, which updates national policy on how the U.S. government protects and secures critical infrastructure from cyber and all-hazard threats. NSM-22 recognizes the changed risk landscape over the past decade and leverages the enhanced authorities of federal departments and agencies to implement a new risk management cycle that prioritizes collaborating with partners to identify and mitigate sector, cross-sector, and nationally significant risk. The culmination of this cycle is the creation of the National Infrastructure Risk Management Plan (National Plan)—thereby replacing the 2013 National Infrastructure Protection Plan—and will guide the Federal effort to mitigate cross-sector and national risks to critical infrastructure. As the National Coordinator for critical infrastructure security and resilience, CISA will develop this National Plan to be forward-looking and one that employs all available Federal tools, resources, and authorities to manage and reduce national-level risks, including those cascading across critical infrastructure sectors. In other words, the National Plan will be the federal government’s comprehensive plan to mitigate and manage cross-sector risk. And that is why CISA is asking for you to help us and Sector Risk Management Agencies (SRMAs) over the course of the year as we develop this foundational document. During this session, two of the CISA leads when it comes to drafting this document will briefly walk through their approach, and then the rest of the session will be devoted to guided discussion and feedback.","updated_timestamp":{"seconds":1721778710,"nanoseconds":0},"speakers":[{"content_ids":[55333],"conference_id":133,"event_ids":[55724],"name":"Michael Garcia","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DHS Cyber Security and Infrastructure Security Agency","title":"Senior Policy Advisor for the Office of Strategy, Policy, and Plans"}],"links":[],"pronouns":null,"media":[],"id":55934,"title":"Senior Policy Advisor for the Office of Strategy, Policy, and Plans at DHS Cyber Security and Infrastructure Security Agency"},{"content_ids":[55333],"conference_id":133,"event_ids":[55724],"name":"William Loomis","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DHS Cyber Security and Infrastructure Security Agency","title":"Cyber Policy Advisor for the Office of Strategy, Policy, and Plans"}],"links":[],"pronouns":null,"media":[],"id":55943,"title":"Cyber Policy Advisor for the Office of Strategy, Policy, and Plans at DHS Cyber Security and Infrastructure Security Agency"}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-23T23:51:50Z","links":[],"end":"2024-08-09T23:45:00.000-0000","id":55724,"tag_ids":[46388,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":55943},{"tag_id":46487,"sort_order":4,"person_id":55934}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-23T23:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the realm of cybersecurity, Threat Emulation is akin to a skilled wizard mastering the arcane arts of replicating real-world threats and their myriad behaviors to scrutinize the defenses of an organization. This mystical practice involves crafting Intelligence-driven scenarios, woven with the threads of reality, to mimic the nefarious maneuvers of creatures that lurk in the shadows. By summoning these simulated events, organizations can fortify their defenses, sharpening their blades against the invisible foes that threaten their digital realms.\r\n\r\nEmbark on a quest with Trey, the seasoned Threat Emulator, as he unveils the secrets of this mystical art.\n\n\n","media":[],"title":"Threat Emulation 101","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T22:50:00Z","end_timestamp":{"seconds":1723243800,"nanoseconds":0},"android_description":"In the realm of cybersecurity, Threat Emulation is akin to a skilled wizard mastering the arcane arts of replicating real-world threats and their myriad behaviors to scrutinize the defenses of an organization. This mystical practice involves crafting Intelligence-driven scenarios, woven with the threads of reality, to mimic the nefarious maneuvers of creatures that lurk in the shadows. By summoning these simulated events, organizations can fortify their defenses, sharpening their blades against the invisible foes that threaten their digital realms.\r\n\r\nEmbark on a quest with Trey, the seasoned Threat Emulator, as he unveils the secrets of this mystical art.","updated_timestamp":{"seconds":1721595407,"nanoseconds":0},"speakers":[{"content_ids":[55281,55993],"conference_id":133,"event_ids":[55671,56615],"name":"Trey Bilbrey","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SCYTHE Labs","title":"Lead"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/georgebilbrey"},{"description":"","title":"Twitter (@TCraf7)","sort_order":0,"url":"https://twitter.com/TCraf7"}],"media":[],"id":55832,"title":"Lead at SCYTHE Labs"}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T20:56:47Z","links":[],"end":"2024-08-09T22:50:00.000-0000","id":55671,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55832}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-21T20:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for an immersive workshop that will revolutionize your approach to Command-and-Control (C2) infrastructure deployments. Whether you're a seasoned Red Team operator or just starting your offensive security journey, this workshop is designed to equip you with the tools and knowledge to create scalable, operationally secure C2 infrastructure using the power of automation.\r\n\r\nIn this hands-on session, we'll demystify the process of deploying and configuring C2 components, such as frameworks, redirectors, and associated compute infrastructure.\r\n\r\nYou'll learn how to leverage infrastructure as code principles to create consistent, reliable, and secure C2 deployments, all while minimizing the risk of human error.\r\n\r\nWe'll dive deep into the best practices for designing and implementing C2 infrastructure automation, with a strong emphasis on operational security from the ground up.\r\n\r\nOur instructor will guide you through real-world examples and provide you with a solid foundation for building your own secure C2 deployments.\r\n\r\nWhether you're looking to enhance your Red Team capabilities or simply want to streamline your offensive security workflows, this workshop is perfect for you.\r\n\r\nJoin us and unlock the ability to spend less time on 'Sysadmin' tasks and more time focusing on what matters most – attacking and improving your organization's security posture!\r\n\r\nNo prior experience with C2 infrastructure automation is required.\r\n\r\nOur instructor will guide you every step of the way, ensuring that you leave the workshop with the confidence and skills to create secure, automated C2 deployments.\r\n\r\nDon't miss this opportunity to take your offensive security skills to the next level. Register now and unlock the power of secure C2 infrastructure automation!\n\n\n","media":[],"title":"New Skill Unlocked: C2 Infrastructure Automation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T23:50:00Z","end_timestamp":{"seconds":1723247400,"nanoseconds":0},"android_description":"Join us for an immersive workshop that will revolutionize your approach to Command-and-Control (C2) infrastructure deployments. Whether you're a seasoned Red Team operator or just starting your offensive security journey, this workshop is designed to equip you with the tools and knowledge to create scalable, operationally secure C2 infrastructure using the power of automation.\r\n\r\nIn this hands-on session, we'll demystify the process of deploying and configuring C2 components, such as frameworks, redirectors, and associated compute infrastructure.\r\n\r\nYou'll learn how to leverage infrastructure as code principles to create consistent, reliable, and secure C2 deployments, all while minimizing the risk of human error.\r\n\r\nWe'll dive deep into the best practices for designing and implementing C2 infrastructure automation, with a strong emphasis on operational security from the ground up.\r\n\r\nOur instructor will guide you through real-world examples and provide you with a solid foundation for building your own secure C2 deployments.\r\n\r\nWhether you're looking to enhance your Red Team capabilities or simply want to streamline your offensive security workflows, this workshop is perfect for you.\r\n\r\nJoin us and unlock the ability to spend less time on 'Sysadmin' tasks and more time focusing on what matters most – attacking and improving your organization's security posture!\r\n\r\nNo prior experience with C2 infrastructure automation is required.\r\n\r\nOur instructor will guide you every step of the way, ensuring that you leave the workshop with the confidence and skills to create secure, automated C2 deployments.\r\n\r\nDon't miss this opportunity to take your offensive security skills to the next level. Register now and unlock the power of secure C2 infrastructure automation!","updated_timestamp":{"seconds":1721595412,"nanoseconds":0},"speakers":[{"content_ids":[55280],"conference_id":133,"event_ids":[55670],"name":"Robert Pimentel","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@hacker_hermanos)","sort_order":0,"url":"https://twitter.com/hacker_hermanos"}],"media":[],"id":55830},{"content_ids":[55280],"conference_id":133,"event_ids":[55670],"name":"Josh Huff","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55831}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T20:56:52Z","links":[],"end":"2024-08-09T23:50:00.000-0000","id":55670,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55831},{"tag_id":46167,"sort_order":4,"person_id":55830}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-21T20:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Step into a cybernetic world where humanity and technology intertwine in a complex dance of evolution. Just like the cyberpunk masterpiece, we will augment our cybersecurity defenses through the fusion of artificial intelligence and human ingenuity.\n\nIn this presentation, we explore the symbiotic relationship between humans and AI, mirroring the fusion of man and machine in Ghost in the Shell. Through the lens of AI-enhanced threat modeling, we uncover how Generative Artificial Intelligence Language Models (GenAI LLMs) empower penetration testing and red teaming professionals to transcend traditional boundaries and improve security early in the design process. Additionally, they contribute to more efficient testing of completed systems and applications.\n\nJoin us as we journey through the cybernetic landscape, where attendees will learn to merge human intuition with AI intelligence to fortify solutions and improve offensive security testing. Together, we will transcend the limitations of conventional approaches and embrace the cybernetic evolution that awaits us.\n\n\n","media":[],"title":"GHOST in the Model: Generating AI-Assisted Threat Models for Efficient Offensive Security Testing","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T22:50:00Z","end_timestamp":{"seconds":1723243800,"nanoseconds":0},"android_description":"Step into a cybernetic world where humanity and technology intertwine in a complex dance of evolution. Just like the cyberpunk masterpiece, we will augment our cybersecurity defenses through the fusion of artificial intelligence and human ingenuity.\n\nIn this presentation, we explore the symbiotic relationship between humans and AI, mirroring the fusion of man and machine in Ghost in the Shell. Through the lens of AI-enhanced threat modeling, we uncover how Generative Artificial Intelligence Language Models (GenAI LLMs) empower penetration testing and red teaming professionals to transcend traditional boundaries and improve security early in the design process. Additionally, they contribute to more efficient testing of completed systems and applications.\n\nJoin us as we journey through the cybernetic landscape, where attendees will learn to merge human intuition with AI intelligence to fortify solutions and improve offensive security testing. Together, we will transcend the limitations of conventional approaches and embrace the cybernetic evolution that awaits us.","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55279],"conference_id":133,"event_ids":[55669],"name":"Sam Cosentino","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55833}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T22:50:00.000-0000","id":55669,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55833}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Over the years, while people have expressed more and more concern about what freedoms we have in the US, less and less understanding of what true freedom means has been demonstrated. Here, we take a look at the related definitions, and how technology has been both a secret advocate and opponent of the freedoms we claim to desire so much.\n\n\n","media":[],"title":"Life, Liberty and the pursuit of Convenience: the slow death of independence","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Over the years, while people have expressed more and more concern about what freedoms we have in the US, less and less understanding of what true freedom means has been demonstrated. Here, we take a look at the related definitions, and how technology has been both a secret advocate and opponent of the freedoms we claim to desire so much.","updated_timestamp":{"seconds":1721495207,"nanoseconds":0},"speakers":[{"content_ids":[55195],"conference_id":133,"event_ids":[55585],"name":"Kaleeque Pierce","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Management Professional"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/kaleequepierce/"}],"media":[],"id":55796,"title":"Management Professional"}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T17:06:47Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":55585,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55796}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-20T17:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Prototype pollution is a vulnerability in JavaScript applications that can have varying impacts depending on the complexity and nature of the affected app. By manipulating an object's prototype chain, an attacker can introduce malicious properties, leading to unexpected behavior and potentially allowing the attacker to execute arbitrary code.\r\nIn this workshop, we will first try to understand the subtleties of the Javascript prototype chain. Then, we will explore different techniques for black box detection. Finally, we will use pp-finder to find new RCE gadgets in popular libraries.\r\n\r\nPre-Requisites:\r\n- Attendees are expect to have basic Javascript knowledge and have a computer with docker ready\n\n\n","media":[],"title":"Prototype Pollution in Depth, From Beginner to 0-Day Hunter","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T23:30:00Z","end_timestamp":{"seconds":1723246200,"nanoseconds":0},"android_description":"Prototype pollution is a vulnerability in JavaScript applications that can have varying impacts depending on the complexity and nature of the affected app. By manipulating an object's prototype chain, an attacker can introduce malicious properties, leading to unexpected behavior and potentially allowing the attacker to execute arbitrary code.\r\nIn this workshop, we will first try to understand the subtleties of the Javascript prototype chain. Then, we will explore different techniques for black box detection. Finally, we will use pp-finder to find new RCE gadgets in popular libraries.\r\n\r\nPre-Requisites:\r\n- Attendees are expect to have basic Javascript knowledge and have a computer with docker ready","updated_timestamp":{"seconds":1721438211,"nanoseconds":0},"speakers":[{"content_ids":[55172,55177],"conference_id":133,"event_ids":[55560,55565],"name":"Lucas Philippe","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"YesWeHack","title":""}],"pronouns":null,"links":[{"description":"","title":"@BitK","sort_order":0,"url":"https://twitter.com/BitK"}],"media":[],"id":54831,"title":"YesWeHack"}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T01:16:51Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#prototype-pollution-in-depth"}],"end":"2024-08-09T23:30:00.000-0000","id":55565,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54831}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-20T01:16:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk, I will detail my discovery and analysis of CVE 2023-52709, a vulnerability in the TI Bluetooth stack. This flaw allows the stack to fail in generating a resolvable Random Private Address (RPA), which can lead to a Denial of Service (DoS) for already bonded peer devices. The discussion will cover the technical aspects of the vulnerability, the implications for automotive security, and potential mitigation strategies.\n\n\n","media":[],"title":"Bluetooth Blues: Unmasking CVE 2023-52709 - The TI BLE5-Stack Attack","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:30:00Z","end_timestamp":{"seconds":1723242600,"nanoseconds":0},"android_description":"In this talk, I will detail my discovery and analysis of CVE 2023-52709, a vulnerability in the TI Bluetooth stack. This flaw allows the stack to fail in generating a resolvable Random Private Address (RPA), which can lead to a Denial of Service (DoS) for already bonded peer devices. The discussion will cover the technical aspects of the vulnerability, the implications for automotive security, and potential mitigation strategies.","updated_timestamp":{"seconds":1720403281,"nanoseconds":0},"speakers":[{"content_ids":[54627],"conference_id":133,"event_ids":[55001],"name":"Kevin Mitchell","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54313}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T01:48:01Z","links":[],"end":"2024-08-09T22:30:00.000-0000","id":55001,"tag_ids":[46375,46419,46437,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54313}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-08T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Many medical devices are “not connected to a network”, so let’s bring our own! This talk will teach you how to create a BadUSB device that can wirelessly execute payloads on “airgapped” systems like medical devices that aren’t connected to the internet. WIth only $10 of off-the-shelf hardware and some basic arduino code you too can start popping shells in the device lab.\n\n\n","media":[],"title":"Breaking Boundaries: Popping Shells in the Airgap with $10 and a Dash of Arduino Magic","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:30:00Z","end_timestamp":{"seconds":1723242600,"nanoseconds":0},"android_description":"Many medical devices are “not connected to a network”, so let’s bring our own! This talk will teach you how to create a BadUSB device that can wirelessly execute payloads on “airgapped” systems like medical devices that aren’t connected to the internet. WIth only $10 of off-the-shelf hardware and some basic arduino code you too can start popping shells in the device lab.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54575],"conference_id":133,"event_ids":[54950],"name":"Daniel Beard","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Mastodon (@varx@defcon.social)","sort_order":0,"url":"https://defcon.social/@varx"}],"media":[],"id":54324}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T22:30:00.000-0000","id":54950,"tag_ids":[46371,46419,46438,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54324}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"DC101 Panel","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1720307459,"nanoseconds":0},"speakers":[{"content_ids":[54462],"conference_id":133,"event_ids":[54835],"name":"Nikita Kronenberg","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DEF CON Communications","title":"Director of Content and Coordination"}],"links":[],"pronouns":"she/her","media":[],"id":55970,"title":"Director of Content and Coordination at DEF CON Communications"},{"content_ids":[54462],"conference_id":133,"event_ids":[54835],"name":"AdaZebra","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DEF CON 32","title":"Head of Hotline"}],"links":[],"pronouns":"she/her","media":[],"id":56607,"title":"Head of Hotline at DEF CON 32"},{"content_ids":[54462],"conference_id":133,"event_ids":[54835],"name":"Drew \"aNullValue\" Stemen","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Hacker Tracker","title":"Project Manager"}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@aNullValue@defcon.social)","sort_order":0,"url":"@aNullValue@defcon.social"},{"description":"","title":"Website","sort_order":0,"url":"https://anullvalue.net"}],"media":[],"id":56608,"title":"Project Manager at Hacker Tracker"},{"content_ids":[54462],"conference_id":133,"event_ids":[54835],"name":"Grifter","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DEF CON 32","title":"Contests & Events Lead"}],"links":[],"pronouns":null,"media":[],"id":56609,"title":"Contests & Events Lead at DEF CON 32"}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:59Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":54835,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":55970},{"tag_id":46487,"sort_order":4,"person_id":56608},{"tag_id":46487,"sort_order":6,"person_id":56609},{"tag_id":46487,"sort_order":8,"person_id":56607}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Do you consider the list of mobile apps you use and the frequency at which you use them private information? What about the GPS coordinates of the cell towers to which your smartphone connects? The Android framework restricts third-party apps from freely obtaining this information – unless the user explicitly grants the app access. Android is a diverse ecosystem that comes with many benefits, but device vendors can still unintentionally expose app usage and device location in a variety of ways. We uncover privacy leaks of both types of data, where pre-loaded vendor software exposes app usage and location to co-located software. We also explore various local exposures of this data, where it is leaked to resources that do not require any special permissions or privileges to access.\r\n\r\nWe discovered these leakages across several major vendors, including Samsung, Nokia, Transsion brands (i.e., Tecno, Infinix, and Itel), and additional vendors that utilize a pre-installed Qualcomm app for performance monitoring. We cover each of these exposures in detail. App usage reveals the subset of the apps that the user actually interacts with, which can be collected, combined with location data, and analyzed for advertising, profiling, and establishing user pattern-of-life.\r\n\r\n\r\n1. [link](https://developer.android.com/develop/sensors-and-location/location/permissions#accuracy)\r\n2. [link](https://developer.android.com/training/package-visibility)\r\n3. [link](https://support.google.com/googleplay/android-developer/answer/10158779)\r\n4. [link](https://developer.android.com/reference/android/app/ActivityManager#getRunningTasks)\r\n5. [link](https://android.googlesource.com/platform/frameworks/base/+/2d7576b%5E!/)\r\n6. [link](https://android.googlesource.com/platform/frameworks/base/+/refs/heads/android14-platform-release/core/res/AndroidManifest.xml#3080)\r\n7. [link](https://medium.com/@amir.ghm/a-deep-dive-to-get-the-top-activity-name-of-currently-running-application-in-android-50e5f17f47d5)\r\n8. [link](https://developer.android.com/reference/android/telephony/TelephonyManager#getAllCellInfo)\r\n9. [link](https://developer.android.com/reference/android/telephony/TelephonyManager#getCellLocation)\r\n10. [link](https://opencellid.org/)\r\n11. [link](https://www.idc.com/getdoc.jsp?containerId=prUS52032524)\r\n12. [link](https://gs.statcounter.com/vendor-market-share/mobile)\r\n13. [link](https://source.android.com/)\r\n14. [link](https://www.counterpointresearch.com/insights/global-smartphone-ap-market-share/)\r\n15. [link](https://en.wikipedia.org/wiki/Transsion)\r\n16. [link](https://www.simo.co/about-us)\r\n17. [link](https://play.google.com/store/apps/details?id=com.skyroam.app)\r\n18. [link](https://apkpure.com/simo-global-local-internet/com.skyroam.app/download)\r\n19. [link](https://www.quokka.io/blog/vsim-vulnerability-within-simo-android-phones-exposed)\r\n20. [link](https://7561470.fs1.hubspotusercontent-na1.net/hubfs/7561470/QKKA_Resources/Security%20Analysis%20of%20Simo%E2%80%99s%20vSIM%20Android%20Software_Academic%20Paper.pdf)\r\n21. [link](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41848)\r\n22. [link](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41850)\r\n23. [link](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41849)\r\n24. [link](https://www.idc.com/promo/smartphone-market-share)\r\n25. [link](https://developer.android.com/reference/android/provider/Settings)\r\n\n\n\n","media":[],"title":"Android App Usage and Cell Tower Location: Private. Sensitive. Available to Anyone?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"Do you consider the list of mobile apps you use and the frequency at which you use them private information? What about the GPS coordinates of the cell towers to which your smartphone connects? The Android framework restricts third-party apps from freely obtaining this information – unless the user explicitly grants the app access. Android is a diverse ecosystem that comes with many benefits, but device vendors can still unintentionally expose app usage and device location in a variety of ways. We uncover privacy leaks of both types of data, where pre-loaded vendor software exposes app usage and location to co-located software. We also explore various local exposures of this data, where it is leaked to resources that do not require any special permissions or privileges to access.\r\n\r\nWe discovered these leakages across several major vendors, including Samsung, Nokia, Transsion brands (i.e., Tecno, Infinix, and Itel), and additional vendors that utilize a pre-installed Qualcomm app for performance monitoring. We cover each of these exposures in detail. App usage reveals the subset of the apps that the user actually interacts with, which can be collected, combined with location data, and analyzed for advertising, profiling, and establishing user pattern-of-life.\r\n\r\n\r\n1. [link](https://developer.android.com/develop/sensors-and-location/location/permissions#accuracy)\r\n2. [link](https://developer.android.com/training/package-visibility)\r\n3. [link](https://support.google.com/googleplay/android-developer/answer/10158779)\r\n4. [link](https://developer.android.com/reference/android/app/ActivityManager#getRunningTasks)\r\n5. [link](https://android.googlesource.com/platform/frameworks/base/+/2d7576b%5E!/)\r\n6. [link](https://android.googlesource.com/platform/frameworks/base/+/refs/heads/android14-platform-release/core/res/AndroidManifest.xml#3080)\r\n7. [link](https://medium.com/@amir.ghm/a-deep-dive-to-get-the-top-activity-name-of-currently-running-application-in-android-50e5f17f47d5)\r\n8. [link](https://developer.android.com/reference/android/telephony/TelephonyManager#getAllCellInfo)\r\n9. [link](https://developer.android.com/reference/android/telephony/TelephonyManager#getCellLocation)\r\n10. [link](https://opencellid.org/)\r\n11. [link](https://www.idc.com/getdoc.jsp?containerId=prUS52032524)\r\n12. [link](https://gs.statcounter.com/vendor-market-share/mobile)\r\n13. [link](https://source.android.com/)\r\n14. [link](https://www.counterpointresearch.com/insights/global-smartphone-ap-market-share/)\r\n15. [link](https://en.wikipedia.org/wiki/Transsion)\r\n16. [link](https://www.simo.co/about-us)\r\n17. [link](https://play.google.com/store/apps/details?id=com.skyroam.app)\r\n18. [link](https://apkpure.com/simo-global-local-internet/com.skyroam.app/download)\r\n19. [link](https://www.quokka.io/blog/vsim-vulnerability-within-simo-android-phones-exposed)\r\n20. [link](https://7561470.fs1.hubspotusercontent-na1.net/hubfs/7561470/QKKA_Resources/Security%20Analysis%20of%20Simo%E2%80%99s%20vSIM%20Android%20Software_Academic%20Paper.pdf)\r\n21. [link](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41848)\r\n22. [link](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41850)\r\n23. [link](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41849)\r\n24. [link](https://www.idc.com/promo/smartphone-market-share)\r\n25. [link](https://developer.android.com/reference/android/provider/Settings)","updated_timestamp":{"seconds":1720462627,"nanoseconds":0},"speakers":[{"content_ids":[54461],"conference_id":133,"event_ids":[54834],"name":"Ryan Johnson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Quokka","title":"Senior Director, R&D"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ryan-johnson-137b7b169/"}],"media":[],"id":54050,"title":"Senior Director, R&D at Quokka"}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:17:07Z","links":[],"end":"2024-08-09T22:45:00.000-0000","id":54834,"tag_ids":[46166,46169,46419,46437,46881],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54050}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-08T18:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Windows Hello is touted by Microsoft as the modern de facto authentication scheme on Windows platforms, supporting authentication and encryption backed by biometrics. In a world that is quickly accelerating towards a passwordless existence, what new threats do we face in this complex landscape? We will take a deep dive into the inner working of Windows Hello. Via the release of a new tool, it will be demonstrated how an attacker on a fully compromised Windows host can leverage secrets backed by Windows Hello biometrics without needing the biometric data that protects them. We will also show how the hardware protections of Windows Hello and its accompanying Primary Refresh Tokens can be defeated, making it possible to use Windows Hello for identity persistency and PRT stealing, in some cases even without Administrator access on the host. \r\n\r\n- [link](https://www.insecurity.be/blog/2020/12/24/dpapi-in-depth-with-tooling-standalone-dpapi/)\r\n- [link](https://github.com/tijldeneut/dpapilab-ng)\r\n- [link](https://dirkjanm.io/phishing-for-microsoft-entra-primary-refresh-tokens/)\r\n- [link](https://dirkjanm.io/digging-further-into-the-primary-refresh-token/)\r\n- [link](https://dirkjanm.io/assets/raw/Windows%20Hello%20from%20the%20other%20side_nsec_v1.0.pdf)\r\n\n\n\n","media":[],"title":"Abusing Windows Hello Without a Severed Hand","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"Windows Hello is touted by Microsoft as the modern de facto authentication scheme on Windows platforms, supporting authentication and encryption backed by biometrics. In a world that is quickly accelerating towards a passwordless existence, what new threats do we face in this complex landscape? We will take a deep dive into the inner working of Windows Hello. Via the release of a new tool, it will be demonstrated how an attacker on a fully compromised Windows host can leverage secrets backed by Windows Hello biometrics without needing the biometric data that protects them. We will also show how the hardware protections of Windows Hello and its accompanying Primary Refresh Tokens can be defeated, making it possible to use Windows Hello for identity persistency and PRT stealing, in some cases even without Administrator access on the host. \r\n\r\n- [link](https://www.insecurity.be/blog/2020/12/24/dpapi-in-depth-with-tooling-standalone-dpapi/)\r\n- [link](https://github.com/tijldeneut/dpapilab-ng)\r\n- [link](https://dirkjanm.io/phishing-for-microsoft-entra-primary-refresh-tokens/)\r\n- [link](https://dirkjanm.io/digging-further-into-the-primary-refresh-token/)\r\n- [link](https://dirkjanm.io/assets/raw/Windows%20Hello%20from%20the%20other%20side_nsec_v1.0.pdf)","updated_timestamp":{"seconds":1720462448,"nanoseconds":0},"speakers":[{"content_ids":[54460],"conference_id":133,"event_ids":[54833],"name":"Dirk-jan Mollema","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Outsider Security","title":"Security Researcher"}],"links":[],"pronouns":null,"media":[],"id":54051,"title":"Security Researcher at Outsider Security"},{"content_ids":[54460],"conference_id":133,"event_ids":[54833],"name":"Ceri Coburn","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Pen Test Partners","title":"Red Team Operator and Offensive Security Dev"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@_ethicalchaos_)","sort_order":0,"url":"https://twitter.com/_ethicalchaos_"},{"description":"","title":"ethicalchaos.dev/","sort_order":0,"url":"https://ethicalchaos.dev/"}],"media":[],"id":54088,"title":"Red Team Operator and Offensive Security Dev at Pen Test Partners"}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:14:08Z","links":[],"end":"2024-08-09T22:45:00.000-0000","id":54833,"tag_ids":[46166,46169,46419,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54088},{"tag_id":46167,"sort_order":4,"person_id":54051}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-08T18:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"What does it mean to be an American? Or perhaps what should it mean? The world we live is now more complex then ever, with technology, law, policy, threats to personal wellbeing and international conflict dominating the headlines, how do Americans manage to stay in engaged in the affairs that control their society? This talk will be structured as a short presentation leading to an open forum discussion positioned to discover what it means to be an American in this current climate. We’ll discuss civics, generational gaps, and the role of technology in addressing the active citizen today. We’re all here to defend and support democracy, but that starts with a conversation.\n\n\n","media":[],"title":"What Does it Mean to be an American?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:30:00Z","end_timestamp":{"seconds":1723242600,"nanoseconds":0},"android_description":"What does it mean to be an American? Or perhaps what should it mean? The world we live is now more complex then ever, with technology, law, policy, threats to personal wellbeing and international conflict dominating the headlines, how do Americans manage to stay in engaged in the affairs that control their society? This talk will be structured as a short presentation leading to an open forum discussion positioned to discover what it means to be an American in this current climate. We’ll discuss civics, generational gaps, and the role of technology in addressing the active citizen today. We’re all here to defend and support democracy, but that starts with a conversation.","updated_timestamp":{"seconds":1723183539,"nanoseconds":0},"speakers":[{"content_ids":[56195,56202],"conference_id":133,"event_ids":[56849,56856],"name":"Kendall Spencer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/spenceresq"},{"description":"","title":"Twitter (@kendallspencer)","sort_order":0,"url":"https://twitter.com/kendallspencer"},{"description":"","title":"Website","sort_order":0,"url":"https://nightcommission.org"}],"media":[],"id":56574}],"begin_tsz":"2024-08-09T21:45:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:05:39Z","links":[],"end":"2024-08-09T22:30:00.000-0000","id":56849,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723239900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56574}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-09T21:45:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"How do we use the apparent magic of LLMs to help us threat model? What are the challenges? What works? What doesn’t?\n\n\n","media":[],"title":"Threat Modeling in the Age of AI","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:15:00Z","end_timestamp":{"seconds":1723241700,"nanoseconds":0},"android_description":"How do we use the apparent magic of LLMs to help us threat model? What are the challenges? What works? What doesn’t?","updated_timestamp":{"seconds":1723061775,"nanoseconds":0},"speakers":[{"content_ids":[56171],"conference_id":133,"event_ids":[56825],"name":"Adam Shostack","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56555}],"begin_tsz":"2024-08-09T21:45:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T20:16:15Z","links":[],"end":"2024-08-09T22:15:00.000-0000","id":56825,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723239900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56555}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-09T21:45:00.000-0000","updated":"2024-08-07T20:16:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"BTV Conversations explores creative, personal, or cutting-edge Blue Team topics in an interactive, conversational format.\r\n\r\nTodd Fletcher will introduce listeners to the topic of cyberpsychology. This discussion investigates the psychological and ethical dimensions influencing cybersecurity practitioners' behaviors towards cyber defense, utilizing Q-Methodology to elucidate diverse motivations and ethical perspectives within the community. The connected study involves participants sorting statements reflecting their views on cybersecurity, providing insights into common typologies and perspectives. Findings aim to inform nuanced cybersecurity strategies that prioritize both security and practitioners' mental well-being, adhering to strict ethical standards. This research contributes significantly to Cyberpsychology, enhancing understanding and practical approaches to contemporary cybersecurity challenges.\n\n\n","media":[],"title":"BTV Conversations: Exploring the Cyberpsychology of Cyber Defender Acceptance Behaviors and Personality Traits","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:30:00Z","end_timestamp":{"seconds":1723242600,"nanoseconds":0},"android_description":"BTV Conversations explores creative, personal, or cutting-edge Blue Team topics in an interactive, conversational format.\r\n\r\nTodd Fletcher will introduce listeners to the topic of cyberpsychology. This discussion investigates the psychological and ethical dimensions influencing cybersecurity practitioners' behaviors towards cyber defense, utilizing Q-Methodology to elucidate diverse motivations and ethical perspectives within the community. The connected study involves participants sorting statements reflecting their views on cybersecurity, providing insights into common typologies and perspectives. Findings aim to inform nuanced cybersecurity strategies that prioritize both security and practitioners' mental well-being, adhering to strict ethical standards. This research contributes significantly to Cyberpsychology, enhancing understanding and practical approaches to contemporary cybersecurity challenges.","updated_timestamp":{"seconds":1723186068,"nanoseconds":0},"speakers":[{"content_ids":[56204],"conference_id":133,"event_ids":[56858],"name":"Todd Fletcher","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"CrowdStrike","title":"Principal Consultant"}],"links":[],"pronouns":null,"media":[],"id":56588,"title":"Principal Consultant at CrowdStrike"}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:47:48Z","links":[],"end":"2024-08-09T22:30:00.000-0000","id":56858,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56588}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W311-W313 (BTV)","hotel":"","short_name":"W311-W313 (BTV)","id":46296},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-08-09T06:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join the inventor of Risk Limiting Audits for an up close hands on demo of how true Risk Limiting Audits work. Lean the principals and practice of conducting Risk Liming Audits. We will actually be conducting a Risk Limiting Audit during this demo and the audience will participate.\n\n\n","media":[],"title":"Risk Limiting Audit DEMO by Philip Stark","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:45:00Z","end_timestamp":{"seconds":1723239900,"nanoseconds":0},"android_description":"Join the inventor of Risk Limiting Audits for an up close hands on demo of how true Risk Limiting Audits work. Lean the principals and practice of conducting Risk Liming Audits. We will actually be conducting a Risk Limiting Audit during this demo and the audience will participate.","updated_timestamp":{"seconds":1723183538,"nanoseconds":0},"speakers":[{"content_ids":[56187,56185,56183],"conference_id":133,"event_ids":[56837,56839,56841],"name":"Philip Stark","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/philip-stark-0422325"},{"description":"","title":"Twitter (@philipbstark)","sort_order":0,"url":"https://twitter.com/philipbstark"},{"description":"","title":"Website","sort_order":0,"url":"https://www.stat.berkeley.edu/~stark/"}],"media":[],"id":56561}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:05:38Z","links":[],"end":"2024-08-09T21:45:00.000-0000","id":56841,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56561}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk will focus on the implications of our work defending AI based cybersecurity systems against file format abuse for the design of AI systems for cyber. The audience will learn how the interface between traditional cybersecurity systems and the AI models being integrated into them impacts security. File format abuse enables polyglot files to bypass state-of-the-art malware detection systems (EDR tools) that utilize machine learning in an attempt to catch novel forms of malware. The polyglot file is sent to the wrong model because the embedded file type is not detected. Existing file type, file carving, and polyglot detection tools are insufficient to detect polyglots used by threat actors in the wild. However, we trained a machine learning model capable of detecting all polyglot types in our dataset, which is based on threat actor usage of polyglots in the wild, with over 99.9% accuracy. Content disarm and reconstruct (CDR) tools can also be used to disarm polyglots, but are not effective on all file types.\n\n\n","media":[],"title":"Removing the Ring of Gyges: Lessons from Securing AI Systems Against File Format Abuse","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"This talk will focus on the implications of our work defending AI based cybersecurity systems against file format abuse for the design of AI systems for cyber. The audience will learn how the interface between traditional cybersecurity systems and the AI models being integrated into them impacts security. File format abuse enables polyglot files to bypass state-of-the-art malware detection systems (EDR tools) that utilize machine learning in an attempt to catch novel forms of malware. The polyglot file is sent to the wrong model because the embedded file type is not detected. Existing file type, file carving, and polyglot detection tools are insufficient to detect polyglots used by threat actors in the wild. However, we trained a machine learning model capable of detecting all polyglot types in our dataset, which is based on threat actor usage of polyglots in the wild, with over 99.9% accuracy. Content disarm and reconstruct (CDR) tools can also be used to disarm polyglots, but are not effective on all file types.","updated_timestamp":{"seconds":1722625241,"nanoseconds":0},"speakers":[{"content_ids":[55879],"conference_id":133,"event_ids":[56464],"name":"Sean Oesch","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Oak Ridge National Laboratory","title":""}],"links":[],"pronouns":null,"media":[],"id":56239,"title":"Oak Ridge National Laboratory"},{"content_ids":[55879],"conference_id":133,"event_ids":[56464],"name":"Luke Koch","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Oak Ridge National Laboratory","title":""}],"links":[],"pronouns":null,"media":[],"id":56240,"title":"Oak Ridge National Laboratory"},{"content_ids":[55879],"conference_id":133,"event_ids":[56464],"name":"Brian Weber","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Oak Ridge National Laboratory","title":""}],"links":[],"pronouns":null,"media":[],"id":56241,"title":"Oak Ridge National Laboratory"},{"content_ids":[55879],"conference_id":133,"event_ids":[56464],"name":"Amul Chaulagain","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Oak Ridge National Laboratory","title":""}],"links":[],"pronouns":null,"media":[],"id":56242,"title":"Oak Ridge National Laboratory"},{"content_ids":[55879],"conference_id":133,"event_ids":[56464],"name":"Matthew Dixson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":""}],"links":[],"pronouns":null,"media":[],"id":56243},{"content_ids":[55879],"conference_id":133,"event_ids":[56464],"name":"Jared Dixon","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":""}],"links":[],"pronouns":null,"media":[],"id":56244},{"content_ids":[55879],"conference_id":133,"event_ids":[56464],"name":"Cory Watson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":""}],"links":[],"pronouns":null,"media":[],"id":56245}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:00:41Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":56464,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56239},{"tag_id":46167,"sort_order":4,"person_id":56240},{"tag_id":46167,"sort_order":6,"person_id":56241},{"tag_id":46167,"sort_order":8,"person_id":56242},{"tag_id":46167,"sort_order":10,"person_id":56243},{"tag_id":46167,"sort_order":12,"person_id":56244},{"tag_id":46167,"sort_order":14,"person_id":56245}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-08-02T19:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn how to build a device to emulate magstripe using data intercepted from EMV chip and contactless interfaces\n\n\n","media":[],"title":"Emulating Magstripe with Arduino","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T22:10:00Z","end_timestamp":{"seconds":1723241400,"nanoseconds":0},"android_description":"Learn how to build a device to emulate magstripe using data intercepted from EMV chip and contactless interfaces","updated_timestamp":{"seconds":1722356245,"nanoseconds":0},"speakers":[{"content_ids":[55566,55567,55568],"conference_id":133,"event_ids":[56081,56082,56089,56091,56092],"name":"Leigh-Anne Galloway","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"UNDERLE LTD","title":"Director of Research"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/leighannegalloway/"},{"description":"","title":"Twitter (@L_Agalloway)","sort_order":0,"url":"https://twitter.com/L_Agalloway"}],"media":[],"id":56039,"title":"Director of Research at UNDERLE LTD"}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T16:17:25Z","links":[],"end":"2024-08-09T22:10:00.000-0000","id":56081,"tag_ids":[46386,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56039}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-07-30T16:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk will explore how default configurations in reference architectures of our most commonly used software supply chain services can lead to a handful of unsavory outcomes including secrets exfiltration, lateral movement, and privilege escalation within production cloud and SaaS environments. We'll take a close look at how many of the interactions between people and CI|CD services are not as safe as we think. Some examples we’ll look at:\n\n - Abusing PRs against Github repositories allows for execution of code prior to code review & merge, for all downstream services (GH Actions, Buildkite, & Terraform)\n - Multi-tenant infrastructures in CI like Buildkite lead to over-authorization & access to production cloud secrets\n - Lacking Pipeline Based Access Control (PBAC) in CI services like Buildkite leads to code execution in production cloud environments\n\n\nAfter we identify the pitfalls in our by-default configurations, we’ll demonstrate how best to modify them using available tools, services, & best practices.\n\n\n","media":[],"title":"Attacking and Defending Software Supply Chains: How we got Admin in your Clouds!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:10:00Z","end_timestamp":{"seconds":1723241400,"nanoseconds":0},"android_description":"This talk will explore how default configurations in reference architectures of our most commonly used software supply chain services can lead to a handful of unsavory outcomes including secrets exfiltration, lateral movement, and privilege escalation within production cloud and SaaS environments. We'll take a close look at how many of the interactions between people and CI|CD services are not as safe as we think. Some examples we’ll look at:\n\n - Abusing PRs against Github repositories allows for execution of code prior to code review & merge, for all downstream services (GH Actions, Buildkite, & Terraform)\n - Multi-tenant infrastructures in CI like Buildkite lead to over-authorization & access to production cloud secrets\n - Lacking Pipeline Based Access Control (PBAC) in CI services like Buildkite leads to code execution in production cloud environments\n\n\nAfter we identify the pitfalls in our by-default configurations, we’ll demonstrate how best to modify them using available tools, services, & best practices.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55485],"conference_id":133,"event_ids":[55914],"name":"Mike Ruth","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"MF_Ruth","sort_order":0,"url":"https://MF_Ruth"}],"media":[],"id":56007}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T22:10:00.000-0000","id":55914,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56007}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Devices with radios are everywhere and sooner or later radios will be in everything, maybe even sooner than you think. During our talk we will be sharing CNLohr's research about transmitting RF signals without a radio. We will share our findings on how this these new techniques can be abused by an adversary. Finally, we will highlight how so many amazing tools and techniques are available to us because they are open source and why we need to support and protect these kinds of works to sustain a culture of learning and growing.\n\n\n","media":[],"title":"Yet another way of exfiltrating data from air-gapped systems OR Oh no, everything is a radio","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:25:00Z","end_timestamp":{"seconds":1723242300,"nanoseconds":0},"android_description":"Devices with radios are everywhere and sooner or later radios will be in everything, maybe even sooner than you think. During our talk we will be sharing CNLohr's research about transmitting RF signals without a radio. We will share our findings on how this these new techniques can be abused by an adversary. Finally, we will highlight how so many amazing tools and techniques are available to us because they are open source and why we need to support and protect these kinds of works to sustain a culture of learning and growing.","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55449],"conference_id":133,"event_ids":[55874],"name":"C$","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DCG862 (DEF CON Group 862)","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":55987,"title":"Founder at DCG862 (DEF CON Group 862)"},{"content_ids":[55449],"conference_id":133,"event_ids":[55874],"name":"Endeavors","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DCG862 (DEF CON Group 862)","title":"Founding Member"}],"links":[],"pronouns":null,"media":[],"id":55988,"title":"Founding Member at DCG862 (DEF CON Group 862)"}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-09T22:25:00.000-0000","id":55874,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55987},{"tag_id":46167,"sort_order":4,"person_id":55988}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Using hardware hacking techniques, it was possible to detect the use of learning codes instead of rolling codes in a key job of a car widely used in my country. For this purpose, the key job was disassembled and the HS2240 integrated circuit was detected and, using a logic analyzer, the emission of learning codes from the integrated circuit to the radio frequency LED emitter was checked.\nWith the use of HackRF SDR, the learning code is duplicated to be able to open the car N times without needing the original key anymore, which proves that the use of learning codes is very vulnerable, just like fixed codes.\n\n\n","media":[],"title":"How I discovered and hacked Learning Codes of the key job of a car assembled in my country","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"Using hardware hacking techniques, it was possible to detect the use of learning codes instead of rolling codes in a key job of a car widely used in my country. For this purpose, the key job was disassembled and the HS2240 integrated circuit was detected and, using a logic analyzer, the emission of learning codes from the integrated circuit to the radio frequency LED emitter was checked.\nWith the use of HackRF SDR, the learning code is duplicated to be able to open the car N times without needing the original key anymore, which proves that the use of learning codes is very vulnerable, just like fixed codes.","updated_timestamp":{"seconds":1720331871,"nanoseconds":0},"speakers":[{"content_ids":[54636],"conference_id":133,"event_ids":[55010],"name":"Danilo Erazo","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Fluid Attacks","title":"Ethical Hacker"}],"links":[],"pronouns":null,"media":[],"id":54349,"title":"Ethical Hacker at Fluid Attacks"}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:51Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":55010,"tag_ids":[46169,46375,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54349}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Have you ever wondered how those little boxes that you tap your card to open doors work? What are they reading on the card? How do they ultimately unlock the door? And, are they even secure? In this talk, we will answer all of those questions and more. We will walk through how access-control systems, in general, work, and dig into the details of the most popular systems. Fortunately for the entertainment value of this talk, there be dragons in our doors. We will walk through some of the most high-profile attacks in detail and then dive into some more fundamental flaws with how the systems are designed. All of these discussions will be accompanied with live demos and first hand experience. After this talk, you will look at the world, especially doors, differently -- weaknesses everywhere! My hope is that we can all learn from past mistakes and create a more secure and less frustrating tomorrow together\n\n\n","media":[],"title":"Your Smartcard is Dumb: A Brief History of Hacking Access Control Systems","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:30:00Z","end_timestamp":{"seconds":1723242600,"nanoseconds":0},"android_description":"Have you ever wondered how those little boxes that you tap your card to open doors work? What are they reading on the card? How do they ultimately unlock the door? And, are they even secure? In this talk, we will answer all of those questions and more. We will walk through how access-control systems, in general, work, and dig into the details of the most popular systems. Fortunately for the entertainment value of this talk, there be dragons in our doors. We will walk through some of the most high-profile attacks in detail and then dive into some more fundamental flaws with how the systems are designed. All of these discussions will be accompanied with live demos and first hand experience. After this talk, you will look at the world, especially doors, differently -- weaknesses everywhere! My hope is that we can all learn from past mistakes and create a more secure and less frustrating tomorrow together","updated_timestamp":{"seconds":1723044372,"nanoseconds":0},"speakers":[{"content_ids":[54629],"conference_id":133,"event_ids":[55003],"name":"Chad Shortman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Allthenticate","title":"CEO"}],"links":[],"pronouns":null,"media":[],"id":54345,"title":"CEO at Allthenticate"}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T15:26:12Z","links":[],"end":"2024-08-09T22:30:00.000-0000","id":55003,"tag_ids":[46169,46387,46419,46511,46736],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54345}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-08-07T15:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In recent years, we have witnessed a surge in attacks aimed at critical infrastructure, varying widely in scope and impact depending on the region. While the definition of critical infrastructure differs by country, it typically encompasses essential sectors such as oil, natural gas, water, power, and manufacturing. The ramifications of these attacks are complex and often unpredictable.\n\nTo gain a clearer understanding of the state of critical infrastructure globally, starting in 2023, we will annually survey 300 CISOs or security directors across different countries in this sector. We will share the data-driven insights to offer a detailed examination of the current conditions and challenges faced by these crucial systems. By comparing trends across different years, countries, and industries, our goal is to enhance the security and resilience of critical infrastructures worldwide.\n\n\n","media":[],"title":"Mapping the Landscape: Top 10 Cybersecurity Trends in Critical Infrastructure for 2024","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"In recent years, we have witnessed a surge in attacks aimed at critical infrastructure, varying widely in scope and impact depending on the region. While the definition of critical infrastructure differs by country, it typically encompasses essential sectors such as oil, natural gas, water, power, and manufacturing. The ramifications of these attacks are complex and often unpredictable.\n\nTo gain a clearer understanding of the state of critical infrastructure globally, starting in 2023, we will annually survey 300 CISOs or security directors across different countries in this sector. We will share the data-driven insights to offer a detailed examination of the current conditions and challenges faced by these crucial systems. By comparing trends across different years, countries, and industries, our goal is to enhance the security and resilience of critical infrastructures worldwide.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54573],"conference_id":133,"event_ids":[54948],"name":"Mars Cheng","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"TXOne Networks Inc","title":"Threat Research Manager, PSIRT and Threat Research"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@marscheng_)","sort_order":0,"url":"https://twitter.com/marscheng_"}],"media":[],"id":54343,"title":"Threat Research Manager, PSIRT and Threat Research at TXOne Networks Inc"}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":54948,"tag_ids":[46382,46419,46463,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54343}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Social media have been a decade-long dress rehearsal in online manipulation. AI can create information, make predictions and take decisions that will affect human behaviour, including our behaviours as citizens, workers and consumers. Safeguards are needed, since generative AI will only exacerbate the personal, social and societal harms already caused by data-driven business models.\r\n\r\nWe examine the centrality of human dignity in tech law and policy and how our mindsets and legal frameworks must be informed by psychological, technological and societal perspectives. Based on insights from market dynamics, marketing techniques, design strategies, and human frailties we demonstrate how information asymmetries have reduced individual agency and the ability to create transparency.\r\n\r\nHuman dignity is a core value in liberal democracies that must also be reflected in tech policy. Protections are required when businesses interfere with our rights to freedom, property, privacy and non-discrimination. With the digitalisation of the human experience, users have become programmable objects. We cannot rely on regulation alone and need to discuss how we can act to reclaim our dignity.\n\n\n","media":[],"title":"Human Dignity in AI and Tech Policy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:15:00Z","end_timestamp":{"seconds":1723241700,"nanoseconds":0},"android_description":"Social media have been a decade-long dress rehearsal in online manipulation. AI can create information, make predictions and take decisions that will affect human behaviour, including our behaviours as citizens, workers and consumers. Safeguards are needed, since generative AI will only exacerbate the personal, social and societal harms already caused by data-driven business models.\r\n\r\nWe examine the centrality of human dignity in tech law and policy and how our mindsets and legal frameworks must be informed by psychological, technological and societal perspectives. Based on insights from market dynamics, marketing techniques, design strategies, and human frailties we demonstrate how information asymmetries have reduced individual agency and the ability to create transparency.\r\n\r\nHuman dignity is a core value in liberal democracies that must also be reflected in tech policy. Protections are required when businesses interfere with our rights to freedom, property, privacy and non-discrimination. With the digitalisation of the human experience, users have become programmable objects. We cannot rely on regulation alone and need to discuss how we can act to reclaim our dignity.","updated_timestamp":{"seconds":1721350090,"nanoseconds":0},"speakers":[{"content_ids":[54572],"conference_id":133,"event_ids":[54947],"name":"Jan Trzaskowski","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Aalborg University and Copenhagen Business School","title":"Law Professor"}],"links":[],"pronouns":null,"media":[],"id":54262,"title":"Law Professor at Aalborg University and Copenhagen Business School"}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-19T00:48:10Z","links":[],"end":"2024-08-09T22:15:00.000-0000","id":54947,"tag_ids":[46388,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54262}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-07-19T00:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As cellular technologies continue to become more integrated into IoT devices, there has been a noticeable lag in comprehending potential security implications associated with cellular hardware technologies. Furthermore, the development of effective hardware testing methodologies has also fallen behind. Given the highly regulated nature of cellular communication and the prevalent use of encryption, it is imperative for security researchers to deepen their understanding of circuit design and the integration of cellular modems into IoT devices. In this presentation, I will introduce a wide-ranging testing and analysis methodology aimed at enhancing our understanding and evaluation of the security of IoT devices that currently rely on cellular communications. This methodology will encompass an examination of various cellular modem modules in use, their integration into circuit design, and hardware hacking techniques for interacting with communication circuits to control cellular modules, all for the purpose of security testing and analysis.\n\n\n","media":[],"title":"Exploration of Cellular Based IoT Technology","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:30:00Z","end_timestamp":{"seconds":1723242600,"nanoseconds":0},"android_description":"As cellular technologies continue to become more integrated into IoT devices, there has been a noticeable lag in comprehending potential security implications associated with cellular hardware technologies. Furthermore, the development of effective hardware testing methodologies has also fallen behind. Given the highly regulated nature of cellular communication and the prevalent use of encryption, it is imperative for security researchers to deepen their understanding of circuit design and the integration of cellular modems into IoT devices. In this presentation, I will introduce a wide-ranging testing and analysis methodology aimed at enhancing our understanding and evaluation of the security of IoT devices that currently rely on cellular communications. This methodology will encompass an examination of various cellular modem modules in use, their integration into circuit design, and hardware hacking techniques for interacting with communication circuits to control cellular modules, all for the purpose of security testing and analysis.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54571],"conference_id":133,"event_ids":[54946],"name":"Carlota Bindner","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Thermo Fisher Scientific","title":"Lead Product Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/carlotabindner/"},{"description":"","title":"Twitter (@CarlotaBindner)","sort_order":0,"url":"https://twitter.com/CarlotaBindner"}],"media":[],"id":54235,"title":"Lead Product Security Researcher at Thermo Fisher Scientific"},{"content_ids":[54571],"conference_id":133,"event_ids":[54946],"name":"Deral Heiland","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Rapid7","title":"Principal Security Researcher (IoT)"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@percent_x)","sort_order":0,"url":"https://twitter.com/percent_x"}],"media":[],"id":54267,"title":"Principal Security Researcher (IoT) at Rapid7"}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T22:30:00.000-0000","id":54946,"tag_ids":[46169,46383,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54235},{"tag_id":46167,"sort_order":1,"person_id":54267}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Imagine if you could go back in time to precompute all passwords that could have been generated by an off-the-shelf password generator? With RoboForm versions prior to June 2015, you can! \r\n\r\nIn Joe and Bruno's Guide to Hacking Time, Joe and Bruno share their story, process, and experiences of reverse engineering RoboForm, finding a weakness in the randomness of the password generation routine, and creating a wrapper to generate all possible passwords that could have been generated within a specific time frame. Their work, using Cheat Engine, Ghidra, x64dbg, and custom code, was done specifically to help someone recover over $3 million of Bitcoin locked in a software wallet, but the attack could be exploited against any account or system protected by a password generated by RoboForm before their 7.9.14 release when this problem was fixed.\r\n\r\n- Kung Fury, [link](https://www.youtube.com/watch?v=fQGbXmkSArs)\r\n- Cheat Engine\r\n- Ghidra\r\n- x64dbg\n\n\n","media":[],"title":"Joe and Bruno's Guide to Hacking Time: Regenerating Passwords from RoboForm's Password Generator","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T22:15:00Z","end_timestamp":{"seconds":1723241700,"nanoseconds":0},"android_description":"Imagine if you could go back in time to precompute all passwords that could have been generated by an off-the-shelf password generator? With RoboForm versions prior to June 2015, you can! \r\n\r\nIn Joe and Bruno's Guide to Hacking Time, Joe and Bruno share their story, process, and experiences of reverse engineering RoboForm, finding a weakness in the randomness of the password generation routine, and creating a wrapper to generate all possible passwords that could have been generated within a specific time frame. Their work, using Cheat Engine, Ghidra, x64dbg, and custom code, was done specifically to help someone recover over $3 million of Bitcoin locked in a software wallet, but the attack could be exploited against any account or system protected by a password generated by RoboForm before their 7.9.14 release when this problem was fixed.\r\n\r\n- Kung Fury, [link](https://www.youtube.com/watch?v=fQGbXmkSArs)\r\n- Cheat Engine\r\n- Ghidra\r\n- x64dbg","updated_timestamp":{"seconds":1720462431,"nanoseconds":0},"speakers":[{"content_ids":[54459],"conference_id":133,"event_ids":[54832],"name":"Joe \"Kingpin\" Grand","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"LinkTree","sort_order":0,"url":"https://linktr.ee/joegrand"},{"description":"","title":"Twitter (@joegrand)","sort_order":0,"url":"https://twitter.com/joegrand"},{"description":"","title":"YouTube","sort_order":0,"url":"https://www.youtube.com/@JoeGrand"}],"media":[],"id":54052},{"content_ids":[54459],"conference_id":133,"event_ids":[54832],"name":"Bruno Krauss","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/bruno-krauss/"}],"media":[],"id":54093}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:13:51Z","links":[],"end":"2024-08-09T22:15:00.000-0000","id":54832,"tag_ids":[46166,46169,46419,46437,46438,46882],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54052},{"tag_id":46167,"sort_order":2,"person_id":54093}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-07-08T18:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The cloud seems complex, but it's what happens behind the scenes that really complicates things. Some services utilize others as resources as part of their logic/operation. Interestingly enough, it turns out that this could lead to catastrophic results if done unsafely.\r\n\r\nThis talk will present six critical vulnerabilities that we found in AWS, along with the stories and methodologies behind them. These vulnerabilities, which were all promptly acknowledged and fixed by AWS, could allow external attackers to breach almost any AWS account. The vulnerabilities range from remote code execution, which could lead to full account takeover, to information disclosure, potentially exposing sensitive data, or causing denial of service. The session will share our story of discovery, how we were able to identify commonalities among them, and how we developed a method to uncover more vulnerabilities and enhance the impact by using common techniques leading to privilege escalation. We will then detail our approach for mapping service external resources and release our Open-Source tool to research service internal API calls. We will also present a method to check if accounts have been vulnerable to this vector in the past.\r\n\r\nWe will conclude our talk with the lessons learned during this research and our future line of research. We will highlight new areas that cloud researchers need to explore when hunting for cloud vulnerabilities and highlight best practices for developers to use in complex environments.\r\n\r\n- [link](https://rhinosecuritylabs.com/aws/cloud-malware-cloudformation-injection/)\r\n- [link](https://github.com/RhinoSecurityLabs/pacu/wiki/Module-Details#cfn__resource_injection)\r\n- [link](https://docs.aws.amazon.com/)\r\n\n\n\n","media":[],"title":"Breaching AWS Accounts Through Shadow Resources","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T22:15:00Z","end_timestamp":{"seconds":1723241700,"nanoseconds":0},"android_description":"The cloud seems complex, but it's what happens behind the scenes that really complicates things. Some services utilize others as resources as part of their logic/operation. Interestingly enough, it turns out that this could lead to catastrophic results if done unsafely.\r\n\r\nThis talk will present six critical vulnerabilities that we found in AWS, along with the stories and methodologies behind them. These vulnerabilities, which were all promptly acknowledged and fixed by AWS, could allow external attackers to breach almost any AWS account. The vulnerabilities range from remote code execution, which could lead to full account takeover, to information disclosure, potentially exposing sensitive data, or causing denial of service. The session will share our story of discovery, how we were able to identify commonalities among them, and how we developed a method to uncover more vulnerabilities and enhance the impact by using common techniques leading to privilege escalation. We will then detail our approach for mapping service external resources and release our Open-Source tool to research service internal API calls. We will also present a method to check if accounts have been vulnerable to this vector in the past.\r\n\r\nWe will conclude our talk with the lessons learned during this research and our future line of research. We will highlight new areas that cloud researchers need to explore when hunting for cloud vulnerabilities and highlight best practices for developers to use in complex environments.\r\n\r\n- [link](https://rhinosecuritylabs.com/aws/cloud-malware-cloudformation-injection/)\r\n- [link](https://github.com/RhinoSecurityLabs/pacu/wiki/Module-Details#cfn__resource_injection)\r\n- [link](https://docs.aws.amazon.com/)","updated_timestamp":{"seconds":1722098250,"nanoseconds":0},"speakers":[{"content_ids":[54458],"conference_id":133,"event_ids":[54831],"name":"Yakir Kadkoda","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Aqua","title":"Lead Security Researcher, Team Nautilus"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/yakir-kadkoda/"},{"description":"","title":"Twitter (@YakirKad)","sort_order":0,"url":"https://twitter.com/YakirKad"},{"description":"","title":"www.aquasec.com/authors/yakir-kadkoda/","sort_order":0,"url":"https://www.aquasec.com/authors/yakir-kadkoda/"}],"media":[],"id":54079,"title":"Lead Security Researcher, Team Nautilus at Aqua"},{"content_ids":[54458],"conference_id":133,"event_ids":[54831],"name":"Ofek Itach","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Aqua","title":"Senior Security Researcher"}],"links":[],"pronouns":null,"media":[],"id":54092,"title":"Senior Security Researcher at Aqua"},{"content_ids":[54458],"conference_id":133,"event_ids":[54831],"name":"Michael Katchinskiy","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54202}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-27T16:37:30Z","links":[],"end":"2024-08-09T22:15:00.000-0000","id":54831,"tag_ids":[46166,46169,46419,46437,46438,46880],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54079},{"tag_id":46167,"sort_order":4,"person_id":54202},{"tag_id":46167,"sort_order":6,"person_id":54092}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-07-27T16:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The first 35 Veterans can receive a free autographed vopy of Mr Roccia's new book, Visual Threat Intelligence: An Illustrated Guide for Threat Researchers, courtesy of VETCON.\n\n\n","media":[],"title":"Book Signing: Visual Threat Intelligence: An Illustrated Guide for Threat Researchers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:45:00Z","end_timestamp":{"seconds":1723239900,"nanoseconds":0},"android_description":"The first 35 Veterans can receive a free autographed vopy of Mr Roccia's new book, Visual Threat Intelligence: An Illustrated Guide for Threat Researchers, courtesy of VETCON.","updated_timestamp":{"seconds":1723225127,"nanoseconds":0},"speakers":[{"content_ids":[54442,56209],"conference_id":133,"event_ids":[54815,56863],"name":"Thomas Roccia","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":"Senior Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/thomas-roccia/"},{"description":"","title":"Past Presentations","sort_order":0,"url":"https://speakerdeck.com/fr0gger"},{"description":"","title":"Twitter (@fr0gger_)","sort_order":0,"url":"https://twitter.com/fr0gger_"},{"description":"","title":"Website","sort_order":0,"url":"https://www.securitybreak.io"}],"media":[],"id":54118,"title":"Senior Security Researcher at Microsoft"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T17:38:47Z","links":[],"end":"2024-08-09T21:45:00.000-0000","id":56863,"tag_ids":[46409,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54118}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W213-W214","hotel":"","short_name":"W213-W214","id":46286},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-08-09T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This presentation delves into the geopolitical landscape of the United States and\nbeyond, providing a critical examination of the evolving societal attitudes toward democracy, globalism,\nand privacy. Through the lens of psychological influence and cognitive security, we explore how cyber\nand economic warfare shape human behavior and decision-making processes. By bringing awareness to\nthe myriad forces that drive individual choices—from mundane daily activities like selecting breakfast to\nsignificant actions such as voting in elections—we aim to elucidate the intricate web of influence. This\nincludes an analysis of historical strategies employed in influence campaigns and a critical look at the\ntechnical and non-technical tactics used today. We highlight the economic underpinnings and financial\nmechanisms that support these campaigns, revealing the sophisticated interplay between economic\nwarfare and psychological manipulation. Through this exploration, we seek to equip participants with a\ndeeper understanding of the strategies behind modern influence campaigns and their profound impact on\nboth individual and collective decision-making within democratic societies.\n\n\n","media":[],"title":"Election 2024 Freedom of Choice: A Psybernomic Conundrum","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:45:00Z","end_timestamp":{"seconds":1723239900,"nanoseconds":0},"android_description":"This presentation delves into the geopolitical landscape of the United States and\nbeyond, providing a critical examination of the evolving societal attitudes toward democracy, globalism,\nand privacy. Through the lens of psychological influence and cognitive security, we explore how cyber\nand economic warfare shape human behavior and decision-making processes. By bringing awareness to\nthe myriad forces that drive individual choices—from mundane daily activities like selecting breakfast to\nsignificant actions such as voting in elections—we aim to elucidate the intricate web of influence. This\nincludes an analysis of historical strategies employed in influence campaigns and a critical look at the\ntechnical and non-technical tactics used today. We highlight the economic underpinnings and financial\nmechanisms that support these campaigns, revealing the sophisticated interplay between economic\nwarfare and psychological manipulation. Through this exploration, we seek to equip participants with a\ndeeper understanding of the strategies behind modern influence campaigns and their profound impact on\nboth individual and collective decision-making within democratic societies.","updated_timestamp":{"seconds":1723183538,"nanoseconds":0},"speakers":[{"content_ids":[56186],"conference_id":133,"event_ids":[56840],"name":"Hallie Stern","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/halliejstern-informationscientist"},{"description":"","title":"Twitter (@madmirrormedia)","sort_order":0,"url":"https://twitter.com/madmirrormedia"},{"description":"","title":"Website","sort_order":0,"url":"https://terraoptica.io"}],"media":[],"id":56569},{"content_ids":[56186],"conference_id":133,"event_ids":[56840],"name":"Tina Schneibs","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Website","sort_order":0,"url":"https://www.womenintechnology.org/board-of-directors"}],"media":[],"id":56586}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:05:38Z","links":[],"end":"2024-08-09T21:45:00.000-0000","id":56840,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56569},{"tag_id":46167,"sort_order":4,"person_id":56586}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Data brokers, and in particular people-search sites, are a headache for those of us trying to keep our addresses off the internet… and an absolute nightmare for people who are targeted due to their identity, profession, or political beliefs. In this talk, I’ll present the results of a collaborative research project by Tall Poppy and Consumer Reports that evaluates paid people-search removal services. I’ll also discuss how data brokers harm people, what you can do to protect yourself, why it’s so difficult, and what we can do as individuals and at a policy/advocacy level to solve this pernicious privacy problem.\n\n\n","media":[],"title":"Data Brokers and the Threat to Your Privacy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:30:00Z","end_timestamp":{"seconds":1723239000,"nanoseconds":0},"android_description":"Data brokers, and in particular people-search sites, are a headache for those of us trying to keep our addresses off the internet… and an absolute nightmare for people who are targeted due to their identity, profession, or political beliefs. In this talk, I’ll present the results of a collaborative research project by Tall Poppy and Consumer Reports that evaluates paid people-search removal services. I’ll also discuss how data brokers harm people, what you can do to protect yourself, why it’s so difficult, and what we can do as individuals and at a policy/advocacy level to solve this pernicious privacy problem.","updated_timestamp":{"seconds":1722725838,"nanoseconds":0},"speakers":[{"content_ids":[55998],"conference_id":133,"event_ids":[56620],"name":"Yael Grauer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56337}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T22:57:18Z","links":[],"end":"2024-08-09T21:30:00.000-0000","id":56620,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56337}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-08-03T22:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ask other hard hat enthusiasts about tips, tricks, and techniques during the Hard Hat Makers Panel. Power? Bling? Warez? Process? Let us help you on your own build journey.\n\n\n","media":[],"title":"Hard Hat Brigade Maker Panel","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"Ask other hard hat enthusiasts about tips, tricks, and techniques during the Hard Hat Makers Panel. Power? Bling? Warez? Process? Let us help you on your own build journey.","updated_timestamp":{"seconds":1722716460,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T20:21:00Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":56618,"tag_ids":[46403,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-02","hotel":"","short_name":"HW2-08-02","id":46261},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-08-03T20:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Esta conferencia se centrará en el actor amenaza UXHIL, responsable de la distribución del malware URSA, ofreciendo una visión profunda basada en ciberinteligencia. Exploraremos cómo este actor ha estado distribuyendo el malware, las tácticas, técnicas y procedimientos (TTPs) que utiliza y cómo es su cadena de infección. Los asistentes aprenderán a identificar y analizar estos patrones para desarrollar estrategias efectivas de mitigación.\n\n\n","media":[],"title":"Amenaza persistente: UXHIL y la propagación de URSA","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"Esta conferencia se centrará en el actor amenaza UXHIL, responsable de la distribución del malware URSA, ofreciendo una visión profunda basada en ciberinteligencia. Exploraremos cómo este actor ha estado distribuyendo el malware, las tácticas, técnicas y procedimientos (TTPs) que utiliza y cómo es su cadena de infección. Los asistentes aprenderán a identificar y analizar estos patrones para desarrollar estrategias efectivas de mitigación.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55962],"conference_id":133,"event_ids":[56578],"name":"Armando Aguilar","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Cyber Threat Analyst"}],"links":[],"pronouns":null,"media":[],"id":56297,"title":"Cyber Threat Analyst"},{"content_ids":[55962],"conference_id":133,"event_ids":[56578],"name":"Jesika Juarez","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Senior Cyber Threat Intelligence Analyst at Deloitte México"}],"links":[],"pronouns":"she/her","media":[],"id":56299,"title":"Senior Cyber Threat Intelligence Analyst at Deloitte México"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":56578,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56299},{"tag_id":46167,"sort_order":4,"person_id":56297}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Test out your through-hole and surface mount soldering skills to create your own open-source, cat-themed hacking tool! The WiFi nugget is a microcontroller-powered WiFi hacking device you will then flash with a suite of WiFi tools to get started with offensive and defensive WiFi security techniques.\n\n\n","media":[],"title":"Solder your own cat shaped WiFi Haking tool","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Test out your through-hole and surface mount soldering skills to create your own open-source, cat-themed hacking tool! The WiFi nugget is a microcontroller-powered WiFi hacking device you will then flash with a suite of WiFi tools to get started with offensive and defensive WiFi security techniques.","updated_timestamp":{"seconds":1722645221,"nanoseconds":0},"speakers":[{"content_ids":[55930,55931,55932,55933,55934,55935,55936,55937,55938,55939],"conference_id":133,"event_ids":[56521,56522,56523,56524,56525,56526,56527,56528,56529,56530],"name":"Kody K","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56287}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:41Z","links":[{"label":"Purchase/Pre-Register","type":"link","url":"https://retia.io/products/solder-your-own-cat-themed-wi-fi-hacking-tool"}],"end":"2024-08-09T23:00:00.000-0000","id":56523,"tag_ids":[46383,46429,46734],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56287}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Unleash your creativity at the Tool Makers Hackathon, where innovation meets functionality. Collaborate with fellow hackers to design and build groundbreaking tools that push the boundaries of cybersecurity. Whether you're a seasoned pro or a budding developer, this is your chance to showcase your skills, learn from the best, and create something truly unique.\n\n\n","media":[],"title":"ToolMakers Hackathon","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Unleash your creativity at the Tool Makers Hackathon, where innovation meets functionality. Collaborate with fellow hackers to design and build groundbreaking tools that push the boundaries of cybersecurity. Whether you're a seasoned pro or a budding developer, this is your chance to showcase your skills, learn from the best, and create something truly unique.","updated_timestamp":{"seconds":1722633249,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:09Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56503,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk Bruna will bring to the table societal aspects of quantum technologies from a Global South perspective. In particular, how different are the dynamics of quantum hype in non-English speaking countries, how economic inequality affects quantum-readiness and why this should be everyone’s problem.\n\n\n","media":[],"title":"Quantum on the flip side - A global south perspective on Quantum Technologies","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"In this talk Bruna will bring to the table societal aspects of quantum technologies from a Global South perspective. In particular, how different are the dynamics of quantum hype in non-English speaking countries, how economic inequality affects quantum-readiness and why this should be everyone’s problem.","updated_timestamp":{"seconds":1722626529,"nanoseconds":0},"speakers":[{"content_ids":[55844,55855],"conference_id":133,"event_ids":[56431,56442],"name":"Bruna Shinohara de Mendonça","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56221}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:22:09Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":56431,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56221}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-08-02T19:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join BTV and the Aerospace Village for a large-scale interactive tabletop exercise with a game show panel format. Participants will walk through a security incident within input from security pros, tabletop experts, and aerospace insiders. The host will invite answers and prizes may fly through the air as our subject matter experts weigh in on the response effort with snark but no judgment.\n\n\nJoin BTV and the Aerospace Village for a large-scale interactive tabletop exercise with a game show panel format. Participants will walk through a security incident within input from security pros, tabletop experts, and aerospace insiders. The host will invite answers and prizes may fly through the air as our subject matter experts weigh in on the response effort with snark but no judgment.","media":[],"title":"Area DC32: An Interactive Tabletop Takes Flight (A BTV Panel)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Join BTV and the Aerospace Village for a large-scale interactive tabletop exercise with a game show panel format. Participants will walk through a security incident within input from security pros, tabletop experts, and aerospace insiders. The host will invite answers and prizes may fly through the air as our subject matter experts weigh in on the response effort with snark but no judgment.\n\n\nJoin BTV and the Aerospace Village for a large-scale interactive tabletop exercise with a game show panel format. Participants will walk through a security incident within input from security pros, tabletop experts, and aerospace insiders. The host will invite answers and prizes may fly through the air as our subject matter experts weigh in on the response effort with snark but no judgment.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55763,54574],"conference_id":133,"event_ids":[56287,54949],"name":"Matt Mayes","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Aerospace Village","title":""}],"links":[],"pronouns":null,"media":[],"id":55971,"title":"Aerospace Village"},{"content_ids":[55763],"conference_id":133,"event_ids":[56287],"name":"Caspian Kilkelly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56137},{"content_ids":[55763],"conference_id":133,"event_ids":[56287],"name":"Harlan Geer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56142},{"content_ids":[55763,55760],"conference_id":133,"event_ids":[56285,56287],"name":"Shea Nangle","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56157},{"content_ids":[55763],"conference_id":133,"event_ids":[56287],"name":"Aakin Patel","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56161},{"content_ids":[55763],"conference_id":133,"event_ids":[56287],"name":"Gwyddia","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56172}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56287,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56161},{"tag_id":46167,"sort_order":4,"person_id":56137},{"tag_id":46167,"sort_order":6,"person_id":56172},{"tag_id":46167,"sort_order":8,"person_id":56142},{"tag_id":46167,"sort_order":12,"person_id":56157},{"tag_id":46167,"sort_order":14,"person_id":55971}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Most web security professionals are familiar with Relative Path Overwrite (RPO) attacks that allow injecting malicious CSS via a quirk in how browsers handle paths. But what if you could use a similar technique to get victims to download malicious files by clicking an innocuous looking download link on a trusted site? In this presentation, we'll unveil a new attack vector dubbed Relative Path File Injection (RPFI) that abuses path handling to turn benign websites into malware delivery platforms. Attendees will learn the anatomy of an RPFI attack, see demos of it in action, and learn how to detect this overlooked vulnerability class in the wild. We'll also release an open source GitHub repo with proof of concepts for users to try for themselves. RPFI represents a new breed of polyglot-based attack that exploits gaps between web specifications and real-world implementations.\n\n\n","media":[],"title":"Relative Path File Injection: The Next Evolution in RPO","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:30:00Z","end_timestamp":{"seconds":1723239000,"nanoseconds":0},"android_description":"Most web security professionals are familiar with Relative Path Overwrite (RPO) attacks that allow injecting malicious CSS via a quirk in how browsers handle paths. But what if you could use a similar technique to get victims to download malicious files by clicking an innocuous looking download link on a trusted site? In this presentation, we'll unveil a new attack vector dubbed Relative Path File Injection (RPFI) that abuses path handling to turn benign websites into malware delivery platforms. Attendees will learn the anatomy of an RPFI attack, see demos of it in action, and learn how to detect this overlooked vulnerability class in the wild. We'll also release an open source GitHub repo with proof of concepts for users to try for themselves. RPFI represents a new breed of polyglot-based attack that exploits gaps between web specifications and real-world implementations.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55738],"conference_id":133,"event_ids":[56264],"name":"Ian Hickey","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56119}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T21:30:00.000-0000","id":56264,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56119}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"OWASP Cornucopia is a card game to assist software development teams identify security requirements in agile, conventional, and formal software development processes. It is language, platform, and technology agnostic. Having celebrated its 10th anniversary last year, Cornucopia has been refreshed including an updated full version of the game, a new Website App Edition updated with the OWASP ASVS 4.0 mapping and a Mobile App Edition with the OWASP MASVS 2.0 mapping for mobile development.\n\n\n","media":[],"title":"Extend reality with tabletop RPG OWASP Cornucopia. Play sessions throughout workshop times.","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"OWASP Cornucopia is a card game to assist software development teams identify security requirements in agile, conventional, and formal software development processes. It is language, platform, and technology agnostic. Having celebrated its 10th anniversary last year, Cornucopia has been refreshed including an updated full version of the game, a new Website App Edition updated with the OWASP ASVS 4.0 mapping and a Mobile App Edition with the OWASP MASVS 2.0 mapping for mobile development.","updated_timestamp":{"seconds":1722368947,"nanoseconds":0},"speakers":[{"content_ids":[54593,55580],"conference_id":133,"event_ids":[56102,54968],"name":"Stryker","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Adversary Pursuit Group (APG)","title":"Head of Security Communications and Planning"}],"pronouns":"she/her","links":[{"description":"","title":"Website","sort_order":0,"url":"https://strykernostriking.com"}],"media":[],"id":56045,"title":"Head of Security Communications and Planning at Adversary Pursuit Group (APG)"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T19:49:07Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56102,"tag_ids":[46397,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56045}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-06","hotel":"","short_name":"HW4-01-06","id":46354},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-30T19:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"For customers of Microsoft 365 and Azure, obtaining the role of Global Administrator (GA) is every attacker's dream - it is the Domain Administrator of the cloud. This makes Global Administrator every organization's nightmare of being owned by a threat group or hacker. Luckily, well-defined role-based access control and a strict application consent model can severely limit who gets their fingers on Global Administrator - or does it?\n\nThis talk explores a novel discovery that resulted in privilege elevation to Global Administrator in Entra ID (Azure AD). Part conversation about the research background, part discussion of the foundational components involved, this talk will walk step-by-step through the path to privilege elevation, and owning Global Admin.\n\n\n","media":[],"title":"UnOAuthorized: Discovering the path to privilege elevation to Global Administrator","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:30:00Z","end_timestamp":{"seconds":1723239000,"nanoseconds":0},"android_description":"For customers of Microsoft 365 and Azure, obtaining the role of Global Administrator (GA) is every attacker's dream - it is the Domain Administrator of the cloud. This makes Global Administrator every organization's nightmare of being owned by a threat group or hacker. Luckily, well-defined role-based access control and a strict application consent model can severely limit who gets their fingers on Global Administrator - or does it?\n\nThis talk explores a novel discovery that resulted in privilege elevation to Global Administrator in Entra ID (Azure AD). Part conversation about the research background, part discussion of the foundational components involved, this talk will walk step-by-step through the path to privilege elevation, and owning Global Admin.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55484],"conference_id":133,"event_ids":[55913],"name":"Eric Woodruff","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"ericonidentity","sort_order":0,"url":"https://ericonidentity"}],"media":[],"id":56006}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T21:30:00.000-0000","id":55913,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56006}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Make a friendship bracelet with an exclusive WISP charm.\n\n\n","media":[],"title":"Friendship Bracelet Making","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Make a friendship bracelet with an exclusive WISP charm.","updated_timestamp":{"seconds":1722207088,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T22:51:28Z","links":[{"label":"Website","type":"link","url":"https://www.wisporg.com/"}],"end":"2024-08-09T23:00:00.000-0000","id":55901,"tag_ids":[46410,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-04","hotel":"","short_name":"HW3-05-04","id":46266},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-28T22:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Quansheng UV-K5 has quickly become the hot new budget radio for new hams and old hams that love to tinker. In this presentation, I will talk about the capabilities of the radio, open source firmware mods, and hardware mods. I'll also show why transmitting with a radio on frequencies it can't properly filter can be a bad idea!\n\n\n","media":[],"title":"Hacking the Quansheng UV-K5","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"The Quansheng UV-K5 has quickly become the hot new budget radio for new hams and old hams that love to tinker. In this presentation, I will talk about the capabilities of the radio, open source firmware mods, and hardware mods. I'll also show why transmitting with a radio on frequencies it can't properly filter can be a bad idea!","updated_timestamp":{"seconds":1722185592,"nanoseconds":0},"speakers":[{"content_ids":[55435],"conference_id":133,"event_ids":[55860],"name":"Jon Marler","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@jmarler"}],"media":[],"id":55977}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T16:53:12Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":55860,"tag_ids":[46169,46380,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":55977}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W321","hotel":"","short_name":"W321","id":46337},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-28T16:53:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn how to hack the DCNextGen Badge and take it to another level!\n\n\n","media":[],"title":"Hack the Badge (Badge class level 2)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"Learn how to hack the DCNextGen Badge and take it to another level!","updated_timestamp":{"seconds":1721785056,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T01:37:36Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":55756,"tag_ids":[46398,46641],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-24T01:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Microsoft Detours library was leveraged to instrument the entire process environment of an engineering workstation in an operational technology/industrial control system (OT/ICS) setting. This approach allowed for the comprehensive monitoring and analysis of privileged file operations within these systems. Through this method, multiple vulnerabilities in SCADA software were identified and exploited, demonstrating the effective use of Detours for security research in critical infrastructure contexts.\r\nThis presentation will discuss how the custom dynamic-link library (DLL) developed with Detours enabled the systematic examination of file operations, leading to the discovery of security flaws that were then exploited. The talk will showcase these exploitations, providing insight into the types of vulnerabilities that were uncovered and the potential implications for system security. The focus will be on demonstrating the importance of having an effective vulnerability hunting strategy in critical environments and showing real exploitation scenarios of the vulnerabilities found through this method.\n\n\n","media":[],"title":"Detouring Danger: Hunting Privileged File Operation Vulnerabilities in OT/ICS software","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:55:00Z","end_timestamp":{"seconds":1723240500,"nanoseconds":0},"android_description":"The Microsoft Detours library was leveraged to instrument the entire process environment of an engineering workstation in an operational technology/industrial control system (OT/ICS) setting. This approach allowed for the comprehensive monitoring and analysis of privileged file operations within these systems. Through this method, multiple vulnerabilities in SCADA software were identified and exploited, demonstrating the effective use of Detours for security research in critical infrastructure contexts.\r\nThis presentation will discuss how the custom dynamic-link library (DLL) developed with Detours enabled the systematic examination of file operations, leading to the discovery of security flaws that were then exploited. The talk will showcase these exploitations, providing insight into the types of vulnerabilities that were uncovered and the potential implications for system security. The focus will be on demonstrating the importance of having an effective vulnerability hunting strategy in critical environments and showing real exploitation scenarios of the vulnerabilities found through this method.","updated_timestamp":{"seconds":1721781590,"nanoseconds":0},"speakers":[{"content_ids":[55345,55977],"conference_id":133,"event_ids":[55737,56593],"name":"Asher Davila","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Palo Alto Networks","title":"IoT/OT Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/asherdavila/"},{"description":"","title":"Twitter (@asher_davila)","sort_order":0,"url":"https://twitter.com/asher_davila"},{"description":"","title":"Website","sort_order":0,"url":"https://cronop-io.github.io/"}],"media":[],"id":55948,"title":"IoT/OT Security Researcher at Palo Alto Networks"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T00:39:50Z","links":[],"end":"2024-08-09T21:55:00.000-0000","id":55737,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55948}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-24T00:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cyber-financial crimes devastate marginalized communities, robbing them of economic opportunity and hard earned civil rights. This panel issues an urgent call to action to cyber advocates: join forces in pioneering policy solutions that enhance community resilience against these persistent threats to our global community. Our experts go beyond critiquing existing laws to envision groundbreaking models prioritizing the voices of impacted groups. We'll explore how to effectively amplify grassroots initiatives fostering digital awareness and empowerment from the ground up. This is a roadmap for multi-stakeholder collaboration - uniting policy leaders, corporate innovators, government officials, hackers, and advocates. Together we can build robust frameworks that embed civil rights into the core of cybersecurity strategy and implementation.\n\n\n","media":[],"title":"Advocating for an Inclusive Cyber-Civil Rights Policy Agenda for Vulnerable Communities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:45:00Z","end_timestamp":{"seconds":1723239900,"nanoseconds":0},"android_description":"Cyber-financial crimes devastate marginalized communities, robbing them of economic opportunity and hard earned civil rights. This panel issues an urgent call to action to cyber advocates: join forces in pioneering policy solutions that enhance community resilience against these persistent threats to our global community. Our experts go beyond critiquing existing laws to envision groundbreaking models prioritizing the voices of impacted groups. We'll explore how to effectively amplify grassroots initiatives fostering digital awareness and empowerment from the ground up. This is a roadmap for multi-stakeholder collaboration - uniting policy leaders, corporate innovators, government officials, hackers, and advocates. Together we can build robust frameworks that embed civil rights into the core of cybersecurity strategy and implementation.","updated_timestamp":{"seconds":1721778687,"nanoseconds":0},"speakers":[{"content_ids":[55332],"conference_id":133,"event_ids":[55723],"name":"Elizabeth Eigner","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":"Security Policy Strategist"}],"links":[],"pronouns":null,"media":[],"id":55926,"title":"Security Policy Strategist at Microsoft"},{"content_ids":[55332,55685],"conference_id":133,"event_ids":[55723,56208],"name":"Jacob H Braun","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Office of the National Cyber Director (ONCD)","title":"Acting Principal Deputy National Cyber Director"}],"links":[],"pronouns":null,"media":[],"id":55928,"title":"Acting Principal Deputy National Cyber Director at Office of the National Cyber Director (ONCD)"},{"content_ids":[55332],"conference_id":133,"event_ids":[55723],"name":"Kemba Walden","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Paladin Global Institute","title":"President"}],"links":[],"pronouns":null,"media":[],"id":55932,"title":"President at Paladin Global Institute"},{"content_ids":[55332],"conference_id":133,"event_ids":[55723],"name":"Nicole Tisdale","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Advocacy Blueprints","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":55937,"title":"Founder at Advocacy Blueprints"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-23T23:51:27Z","links":[],"end":"2024-08-09T21:45:00.000-0000","id":55723,"tag_ids":[46388,46419,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":55937},{"tag_id":46487,"sort_order":4,"person_id":55932},{"tag_id":46487,"sort_order":6,"person_id":55928},{"tag_id":46487,"sort_order":8,"person_id":55926}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-23T23:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Breaking Through Barriers: Attacking Access Control Systems\r\n\r\nIn this in-depth session, we will dive into the vulnerabilities of access control systems, specifically targeting RFID readers and the Wiegand protocol that these readers commonly use to interact with other security devices. Discover the intricate design process behind a custom tool crafted to exploit specific Schlage proximity readers. \r\n\r\nThis talk will cover:\r\n\r\n- The fundamental weaknesses in RFID reader technologies and the Wiegand communication protocol.\r\n- Step-by-step breakdown of designing a tool to man-in-the-middle Schlage proximity readers.\r\n- Real-world implications and case studies demonstrating successful attacks on high-security installations.\r\n\r\nAttendees will gain actionable insights into the inner workings of access control systems, enabling them to conduct physical security assessments with more success. This session is a must-attend for security professionals looking to stay ahead of the curve in physical offensive security strategies.\n\n\n","media":[],"title":"Physical Security - Bypassing Access Control Systems","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T21:50:00Z","end_timestamp":{"seconds":1723240200,"nanoseconds":0},"android_description":"Breaking Through Barriers: Attacking Access Control Systems\r\n\r\nIn this in-depth session, we will dive into the vulnerabilities of access control systems, specifically targeting RFID readers and the Wiegand protocol that these readers commonly use to interact with other security devices. Discover the intricate design process behind a custom tool crafted to exploit specific Schlage proximity readers. \r\n\r\nThis talk will cover:\r\n\r\n- The fundamental weaknesses in RFID reader technologies and the Wiegand communication protocol.\r\n- Step-by-step breakdown of designing a tool to man-in-the-middle Schlage proximity readers.\r\n- Real-world implications and case studies demonstrating successful attacks on high-security installations.\r\n\r\nAttendees will gain actionable insights into the inner workings of access control systems, enabling them to conduct physical security assessments with more success. This session is a must-attend for security professionals looking to stay ahead of the curve in physical offensive security strategies.","updated_timestamp":{"seconds":1721595431,"nanoseconds":0},"speakers":[{"content_ids":[55278],"conference_id":133,"event_ids":[55668],"name":"Andrew Johnson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@_inyernet)","sort_order":0,"url":"https://twitter.com/_inyernet"}],"media":[],"id":55827}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T20:57:11Z","links":[],"end":"2024-08-09T21:50:00.000-0000","id":55668,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55827}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-21T20:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Operational security (OpSec) is a cornerstone in red teaming, necessitating continuous refinement of tools and techniques to avoid detection. This workshop is designed for new red team operators and individuals seeking to enhance their offensive capabilities. It focuses on customizing the Impacket toolset—a collection of Python classes for working with network protocols—to improve OpSec during engagements.\n\nImpacket tools such as wmiexec, smbexec, and secretsdump are staples in the toolkit of any red teamer due to their versatility and power in gaining access and extracting sensitive data from Windows environments. However, their detectability has increased as defensive measures have become more sophisticated. This session proposes modifications to these tools to reduce their footprint and evade modern security defenses.\n\nParticipants will explore various customization strategies, including altering network signatures, timing attacks to evade detection, and integrating stealthier authentication methods. Practical exercises will guide attendees through the process of modifying the Impacket scripts, demonstrating how these changes can significantly enhance operational security in simulated environments.\n\n\n","media":[],"title":"Modifying Impacket for Better OpSec","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T22:50:00Z","end_timestamp":{"seconds":1723243800,"nanoseconds":0},"android_description":"Operational security (OpSec) is a cornerstone in red teaming, necessitating continuous refinement of tools and techniques to avoid detection. This workshop is designed for new red team operators and individuals seeking to enhance their offensive capabilities. It focuses on customizing the Impacket toolset—a collection of Python classes for working with network protocols—to improve OpSec during engagements.\n\nImpacket tools such as wmiexec, smbexec, and secretsdump are staples in the toolkit of any red teamer due to their versatility and power in gaining access and extracting sensitive data from Windows environments. However, their detectability has increased as defensive measures have become more sophisticated. This session proposes modifications to these tools to reduce their footprint and evade modern security defenses.\n\nParticipants will explore various customization strategies, including altering network signatures, timing attacks to evade detection, and integrating stealthier authentication methods. Practical exercises will guide attendees through the process of modifying the Impacket scripts, demonstrating how these changes can significantly enhance operational security in simulated environments.","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55277,55985],"conference_id":133,"event_ids":[55667,56607],"name":"Ryan O'Donnell","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":"Senior Offensive Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/odonnell-ryan"},{"description":"","title":"Twitter (@odiesec)","sort_order":0,"url":"https://twitter.com/odiesec"}],"media":[],"id":55828,"title":"Senior Offensive Security Engineer at Microsoft"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T22:50:00.000-0000","id":55667,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55828}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Dive into the dynamic world of Open Source Intelligence (OSINT) with this quick workshop designed to give you a taste of practical online investigations and threat hunting. Led by a seasoned professional, this immersive session offers a condensed yet impactful introduction to essential OSINT techniques that you can use in your red teaming engagements.\r\n\r\nExperience the power of hands-on learning as you engage in live demonstrations, exploring key concepts such as operational security (OpSec), advanced search engine queries, username and phone number lookups, social media reconnaissance, breached records analysis, network reconnaissance, historical records, and essential documentation, all within the span of this engaging workshop. Through interactive exercises and guided discussions, participants will gain a glimpse into the world of OSINT.\r\n\r\nWho’s it for?\r\n\r\nThis training is suited for all individuals in any field with a keen interest in online investigations regardless of their experience level in OSINT\n\n\n","media":[],"title":"Level UP OSINT","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T21:50:00Z","end_timestamp":{"seconds":1723240200,"nanoseconds":0},"android_description":"Dive into the dynamic world of Open Source Intelligence (OSINT) with this quick workshop designed to give you a taste of practical online investigations and threat hunting. Led by a seasoned professional, this immersive session offers a condensed yet impactful introduction to essential OSINT techniques that you can use in your red teaming engagements.\r\n\r\nExperience the power of hands-on learning as you engage in live demonstrations, exploring key concepts such as operational security (OpSec), advanced search engine queries, username and phone number lookups, social media reconnaissance, breached records analysis, network reconnaissance, historical records, and essential documentation, all within the span of this engaging workshop. Through interactive exercises and guided discussions, participants will gain a glimpse into the world of OSINT.\r\n\r\nWho’s it for?\r\n\r\nThis training is suited for all individuals in any field with a keen interest in online investigations regardless of their experience level in OSINT","updated_timestamp":{"seconds":1721595185,"nanoseconds":0},"speakers":[{"content_ids":[55276,55902],"conference_id":133,"event_ids":[55666,56489],"name":"Mishaal Khan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@mish3alkhan)","sort_order":0,"url":"https://twitter.com/mish3alkhan"}],"media":[],"id":55829}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T20:53:05Z","links":[],"end":"2024-08-09T21:50:00.000-0000","id":55666,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55829}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-21T20:53:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"One of the best ways to learn something is to teach others about it. BYOCTF is a CTF framework (really a concept) that allows CTF players to contribute challenges for other players to solve and earn points as a reward. The purpose of the framework is to allow people to think about the learning experience of others. Everyone can learn how to become a CTF challenge developer.\n\n\n","media":[],"title":"\"BYOCTF\" - Bring Your Own [Challenges||Capture] The Flag","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"One of the best ways to learn something is to teach others about it. BYOCTF is a CTF framework (really a concept) that allows CTF players to contribute challenges for other players to solve and earn points as a reward. The purpose of the framework is to allow people to think about the learning experience of others. Everyone can learn how to become a CTF challenge developer.","updated_timestamp":{"seconds":1721495194,"nanoseconds":0},"speakers":[{"content_ids":[55194],"conference_id":133,"event_ids":[55584],"name":"Eli McRae","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Penetration Tester"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/eli-mcrae"},{"description":"","title":"Mastodon (@shyft@defcon.social)","sort_order":0,"url":"https://defcon.social/@shyft"},{"description":"","title":"Twitter (@earcmile)","sort_order":0,"url":"https://x.com/earcmile"},{"description":"","title":"Website","sort_order":0,"url":"https://shyft.us"}],"media":[],"id":55800,"title":"Penetration Tester"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T17:06:34Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":55584,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55800}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-20T17:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The presentation will feature a brief introduction to Web3 and Web3 bug bounties, notoriously some of the differences that the typical blockchain transparency brings in comparison to web2. Then we will explain what’s at stake in Web3. In traditional bug bounties, what's most often at stake is PII data, as well as critical infrastructure. In the blockchain world, money is at malicious actors' finger tips - extremely large sums of money. We will go over some of the most notorious hacks that happened in Web3, and we will look at real blockchain data:\r\n\r\n- The technical details of the exploit\r\n- The money flows\r\n- The out of this world messages sent in the negotiation process between the hackers and the hacked protocol. Yes, often this negotiation actually happens through transparent blockchain transactions.\r\n\r\nFinally, we will recreate some of the most iconic +$1M bounties and their proof of concepts. At least one will be on smart contracts, one will be on the blockchain stack and one on will be in novelty zero knowledge circuit technology.\n\n\n","media":[],"title":"Why You Should Be Hunting on Web3 Bug Bounties","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"The presentation will feature a brief introduction to Web3 and Web3 bug bounties, notoriously some of the differences that the typical blockchain transparency brings in comparison to web2. Then we will explain what’s at stake in Web3. In traditional bug bounties, what's most often at stake is PII data, as well as critical infrastructure. In the blockchain world, money is at malicious actors' finger tips - extremely large sums of money. We will go over some of the most notorious hacks that happened in Web3, and we will look at real blockchain data:\r\n\r\n- The technical details of the exploit\r\n- The money flows\r\n- The out of this world messages sent in the negotiation process between the hackers and the hacked protocol. Yes, often this negotiation actually happens through transparent blockchain transactions.\r\n\r\nFinally, we will recreate some of the most iconic +$1M bounties and their proof of concepts. At least one will be on smart contracts, one will be on the blockchain stack and one on will be in novelty zero knowledge circuit technology.","updated_timestamp":{"seconds":1721438154,"nanoseconds":0},"speakers":[{"content_ids":[55176],"conference_id":133,"event_ids":[55564],"name":"Gonçalo Marques Raposo de Magalhães","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Immunefi","title":"Head of Security"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@realgmhacker)","sort_order":0,"url":"https://twitter.com/realgmhacker"}],"media":[],"id":54816,"title":"Head of Security at Immunefi"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T01:15:54Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#why-you-should-be-hunting-on-web3-bug-bounties"}],"end":"2024-08-09T22:00:00.000-0000","id":55564,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54816}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-20T01:15:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Resume Reviews offer attendees the opportunity to have their resumes critiqued by industry professionals. This activity provides personalized feedback and tips on how to improve resumes to stand out in the cybersecurity job market. It's a great way for participants to enhance their professional profiles and increase their chances of landing their desired roles.\n\n\n","media":[],"title":"Resume Reviews","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Resume Reviews offer attendees the opportunity to have their resumes critiqued by industry professionals. This activity provides personalized feedback and tips on how to improve resumes to stand out in the cybersecurity job market. It's a great way for participants to enhance their professional profiles and increase their chances of landing their desired roles.","updated_timestamp":{"seconds":1721487270,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T14:54:30Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55412,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Some diagnostic services in UDSonCAN that could affect driving should be disabled while driving and protected by authentication mechanisms such as SecurityAccess. However, without these security measures, attackers can cause a serious safety risk to the driver using only diagnostic messages. In this talk, we introduce UDSonCAN attacks discovered through fuzzing and describe their countermeasures. These attacks can cause a moving car to suddenly stop or a stationary car to suddenly acceleration with just simple diagnostic messages. We discovered these vulnerabilities in the latest electric vehicle model and have prepared a demo.\n\n\n","media":[],"title":"UDSonCAN Attacks: Discovering Safety-Critical Risks by Fuzzing","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:30:00Z","end_timestamp":{"seconds":1723239000,"nanoseconds":0},"android_description":"Some diagnostic services in UDSonCAN that could affect driving should be disabled while driving and protected by authentication mechanisms such as SecurityAccess. However, without these security measures, attackers can cause a serious safety risk to the driver using only diagnostic messages. In this talk, we introduce UDSonCAN attacks discovered through fuzzing and describe their countermeasures. These attacks can cause a moving car to suddenly stop or a stationary car to suddenly acceleration with just simple diagnostic messages. We discovered these vulnerabilities in the latest electric vehicle model and have prepared a demo.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54570],"conference_id":133,"event_ids":[54945],"name":"Soohwan Oh","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54258},{"content_ids":[54570],"conference_id":133,"event_ids":[54945],"name":"Jonghyuk Song","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54275},{"content_ids":[54570],"conference_id":133,"event_ids":[54945],"name":"Seunghee Han","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Autocrypt Engineering","title":"Automotive Engineer and Security Tester"}],"links":[],"pronouns":null,"media":[],"id":54298,"title":"Automotive Engineer and Security Tester at Autocrypt Engineering"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T21:30:00.000-0000","id":54945,"tag_ids":[46375,46419,46437,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54275},{"tag_id":46167,"sort_order":1,"person_id":54298},{"tag_id":46167,"sort_order":1,"person_id":54258}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Economic efficiency and increasing automation mean that many industrial assets are remotely monitored and controlled. While some assets, such as oil production platforms, remain manned in isolated conditions, the ecosystem of renewable energy and distributed energy resources (DERs), pipelines, and other assets are increasingly unmanned with control extending over common information links. While this has been a boon for cost, it has also resulted in a radical extension of attack surface for cyber operations.\n\nIn this discussion, we will explore the nature of distributed industrial asset operation and the opportunities this presents for adversaries to infiltrate and potentially disrupt critical infrastructure operations. To make this point, we will review examples of adversary activity, from the 2022 ViaSat incident through historical pipeline intrusions (NOT Colonial!), showing how adversaries intentionally or inadvertently prey on brittle communication links for industrial disruption. We will conclude with a discussion of how these risks can be mitigated in a way that is sensible and economical, because wind farm operators won't lay their own dedicated fiber anytime soon.\n\n\n","media":[],"title":"The Risk and Reward of Distributed Industrial Control","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:30:00Z","end_timestamp":{"seconds":1723239000,"nanoseconds":0},"android_description":"Economic efficiency and increasing automation mean that many industrial assets are remotely monitored and controlled. While some assets, such as oil production platforms, remain manned in isolated conditions, the ecosystem of renewable energy and distributed energy resources (DERs), pipelines, and other assets are increasingly unmanned with control extending over common information links. While this has been a boon for cost, it has also resulted in a radical extension of attack surface for cyber operations.\n\nIn this discussion, we will explore the nature of distributed industrial asset operation and the opportunities this presents for adversaries to infiltrate and potentially disrupt critical infrastructure operations. To make this point, we will review examples of adversary activity, from the 2022 ViaSat incident through historical pipeline intrusions (NOT Colonial!), showing how adversaries intentionally or inadvertently prey on brittle communication links for industrial disruption. We will conclude with a discussion of how these risks can be mitigated in a way that is sensible and economical, because wind farm operators won't lay their own dedicated fiber anytime soon.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54569,55764],"conference_id":133,"event_ids":[56273,54944],"name":"Joe Slowik","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54362}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T21:30:00.000-0000","id":54944,"tag_ids":[46382,46419,46463,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54362}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you have an interest in physical security and want to help your employer secure their buildings, this talk is for you! We'll cover common flaws in locks, alarms, surveillance systems and employee training, and how to test for them and suggest remediations to company leadership. Learn methods of lock bypass, alarm bypass, forcible entry, social engineering and other common vulnerabilities! \n\nThis talk is aimed at employees whose primary job function does not involve physical security - that often includes cybersecurity teams though, so we'll make lots of analogies to infosec concepts, but the talk is accessible to everyone. \n\n\n","media":[],"title":"Physical Security Assessment Basics for Internal Employees","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:30:00Z","end_timestamp":{"seconds":1723239000,"nanoseconds":0},"android_description":"If you have an interest in physical security and want to help your employer secure their buildings, this talk is for you! We'll cover common flaws in locks, alarms, surveillance systems and employee training, and how to test for them and suggest remediations to company leadership. Learn methods of lock bypass, alarm bypass, forcible entry, social engineering and other common vulnerabilities! \n\nThis talk is aimed at employees whose primary job function does not involve physical security - that often includes cybersecurity teams though, so we'll make lots of analogies to infosec concepts, but the talk is accessible to everyone.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54568,54648],"conference_id":133,"event_ids":[54943,55021],"name":"Billy Graydon","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GGR Security","title":"Principal"}],"links":[],"pronouns":null,"media":[],"id":54354,"title":"Principal at GGR Security"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T21:30:00.000-0000","id":54943,"tag_ids":[46387,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54354}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"GPU security is a vital area of mobile security highlighted both by public security research as well as by in-the-wild attacks. Due to the high complexity of the GPU software/firmware along with a widely available attack surface, issues in GPU provide strong exploitation primitives for local privilege escalation attacks by the code running in unprivileged context.\n\nIn this talk, we will focus our research on the Qualcomm Adreno GPU, which is a very popular GPU implementation in mobile devices. We will do a deep dive into Adreno GPU kernel module implementation focusing on the most recent GPU versions, reveal its complex and new attack surfaces, and discuss vulnerabilities we discovered in this component.\n\nIn total we identified 9+ exploitable vulnerabilities in Adreno GPU driver leading to kernel code execution and affecting Qualcomm-based devices using the latest GPU models. We will demonstrate the exploitation of one of the race condition issues on a fully-patched widely used Android device to obtain root privileges from zero-permission application with 100% success rate.\n\nAndroid kernel mitigations such as CFI and W^X create significant hurdles for exploiting vulnerabilities in kernel to achieve code execution. Also race condition usually means unstable, low success rate. We'll explain how we overcome these challenges with a novel, generic exploit method that leverages GPU features to achieve arbitrary physical memory read/write. This technique bypasses key mitigations (CFI, W^X) and has broader implications for kernel heap buffer overflows. We will cover the technical details of the exploitation, and especially the novel generic exploit method.\n\nWe will also discuss the action items that the vendors could take to minimize the impact of this exploit method, as well as general methods to improve the overall security status of the GPU.\n\n\n","media":[],"title":"The Way To Android Root: Exploiting Your GPU On Smartphone","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T21:45:00Z","end_timestamp":{"seconds":1723239900,"nanoseconds":0},"android_description":"GPU security is a vital area of mobile security highlighted both by public security research as well as by in-the-wild attacks. Due to the high complexity of the GPU software/firmware along with a widely available attack surface, issues in GPU provide strong exploitation primitives for local privilege escalation attacks by the code running in unprivileged context.\n\nIn this talk, we will focus our research on the Qualcomm Adreno GPU, which is a very popular GPU implementation in mobile devices. We will do a deep dive into Adreno GPU kernel module implementation focusing on the most recent GPU versions, reveal its complex and new attack surfaces, and discuss vulnerabilities we discovered in this component.\n\nIn total we identified 9+ exploitable vulnerabilities in Adreno GPU driver leading to kernel code execution and affecting Qualcomm-based devices using the latest GPU models. We will demonstrate the exploitation of one of the race condition issues on a fully-patched widely used Android device to obtain root privileges from zero-permission application with 100% success rate.\n\nAndroid kernel mitigations such as CFI and W^X create significant hurdles for exploiting vulnerabilities in kernel to achieve code execution. Also race condition usually means unstable, low success rate. We'll explain how we overcome these challenges with a novel, generic exploit method that leverages GPU features to achieve arbitrary physical memory read/write. This technique bypasses key mitigations (CFI, W^X) and has broader implications for kernel heap buffer overflows. We will cover the technical details of the exploitation, and especially the novel generic exploit method.\n\nWe will also discuss the action items that the vendors could take to minimize the impact of this exploit method, as well as general methods to improve the overall security status of the GPU.","updated_timestamp":{"seconds":1720307459,"nanoseconds":0},"speakers":[{"content_ids":[54457],"conference_id":133,"event_ids":[54830],"name":"Eugene Rodionov","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Technical Leader, Android Red Team"}],"links":[],"pronouns":null,"media":[],"id":54102,"title":"Technical Leader, Android Red Team at Google"},{"content_ids":[54457],"conference_id":133,"event_ids":[54830],"name":"Xiling Gong","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Security Researcher, Android Red Team"}],"links":[],"pronouns":null,"media":[],"id":54116,"title":"Security Researcher, Android Red Team at Google"},{"content_ids":[54457],"conference_id":133,"event_ids":[54830],"name":"Xuan Xing","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Manager, Android Red Team"}],"links":[],"pronouns":null,"media":[],"id":54125,"title":"Manager, Android Red Team at Google"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:59Z","links":[],"end":"2024-08-09T21:45:00.000-0000","id":54830,"tag_ids":[46166,46169,46419,46437,46881],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":2,"person_id":54116},{"tag_id":46167,"sort_order":6,"person_id":54102},{"tag_id":46167,"sort_order":8,"person_id":54125}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Sashay away from this talk with the knowledge to perform state-of-the-art espionage, no technical background required.\r\n\r\nIn the realm of privilege escalation and data exfiltration, the physical world quietly screams secrets. We'll demystify the fascinating physics behind signals and how various forms of energy--infrared, visible, and ultraviolet light, radio, ultrasound, audible sound, mechanical vibration, and temperature--can be interpreted as waves that unintentionally leak information, even in air-gapped (non-networked) systems. We'll observe how air is in fact not an effective gap or barrier as radio, light, sound, and vibration excitedly travel through it. We'll explore how all electrical signals radiate electromagnetism (light or radio) that can be intercepted and how we can reverse this process, producing electromagnetism to inject desired electrical signals into our target.\r\n\r\nWe'll delve into historical and seminal side-channel/TEMPEST attacks from our friends at the NSA, KGB, and past DEF CON pioneers. You'll learn about the essential electrical and optical components combined for cutting-edge eavesdropping, including what our target is typing from a distance.\r\n\r\nWhile others believe they're obtaining noise, we will extract signal, and you'll leave this talk hearing the world in a new light.\r\n\r\n- [1985] Electromagnetic radiation from video display units - Wim van Eck\r\n- Bunnie [link](https://www.bunniestudios.com/blog/hacking-the-pic-18f1320/)\r\n- DEFCON 17: Sniff Keystrokes With Lasers/Voltmeters - Andrea Barisani, Daniele Bianco\r\n- DEF CON 23 - Colin Flynn - Dont Whisper my Chips: Sidechannel and Glitching for Fun and Profit\r\n- DEF CON 24 - Marc Newlin - MouseJack: Injecting Keystrokes into Wireless Mice\r\n- DEF CON 25 - Matt Wixey - See no evil, hear no evil: Hacking invisibly & silently with light & sound\r\n- DEF CON 31 - Video Based Cryptanalysis Extracting Keys from Power LEDs - Ben Nassi, Ofek Vayner\r\n- Georgi Gerganov - kbd-audio [link](https://github.com/ggerganov/kbd-audio)\r\n- Lest We Remember: Cold Boot Attacks on Encryption Keys - Halderman et al [link](https://www.usenix.org/legacy/event/sec08/tech/full_papers/halderman/halderman.pdf)\r\n- RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis - Daniel Genkin, Adi Shamir, Eran Tromer [link](https://cs-people.bu.edu/tromer/acoustic/)\r\n\n\n\n","media":[],"title":"Optical Espionage: Using Lasers to Hear Keystrokes Through Glass Windows","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T21:45:00Z","end_timestamp":{"seconds":1723239900,"nanoseconds":0},"android_description":"Sashay away from this talk with the knowledge to perform state-of-the-art espionage, no technical background required.\r\n\r\nIn the realm of privilege escalation and data exfiltration, the physical world quietly screams secrets. We'll demystify the fascinating physics behind signals and how various forms of energy--infrared, visible, and ultraviolet light, radio, ultrasound, audible sound, mechanical vibration, and temperature--can be interpreted as waves that unintentionally leak information, even in air-gapped (non-networked) systems. We'll observe how air is in fact not an effective gap or barrier as radio, light, sound, and vibration excitedly travel through it. We'll explore how all electrical signals radiate electromagnetism (light or radio) that can be intercepted and how we can reverse this process, producing electromagnetism to inject desired electrical signals into our target.\r\n\r\nWe'll delve into historical and seminal side-channel/TEMPEST attacks from our friends at the NSA, KGB, and past DEF CON pioneers. You'll learn about the essential electrical and optical components combined for cutting-edge eavesdropping, including what our target is typing from a distance.\r\n\r\nWhile others believe they're obtaining noise, we will extract signal, and you'll leave this talk hearing the world in a new light.\r\n\r\n- [1985] Electromagnetic radiation from video display units - Wim van Eck\r\n- Bunnie [link](https://www.bunniestudios.com/blog/hacking-the-pic-18f1320/)\r\n- DEFCON 17: Sniff Keystrokes With Lasers/Voltmeters - Andrea Barisani, Daniele Bianco\r\n- DEF CON 23 - Colin Flynn - Dont Whisper my Chips: Sidechannel and Glitching for Fun and Profit\r\n- DEF CON 24 - Marc Newlin - MouseJack: Injecting Keystrokes into Wireless Mice\r\n- DEF CON 25 - Matt Wixey - See no evil, hear no evil: Hacking invisibly & silently with light & sound\r\n- DEF CON 31 - Video Based Cryptanalysis Extracting Keys from Power LEDs - Ben Nassi, Ofek Vayner\r\n- Georgi Gerganov - kbd-audio [link](https://github.com/ggerganov/kbd-audio)\r\n- Lest We Remember: Cold Boot Attacks on Encryption Keys - Halderman et al [link](https://www.usenix.org/legacy/event/sec08/tech/full_papers/halderman/halderman.pdf)\r\n- RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis - Daniel Genkin, Adi Shamir, Eran Tromer [link](https://cs-people.bu.edu/tromer/acoustic/)","updated_timestamp":{"seconds":1720462408,"nanoseconds":0},"speakers":[{"content_ids":[54456],"conference_id":133,"event_ids":[54829],"name":"samy kamkar","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Github","sort_order":0,"url":"https://github.com/samyk"},{"description":"","title":"Twitter (@samykamkar)","sort_order":0,"url":"https://twitter.com/samykamkar"},{"description":"","title":"samy.pl","sort_order":0,"url":"https://samy.pl"}],"media":[],"id":54103}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:13:28Z","links":[],"end":"2024-08-09T21:45:00.000-0000","id":54829,"tag_ids":[46166,46169,46419,46437,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54103}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-08T18:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join DEF CON Founder Jeff Moss for an Ask Me Anything with CISA Director Jen Easterly. REAL WORLD DEF CON: Where hackers stop being polite and start getting real.\n\n\n","media":[],"title":"DEF CON Unplugged: Cocktails & Cyber with Jeff & Jen","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T21:45:00Z","end_timestamp":{"seconds":1723239900,"nanoseconds":0},"android_description":"Join DEF CON Founder Jeff Moss for an Ask Me Anything with CISA Director Jen Easterly. REAL WORLD DEF CON: Where hackers stop being polite and start getting real.","updated_timestamp":{"seconds":1721177942,"nanoseconds":0},"speakers":[{"content_ids":[54455],"conference_id":133,"event_ids":[54828],"name":"Jen Easterly","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cybersecurity and Infrastructure Security Agency (CISA)","title":"Director"}],"pronouns":"she/her","links":[{"description":"","title":"CISA.gov","sort_order":0,"url":"https://CISA.gov"},{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/jen-easterly"},{"description":"","title":"Twitter (@CISAGov)","sort_order":0,"url":"https://twitter.com/CISAGov"},{"description":"","title":"Twitter (@CISAJen)","sort_order":0,"url":"https://twitter.com/CISAJen"}],"media":[],"id":54121,"title":"Director at Cybersecurity and Infrastructure Security Agency (CISA)"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-17T00:59:02Z","links":[],"end":"2024-08-09T21:45:00.000-0000","id":54828,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54121}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-17T00:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Get ready to strut your stuff, hackers! We're thrilled to announce the 6th annual Hack3r Runw@y returning to DEF CON 32, bigger and bolder than ever.\r\n\r\nCalling all glamorous geeks, crafty coders, and fashionably functional folks: Dust off your soldering irons, grab your needles and threads, and unleash your creativity! Hack3r Runw@y challenges you to reimagine fashion through the lens of hacking.\r\n\r\nShow us your wearable tech wonders in the following 4 categories for a chance to win in each category plus one coveted People’s Choice trophy where ANYONE can win, but there will be a twist. Did you see this year's theme (hint).\r\n\r\nSmart wear that wows: Integrate LEDs, microcontrollers, and sensors into your designs for dazzling functionality.\r\n\r\nDigital design that dazzles: light it up with LEDs, bling with lights, but keep it passive.\r\n\r\nFunctional Fashion: masks and shields, hazmat suit, lockpick earrings, and cufflink shims.\r\n\r\nExtraordinary style: Elevate your daily wardrobe with unique fabrics, passive design, 3d textures, optical illusions, cosplay, and security-inspired patterns.\r\n\r\nNo matter your skill level, Hack3r Runw@y has a place for you! Whether you're a seasoned maker or a coding newbie, join us in celebrating the convergence of creativity, technology, and style.\r\n\r\nWinners selected by judges selection based on:\r\n\r\nUniqueness\r\nTrendy\r\nPractical\r\nCouture\r\nCreativity\r\nRelevance\r\nOriginality\r\nPresentation\r\nMastery\n\n\n","media":[{"hash_sha256":"90908ba4a7bf0e11167114397d24e522453fd0810cbee9c9c6e675120cd23e6c","filetype":"image/png","hash_md5":"24d77c529e00d7a297152d4f47229091","name":"ct_hack3rrunway2024-fin.png","is_logo":"Y","hash_crc32c":"04c8e95e","filesize":223387,"asset_id":708,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hack3rrunway2024-fin.png"}],"title":"Hack3r Runw@y - Signups","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Get ready to strut your stuff, hackers! We're thrilled to announce the 6th annual Hack3r Runw@y returning to DEF CON 32, bigger and bolder than ever.\r\n\r\nCalling all glamorous geeks, crafty coders, and fashionably functional folks: Dust off your soldering irons, grab your needles and threads, and unleash your creativity! Hack3r Runw@y challenges you to reimagine fashion through the lens of hacking.\r\n\r\nShow us your wearable tech wonders in the following 4 categories for a chance to win in each category plus one coveted People’s Choice trophy where ANYONE can win, but there will be a twist. Did you see this year's theme (hint).\r\n\r\nSmart wear that wows: Integrate LEDs, microcontrollers, and sensors into your designs for dazzling functionality.\r\n\r\nDigital design that dazzles: light it up with LEDs, bling with lights, but keep it passive.\r\n\r\nFunctional Fashion: masks and shields, hazmat suit, lockpick earrings, and cufflink shims.\r\n\r\nExtraordinary style: Elevate your daily wardrobe with unique fabrics, passive design, 3d textures, optical illusions, cosplay, and security-inspired patterns.\r\n\r\nNo matter your skill level, Hack3r Runw@y has a place for you! Whether you're a seasoned maker or a coding newbie, join us in celebrating the convergence of creativity, technology, and style.\r\n\r\nWinners selected by judges selection based on:\r\n\r\nUniqueness\r\nTrendy\r\nPractical\r\nCouture\r\nCreativity\r\nRelevance\r\nOriginality\r\nPresentation\r\nMastery","updated_timestamp":{"seconds":1719556432,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T06:33:52Z","links":[{"label":"More Info","type":"link","url":"https://hack3rrunway.github.io/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249353"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249352"}],"end":"2024-08-09T23:00:00.000-0000","id":54617,"tag_ids":[46427,46439,46493],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - WH4 - Contest Area","hotel":"","short_name":"Contest Area","id":46333},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-28T06:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"BLE CTF is a series of Bluetooth Low Energy challenges in a capture-the-flag format. It was created to teach the fundamentals of interacting with and hacking Bluetooth Low Energy services. Each exercise, or flag, aims to interactively introduce a new concept to the user. \nOver the past few years, BLE CTF has expanded to support multiple platforms and skill levels. Various books, workshops, training, and conferences have utilized it as an educational platform and CTF. As an open source, low-cost of entry, and expandable education solution, BLE CTF has helped progress Bluetooth security research.\nThis workshop will teach the fundamentals of interacting with and hacking Bluetooth Low Energy services. Each exercise, or flag, aims to interactively introduce a new concept to the user. For this workshop, we will undergo a series of exercises to teach beginner students new concepts and allow more seasoned users to try new tools and techniques. After completing this workshop, you should have a good solid understanding of how to interact with and hack on BLE devices in the wild.\nIf you have done BLE CTF in the past, this class is still valuable. For advanced users, we offer BLE CTF Infinity, a sequel to BLE CTF. The workshop will also showcase new hardware platforms and client tools for interacting with and completing the exercises.\nTo prepare for the workshop, please follow the setup documentation located at https://github.com/hackgnar/ble_ctf/blob/master/docs/workshop_setup.md\n\n\n","media":[],"title":"Learning to Hack Bluetooth Low Energy with BLE CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"BLE CTF is a series of Bluetooth Low Energy challenges in a capture-the-flag format. It was created to teach the fundamentals of interacting with and hacking Bluetooth Low Energy services. Each exercise, or flag, aims to interactively introduce a new concept to the user. \nOver the past few years, BLE CTF has expanded to support multiple platforms and skill levels. Various books, workshops, training, and conferences have utilized it as an educational platform and CTF. As an open source, low-cost of entry, and expandable education solution, BLE CTF has helped progress Bluetooth security research.\nThis workshop will teach the fundamentals of interacting with and hacking Bluetooth Low Energy services. Each exercise, or flag, aims to interactively introduce a new concept to the user. For this workshop, we will undergo a series of exercises to teach beginner students new concepts and allow more seasoned users to try new tools and techniques. After completing this workshop, you should have a good solid understanding of how to interact with and hack on BLE devices in the wild.\nIf you have done BLE CTF in the past, this class is still valuable. For advanced users, we offer BLE CTF Infinity, a sequel to BLE CTF. The workshop will also showcase new hardware platforms and client tools for interacting with and completing the exercises.\nTo prepare for the workshop, please follow the setup documentation located at https://github.com/hackgnar/ble_ctf/blob/master/docs/workshop_setup.md","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54226],"conference_id":133,"event_ids":[54599],"name":"Alek Amrani","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53829},{"content_ids":[54226],"conference_id":133,"event_ids":[54599],"name":"Ryan Holeman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Stability AI","title":"CISO"}],"links":[],"pronouns":null,"media":[],"id":53866,"title":"CISO at Stability AI"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Holeman_DC32.eventbrite.com"}],"end":"2024-08-10T01:00:00.000-0000","id":54599,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53829},{"tag_id":46167,"sort_order":1,"person_id":53866}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Desert Inn","hotel":"","short_name":"Desert Inn","id":46328},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Tired of legacy ICS systems? Attend this workshop to hack the next generation of Industrial Control Systems! No more Modbus, no more standard PLC, no more Purdue model!\nThis workshop is designed to show what the future might look like for Industrial Control Systems, and how it will impact cybersecurity.\nWe’ll bring a realistic ICS setup that features all the fancy current and future trends: SD-WAN and Zero Trust, OPC-UA, MQTT, Digital Twin, Edge devices and soft-PLCs to control a small-scale industrial process simulation.\nAfter a short introduction, we’ll get into hacking! We will walk you through a CTF-style exercise to go from 0 to full industrial process hacking! The CTF will be guided so that everyone learns something and gets a chance to get most flags!\n\n\n","media":[],"title":"Hack the connected plant!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Tired of legacy ICS systems? Attend this workshop to hack the next generation of Industrial Control Systems! No more Modbus, no more standard PLC, no more Purdue model!\nThis workshop is designed to show what the future might look like for Industrial Control Systems, and how it will impact cybersecurity.\nWe’ll bring a realistic ICS setup that features all the fancy current and future trends: SD-WAN and Zero Trust, OPC-UA, MQTT, Digital Twin, Edge devices and soft-PLCs to control a small-scale industrial process simulation.\nAfter a short introduction, we’ll get into hacking! We will walk you through a CTF-style exercise to go from 0 to full industrial process hacking! The CTF will be guided so that everyone learns something and gets a chance to get most flags!","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54225,54230],"conference_id":133,"event_ids":[54598,54603],"name":"Alexandrine Torrents","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Wavestone","title":"Cybersecurity Expert"}],"links":[],"pronouns":null,"media":[],"id":53831,"title":"Cybersecurity Expert at Wavestone"},{"content_ids":[54225],"conference_id":133,"event_ids":[54598],"name":"Arnaud Soullié","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Wavestone","title":"Senior Manager"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@arnaudsoullie)","sort_order":0,"url":"https://twitter.com/arnaudsoullie"}],"media":[],"id":53835,"title":"Senior Manager at Wavestone"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://SOULLIE_DC32.eventbrite.com"}],"end":"2024-08-10T01:00:00.000-0000","id":54598,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53831},{"tag_id":46167,"sort_order":1,"person_id":53835}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dunes","hotel":"","short_name":"Dunes","id":46329},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Reverse engineering is done for a variety of reasons, most commonly to analyze malware, when searching for (and when looking to understand) vulnerabilities, or simply because of one’s curiosity. The NSA understood this early on and developed a framework to aid them in their reversing endeavors, which they open-sourced in early 2019: Ghidra. Since then, Ghidra has been one of the industry standard tools to analyze files, mainly due to its active development, as well as due to its accessible and versatile nature.\r\n\r\nThis four-hour workshop primarily focuses on the analyst mindset and fundamental knowledge with regards to reverse engineering, including but not limited to understanding Ghidra’s core capabilities such as the disassembly and decompiler views, creating and retyping data structures, writing scripts to extend and automate tasks, and the creation and use of function recognition databases for FunctionID and BSim.\r\n\r\nThe concepts behind the capabilities of Ghidra are the focus of the theory and during the hands-on exercises, allowing one to transfer the gained knowledge to another tool if so desired. As such, this class is perfect for aspiring and beginning analysts, while also providing background information and additional techniques for intermediate analysts.\r\n\r\nThe workshop’s materials will partially consist of multiple malware samples, the precautions for which will be explained in-detail during the workshop, ensuring the safety and integrity of the systems of the attendees. A laptop with a preinstalled Intel based 64-bit Ubuntu 22.04 VM, along with Ghidra, Eclipse, and OpenJDK 21 is required.\r\n\r\nAdditionally, knowing how to read C/C++ is required when dealing with decompiled code. Being able to read and write Java is required for the automation scripting, even though Python 2 can be used as well. If you cannot write Java and would still like to participate, you are welcome, but do note that this will impede some parts of the workshop’s exercises.\n\n\n","media":[],"title":"Ghidra Analysis & Automation Masterclass","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Reverse engineering is done for a variety of reasons, most commonly to analyze malware, when searching for (and when looking to understand) vulnerabilities, or simply because of one’s curiosity. The NSA understood this early on and developed a framework to aid them in their reversing endeavors, which they open-sourced in early 2019: Ghidra. Since then, Ghidra has been one of the industry standard tools to analyze files, mainly due to its active development, as well as due to its accessible and versatile nature.\r\n\r\nThis four-hour workshop primarily focuses on the analyst mindset and fundamental knowledge with regards to reverse engineering, including but not limited to understanding Ghidra’s core capabilities such as the disassembly and decompiler views, creating and retyping data structures, writing scripts to extend and automate tasks, and the creation and use of function recognition databases for FunctionID and BSim.\r\n\r\nThe concepts behind the capabilities of Ghidra are the focus of the theory and during the hands-on exercises, allowing one to transfer the gained knowledge to another tool if so desired. As such, this class is perfect for aspiring and beginning analysts, while also providing background information and additional techniques for intermediate analysts.\r\n\r\nThe workshop’s materials will partially consist of multiple malware samples, the precautions for which will be explained in-detail during the workshop, ensuring the safety and integrity of the systems of the attendees. A laptop with a preinstalled Intel based 64-bit Ubuntu 22.04 VM, along with Ghidra, Eclipse, and OpenJDK 21 is required.\r\n\r\nAdditionally, knowing how to read C/C++ is required when dealing with decompiled code. Being able to read and write Java is required for the automation scripting, even though Python 2 can be used as well. If you cannot write Java and would still like to participate, you are welcome, but do note that this will impede some parts of the workshop’s exercises.","updated_timestamp":{"seconds":1720035869,"nanoseconds":0},"speakers":[{"content_ids":[54224,54440],"conference_id":133,"event_ids":[54597,54813],"name":"Max \"Libra\" Kersten","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/libranalysis/"},{"description":"","title":"Mastodon (@libra@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@libra"},{"description":"","title":"Twitter (@Libranalysis)","sort_order":0,"url":"https://twitter.com/Libranalysis"},{"description":"","title":"Website","sort_order":0,"url":"https://maxkersten.nl"}],"media":[],"id":54141}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-03T19:44:29Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Kersten_DC32.eventbrite.com"}],"end":"2024-08-10T01:00:00.000-0000","id":54597,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54141}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dean Martin","hotel":"","short_name":"Dean Martin","id":46327},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-03T19:44:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Are you ready to dive deep into the world of malware analysis? Join me for an immersive workshop that will demystify the process of dissecting and analyzing malicious software. Throughout this hands-on session, participants will explore essential techniques and methodologies for uncovering the inner workings of malware and identifying potential threats.\nDuring the workshop we will analyze different kinds of malware, from malicious documents, .NET malware and more . Through practical demonstrations attendees will learn how to conduct static and dynamic analysis effectively, gaining valuable insights into malware behaviors and characteristics. Moreover, attendees will gain firsthand experience in executing and analyzing techniques used by attackers, deepening their understanding of how threat actors operate and how to detect and mitigate their malware effectively.\nBy the end of the workshop, attendees will have developed practical skills and techniques for analyzing real-world malware samples, empowering them to defend against evolving cyberthreats effectively.\n\n\n","media":[],"title":"From an attacker's lair to your home: A practical journey through the world of Malware","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Are you ready to dive deep into the world of malware analysis? Join me for an immersive workshop that will demystify the process of dissecting and analyzing malicious software. Throughout this hands-on session, participants will explore essential techniques and methodologies for uncovering the inner workings of malware and identifying potential threats.\nDuring the workshop we will analyze different kinds of malware, from malicious documents, .NET malware and more . Through practical demonstrations attendees will learn how to conduct static and dynamic analysis effectively, gaining valuable insights into malware behaviors and characteristics. Moreover, attendees will gain firsthand experience in executing and analyzing techniques used by attackers, deepening their understanding of how threat actors operate and how to detect and mitigate their malware effectively.\nBy the end of the workshop, attendees will have developed practical skills and techniques for analyzing real-world malware samples, empowering them to defend against evolving cyberthreats effectively.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54223],"conference_id":133,"event_ids":[54596],"name":"Sebastian Tapia De la torre","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Offensive Security Architect"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@stapiadlt)","sort_order":0,"url":"https://twitter.com/stapiadlt"}],"media":[],"id":53869,"title":"Offensive Security Architect"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://torre_DC32.eventbrite.com"}],"end":"2024-08-10T01:00:00.000-0000","id":54596,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53869}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Frontier","hotel":"","short_name":"Frontier","id":46330},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Gain a deeper understanding of how ransomware evades analysis and learn how to identify and counter these techniques. This workshop will explore common evasion methods, how they work, and how you can develop the skills to write code that re-enacts these methods. This workshop will begin by showing you how ransomware builders work. How do the builders generate reliable, viable ransomware code? You’ll learn! Once built, how do these malicious binaries implement analysis evasion techniques? Which techniques are used often? How do they function? We'll dive into the most prevalent techniques to show you how they work and why. Finally, you will learn how to re-enact some of these techniques along with more advanced methods within your own code. Are you ready to take your reverse engineering and coding skills to the next levels? – Let’s do this! And remember: #RansomwareSucks!\n\n\n\n","media":[],"title":"Dissecting and Defeating Ransomware's Evasion Tactics","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Gain a deeper understanding of how ransomware evades analysis and learn how to identify and counter these techniques. This workshop will explore common evasion methods, how they work, and how you can develop the skills to write code that re-enacts these methods. This workshop will begin by showing you how ransomware builders work. How do the builders generate reliable, viable ransomware code? You’ll learn! Once built, how do these malicious binaries implement analysis evasion techniques? Which techniques are used often? How do they function? We'll dive into the most prevalent techniques to show you how they work and why. Finally, you will learn how to re-enact some of these techniques along with more advanced methods within your own code. Are you ready to take your reverse engineering and coding skills to the next levels? – Let’s do this! And remember: #RansomwareSucks!","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54222],"conference_id":133,"event_ids":[54595],"name":"Aaron Rosenmund","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Pluralsight","title":"Senior Director of Content Strategy & Curriculum"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@arosenmund )","sort_order":0,"url":"https://twitter.com/arosenmund "}],"media":[],"id":53828,"title":"Senior Director of Content Strategy & Curriculum at Pluralsight"},{"content_ids":[54207,54222],"conference_id":133,"event_ids":[54580,54595],"name":"Josh Stroschein","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Reverse Engineer, FLARE team"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@jstrosch)","sort_order":0,"url":"https://twitter.com/jstrosch"}],"media":[],"id":53850,"title":"Reverse Engineer, FLARE team at Google"},{"content_ids":[54222,55764],"conference_id":133,"event_ids":[56273,54595],"name":"Ryan Chapman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@rj_chap)","sort_order":0,"url":"https://twitter.com/rj_chap"}],"media":[],"id":53865}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Chapman_DC32.eventbrite.com"}],"end":"2024-08-10T01:00:00.000-0000","id":54595,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53828},{"tag_id":46167,"sort_order":1,"person_id":53850},{"tag_id":46167,"sort_order":1,"person_id":53865}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Sands","hotel":"","short_name":"Sands","id":46331},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Talk on health info privacy\n\n\n","media":[],"title":"HDA Presents : Naomi Brockwell","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Talk on health info privacy","updated_timestamp":{"seconds":1722102331,"nanoseconds":0},"speakers":[{"content_ids":[54203],"conference_id":133,"event_ids":[54576],"name":"Naomi Brockwell","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NBTV","title":""}],"pronouns":"she/her","links":[{"description":"","title":"YouTube","sort_order":0,"url":"https://www.youtube.com/Naomibrockwelltv"}],"media":[],"id":53777,"title":"NBTV"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-27T17:45:31Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":54576,"tag_ids":[46404,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":53777}],"tags":"","conference_id":133,"location":{"parent_id":46251,"name":"LVCC - L1 - W110 (HDA)","hotel":"","short_name":"W110 (HDA)","id":46280},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-27T17:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hopper is a Coverage-Guided Greybox Distributed Fuzzer, inspired by AFL++, and written in Golang. Like other fuzzers, Hopper operates as a standard command-line interface tool, allowing you to run fuzz campaigns to find vulnerabilities and exploits in software. Hopper's mutation algorithm, energy assigning strategy, and out-of-process coverage gathering, are all inspired by AFL++, the current state of the art fuzzer. However, Hopper's distributed strategy differs substantially than AFL++ in an attempt to define a new distributed fuzzing paradigm. AFL++ and LibFuzzer have clear scaling limitations in larger environments, notably the AFL++’s rudimentary multi-machine mode. As an early prototype, Hopper addresses these limitations by implementing a deduplicating communication schema that establishes a consistency invariant, minimizing repeated work done by fuzzing nodes. Hopper is a standalone, new piece of software developed from scratch in the spirit of exploration, this is not yet another python plugin/extension for AFL++. Hopper is currently available on GitHub, including containerized runnable campaign demos. Tooling and observability are first class features, in the form of a TUI to monitor fuzzing campaigns, usage docs, and quick-start scripts for orchestrating fuzz campaigns.\n\n\n","media":[],"title":"Hopper - Distributed Fuzzer","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"Hopper is a Coverage-Guided Greybox Distributed Fuzzer, inspired by AFL++, and written in Golang. Like other fuzzers, Hopper operates as a standard command-line interface tool, allowing you to run fuzz campaigns to find vulnerabilities and exploits in software. Hopper's mutation algorithm, energy assigning strategy, and out-of-process coverage gathering, are all inspired by AFL++, the current state of the art fuzzer. However, Hopper's distributed strategy differs substantially than AFL++ in an attempt to define a new distributed fuzzing paradigm. AFL++ and LibFuzzer have clear scaling limitations in larger environments, notably the AFL++’s rudimentary multi-machine mode. As an early prototype, Hopper addresses these limitations by implementing a deduplicating communication schema that establishes a consistency invariant, minimizing repeated work done by fuzzing nodes. Hopper is a standalone, new piece of software developed from scratch in the spirit of exploration, this is not yet another python plugin/extension for AFL++. Hopper is currently available on GitHub, including containerized runnable campaign demos. Tooling and observability are first class features, in the form of a TUI to monitor fuzzing campaigns, usage docs, and quick-start scripts for orchestrating fuzz campaigns.","updated_timestamp":{"seconds":1718922483,"nanoseconds":0},"speakers":[{"content_ids":[54181],"conference_id":133,"event_ids":[54550],"name":"Luciano Remes","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Palantir Technologies","title":"Software Engineer"}],"links":[],"pronouns":null,"media":[],"id":53754,"title":"Software Engineer at Palantir Technologies"},{"content_ids":[54181],"conference_id":133,"event_ids":[54550],"name":"Wade Cappa","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Palantir Technologies","title":"Software Engineer"}],"links":[],"pronouns":null,"media":[],"id":53776,"title":"Software Engineer at Palantir Technologies"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:28:03Z","links":[{"label":"Project","type":"link","url":"https://github.com/Cybergenik/hopper"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249620"}],"end":"2024-08-09T22:45:00.000-0000","id":54550,"tag_ids":[46169,46441,46443,46453,46460],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53754},{"tag_id":46167,"sort_order":4,"person_id":53776}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W308","hotel":"","short_name":"W308","id":46321},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-20T22:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Malware frequently employs anti-VM techniques, which can vary in their difficulty to detect and counteract. While integrating anti-detection measures in our labs is a frequently used option, we should also consider using a real hardware sandbox, even if this sounds weird. By leveraging the awesome PCILeech project and DMA hardware access, XenoboxX provides a suite of tools for analysis tasks, such as dumping dynamically allocated memory and searching for IoC. These tools allow us to inject code at kernel level through DMA, making detection significantly more challenging and giving a new perspective to the analysis.\n\n\n","media":[],"title":"XenoboxX - Hardware Sandbox Toolkit","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"Malware frequently employs anti-VM techniques, which can vary in their difficulty to detect and counteract. While integrating anti-detection measures in our labs is a frequently used option, we should also consider using a real hardware sandbox, even if this sounds weird. By leveraging the awesome PCILeech project and DMA hardware access, XenoboxX provides a suite of tools for analysis tasks, such as dumping dynamically allocated memory and searching for IoC. These tools allow us to inject code at kernel level through DMA, making detection significantly more challenging and giving a new perspective to the analysis.","updated_timestamp":{"seconds":1718922428,"nanoseconds":0},"speakers":[{"content_ids":[54178],"conference_id":133,"event_ids":[54547],"name":"Cesare Pizzi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Security Researcher, Analyst, and Technology Enthusiast"}],"links":[],"pronouns":null,"media":[],"id":53729,"title":"Security Researcher, Analyst, and Technology Enthusiast"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:27:08Z","links":[{"label":"Project","type":"link","url":"https://github.com/cecio"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249619"}],"end":"2024-08-09T22:45:00.000-0000","id":54547,"tag_ids":[46169,46441,46445,46449,46468,46469],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53729}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W307","hotel":"","short_name":"W307","id":46322},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-20T22:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Garak, Generative AI Red-teaming and Assessment Kit, is a vulnerability scanner for large language models (LLMs) and dialogue systems. It has a host of different probes, each working on different vulnerabilities and payloads. It connects to a broad range of different LLMs. The attacks range between static tests of fixed prompts, to dynamically assembled prompts, to probes that respond to existing model behavior when working out their next move. Community contribution plays a big part of Garak already, with an active repo & over 300 members in the Discord. Garak can assess and attack anything that takes text and returns text, and is already used by many industry players in assessment of internal and external models, including NVIDIA and Microsoft as well as a range of emerging AI Security startups; it’s the #1 ranked tool for LLM security on Hackernews. But we think it’s mostly a lot of fun.\n\n\n","media":[],"title":"Garak","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"Garak, Generative AI Red-teaming and Assessment Kit, is a vulnerability scanner for large language models (LLMs) and dialogue systems. It has a host of different probes, each working on different vulnerabilities and payloads. It connects to a broad range of different LLMs. The attacks range between static tests of fixed prompts, to dynamically assembled prompts, to probes that respond to existing model behavior when working out their next move. Community contribution plays a big part of Garak already, with an active repo & over 300 members in the Discord. Garak can assess and attack anything that takes text and returns text, and is already used by many industry players in assessment of internal and external models, including NVIDIA and Microsoft as well as a range of emerging AI Security startups; it’s the #1 ranked tool for LLM security on Hackernews. But we think it’s mostly a lot of fun.","updated_timestamp":{"seconds":1718922377,"nanoseconds":0},"speakers":[{"content_ids":[55882,54175],"conference_id":133,"event_ids":[56467,54544],"name":"Erick Galinkin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NVIDIA","title":"Research Scientist"}],"links":[],"pronouns":null,"media":[],"id":53735,"title":"Research Scientist at NVIDIA"},{"content_ids":[55882,54175],"conference_id":133,"event_ids":[56467,54544],"name":"Leon Derczynski","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ITU Copenhagen","title":"Prof, Natural Language Processing"},{"organization":"NVIDIA","title":"Principal Research Scientist, LLM Security"}],"links":[],"pronouns":null,"media":[],"id":53749,"title":"Principal Research Scientist, LLM Security at NVIDIA"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:26:17Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249618"},{"label":"Project","type":"link","url":"https://github.com/leondz/garak/"}],"end":"2024-08-09T22:45:00.000-0000","id":54544,"tag_ids":[46169,46441,46442,46445,46453],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53735},{"tag_id":46167,"sort_order":4,"person_id":53749}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W306","hotel":"","short_name":"W306","id":46323},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-20T22:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"SCAGoat is a deliberately insecure web application designed for learning and testing Software Composition Analysis (SCA) tools. It offers a hands-on environment to explore vulnerabilities in Node.js and Java Springboot applications, including actively exploitable CVEs like CVE-2023-42282 and CVE-2021-44228 (log4j). This application can be utilized to evaluate various SCA and container security tools, assessing their capability to identify vulnerable packages and code reachability. As part of our independent research, the README includes reports from SCA tools like semgrep, snyk, and endor labs. Future research plans include incorporating compromised or malicious packages to test SCA tool detection and exploring supply chain attack scenarios.\n\n\n","media":[],"title":"SCAGoat - Exploiting Damn Vulnerable SCA Application","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"SCAGoat is a deliberately insecure web application designed for learning and testing Software Composition Analysis (SCA) tools. It offers a hands-on environment to explore vulnerabilities in Node.js and Java Springboot applications, including actively exploitable CVEs like CVE-2023-42282 and CVE-2021-44228 (log4j). This application can be utilized to evaluate various SCA and container security tools, assessing their capability to identify vulnerable packages and code reachability. As part of our independent research, the README includes reports from SCA tools like semgrep, snyk, and endor labs. Future research plans include incorporating compromised or malicious packages to test SCA tool detection and exploring supply chain attack scenarios.","updated_timestamp":{"seconds":1718922319,"nanoseconds":0},"speakers":[{"content_ids":[54172],"conference_id":133,"event_ids":[54541],"name":"Hare Krishna Rai","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Product Security Engineer"}],"links":[],"pronouns":null,"media":[],"id":53738,"title":"Product Security Engineer"},{"content_ids":[54172],"conference_id":133,"event_ids":[54541],"name":"Prashant Venkatesh","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Manager, Product Security"}],"links":[],"pronouns":null,"media":[],"id":53768,"title":"Manager, Product Security"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:25:19Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249617"},{"label":"Project","type":"link","url":"https://github.com/harekrishnarai/Damn-vulnerable-sca"}],"end":"2024-08-09T22:45:00.000-0000","id":54541,"tag_ids":[46169,46441,46446,46459,46460],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53738},{"tag_id":46167,"sort_order":4,"person_id":53768}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W305","hotel":"","short_name":"W305","id":46324},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-20T22:25:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Injectyll-HIDe project (released at DEF CON 30) is back and better than ever! The hardware implant utilizes the same standard features that you have come to know and love (keystroke recording, keystroke injection, mouse jiggler, etc.) but it has evolved into so much more. The functionality has been steadily growing over its initial release to offer users even more tools! But wait, there’s more! We’re proud to show off the new SEEK shields this year at the CON! Tired of running a covert mesh network? Want to try out new RF technologies? We’ve added LoRa and LoRaWAN to the mix as well! These shields are field swappable and work with the existing C2 and implant code to give you the versatility that you need to continue evading detection. Attendees should be prepared to flip 0ut over these features, as well as some new additions to the project that we will be announcing at DEF CON. Who’s ready for a high stakes game of hacker’s HIDe and SEEK?\n\n\n","media":[],"title":"HIDe & SEEK","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"The Injectyll-HIDe project (released at DEF CON 30) is back and better than ever! The hardware implant utilizes the same standard features that you have come to know and love (keystroke recording, keystroke injection, mouse jiggler, etc.) but it has evolved into so much more. The functionality has been steadily growing over its initial release to offer users even more tools! But wait, there’s more! We’re proud to show off the new SEEK shields this year at the CON! Tired of running a covert mesh network? Want to try out new RF technologies? We’ve added LoRa and LoRaWAN to the mix as well! These shields are field swappable and work with the existing C2 and implant code to give you the versatility that you need to continue evading detection. Attendees should be prepared to flip 0ut over these features, as well as some new additions to the project that we will be announcing at DEF CON. Who’s ready for a high stakes game of hacker’s HIDe and SEEK?","updated_timestamp":{"seconds":1718922255,"nanoseconds":0},"speakers":[{"content_ids":[54169],"conference_id":133,"event_ids":[54538],"name":"Jonathan Fischer","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Red Team Consultant and Researcher"}],"links":[],"pronouns":null,"media":[],"id":53744,"title":"Red Team Consultant and Researcher"},{"content_ids":[54169],"conference_id":133,"event_ids":[54538],"name":"Matthew Richard","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53758}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:24:15Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249616"},{"label":"Project","type":"link","url":"https://github.com/Injectyll-HIDe/Injectyll-HIDe"}],"end":"2024-08-09T22:45:00.000-0000","id":54538,"tag_ids":[46169,46441,46449,46453,46456],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53744},{"tag_id":46167,"sort_order":4,"person_id":53758}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W304","hotel":"","short_name":"W304","id":46325},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-20T22:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Tommyknocker is an open source project designed to facilitate automation of continuous security control validation, bringing some of the processes developers have been using for years for regressing testing, to the security world. It allows users to easily create test scenarios using docker images and standard scripts to perform one or more test actions, followed by the ability to easily check common tooling (SIEM, IDS, Log aggregators) for any expected alerts or log entries. Using Tommyknocker, security organizations can add test cases each time a new security control is created, so that any time a change is made in the environment, the continued functioning of existing controls can be validated. Many times, security organizations will only test controls when they are first implemented, and potentially a few times a year for audit purposes. With Tommyknocker, controls can be tested multiple times per day, ensuring that alerts are raised as soon as possible when a control ceases to function correctly, or is compromised by a threat actor.\n\n\n","media":[],"title":"Automated Control Validation with Tommyknocker","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"Tommyknocker is an open source project designed to facilitate automation of continuous security control validation, bringing some of the processes developers have been using for years for regressing testing, to the security world. It allows users to easily create test scenarios using docker images and standard scripts to perform one or more test actions, followed by the ability to easily check common tooling (SIEM, IDS, Log aggregators) for any expected alerts or log entries. Using Tommyknocker, security organizations can add test cases each time a new security control is created, so that any time a change is made in the environment, the continued functioning of existing controls can be validated. Many times, security organizations will only test controls when they are first implemented, and potentially a few times a year for audit purposes. With Tommyknocker, controls can be tested multiple times per day, ensuring that alerts are raised as soon as possible when a control ceases to function correctly, or is compromised by a threat actor.","updated_timestamp":{"seconds":1718922192,"nanoseconds":0},"speakers":[{"content_ids":[54166],"conference_id":133,"event_ids":[54535],"name":"Jeremy Banker","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53743}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:23:12Z","links":[{"label":"Project","type":"link","url":"https://github.com/loredous/tommyknocker"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249615"}],"end":"2024-08-09T22:45:00.000-0000","id":54535,"tag_ids":[46169,46441,46445,46453,46455,46464,46465],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53743}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W303","hotel":"","short_name":"W303","id":46326},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-20T22:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Surprise Talk","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722991456,"nanoseconds":0},"speakers":[{"content_ids":[54545,56160],"conference_id":133,"event_ids":[56804,54920],"name":"Rachel Cummings","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Columbia University","title":"Associate Professor of Industrial Engineering and Operations Research"}],"links":[],"pronouns":null,"media":[],"id":54353,"title":"Associate Professor of Industrial Engineering and Operations Research at Columbia University"}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T00:44:16Z","links":[],"end":"2024-08-09T20:45:00.000-0000","id":56804,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54353}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-08-07T00:44:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"En una actividad de simulación de adversarios, se demostró cómo se puede comprometer una empresa utilizando su antivirus corporativo. Aprovechando las funcionalidades de antivirus de nueva generación, y el compromiso de la consola de administración se logro desplegar un comando y control (C2) en equipos críticos como controladores de dominio. La capacidad del antivirus para comunicarse con subredes críticas y aplicar excepciones a otras herramientas de seguridad facilitó el compromiso total de la red, destacando la necesidad de una gestión y auditoría exhaustivas de estas herramientas.\n\n\n","media":[],"title":"De Escudo a Espada: Cómo un Antivirus Facilitó el compromiso de una compañía","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"En una actividad de simulación de adversarios, se demostró cómo se puede comprometer una empresa utilizando su antivirus corporativo. Aprovechando las funcionalidades de antivirus de nueva generación, y el compromiso de la consola de administración se logro desplegar un comando y control (C2) en equipos críticos como controladores de dominio. La capacidad del antivirus para comunicarse con subredes críticas y aplicar excepciones a otras herramientas de seguridad facilitó el compromiso total de la red, destacando la necesidad de una gestión y auditoría exhaustivas de estas herramientas.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55961],"conference_id":133,"event_ids":[56577],"name":"R4v3n Bl4ck","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Sr Red Team"}],"links":[],"pronouns":null,"media":[],"id":56296,"title":"Sr Red Team"}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":56577,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56296}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AI’ll be watching you will cover attacking an embedded AI on a family of popular security cameras with over 100,000 combined reviews on Amazon. The camera’s embedded AI system is used for on-device person detection, a system that filters notifications based on whether a person is detected. Traditionally the camera would alert the owner if any motion was detected, meaning that an attacker would have to have no motion be detected, but now with the embedded AI making decisions, an attacker needs to only appear not to be human. While this may seem a simple task, dressing up as a giant bush would be noticeable by the people around the attacker, meaning that a successful attack against this system requires the on-camera AI to be tricked while not alerting nearby people to any suspicious disguises.\n\nIn this talk we will cover the steps we took to research and gain access to the device in order to perform greybox attacks against its embedded AI. We will demonstrate how we rooted an older version of the device to gain access to how the models were brought to the camera. We will show how the knowledge we gained while reverse engineering let us download the models for any arbitrary device or firmware and, eventually, how we were able to exploit and gain root on the newer, more secure device. We will show the audience our process in which we discovered and reverse-engineered a proprietary model format that we had never seen before. Finally, we will show how, once we understood the model, we were able to perform attacks against both it and the camera.\n\nThe purpose of this talk is to raise awareness about the insecurity of embedded AI as well as to demonstrate how known attack techniques can be used on never-before-seen models, showcasing that AI/ML research has truly passed the infant stage and has reached a point where developed methods can be broadly applied.\n\n\n","media":[],"title":"AI’ll be watching you. Greybox Attacks against an Embedded AI","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:30:00Z","end_timestamp":{"seconds":1723239000,"nanoseconds":0},"android_description":"AI’ll be watching you will cover attacking an embedded AI on a family of popular security cameras with over 100,000 combined reviews on Amazon. The camera’s embedded AI system is used for on-device person detection, a system that filters notifications based on whether a person is detected. Traditionally the camera would alert the owner if any motion was detected, meaning that an attacker would have to have no motion be detected, but now with the embedded AI making decisions, an attacker needs to only appear not to be human. While this may seem a simple task, dressing up as a giant bush would be noticeable by the people around the attacker, meaning that a successful attack against this system requires the on-camera AI to be tricked while not alerting nearby people to any suspicious disguises.\n\nIn this talk we will cover the steps we took to research and gain access to the device in order to perform greybox attacks against its embedded AI. We will demonstrate how we rooted an older version of the device to gain access to how the models were brought to the camera. We will show how the knowledge we gained while reverse engineering let us download the models for any arbitrary device or firmware and, eventually, how we were able to exploit and gain root on the newer, more secure device. We will show the audience our process in which we discovered and reverse-engineered a proprietary model format that we had never seen before. Finally, we will show how, once we understood the model, we were able to perform attacks against both it and the camera.\n\nThe purpose of this talk is to raise awareness about the insecurity of embedded AI as well as to demonstrate how known attack techniques can be used on never-before-seen models, showcasing that AI/ML research has truly passed the infant stage and has reached a point where developed methods can be broadly applied.","updated_timestamp":{"seconds":1722625241,"nanoseconds":0},"speakers":[{"content_ids":[54623,55878,55698,55989],"conference_id":133,"event_ids":[56611,56229,56463,54997],"name":"Kasimir Schulz","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"HiddenLayer","title":"Principal Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@abraxus7331)","sort_order":0,"url":"https://twitter.com/abraxus7331"}],"media":[],"id":54282,"title":"Principal Security Researcher at HiddenLayer"},{"content_ids":[55878],"conference_id":133,"event_ids":[56463],"name":"Ryan Tracey","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"HiddenLayer","title":""}],"links":[],"pronouns":null,"media":[],"id":56237,"title":"HiddenLayer"},{"content_ids":[55878],"conference_id":133,"event_ids":[56463],"name":"Tom Boner","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"HiddenLayer","title":""}],"links":[],"pronouns":null,"media":[],"id":56238,"title":"HiddenLayer"}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:00:41Z","links":[],"end":"2024-08-09T21:30:00.000-0000","id":56463,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56237},{"tag_id":46167,"sort_order":4,"person_id":54282},{"tag_id":46167,"sort_order":6,"person_id":56238}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-08-02T19:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Counterfeiting badges for conferences and employee access has evolved into a sophisticated craft, blending creativity with technology. This talk explores modern techniques from traditional methods to innovations like 3D printing and digital replication. We uncover how these tools enable counterfeiting to compromise even highly secure systems.\n\n\n","media":[],"title":"Bogus Badges: The Art and Innovation of Badge Counterfeiting","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"Counterfeiting badges for conferences and employee access has evolved into a sophisticated craft, blending creativity with technology. This talk explores modern techniques from traditional methods to innovations like 3D printing and digital replication. We uncover how these tools enable counterfeiting to compromise even highly secure systems.","updated_timestamp":{"seconds":1722564525,"nanoseconds":0},"speakers":[{"content_ids":[55795],"conference_id":133,"event_ids":[56344],"name":"Nick Warner","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56554}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T02:08:45Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":56344,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56554}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-08-02T02:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"RFID PACS systems are used to secure doors to airports, server rooms, and other high security facilities, but the security is often more marketing than reality. This talk will reveal a new media authentication bypass vulnerability in HID iCLASS and Signo physical access control system RFID readers that has existed for over a decade and the journey of initial discovery, disbelief, vendor disclosure, and patch. While legacy iCLASS has been known to be compromised for years thanks to the research presented in Milosch Meriac’s “Heart of Darkness” and Flavio D. Garcia’s “Dismantling iCLASS and iCLASS Elite” for standard and elite keys respectively. iCLASS SE systems have had a presumed level of security over legacy iCLASS at least as far as direct attacks that don’t involve additional techniques such as downgrading.\n\n\n","media":[],"title":"iCLASS - Throwing away the keys","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:25:00Z","end_timestamp":{"seconds":1723238700,"nanoseconds":0},"android_description":"RFID PACS systems are used to secure doors to airports, server rooms, and other high security facilities, but the security is often more marketing than reality. This talk will reveal a new media authentication bypass vulnerability in HID iCLASS and Signo physical access control system RFID readers that has existed for over a decade and the journey of initial discovery, disbelief, vendor disclosure, and patch. While legacy iCLASS has been known to be compromised for years thanks to the research presented in Milosch Meriac’s “Heart of Darkness” and Flavio D. Garcia’s “Dismantling iCLASS and iCLASS Elite” for standard and elite keys respectively. iCLASS SE systems have had a presumed level of security over legacy iCLASS at least as far as direct attacks that don’t involve additional techniques such as downgrading.","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55448],"conference_id":133,"event_ids":[55873],"name":"Tiernan \"nvx\" Messmer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Mastodon (@nvx@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@nvx"},{"description":"","title":"Twitter (@TiernanNV)","sort_order":0,"url":"https://twitter.com/TiernanNV"}],"media":[],"id":55986}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-09T21:25:00.000-0000","id":55873,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55986}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In an era where critical infrastructure faces unprecedented cyber threats, Cyber Informed Engineering (CIE) emerges as a pivotal strategy to safeguard essential services. This talk delves into the significance of integrating CIE into both existing installations and new builds, highlighting its transformative impact on enhancing security and resilience. Attendees will gain insights into practical applications of CIE, exploring use cases that demonstrate its efficacy in retrofitting legacy systems and embedding robust cybersecurity measures in new projects. Additionally, we'll discuss how CIE serves as a powerful tool for comprehensively understanding and optimizing business processes, ultimately driving more secure and efficient operations. Join us to uncover the essential role of Cyber Informed Engineering in fortifying our critical infrastructure against evolving cyber threats.\n\n\n","media":[],"title":"Cyber Informed Engineering for Critical Infrastructure","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:55:00Z","end_timestamp":{"seconds":1723236900,"nanoseconds":0},"android_description":"In an era where critical infrastructure faces unprecedented cyber threats, Cyber Informed Engineering (CIE) emerges as a pivotal strategy to safeguard essential services. This talk delves into the significance of integrating CIE into both existing installations and new builds, highlighting its transformative impact on enhancing security and resilience. Attendees will gain insights into practical applications of CIE, exploring use cases that demonstrate its efficacy in retrofitting legacy systems and embedding robust cybersecurity measures in new projects. Additionally, we'll discuss how CIE serves as a powerful tool for comprehensively understanding and optimizing business processes, ultimately driving more secure and efficient operations. Join us to uncover the essential role of Cyber Informed Engineering in fortifying our critical infrastructure against evolving cyber threats.","updated_timestamp":{"seconds":1721781569,"nanoseconds":0},"speakers":[{"content_ids":[55344],"conference_id":133,"event_ids":[55736],"name":"Aaron Crow","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55945}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T00:39:29Z","links":[],"end":"2024-08-09T20:55:00.000-0000","id":55736,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55945}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-07-24T00:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Malware traffic is commonly identified using signatures based off its code, strings, and associated network infrastructure. However, it's also possible to build signatures from the timing between network transactions. This presentation will explore using network captures of known malicious network activity to find similar behavior in random traffic. The talk is technical as it involves processing packets with Python and a some data science, but will be presented in a way that anyone should be able to understand and enjoy.\n\n\n\n","media":[],"title":"Signature-Based Detection Using Network Timing","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:30:00Z","end_timestamp":{"seconds":1723239000,"nanoseconds":0},"android_description":"Malware traffic is commonly identified using signatures based off its code, strings, and associated network infrastructure. However, it's also possible to build signatures from the timing between network transactions. This presentation will explore using network captures of known malicious network activity to find similar behavior in random traffic. The talk is technical as it involves processing packets with Python and a some data science, but will be presented in a way that anyone should be able to understand and enjoy.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54567],"conference_id":133,"event_ids":[54942],"name":"Josh Pyorre","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cisco Talos","title":"Security Researcher"}],"links":[],"pronouns":null,"media":[],"id":54327,"title":"Security Researcher at Cisco Talos"}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T21:30:00.000-0000","id":54942,"tag_ids":[46385,46419,46438,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54327}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is an entry level talk about the practical parts of Physical Security Assessment, and how to talk to clients.\n\n\n","media":[],"title":"Doors, Cameras, & Mantraps: Oh my!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"This is an entry level talk about the practical parts of Physical Security Assessment, and how to talk to clients.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54566],"conference_id":133,"event_ids":[54941],"name":"Dylan \"The Magician\" Baklor","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Macy's","title":"Web Application Pentester and Network Security Pentester"}],"links":[],"pronouns":null,"media":[],"id":54246,"title":"Web Application Pentester and Network Security Pentester at Macy's"}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":54941,"tag_ids":[46384,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54246}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Unprecedented investments in vehicle electrification are creating new pathways for hackers to exploit EVs and EV chargers. Many of these risks are theoretical and have not been demonstrated in the wild…yet. Policymakers are racing to better understand systemic cyber risks present in this new EV ecosystem—particularly those which might impact the electric grid—so we can devise effective mitigations now. This talk offers a White House policymaker’s perspective on the changing EV landscape, new policy measures under consideration to identify and reduce the impact of vulnerabilities, and the critical role that hackers can play in focusing our work.\n\n\n","media":[],"title":"Building a secure and resilient nationwide EV charging network: the role of hackers in the clean energy revolution ","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"Unprecedented investments in vehicle electrification are creating new pathways for hackers to exploit EVs and EV chargers. Many of these risks are theoretical and have not been demonstrated in the wild…yet. Policymakers are racing to better understand systemic cyber risks present in this new EV ecosystem—particularly those which might impact the electric grid—so we can devise effective mitigations now. This talk offers a White House policymaker’s perspective on the changing EV landscape, new policy measures under consideration to identify and reduce the impact of vulnerabilities, and the critical role that hackers can play in focusing our work.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54565],"conference_id":133,"event_ids":[54940],"name":"Harry Krejsa","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ONCD","title":"Assistant National Cyber Director for Strategy"}],"links":[],"pronouns":null,"media":[],"id":54364,"title":"Assistant National Cyber Director for Strategy at ONCD"},{"content_ids":[54565],"conference_id":133,"event_ids":[54940],"name":"Sarah Hipel","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ONCD","title":"Standards and Reliability Program Manager"}],"links":[],"pronouns":null,"media":[],"id":54666,"title":"Standards and Reliability Program Manager at ONCD"}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":54940,"tag_ids":[46375,46419,46460,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54364},{"tag_id":46167,"sort_order":4,"person_id":54666}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"At Pwn2Own Toronto 2023, NCC Group was one of the two teams that compromised the Xiaomi 13 Pro. The exploit chain involved using a malicious HTML hyperlink and uploading a potentially malicious application to the Xiaomi app store.\r\n\r\nHowever, this talk is not just about the technical details of the exploit. While researching the final exploit, NCC Group discovered how an exploit could work in one region of the world, but not in other regions, and how the researchers had to travel to Canada for a day just to test if the exploit would work in Canada. This talk also discusses just how far Xiaomi is willing to go to make sure their device isn't hacked at Pwn2Own, and why only two teams were able to successfully compromise the device during the competition.\n\n\n","media":[],"title":"Xiaomi The Money - Our Toronto Pwn2Own Exploit and Behind The Scenes Story","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T21:15:00Z","end_timestamp":{"seconds":1723238100,"nanoseconds":0},"android_description":"At Pwn2Own Toronto 2023, NCC Group was one of the two teams that compromised the Xiaomi 13 Pro. The exploit chain involved using a malicious HTML hyperlink and uploading a potentially malicious application to the Xiaomi app store.\r\n\r\nHowever, this talk is not just about the technical details of the exploit. While researching the final exploit, NCC Group discovered how an exploit could work in one region of the world, but not in other regions, and how the researchers had to travel to Canada for a day just to test if the exploit would work in Canada. This talk also discusses just how far Xiaomi is willing to go to make sure their device isn't hacked at Pwn2Own, and why only two teams were able to successfully compromise the device during the competition.","updated_timestamp":{"seconds":1720375742,"nanoseconds":0},"speakers":[{"content_ids":[54454],"conference_id":133,"event_ids":[54827],"name":"Ken Gannon","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NCC Group","title":"Principal Security Consultant"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@yogehi)","sort_order":0,"url":"https://twitter.com/yogehi"},{"description":"","title":"yogehi.github.io","sort_order":0,"url":"https://yogehi.github.io"}],"media":[],"id":54104,"title":"Principal Security Consultant at NCC Group"},{"content_ids":[54454],"conference_id":133,"event_ids":[54827],"name":"Ilyes Beghdadi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Census Labs","title":"Senior Application Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@040xZx)","sort_order":0,"url":"https://twitter.com/040xZx"}],"media":[],"id":54149,"title":"Senior Application Security Engineer at Census Labs"}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T18:09:02Z","links":[],"end":"2024-08-09T21:15:00.000-0000","id":54827,"tag_ids":[46166,46419,46437,46882],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54104},{"tag_id":46167,"sort_order":2,"person_id":54149}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-07-07T18:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There are physical markings that are required under hundreds of different international laws, some governing transport of goods across national borders, some offering humanitarian protections on the battlefield, some seeking to protect the environment or genetic diversity… What they all have in common is that they’re currently represented by visual marks applied to objects. Many of these processes are undergoing “digitalization,” and becoming machine-readable, or electronically-signaled. A standards effort currently underway in the IETF seeks to create a common global marking protocol which would allow open-standards-based devices to scan, cryptographically validate, and display the digital versions of these marks. This session will relate the state of the standards effort, the scope of markings that have been considered thus far, and seek input on security or privacy vulnerabilities which may exist in the proposed standard.\n\n\n\n","media":[],"title":"Digital Emblems: When markings are required under international law, but you don’t have a rattle-can handy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T21:15:00Z","end_timestamp":{"seconds":1723238100,"nanoseconds":0},"android_description":"There are physical markings that are required under hundreds of different international laws, some governing transport of goods across national borders, some offering humanitarian protections on the battlefield, some seeking to protect the environment or genetic diversity… What they all have in common is that they’re currently represented by visual marks applied to objects. Many of these processes are undergoing “digitalization,” and becoming machine-readable, or electronically-signaled. A standards effort currently underway in the IETF seeks to create a common global marking protocol which would allow open-standards-based devices to scan, cryptographically validate, and display the digital versions of these marks. This session will relate the state of the standards effort, the scope of markings that have been considered thus far, and seek input on security or privacy vulnerabilities which may exist in the proposed standard.","updated_timestamp":{"seconds":1720307459,"nanoseconds":0},"speakers":[{"content_ids":[54453,56178,55917],"conference_id":133,"event_ids":[56832,54826,56508],"name":"Bill Woodcock","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Packet Clearing House","title":"Executive Director"}],"links":[],"pronouns":null,"media":[],"id":54077,"title":"Executive Director at Packet Clearing House"}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:59Z","links":[],"end":"2024-08-09T21:15:00.000-0000","id":54826,"tag_ids":[46166,46419,46880],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54077}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This short talk explores the intelligence potential available in the Telegram messaging app, with particular focus on our novel work exploring its new “similar channels” feature. Telegram is a popular application with numerous, but labyrinthine, security settings and many ways to spill data. In November 2023, Telegram also launched a new “similar channels” recommender feature, explaining that upon joining a channel, users will be shown similar channels that were \"selected automatically based on similarities in their subscriber bases.” We built a new tool, which we will release at DEFCON, to collect and analyze this similar channels data. We will then show how to use social network analysis techniques to uncover previously-hidden relationships between channels on the platform. In the course of collecting this OSINT for our own research projects, we uncovered evidence of numerous inauthentic channel networks that are being used to influence political discourse.\n\n\n","media":[],"title":"Tapping the OSINT potential of Telegram","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"This short talk explores the intelligence potential available in the Telegram messaging app, with particular focus on our novel work exploring its new “similar channels” feature. Telegram is a popular application with numerous, but labyrinthine, security settings and many ways to spill data. In November 2023, Telegram also launched a new “similar channels” recommender feature, explaining that upon joining a channel, users will be shown similar channels that were \"selected automatically based on similarities in their subscriber bases.” We built a new tool, which we will release at DEFCON, to collect and analyze this similar channels data. We will then show how to use social network analysis techniques to uncover previously-hidden relationships between channels on the platform. In the course of collecting this OSINT for our own research projects, we uncovered evidence of numerous inauthentic channel networks that are being used to influence political discourse.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55901],"conference_id":133,"event_ids":[56488],"name":"Megan Squire","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56266}],"begin_tsz":"2024-08-09T20:25:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":56488,"tag_ids":[46391,46511],"village_id":null,"begin_timestamp":{"seconds":1723235100,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56266}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T20:25:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this presentation, we researched vulnerable security configurations that enable attacks on Kubernetes (K8s) clusters and examined how these settings can be exploited in CNCF projects. Kubernetes (K8s) uses YAML files to manage various security settings, leading to potential attacks such as information leakage, excessive permission acquisition, and container escape.\n\nInitially, this study focused on three security configuration areas in K8s: RBAC, HostPID, and Security Context. We explained the threats present if vulnerable settings are included.\n\n - RBAC: Excessive permission in K8s resources allows sensitive information theft or access to other nodes\n - HostPID: Access to node process information enables container escape attacks\n - Security Context: Incorrect security settings enable node escape and host access\n\n\nNext, we created patterns for identifying weak security settings through YAML files. To do this, we conducted a literature review and expanded the vulnerable patterns centered on RBAC proposed in various papers. Additionally, we included other security settings (HostPID, Security Context).\n[Our Pattern vs Paper Pattern]\n\n 1. RBAC:\n - Our: Daemonset, Deployment SA > node Patch and Secret Get/List\n - Paper: Daemonset > node Patch and Secret Get/List\n 2. Kind:\n Our: Cluster Role, Role, Role Binding\n Paper: Cluster Role\n 3. Other Security configurations:\n - Our: HostPID, SecurityContext\n - Paper: X\n\nUtilizing these patterns, we examined over 150 widely-used 3rd-party CNCF projects in K8s, discovering more than 50 instances of vulnerable patterns.\nWe provide detailed demonstrations of three scenarios for seizing nodes or clusters by using the discovered patterns to set Base Attack conditions.\n\n[Base Attack Conditions]\n\n - RBAC > Demonset / Deployment > Service Account > Secret (Get/List) or Node(Patch)\n [Exploit Scenario]\n - Stealing Tokens using Pods with excessive privileges\n - Node Take over via 1 Day (CVE-2022-42889) or hostPID: True or Security Context\n - Take over of another node or cluster using the Service Account Token on the deodorized node \n\n\nAdditionally, we are aware that 3rd-Party CNCF projects are widely used for convenience when operating K8S in CSPs (AWS, Azure, GCP). Since scenarios can occur in a CSP environment, we demonstrate in more detail.\nFinally, based on these research results, we share vulnerable patterns with project owners to collaborate on patching and issue tracking. Before the presentation, we plan to share any reporting on CVEs and patch notes.\n\n\n","media":[],"title":"Exploit K8S via Misconfiguration .YAML in CSP environments","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"In this presentation, we researched vulnerable security configurations that enable attacks on Kubernetes (K8s) clusters and examined how these settings can be exploited in CNCF projects. Kubernetes (K8s) uses YAML files to manage various security settings, leading to potential attacks such as information leakage, excessive permission acquisition, and container escape.\n\nInitially, this study focused on three security configuration areas in K8s: RBAC, HostPID, and Security Context. We explained the threats present if vulnerable settings are included.\n\n - RBAC: Excessive permission in K8s resources allows sensitive information theft or access to other nodes\n - HostPID: Access to node process information enables container escape attacks\n - Security Context: Incorrect security settings enable node escape and host access\n\n\nNext, we created patterns for identifying weak security settings through YAML files. To do this, we conducted a literature review and expanded the vulnerable patterns centered on RBAC proposed in various papers. Additionally, we included other security settings (HostPID, Security Context).\n[Our Pattern vs Paper Pattern]\n\n 1. RBAC:\n - Our: Daemonset, Deployment SA > node Patch and Secret Get/List\n - Paper: Daemonset > node Patch and Secret Get/List\n 2. Kind:\n Our: Cluster Role, Role, Role Binding\n Paper: Cluster Role\n 3. Other Security configurations:\n - Our: HostPID, SecurityContext\n - Paper: X\n\nUtilizing these patterns, we examined over 150 widely-used 3rd-party CNCF projects in K8s, discovering more than 50 instances of vulnerable patterns.\nWe provide detailed demonstrations of three scenarios for seizing nodes or clusters by using the discovered patterns to set Base Attack conditions.\n\n[Base Attack Conditions]\n\n - RBAC > Demonset / Deployment > Service Account > Secret (Get/List) or Node(Patch)\n [Exploit Scenario]\n - Stealing Tokens using Pods with excessive privileges\n - Node Take over via 1 Day (CVE-2022-42889) or hostPID: True or Security Context\n - Take over of another node or cluster using the Service Account Token on the deodorized node \n\n\nAdditionally, we are aware that 3rd-Party CNCF projects are widely used for convenience when operating K8S in CSPs (AWS, Azure, GCP). Since scenarios can occur in a CSP environment, we demonstrate in more detail.\nFinally, based on these research results, we share vulnerable patterns with project owners to collaborate on patching and issue tracking. Before the presentation, we plan to share any reporting on CVEs and patch notes.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55483],"conference_id":133,"event_ids":[55912],"name":"Wooseok Kim","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"woooseokkim","sort_order":0,"url":"https://woooseokkim"}],"media":[],"id":56004},{"content_ids":[55483],"conference_id":133,"event_ids":[55912],"name":"Changhyun Park","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56005}],"begin_tsz":"2024-08-09T20:25:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":55912,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723235100,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56004},{"tag_id":46167,"sort_order":4,"person_id":56005}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T20:25:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk, we will discuss the strengths and limitations of LLMs for code analysis tasks like code search and code clone detection. We will show when the LLMs make mistakes and what kinds of mistakes they make. For example, we observe that the performance of popular LLMs heavily relies on the well-defined variable and function names, therefore, they will make mistakes when some misleading variable name is given. Anyone interested in exploring the intersection of AI and code security analysis can attend this talk.\n\n\n","media":[],"title":"SDLC Nightmares - Defeating Secure Code Review GPT Hallucinations","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"In this talk, we will discuss the strengths and limitations of LLMs for code analysis tasks like code search and code clone detection. We will show when the LLMs make mistakes and what kinds of mistakes they make. For example, we observe that the performance of popular LLMs heavily relies on the well-defined variable and function names, therefore, they will make mistakes when some misleading variable name is given. Anyone interested in exploring the intersection of AI and code security analysis can attend this talk.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55737],"conference_id":133,"event_ids":[56263],"name":"Wang Zhilong","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56098},{"content_ids":[55737],"conference_id":133,"event_ids":[56263],"name":"Xinzhi Luo","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56099}],"begin_tsz":"2024-08-09T20:15:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T20:45:00.000-0000","id":56263,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723234500,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56098},{"tag_id":46167,"sort_order":1,"person_id":56099}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-09T20:15:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Q&A With OWASP","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723235175,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T20:26:15Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":56870,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 2","hotel":"","short_name":"ASV Pod 2","id":46467},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-09T20:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"No CTF? No Problem! Leveraging Alternate Reality Games to Develop OSINT and Cryptography Skills","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723225114,"nanoseconds":0},"speakers":[{"content_ids":[56208],"conference_id":133,"event_ids":[56862],"name":"John \"2PAC\" Smithberger","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56600}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T17:38:34Z","links":[],"end":"2024-08-09T20:45:00.000-0000","id":56862,"tag_ids":[46409,46511],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56600}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W213-W214","hotel":"","short_name":"W213-W214","id":46286},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-09T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Risk Limiting Audits are a powerful statistical technique for determining whether or not election outcomes, determined provisionally by machine counts, are likely to be correct. Join us for an overview of Risk Limiting Audits by the person who invented them. This is an incredible opportunity to understand what a true Risk Limiting Audit is. Many people have misconceptions of what audits and recounts are, and unfortunately do not understand the fundamental basics of what a true audit of an election would look like. Professor Stark will be giving a full overview. Don’t miss out! Following this talk Professor Stark will be giving a Risk Limiting Audit demo in our Voting Machine Lab that we highly recommend you check out!\n\n\n","media":[],"title":"Risk Limiting Audits From the Source","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"Risk Limiting Audits are a powerful statistical technique for determining whether or not election outcomes, determined provisionally by machine counts, are likely to be correct. Join us for an overview of Risk Limiting Audits by the person who invented them. This is an incredible opportunity to understand what a true Risk Limiting Audit is. Many people have misconceptions of what audits and recounts are, and unfortunately do not understand the fundamental basics of what a true audit of an election would look like. Professor Stark will be giving a full overview. Don’t miss out! Following this talk Professor Stark will be giving a Risk Limiting Audit demo in our Voting Machine Lab that we highly recommend you check out!","updated_timestamp":{"seconds":1723183538,"nanoseconds":0},"speakers":[{"content_ids":[56187,56185,56183],"conference_id":133,"event_ids":[56837,56839,56841],"name":"Philip Stark","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/philip-stark-0422325"},{"description":"","title":"Twitter (@philipbstark)","sort_order":0,"url":"https://twitter.com/philipbstark"},{"description":"","title":"Website","sort_order":0,"url":"https://www.stat.berkeley.edu/~stark/"}],"media":[],"id":56561}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:05:38Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":56839,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56561}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"It's in the Cards! Pick 5 cards with random levels of difficulty. Answer questions ranging from true/false to multiple choice to spot the vulnerable code. Test your knowledge on risky deployment scenarios, rack up the points, and get to the top of the leaderboard to win!\n\n\n","media":[],"title":"Activity: Test Your AppSec Knowledge by Deepfactor","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"It's in the Cards! Pick 5 cards with random levels of difficulty. Answer questions ranging from true/false to multiple choice to spot the vulnerable code. Test your knowledge on risky deployment scenarios, rack up the points, and get to the top of the leaderboard to win!","updated_timestamp":{"seconds":1723007481,"nanoseconds":0},"speakers":[{"content_ids":[56166],"conference_id":133,"event_ids":[56810],"name":"Mike Larkin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56552}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T05:11:21Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":56810,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56552}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 3","hotel":"","short_name":"ASV Pod 3","id":46468},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-07T05:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for an exhilarating container security CTF where you can go head-to-head with your peers. In this session, we will explore the world of container security, including image analysis, enumeration, and the most up-to-date container escape techniques. Put your skills to the test and compete for the top spot! Participants will gain valuable knowledge in container security and have the chance to win some exciting prizes. Don't miss out on this thrilling opportunity to showcase your expertise!\n\n\n","media":[],"title":"Activity: Capture the Container by Chainguard","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"Join us for an exhilarating container security CTF where you can go head-to-head with your peers. In this session, we will explore the world of container security, including image analysis, enumeration, and the most up-to-date container escape techniques. Put your skills to the test and compete for the top spot! Participants will gain valuable knowledge in container security and have the chance to win some exciting prizes. Don't miss out on this thrilling opportunity to showcase your expertise!","updated_timestamp":{"seconds":1723007321,"nanoseconds":0},"speakers":[{"content_ids":[56162],"conference_id":133,"event_ids":[56806,56813],"name":"Jonathan Leitschuh","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56549}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T05:08:41Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":56806,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56549}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 1","hotel":"","short_name":"ASV Pod 1","id":46466},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-07T05:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Are you getting stuck on solving ciphers in challenges? Not sure who or what Caesar is? What is \"polyalphabetic\" or \"transposition\"? Is this even relevant to modern day cryptography? Come on over for the Intro to Ciphers talk! Talk time: 5-15 minutes\n\n\n","media":[],"title":"CPV: Intro to Cyphers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:15:00Z","end_timestamp":{"seconds":1723234500,"nanoseconds":0},"android_description":"Are you getting stuck on solving ciphers in challenges? Not sure who or what Caesar is? What is \"polyalphabetic\" or \"transposition\"? Is this even relevant to modern day cryptography? Come on over for the Intro to Ciphers talk! Talk time: 5-15 minutes","updated_timestamp":{"seconds":1722725880,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T22:58:00Z","links":[],"end":"2024-08-09T20:15:00.000-0000","id":56788,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-03T22:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"MITRE Caldera is a scalable, automated adversary emulation, open-source cybersecurity platform developed by MITRE. It empowers cyber practitioners to save time, money, and energy through automated security assessments. Caldera not only tests and evaluates detection/analytic and response platforms, but it also provides the capability for your red team to perform manual assessments with computer assistance. This is achieved by augmenting existing offensive toolsets. The framework can be extended to integrate with any custom tools you may have. The development team behind the platform is a group of red teamers, software developers, exploit writers, cyber threat analysts, AI researchers, cybersecurity engineers, and computer scientists. They all pursue the common goal of building a premier adversary emulation platform for our security defenders around the world. To showcase Caldera at DEF CON 32, we will present a scenario that a commercial or corporate entity may ask of a security team. In this scenario, a concerned organization is requesting a security team to develop a repeatable adversary emulation plan based on current cyber threat intelligence (CTI) for a specific advanced persistent threat (APT) that has been targeting the organization’s industry sector. We will create three cyber threat intelligence reports for this adversary detailing the tactics, techniques, and procedures (TTPs) attributed to them. These TTPs will correspond with the abilities available in Caldera’s Stockpile and Atomic plugins. This collection of abilities makes the job of developing an adversary emulation very simple. We will go on to demonstrate how to develop an adversary emulation plan in Caldera utilizing the relevant TTPs described in the CTI reporting. Finally, we will execute the new adversary emulation plan against the target machines and display the facts that Caldera collects during an operation, the outputs of all commands run, and the final report generated by the Debrief plugin.\n\n\n","media":[],"title":"Introduction to MITRE Caldera Through Adversary Emulation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"MITRE Caldera is a scalable, automated adversary emulation, open-source cybersecurity platform developed by MITRE. It empowers cyber practitioners to save time, money, and energy through automated security assessments. Caldera not only tests and evaluates detection/analytic and response platforms, but it also provides the capability for your red team to perform manual assessments with computer assistance. This is achieved by augmenting existing offensive toolsets. The framework can be extended to integrate with any custom tools you may have. The development team behind the platform is a group of red teamers, software developers, exploit writers, cyber threat analysts, AI researchers, cybersecurity engineers, and computer scientists. They all pursue the common goal of building a premier adversary emulation platform for our security defenders around the world. To showcase Caldera at DEF CON 32, we will present a scenario that a commercial or corporate entity may ask of a security team. In this scenario, a concerned organization is requesting a security team to develop a repeatable adversary emulation plan based on current cyber threat intelligence (CTI) for a specific advanced persistent threat (APT) that has been targeting the organization’s industry sector. We will create three cyber threat intelligence reports for this adversary detailing the tactics, techniques, and procedures (TTPs) attributed to them. These TTPs will correspond with the abilities available in Caldera’s Stockpile and Atomic plugins. This collection of abilities makes the job of developing an adversary emulation very simple. We will go on to demonstrate how to develop an adversary emulation plan in Caldera utilizing the relevant TTPs described in the CTI reporting. Finally, we will execute the new adversary emulation plan against the target machines and display the facts that Caldera collects during an operation, the outputs of all commands run, and the final report generated by the Debrief plugin.","updated_timestamp":{"seconds":1722715708,"nanoseconds":0},"speakers":[{"content_ids":[55986,54197],"conference_id":133,"event_ids":[56608,54566],"name":"Mark Perry","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MITRE Corp","title":"Lead Applied Cyber Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/mark-perry-2a4a8451"}],"media":[],"id":53755,"title":"Lead Applied Cyber Security Engineer at MITRE Corp"},{"content_ids":[55986,54197],"conference_id":133,"event_ids":[56608,54566],"name":"Rachel Murphy","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MITRE Corp","title":"Cyber Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/rachelcmurphy"}],"media":[],"id":53769,"title":"Cyber Security Engineer at MITRE Corp"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T20:08:28Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":56608,"tag_ids":[46367,46734],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":53769},{"tag_id":46484,"sort_order":4,"person_id":53755}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-03T20:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is an AMA/Podcast that will be recorded on-site.\n\n\n","media":[],"title":"Interview - Mika Devonshire, Hosted by Himanshu Das","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"This is an AMA/Podcast that will be recorded on-site.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55900],"conference_id":133,"event_ids":[56487],"name":"Mika Devonshire","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56279},{"content_ids":[55900],"conference_id":133,"event_ids":[56487],"name":"Himanshu Das","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56280}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":56487,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56279},{"tag_id":46167,"sort_order":4,"person_id":56280}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this workshop, attendees are introduced to the basics of satellite communication in a hands-on manner. Also, through the power of virtualization and open-source software, attendees will get a step-by-step guide to create their own personal satellite lab, while helping discover the fundamental principles of satellite communication, from orbital mechanics to data transmission protocols, as you design, simulate, and experiment with satellite systems in a risk-free, virtual environment. Unveil the secrets of satellite technology, gain hands-on experience with real-world scenarios, and configuring and controlling your virtual satellite. This unique learning experience equips you with the knowledge and practical skills needed to explore the possibilities of satellite communication. Unlock the universe of opportunities that satellite communication offers, right from your own laptop.\r\n\r\nAttendee Requirements:\r\n- A moder laptop with VMware Workstation or VMware Fusion Installed.\r\n- Both Intel/AMD64 and ARM64 are supported in this workshop\r\n- Internet Access is not Required but the ability to connect to a local Wi-Fi network will be in order to access the workshop materials.\r\n \r\nAudience Skill Level: Beginner\r\n\r\nBYOS is a beginner friendly workshop that does require some use of the Linux command line, however if you have never used the command line before, you can still be successful in this lab.\r\n\r\nSome concepts will be new to attendees and the workshop is setup to allow ample time for questions and troubleshooting.\r\n\n\n\n","media":[],"title":"BYOS – Bring Your Own Satellite","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"In this workshop, attendees are introduced to the basics of satellite communication in a hands-on manner. Also, through the power of virtualization and open-source software, attendees will get a step-by-step guide to create their own personal satellite lab, while helping discover the fundamental principles of satellite communication, from orbital mechanics to data transmission protocols, as you design, simulate, and experiment with satellite systems in a risk-free, virtual environment. Unveil the secrets of satellite technology, gain hands-on experience with real-world scenarios, and configuring and controlling your virtual satellite. This unique learning experience equips you with the knowledge and practical skills needed to explore the possibilities of satellite communication. Unlock the universe of opportunities that satellite communication offers, right from your own laptop.\r\n\r\nAttendee Requirements:\r\n- A moder laptop with VMware Workstation or VMware Fusion Installed.\r\n- Both Intel/AMD64 and ARM64 are supported in this workshop\r\n- Internet Access is not Required but the ability to connect to a local Wi-Fi network will be in order to access the workshop materials.\r\n \r\nAudience Skill Level: Beginner\r\n\r\nBYOS is a beginner friendly workshop that does require some use of the Linux command line, however if you have never used the command line before, you can still be successful in this lab.\r\n\r\nSome concepts will be new to attendees and the workshop is setup to allow ample time for questions and troubleshooting.","updated_timestamp":{"seconds":1722626524,"nanoseconds":0},"speakers":[{"content_ids":[55832],"conference_id":133,"event_ids":[56382],"name":"Tim Fowler","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/roobixx/"}],"media":[],"id":56192}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:22:04Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":56382,"tag_ids":[46366,46734],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56192}],"tags":"","conference_id":133,"location":{"parent_id":46259,"name":"LVCC - L1 - HW2-07-02 (Aerospace) - Workshops","hotel":"","short_name":"Workshops","id":46476},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-02T19:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"With our open-source tool GraphQL Armor we want to take GraphQL security to the next level. GraphQL Armor is a dead-simple yet highly customizable security middleware for various GraphQL server engines. It offers advanced protection against common vulnerabilities like query depth, complexity, and rate limiting. \r\n\r\nIn this session, we’ll dive into the technical details, demonstrating how to identify GraphQL-specific vulnerabilities, integrate GraphQL Armor into your current setup, and customize it to your needs. \n\n\n","media":[],"title":"Arsenal: GraphQL Armor - Open Source GraphQL Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"With our open-source tool GraphQL Armor we want to take GraphQL security to the next level. GraphQL Armor is a dead-simple yet highly customizable security middleware for various GraphQL server engines. It offers advanced protection against common vulnerabilities like query depth, complexity, and rate limiting. \r\n\r\nIn this session, we’ll dive into the technical details, demonstrating how to identify GraphQL-specific vulnerabilities, integrate GraphQL Armor into your current setup, and customize it to your needs.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55736],"conference_id":133,"event_ids":[56238],"name":"Tristan Kalos","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56091},{"content_ids":[55736],"conference_id":133,"event_ids":[56238],"name":"Antoine Carossio","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56104}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":56238,"tag_ids":[46169,46370,46438,46511],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"Tool 🛠, Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":56104},{"tag_id":46167,"sort_order":1,"person_id":56091}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Arsenal 2","hotel":"","short_name":"ASV Arsenal 2","id":46470},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this workshop we present two perspectives on card present attacks - attacker's and defender's. What typical banks and card processors think of modern card present attacks?\r\nHow easy is it to mitigate those without compromising on user experience?\n\n\n","media":[],"title":"Attacking and defending card present transactions","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"In this workshop we present two perspectives on card present attacks - attacker's and defender's. What typical banks and card processors think of modern card present attacks?\r\nHow easy is it to mitigate those without compromising on user experience?","updated_timestamp":{"seconds":1722356150,"nanoseconds":0},"speakers":[{"content_ids":[55564],"conference_id":133,"event_ids":[56079],"name":"Sebastiaan Pierrot","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Adyen","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/sebastiaanpierrot/"}],"media":[],"id":56040,"title":"Adyen"},{"content_ids":[55564],"conference_id":133,"event_ids":[56079],"name":"Stephan Viljoen","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Adyen","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/stephan-viljoen-974ba09b/"}],"media":[],"id":56041,"title":"Adyen"},{"content_ids":[55564],"conference_id":133,"event_ids":[56079],"name":"Yurii Zadoianchuk","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Adyen","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/yurii-zadoianchuk/"}],"media":[],"id":56043,"title":"Adyen"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T16:15:50Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":56079,"tag_ids":[46386,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56043},{"tag_id":46484,"sort_order":4,"person_id":56041},{"tag_id":46484,"sort_order":6,"person_id":56040}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-30T16:15:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this MarSec event we will engage convention goers with a number of different tabletop games to help them understand the operational issues surrounding offensive and defensive cyber operations in a port complex. Players will become familiar with the various network components that support port and shipping operations from the underlying infrastructure to the system components at ports and commercial ships. A fictional terminal, Boundary Terminal part of the Port Elizabeth New Jersey complex, and a fictional shipping line, Worldwide Shipping Operations form the basis for all of three of our games. The games are: a short game designed to show the basic target set and linkages, a longer role-playing game where players can engage in detail with port systems, and a card driven game focused on detection, forensics, and counter-forensics. The role-playing game has been conducted as part of the MarSec portion of the ICS Village for the past two years, while the shorter version was added last year. This year we will add the counter-forensics game. All of the games are designed to be entertaining and engaging with prizes provided to the winners and best players (usually everyone gets a prize).\n\n\n","media":[{"hash_sha256":"a43e90beb02db94f81620530a72e3185043ff5f6a8fc15d5b915c4b7414f537a","filetype":"image/png","hash_md5":"381e707c51504a86ffccd678769cfbf7","name":"ct_hacking-boundary.png","is_logo":"Y","hash_crc32c":"81a9d890","filesize":253710,"asset_id":645,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hacking-boundary.png"}],"title":"Hacking Boundary Terminal","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"In this MarSec event we will engage convention goers with a number of different tabletop games to help them understand the operational issues surrounding offensive and defensive cyber operations in a port complex. Players will become familiar with the various network components that support port and shipping operations from the underlying infrastructure to the system components at ports and commercial ships. A fictional terminal, Boundary Terminal part of the Port Elizabeth New Jersey complex, and a fictional shipping line, Worldwide Shipping Operations form the basis for all of three of our games. The games are: a short game designed to show the basic target set and linkages, a longer role-playing game where players can engage in detail with port systems, and a card driven game focused on detection, forensics, and counter-forensics. The role-playing game has been conducted as part of the MarSec portion of the ICS Village for the past two years, while the shorter version was added last year. This year we will add the counter-forensics game. All of the games are designed to be entertaining and engaging with prizes provided to the winners and best players (usually everyone gets a prize).","updated_timestamp":{"seconds":1722308655,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:04:15Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249344"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249345"}],"end":"2024-08-10T01:00:00.000-0000","id":56008,"tag_ids":[46427,46439,46772],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-E","hotel":"","short_name":"HW4-03-06-E","id":46378},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-30T03:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us at the lock pick village tables after Jared's talk on safe manipulation for some hands on practice!\n\n\n","media":[],"title":"Safecracking Practical Demonstration","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Join us at the lock pick village tables after Jared's talk on safe manipulation for some hands on practice!","updated_timestamp":{"seconds":1722209247,"nanoseconds":0},"speakers":[{"content_ids":[54556,55503],"conference_id":133,"event_ids":[55932,54931],"name":"Jared Dygert","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54305}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:27:27Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":55932,"tag_ids":[46384,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54305}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03-A","hotel":"","short_name":"HW2-07-03-A","id":46383},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-28T23:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Microsoft Azure threat matrix contains a mysterious and almost empty item: AZT508 - Azure Policy, which suggests this service can break bad but gives almost no details as to how. To quote Microsoft: “Azure Policy helps to enforce organizational standards and to assess compliance at-scale.“ How does this banal sounding service come to be used for attacking Azure users?\n\nThis talk aims to fill in the picture. We will explore the Azure Policy service and how it can be used for badness: punching holes in acls, creating persistent backdoors on virtual machines, assigning attacker controlled roles to resources, modifying database encryption, etc. I will demo an abuse scenario, and discuss others that can be used for privilege escalation and persistence. I will also discuss a confused deputy attack on this service. Finally, I will share detection and control recommendations.\n\nTalk Outline:\n---\nThe Azure Policy service (3 mins):\n- What it is, how it works, and how it is intended to be used. This service is billed as an integral part of the Azure compliance story. Policies examine resources and can block or alert on non-compliance.\n- Introduce the components at play and lay the groundwork for understanding later abuse. -----There are lots of interlocking pieces to understand.\n- Introducing policy effects which go far beyond normal auditing scope. Effects are how policies can make changes to resource configuration.\n\nEstablishing the abuse case: (7 mins)\n- Discussion of evil that can be done with intended functionality including a demo\n- Policy adds an arbitrary script to every VM, which runs as soon as it starts up, calling a reverse shell home.\n- Policy turns off database encryption\n- Policy to assign an RBAC role to attacker controlled account\n- What privileges and roles are need for the above\n\nPrivesc scenario (7 mins)\n- Policy initiatives - these are higher level groupings of policies\n- Confused deputy attack via initiative\n- The curious case of `append` actions\n- Policies can append an attacker IP to every new ACL in your environment\n- Adding attacker ssh keys to all VMs\n\n\n","media":[],"title":"ExploitIfNotExists: Privilege Escalation & Persistence with Azure Policy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:25:00Z","end_timestamp":{"seconds":1723235100,"nanoseconds":0},"android_description":"The Microsoft Azure threat matrix contains a mysterious and almost empty item: AZT508 - Azure Policy, which suggests this service can break bad but gives almost no details as to how. To quote Microsoft: “Azure Policy helps to enforce organizational standards and to assess compliance at-scale.“ How does this banal sounding service come to be used for attacking Azure users?\n\nThis talk aims to fill in the picture. We will explore the Azure Policy service and how it can be used for badness: punching holes in acls, creating persistent backdoors on virtual machines, assigning attacker controlled roles to resources, modifying database encryption, etc. I will demo an abuse scenario, and discuss others that can be used for privilege escalation and persistence. I will also discuss a confused deputy attack on this service. Finally, I will share detection and control recommendations.\n\nTalk Outline:\n---\nThe Azure Policy service (3 mins):\n- What it is, how it works, and how it is intended to be used. This service is billed as an integral part of the Azure compliance story. Policies examine resources and can block or alert on non-compliance.\n- Introduce the components at play and lay the groundwork for understanding later abuse. -----There are lots of interlocking pieces to understand.\n- Introducing policy effects which go far beyond normal auditing scope. Effects are how policies can make changes to resource configuration.\n\nEstablishing the abuse case: (7 mins)\n- Discussion of evil that can be done with intended functionality including a demo\n- Policy adds an arbitrary script to every VM, which runs as soon as it starts up, calling a reverse shell home.\n- Policy turns off database encryption\n- Policy to assign an RBAC role to attacker controlled account\n- What privileges and roles are need for the above\n\nPrivesc scenario (7 mins)\n- Policy initiatives - these are higher level groupings of policies\n- Confused deputy attack via initiative\n- The curious case of `append` actions\n- Policies can append an attacker IP to every new ACL in your environment\n- Adding attacker ssh keys to all VMs","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55482],"conference_id":133,"event_ids":[55911],"name":"Zander Mackie","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"ZanderMackie","sort_order":0,"url":"https://ZanderMackie"}],"media":[],"id":56021}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T20:25:00.000-0000","id":55911,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56021}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Biometrics applied to PACS (Physical Access Control Systems) has been an hot-topic for a few years now. The spread of fingerprint or face recognition based access control and time attendance systems among corporate, industrial and military environments has surged. And with it, also the number of potential attack vectors has increased. In this talk, after a brief overview of the state of art of available PACS utilizing biometrics to authenticate and authorize users, we will investigate one technology among others (usually perceived less-invasive) that has been widely used in some specific fields (e.g. industrial plants, airports, food industry, etc.): the handpunch access control and time attendance systems. The handpunch PACS are based on the hand-geometry recognition. In this presentation we will have a look how this tech works and, in particular, we will focus our attention on reviewing some of existing handpunch devices: from a physical security POV until reversing the communication protocol. Moreover, during the presentation will be demonstrated how to remotely push a new super-admin user into it (i.e. persistent backdoor), how to dump existing users credentials and will be also released an opensource tool-suite: HandScan & HandPwner. \r\n\r\nEventually, thanks the cooperation with Shodan’s creator, it has been confirmed that more than 1800 of these vulnerable devices were found exposed on the Internet. Finally, we will conclude the talk with practical and actionable countermeasures to prevent these attacks and how to harden these devices.\n\n\n","media":[],"title":"HandPwning: \"Your Hand is your Passport. Verify me. Now let me in!\"","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:25:00Z","end_timestamp":{"seconds":1723235100,"nanoseconds":0},"android_description":"Biometrics applied to PACS (Physical Access Control Systems) has been an hot-topic for a few years now. The spread of fingerprint or face recognition based access control and time attendance systems among corporate, industrial and military environments has surged. And with it, also the number of potential attack vectors has increased. In this talk, after a brief overview of the state of art of available PACS utilizing biometrics to authenticate and authorize users, we will investigate one technology among others (usually perceived less-invasive) that has been widely used in some specific fields (e.g. industrial plants, airports, food industry, etc.): the handpunch access control and time attendance systems. The handpunch PACS are based on the hand-geometry recognition. In this presentation we will have a look how this tech works and, in particular, we will focus our attention on reviewing some of existing handpunch devices: from a physical security POV until reversing the communication protocol. Moreover, during the presentation will be demonstrated how to remotely push a new super-admin user into it (i.e. persistent backdoor), how to dump existing users credentials and will be also released an opensource tool-suite: HandScan & HandPwner. \r\n\r\nEventually, thanks the cooperation with Shodan’s creator, it has been confirmed that more than 1800 of these vulnerable devices were found exposed on the Internet. Finally, we will conclude the talk with practical and actionable countermeasures to prevent these attacks and how to harden these devices.","updated_timestamp":{"seconds":1722564738,"nanoseconds":0},"speakers":[{"content_ids":[55343,55800],"conference_id":133,"event_ids":[55735,56349,56352],"name":"Luca \"CYBERANTANI\" Bongiorni","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"We Hack In Disguise (WHID)","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":55951,"title":"Founder at We Hack In Disguise (WHID)"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T02:12:18Z","links":[],"end":"2024-08-09T20:25:00.000-0000","id":55735,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55951}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-02T02:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"One year since the five-agency release of the Request for Information (RFI) on Open-Source Software Security Areas of Long Term Focus and Prioritization the U.S. government is returning to DEF CON to release an RFI Summary Report that consolidates the feedback received from the open-source software community and highlight agency-wide priorities to secure the open-source software ecosystem. In this panel, you will hear from government employees leading the charge on policy solutions towards secure open-source software and building trust with the open-source software ecosystem. In this panel, White House, the U.S. Department of Homeland Security, and Infrastructure Security Agency officials will present an overview of the Federal Government efforts in this space. The discussion will address the five priority areas addressed in the RFI, including (i) Securing Open-Source Software Foundations; (ii) Sustaining Open-Source Software Communities and Governance; (iii) Creating Behavioral and Economic Incentives to Secure the Open-Source Software Ecosystem; (iv) Improving R&D/ Innovation; and (v) Expanding International Collaboration. We look to work with you to ensure a secure, sustainable, and resilient open-source software future.\n\n\n","media":[],"title":"The Value of Trust in the Open-source Software Ecosystem","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"One year since the five-agency release of the Request for Information (RFI) on Open-Source Software Security Areas of Long Term Focus and Prioritization the U.S. government is returning to DEF CON to release an RFI Summary Report that consolidates the feedback received from the open-source software community and highlight agency-wide priorities to secure the open-source software ecosystem. In this panel, you will hear from government employees leading the charge on policy solutions towards secure open-source software and building trust with the open-source software ecosystem. In this panel, White House, the U.S. Department of Homeland Security, and Infrastructure Security Agency officials will present an overview of the Federal Government efforts in this space. The discussion will address the five priority areas addressed in the RFI, including (i) Securing Open-Source Software Foundations; (ii) Sustaining Open-Source Software Communities and Governance; (iii) Creating Behavioral and Economic Incentives to Secure the Open-Source Software Ecosystem; (iv) Improving R&D/ Innovation; and (v) Expanding International Collaboration. We look to work with you to ensure a secure, sustainable, and resilient open-source software future.","updated_timestamp":{"seconds":1721778655,"nanoseconds":0},"speakers":[{"content_ids":[55331,56138],"conference_id":133,"event_ids":[55730,56781],"name":"Aeva Black","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DHS Cyber Security and Infrastructure Security Agency","title":""}],"links":[],"pronouns":"they/them","media":[],"id":55918,"title":"DHS Cyber Security and Infrastructure Security Agency"},{"content_ids":[55331],"conference_id":133,"event_ids":[55730],"name":"Jordan Kasper","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Department of Homeland Security","title":"Senior Advisor for Technology and Delivery in the Office of the CIO"}],"links":[],"pronouns":null,"media":[],"id":55930,"title":"Senior Advisor for Technology and Delivery in the Office of the CIO at Department of Homeland Security"},{"content_ids":[55331],"conference_id":133,"event_ids":[55730],"name":"Nasreen Djouini","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Office of the National Cyber Director (ONCD)","title":"Senior Policy Advisor"}],"links":[],"pronouns":null,"media":[],"id":55936,"title":"Senior Policy Advisor at Office of the National Cyber Director (ONCD)"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-23T23:50:55Z","links":[],"end":"2024-08-09T20:45:00.000-0000","id":55730,"tag_ids":[46388,46419,46511],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55936},{"tag_id":46167,"sort_order":4,"person_id":55930},{"tag_id":46167,"sort_order":6,"person_id":55918}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-23T23:50:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Drone hacking tends to be an expensive and sometimes unsafe, but not if you use a simulator!. I have developed a drone hacking simulator called the [Damn Vulnerable Drone](https://github.com/nicholasaleks/Damn-Vulnerable-Drone). \r\n\r\nThe Damn Vulnerable Drone is a virtually simulated environment designed for offensive security professionals to safely learn and practice drone hacking techniques. It simulates real-world ArduPilot & MAVLink drone architectures and vulnerabilities, offering a hands-on experience in exploiting drone systems.\n\n\n","media":[],"title":"Simulated Drone Hacking","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T20:50:00Z","end_timestamp":{"seconds":1723236600,"nanoseconds":0},"android_description":"Drone hacking tends to be an expensive and sometimes unsafe, but not if you use a simulator!. I have developed a drone hacking simulator called the [Damn Vulnerable Drone](https://github.com/nicholasaleks/Damn-Vulnerable-Drone). \r\n\r\nThe Damn Vulnerable Drone is a virtually simulated environment designed for offensive security professionals to safely learn and practice drone hacking techniques. It simulates real-world ArduPilot & MAVLink drone architectures and vulnerabilities, offering a hands-on experience in exploiting drone systems.","updated_timestamp":{"seconds":1721595168,"nanoseconds":0},"speakers":[{"content_ids":[55275,55836],"conference_id":133,"event_ids":[55665,56386],"name":"Nick Aleks","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@exploitpapi)","sort_order":0,"url":"https://twitter.com/exploitpapi"}],"media":[],"id":55824}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T20:52:48Z","links":[],"end":"2024-08-09T20:50:00.000-0000","id":55665,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55824}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-21T20:52:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this collaborative panel with Blue Team Village we'll sit down with two Red Teamers and two Blue Teamers to talk through how real world attacks could take place - and how to defend them.\n\n\n","media":[],"title":"Red Goes Purple: Executing the Attack Path","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T20:50:00Z","end_timestamp":{"seconds":1723236600,"nanoseconds":0},"android_description":"In this collaborative panel with Blue Team Village we'll sit down with two Red Teamers and two Blue Teamers to talk through how real world attacks could take place - and how to defend them.","updated_timestamp":{"seconds":1722720713,"nanoseconds":0},"speakers":[{"content_ids":[54216,55274],"conference_id":133,"event_ids":[55664,54589],"name":"Kevin \"Kent\" Clark","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"BC Security","title":"Red Team Instructor"},{"organization":"TrustedSec","title":"Security Consultant"}],"pronouns":null,"links":[{"description":"","title":"Blog","sort_order":0,"url":"https://henpeebin.com/kevin/blog"}],"media":[],"id":53853,"title":"Security Consultant at TrustedSec"},{"content_ids":[55290,55309,55957,55274],"conference_id":133,"event_ids":[55699,56573,55664,55680],"name":"Omar Santos","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@santosomar)","sort_order":0,"url":"https://twitter.com/santosomar"}],"media":[],"id":55860},{"content_ids":[55274],"conference_id":133,"event_ids":[55664],"name":"Graham Helton","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56336}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T21:31:53Z","links":[],"end":"2024-08-09T20:50:00.000-0000","id":55664,"tag_ids":[46373,46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46488,"sort_order":2,"person_id":55860},{"tag_id":46487,"sort_order":4,"person_id":56336},{"tag_id":46487,"sort_order":6,"person_id":53853}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-03T21:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"DC NextGen / Youth Challenge Area at Red Team Village","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1721595757,"nanoseconds":0},"speakers":[{"content_ids":[55273],"conference_id":133,"event_ids":[55663,55712,55713],"name":"RTV Staff","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@redteamvillage_)","sort_order":0,"url":"https://twitter.com/redteamvillage_"}],"media":[],"id":55852}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T21:02:37Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":55663,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55852}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Ascension","hotel":"","short_name":"Ascension","id":46504},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-21T21:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this workshop, we distill key tactics from the comprehensive Practical Physical Exploitation course, tailored specifically for penetration testers looking to attack Physical Access Controls (PACS).\n\nParticipants will embark on a journey through the ins and outs of cloning badges during physical penetration tests. Explore the intricacies of long-range, short-range, and Stealth cloning tactics, gaining hands-on experience in the art of badge duplication. Delve into the realm of implantable devices, understanding their role in modern access control exploitation.\n\nJoin us as we uncover the nuances of downgrade/upgrade attacks and the protocols that make them possible. Learn to navigate the landscape of access control systems with expert guidance, equipping yourself with the knowledge to identify and exploit vulnerabilities.\n\nBy the end of this session, you'll wield an arsenal of cutting-edge techniques, ready to transform your facility into a bastion of high-security readiness. Don't miss this opportunity to elevate your skills and refine your physical security penetration testing skills.\n\n\n","media":[],"title":"Badge Cloning: A Penetration Tester's Guide to Capturing and Writing Badges","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T21:50:00Z","end_timestamp":{"seconds":1723240200,"nanoseconds":0},"android_description":"In this workshop, we distill key tactics from the comprehensive Practical Physical Exploitation course, tailored specifically for penetration testers looking to attack Physical Access Controls (PACS).\n\nParticipants will embark on a journey through the ins and outs of cloning badges during physical penetration tests. Explore the intricacies of long-range, short-range, and Stealth cloning tactics, gaining hands-on experience in the art of badge duplication. Delve into the realm of implantable devices, understanding their role in modern access control exploitation.\n\nJoin us as we uncover the nuances of downgrade/upgrade attacks and the protocols that make them possible. Learn to navigate the landscape of access control systems with expert guidance, equipping yourself with the knowledge to identify and exploit vulnerabilities.\n\nBy the end of this session, you'll wield an arsenal of cutting-edge techniques, ready to transform your facility into a bastion of high-security readiness. Don't miss this opportunity to elevate your skills and refine your physical security penetration testing skills.","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55272],"conference_id":133,"event_ids":[55662],"name":"Travis Weathers","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@tweathers_sec)","sort_order":0,"url":"https://twitter.com/tweathers_sec"}],"media":[],"id":55825},{"content_ids":[55272,55750],"conference_id":133,"event_ids":[55662,56275],"name":"Ralph May","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Black Hills Information Security (BHIS)","title":"Security Analyst and Penetration Tester"}],"links":[],"pronouns":null,"media":[],"id":55826,"title":"Security Analyst and Penetration Tester at Black Hills Information Security (BHIS)"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T21:50:00.000-0000","id":55662,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55825},{"tag_id":46167,"sort_order":4,"person_id":55826}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this session, we'll translate PCAPs, STIX objects, or detection repositories into attack scenarios and send test data to a data lake/SIEM to test detection logic and organizational context. We'll write scenarios in descriptive language, and give public access to a bunch of scenario content for participants to use and contribute to, as well as leave with the data to test your environment with at home if you want, and public access to the free tools to use scenarios.\n\n\n","media":[],"title":"Adversary Simulation: Using Blue Eyes to See Red","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T20:50:00Z","end_timestamp":{"seconds":1723236600,"nanoseconds":0},"android_description":"In this session, we'll translate PCAPs, STIX objects, or detection repositories into attack scenarios and send test data to a data lake/SIEM to test detection logic and organizational context. We'll write scenarios in descriptive language, and give public access to a bunch of scenario content for participants to use and contribute to, as well as leave with the data to test your environment with at home if you want, and public access to the free tools to use scenarios.","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55271],"conference_id":133,"event_ids":[55661],"name":"Fred Wilmot","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@fewdisc)","sort_order":0,"url":"https://twitter.com/fewdisc"}],"media":[],"id":55822},{"content_ids":[55271],"conference_id":133,"event_ids":[55661],"name":"Sebastien Tricaud","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55823}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T20:50:00.000-0000","id":55661,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55822},{"tag_id":46167,"sort_order":4,"person_id":55823}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Artificial intelligence (AI) promises to be a game-changing technology across industries, but when it comes to identifying and mitigating complex cybersecurity threats, AI still falls short. The inherent nature of malicious attacks and the sophistication of hackers ultimately hamper even the most advanced AI systems currently available. There are many critical jobs where AI cannot replace humans due to the limits of current technology in exercising judgment, especially in undefined and complex situations. AI can only process information it has been trained on, lacking real-world experience and the discernment needed for high-stakes decision making.\n\n\n","media":[],"title":"Worried about AI taking your job? Then this talk is for you.","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"Artificial intelligence (AI) promises to be a game-changing technology across industries, but when it comes to identifying and mitigating complex cybersecurity threats, AI still falls short. The inherent nature of malicious attacks and the sophistication of hackers ultimately hamper even the most advanced AI systems currently available. There are many critical jobs where AI cannot replace humans due to the limits of current technology in exercising judgment, especially in undefined and complex situations. AI can only process information it has been trained on, lacking real-world experience and the discernment needed for high-stakes decision making.","updated_timestamp":{"seconds":1721495180,"nanoseconds":0},"speakers":[{"content_ids":[55193],"conference_id":133,"event_ids":[55583],"name":"Levone Campbell","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Incident Response & Cyber Operations Consultant"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/levone-campbell-mba-mps-cissp-3b305234/"},{"description":"","title":"Mastodon (@BillClintonJr@mastodon.social)","sort_order":0,"url":"https://mastodon.social/@BillClintonJr"}],"media":[],"id":55805,"title":"Incident Response & Cyber Operations Consultant"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T17:06:20Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":55583,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55805}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-20T17:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This research aims to enhance electric vehicle cybersecurity by uncovering vulnerabilities in the Electric Vehicle Communication Controller (EVCC), crucial for charging communication. We've developed a specialized security tool after examining electric vehicle charging ports and On-Board Charging (OBC) protocols, with a focus on ISO 15118 standards.\n\n\n","media":[],"title":"V2GEvil: Ghost in the wires","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:30:00Z","end_timestamp":{"seconds":1723235400,"nanoseconds":0},"android_description":"This research aims to enhance electric vehicle cybersecurity by uncovering vulnerabilities in the Electric Vehicle Communication Controller (EVCC), crucial for charging communication. We've developed a specialized security tool after examining electric vehicle charging ports and On-Board Charging (OBC) protocols, with a focus on ISO 15118 standards.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54564,54526],"conference_id":133,"event_ids":[54899,54939],"name":"Thomas \"Cr0wTom\" Sermpinis","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Auxilium Pentest Labs","title":"Technical Director"}],"pronouns":"he/him","links":[{"description":"","title":"cr0wsplace.com","sort_order":0,"url":"https://cr0wsplace.com"}],"media":[],"id":54059,"title":"Technical Director at Auxilium Pentest Labs"},{"content_ids":[54564],"conference_id":133,"event_ids":[54939],"name":"Pavel Khunt","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Auxilium Pentest Labs","title":"Automotive Security Researcher and Penetration Tester"}],"links":[],"pronouns":null,"media":[],"id":54306,"title":"Automotive Security Researcher and Penetration Tester at Auxilium Pentest Labs"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T20:30:00.000-0000","id":54939,"tag_ids":[46375,46419,46438,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54306},{"tag_id":46167,"sort_order":6,"person_id":54059}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Seems like the world has completely changed in the last 12-24 months:\r\n\r\n- Multiple Global Conflicts\r\n- Launch of ChatGPT\r\n- CISO’s being held personally accountable for security breaches\r\n- Government Regulations on security\r\n- Economic Uncertainties (interest rates, layoffs)\r\n\r\nAll of these changes have played a major role in reshaping the security landscape. From adversaries with political motivations to another just trying to provide for his/her family. Security is no longer just your job, but you could actually be held personally liable. Oh and don’t forget that an adversary now has the ability to rewrite vulnerabilities with the click of a button, or can create deep fakes so real that a zoom call with multiple “people” was undetectable by a real person.\n\n\n","media":[],"title":"Preparing for the Future: A Discussion of our Rapidly Evolving Threat Landscape","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:30:00Z","end_timestamp":{"seconds":1723235400,"nanoseconds":0},"android_description":"Seems like the world has completely changed in the last 12-24 months:\r\n\r\n- Multiple Global Conflicts\r\n- Launch of ChatGPT\r\n- CISO’s being held personally accountable for security breaches\r\n- Government Regulations on security\r\n- Economic Uncertainties (interest rates, layoffs)\r\n\r\nAll of these changes have played a major role in reshaping the security landscape. From adversaries with political motivations to another just trying to provide for his/her family. Security is no longer just your job, but you could actually be held personally liable. Oh and don’t forget that an adversary now has the ability to rewrite vulnerabilities with the click of a button, or can create deep fakes so real that a zoom call with multiple “people” was undetectable by a real person.","updated_timestamp":{"seconds":1720394121,"nanoseconds":0},"speakers":[{"content_ids":[54563],"conference_id":133,"event_ids":[54938],"name":"Jamie Hardy","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Intuit","title":"Principal Product Manager"}],"links":[],"pronouns":null,"media":[],"id":54218,"title":"Principal Product Manager at Intuit"},{"content_ids":[54563],"conference_id":133,"event_ids":[54938],"name":"Rachael Tubbs","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54228},{"content_ids":[54563],"conference_id":133,"event_ids":[54938],"name":"Ted Harrington","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Independent Security Evaluators","title":"Executive Partner"}],"links":[],"pronouns":null,"media":[],"id":54231,"title":"Executive Partner at Independent Security Evaluators"},{"content_ids":[54563],"conference_id":133,"event_ids":[54938],"name":"Steve McGregory ","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Keysight Technologies","title":"Senior Director of the Cybersecurity Center of Excellence (COE)"}],"links":[],"pronouns":null,"media":[],"id":54242,"title":"Senior Director of the Cybersecurity Center of Excellence (COE) at Keysight Technologies"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T23:15:21Z","links":[],"end":"2024-08-09T20:30:00.000-0000","id":54938,"tag_ids":[46383,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54218},{"tag_id":46167,"sort_order":1,"person_id":54228},{"tag_id":46167,"sort_order":1,"person_id":54242},{"tag_id":46167,"sort_order":1,"person_id":54231}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-07T23:15:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Often there are times to collect #allTheWireless, but with that comes some planning, we've created a modular survey system and developed an Elastic-based analytic platform named PacketGlass to visualize and explore the terabytes of information collected over multiple surveys. Our system collects all data types supported by Kismet plus raw PCAP data, ingests the data, and displays tens of millions of devices in an easy to query and display manner. Using different parsing techniques, We plan to show how to build one of these survey platforms and discuss the methodology used to transform Elastic into a robust analytical platform.\n\n\n","media":[],"title":"MoWireless MoProblems: Modular Wireless Survey Systems and the Data Analytics That Love Them","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:30:00Z","end_timestamp":{"seconds":1723235400,"nanoseconds":0},"android_description":"Often there are times to collect #allTheWireless, but with that comes some planning, we've created a modular survey system and developed an Elastic-based analytic platform named PacketGlass to visualize and explore the terabytes of information collected over multiple surveys. Our system collects all data types supported by Kismet plus raw PCAP data, ingests the data, and displays tens of millions of devices in an easy to query and display manner. Using different parsing techniques, We plan to show how to build one of these survey platforms and discuss the methodology used to transform Elastic into a robust analytical platform.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54562],"conference_id":133,"event_ids":[54937],"name":"Geoff Horvath","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Alsatian Consulting, LLC","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":54293,"title":"Founder at Alsatian Consulting, LLC"},{"content_ids":[54562],"conference_id":133,"event_ids":[54937],"name":"Winson Tam","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54344}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T20:30:00.000-0000","id":54937,"tag_ids":[46385,46419,46438,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54293},{"tag_id":46167,"sort_order":1,"person_id":54344}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There are loads of ways to get through a door without actually attacking the lock itself, including using the egress hardware, access control hardware, and countless other techniques to gain entry. Learn how to do these attacks in this talk!\n\n\n","media":[],"title":"Bypass 101","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"There are loads of ways to get through a door without actually attacking the lock itself, including using the egress hardware, access control hardware, and countless other techniques to gain entry. Learn how to do these attacks in this talk!","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54561],"conference_id":133,"event_ids":[54936],"name":"Sam Mayers","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Beazley Security","title":"Security Researcher"}],"links":[],"pronouns":null,"media":[],"id":54237,"title":"Security Researcher at Beazley Security"},{"content_ids":[54561,54621,55796],"conference_id":133,"event_ids":[56873,56345,54936,54995],"name":"Karen Ng","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GGR Security","title":"Risk Analyst"}],"links":[],"pronouns":null,"media":[],"id":54281,"title":"Risk Analyst at GGR Security"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":54936,"tag_ids":[46169,46387,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54281},{"tag_id":46167,"sort_order":1,"person_id":54237}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Secure Shell (SSH) has evolved from a remote shell service to a standardized secure transport that is second only to Transport Layer Security (TLS) in terms of exposure and popularity. SSH is no longer just for POSIX operating systems; SSH services can be found in everything from network devices, to source code forges, to Windows-based file transfer tools. While OpenSSH is still the most prominent implementation, it's now just one of dozens, and these include a handful of libraries that drive a wide range of applications. This presentation digs deep into SSH, the lesser-known implementations, many of the surprising security issues found along the way, and how to exploit them. As part of this talk, we will release an open source tool, dubbed \"sshamble\", that assists with research and security testing of SSH services. \n\n\n","media":[],"title":"Sshamble: Unexpected Exposures in the Secure Shell","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"The Secure Shell (SSH) has evolved from a remote shell service to a standardized secure transport that is second only to Transport Layer Security (TLS) in terms of exposure and popularity. SSH is no longer just for POSIX operating systems; SSH services can be found in everything from network devices, to source code forges, to Windows-based file transfer tools. While OpenSSH is still the most prominent implementation, it's now just one of dozens, and these include a handful of libraries that drive a wide range of applications. This presentation digs deep into SSH, the lesser-known implementations, many of the surprising security issues found along the way, and how to exploit them. As part of this talk, we will release an open source tool, dubbed \"sshamble\", that assists with research and security testing of SSH services.","updated_timestamp":{"seconds":1720307459,"nanoseconds":0},"speakers":[{"content_ids":[54452],"conference_id":133,"event_ids":[54825],"name":"HD Moore","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"runZero","title":"CEO and Co-Founder"}],"links":[],"pronouns":"he/him","media":[],"id":54105,"title":"CEO and Co-Founder at runZero"},{"content_ids":[54452],"conference_id":133,"event_ids":[54825],"name":"Rob King","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"runZero","title":"Director of Security Research"}],"links":[],"pronouns":null,"media":[],"id":54132,"title":"Director of Security Research at runZero"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:59Z","links":[],"end":"2024-08-09T20:45:00.000-0000","id":54825,"tag_ids":[46166,46169,46419,46437,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54105},{"tag_id":46167,"sort_order":2,"person_id":54132}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The DEF CON community challenges the status quo, bringing a diversity of perspectives and ideas to identify hidden problems and solutions. While DARPA lays claim to the origin of the ARPANET/internet, vast communities of people with different interests created its novel components. The DARPA Cyber Grand Challenge helped launch the field of vulnerability detection and remediation and numerous DARPA Cyber Fast Track program performers continue to contribute to DEF CON. \n\nWhat if current vulnerabilities all magically disappeared overnight and critical infrastructure were “safe and secure” for the time being. What would come next? \n\nIn this talk, Dr. Stefanie Tompkins will discuss the value of the hacker community and many of the contributions that have come from it, as well as the growth and synergy of the two communities. She’ll also explore the question of what comes next.\n\nFor a deeper dive into the real-world impacts of DARPA cyber technologies, Dr. Renee Wegrzyn, the inaugural director of the Advanced Research Projects Agency for Health (ARPA-H), will join Stefanie and a moderator. They will discuss efforts that impact DEF CON areas of interest and inform ARPA-H work, from Cyber Fast Track to current work focused on securing and defending hospitals and the health tech ecosystem from cyberattacks. \n\n\n","media":[],"title":"If Existing Cyber Vulnerabilities Magically Disappeared Overnight, What Would Be Next?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"The DEF CON community challenges the status quo, bringing a diversity of perspectives and ideas to identify hidden problems and solutions. While DARPA lays claim to the origin of the ARPANET/internet, vast communities of people with different interests created its novel components. The DARPA Cyber Grand Challenge helped launch the field of vulnerability detection and remediation and numerous DARPA Cyber Fast Track program performers continue to contribute to DEF CON. \n\nWhat if current vulnerabilities all magically disappeared overnight and critical infrastructure were “safe and secure” for the time being. What would come next? \n\nIn this talk, Dr. Stefanie Tompkins will discuss the value of the hacker community and many of the contributions that have come from it, as well as the growth and synergy of the two communities. She’ll also explore the question of what comes next.\n\nFor a deeper dive into the real-world impacts of DARPA cyber technologies, Dr. Renee Wegrzyn, the inaugural director of the Advanced Research Projects Agency for Health (ARPA-H), will join Stefanie and a moderator. They will discuss efforts that impact DEF CON areas of interest and inform ARPA-H work, from Cyber Fast Track to current work focused on securing and defending hospitals and the health tech ecosystem from cyberattacks.","updated_timestamp":{"seconds":1720307458,"nanoseconds":0},"speakers":[{"content_ids":[54451],"conference_id":133,"event_ids":[54824],"name":"Dr. Renee Wegrzyn","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Advanced Research Projects Agency for Health (ARPA-H)","title":"First Director"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/renee-wegrzyn-ba00643/"}],"media":[],"id":54123,"title":"First Director at Advanced Research Projects Agency for Health (ARPA-H)"},{"content_ids":[54451],"conference_id":133,"event_ids":[54824],"name":"Peiter “Mudge” Zatko","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DARPA","title":"Chief Information Officer"}],"links":[],"pronouns":null,"media":[],"id":54148,"title":"Chief Information Officer at DARPA"},{"content_ids":[54451],"conference_id":133,"event_ids":[54824],"name":"Dr. Stefanie Tompkins","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Defense Advanced Research Projects Agency (DARPA)","title":"Director"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/stefanie-tompkins-3180a9140/"}],"media":[],"id":54151,"title":"Director at Defense Advanced Research Projects Agency (DARPA)"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:58Z","links":[],"end":"2024-08-09T20:45:00.000-0000","id":54824,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54151},{"tag_id":46167,"sort_order":4,"person_id":54123},{"tag_id":46167,"sort_order":6,"person_id":54148}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Endpoint detection and response (EDR) software has gained significant market share due to its ability to examine system state for signs of malware and attacker activity well beyond what traditional anti-virus software is capable of detecting. This deep inspection capability of EDRs has led to an arms race with malware developers who want to evade EDRs while still achieving desired goals, such as code injection, lateral movement, and credential theft. This monitoring and evasion occurs in the lowest levels of hardware and software, including call stack frames, exception handlers, system calls, and manipulation of native instructions. Given this reality, EDRs are limited in how much lower they can operate to maintain an advantage. The success of EDR bypasses has led to their use in many high-profile attacks and by prolific ransomware groups.\r\n \r\nIn this talk, we discuss our research effort that led to the development of new memory forensics techniques for the detection of the bypasses that malware uses to evade EDRs. This includes bypass techniques, such as direct and indirect system calls, module overwriting, malicious exceptions handlers, and abuse of debug registers. Our developed capabilities were created as new plugins to the Volatility memory analysis framework, version 3, and will be released after the talk.\r\n\r\n1. “Operation Dragon Castling: APT group targeting betting companies,” [link](https://cymulate.com/threats/operation-dragon-castling-apt-group-targeting-betting-companies/), 2023.\r\n2. “Defeating Guloader Anti-Analysis Technique,” [link](https://unit42.paloaltonetworks.com/guloader-variant-anti-analysis/), 2023.\r\n3. “A Deep Dive Into ALPHV/BlackCat Ransomware,” [link](https://securityscorecard.com/research/deep-dive-into-alphv-blackcat-ransomware/), 2024.\r\n4. “APT Operation Skeleton Key,” [link](https://cycraft.com/download/CyCraft-Whitepaper-Chimera%20V4.1.pdf), 2023.\r\n5. “LockBit Ransomware Side-loads Cobalt Strike Beacon with Legitimate VMware Utility,” [link](https://www.sentinelone.com/labs/lockbit-ransomware-side-loads-cobalt-strike-beacon-with-legitimate-vmware-utility/), 2024.19\r\n6. “BlueBravo Uses Ambassador Lure to Deploy,” [link](https://go.recordedfuture.com/hubfs/reports/cta-2023-0127.pdf), 2024.\r\n7. “UNMASKING THE DARK ART OF VECTORED EXCEPTION HANDLING: BYPASSING XDR AND EDR IN THE EVOLVING CYBER THREAT LANDSCAPE,” [link](https://blackhatmea.com/session/unmasking-dark-art-vectored-exception-handling-bypassing-xdr-and-edr-evolving-cyber-threat), 2023.\r\n8. “Dirty Vanity: A New Approach to Code injection & EDR by-pass,” [link](https://i.blackhat.com/EU-22/Thursday-Briefings/EU-22-Nissan-DirtyVanity.pdf), 2022.\r\n9. Volexity, “Surge Collect Pro,” [link](https://www.volexity.com/products-overview/surge/), 2022.\r\n10. “capstone,” [link](https://www.capstone-engine.org/), 2024.\r\n11. “Silencing cylance: A case study in modern edrs,” [link](https://www.mdsec.co.uk/2019/03/silencing-cylance-a-case-study-in-modern-edrs/), 2019.\r\n12. “Av/edr evasion — malware development p — 3,” [link](https://medium.com/@0xHossam/unhooking-memory-object-hiding-3229b75618f7), 2023.\r\n13. “A practical guide to bypassing userland api hooking,” [link](https://www.advania.co.uk/insights/blog/a-practical-guide-to-bypassing-userland-api-hooking/), 2022.\r\n14. A. Case, A. Ali-Gombe, M. Sun, R. Maggio, M. Firoz-Ul-Amin, M. Jalalzai, and G. G. R. III, “HookTracer: A System for Automated and Accessible API Hooks Analysis,” Proceedings of the 18th Annual Digital Forensics Research Conference (DFRWS), 2019.\r\n15. F. Block, “Windows memory forensics: Identification of (malicious) modifications in memory-mapped image files,” Forensic Science International: Digital Investigation, 2023. (Online). Available: [link](https://www.sciencedirect.com/science/article/pii/S2666281723000707)\r\n16. F. Block and A. Dewald, “Windows memory forensics: Detecting (un)intentionally hidden injected code by examining page table entries,” Digital Investigation, vol. 29, pp. S3–S12, 07 2019.\r\n17. “CCob,” [link](https://github.com/CCob/SylantStrike/tree/master), 2024.\r\n18. “Lets Create An EDR. . . And Bypass It! Part 1,” [link](https://ethicalchaos.dev/2020/05/27/lets-create-an-edr-and-bypass-it-part-1/), 2020.\r\n19. “r77 rootkit,” [link](https://github.com/bytecode77/r77-rootkit/), 2024.\r\n20. “Deep Vanity,” [link](https://github.com/deepinstinct/Dirty-Vanity), 2022. 20\r\n21. “Peruns-Fart,” [link](https://github.com/plackyhacker/Peruns-Fart/), 2023.\r\n22. “FREEZE – A PAYLOAD TOOLKIT FOR BYPASSING EDRS USING SUSPENDED PROCESSES,” [link](https://www.hawk-eye.io/2023/06/freeze-a-payload-toolkit-for-bypassing-edrs-using-suspended-processes/), 2023.\r\n23. “Process Cloning,” [link](https://github.com/huntandhackett/process-cloning), 2023.\r\n24. “APT Group Chimera,” [link](https://cycraft.com/download/CyCraft-Whitepaper-Chimera%20V4.1.pdf), 2022.\r\n25. “Red Team Tactics: Combining Direct System Calls and sRDI to bypass AV/EDR,” [link](https://www.outflank.nl/blog/2019/06/19/red-team-tactics-combining-direct-system-calls-and-srdi-to-bypass-av-edr/), 2019.\r\n26. “Hell’s Gate,” [link](https://github.com/am0nsec/HellsGate/blob/master/hells-gate.pdf), 2020.\r\n27. “Halo’s Gate,” [link](https://blog.sektor7.net/#!res/2021/halosgate.md), 2021.\r\n28. “Tartarus Gate,” [link](https://trickster0.github.io/posts/Halo’s-Gate-Evolves-to-Tartarus-Gate/), 2021.\r\n29. “Bypassing User-Mode Hooks and Direct Invocation of System Calls for Red Teams,” [link](https://www.mdsec.co.uk/2020/12/bypassing-user-mode-hooks-and-direct-invocation-of-system-calls-for-red-teams/), 2020.\r\n30. “SysWhispers2,” [link](https://github.com/jthuraisamy/SysWhispers2), 2022.\r\n31. “An Introduction into Stack Spoofing,” [link](https://dtsec.us/2023-09-15-StackSpoofin/), 2023.\r\n32. “SilentMoonwalk: Implementing a dynamic Call Stack Spoofer,” [link](https://klezvirus.github.io/RedTeaming/AV%20Evasion/StackSpoofing/), 2022.\r\n33. “Spoofing Call Stacks To Confuse EDRs,” [link](https://labs.withsecure.com/publications/spoofing-call-stacks-to-confuse-edrs), 2022.\r\n34. “Behind the Mask: Spoofing Call Stacks Dynamically with Timers,” [link](https://www.cobaltstrike.com/blog/behind-the-mask-spoofing-call-stacks-dynamically-with-timers), 2022.\r\n35. “HellHall,” [link](https://github.com/Maldev-Academy/HellHall), 2023.\r\n36. [link](http://phrack.org/issues/65/8.html#article), 2008.\r\n37. “Defeating Guloader Anti-Analysis Technique,” [link](https://unit42.paloaltonetworks.com/guloader-variant-anti-analysis/), 2022.21\r\n38. “GULoader Campaigns: A Deep Dive Analysis of a highly evasive Shellcode based loader,” [link](https://www.mcafee.com/blogs/other-blogs/mcafee-labs/guloader-campaigns-a-deep-dive-analysis-of-a-highly-evasive-shellcode-based-loader/), 2023.\r\n39. “Gh0stRat Anti-Debugging : Nested SEH (try - catch) to Decrypt and Load its Payload,” [link](https://tccontre.blogspot.com/2021/02/gh0strat-anti-debugging-nested-seh-try.html), 2021.\r\n40. “Syscalls via Vectored Exception Handling,” [link](https://redops.at/en/blog/syscalls-via-vectored-exception-handling), 2024.\r\n41. “Bypassing AV/EDR Hooks via Vectored Syscall - POC,” [link](https://cyberwarfare.live/bypassing-av-edr-hooks-via-vectored-syscall-poc/), 2022.\r\n42. “MutationGate,” [link](https://github.com/senzee1984/MutationGate/tree/main), 2024.\r\n43. Cymulate Research, “BlindSide,” [link](https://github.com/CymulateResearch/Blindside/blob/main/Blindside/Blindside.cpp#L31), 2023.\r\n44. “In-Process Patchless AMSI Bypass,” [link](https://ethicalchaos.dev/2022/04/17/in-process-patchless-amsi-bypass/), 2022.\r\n45. “PatchlessCLR,” [link](https://github.com/VoldeSec/PatchlessCLRLoader/tree/main), 2022.\r\n46. “Dumping the VEH in Windows 10,” [link](https://dimitrifourny.github.io/2020/06/11/dumping-veh-win10.html), 2020.\r\n47. “Detecting anomalous Vectored Exception Handlers on Windows,” [link](https://research.nccgroup.com/2022/03/01/detecting-anomalous-vectored-exception-handlers-on-windows/), 2022.\r\n48. “SetUnhandledExceptionFilter,” [link](https://learn.microsoft.com/en-us/windows/win32/api/errhandlingapi/nf-errhandlingapi-setunhandledexceptionfilter), 2024.\r\n\n\n\n","media":[],"title":"Defeating EDR Evading Malware with Memory Forensics","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"Endpoint detection and response (EDR) software has gained significant market share due to its ability to examine system state for signs of malware and attacker activity well beyond what traditional anti-virus software is capable of detecting. This deep inspection capability of EDRs has led to an arms race with malware developers who want to evade EDRs while still achieving desired goals, such as code injection, lateral movement, and credential theft. This monitoring and evasion occurs in the lowest levels of hardware and software, including call stack frames, exception handlers, system calls, and manipulation of native instructions. Given this reality, EDRs are limited in how much lower they can operate to maintain an advantage. The success of EDR bypasses has led to their use in many high-profile attacks and by prolific ransomware groups.\r\n \r\nIn this talk, we discuss our research effort that led to the development of new memory forensics techniques for the detection of the bypasses that malware uses to evade EDRs. This includes bypass techniques, such as direct and indirect system calls, module overwriting, malicious exceptions handlers, and abuse of debug registers. Our developed capabilities were created as new plugins to the Volatility memory analysis framework, version 3, and will be released after the talk.\r\n\r\n1. “Operation Dragon Castling: APT group targeting betting companies,” [link](https://cymulate.com/threats/operation-dragon-castling-apt-group-targeting-betting-companies/), 2023.\r\n2. “Defeating Guloader Anti-Analysis Technique,” [link](https://unit42.paloaltonetworks.com/guloader-variant-anti-analysis/), 2023.\r\n3. “A Deep Dive Into ALPHV/BlackCat Ransomware,” [link](https://securityscorecard.com/research/deep-dive-into-alphv-blackcat-ransomware/), 2024.\r\n4. “APT Operation Skeleton Key,” [link](https://cycraft.com/download/CyCraft-Whitepaper-Chimera%20V4.1.pdf), 2023.\r\n5. “LockBit Ransomware Side-loads Cobalt Strike Beacon with Legitimate VMware Utility,” [link](https://www.sentinelone.com/labs/lockbit-ransomware-side-loads-cobalt-strike-beacon-with-legitimate-vmware-utility/), 2024.19\r\n6. “BlueBravo Uses Ambassador Lure to Deploy,” [link](https://go.recordedfuture.com/hubfs/reports/cta-2023-0127.pdf), 2024.\r\n7. “UNMASKING THE DARK ART OF VECTORED EXCEPTION HANDLING: BYPASSING XDR AND EDR IN THE EVOLVING CYBER THREAT LANDSCAPE,” [link](https://blackhatmea.com/session/unmasking-dark-art-vectored-exception-handling-bypassing-xdr-and-edr-evolving-cyber-threat), 2023.\r\n8. “Dirty Vanity: A New Approach to Code injection & EDR by-pass,” [link](https://i.blackhat.com/EU-22/Thursday-Briefings/EU-22-Nissan-DirtyVanity.pdf), 2022.\r\n9. Volexity, “Surge Collect Pro,” [link](https://www.volexity.com/products-overview/surge/), 2022.\r\n10. “capstone,” [link](https://www.capstone-engine.org/), 2024.\r\n11. “Silencing cylance: A case study in modern edrs,” [link](https://www.mdsec.co.uk/2019/03/silencing-cylance-a-case-study-in-modern-edrs/), 2019.\r\n12. “Av/edr evasion — malware development p — 3,” [link](https://medium.com/@0xHossam/unhooking-memory-object-hiding-3229b75618f7), 2023.\r\n13. “A practical guide to bypassing userland api hooking,” [link](https://www.advania.co.uk/insights/blog/a-practical-guide-to-bypassing-userland-api-hooking/), 2022.\r\n14. A. Case, A. Ali-Gombe, M. Sun, R. Maggio, M. Firoz-Ul-Amin, M. Jalalzai, and G. G. R. III, “HookTracer: A System for Automated and Accessible API Hooks Analysis,” Proceedings of the 18th Annual Digital Forensics Research Conference (DFRWS), 2019.\r\n15. F. Block, “Windows memory forensics: Identification of (malicious) modifications in memory-mapped image files,” Forensic Science International: Digital Investigation, 2023. (Online). Available: [link](https://www.sciencedirect.com/science/article/pii/S2666281723000707)\r\n16. F. Block and A. Dewald, “Windows memory forensics: Detecting (un)intentionally hidden injected code by examining page table entries,” Digital Investigation, vol. 29, pp. S3–S12, 07 2019.\r\n17. “CCob,” [link](https://github.com/CCob/SylantStrike/tree/master), 2024.\r\n18. “Lets Create An EDR. . . And Bypass It! Part 1,” [link](https://ethicalchaos.dev/2020/05/27/lets-create-an-edr-and-bypass-it-part-1/), 2020.\r\n19. “r77 rootkit,” [link](https://github.com/bytecode77/r77-rootkit/), 2024.\r\n20. “Deep Vanity,” [link](https://github.com/deepinstinct/Dirty-Vanity), 2022. 20\r\n21. “Peruns-Fart,” [link](https://github.com/plackyhacker/Peruns-Fart/), 2023.\r\n22. “FREEZE – A PAYLOAD TOOLKIT FOR BYPASSING EDRS USING SUSPENDED PROCESSES,” [link](https://www.hawk-eye.io/2023/06/freeze-a-payload-toolkit-for-bypassing-edrs-using-suspended-processes/), 2023.\r\n23. “Process Cloning,” [link](https://github.com/huntandhackett/process-cloning), 2023.\r\n24. “APT Group Chimera,” [link](https://cycraft.com/download/CyCraft-Whitepaper-Chimera%20V4.1.pdf), 2022.\r\n25. “Red Team Tactics: Combining Direct System Calls and sRDI to bypass AV/EDR,” [link](https://www.outflank.nl/blog/2019/06/19/red-team-tactics-combining-direct-system-calls-and-srdi-to-bypass-av-edr/), 2019.\r\n26. “Hell’s Gate,” [link](https://github.com/am0nsec/HellsGate/blob/master/hells-gate.pdf), 2020.\r\n27. “Halo’s Gate,” [link](https://blog.sektor7.net/#!res/2021/halosgate.md), 2021.\r\n28. “Tartarus Gate,” [link](https://trickster0.github.io/posts/Halo’s-Gate-Evolves-to-Tartarus-Gate/), 2021.\r\n29. “Bypassing User-Mode Hooks and Direct Invocation of System Calls for Red Teams,” [link](https://www.mdsec.co.uk/2020/12/bypassing-user-mode-hooks-and-direct-invocation-of-system-calls-for-red-teams/), 2020.\r\n30. “SysWhispers2,” [link](https://github.com/jthuraisamy/SysWhispers2), 2022.\r\n31. “An Introduction into Stack Spoofing,” [link](https://dtsec.us/2023-09-15-StackSpoofin/), 2023.\r\n32. “SilentMoonwalk: Implementing a dynamic Call Stack Spoofer,” [link](https://klezvirus.github.io/RedTeaming/AV%20Evasion/StackSpoofing/), 2022.\r\n33. “Spoofing Call Stacks To Confuse EDRs,” [link](https://labs.withsecure.com/publications/spoofing-call-stacks-to-confuse-edrs), 2022.\r\n34. “Behind the Mask: Spoofing Call Stacks Dynamically with Timers,” [link](https://www.cobaltstrike.com/blog/behind-the-mask-spoofing-call-stacks-dynamically-with-timers), 2022.\r\n35. “HellHall,” [link](https://github.com/Maldev-Academy/HellHall), 2023.\r\n36. [link](http://phrack.org/issues/65/8.html#article), 2008.\r\n37. “Defeating Guloader Anti-Analysis Technique,” [link](https://unit42.paloaltonetworks.com/guloader-variant-anti-analysis/), 2022.21\r\n38. “GULoader Campaigns: A Deep Dive Analysis of a highly evasive Shellcode based loader,” [link](https://www.mcafee.com/blogs/other-blogs/mcafee-labs/guloader-campaigns-a-deep-dive-analysis-of-a-highly-evasive-shellcode-based-loader/), 2023.\r\n39. “Gh0stRat Anti-Debugging : Nested SEH (try - catch) to Decrypt and Load its Payload,” [link](https://tccontre.blogspot.com/2021/02/gh0strat-anti-debugging-nested-seh-try.html), 2021.\r\n40. “Syscalls via Vectored Exception Handling,” [link](https://redops.at/en/blog/syscalls-via-vectored-exception-handling), 2024.\r\n41. “Bypassing AV/EDR Hooks via Vectored Syscall - POC,” [link](https://cyberwarfare.live/bypassing-av-edr-hooks-via-vectored-syscall-poc/), 2022.\r\n42. “MutationGate,” [link](https://github.com/senzee1984/MutationGate/tree/main), 2024.\r\n43. Cymulate Research, “BlindSide,” [link](https://github.com/CymulateResearch/Blindside/blob/main/Blindside/Blindside.cpp#L31), 2023.\r\n44. “In-Process Patchless AMSI Bypass,” [link](https://ethicalchaos.dev/2022/04/17/in-process-patchless-amsi-bypass/), 2022.\r\n45. “PatchlessCLR,” [link](https://github.com/VoldeSec/PatchlessCLRLoader/tree/main), 2022.\r\n46. “Dumping the VEH in Windows 10,” [link](https://dimitrifourny.github.io/2020/06/11/dumping-veh-win10.html), 2020.\r\n47. “Detecting anomalous Vectored Exception Handlers on Windows,” [link](https://research.nccgroup.com/2022/03/01/detecting-anomalous-vectored-exception-handlers-on-windows/), 2022.\r\n48. “SetUnhandledExceptionFilter,” [link](https://learn.microsoft.com/en-us/windows/win32/api/errhandlingapi/nf-errhandlingapi-setunhandledexceptionfilter), 2024.","updated_timestamp":{"seconds":1720462370,"nanoseconds":0},"speakers":[{"content_ids":[54450],"conference_id":133,"event_ids":[54823],"name":"Austin Sellers","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Volexity","title":"Detection Engineer"}],"links":[],"pronouns":null,"media":[],"id":54070,"title":"Detection Engineer at Volexity"},{"content_ids":[54450],"conference_id":133,"event_ids":[54823],"name":"Andrew Case","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Volexity","title":"Director of Research"}],"links":[],"pronouns":"he/him","media":[],"id":54100,"title":"Director of Research at Volexity"},{"content_ids":[54450],"conference_id":133,"event_ids":[54823],"name":"Gustavo Moreira","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Volexity","title":"Senior Security Engineer"}],"links":[],"pronouns":null,"media":[],"id":54139,"title":"Senior Security Engineer at Volexity"},{"content_ids":[54450],"conference_id":133,"event_ids":[54823],"name":"David McDonald","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Volexity","title":"Volcano team"}],"links":[],"pronouns":null,"media":[],"id":54180,"title":"Volcano team at Volexity"},{"content_ids":[54450],"conference_id":133,"event_ids":[54823],"name":"Golden Richard","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Center for Computation and Technology (CCT) at LSU","title":"Professor of Computer Science and Engineering and Associate Director for Cybersecurity"}],"links":[],"pronouns":null,"media":[],"id":54186,"title":"Professor of Computer Science and Engineering and Associate Director for Cybersecurity at Center for Computation and Technology (CCT) at LSU"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:12:50Z","links":[],"end":"2024-08-09T20:45:00.000-0000","id":54823,"tag_ids":[46166,46169,46419,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54100},{"tag_id":46167,"sort_order":4,"person_id":54070},{"tag_id":46167,"sort_order":6,"person_id":54186},{"tag_id":46167,"sort_order":8,"person_id":54180},{"tag_id":46167,"sort_order":10,"person_id":54139}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-08T18:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Welcome to the “AI Art Battle\" Generative AI Art Contest! \r\n\r\nThis unique competition invites creative minds to dive into the world of artificial intelligence and art. The challenge is to craft the most imaginative prompts that will be used by generative AI models to create artwork.\r\n\r\nContestants will not be creating the art themselves; instead, they will focus on designing prompts for well-known topics that push the boundaries of creativity and innovation.\r\n\r\nHow It Works: \r\n\r\nSelect a Topic: Contestants will choose from a list of random topics. \r\n\r\nThese could range from historical events, famous literary works, mythical creatures, futuristic landscapes, to iconic pop culture references. \r\n\r\nCraft a Prompt: \r\n\r\nUsing their creativity, contestants will write a detailed prompt designed to guide AI models in generating original artwork. The prompts should be clear, imaginative, and offer enough detail to spark the AI's artistic capabilities. \r\n\r\nSubmission: Each contestant will submit their prompt and the intended outcome. \r\n\r\nAI Generation: The submitted prompts will be fed into a generative AI art model, which will create corresponding artworks based on the prompts.\r\n\r\nA random panel will determine who the winners are.\r\n\r\nSchedule:\r\n- 13:00 - 13:30 setup\r\n- 13:30 - 14:00 qualifiers\r\n- 14:00 - 15:00 contest\r\n\n\n\n","media":[{"hash_sha256":"7c7db21dd301cc94bb3871fdc1ae0446967c7ef507540de50b7d2c736a460a0d","filetype":"image/png","hash_md5":"89fe8dd9f1d2af64919f4583216681ca","name":"ct_ai_art_battle.png","is_logo":"Y","hash_crc32c":"c7772e60","filesize":634922,"asset_id":707,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_ai_art_battle.png"}],"title":"AI Art Battle","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"Welcome to the “AI Art Battle\" Generative AI Art Contest! \r\n\r\nThis unique competition invites creative minds to dive into the world of artificial intelligence and art. The challenge is to craft the most imaginative prompts that will be used by generative AI models to create artwork.\r\n\r\nContestants will not be creating the art themselves; instead, they will focus on designing prompts for well-known topics that push the boundaries of creativity and innovation.\r\n\r\nHow It Works: \r\n\r\nSelect a Topic: Contestants will choose from a list of random topics. \r\n\r\nThese could range from historical events, famous literary works, mythical creatures, futuristic landscapes, to iconic pop culture references. \r\n\r\nCraft a Prompt: \r\n\r\nUsing their creativity, contestants will write a detailed prompt designed to guide AI models in generating original artwork. The prompts should be clear, imaginative, and offer enough detail to spark the AI's artistic capabilities. \r\n\r\nSubmission: Each contestant will submit their prompt and the intended outcome. \r\n\r\nAI Generation: The submitted prompts will be fed into a generative AI art model, which will create corresponding artworks based on the prompts.\r\n\r\nA random panel will determine who the winners are.\r\n\r\nSchedule:\r\n- 13:00 - 13:30 setup\r\n- 13:30 - 14:00 qualifiers\r\n- 14:00 - 15:00 contest","updated_timestamp":{"seconds":1720390566,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T22:16:06Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249452"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249453"}],"end":"2024-08-09T22:00:00.000-0000","id":54610,"tag_ids":[46439,46491],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46334,"name":"LVCC - L1 - North Lobby Contests/ACK Stage","hotel":"","short_name":"North Lobby Contests/ACK Stage","id":46332},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-07T22:16:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ham radio is the original group of electronic hackers, starting long before computers, circuit chips, or even transistors. Continuing this pioneer spirit, The Ham Radio Village is offering free ham radio exams again at DEF CON! All are welcome to come and take the exam and get their amateur radio license upon passing. All three levels (technician, general, and amateur extra) of exams will be offered during DEF CON at the Ham Radio Village. Examinees are encouraged to study the question pool and take practice exams on ham.study.\r\n\r\nEverything we do today involves wireless communications of some sort, and a basic knowledge of how radio works is crucial. Getting your amateur radio license and entering the world of amateur radio will better equip you with knowledge about what goes on in the radio frequency domain, and this can be applied to other RF topics (like RFID credentials, WiFi, or anything else that communicated wirelessly)\n\n\n","media":[{"hash_sha256":"8121f8bfb8be2b701aea4941904ae7a178b8b90e84dd6cf786636abf65c33a38","filetype":"image/png","hash_md5":"d4129f6c22e4e172784f5759c4bb75d9","name":"pme_hamexams.png","is_logo":"Y","hash_crc32c":"ff2e55b6","filesize":31886,"asset_id":680,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_hamexams.png"}],"title":"Ham Radio Exams","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Ham radio is the original group of electronic hackers, starting long before computers, circuit chips, or even transistors. Continuing this pioneer spirit, The Ham Radio Village is offering free ham radio exams again at DEF CON! All are welcome to come and take the exam and get their amateur radio license upon passing. All three levels (technician, general, and amateur extra) of exams will be offered during DEF CON at the Ham Radio Village. Examinees are encouraged to study the question pool and take practice exams on ham.study.\r\n\r\nEverything we do today involves wireless communications of some sort, and a basic knowledge of how radio works is crucial. Getting your amateur radio license and entering the world of amateur radio will better equip you with knowledge about what goes on in the radio frequency domain, and this can be applied to other RF topics (like RFID credentials, WiFi, or anything else that communicated wirelessly)","updated_timestamp":{"seconds":1718812742,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T15:59:02Z","links":[{"label":"Website","type":"link","url":"https://hamvillage.org/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249512"},{"label":"Registration (Free)","type":"link","url":"https://ham.study/sessions/669069be6af12f90943be578/1"},{"label":"Twitter (@HamRadioVillage)","type":"link","url":"https://twitter.com/HamRadioVillage"}],"end":"2024-08-09T23:00:00.000-0000","id":54508,"tag_ids":[46365,46380],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W320","hotel":"","short_name":"W320","id":46299},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-06-19T15:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Enterprise users on their web browsers are prime targets for attackers, penetration testers, and red teamers. A common tactic involves tricking users into clicking on spear-phishing emails, downloading malicious documents or binaries, and subsequently compromising their systems. To mitigate these web-based initial access threats, enterprises deploy Secure Web Gateways (SWGs). SWGs are essentially SSL-intercepting cloud proxies that inspect web traffic, blocking attacks such as malicious file downloads, harmful websites, and scripts. Since all web traffic from users' browsers is routed through these proxies, SWGs have complete visibility into the scripts loading into users' browsers and the capability to block them.\n\nIn this talk, we will explore how to conduct reconnaissance against SWGs, identify the vendor and location, reconstruct the rules and policies applied, and identify bypasses based on these insights. We will introduce SWGRecon, a new tool designed to automate enumeration processes. This tool can be deployed as a JavaScript file for automatic enumeration and is complemented by a browser extension for certain scenarios. Our techniques have been rigorously tested against all the leading vendors in the market and have proven to be highly effective as of this writing.\n\nOur primary objective is to raise awareness about how easily an attacker can deploy JavaScript via their website or inject it into a known website, uncovering loopholes in SWG rules and policies. By exploiting these loopholes, attackers can bypass protections and deliver malware or malicious websites directly to enterprise users' browsers.\n\n\n","media":[],"title":"SWGRecon: Automate SWG Rules, Policy, and Bypass Enumeration","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:25:00Z","end_timestamp":{"seconds":1723235100,"nanoseconds":0},"android_description":"Enterprise users on their web browsers are prime targets for attackers, penetration testers, and red teamers. A common tactic involves tricking users into clicking on spear-phishing emails, downloading malicious documents or binaries, and subsequently compromising their systems. To mitigate these web-based initial access threats, enterprises deploy Secure Web Gateways (SWGs). SWGs are essentially SSL-intercepting cloud proxies that inspect web traffic, blocking attacks such as malicious file downloads, harmful websites, and scripts. Since all web traffic from users' browsers is routed through these proxies, SWGs have complete visibility into the scripts loading into users' browsers and the capability to block them.\n\nIn this talk, we will explore how to conduct reconnaissance against SWGs, identify the vendor and location, reconstruct the rules and policies applied, and identify bypasses based on these insights. We will introduce SWGRecon, a new tool designed to automate enumeration processes. This tool can be deployed as a JavaScript file for automatic enumeration and is complemented by a browser extension for certain scenarios. Our techniques have been rigorously tested against all the leading vendors in the market and have proven to be highly effective as of this writing.\n\nOur primary objective is to raise awareness about how easily an attacker can deploy JavaScript via their website or inject it into a known website, uncovering loopholes in SWG rules and policies. By exploiting these loopholes, attackers can bypass protections and deliver malware or malicious websites directly to enterprise users' browsers.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[54555,54470,55984,55899],"conference_id":133,"event_ids":[56606,56486,54843,54930],"name":"Vivek Ramachandran","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SquareX","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/vivekramachandran/"},{"description":"","title":"Twitter (@vivekramac)","sort_order":0,"url":"https://x.com/vivekramac"}],"media":[],"id":54075,"title":"Founder at SquareX"}],"begin_tsz":"2024-08-09T19:40:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T20:25:00.000-0000","id":56486,"tag_ids":[46391,46511],"village_id":null,"begin_timestamp":{"seconds":1723232400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54075}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T19:40:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Esta plática abordará detalles sobre tres investigaciones recientemente realizadas por el equipo de respuesta a incidentes (GERT) y el equipo de investigación (GReAT). La plática será impartida por María Isabel (GReAT) y Ashley Hiram (GERT) mostrando las investigaciones hechas en conjunto con la finalidad de brindar diferentes perspectivas, así como resaltar la colaboración y resultados de ambos equipos, resaltando que una de ellas nos permitió añadir una sub-técnica al MITRE ATT&CK.\r\n\r\nLas investigaciones a mostrar son conocidas como:\r\n\r\n\r\n- NKAbuse: Malware que utiliza Blockchain para su C2.\r\n- LockBit 3.0 Builder: Capacidades adicionales a LockBit.\r\n- Grandoreiro: Campañas de alcance global.\r\n\r\nWe will talk about three investigations recently conducted by the Incident Response Team (GERT) and the Investigation Team (GReAT). The talk will be given by María Isabel (GReAT) and Ashley Hiram (GERT) showing the research done together with the purpose of providing different perspectives, as well as highlighting the collaboration and results of both teams, highlighting that one of them allowed us to add a sub-technical to MITRE ATT&CK.\r\n\r\nThe investigations to be shown are known as:\r\n\r\n- NKAbuse: Malware that uses Blockchain for your C2.\r\n- LockBit 3.0 Builder: Additional capabilities to LockBit.\r\n- Grandoreiro: Global reach campaigns.\r\n\n\n\n","media":[],"title":"Mexicans Together - Un vistazo a recientes investigaciones de nuestros dos equipos globales","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:30:00Z","end_timestamp":{"seconds":1723235400,"nanoseconds":0},"android_description":"Esta plática abordará detalles sobre tres investigaciones recientemente realizadas por el equipo de respuesta a incidentes (GERT) y el equipo de investigación (GReAT). La plática será impartida por María Isabel (GReAT) y Ashley Hiram (GERT) mostrando las investigaciones hechas en conjunto con la finalidad de brindar diferentes perspectivas, así como resaltar la colaboración y resultados de ambos equipos, resaltando que una de ellas nos permitió añadir una sub-técnica al MITRE ATT&CK.\r\n\r\nLas investigaciones a mostrar son conocidas como:\r\n\r\n\r\n- NKAbuse: Malware que utiliza Blockchain para su C2.\r\n- LockBit 3.0 Builder: Capacidades adicionales a LockBit.\r\n- Grandoreiro: Campañas de alcance global.\r\n\r\nWe will talk about three investigations recently conducted by the Incident Response Team (GERT) and the Investigation Team (GReAT). The talk will be given by María Isabel (GReAT) and Ashley Hiram (GERT) showing the research done together with the purpose of providing different perspectives, as well as highlighting the collaboration and results of both teams, highlighting that one of them allowed us to add a sub-technical to MITRE ATT&CK.\r\n\r\nThe investigations to be shown are known as:\r\n\r\n- NKAbuse: Malware that uses Blockchain for your C2.\r\n- LockBit 3.0 Builder: Additional capabilities to LockBit.\r\n- Grandoreiro: Global reach campaigns.","updated_timestamp":{"seconds":1722701501,"nanoseconds":0},"speakers":[{"content_ids":[55960],"conference_id":133,"event_ids":[56576],"name":"Ashley Hiram M.","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Incident Response Specialist (GERT)"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ashley-hiram-m-382648a0/"},{"description":"","title":"Twitter (@3NTR0_py)","sort_order":0,"url":"https://twitter.com/3NTR0_py"}],"media":[],"id":56295,"title":"Incident Response Specialist (GERT)"},{"content_ids":[55960,55970],"conference_id":133,"event_ids":[56576,56586],"name":"Isabel Manjarrez","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Threat Researcher (GReAT)"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@IsMR0a)","sort_order":0,"url":"https://x.com/IsMR0a"}],"media":[],"id":56306,"title":"Threat Researcher (GReAT)"}],"begin_tsz":"2024-08-09T19:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T16:11:41Z","links":[],"end":"2024-08-09T20:30:00.000-0000","id":56576,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723231800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56295},{"tag_id":46167,"sort_order":4,"person_id":56306}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-09T19:30:00.000-0000","updated":"2024-08-03T16:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk will cover:\r\n- Timeline of stealer variants rise\r\n- Common stealer behaviors\r\n- The anatomy of a stealer log\r\n- An overview of stealer log sales and trading points in cybercrime communities\r\n- Insights from our analysis of millions of stealer logs\r\n- Automation pipeline for stealer log collection\r\n- Stealer log parsing and analysis\r\n- Post-discovery response\r\n- Other defensive strategies for stealer defense\n\n\nWhat would someone know about you if they had all of the credentials saved on your computer? More importantly what would you know about the world if you had 60 million random samples of all of the credentials saved on the' computers of others? Join Eric Clay and Nick Ascoli as they dive into the fascinating world of stealer logs. Nick & Eric have spent more than 6 months examining the world's most comprehensive stealer log data set to understand.... well everything. Nick and Eric will not only go deep and examine one of the most interesting data sets for intelligence around, but will demonstrate data pipelines you can implement for collecting and operationalizing stealer logs for defense.","media":[],"title":"Stealer Logs: Automation, Analysis, & Espionage in the World's Most Interesting Dataset","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:30:00Z","end_timestamp":{"seconds":1723235400,"nanoseconds":0},"android_description":"This talk will cover:\r\n- Timeline of stealer variants rise\r\n- Common stealer behaviors\r\n- The anatomy of a stealer log\r\n- An overview of stealer log sales and trading points in cybercrime communities\r\n- Insights from our analysis of millions of stealer logs\r\n- Automation pipeline for stealer log collection\r\n- Stealer log parsing and analysis\r\n- Post-discovery response\r\n- Other defensive strategies for stealer defense\n\n\nWhat would someone know about you if they had all of the credentials saved on your computer? More importantly what would you know about the world if you had 60 million random samples of all of the credentials saved on the' computers of others? Join Eric Clay and Nick Ascoli as they dive into the fascinating world of stealer logs. Nick & Eric have spent more than 6 months examining the world's most comprehensive stealer log data set to understand.... well everything. Nick and Eric will not only go deep and examine one of the most interesting data sets for intelligence around, but will demonstrate data pipelines you can implement for collecting and operationalizing stealer logs for defense.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55752,55308],"conference_id":133,"event_ids":[55698,56277],"name":"Eric Clay","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55813},{"content_ids":[55308,55752],"conference_id":133,"event_ids":[55698,56277],"name":"Nick Ascoli","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@kcin418)","sort_order":0,"url":"https://twitter.com/kcin418"}],"media":[],"id":55861}],"begin_tsz":"2024-08-09T19:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-09T20:30:00.000-0000","id":56277,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723231800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55813},{"tag_id":46167,"sort_order":6,"person_id":55861}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-09T19:30:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"I conducted thorough research on a corporate banking software widely utilized by numerous banks globally. This research was conducted during a bug bounty program for a leading bank in middle east, which employs this software. By examining their marketing brochures, we identified the third party company responsible for its development and after looking at their client we found out, their software is utilized by 60-70% of banks worldwide.\r\n\r\nIn this talk i will explain how did i recon corporate banking application from extracting interesting endpoints and methods. Further used them to find attack surface. Furthermore, I will delve into the methods used to uncover critical vulnerabilities within their application, including SQL injections, bypassing access control mechanisms etc.\n\n\n","media":[],"title":"Hacking Corporate Banking for Fun and Profit","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"I conducted thorough research on a corporate banking software widely utilized by numerous banks globally. This research was conducted during a bug bounty program for a leading bank in middle east, which employs this software. By examining their marketing brochures, we identified the third party company responsible for its development and after looking at their client we found out, their software is utilized by 60-70% of banks worldwide.\r\n\r\nIn this talk i will explain how did i recon corporate banking application from extracting interesting endpoints and methods. Further used them to find attack surface. Furthermore, I will delve into the methods used to uncover critical vulnerabilities within their application, including SQL injections, bypassing access control mechanisms etc.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[54589,55734],"conference_id":133,"event_ids":[56261,54964],"name":"Nikhil \"niks\" Shrivastava","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@niksthehacker)","sort_order":0,"url":"https://twitter.com/niksthehacker"}],"media":[],"id":54340},{"content_ids":[54589,55734],"conference_id":133,"event_ids":[56261,54964],"name":"Charles Waterhouse","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56108}],"begin_tsz":"2024-08-09T19:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56261,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723231800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56108},{"tag_id":46167,"sort_order":6,"person_id":54340}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-09T19:30:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cloud Offensive Breach and Risk Assessment (COBRA) is an open-source tool designed to empower users to simulate attacks within multi-cloud environments, offering a comprehensive evaluation of security controls. By automating the testing of various threat vectors including external and insider threats, lateral movement, and data exfiltration, COBRA enables organizations to gain insights into their security posture vulnerabilities. COBRA is designed to conduct simulated attacks to assess an organization's ability to detect and respond to security threats effectively.\n\nIt facilitates Proof of Concept (POC) evaluations, assesses security controls, measures maturity levels, and generates comprehensive reports, enabling organizations to enhance their cloud security resilience through lifelike threat scenarios.\n\nCOBRA Features:\n---\nSeamless Integration for POC and Tool Evaluation: COBRA provides seamless integration for Proof of Concept (POC) and tool evaluation purposes. Whether you're exploring new cloud-native applications or evaluating existing solutions, COBRA offers a user-friendly interface and flexible deployment options to facilitate effortless testing and assessment.\nComprehensive Assessment of Cloud-Native Security Posture: Gain unparalleled insights into your organization's existing cloud-native security posture with COBRA. Our advanced assessment capabilities enable you to identify vulnerabilities, assess security controls, and pinpoint areas for improvement. By understanding your current security posture, you can proactively address gaps and strengthen your defenses against emerging threats.\nBenchmarking Against Industry Standards and Best Practices: COBRA enables you to benchmark your cloud security controls against industry standards and best practices. With our comprehensive benchmarking framework, you can compare your security posture against established benchmarks, identify areas of strength and weakness, and prioritize remediation efforts accordingly.\nActionable Insights and Recommendations: COBRA goes beyond providing insights by providing a report delivering actionable recommendations tailored to your organization's specific needs. Whether it's optimizing security configurations, implementing additional controls, or enhancing incident response processes, COBRA equips you with the tools and guidance needed to bolster your cloud security defenses.\n\nContinuous Threat Simulation: COBRA offers a modular and templatized approach for users to easily integrate additional modules, allowing for continuous threat simulation and adaptability, by providing a flexible framework for adding modules, COBRA ensures that users can tailor their threat simulation capabilities according to evolving security needs, making it an ideal platform for continuous threat simulation.\n\n\n","media":[],"title":"Cloud Offensive Breach and Risk Assessment (COBRA)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Cloud Offensive Breach and Risk Assessment (COBRA) is an open-source tool designed to empower users to simulate attacks within multi-cloud environments, offering a comprehensive evaluation of security controls. By automating the testing of various threat vectors including external and insider threats, lateral movement, and data exfiltration, COBRA enables organizations to gain insights into their security posture vulnerabilities. COBRA is designed to conduct simulated attacks to assess an organization's ability to detect and respond to security threats effectively.\n\nIt facilitates Proof of Concept (POC) evaluations, assesses security controls, measures maturity levels, and generates comprehensive reports, enabling organizations to enhance their cloud security resilience through lifelike threat scenarios.\n\nCOBRA Features:\n---\nSeamless Integration for POC and Tool Evaluation: COBRA provides seamless integration for Proof of Concept (POC) and tool evaluation purposes. Whether you're exploring new cloud-native applications or evaluating existing solutions, COBRA offers a user-friendly interface and flexible deployment options to facilitate effortless testing and assessment.\nComprehensive Assessment of Cloud-Native Security Posture: Gain unparalleled insights into your organization's existing cloud-native security posture with COBRA. Our advanced assessment capabilities enable you to identify vulnerabilities, assess security controls, and pinpoint areas for improvement. By understanding your current security posture, you can proactively address gaps and strengthen your defenses against emerging threats.\nBenchmarking Against Industry Standards and Best Practices: COBRA enables you to benchmark your cloud security controls against industry standards and best practices. With our comprehensive benchmarking framework, you can compare your security posture against established benchmarks, identify areas of strength and weakness, and prioritize remediation efforts accordingly.\nActionable Insights and Recommendations: COBRA goes beyond providing insights by providing a report delivering actionable recommendations tailored to your organization's specific needs. Whether it's optimizing security configurations, implementing additional controls, or enhancing incident response processes, COBRA equips you with the tools and guidance needed to bolster your cloud security defenses.\n\nContinuous Threat Simulation: COBRA offers a modular and templatized approach for users to easily integrate additional modules, allowing for continuous threat simulation and adaptability, by providing a flexible framework for adding modules, COBRA ensures that users can tailor their threat simulation capabilities according to evolving security needs, making it an ideal platform for continuous threat simulation.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55481,54179],"conference_id":133,"event_ids":[55910,54548],"name":"Anand Tiwari","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@anandtiwarics)","sort_order":0,"url":"https://twitter.com/anandtiwarics"}],"media":[],"id":53722},{"content_ids":[55481,54179],"conference_id":133,"event_ids":[55910,54548],"name":"Harsha Koushik","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@0xlcheetah)","sort_order":0,"url":"https://twitter.com/0xlcheetah"}],"media":[],"id":53739}],"begin_tsz":"2024-08-09T19:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":55910,"tag_ids":[46169,46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723231800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53739},{"tag_id":46167,"sort_order":4,"person_id":53722}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T19:30:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This presentation follows the journey of investigating, conceptualizing, and implementing a Wormable Botnet for the Evowera Planck Mini Smart Manual Toothbrush, as fear-mongered by the team at Fortinet. We'll start with a high level overview of how the ESP32 OTA process works, as well as cover issues with the reference implementation released by Espressif. We'll then pivot to specifically attacking the Evowera Planck mini, dumping the firmware and doing some lite RE, monitoring the devices wireless traffic, theorizing exploits and fuzzing undocumented PCB, writing botnet software, as well as what is involved in getting an ESP32 to serve the firmware it is running as an OTA update to other Evowera Planck Minis. We'll then conclude with some proof that the devices do function as a botnet, complete with a stealthy github based C2.\n\n\n","media":[],"title":"Exploiting insecure OTA updates to create the worlds first Toothbrush Botnet and selfreplicating ESP32 worm","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:25:00Z","end_timestamp":{"seconds":1723235100,"nanoseconds":0},"android_description":"This presentation follows the journey of investigating, conceptualizing, and implementing a Wormable Botnet for the Evowera Planck Mini Smart Manual Toothbrush, as fear-mongered by the team at Fortinet. We'll start with a high level overview of how the ESP32 OTA process works, as well as cover issues with the reference implementation released by Espressif. We'll then pivot to specifically attacking the Evowera Planck mini, dumping the firmware and doing some lite RE, monitoring the devices wireless traffic, theorizing exploits and fuzzing undocumented PCB, writing botnet software, as well as what is involved in getting an ESP32 to serve the firmware it is running as an OTA update to other Evowera Planck Minis. We'll then conclude with some proof that the devices do function as a botnet, complete with a stealthy github based C2.","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55447],"conference_id":133,"event_ids":[55872],"name":"Lozaning","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"they/them","links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@Lozaning"}],"media":[],"id":55984}],"begin_tsz":"2024-08-09T19:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-09T20:25:00.000-0000","id":55872,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723231800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55984}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-09T19:30:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"You know the sound of *beep*... *Click* when using a badge to enter a door to a building, but how does this work and how can you hack it? This talk will explain the basics of what’s inside the readers and the badges, and how they communicate wirelessly. You will learn about the common tools available (Proxmark, Flipper, Keysy), how to get one and how to use it. We’ll talk about techniques to clone badges, and brute force systems to get access you never had in the first place.\n\n\n","media":[],"title":"RFID 101","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"You know the sound of *beep*... *Click* when using a badge to enter a door to a building, but how does this work and how can you hack it? This talk will explain the basics of what’s inside the readers and the badges, and how they communicate wirelessly. You will learn about the common tools available (Proxmark, Flipper, Keysy), how to get one and how to use it. We’ll talk about techniques to clone badges, and brute force systems to get access you never had in the first place.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54560],"conference_id":133,"event_ids":[54935],"name":"Ege Feyzioglu","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GGR Security","title":"Physical Security Analyst"}],"links":[],"pronouns":null,"media":[],"id":54304,"title":"Physical Security Analyst at GGR Security"},{"content_ids":[54560],"conference_id":133,"event_ids":[54935],"name":"Andrew M","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54322}],"begin_tsz":"2024-08-09T19:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":54935,"tag_ids":[46169,46387,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723231800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54322},{"tag_id":46167,"sort_order":1,"person_id":54304}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-09T19:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this technical talk, we will uncover a new aspect of NFTs: using them as attack vectors to relay C2 commands. Fingerprinting a system? Exfiltrating information? Encrypting and wiping data? Executing arbitrary commands? Of course! But with a dark twist: deployed NFTs are blockchain-backed assets immune to takedowns. Imagine having your own “immortal” C2 Server for less than $10 dollars in $ETH. \r\n\r\nFor this, we will introduce “mFT” an open-source tool that automates the creation of malicious payloads and provide sample harmless NFTs, allowing attendees to explore this novel attack vector on their own machines safely. This talk is the spiritual successor of \"Everything is a C2 if you're brave enough\". \n\n\n","media":[],"title":"MFT: Malicious Fungible Tokens","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"In this technical talk, we will uncover a new aspect of NFTs: using them as attack vectors to relay C2 commands. Fingerprinting a system? Exfiltrating information? Encrypting and wiping data? Executing arbitrary commands? Of course! But with a dark twist: deployed NFTs are blockchain-backed assets immune to takedowns. Imagine having your own “immortal” C2 Server for less than $10 dollars in $ETH. \r\n\r\nFor this, we will introduce “mFT” an open-source tool that automates the creation of malicious payloads and provide sample harmless NFTs, allowing attendees to explore this novel attack vector on their own machines safely. This talk is the spiritual successor of \"Everything is a C2 if you're brave enough\".","updated_timestamp":{"seconds":1722712816,"nanoseconds":0},"speakers":[{"content_ids":[54559,55973,55976],"conference_id":133,"event_ids":[56589,56592,54934],"name":"Mauro Eldritch","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Birmingham Cyber Arms LTD","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/mauroeldritch/"},{"description":"","title":"Twitter (@MauroEldritch)","sort_order":0,"url":"https://twitter.com/MauroEldritch"},{"description":"","title":"Website","sort_order":0,"url":"https://www.birminghamcyberarms.co.uk/"}],"media":[],"id":54249,"title":"Founder at Birmingham Cyber Arms LTD"},{"content_ids":[54559,55973],"conference_id":133,"event_ids":[56589,54934],"name":"Cybelle Oliveira ","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"CTI Malwarelandia","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/cybelleoliveira/"},{"description":"","title":"Twitter (@cyb3113)","sort_order":0,"url":"https://twitter.com/cyb3113"}],"media":[],"id":54350,"title":"CTI Malwarelandia"}],"begin_tsz":"2024-08-09T19:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T19:20:16Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":54934,"tag_ids":[46169,46367,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723231800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54350},{"tag_id":46167,"sort_order":1,"person_id":54249}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T19:30:00.000-0000","updated":"2024-08-03T19:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk we will explore vulnerabilities in Amazon Web Services (AWS) products which allowed us to gain access to cloud environments.\r\n\r\nTraditionally, adversaries have abused misconfigurations and leaked credentials to gain access to AWS workloads. Things like exposed long-lived access keys and exploiting the privileges of virtual machines have allowed adversaries to breach cloud resources. However, these mistakes are on the customer side of the shared responsibility model. In this session, we will cover vulnerabilities in AWS services that have been fixed and that previously allowed us to access cloud resources.\r\n\r\nWe will start with an exploration of how Identity and Access Management (IAM) roles establish trust with AWS services and cover the mechanisms that prevent an adversary from assuming roles in other AWS accounts. We’ll then demonstrate a vulnerability that bypassed those protections. We’ll cover a real world example of a confused deputy vulnerability we found in AWS AppSync that allowed us to hijack IAM roles in other accounts.\r\n\r\nNext, we'll highlight potential misconfigurations involving IAM roles leveraging sts:AssumeRoleWithWebIdentity. These misconfigurations cloud permit unauthorized global access to these roles without the need for authentication, affecting services like Amazon Cognito, GitHub Actions, and more.\r\n\r\nFinally, we’ll cover a vulnerability we found in AWS Amplify that exposed customer IAM roles associated with the service to takeover, allowing anyone the ability to gain a foothold in that victim account. We’ll also discuss how security practitioners can secure their environments, even against a zero-day like one we’ll demonstrate.\r\n\r\nJoin us to learn how attackers search for and exploit vulnerabilities in AWS services to gain access to cloud environments.\r\n\r\n- [link](https://securitylabs.datadoghq.com/articles/amplified-exposure-how-aws-flaws-made-amplify-iam-roles-vulnerable-to-takeover/)\r\n- [link](https://securitylabs.datadoghq.com/articles/appsync-vulnerability-disclosure/)\r\n\n\n\n","media":[],"title":"Kicking in the Door to the Cloud: Exploiting Cloud Provider Vulnerabilities for Initial Access","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T20:15:00Z","end_timestamp":{"seconds":1723234500,"nanoseconds":0},"android_description":"In this talk we will explore vulnerabilities in Amazon Web Services (AWS) products which allowed us to gain access to cloud environments.\r\n\r\nTraditionally, adversaries have abused misconfigurations and leaked credentials to gain access to AWS workloads. Things like exposed long-lived access keys and exploiting the privileges of virtual machines have allowed adversaries to breach cloud resources. However, these mistakes are on the customer side of the shared responsibility model. In this session, we will cover vulnerabilities in AWS services that have been fixed and that previously allowed us to access cloud resources.\r\n\r\nWe will start with an exploration of how Identity and Access Management (IAM) roles establish trust with AWS services and cover the mechanisms that prevent an adversary from assuming roles in other AWS accounts. We’ll then demonstrate a vulnerability that bypassed those protections. We’ll cover a real world example of a confused deputy vulnerability we found in AWS AppSync that allowed us to hijack IAM roles in other accounts.\r\n\r\nNext, we'll highlight potential misconfigurations involving IAM roles leveraging sts:AssumeRoleWithWebIdentity. These misconfigurations cloud permit unauthorized global access to these roles without the need for authentication, affecting services like Amazon Cognito, GitHub Actions, and more.\r\n\r\nFinally, we’ll cover a vulnerability we found in AWS Amplify that exposed customer IAM roles associated with the service to takeover, allowing anyone the ability to gain a foothold in that victim account. We’ll also discuss how security practitioners can secure their environments, even against a zero-day like one we’ll demonstrate.\r\n\r\nJoin us to learn how attackers search for and exploit vulnerabilities in AWS services to gain access to cloud environments.\r\n\r\n- [link](https://securitylabs.datadoghq.com/articles/amplified-exposure-how-aws-flaws-made-amplify-iam-roles-vulnerable-to-takeover/)\r\n- [link](https://securitylabs.datadoghq.com/articles/appsync-vulnerability-disclosure/)","updated_timestamp":{"seconds":1720462025,"nanoseconds":0},"speakers":[{"content_ids":[54449,55498],"conference_id":133,"event_ids":[55927,54822],"name":"Nick Frichette","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Datadog","title":"Staff Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@frichetten@fosstodon.org)","sort_order":0,"url":"https://fosstodon.org/@frichetten"},{"description":"","title":"Twitter (@Frichette_n)","sort_order":0,"url":"https://twitter.com/Frichette_n"},{"description":"","title":"Website","sort_order":0,"url":"https://frichetten.com/"}],"media":[],"id":54089,"title":"Staff Security Researcher at Datadog"}],"begin_tsz":"2024-08-09T19:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:07:05Z","links":[],"end":"2024-08-09T20:15:00.000-0000","id":54822,"tag_ids":[46166,46419,46880],"village_id":null,"begin_timestamp":{"seconds":1723231800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54089}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-09T19:30:00.000-0000","updated":"2024-07-08T18:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk is aimed at non-experts and anyone who wants to stay ahead of the curve in a world where encryption rules are about to change dramatically. Whether you believe cryptographically relevant quantum computers are 10 or 100 years away, the first steps towards cryptographic agility that are being mandated within a couple of years. We'll explore the mind-bending math behind lattice-based and other exotic cryptosystems. Then, we'll get our hands dirty, dissecting real-world attacks launched against the finalists in the NIST PQC competition.\nPwn the future of cryptography!\n\n\n","media":[],"title":"A Hacker's guide to PQC","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"This talk is aimed at non-experts and anyone who wants to stay ahead of the curve in a world where encryption rules are about to change dramatically. Whether you believe cryptographically relevant quantum computers are 10 or 100 years away, the first steps towards cryptographic agility that are being mandated within a couple of years. We'll explore the mind-bending math behind lattice-based and other exotic cryptosystems. Then, we'll get our hands dirty, dissecting real-world attacks launched against the finalists in the NIST PQC competition.\nPwn the future of cryptography!","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[{"content_ids":[55843],"conference_id":133,"event_ids":[56430],"name":"Konstantinos Karagiannis","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56220}],"begin_tsz":"2024-08-09T19:15:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56430,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723230900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56220}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-09T19:15:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Server-Side Request Forgery is now one of the most widely recognized and significant vulnerabilities that bug hunters should have in their arsenal. This interactive workshop covers basic exploitation of SSRF, as well as tackling more intricate vulnerabilities that involve chaining multiple exploits, a thorough comprehension of the target's infrastructure, and other advanced techniques.\r\n\r\nPre-Prerequisites\r\n\r\n- Basic understanding of web application hacking\r\n- Knowledge of Web Proxies\r\n- Working laptop\r\n- Working WiFi (Will not be doable without access to a working WiFi)\r\n- Caido (BurpSuite or similar works too!)\n\n\n","media":[],"title":"A Zero to Hero Crash Course to Server-Side Request Forgery (SSRF)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"Server-Side Request Forgery is now one of the most widely recognized and significant vulnerabilities that bug hunters should have in their arsenal. This interactive workshop covers basic exploitation of SSRF, as well as tackling more intricate vulnerabilities that involve chaining multiple exploits, a thorough comprehension of the target's infrastructure, and other advanced techniques.\r\n\r\nPre-Prerequisites\r\n\r\n- Basic understanding of web application hacking\r\n- Knowledge of Web Proxies\r\n- Working laptop\r\n- Working WiFi (Will not be doable without access to a working WiFi)\r\n- Caido (BurpSuite or similar works too!)","updated_timestamp":{"seconds":1721438067,"nanoseconds":0},"speakers":[{"content_ids":[55175,55181,55265],"conference_id":133,"event_ids":[55563,55569,55655],"name":"Ben \"NahamSec\" Sadeghipour","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Hacking Hub","title":""}],"pronouns":null,"links":[{"description":"","title":"Twitter (@nahamsec)","sort_order":0,"url":"https://twitter.com/nahamsec"}],"media":[],"id":54808,"title":"Hacking Hub"}],"begin_tsz":"2024-08-09T19:15:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T01:14:27Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#a-zero-to-hero-crash-course-to-server-side-request-forgery"}],"end":"2024-08-09T20:45:00.000-0000","id":55563,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723230900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54808}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-09T19:15:00.000-0000","updated":"2024-07-20T01:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Cloud Shell feature from cloud service providers offers a convenient way to access resources within the cloud, significantly improving the user experience for both administrators and developers. However, even though the spawned instance has a short lifespan, granting excessive permissions could still pose security risks to users. This talk reveals an abuse methodology that leverages an unexpected, public-facing port in GCP Cloud Shell discovered during recon. Through manipulation in Linux Netfilter's NAT table, it serves various internally running services such as HTTP, SOCKS, and SSH within the Cloud Shell container to the public. This configuration could be exploited by adversaries to bypass the Google authentication needed in its Web Preview feature to leak data, to deliver malicious content, or to pivot attack traffic through the Google network.\n\n\n","media":[],"title":"One Port to Serve Them All - Google GCP Cloud Shell Abuse","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:30:00Z","end_timestamp":{"seconds":1723231800,"nanoseconds":0},"android_description":"The Cloud Shell feature from cloud service providers offers a convenient way to access resources within the cloud, significantly improving the user experience for both administrators and developers. However, even though the spawned instance has a short lifespan, granting excessive permissions could still pose security risks to users. This talk reveals an abuse methodology that leverages an unexpected, public-facing port in GCP Cloud Shell discovered during recon. Through manipulation in Linux Netfilter's NAT table, it serves various internally running services such as HTTP, SOCKS, and SSH within the Cloud Shell container to the public. This configuration could be exploited by adversaries to bypass the Google authentication needed in its Web Preview feature to leak data, to deliver malicious content, or to pivot attack traffic through the Google network.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55480],"conference_id":133,"event_ids":[55909],"name":"Hubert Lin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"hubertwslin","sort_order":0,"url":"https://hubertwslin"}],"media":[],"id":56020}],"begin_tsz":"2024-08-09T19:10:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T19:30:00.000-0000","id":55909,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723230600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56020}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T19:10:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"WHOIS data is a prime resources for identifying apex domains owned by a company. Unfortunately that data is typically locked up behind rate limited systems, third party APIs, or expensive bulk purchases. We developed whoiswatcher to run in serverless cloud (where we have clocked it at 1-1.5MM domains per day) or by using IPv6 proxying (can hit 150-200k domains per day with a small VPC). This makes it a perfect candidate to build a WHOIS dataset, review historic WHOIS records, and alert you on fresh enterprise domains. We will demo all this and more!\n\n\n","media":[],"title":"Bypassing WHOIS Rate Limiting and Alerting on Fresh Enterprise Domains","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:40:00Z","end_timestamp":{"seconds":1723232400,"nanoseconds":0},"android_description":"WHOIS data is a prime resources for identifying apex domains owned by a company. Unfortunately that data is typically locked up behind rate limited systems, third party APIs, or expensive bulk purchases. We developed whoiswatcher to run in serverless cloud (where we have clocked it at 1-1.5MM domains per day) or by using IPv6 proxying (can hit 150-200k domains per day with a small VPC). This makes it a perfect candidate to build a WHOIS dataset, review historic WHOIS records, and alert you on fresh enterprise domains. We will demo all this and more!","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55898],"conference_id":133,"event_ids":[56485],"name":"Willis Vandevanter","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56265}],"begin_tsz":"2024-08-09T19:05:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T19:40:00.000-0000","id":56485,"tag_ids":[46391,46511],"village_id":null,"begin_timestamp":{"seconds":1723230300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56265}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T19:05:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Bridging the Gap: How the American Legion Provides Veterans with a Sense of Belonging and Support","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:45:00Z","end_timestamp":{"seconds":1723232700,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723225098,"nanoseconds":0},"speakers":[{"content_ids":[56207],"conference_id":133,"event_ids":[56861],"name":"Chris Davis","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56599}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T17:38:18Z","links":[],"end":"2024-08-09T19:45:00.000-0000","id":56861,"tag_ids":[46409,46511],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56599}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W213-W214","hotel":"","short_name":"W213-W214","id":46286},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-08-09T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Welcome to the Gold Bug at the 11th annual Crypto & Privacy Village! This opening talk compliments the Gold Bug: Puzzle Panel on Day 2.\r\n\r\nThe Gold Bug Team 2024 at the Crypto & Privacy Village: 0xCryptok, tseven, llamaprincess, pleoxconfusa, Pascal-0x90, Delta_JRM, are the beloved puzzle-makers within Crypto & Privacy Village. We make a special effort to include accessible puzzles at all skill levels. It is our hope that anyone, from new puzzlers (even kids!) to seasoned puzzle hunters, can participate in and enjoy this contest.\r\n\r\nThe GoldBug team also runs Crypto & Privacy Village's Junior Cryptography at DC NextGen.\n\n\n","media":[],"title":"Gold Bug: Welcome","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Welcome to the Gold Bug at the 11th annual Crypto & Privacy Village! This opening talk compliments the Gold Bug: Puzzle Panel on Day 2.\r\n\r\nThe Gold Bug Team 2024 at the Crypto & Privacy Village: 0xCryptok, tseven, llamaprincess, pleoxconfusa, Pascal-0x90, Delta_JRM, are the beloved puzzle-makers within Crypto & Privacy Village. We make a special effort to include accessible puzzles at all skill levels. It is our hope that anyone, from new puzzlers (even kids!) to seasoned puzzle hunters, can participate in and enjoy this contest.\r\n\r\nThe GoldBug team also runs Crypto & Privacy Village's Junior Cryptography at DC NextGen.","updated_timestamp":{"seconds":1722725985,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T22:59:45Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56624,"tag_ids":[46377,46439,46768],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-08-03T22:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"What if we play with the ISP? In this talk I am going to tell you how one day, something that started as a simple SQL injection, going through LFI, RCE, ended up in a pwn of an internet provider in my country that affected more than 25 cities, being able to intercept user traffic and other stuff.\n\n\n","media":[],"title":"SQLi to Root Access: Exploiting a ISP infrastructure","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:30:00Z","end_timestamp":{"seconds":1723231800,"nanoseconds":0},"android_description":"What if we play with the ISP? In this talk I am going to tell you how one day, something that started as a simple SQL injection, going through LFI, RCE, ended up in a pwn of an internet provider in my country that affected more than 25 cities, being able to intercept user traffic and other stuff.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55297,55959],"conference_id":133,"event_ids":[56575,55687],"name":"Ignacio Daniel Navarro","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Appication security / Ethical hacker"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ignavarro1/?locale=en_US"},{"description":"","title":"Twitter (@IgNavarro1)","sort_order":0,"url":"https://twitter.com/IgNavarro1"}],"media":[],"id":55850,"title":"Appication security / Ethical hacker"}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-09T19:30:00.000-0000","id":56575,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55850}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this class, we solder together a light-up, cat-themed badge that teaches a simple RGB tuning circuit. By turning the red, green, or blue knobs, you can adjust the color of the cat’s eyes. Perfect for beginners and soldering experts wanting to make a fun and cute badge.\n\n\n","media":[],"title":"Learn Beginner Soldering With the Meow Mixer Badge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T20:30:00Z","end_timestamp":{"seconds":1723235400,"nanoseconds":0},"android_description":"In this class, we solder together a light-up, cat-themed badge that teaches a simple RGB tuning circuit. By turning the red, green, or blue knobs, you can adjust the color of the cat’s eyes. Perfect for beginners and soldering experts wanting to make a fun and cute badge.","updated_timestamp":{"seconds":1722645221,"nanoseconds":0},"speakers":[{"content_ids":[55930,55931,55932,55933,55934,55935,55936,55937,55938,55939],"conference_id":133,"event_ids":[56521,56522,56523,56524,56525,56526,56527,56528,56529,56530],"name":"Kody K","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56287}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:41Z","links":[{"label":"Purchase/Pre-Register","type":"link","url":"https://retia.io/products/dc32-learn-beginner-soldering-with-the-meow-mixer-badge"}],"end":"2024-08-09T20:30:00.000-0000","id":56522,"tag_ids":[46383,46429,46734],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56287}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is an AMA/Podcast that will be recorded on-site.\n\n\n","media":[],"title":"Ask Me Anything - Daniel Cutberth, Moderated by Sudhanshu","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"This is an AMA/Podcast that will be recorded on-site.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55897],"conference_id":133,"event_ids":[56484],"name":"Sudhanshu","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56278},{"content_ids":[55897,55338],"conference_id":133,"event_ids":[55729,56484],"name":"Daniel Cuthbert","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56284}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56484,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":4,"person_id":56278},{"tag_id":46167,"sort_order":6,"person_id":56284}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Flipping Locks (The Remix) - Remote Badge Cloning with the Flipper Zero and More","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722564508,"nanoseconds":0},"speakers":[{"content_ids":[55794,55802],"conference_id":133,"event_ids":[56343,56351],"name":"Dan Goga","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56181},{"content_ids":[55794,55802],"conference_id":133,"event_ids":[56343,56351],"name":"Langston Clement","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56183}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T02:08:28Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56343,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56183},{"tag_id":46167,"sort_order":4,"person_id":56181}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-08-02T02:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”\n\n\n","media":[{"hash_sha256":"428e14f21b35d7673729fe64d1b505c806155472894b40ffe1ce7324527577b1","filetype":"image/png","hash_md5":"97e55dc0e441e94ee6f15b141155b4f9","name":"ct_bic-ctf.png","is_logo":"Y","hash_crc32c":"4ce34dd1","filesize":257047,"asset_id":628,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_bic-ctf.png"}],"title":"Blacks in Cyber CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"The BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”","updated_timestamp":{"seconds":1722311050,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:44:10Z","links":[{"label":"More Info","type":"link","url":"https://www.blacksincyberconf.com/ctf"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249409"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249410"}],"end":"2024-08-11T00:00:00.000-0000","id":56059,"tag_ids":[46372,46426,46439,46755],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"Y","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-30T03:44:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”\n\n\n","media":[{"hash_sha256":"428e14f21b35d7673729fe64d1b505c806155472894b40ffe1ce7324527577b1","filetype":"image/png","hash_md5":"97e55dc0e441e94ee6f15b141155b4f9","name":"ct_bic-ctf.png","is_logo":"Y","hash_crc32c":"4ce34dd1","filesize":257047,"asset_id":628,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_bic-ctf.png"}],"title":"Blacks in Cyber CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”","updated_timestamp":{"seconds":1722311050,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:44:10Z","links":[{"label":"More Info","type":"link","url":"https://www.blacksincyberconf.com/ctf"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249409"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249410"}],"end":"2024-08-10T01:00:00.000-0000","id":56057,"tag_ids":[46372,46426,46439,46755],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-30T03:44:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The DEF CON Kubernetes Capture the Flag (CTF) contest features a Kubernetes-based CTF challenge, where teams and individuals can build and test their Kubernetes hacking skills. Each team/individual is given access to a single Kubernetes cluster that contains a set of serial challenges, winning flags and points as they progress. Later flags pose more difficulty, but count for more points.\r\n\r\nA scoreboard tracks the teams’ current and final scores. In the event of a tie, the first team to achieve the score wins that tie.\n\n\n","media":[{"hash_sha256":"a5a762ead7376172dae80fa2c3959bd1e4a22190a057721df654c025d0edfd7f","filetype":"image/png","hash_md5":"01005631367ac14ee6f758e7b45997bc","name":"ct_kubernetes-ctf.png","is_logo":"Y","hash_crc32c":"160f25aa","filesize":16051,"asset_id":636,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_kubernetes-ctf.png"}],"title":"DC Kubernetes Capture the Flag (CTF)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T03:00:00Z","end_timestamp":{"seconds":1723258800,"nanoseconds":0},"android_description":"The DEF CON Kubernetes Capture the Flag (CTF) contest features a Kubernetes-based CTF challenge, where teams and individuals can build and test their Kubernetes hacking skills. Each team/individual is given access to a single Kubernetes cluster that contains a set of serial challenges, winning flags and points as they progress. Later flags pose more difficulty, but count for more points.\r\n\r\nA scoreboard tracks the teams’ current and final scores. In the event of a tie, the first team to achieve the score wins that tie.","updated_timestamp":{"seconds":1722310069,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:27:49Z","links":[{"label":"More Info","type":"link","url":"https://containersecurityctf.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249379"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249378"}],"end":"2024-08-10T03:00:00.000-0000","id":56028,"tag_ids":[46428,46439,46765],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-E","hotel":"","short_name":"HW4-02-01-E","id":46360},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-30T03:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Red Alert ICS CTF is a competition for Hackers by Hackers, organized by the RedAlert Lab of NSHC Security. The event exclusively focuses on having the participants clear a series of challenges and break through several layers of security in our OT environment and eventually take over complete control of the ICS components.\r\n\r\nRed Alert ICS CTF is back with a ton of fun challenges after successfully running the CTF since DEF CON 26. Red Alert ICS CTF is proud to be among the Black Badge contests at DEF CON 31 and DEF CON 26.\r\n\r\nThe contest would house real world ICS (Industrial Control System) equipment from various vendors on showcasing different sectors of critical infrastructure. The participants would be able to view and engage with the devices in real time and understand how each of them control each of the aspects of the testbed and leverage this to compromise the devices.\r\n\r\nRed Alert ICS CTF at DEF CON 32 would also be offering players the unique opportunity to compromise the latest cyber ranges on Maritime Cyber Security.\n\n\n","media":[{"hash_sha256":"201a70cf75d615a3c181f84f46b40a9beef121ef55f3c3e4998383da2228c638","filetype":"image/png","hash_md5":"ef3ab1513d15d09e91e3dcaf6fb35b22","name":"ct_red-alert.png","is_logo":"Y","hash_crc32c":"f7736a86","filesize":69710,"asset_id":656,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_red-alert.png"}],"title":"Red Alert ICS CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"Red Alert ICS CTF is a competition for Hackers by Hackers, organized by the RedAlert Lab of NSHC Security. The event exclusively focuses on having the participants clear a series of challenges and break through several layers of security in our OT environment and eventually take over complete control of the ICS components.\r\n\r\nRed Alert ICS CTF is back with a ton of fun challenges after successfully running the CTF since DEF CON 26. Red Alert ICS CTF is proud to be among the Black Badge contests at DEF CON 31 and DEF CON 26.\r\n\r\nThe contest would house real world ICS (Industrial Control System) equipment from various vendors on showcasing different sectors of critical infrastructure. The participants would be able to view and engage with the devices in real time and understand how each of them control each of the aspects of the testbed and leverage this to compromise the devices.\r\n\r\nRed Alert ICS CTF at DEF CON 32 would also be offering players the unique opportunity to compromise the latest cyber ranges on Maritime Cyber Security.","updated_timestamp":{"seconds":1722306363,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:26:03Z","links":[{"label":"Twitter (@icsctf)","type":"link","url":"https://twitter.com/icsctf"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249300"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249301"}],"end":"2024-08-10T00:00:00.000-0000","id":55964,"tag_ids":[46427,46439,46788],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-07","hotel":"","short_name":"HW4-03-07","id":46379},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-30T02:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Andrew is formally a ships engineer and now spends much of his time pen testing ships. Along the way he's found the weirdest ways that IT/OT segregation has been broken, often through 3rd party technology suppliers. From VDRs to ICMS to safety management systems to fire control to azipods to... you name it he's broken it.\r\n\r\nCruising adds another layer of complexity, bringing together customer entertainment, restaurant and billing systems. The scope for segregation errors is multiplied.\r\n\r\nThe headline of this talk is tale about a misconfigured golf simulator onboard, that led to compromise of almost the entire vessel.\n\n\n","media":[],"title":"A hole in one: pwning a cruise ship from a golf simulator and other tales of maritime IT-OT misconvergence","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Andrew is formally a ships engineer and now spends much of his time pen testing ships. Along the way he's found the weirdest ways that IT/OT segregation has been broken, often through 3rd party technology suppliers. From VDRs to ICMS to safety management systems to fire control to azipods to... you name it he's broken it.\r\n\r\nCruising adds another layer of complexity, bringing together customer entertainment, restaurant and billing systems. The scope for segregation errors is multiplied.\r\n\r\nThe headline of this talk is tale about a misconfigured golf simulator onboard, that led to compromise of almost the entire vessel.","updated_timestamp":{"seconds":1721781536,"nanoseconds":0},"speakers":[{"content_ids":[55342],"conference_id":133,"event_ids":[55734],"name":"Andrew Tierney","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Pen Test Partners","title":"Security Consultant"}],"links":[],"pronouns":null,"media":[],"id":55947,"title":"Security Consultant at Pen Test Partners"}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T00:38:56Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":55734,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55947}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-24T00:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As digital technology is changing how militaries conduct war, a trend has emerged in which a growing number of civilians are becoming involved in armed conflicts through digital means. Sitting at some distance from physical hostilities, including outside the countries at war, civilians – including hackers – are conducting a range of cyber operations against their “enemy.” One example is the international armed conflict between Russia and Ukraine, where some groups present themselves as a “worldwide IT community” with the mission to, in their words, “help Ukraine win by crippling aggressor economies, blocking vital financial, infrastructural and government services, and tiring major taxpayers.” Others have reportedly “called for and carried out disruptive – albeit temporary – attacks on hospital websites in both Ukraine and allied countries,” among many other operations. In this session, the International Committee of the Red Cross will highlight that there are legal limits in warfare, and will set out several international humanitarian law (IHL)-based rules that all hackers who carry out operations in the context of an armed conflict must comply with. The session will also discuss why it is a State’s responsibility to restrain hackers engaging in those conflicts.\n\n\n","media":[],"title":"Rules All Hackers Must Follow in War","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:45:00Z","end_timestamp":{"seconds":1723232700,"nanoseconds":0},"android_description":"As digital technology is changing how militaries conduct war, a trend has emerged in which a growing number of civilians are becoming involved in armed conflicts through digital means. Sitting at some distance from physical hostilities, including outside the countries at war, civilians – including hackers – are conducting a range of cyber operations against their “enemy.” One example is the international armed conflict between Russia and Ukraine, where some groups present themselves as a “worldwide IT community” with the mission to, in their words, “help Ukraine win by crippling aggressor economies, blocking vital financial, infrastructural and government services, and tiring major taxpayers.” Others have reportedly “called for and carried out disruptive – albeit temporary – attacks on hospital websites in both Ukraine and allied countries,” among many other operations. In this session, the International Committee of the Red Cross will highlight that there are legal limits in warfare, and will set out several international humanitarian law (IHL)-based rules that all hackers who carry out operations in the context of an armed conflict must comply with. The session will also discuss why it is a State’s responsibility to restrain hackers engaging in those conflicts.","updated_timestamp":{"seconds":1721778581,"nanoseconds":0},"speakers":[{"content_ids":[55330],"conference_id":133,"event_ids":[55722],"name":"Dr. Kosuke Onishi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"International Committee of the Red Cross","title":"Legal Advisor"}],"links":[],"pronouns":null,"media":[],"id":55925,"title":"Legal Advisor at International Committee of the Red Cross"}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-23T23:49:41Z","links":[],"end":"2024-08-09T19:45:00.000-0000","id":55722,"tag_ids":[46388,46419,46511],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":4,"person_id":55925}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-23T23:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"How to build automated Red Team Infrastructure that is composable and reproducable.\n\n\n","media":[],"title":"Red Team Terraform Workshop","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T19:50:00Z","end_timestamp":{"seconds":1723233000,"nanoseconds":0},"android_description":"How to build automated Red Team Infrastructure that is composable and reproducable.","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55292,55270],"conference_id":133,"event_ids":[55682,55660],"name":"Moses Frost","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@mosesrenegade)","sort_order":0,"url":"https://twitter.com/mosesrenegade"}],"media":[],"id":55817}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T19:50:00.000-0000","id":55660,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55817}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"You are targeting a modern organization, but new to you, the target environment has no Windows. You scour the internet for guidance, and find the results insufficient. You begin to think, “Progress will not happen until there is new maintainer.”\n\nThis talk presents a set of techniques for hacking environments built on macOS, Kubernetes, and cloud (AWS). These techniques are accompanied by anecdotes of adventures in Red Teaming. Attendees will learn new tricks for initial access, lateral movement, and persistence in modern non-Windows environments.\n\n\n","media":[],"title":"Modern Red Teaming: macOS, K8s, and Cloud","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T19:50:00Z","end_timestamp":{"seconds":1723233000,"nanoseconds":0},"android_description":"You are targeting a modern organization, but new to you, the target environment has no Windows. You scour the internet for guidance, and find the results insufficient. You begin to think, “Progress will not happen until there is new maintainer.”\n\nThis talk presents a set of techniques for hacking environments built on macOS, Kubernetes, and cloud (AWS). These techniques are accompanied by anecdotes of adventures in Red Teaming. Attendees will learn new tricks for initial access, lateral movement, and persistence in modern non-Windows environments.","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55269],"conference_id":133,"event_ids":[55659],"name":"Chris Gates","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55818},{"content_ids":[55269],"conference_id":133,"event_ids":[55659],"name":"int eighty (of Dual Core)","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@int0x80)","sort_order":0,"url":"https://twitter.com/int0x80"}],"media":[],"id":55819}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T19:50:00.000-0000","id":55659,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55818},{"tag_id":46167,"sort_order":4,"person_id":55819}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the cloud computing landscape, the ease of resource allocation by cloud providers contrasts sharply with traditional computing's constraints, turning IPv4 addresses into digital assets with multiple tenancies. Our presentation explores the \"Dangling DNS\" phenomenon—active DNS records pointing to IP addresses uncontrolled by the domain owner, creating potential security vulnerabilities.\n\nWe will unravel the persistence of IP address-based authentication and authorization practices on the internet and discuss methods to enhance the credibility of these dangling DNS entries, including the acquisition of x.509 certificates. The implications are significant, offering avenues for commandeering these entries for Command and Control (C2) operations or crafting phishing emails capable of circumventing standard email security frameworks.\n\nFollowing the foundational discussion, our presentation will delve into analysis of dangling DNS entries discovered in live environments. We will discuss the widespread occurrence of dangling DNS entries, identifying the cloud providers where they are most frequently found. Furthermore, we will delve into specific case studies, presenting particularly intriguing instances of dangling DNS entries to underscore their varied nature and potential implications.\n\nA pivotal segment of our presentation introduces innovative methodologies for the identification of dangling DNS vulnerabilities. We will showcase \"Paydirt,\" an open-source tool, written by the author, designed to unearth dangling DNS entries within cloud provider shared IP address space. Furthermore, we will unveil a tool at Defcon 2024, engineered to detect exploitable cloud IP addresses within Sender Policy Framework (SPF) entries, a critical vector for executing sophisticated spear-phishing campaigns.\n\nOur presentation aims not only to highlight the security challenges posed by the transient nature of cloud-assigned IP addresses but also to equip the cybersecurity community with simple actionable strategies to fortify their defenses against these threats.\n\n\n","media":[],"title":"Mining for Abandoned Gold in DNS","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T19:50:00Z","end_timestamp":{"seconds":1723233000,"nanoseconds":0},"android_description":"In the cloud computing landscape, the ease of resource allocation by cloud providers contrasts sharply with traditional computing's constraints, turning IPv4 addresses into digital assets with multiple tenancies. Our presentation explores the \"Dangling DNS\" phenomenon—active DNS records pointing to IP addresses uncontrolled by the domain owner, creating potential security vulnerabilities.\n\nWe will unravel the persistence of IP address-based authentication and authorization practices on the internet and discuss methods to enhance the credibility of these dangling DNS entries, including the acquisition of x.509 certificates. The implications are significant, offering avenues for commandeering these entries for Command and Control (C2) operations or crafting phishing emails capable of circumventing standard email security frameworks.\n\nFollowing the foundational discussion, our presentation will delve into analysis of dangling DNS entries discovered in live environments. We will discuss the widespread occurrence of dangling DNS entries, identifying the cloud providers where they are most frequently found. Furthermore, we will delve into specific case studies, presenting particularly intriguing instances of dangling DNS entries to underscore their varied nature and potential implications.\n\nA pivotal segment of our presentation introduces innovative methodologies for the identification of dangling DNS vulnerabilities. We will showcase \"Paydirt,\" an open-source tool, written by the author, designed to unearth dangling DNS entries within cloud provider shared IP address space. Furthermore, we will unveil a tool at Defcon 2024, engineered to detect exploitable cloud IP addresses within Sender Policy Framework (SPF) entries, a critical vector for executing sophisticated spear-phishing campaigns.\n\nOur presentation aims not only to highlight the security challenges posed by the transient nature of cloud-assigned IP addresses but also to equip the cybersecurity community with simple actionable strategies to fortify their defenses against these threats.","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55268],"conference_id":133,"event_ids":[55658],"name":"Matt Pawloski","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@mpawl)","sort_order":0,"url":"https://twitter.com/mpawl"}],"media":[],"id":55815}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T19:50:00.000-0000","id":55658,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55815}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Ascension","hotel":"","short_name":"Ascension","id":46504},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"With widespread zero trust security adoption there has also been more focus put into corporate controls. As a red teamer what this means is that bypassing EDR is not enough, you also need to think about application allowlisting, DLP solutions, Managed browsers, MDM profiles and custom DnR tooling. In this talk I will walkthrough Mac capabilities that corporate controls leverage, their limitations and features to build into your payload and payload delivery to circumvent these restrictions.\n\n\n","media":[],"title":"Bypassing Corporate controls on Mac Devices","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T19:50:00Z","end_timestamp":{"seconds":1723233000,"nanoseconds":0},"android_description":"With widespread zero trust security adoption there has also been more focus put into corporate controls. As a red teamer what this means is that bypassing EDR is not enough, you also need to think about application allowlisting, DLP solutions, Managed browsers, MDM profiles and custom DnR tooling. In this talk I will walkthrough Mac capabilities that corporate controls leverage, their limitations and features to build into your payload and payload delivery to circumvent these restrictions.","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55267],"conference_id":133,"event_ids":[55657],"name":"Ian Foster","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55814},{"content_ids":[55267],"conference_id":133,"event_ids":[55657],"name":"Adwiteeya Agrawal","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55816}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T19:50:00.000-0000","id":55657,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55816},{"tag_id":46167,"sort_order":4,"person_id":55814}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As more scrutiny is placed on the endpoint, threat actors are turning to DevOps and CI/CD platforms for initial access, escalation, and lateral movement. This workshop will showcase how these platforms can be used to pivot from on-prem to cloud, from cloud to on-prem, and how to push malicious code through pipelines to obtain additional access or establish persistence.\n\nAttendees will get hands-on and perform field-tested, OPSEC-conscious techniques against full CI/CD pipelines. Come add TTPs to your toolkit and see why DevOps is the target-rich environment modern adversaries are looking to exploit.\n\n\n","media":[],"title":"Abusing DevOps to Pivot Between Cloud and On-Prem","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T19:50:00Z","end_timestamp":{"seconds":1723233000,"nanoseconds":0},"android_description":"As more scrutiny is placed on the endpoint, threat actors are turning to DevOps and CI/CD platforms for initial access, escalation, and lateral movement. This workshop will showcase how these platforms can be used to pivot from on-prem to cloud, from cloud to on-prem, and how to push malicious code through pipelines to obtain additional access or establish persistence.\n\nAttendees will get hands-on and perform field-tested, OPSEC-conscious techniques against full CI/CD pipelines. Come add TTPs to your toolkit and see why DevOps is the target-rich environment modern adversaries are looking to exploit.","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55266],"conference_id":133,"event_ids":[55656],"name":"Tom Porter","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@porterhau5)","sort_order":0,"url":"https://twitter.com/porterhau5"}],"media":[],"id":55820},{"content_ids":[55266],"conference_id":133,"event_ids":[55656],"name":"Colbert Zhu","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55821}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T19:50:00.000-0000","id":55656,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55821},{"tag_id":46167,"sort_order":4,"person_id":55820}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hybrid Contest\r\nContest available online Friday 12:00 to Saturday 17:00\r\n\r\nThe BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”\n\n\n","media":[{"hash_sha256":"428e14f21b35d7673729fe64d1b505c806155472894b40ffe1ce7324527577b1","filetype":"image/png","hash_md5":"97e55dc0e441e94ee6f15b141155b4f9","name":"ct_bic-ctf.png","is_logo":"Y","hash_crc32c":"4ce34dd1","filesize":257047,"asset_id":628,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_bic-ctf.png"}],"title":"Blacks in Cyber CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Hybrid Contest\r\nContest available online Friday 12:00 to Saturday 17:00\r\n\r\nThe BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”","updated_timestamp":{"seconds":1721487832,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T15:03:52Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55574,"tag_ids":[46372,46426,46439],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-20T15:03:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hybrid Contest\r\nContest available online Friday 12:00 to Saturday 17:00\r\n\r\nThe BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”\n\n\n","media":[{"hash_sha256":"428e14f21b35d7673729fe64d1b505c806155472894b40ffe1ce7324527577b1","filetype":"image/png","hash_md5":"97e55dc0e441e94ee6f15b141155b4f9","name":"ct_bic-ctf.png","is_logo":"Y","hash_crc32c":"4ce34dd1","filesize":257047,"asset_id":628,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_bic-ctf.png"}],"title":"Blacks in Cyber CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Hybrid Contest\r\nContest available online Friday 12:00 to Saturday 17:00\r\n\r\nThe BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”","updated_timestamp":{"seconds":1721487832,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T15:03:52Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":55573,"tag_ids":[46372,46426,46439],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"Y","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-20T15:03:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The game is afoot! The curious case of Alice and Bob will explore beyond the surface of technical know-how. Attendees will navigate the intricate labyrinth of digital investigation, learning not just 'where' to seek digital clues – perhaps hidden in the registry – but crucially, 'why' these details matter and 'how' they fit into the larger puzzle of our investigation. Join me on a narrative adventure illuminating the practical use of tools in a real-world scenario. For both seasoned and aspiring digital sleuths, this talk aims to sharpen investigative skills, setting or recalibrating your expectations of what digital forensics can realistically achieve.\n\n\n","media":[],"title":"The Curious Case of Alice and Bob: What You Can (And Cannot!) Do as Digital Investigators","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"The game is afoot! The curious case of Alice and Bob will explore beyond the surface of technical know-how. Attendees will navigate the intricate labyrinth of digital investigation, learning not just 'where' to seek digital clues – perhaps hidden in the registry – but crucially, 'why' these details matter and 'how' they fit into the larger puzzle of our investigation. Join me on a narrative adventure illuminating the practical use of tools in a real-world scenario. For both seasoned and aspiring digital sleuths, this talk aims to sharpen investigative skills, setting or recalibrating your expectations of what digital forensics can realistically achieve.","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54652,55750],"conference_id":133,"event_ids":[56275,55025],"name":"Catherine J. Ullman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"University at Buffalo","title":"Principle Technology Architect, Security"}],"links":[],"pronouns":null,"media":[],"id":54297,"title":"Principle Technology Architect, Security at University at Buffalo"}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":55025,"tag_ids":[46385,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54297}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn the inner workings and vulnerabilities of mechanical combination safe locks! Safe manipulation is an underrated aspect of locksport and this talk will guide you through the ins and outs of how to do it.\n\n\n","media":[],"title":"Safecracking for Everyone","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Learn the inner workings and vulnerabilities of mechanical combination safe locks! Safe manipulation is an underrated aspect of locksport and this talk will guide you through the ins and outs of how to do it.","updated_timestamp":{"seconds":1720331869,"nanoseconds":0},"speakers":[{"content_ids":[54556,55503],"conference_id":133,"event_ids":[55932,54931],"name":"Jared Dygert","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54305}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:49Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":54931,"tag_ids":[46384,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54305}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Veilid Dev and Community Meetup","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T20:15:00Z","end_timestamp":{"seconds":1723234500,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1720307458,"nanoseconds":0},"speakers":[{"content_ids":[54448],"conference_id":133,"event_ids":[54821],"name":"The_Gibson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54129}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:58Z","links":[],"end":"2024-08-09T20:15:00.000-0000","id":54821,"tag_ids":[46166,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54129}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"One of the best parts of DEF CON is the glitz and glam of Vegas, the gambling capital of the world. Many have explored hacking casinos (on and off stage). Unfortunately, it’s just not like it is portrayed in the Oceans franchise.. in real life there’s much less action, no George Clooney, and it’s a lot harder to pull off a successful heist. \r\n\r\nFortunately I’m not your typical hacker, I’m an AI hacker. I use adversarial machine learning techniques to disrupt, deceive and disclose information from Artificial Intelligence systems. \r\n\r\nI chose my target carefully: Canberra Casino. It’s the best casino in my city.. It’s also the only casino but that’s not the point. \r\nThe casino industry is at an interesting inflection point. Many large casinos have already adopted AI for surveillance and gameplay monitoring, smaller casinos are starting to make the transition, and there’s only a couple of companies in the world that provide this software. It’s ripe for exploitation. \r\n\r\nIn this talk I’m going to show you how I bypassed Casino Canberra's AI systems - facial recognition, surveillance systems and gameplay monitoring. AI Security is the new cyber security threat, and attacks on AI systems could have broad implications including misdiagnoses in medical imaging, navigation errors in autonomous vehicles.. and successful casino heists.\r\n\r\n1. Standing Committee of the One Hundred Year Study of Artificial Intelligence. Gathering Strength,Gathering Storms: The One Hundred Year Study on Artificial Intelligence (AI100) 2021 Study Panel Report | One Hundred Year Study on Artificial Intelligence (AI100). Technical report, September 2021.\r\n2. Eva A. M. van Dis, Johan Bollen, Willem Zuidema, Robert van Rooij, and Claudi L. Bockting. ChatGPT: five priorities for research. Nature, 614(7947):224–226, February 2023. Bandiera abtest: a Cg type: Comment Number: 7947 Publisher: Nature Publishing Group Subject term: Com-puter science, Research management, Publishing, Machine learning.\r\n3. Mingfu Xue, Chengxiang Yuan, Heyi Wu, Yushu Zhang, and Weiqiang Liu. Machine Learn-ing Security: Threats, Countermeasures, and Evaluations. IEEE Access, 8:74720–74742, 2020.Conference Name: IEEE Access.\r\n4. NSCAI. The National Security Commission on Artificial Intelligence.\r\n5. Elisa Bertino, Murat Kantarcioglu, Cuneyt Gurcan Akcora, Sagar Samtani, Sudip Mittal, and Maanak Gupta. AI for Security and Security for AI. In Proceedings of the Eleventh ACM Confer-ence on Data and Application Security and Privacy, CODASPY ’21, pages 333–334, New York, NY, USA, April 2021. Association for Computing Machinery.\r\n5. Battista Biggio and Fabio Roli. Wild patterns: Ten years after the rise of adversarial machine learning. Pattern Recognition, 84:317–331, December 2018.\r\n6. Ian Goodfellow, Jonathon Shlens, and Christian Szegedy. Explaining and Harnessing Adversarial Examples. In International Conference on Learning Representations, 2015.\r\n7. Christian Szegedy, Wojciech Zaremba, Ilya Sutskever, Joan Bruna, Dumitru Erhan, Ian Goodfellow, and Rob Fergus. Intriguing properties of neural networks, February 2014. arXiv:1312.6199 [cs].\r\n8. Mahmood Sharif, Sruti Bhagavatula, Lujo Bauer, and Michael K. Reiter. Accessorize to a Crime: Real and Stealthy Attacks on State-of-the-Art Face Recognition. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS ’16, pages 1528–1540, New York, NY, USA, October 2016. Association for Computing Machinery.\r\n9. Tom Brown, Dandelion Mane, Aurko Roy, Martin Abadi, and Justin Gilmer. Adversarial Patch. 2017.\r\n10. US Marines Defeat DARPA Robot by Hiding Under a Cardboard Box | Extremetech.\r\n11. Walter David, Paolo Pappalepore, Alexandra Stefanova, and Brindusa Andreea Sarbu. AI-Powered Lethal Autonomous Weapon Systems in Defence Transformation. Impact and Chal-lenges. In Jan Mazal, Adriano Fagiolini, and Petr Vasik, editors, Modelling and Simulation for Autonomous Systems, Lecture Notes in Computer Science, pages 337–350, Cham, 2020. Springer International Publishing.\r\n12. C Wise and J Plested. Developing Imperceptible Adversarial Patches to Camouflage Military Assets From Computer Vision Enabled Technologies, May 2022. arXiv:2202.08892 cs..\r\n13. Anish Athalye, Nicholas Carlini, and David Wagner. Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples. In Proceedings of the 35th International Conference on Machine Learning, pages 274–283. PMLR, July 2018. ISSN: 2640-3498.\r\n14. Kevin Eykholt, Ivan Evtimov, Earlence Fernandes, Bo Li, Amir Rahmati, Chaowei Xiao, Atul Prakash, Tadayoshi Kohno, and Dawn Song. Robust Physical-World Attacks on Deep Learning Visual Classification. In 2018 IEEE/CVF Conference on Computer Vision and Pattern Recognition, pages 1625–1634, Salt Lake City, UT, USA, June 2018. IEEE.\r\n15. Ram Shankar Siva Kumar, Magnus Nystr ̈om, John Lambert, Andrew Marshall, Mario Goertzel, Andi Comissoneru, Matt Swann, and Sharon Xia. Adversarial Machine Learning-Industry Perspectives. In 2020 IEEE Security and Privacy Workshops (SPW), pages 69–75, May 2020.\r\n\n\n\n","media":[],"title":"On Your Ocean's 11 Team, I'm the AI Guy (technically Girl)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T19:45:00Z","end_timestamp":{"seconds":1723232700,"nanoseconds":0},"android_description":"One of the best parts of DEF CON is the glitz and glam of Vegas, the gambling capital of the world. Many have explored hacking casinos (on and off stage). Unfortunately, it’s just not like it is portrayed in the Oceans franchise.. in real life there’s much less action, no George Clooney, and it’s a lot harder to pull off a successful heist. \r\n\r\nFortunately I’m not your typical hacker, I’m an AI hacker. I use adversarial machine learning techniques to disrupt, deceive and disclose information from Artificial Intelligence systems. \r\n\r\nI chose my target carefully: Canberra Casino. It’s the best casino in my city.. It’s also the only casino but that’s not the point. \r\nThe casino industry is at an interesting inflection point. Many large casinos have already adopted AI for surveillance and gameplay monitoring, smaller casinos are starting to make the transition, and there’s only a couple of companies in the world that provide this software. It’s ripe for exploitation. \r\n\r\nIn this talk I’m going to show you how I bypassed Casino Canberra's AI systems - facial recognition, surveillance systems and gameplay monitoring. AI Security is the new cyber security threat, and attacks on AI systems could have broad implications including misdiagnoses in medical imaging, navigation errors in autonomous vehicles.. and successful casino heists.\r\n\r\n1. Standing Committee of the One Hundred Year Study of Artificial Intelligence. Gathering Strength,Gathering Storms: The One Hundred Year Study on Artificial Intelligence (AI100) 2021 Study Panel Report | One Hundred Year Study on Artificial Intelligence (AI100). Technical report, September 2021.\r\n2. Eva A. M. van Dis, Johan Bollen, Willem Zuidema, Robert van Rooij, and Claudi L. Bockting. ChatGPT: five priorities for research. Nature, 614(7947):224–226, February 2023. Bandiera abtest: a Cg type: Comment Number: 7947 Publisher: Nature Publishing Group Subject term: Com-puter science, Research management, Publishing, Machine learning.\r\n3. Mingfu Xue, Chengxiang Yuan, Heyi Wu, Yushu Zhang, and Weiqiang Liu. Machine Learn-ing Security: Threats, Countermeasures, and Evaluations. IEEE Access, 8:74720–74742, 2020.Conference Name: IEEE Access.\r\n4. NSCAI. The National Security Commission on Artificial Intelligence.\r\n5. Elisa Bertino, Murat Kantarcioglu, Cuneyt Gurcan Akcora, Sagar Samtani, Sudip Mittal, and Maanak Gupta. AI for Security and Security for AI. In Proceedings of the Eleventh ACM Confer-ence on Data and Application Security and Privacy, CODASPY ’21, pages 333–334, New York, NY, USA, April 2021. Association for Computing Machinery.\r\n5. Battista Biggio and Fabio Roli. Wild patterns: Ten years after the rise of adversarial machine learning. Pattern Recognition, 84:317–331, December 2018.\r\n6. Ian Goodfellow, Jonathon Shlens, and Christian Szegedy. Explaining and Harnessing Adversarial Examples. In International Conference on Learning Representations, 2015.\r\n7. Christian Szegedy, Wojciech Zaremba, Ilya Sutskever, Joan Bruna, Dumitru Erhan, Ian Goodfellow, and Rob Fergus. Intriguing properties of neural networks, February 2014. arXiv:1312.6199 [cs].\r\n8. Mahmood Sharif, Sruti Bhagavatula, Lujo Bauer, and Michael K. Reiter. Accessorize to a Crime: Real and Stealthy Attacks on State-of-the-Art Face Recognition. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS ’16, pages 1528–1540, New York, NY, USA, October 2016. Association for Computing Machinery.\r\n9. Tom Brown, Dandelion Mane, Aurko Roy, Martin Abadi, and Justin Gilmer. Adversarial Patch. 2017.\r\n10. US Marines Defeat DARPA Robot by Hiding Under a Cardboard Box | Extremetech.\r\n11. Walter David, Paolo Pappalepore, Alexandra Stefanova, and Brindusa Andreea Sarbu. AI-Powered Lethal Autonomous Weapon Systems in Defence Transformation. Impact and Chal-lenges. In Jan Mazal, Adriano Fagiolini, and Petr Vasik, editors, Modelling and Simulation for Autonomous Systems, Lecture Notes in Computer Science, pages 337–350, Cham, 2020. Springer International Publishing.\r\n12. C Wise and J Plested. Developing Imperceptible Adversarial Patches to Camouflage Military Assets From Computer Vision Enabled Technologies, May 2022. arXiv:2202.08892 cs..\r\n13. Anish Athalye, Nicholas Carlini, and David Wagner. Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples. In Proceedings of the 35th International Conference on Machine Learning, pages 274–283. PMLR, July 2018. ISSN: 2640-3498.\r\n14. Kevin Eykholt, Ivan Evtimov, Earlence Fernandes, Bo Li, Amir Rahmati, Chaowei Xiao, Atul Prakash, Tadayoshi Kohno, and Dawn Song. Robust Physical-World Attacks on Deep Learning Visual Classification. In 2018 IEEE/CVF Conference on Computer Vision and Pattern Recognition, pages 1625–1634, Salt Lake City, UT, USA, June 2018. IEEE.\r\n15. Ram Shankar Siva Kumar, Magnus Nystr ̈om, John Lambert, Andrew Marshall, Mario Goertzel, Andi Comissoneru, Matt Swann, and Sharon Xia. Adversarial Machine Learning-Industry Perspectives. In 2020 IEEE Security and Privacy Workshops (SPW), pages 69–75, May 2020.","updated_timestamp":{"seconds":1720382842,"nanoseconds":0},"speakers":[{"content_ids":[54612,54447,55880],"conference_id":133,"event_ids":[56465,54820,54986],"name":"Harriet Farlow","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Mileva Security Labs","title":"CEO"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/harriet-farlow-654963b7/"},{"description":"","title":"YouTube","sort_order":0,"url":"https://www.youtube.com/@HarrietHacks"},{"description":"","title":"www.harriethacks.com/","sort_order":0,"url":"https://www.harriethacks.com/"},{"description":"","title":"www.mileva.com.au/about-us","sort_order":0,"url":"https://www.mileva.com.au/about-us"}],"media":[],"id":54195,"title":"CEO at Mileva Security Labs"}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T20:07:22Z","links":[],"end":"2024-08-09T19:45:00.000-0000","id":54820,"tag_ids":[46166,46169,46419,46879],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54195}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-07T20:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This fireside chat will feature an in depth conversation between DNSA Neuberger and Dark Tangent on a variety of cybersecurity and emerging technology topics such as artificial intelligence and quantum computing. DNSA Neuberger has served in a variety of senior intelligence and cybersecurity roles within the National Security Agency, including Director of NSA’s cybersecurity organization and Deputy Director of NSA’s intelligence operations. She has also held multiple positions at the Department of Defense and the private sector, and now leads development of the Biden Administration’s policies on cybersecurity and emerging technologies from the White House. She and DT will delve into the latest and most pressing issues in these domains that concern the White House and how hackers can influence tech-related discussions to improve policy and operational outcomes.\n\n\n","media":[],"title":"Fireside Chat with DNSA Anne Neuberger","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T19:45:00Z","end_timestamp":{"seconds":1723232700,"nanoseconds":0},"android_description":"This fireside chat will feature an in depth conversation between DNSA Neuberger and Dark Tangent on a variety of cybersecurity and emerging technology topics such as artificial intelligence and quantum computing. DNSA Neuberger has served in a variety of senior intelligence and cybersecurity roles within the National Security Agency, including Director of NSA’s cybersecurity organization and Deputy Director of NSA’s intelligence operations. She has also held multiple positions at the Department of Defense and the private sector, and now leads development of the Biden Administration’s policies on cybersecurity and emerging technologies from the White House. She and DT will delve into the latest and most pressing issues in these domains that concern the White House and how hackers can influence tech-related discussions to improve policy and operational outcomes.","updated_timestamp":{"seconds":1720370589,"nanoseconds":0},"speakers":[{"content_ids":[54523,54446,54436,54542,54574],"conference_id":133,"event_ids":[54809,54819,54896,54949,54915],"name":"Jeff \"The Dark Tangent\" Moss","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DEF CON Communications","title":""}],"pronouns":null,"links":[{"description":"","title":"Mastodon (@thedarktangent@defcon.social)","sort_order":0,"url":"https://defcon.social/@thedarktangent"},{"description":"","title":"Twitter (@thedarktangent)","sort_order":0,"url":"https://twitter.com/thedarktangent"}],"media":[{"hash_sha256":"f53ed4086958b3703d597c50fe74eef1800cf474aa3d17c0895bf89d6c05716f","filetype":"image/jpeg","hash_md5":"8104a1f4b82a4241208b7f6b9112ebf2","name":"thedarktangent_avatar.jpeg","hash_crc32c":"4ae7af86","asset_id":689,"filesize":2064,"sort_order":1,"url":"https://info.defcon.org/blobs/thedarktangent_avatar.jpeg","person_id":52629}],"id":52629,"title":"DEF CON Communications"},{"content_ids":[54446],"conference_id":133,"event_ids":[54819],"name":"Anne Neuberger","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Deputy National Security Advisor for Cyber and Emerging Tech"}],"links":[],"pronouns":"she/her","media":[],"id":54073,"title":"Deputy National Security Advisor for Cyber and Emerging Tech"}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T16:43:09Z","links":[],"end":"2024-08-09T19:45:00.000-0000","id":54819,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54073},{"tag_id":46167,"sort_order":4,"person_id":52629}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-07T16:43:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"How well do *you* know your man pages? Find out by teaming up with up to 3 other people (or come solo and get matched up with some new friends) and play \"Aw, man...pages!\". Across several rounds, your knowledge of man pages will be tested to the limit. Can you remember what command line flag is being described by its help text? Can you identify a tool just from a man page snippet? Can you provide the long-form flag when only given the short? Will you prove yourself worthy to be crowned the man page champion?\n\n\n","media":[],"title":"Aw, man…pages!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"How well do *you* know your man pages? Find out by teaming up with up to 3 other people (or come solo and get matched up with some new friends) and play \"Aw, man...pages!\". Across several rounds, your knowledge of man pages will be tested to the limit. Can you remember what command line flag is being described by its help text? Can you identify a tool just from a man page snippet? Can you provide the long-form flag when only given the short? Will you prove yourself worthy to be crowned the man page champion?","updated_timestamp":{"seconds":1719553672,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T05:47:52Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249418"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249417"}],"end":"2024-08-09T20:00:00.000-0000","id":54609,"tag_ids":[46427,46439,46490],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46334,"name":"LVCC - L1 - North Lobby Contests/ACK Stage","hotel":"","short_name":"North Lobby Contests/ACK Stage","id":46332},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-06-28T05:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Serberus is a serial Man-in-the-Middle hardware hacking tool designed to connect to embedded devices . It has 4 channels and has headers to interface with up to 3 UARTs simultaneously and also has the ability to connect to JTAG, SPI, I2C and SWD interfaces. During this talk I will introduce the Serberus and what makes it different than other, similar tools. It has a level shifter and switch to allow you to connect to logic voltages of 1.8, 2.5 and 3.3v or any arbitrary voltage between 1.65v and 5.5v, matching that of your target. The Serberus is unique in that it was designed to use open source tools like the Akheron proxy in order to MitM serial communications. I will demonstrate the Serberus connecting to a wifi router, to a JTAG, I2C or SPI target and I will also show the MitM capabilities on the serial connection between an aircraft transponder and its avionics system. The Serberus project is free and open source with all board layouts, gerbers and schematics published.\n\n\n","media":[],"title":"Serberus","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"The Serberus is a serial Man-in-the-Middle hardware hacking tool designed to connect to embedded devices . It has 4 channels and has headers to interface with up to 3 UARTs simultaneously and also has the ability to connect to JTAG, SPI, I2C and SWD interfaces. During this talk I will introduce the Serberus and what makes it different than other, similar tools. It has a level shifter and switch to allow you to connect to logic voltages of 1.8, 2.5 and 3.3v or any arbitrary voltage between 1.65v and 5.5v, matching that of your target. The Serberus is unique in that it was designed to use open source tools like the Akheron proxy in order to MitM serial communications. I will demonstrate the Serberus connecting to a wifi router, to a JTAG, I2C or SPI target and I will also show the MitM capabilities on the serial connection between an aircraft transponder and its avionics system. The Serberus project is free and open source with all board layouts, gerbers and schematics published.","updated_timestamp":{"seconds":1718922462,"nanoseconds":0},"speakers":[{"content_ids":[54180],"conference_id":133,"event_ids":[54549],"name":"Patrick Kiley","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Mandiant","title":"Principal Consultant"}],"links":[],"pronouns":null,"media":[],"id":53766,"title":"Principal Consultant at Mandiant"}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:27:42Z","links":[{"label":"Project","type":"link","url":"https://github.com/pk-mdt/Serberus"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249614"}],"end":"2024-08-09T20:45:00.000-0000","id":54549,"tag_ids":[46169,46441,46449],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53766}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W308","hotel":"","short_name":"W308","id":46321},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-06-20T22:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Paraweb empowers people to publish and surf invisibly on a World Wide Web without the telltale traffic patterns that can betray our use of Tor and VPNs to network monitors. Paraweb is a wide-area hypermedia information retrieval initiative that combines steganography and open Web 1.0-inspired protocols to hijack and embed itself as a parasitic communications network inside existing social network websites like Tumblr, Instagram, and Reddit. Paraweb publishers can steganographically encode HTML-based, para-hyperlinked sites within innocuous media, then post those media on social network sites indistinguishably from benign content creators. Paraweb surfers can traverse these media as benign social network users, decoding the contents of para-sites as they appear normally in their searches, traversals, and feeds. Paraweb traffic is designed to blend indistinguishably with normal Web 2.0 and social network traffic, enabling Paraweb netizens to “hide in plain sight.” Paraweb’s loose and open-source combination of steganography and web-based protocols extends the hard-shell defenses of the encrypted web to the realms of deniability and stealth.\n\n\n","media":[],"title":"The World Wide Paraweb","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"Paraweb empowers people to publish and surf invisibly on a World Wide Web without the telltale traffic patterns that can betray our use of Tor and VPNs to network monitors. Paraweb is a wide-area hypermedia information retrieval initiative that combines steganography and open Web 1.0-inspired protocols to hijack and embed itself as a parasitic communications network inside existing social network websites like Tumblr, Instagram, and Reddit. Paraweb publishers can steganographically encode HTML-based, para-hyperlinked sites within innocuous media, then post those media on social network sites indistinguishably from benign content creators. Paraweb surfers can traverse these media as benign social network users, decoding the contents of para-sites as they appear normally in their searches, traversals, and feeds. Paraweb traffic is designed to blend indistinguishably with normal Web 2.0 and social network traffic, enabling Paraweb netizens to “hide in plain sight.” Paraweb’s loose and open-source combination of steganography and web-based protocols extends the hard-shell defenses of the encrypted web to the realms of deniability and stealth.","updated_timestamp":{"seconds":1718922411,"nanoseconds":0},"speakers":[{"content_ids":[54177],"conference_id":133,"event_ids":[54546],"name":"Nathan Sidles","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53763}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:26:51Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249613"},{"label":"Project","type":"link","url":"https://www.paraweb.io/"}],"end":"2024-08-09T20:45:00.000-0000","id":54546,"tag_ids":[46169,46441],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53763}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W307","hotel":"","short_name":"W307","id":46322},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-06-20T22:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Skynet is an AI project (just kidding.) It is meant to be a sort of unified theory of detection, enabling us to plot any detection artifact types on screen around an entity and decision them faster and more accurately. While plotting alert sets, attack trees, and kill chains has been done, for the presentation of alert sets and cases, we are planning to use graphing as the primary presentation, triage and decisioning mechanism, at scale, using a novel combination of heuristics and machine learning. It is an alert manager made by users, for users.\n\n\n","media":[],"title":"Skynet","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"Skynet is an AI project (just kidding.) It is meant to be a sort of unified theory of detection, enabling us to plot any detection artifact types on screen around an entity and decision them faster and more accurately. While plotting alert sets, attack trees, and kill chains has been done, for the presentation of alert sets and cases, we are planning to use graphing as the primary presentation, triage and decisioning mechanism, at scale, using a novel combination of heuristics and machine learning. It is an alert manager made by users, for users.","updated_timestamp":{"seconds":1718922358,"nanoseconds":0},"speakers":[{"content_ids":[54174],"conference_id":133,"event_ids":[54543],"name":"Craig Chamberlain","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53731},{"content_ids":[54174],"conference_id":133,"event_ids":[54543],"name":"Rewanth Tammana","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53770}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:25:58Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249612"}],"end":"2024-08-09T20:45:00.000-0000","id":54543,"tag_ids":[46169,46441,46445],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53731},{"tag_id":46167,"sort_order":4,"person_id":53770}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W306","hotel":"","short_name":"W306","id":46323},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-06-20T22:25:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Tengu Marauder, derived from a previous security drone project, is a portable wheeled robot equipped with an ESP32 Marauder, currently in its testing phase. Designed for simplicity and efficiency, the Tengu Marauder serves as an alternative and interactive tool for WiFi network security testing. Its capabilities include WiFi scanning, deauthentication attacks, packet sniffing, and other wireless security tests. The compact design ensures ease of construction and maintenance using readily available parts and straightforward code integration. Essentially an advanced RC robot, the Tengu Marauder operates headless via XBee, providing a fun and engaging platform for testing the security of network-controlled devices over WiFi, such as IoT smart home devices and smaller WiFi-controlled drones like the Ryze Tello. This project would not have been possible without the development help, test runs, and support from the Philadelphia RAICES organization, the Philadelphia DEFCON group, and DeciSym.AI.\n\n\n","media":[],"title":"Tengu Marauder","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"The Tengu Marauder, derived from a previous security drone project, is a portable wheeled robot equipped with an ESP32 Marauder, currently in its testing phase. Designed for simplicity and efficiency, the Tengu Marauder serves as an alternative and interactive tool for WiFi network security testing. Its capabilities include WiFi scanning, deauthentication attacks, packet sniffing, and other wireless security tests. The compact design ensures ease of construction and maintenance using readily available parts and straightforward code integration. Essentially an advanced RC robot, the Tengu Marauder operates headless via XBee, providing a fun and engaging platform for testing the security of network-controlled devices over WiFi, such as IoT smart home devices and smaller WiFi-controlled drones like the Ryze Tello. This project would not have been possible without the development help, test runs, and support from the Philadelphia RAICES organization, the Philadelphia DEFCON group, and DeciSym.AI.","updated_timestamp":{"seconds":1718922301,"nanoseconds":0},"speakers":[{"content_ids":[54171],"conference_id":133,"event_ids":[54540],"name":"Leonardo Serrano","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53750},{"content_ids":[54171],"conference_id":133,"event_ids":[54540],"name":"Lexie Thach","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53752}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:25:01Z","links":[{"label":"Project","type":"link","url":"https://github.com/Lexicon121/Tengu-Marauder "},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249611"}],"end":"2024-08-09T20:45:00.000-0000","id":54540,"tag_ids":[46169,46441,46447,46449,46457,46458,46459],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53750},{"tag_id":46167,"sort_order":4,"person_id":53752}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W305","hotel":"","short_name":"W305","id":46324},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-06-20T22:25:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"BypassIT is a framework for covert delivery of malware, using AutoIT, AutoHotKey, and other Live off the Land (LotL) tools to deliver payloads and avoid detection. These techniques were derived from reversing attacks observed in the wild by DarkGate and other MaaS actors, revealing universal principles and methods useful for red teaming or internal testing. The framework will consist of a series of tools, techniques, and methods along with testing and reporting on effectiveness, as it relates to evading multiple specific antivirus products.\n\n\n","media":[],"title":"BypassIT - Using AutoIT & Similar Tools for Covert Payload Delivery","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"BypassIT is a framework for covert delivery of malware, using AutoIT, AutoHotKey, and other Live off the Land (LotL) tools to deliver payloads and avoid detection. These techniques were derived from reversing attacks observed in the wild by DarkGate and other MaaS actors, revealing universal principles and methods useful for red teaming or internal testing. The framework will consist of a series of tools, techniques, and methods along with testing and reporting on effectiveness, as it relates to evading multiple specific antivirus products.","updated_timestamp":{"seconds":1718922236,"nanoseconds":0},"speakers":[{"content_ids":[54168],"conference_id":133,"event_ids":[54537],"name":"Ezra Woods","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Arizona","title":"Information Security Analyst, Department of Economic Security"}],"links":[],"pronouns":null,"media":[],"id":53736,"title":"Information Security Analyst, Department of Economic Security at Arizona"},{"content_ids":[54168],"conference_id":133,"event_ids":[54537],"name":"Mike Manrod","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Grand Canyon Education","title":"Chief Information Security Officer"}],"links":[],"pronouns":null,"media":[],"id":53761,"title":"Chief Information Security Officer at Grand Canyon Education"}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:23:56Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249610"}],"end":"2024-08-09T20:45:00.000-0000","id":54537,"tag_ids":[46169,46441,46445,46450,46453],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53736},{"tag_id":46167,"sort_order":4,"person_id":53761}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W304","hotel":"","short_name":"W304","id":46325},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-06-20T22:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Penetration testing tools often face limitations such as IP blocking, insufficient computing power, and time constraints. However, by executing these tests across a distributed network of hundreds of devices, these challenges can be overcome. Organizing such a large-scale attack efficiently is complex, as the number of nodes increases, so does the difficulty in orchestration and management. distribRuted provides the necessary infrastructure and orchestration for distributed attacks. This framework allows developers to easily create and execute specific distributed attacks using standard application modules. Users can develop their attack modules or utilize pre-existing ones from the community. With distribRuted, automating, managing, and tracking a distributed attack across hundreds of nodes becomes straightforward, thereby enhancing efficiency, reducing time and costs, and eliminating Single Point of Failure (SPoF) in penetration testing.\n\n\n","media":[],"title":"distribRuted - Distributed Attack Framework","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"Penetration testing tools often face limitations such as IP blocking, insufficient computing power, and time constraints. However, by executing these tests across a distributed network of hundreds of devices, these challenges can be overcome. Organizing such a large-scale attack efficiently is complex, as the number of nodes increases, so does the difficulty in orchestration and management. distribRuted provides the necessary infrastructure and orchestration for distributed attacks. This framework allows developers to easily create and execute specific distributed attacks using standard application modules. Users can develop their attack modules or utilize pre-existing ones from the community. With distribRuted, automating, managing, and tracking a distributed attack across hundreds of nodes becomes straightforward, thereby enhancing efficiency, reducing time and costs, and eliminating Single Point of Failure (SPoF) in penetration testing.","updated_timestamp":{"seconds":1718922174,"nanoseconds":0},"speakers":[{"content_ids":[54165],"conference_id":133,"event_ids":[54534],"name":"Ismail Melih Tas","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"VP in Application Security"},{"organization":"VulnHero","title":"Founder and CEO"},{"organization":"Siber Ninja","title":"Founder and CEO"}],"links":[],"pronouns":null,"media":[],"id":53740,"title":"Founder and CEO at Siber Ninja"},{"content_ids":[54165],"conference_id":133,"event_ids":[54534],"name":"Numan Ozdemir","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Cybersecurity Researcher and Computer Programmer"}],"links":[],"pronouns":null,"media":[],"id":53764,"title":"Cybersecurity Researcher and Computer Programmer"}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:22:54Z","links":[{"label":"Project","type":"link","url":"https://distribruted.com"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249609"}],"end":"2024-08-09T20:45:00.000-0000","id":54534,"tag_ids":[46169,46441,46446,46453,46460],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53740},{"tag_id":46167,"sort_order":4,"person_id":53764}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W303","hotel":"","short_name":"W303","id":46326},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-06-20T22:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cult of the Dead Cow and Hackers.Town are bringing you a meet and greet and chat session about Veilid Framework. Come by, say hi, talk shop, let’s see each other in person and have a little fun! Veilid Foundation directors and many of the primary contributors will be there to share progress over the last year. Come by and help us to restore the future and ensure the privacy of the internet for generations to come!\n\n\n","media":[{"hash_sha256":"1cce0efcba77ccb9db77b14e465b4e60bcba5661f640606e368116cf449d54b3","filetype":"image/png","hash_md5":"70a665f9777940174c0ff2c42e9f0870","name":"pme_veilid.png","is_logo":"Y","hash_crc32c":"d8ef9fd5","filesize":30996,"asset_id":687,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_veilid.png"}],"title":"Veilid Dev and Community Meetup","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-09T20:30:00Z","end_timestamp":{"seconds":1723235400,"nanoseconds":0},"android_description":"Cult of the Dead Cow and Hackers.Town are bringing you a meet and greet and chat session about Veilid Framework. Come by, say hi, talk shop, let’s see each other in person and have a little fun! Veilid Foundation directors and many of the primary contributors will be there to share progress over the last year. Come by and help us to restore the future and ensure the privacy of the internet for generations to come!","updated_timestamp":{"seconds":1718812658,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T15:57:38Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249521"},{"label":"More Info","type":"link","url":"https://veilid.com/"}],"end":"2024-08-09T20:30:00.000-0000","id":54507,"tag_ids":[46364,46882],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-06-19T15:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00\n\n\n","media":[],"title":"Friends of Bill W","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00","updated_timestamp":{"seconds":1718771079,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T04:24:39Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249486"}],"end":"2024-08-09T20:00:00.000-0000","id":54485,"tag_ids":[46364,46401],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W301","hotel":"","short_name":"W301","id":46295},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-06-19T04:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In 2021, Georgia’s voting system suffered the most severe security\nbreach known in US history when partisan operatives entered the\nelection offices in Coffee County, a small county in south Georgia,\nand took forensic images of all components of the voting system.\nAnd because Georgia uses one voting system statewide, the\nsoftware stolen from Coffee is the same in use across the state.\nRemarkably, even though the crimes were caught on surveillance\ncamera, the security breach did not come to light until 15 months\nlater, when the plaintiffs in the civil litigation, Curling v.\nRaffensperger uncovered not just the surveillance camera footage,\nbut emails, documents and contracts that showed this was an\nextensive and coordinated plot to unlawfully take voting software\nfrom Georgia and other states too.\nDespite the extensive evidentiary record the plaintiffs have\ndeveloped, neither the local DA or the state Attorney General\nsought to charge these crimes. However, Fulton County District\nAttorney Fani Willis included computer trespass, computer identity\ntheft and computer theft alleged in Coffee County as predicate\ncrimes in her RICO indictment, charging four individuals specifically\nwith that element of the conspiracy. Two of those charged, Sidney\nPowell and Scott Hall, have pleaded guilty.\nThis panel will explain how these events took place, and how they\nwere uncovered, not by the Secretary of State, other election\nofficials or federal or Georgia law enforcement; but by a small\nnon-profit and its fellow plaintiffs and attorneys in civil litigation. The\npresentation will also discuss how these events are connected to\nother voting system software breaches in other states, and what\nthis could mean for the 2024 elections and beyond.\n\n\n","media":[],"title":"How to Steal Voting Software and Get Away With It","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:45:00Z","end_timestamp":{"seconds":1723232700,"nanoseconds":0},"android_description":"In 2021, Georgia’s voting system suffered the most severe security\nbreach known in US history when partisan operatives entered the\nelection offices in Coffee County, a small county in south Georgia,\nand took forensic images of all components of the voting system.\nAnd because Georgia uses one voting system statewide, the\nsoftware stolen from Coffee is the same in use across the state.\nRemarkably, even though the crimes were caught on surveillance\ncamera, the security breach did not come to light until 15 months\nlater, when the plaintiffs in the civil litigation, Curling v.\nRaffensperger uncovered not just the surveillance camera footage,\nbut emails, documents and contracts that showed this was an\nextensive and coordinated plot to unlawfully take voting software\nfrom Georgia and other states too.\nDespite the extensive evidentiary record the plaintiffs have\ndeveloped, neither the local DA or the state Attorney General\nsought to charge these crimes. However, Fulton County District\nAttorney Fani Willis included computer trespass, computer identity\ntheft and computer theft alleged in Coffee County as predicate\ncrimes in her RICO indictment, charging four individuals specifically\nwith that element of the conspiracy. Two of those charged, Sidney\nPowell and Scott Hall, have pleaded guilty.\nThis panel will explain how these events took place, and how they\nwere uncovered, not by the Secretary of State, other election\nofficials or federal or Georgia law enforcement; but by a small\nnon-profit and its fellow plaintiffs and attorneys in civil litigation. The\npresentation will also discuss how these events are connected to\nother voting system software breaches in other states, and what\nthis could mean for the 2024 elections and beyond.","updated_timestamp":{"seconds":1723183538,"nanoseconds":0},"speakers":[{"content_ids":[56184],"conference_id":133,"event_ids":[56838],"name":"Anna Bower","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@annabower)","sort_order":0,"url":"https://twitter.com/annabower"},{"description":"","title":"Website","sort_order":0,"url":"https://www.lawfaremedia.org/contributors/abower"}],"media":[],"id":56562},{"content_ids":[56184],"conference_id":133,"event_ids":[56838],"name":"Marilyn Marks","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@MarilynRMarks1)","sort_order":0,"url":"https://twitter.com/MarilynRMarks1"},{"description":"","title":"Website","sort_order":0,"url":"https://www.netrootsnation.org/profile/marilyn-marks/"}],"media":[],"id":56575},{"content_ids":[56184],"conference_id":133,"event_ids":[56838],"name":"Rich DeMillo","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/richard-demillo"},{"description":"","title":"Twitter (@richde)","sort_order":0,"url":"https://twitter.com/richde"},{"description":"","title":"Website","sort_order":0,"url":"https://www.cc.gatech.edu/people/richard-demillo"}],"media":[],"id":56582},{"content_ids":[56183,56184],"conference_id":133,"event_ids":[56837,56838],"name":"Susan Greenhalgh","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/susan-greenhalgh-7078a9111"},{"description":"","title":"Twitter (@segreenhalgh)","sort_order":0,"url":"https://twitter.com/segreenhalgh"},{"description":"","title":"Website","sort_order":0,"url":"https://freespeechforpeople.org/susan-greenhalgh/"}],"media":[],"id":56584}],"begin_tsz":"2024-08-09T18:45:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:05:38Z","links":[],"end":"2024-08-09T19:45:00.000-0000","id":56838,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723229100,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":56584},{"tag_id":46487,"sort_order":4,"person_id":56562},{"tag_id":46487,"sort_order":6,"person_id":56582},{"tag_id":46487,"sort_order":8,"person_id":56575}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-09T18:45:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Are you curious about accessing and collecting triage data from Android devices? I was. This workshop is designed for the defender that doesn't know much about Android or how to access it to collect forensic triage data, but would like to understand the subject better. This workshop gives a solid foundation for accessing Android devices and collecting data from them. It will cover:\r\n\r\n* Installing and using an Android emulator\r\n* How does an Android emulator differ from an actual Android device\r\n* Using the Android Debug Bridge (ADB) to send commands to Android\r\n* Collecting triage data using ADB or natively on the Android device\r\n* Side loading and running a Linux executable on an Android device\r\n* Remote access to the Android native AChoirX collector over TCP\r\n* Collecting triage data both locally and remotely\r\n* Transferring the collected data using ADB, SFTP, and S3\r\n* Things to look out for. Android is very different from Windows, MacOS, and Linux\r\n* Limitations and caveats\r\n\r\nThis workshop requires Windows 10 or 11. We will install and play with Android Studio, install and play with ADB, and run AChoirX collections both remotely and locally. It is highly recommended that the student come to the workshop with Android Studio, ADB, and AChoirX already installed on their machine. We will make a small amount of time to install the software, but will not be able to troubleshoot any installation issues.\n\n\nAfter discovering that the Android Operating System commands nearly 44% of the total Operating Systems market (Windows is about 27%). I set about to see if the AChoirX triage collection program could run on it. Since Android is a Linux variant, and AChoirX already ran on Windows, MacOS, and Linux, it seemed very likely that I could make it work.\r\n\r\nIn a short time I went from knowing nearly nothing about Android to creating both a remote and local triage collector for Android. This workshop will walk the student through how I created both remote and local triage collection systems for Android. It does not cover analysis of the artifacts, but will cover how to collect data from an Android device (and the limitations) using Free and Open Source tools.","media":[],"title":"Adventures in Android Triage Collection","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T20:30:00Z","end_timestamp":{"seconds":1723235400,"nanoseconds":0},"android_description":"Are you curious about accessing and collecting triage data from Android devices? I was. This workshop is designed for the defender that doesn't know much about Android or how to access it to collect forensic triage data, but would like to understand the subject better. This workshop gives a solid foundation for accessing Android devices and collecting data from them. It will cover:\r\n\r\n* Installing and using an Android emulator\r\n* How does an Android emulator differ from an actual Android device\r\n* Using the Android Debug Bridge (ADB) to send commands to Android\r\n* Collecting triage data using ADB or natively on the Android device\r\n* Side loading and running a Linux executable on an Android device\r\n* Remote access to the Android native AChoirX collector over TCP\r\n* Collecting triage data both locally and remotely\r\n* Transferring the collected data using ADB, SFTP, and S3\r\n* Things to look out for. Android is very different from Windows, MacOS, and Linux\r\n* Limitations and caveats\r\n\r\nThis workshop requires Windows 10 or 11. We will install and play with Android Studio, install and play with ADB, and run AChoirX collections both remotely and locally. It is highly recommended that the student come to the workshop with Android Studio, ADB, and AChoirX already installed on their machine. We will make a small amount of time to install the software, but will not be able to troubleshoot any installation issues.\n\n\nAfter discovering that the Android Operating System commands nearly 44% of the total Operating Systems market (Windows is about 27%). I set about to see if the AChoirX triage collection program could run on it. Since Android is a Linux variant, and AChoirX already ran on Windows, MacOS, and Linux, it seemed very likely that I could make it work.\r\n\r\nIn a short time I went from knowing nearly nothing about Android to creating both a remote and local triage collector for Android. This workshop will walk the student through how I created both remote and local triage collection systems for Android. It does not cover analysis of the artifacts, but will cover how to collect data from an Android device (and the limitations) using Free and Open Source tools.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55755],"conference_id":133,"event_ids":[56280],"name":"Omenscan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56136}],"begin_tsz":"2024-08-09T18:45:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-09T20:30:00.000-0000","id":56280,"tag_ids":[46373,46734],"village_id":null,"begin_timestamp":{"seconds":1723229100,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56136}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W309 (BTV Track 2 Workshops)","hotel":"","short_name":"W309 (BTV Track 2 Workshops)","id":46473},"spans_timebands":"N","begin":"2024-08-09T18:45:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Explore the intricacies of time-based SQL injection through the lens of Operation GhostShell. This session delves into the methods used by attackers to exploit time delays for data extraction, highlighting real-world examples and the impact of these breaches on major universities. Attendees will gain a deep understanding of the technical aspects, see live demonstrations, and learn practical defense strategies to safeguard against such vulnerabilities. Perfect for security professionals seeking to enhance their knowledge of advanced SQLi techniques and mitigation.\n\n\n","media":[],"title":"Ticking SQLi","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:15:00Z","end_timestamp":{"seconds":1723230900,"nanoseconds":0},"android_description":"Explore the intricacies of time-based SQL injection through the lens of Operation GhostShell. This session delves into the methods used by attackers to exploit time delays for data extraction, highlighting real-world examples and the impact of these breaches on major universities. Attendees will gain a deep understanding of the technical aspects, see live demonstrations, and learn practical defense strategies to safeguard against such vulnerabilities. Perfect for security professionals seeking to enhance their knowledge of advanced SQLi techniques and mitigation.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55733],"conference_id":133,"event_ids":[56260],"name":"Iggy","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56120}],"begin_tsz":"2024-08-09T18:45:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T19:15:00.000-0000","id":56260,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723229100,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56120}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-09T18:45:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Book Signing Schedule\r\n\r\nFriday, August 9\r\n11:30 a.m. Tim Arnold, Black Hat Python, 2nd Edition\r\n12:00 p.m. Jack Rhysider from Darknet Diaries\r\n12:30 p.m. James Forshaw, Windows Security Internals \r\n1:30 p.m. Nick Aleks, Black Hat Bash [DEF CON edition] and Black Hat GraphQL\r\n2:30 p.m. Jim O'Gorman and Daniel Graham, Metasploit, 2nd Edition [DEF CON edition]\r\n3:30 p.m. Corey Ball, Hacking APIs\r\n4:30 p.m. Elonka Dunin and Klaus Schmeh, Codebreaking\r\n \r\nSaturday, August 10\r\n10:30 a.m. Travis Goodspeed, Microcontroller Exploitsand PoC||GTFO, Volumes 1, 2, and 3\r\n12:30 p.m. Micah Lee, Hacks, Leaks, and Revelations\r\n1:30 p.m. Jon DiMaggio, The Art of Cyberwarfare \r\n2:30 p.m. Matt Burrough and Jos Weyers, Locksport\r\n3:30 p.m. Chris Eagle and Kara Nance, The Ghidra Book\r\n4:30 p.m. Alex Matrosov, Rootkits and Bootkits\r\n \r\nSunday, August 11\r\n11:30 a.m. Beau Woods, Fotios Chantzis, and Paulino Calderon, Practical IoT Hacking\n\n\n","media":[],"title":"Book Signings","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-10T00:30:00Z","end_timestamp":{"seconds":1723249800,"nanoseconds":0},"android_description":"Book Signing Schedule\r\n\r\nFriday, August 9\r\n11:30 a.m. Tim Arnold, Black Hat Python, 2nd Edition\r\n12:00 p.m. Jack Rhysider from Darknet Diaries\r\n12:30 p.m. James Forshaw, Windows Security Internals \r\n1:30 p.m. Nick Aleks, Black Hat Bash [DEF CON edition] and Black Hat GraphQL\r\n2:30 p.m. Jim O'Gorman and Daniel Graham, Metasploit, 2nd Edition [DEF CON edition]\r\n3:30 p.m. Corey Ball, Hacking APIs\r\n4:30 p.m. Elonka Dunin and Klaus Schmeh, Codebreaking\r\n \r\nSaturday, August 10\r\n10:30 a.m. Travis Goodspeed, Microcontroller Exploitsand PoC||GTFO, Volumes 1, 2, and 3\r\n12:30 p.m. Micah Lee, Hacks, Leaks, and Revelations\r\n1:30 p.m. Jon DiMaggio, The Art of Cyberwarfare \r\n2:30 p.m. Matt Burrough and Jos Weyers, Locksport\r\n3:30 p.m. Chris Eagle and Kara Nance, The Ghidra Book\r\n4:30 p.m. Alex Matrosov, Rootkits and Bootkits\r\n \r\nSunday, August 11\r\n11:30 a.m. Beau Woods, Fotios Chantzis, and Paulino Calderon, Practical IoT Hacking","updated_timestamp":{"seconds":1723237021,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T20:57:01Z","links":[],"end":"2024-08-10T00:30:00.000-0000","id":56871,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-04 (Vendors East)","hotel":"","short_name":"HW4-04-04 (Vendors East)","id":46382},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-08-09T20:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is going to be a lightning talk covering three short aviation cybersecurity topics. 1) What is the attack surface of an airport 2) How plane hacking is represented in the movies 3) What it takes to resolve a 3 year disclosure process for an EFB.\n\n\n","media":[],"title":"Aviation cybersecurity lightning talk: Three topics in thirty minutes","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:00:00Z","end_timestamp":{"seconds":1723230000,"nanoseconds":0},"android_description":"This is going to be a lightning talk covering three short aviation cybersecurity topics. 1) What is the attack surface of an airport 2) How plane hacking is represented in the movies 3) What it takes to resolve a 3 year disclosure process for an EFB.","updated_timestamp":{"seconds":1723168589,"nanoseconds":0},"speakers":[{"content_ids":[54606,55837,56177],"conference_id":133,"event_ids":[56387,56831,54980],"name":"Ken Munro","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Pen Test Partners","title":"Partner and Founder"}],"links":[],"pronouns":null,"media":[],"id":54347,"title":"Partner and Founder at Pen Test Partners"}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T01:56:29Z","links":[],"end":"2024-08-09T19:00:00.000-0000","id":56831,"tag_ids":[46366,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54347}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-08-09T01:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn how DARPA's Signature Management using Operational Knowledge and Environments (SMOKE) program aims to develop data-driven tools to automate the planning and execution of emulated threat actor infrastructure needed for red team operations.\n\n\n","media":[],"title":"SMOKE: Signature Management using Operational Knowledge and Environments","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:50:00Z","end_timestamp":{"seconds":1723229400,"nanoseconds":0},"android_description":"Learn how DARPA's Signature Management using Operational Knowledge and Environments (SMOKE) program aims to develop data-driven tools to automate the planning and execution of emulated threat actor infrastructure needed for red team operations.","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[56127],"conference_id":133,"event_ids":[56770],"name":"Tejas Patel","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Defense Advanced Research Projects Agency (DARPA)","title":"Program Manager"}],"pronouns":"he/him","links":[{"description":"","title":"DARPA Profile","sort_order":0,"url":"https://www.darpa.mil/staff/mr-tejas-patel"},{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/thpatel"},{"description":"","title":"Mastodon (@thpatel@mastodon.social)","sort_order":0,"url":"@thpatel@mastodon.social"},{"description":"","title":"Twitter (@thpatelusa)","sort_order":0,"url":"https://twitter.com/thpatelusa"}],"media":[],"id":56524,"title":"Program Manager at Defense Advanced Research Projects Agency (DARPA)"}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-09T18:50:00.000-0000","id":56770,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56524}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"On December 12th, millions of Ukrainians trying to connect on Kyivstar's mobile and internet services were met with silence. The outage, it turned out, was no accident, but a carefully planned attack that had been brewing for months. One day later, a message saying “We take full responsibility for the cyber attack on Kyivstar” appeared on social media accounts belonging to a group calling itself ‘Solntsepek’. \n\n“We attacked Kyivstar because the company provides communications to the Armed Forces of Ukraine” the message continued. The Ukrainian users found themselves an audience of another hacking stunt in the ongoing war that started with the Russian invasion of Ukraine. Almost one month later, the pro-Ukraine hacker group “BlackJack” claimed to have breached the Russian internet provider M9com as revenge for the Kyivstar attack. \n\nThese attacks demonstrate a rising trend where groups, ostensibly state-sponsored yet posing as hacktivists, execute cyber and influence operations. This approach provides plausible deniability and an appearance of legitimacy, avoiding the direct implications of government involvement. These actors, often using various group names, leverage grassroots facades for anonymity and to minimize international backlash.\n\nBut what if the inflation in the trend is its weakest point? This is where yet another trendy topic comes in handy— Machine Learning (And yes, AI as well). We analyzed thousands of public messages from Hacktivist groups in Europe and the Middle East and combined classic Cyber threat-intelligence practices with modern ML models to learn about their motives over time and more importantly — tie some of these groups together and improve the way we do attribution when it comes to Hacktivism.\n\n\n","media":[],"title":"Hospitals, Airports, and Telcos — Modern Approach to Attributing Hacktivism Attacks","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:05:00Z","end_timestamp":{"seconds":1723230300,"nanoseconds":0},"android_description":"On December 12th, millions of Ukrainians trying to connect on Kyivstar's mobile and internet services were met with silence. The outage, it turned out, was no accident, but a carefully planned attack that had been brewing for months. One day later, a message saying “We take full responsibility for the cyber attack on Kyivstar” appeared on social media accounts belonging to a group calling itself ‘Solntsepek’. \n\n“We attacked Kyivstar because the company provides communications to the Armed Forces of Ukraine” the message continued. The Ukrainian users found themselves an audience of another hacking stunt in the ongoing war that started with the Russian invasion of Ukraine. Almost one month later, the pro-Ukraine hacker group “BlackJack” claimed to have breached the Russian internet provider M9com as revenge for the Kyivstar attack. \n\nThese attacks demonstrate a rising trend where groups, ostensibly state-sponsored yet posing as hacktivists, execute cyber and influence operations. This approach provides plausible deniability and an appearance of legitimacy, avoiding the direct implications of government involvement. These actors, often using various group names, leverage grassroots facades for anonymity and to minimize international backlash.\n\nBut what if the inflation in the trend is its weakest point? This is where yet another trendy topic comes in handy— Machine Learning (And yes, AI as well). We analyzed thousands of public messages from Hacktivist groups in Europe and the Middle East and combined classic Cyber threat-intelligence practices with modern ML models to learn about their motives over time and more importantly — tie some of these groups together and improve the way we do attribution when it comes to Hacktivism.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55896],"conference_id":133,"event_ids":[56483],"name":"Itay Cohen","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56264}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T19:05:00.000-0000","id":56483,"tag_ids":[46391,46511],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56264}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Broken Object Level Authorization (BOLA) is a prevalent vulnerability in modern APIs and web applications, ranked as the top risk in the OWASP API top 10 and the fourth most reported vulnerability type in HackerOne Global Top 10. The consequences of BOLA can be severe, from sensitive data exposure to a total loss of system control.\n\nWhile manually verifying or triggering known BOLAs is typically straightforward, automatically identifying the correct execution sequences and generating viable input values for testing BOLAs is challenging. The complexities of application and business logic, the wide range of input parameters, and the stateful nature of modern web applications all hinder existing static analysis tools from detecting unknown BOLAs.\n\nTo overcome these challenges, we leverage LLM’s reasoning and generative capabilities to automate tasks that were previously done manually. These tasks include understanding application logic, uncovering endpoint dependency relationships, generating test cases, and interpreting test results. When combined with heuristics, this AI-backed method enables fully automated BOLA detection at scale. We dub this research BOLABuster.\n\nAlthough BOLABuster is still in its early stages, it has already discovered multiple new vulnerabilities in open-source projects. In one instance, we submitted 15 CVEs for one project, some leading to critical privilege escalation. Our most recent disclosed vulnerability was CVE-2024-1313, a BOLA vulnerability in Grafana, an open-source project used by over 20 million users.\n\nWhen benchmarked against other state-of-the-art fuzzing tools using applications with known BOLAs, BOLABuster, on average, sends less than 1% of the API requests to a target server to uncover a BOLA.\n\nIn this talk, we will share our methodology and the lessons learned from our research. We invite you to join us to learn about our journey with AI and explore a new approach to conducting vulnerability research.\n\n\n","media":[],"title":"BOLABuster: Harnessing LLMs for Automating BOLA Detection","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:30:00Z","end_timestamp":{"seconds":1723231800,"nanoseconds":0},"android_description":"Broken Object Level Authorization (BOLA) is a prevalent vulnerability in modern APIs and web applications, ranked as the top risk in the OWASP API top 10 and the fourth most reported vulnerability type in HackerOne Global Top 10. The consequences of BOLA can be severe, from sensitive data exposure to a total loss of system control.\n\nWhile manually verifying or triggering known BOLAs is typically straightforward, automatically identifying the correct execution sequences and generating viable input values for testing BOLAs is challenging. The complexities of application and business logic, the wide range of input parameters, and the stateful nature of modern web applications all hinder existing static analysis tools from detecting unknown BOLAs.\n\nTo overcome these challenges, we leverage LLM’s reasoning and generative capabilities to automate tasks that were previously done manually. These tasks include understanding application logic, uncovering endpoint dependency relationships, generating test cases, and interpreting test results. When combined with heuristics, this AI-backed method enables fully automated BOLA detection at scale. We dub this research BOLABuster.\n\nAlthough BOLABuster is still in its early stages, it has already discovered multiple new vulnerabilities in open-source projects. In one instance, we submitted 15 CVEs for one project, some leading to critical privilege escalation. Our most recent disclosed vulnerability was CVE-2024-1313, a BOLA vulnerability in Grafana, an open-source project used by over 20 million users.\n\nWhen benchmarked against other state-of-the-art fuzzing tools using applications with known BOLAs, BOLABuster, on average, sends less than 1% of the API requests to a target server to uncover a BOLA.\n\nIn this talk, we will share our methodology and the lessons learned from our research. We invite you to join us to learn about our journey with AI and explore a new approach to conducting vulnerability research.","updated_timestamp":{"seconds":1722625241,"nanoseconds":0},"speakers":[{"content_ids":[55702,55877],"conference_id":133,"event_ids":[56244,56462],"name":"Ravid Mazon","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56081},{"content_ids":[55702,55877],"conference_id":133,"event_ids":[56244,56462],"name":"Jay Chen","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56125}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:00:41Z","links":[],"end":"2024-08-09T19:30:00.000-0000","id":56462,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56081},{"tag_id":46167,"sort_order":4,"person_id":56125}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-08-02T19:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"User Behaviour Analytics are powerful predictors of both genuine and anomalous behaviour in payments. This talk will work through a few examples of payment fraud scenarios and is aimed at demonstrating the thought processes of computing effective indicators of fraud. This talk should be of interest to people interested in payments but also analysts using UEBA systems in cybersecurity.\n\n\n","media":[],"title":"User Behaviour Analytics in Payments","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:40:00Z","end_timestamp":{"seconds":1723232400,"nanoseconds":0},"android_description":"User Behaviour Analytics are powerful predictors of both genuine and anomalous behaviour in payments. This talk will work through a few examples of payment fraud scenarios and is aimed at demonstrating the thought processes of computing effective indicators of fraud. This talk should be of interest to people interested in payments but also analysts using UEBA systems in cybersecurity.","updated_timestamp":{"seconds":1722356433,"nanoseconds":0},"speakers":[{"content_ids":[55573],"conference_id":133,"event_ids":[56088],"name":"Karthik Tadinada","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Fortify Solutions","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":56038,"title":"Founder at Fortify Solutions"}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T16:20:33Z","links":[],"end":"2024-08-09T19:40:00.000-0000","id":56088,"tag_ids":[46386,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56038}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-07-30T16:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk, we explore privilege escalation mechanisms and paths within Oracle Cloud. Privilege escalation, the process by which an attacker gains elevated access and permissions beyond those intended by the cloud administrator, poses a significant threat in cloud environments and can significantly aid an attacker or pentester.\n\nOur discussion will focus on identifying privilege escalation paths, understanding how cloud administrators can misconfigure policies, and the methods attackers can use to exploit these vulnerabilities. Through carefully designed scenarios and real-world examples, attendees will learn to recognize signs of privilege escalation, thereby enhancing their security posture.\n\n\n","media":[],"title":"The Oracle Awakens: Demystifying Privilege Escalation in the cloud","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:10:00Z","end_timestamp":{"seconds":1723230600,"nanoseconds":0},"android_description":"In this talk, we explore privilege escalation mechanisms and paths within Oracle Cloud. Privilege escalation, the process by which an attacker gains elevated access and permissions beyond those intended by the cloud administrator, poses a significant threat in cloud environments and can significantly aid an attacker or pentester.\n\nOur discussion will focus on identifying privilege escalation paths, understanding how cloud administrators can misconfigure policies, and the methods attackers can use to exploit these vulnerabilities. Through carefully designed scenarios and real-world examples, attendees will learn to recognize signs of privilege escalation, thereby enhancing their security posture.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55479],"conference_id":133,"event_ids":[55908],"name":"Felipe Pr0teus","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Pr0teusBR","sort_order":0,"url":"https://Pr0teusBR"}],"media":[],"id":56002},{"content_ids":[55479],"conference_id":133,"event_ids":[55908],"name":"Lucas Cioffi","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56003}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T19:10:00.000-0000","id":55908,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56002},{"tag_id":46167,"sort_order":4,"person_id":56003}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"So you just picked up an RTL-SDR? HackRF? Not sure what to do with it or where to get started? This talk is nothing new or ground–breaking, rather a compilation and lessons learned into the world of software defined radios (SDRs), namely to solve challenges for the RF capture the flag. It will cover topics of SDR basics, hardware comparison and capabilities/limitations, software (focusing on Linux-based operating systems), and the tactics, techniques, and procedures to find your first RF CTF flag and get on the scoreboard. By the end, you will have enough tools and knowledge to start hunting for SDR flags in the ongoing capture the flag.\n\n\n","media":[],"title":"Software Defined Radio 101: Capturing Your First RFCTF Flag","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:25:00Z","end_timestamp":{"seconds":1723231500,"nanoseconds":0},"android_description":"So you just picked up an RTL-SDR? HackRF? Not sure what to do with it or where to get started? This talk is nothing new or ground–breaking, rather a compilation and lessons learned into the world of software defined radios (SDRs), namely to solve challenges for the RF capture the flag. It will cover topics of SDR basics, hardware comparison and capabilities/limitations, software (focusing on Linux-based operating systems), and the tactics, techniques, and procedures to find your first RF CTF flag and get on the scoreboard. By the end, you will have enough tools and knowledge to start hunting for SDR flags in the ongoing capture the flag.","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55446],"conference_id":133,"event_ids":[55871],"name":"bkobe","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@kobeski1906)","sort_order":0,"url":"https://twitter.com/kobeski1906"}],"media":[],"id":55985}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-09T19:25:00.000-0000","id":55871,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55985}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"SSTV - what the heck is slow scan TV and can you send cat memes with it? In this talk, hamster dives into the history, development and use of SSTV. From this, he will present the design for a wearable device to decode SSTV images and why he thought that was a good idea.\n\n\n","media":[],"title":"SSTV: How To Send Cat Memes Via Ham Radio","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:30:00Z","end_timestamp":{"seconds":1723231800,"nanoseconds":0},"android_description":"SSTV - what the heck is slow scan TV and can you send cat memes with it? In this talk, hamster dives into the history, development and use of SSTV. From this, he will present the design for a wearable device to decode SSTV images and why he thought that was a good idea.","updated_timestamp":{"seconds":1722185568,"nanoseconds":0},"speakers":[{"content_ids":[54615,55434],"conference_id":133,"event_ids":[55859,54989],"name":"Hamster","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Github","sort_order":0,"url":"https://github.com/hamster"},{"description":"","title":"Twitter (@hamster)","sort_order":0,"url":"https://twitter.com/hamster"}],"media":[],"id":54217}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T16:52:48Z","links":[],"end":"2024-08-09T19:30:00.000-0000","id":55859,"tag_ids":[46380,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54217}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W321","hotel":"","short_name":"W321","id":46337},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-07-28T16:52:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"While living off the land attacks have always been possible in industrial environments, a notable uptick has been reported recently between Volt Typhoon's five-plus year campaign and reports of attackers using unauthenticated industrial protocols to manipulate and impact industrial processes. This talk will explore past living off the land attacks in industrial environments, the differences in IT and OT living off the land attacks, and provide approaches to counter these attacks.\n\n\n","media":[],"title":"Invisible Invaders: Strategies to Combat Living Off the Land Techniques in ICS","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:55:00Z","end_timestamp":{"seconds":1723229700,"nanoseconds":0},"android_description":"While living off the land attacks have always been possible in industrial environments, a notable uptick has been reported recently between Volt Typhoon's five-plus year campaign and reports of attackers using unauthenticated industrial protocols to manipulate and impact industrial processes. This talk will explore past living off the land attacks in industrial environments, the differences in IT and OT living off the land attacks, and provide approaches to counter these attacks.","updated_timestamp":{"seconds":1722609175,"nanoseconds":0},"speakers":[{"content_ids":[55341],"conference_id":133,"event_ids":[55733],"name":"Dan Gunter","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Insane Cyber","title":"Founder and CEO"}],"links":[],"pronouns":null,"media":[],"id":55952,"title":"Founder and CEO at Insane Cyber"}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T14:32:55Z","links":[],"end":"2024-08-09T18:55:00.000-0000","id":55733,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55952}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-08-02T14:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk dives deep into the historical context of redlining, segregation, and the enduring legacy of unequal access to technology, particularly focusing on its impact on Black communities. It examines the concept of broadband deserts, highlighting geographic disparities and their economic ramifications. Furthermore, the talk explores how the lack of broadband access hinders economic opportunities for Black individuals, including limited exposure to the tech field and decreased participation in tech and cyber-related activities from a young age. By shedding light on these issues, the presentation aims to foster awareness and discussion on strategies to bridge the digital divide and promote equitable access to technology in marginalized communities.\n\n\n","media":[],"title":"From Redlining to Weblining: Examining Broadband Deserts and Racial Injustice","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:30:00Z","end_timestamp":{"seconds":1723231800,"nanoseconds":0},"android_description":"This talk dives deep into the historical context of redlining, segregation, and the enduring legacy of unequal access to technology, particularly focusing on its impact on Black communities. It examines the concept of broadband deserts, highlighting geographic disparities and their economic ramifications. Furthermore, the talk explores how the lack of broadband access hinders economic opportunities for Black individuals, including limited exposure to the tech field and decreased participation in tech and cyber-related activities from a young age. By shedding light on these issues, the presentation aims to foster awareness and discussion on strategies to bridge the digital divide and promote equitable access to technology in marginalized communities.","updated_timestamp":{"seconds":1721495162,"nanoseconds":0},"speakers":[{"content_ids":[55192],"conference_id":133,"event_ids":[55582],"name":"Dr. Fatou Sankare","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Security Researcher & Professor"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/fsankare"},{"description":"","title":"Mastodon (@theedataenthusiast@defcon.social)","sort_order":0,"url":"https://defcon.social/@theedataenthusiast"}],"media":[],"id":55789,"title":"Security Researcher & Professor"}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T17:06:02Z","links":[],"end":"2024-08-09T19:30:00.000-0000","id":55582,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55789}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-07-20T17:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"For the past few years, we have had multiple instances of sophisticated cyber attacks ranging from ransomware attacks to attacks propagated by state sponsored threat actors; targeting elections, organizations, critical infrastructure etc. Organizations have had to step up and compensate with additional security controls and resources. We are living in a phase where even the most secure organizations are not immune to targeted cyber threats, the landscape of cyber security is in the state of constant evolution, with everybody playing to catch up. \r\n\r\nThis panel has been structured to delve into the complex and evolving nature of cyber adversaries. Beginning with an overview of recent cyber-attacks, breaches, and targeted ransomware incidents. We will also examine the rising wave of state sponsored threat actors, while focusing on their sophisticated adversary tactics, techniques and procedures. \r\n\r\nThis panel will focus on why organizations with even the most advanced cyber defense tooling and more than capable resources are still affected by breaches and threat actors. Our panel of experts will discuss the reasons behind these incidents and provide Insights into effective response and contentment strategies. Conversation will explore the critical components of how efficiently respond to threats, contain, and remediate them. \r\n\r\nAdditionally, the panel will also touch upon how threat intel assisted adversarial attack simulation, offensive cyber security operations could be used as proactive measures in enhancing an organization’s defense posture, offering valuable insights into the mindset and methodologies of potential attackers. \r\n\n\n\n","media":[],"title":"Formidable Adversaries: Responding to Breaches, Ransomware, and State-Sponsored Threat Actors","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:30:00Z","end_timestamp":{"seconds":1723231800,"nanoseconds":0},"android_description":"For the past few years, we have had multiple instances of sophisticated cyber attacks ranging from ransomware attacks to attacks propagated by state sponsored threat actors; targeting elections, organizations, critical infrastructure etc. Organizations have had to step up and compensate with additional security controls and resources. We are living in a phase where even the most secure organizations are not immune to targeted cyber threats, the landscape of cyber security is in the state of constant evolution, with everybody playing to catch up. \r\n\r\nThis panel has been structured to delve into the complex and evolving nature of cyber adversaries. Beginning with an overview of recent cyber-attacks, breaches, and targeted ransomware incidents. We will also examine the rising wave of state sponsored threat actors, while focusing on their sophisticated adversary tactics, techniques and procedures. \r\n\r\nThis panel will focus on why organizations with even the most advanced cyber defense tooling and more than capable resources are still affected by breaches and threat actors. Our panel of experts will discuss the reasons behind these incidents and provide Insights into effective response and contentment strategies. Conversation will explore the critical components of how efficiently respond to threats, contain, and remediate them. \r\n\r\nAdditionally, the panel will also touch upon how threat intel assisted adversarial attack simulation, offensive cyber security operations could be used as proactive measures in enhancing an organization’s defense posture, offering valuable insights into the mindset and methodologies of potential attackers.","updated_timestamp":{"seconds":1720394908,"nanoseconds":0},"speakers":[{"content_ids":[54593,55984],"conference_id":133,"event_ids":[56606,54968],"name":"Ken Kato","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Omni Federal","title":"VP"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/devsecops-kkato/"},{"description":"","title":"Twitter (@CyberCalyx)","sort_order":0,"url":"https://x.com/CyberCalyx"}],"media":[],"id":54207,"title":"VP at Omni Federal"},{"content_ids":[54593,55984],"conference_id":133,"event_ids":[56606,54968],"name":"Abhijith “Abx” B R","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/abhijith-b-r/"},{"description":"","title":"Twitter (@abhijithbr)","sort_order":0,"url":"https://twitter.com/abhijithbr"},{"description":"","title":"adversaryvillage.org","sort_order":0,"url":"https://adversaryvillage.org"}],"media":[],"id":54209},{"content_ids":[54593],"conference_id":133,"event_ids":[54968],"name":"Adam \"_whatshisface\" Pennington","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"The MITRE Corporation","title":"Lead, ATT&CK"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/adamp/"},{"description":"","title":"Twitter (@_whatshisface)","sort_order":0,"url":"https://twitter.com/_whatshisface"}],"media":[],"id":54211,"title":"Lead, ATT&CK at The MITRE Corporation"},{"content_ids":[54593],"conference_id":133,"event_ids":[54968],"name":"Nikhil Mittal","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Altered Security","title":"Founder and Director"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@nikhil_mitt)","sort_order":0,"url":"https://x.com/nikhil_mitt"},{"description":"","title":"in.linkedin.com/in/mittalnikhil","sort_order":0,"url":"https://in.linkedin.com/in/mittalnikhil"}],"media":[],"id":54456,"title":"Founder and Director at Altered Security"},{"content_ids":[54593,55580],"conference_id":133,"event_ids":[56102,54968],"name":"Stryker","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Adversary Pursuit Group (APG)","title":"Head of Security Communications and Planning"}],"pronouns":"she/her","links":[{"description":"","title":"Website","sort_order":0,"url":"https://strykernostriking.com"}],"media":[],"id":56045,"title":"Head of Security Communications and Planning at Adversary Pursuit Group (APG)"}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T23:28:28Z","links":[],"end":"2024-08-09T19:30:00.000-0000","id":54968,"tag_ids":[46367,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54209},{"tag_id":46167,"sort_order":4,"person_id":54211},{"tag_id":46167,"sort_order":6,"person_id":54207},{"tag_id":46167,"sort_order":8,"person_id":54456},{"tag_id":46167,"sort_order":10,"person_id":56045}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-07-07T23:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Electronic conference badges are cool and everything, but they're A LOT of time, money, and effort including but not limited to hardware, software and art design, testing, manufacturing, testing, provisioning, and repairing.\r\n\r\nI'll share OpenTaxus, a relatively simple, cheap, mass-producible, and open-source badge design. We'll start out by looking at and understanding the design and implementation, highlighting the areas worth customizing (and which to leave as-s). I'll do a walkthrough of a few changes to customize the design - in KiCAD for hardware changes, and in CircuitPython for software changes.\r\n\r\nWe'll wrap up with some discussion of how to handle cost reduction to fit in a certain budget, manage badge logistics for events of different sizes, and warn about some of the many pitfalls that electronic badges suffer. You should walk away with the ability to customize a badge to be mass produced for your own event.\n\n\n","media":[],"title":"Custom, cheap, easy, and safe badges - without starting from scratch","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:30:00Z","end_timestamp":{"seconds":1723231800,"nanoseconds":0},"android_description":"Electronic conference badges are cool and everything, but they're A LOT of time, money, and effort including but not limited to hardware, software and art design, testing, manufacturing, testing, provisioning, and repairing.\r\n\r\nI'll share OpenTaxus, a relatively simple, cheap, mass-producible, and open-source badge design. We'll start out by looking at and understanding the design and implementation, highlighting the areas worth customizing (and which to leave as-s). I'll do a walkthrough of a few changes to customize the design - in KiCAD for hardware changes, and in CircuitPython for software changes.\r\n\r\nWe'll wrap up with some discussion of how to handle cost reduction to fit in a certain budget, manage badge logistics for events of different sizes, and warn about some of the many pitfalls that electronic badges suffer. You should walk away with the ability to customize a badge to be mass produced for your own event.","updated_timestamp":{"seconds":1720802405,"nanoseconds":0},"speakers":[{"content_ids":[54554],"conference_id":133,"event_ids":[54929],"name":"Joe \"securelyfitz\" FitzPatrick","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SecuringHardware.com","title":"Instructor and Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@securelyfitz)","sort_order":0,"url":"https://twitter.com/securelyfitz"}],"media":[],"id":54332,"title":"Instructor and Researcher at SecuringHardware.com"}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-12T16:40:05Z","links":[],"end":"2024-08-09T19:30:00.000-0000","id":54929,"tag_ids":[46169,46381,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54332}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-07-12T16:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Meet an attacking MySQL honepot which can “Attack the attackers”. In 2023 we have found a CVE (CVE-2023-21980) in MySQL that allows a rogue MySQL “server” to attack a client connecting to it; attack meaning RCE on the client side. Since then we were thinking on how to use it for good. One obvious application is to create a honeypot which will attack the attackers. In 2024 we have found another RCE in mysqldump utility (CVE-2024-21096), so we have created a rogue MySQL server and weaponized it with a chain of 3 vulnerabilities: 1/ arbitrary file read 2/ RCE from 2023 (CVE-2023- 21980) 3/ the new RCE (CVE-2024-21096). With this atomic honeypot we were able to discover 2 new attacks against MySQL server. Using arbitrary file read vulnerability in MySQL we were able to download and analyze the attackers' code and then execute an “attack against attackers” using a chain of exploits.\r\n\r\nCVE-2023-21980\r\nCVE-2024-21096\n\n\n","media":[],"title":"Atomic Honeypot: A MySQL Honeypot That Drops Shells","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T19:00:00Z","end_timestamp":{"seconds":1723230000,"nanoseconds":0},"android_description":"Meet an attacking MySQL honepot which can “Attack the attackers”. In 2023 we have found a CVE (CVE-2023-21980) in MySQL that allows a rogue MySQL “server” to attack a client connecting to it; attack meaning RCE on the client side. Since then we were thinking on how to use it for good. One obvious application is to create a honeypot which will attack the attackers. In 2024 we have found another RCE in mysqldump utility (CVE-2024-21096), so we have created a rogue MySQL server and weaponized it with a chain of 3 vulnerabilities: 1/ arbitrary file read 2/ RCE from 2023 (CVE-2023- 21980) 3/ the new RCE (CVE-2024-21096). With this atomic honeypot we were able to discover 2 new attacks against MySQL server. Using arbitrary file read vulnerability in MySQL we were able to download and analyze the attackers' code and then execute an “attack against attackers” using a chain of exploits.\r\n\r\nCVE-2023-21980\r\nCVE-2024-21096","updated_timestamp":{"seconds":1720374911,"nanoseconds":0},"speakers":[{"content_ids":[54467],"conference_id":133,"event_ids":[54840],"name":"Alexander Rubin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Amazon Web Services (AWS)","title":"Principal Security Engineer, leading RDS Red Team"}],"links":[],"pronouns":"he/him","media":[],"id":54107,"title":"Principal Security Engineer, leading RDS Red Team at Amazon Web Services (AWS)"},{"content_ids":[54467],"conference_id":133,"event_ids":[54840],"name":"Martin Rakhmanov","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Amazon Web Services (AWS)","title":"Senior Security Engineer, RDS Red Team"}],"links":[],"pronouns":null,"media":[],"id":54173,"title":"Senior Security Engineer, RDS Red Team at Amazon Web Services (AWS)"}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T17:55:11Z","links":[],"end":"2024-08-09T19:00:00.000-0000","id":54840,"tag_ids":[46166,46169,46419,46437,46438,46878],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54107},{"tag_id":46167,"sort_order":2,"person_id":54173}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-07-07T17:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Websites are riddled with timing oracles eager to divulge their innermost secrets. It's time we started listening to them.\r\n\r\nIn this session, I'll unleash novel attack concepts to coax out server secrets including masked misconfigurations, blind data-structure injection, hidden routes to forbidden areas, and a vast expanse of invisible attack-surface.\r\n\r\nThis is not a theoretical threat; every technique will be illustrated with multiple real-world case studies on diverse targets. Unprecedented advances have made these attacks both accurate and efficient; in the space of ten seconds you can now reliably detect a sub-millisecond differential with no prior configuration or 'lab conditions' required. In other words, I'm going to share timing attacks you can actually use.\r\n\r\nTo help, I'll equip you with a suite of battle-tested open-source tools enabling both hands-free automated exploitation, and custom attack scripting. I'll also share a little CTF to help you hone your new skillset.\r\n\r\nWant to take things further? I'll help you transform your own attack ideas from theory to reality, by sharing a methodology refined through testing countless concepts on thousands of websites. We've neglected this omnipresent and incredibly powerful side-channel for too long.\r\n\r\n- [link](https://www.usenix.org/conference/usenixsecurity20/presentation/van-goethem)\r\n- [link](https://portswigger.net/research/smashing-the-state-machine)\r\n\n\n\n","media":[],"title":"Listen to the whispers: web timing attacks that actually work","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T19:15:00Z","end_timestamp":{"seconds":1723230900,"nanoseconds":0},"android_description":"Websites are riddled with timing oracles eager to divulge their innermost secrets. It's time we started listening to them.\r\n\r\nIn this session, I'll unleash novel attack concepts to coax out server secrets including masked misconfigurations, blind data-structure injection, hidden routes to forbidden areas, and a vast expanse of invisible attack-surface.\r\n\r\nThis is not a theoretical threat; every technique will be illustrated with multiple real-world case studies on diverse targets. Unprecedented advances have made these attacks both accurate and efficient; in the space of ten seconds you can now reliably detect a sub-millisecond differential with no prior configuration or 'lab conditions' required. In other words, I'm going to share timing attacks you can actually use.\r\n\r\nTo help, I'll equip you with a suite of battle-tested open-source tools enabling both hands-free automated exploitation, and custom attack scripting. I'll also share a little CTF to help you hone your new skillset.\r\n\r\nWant to take things further? I'll help you transform your own attack ideas from theory to reality, by sharing a methodology refined through testing countless concepts on thousands of websites. We've neglected this omnipresent and incredibly powerful side-channel for too long.\r\n\r\n- [link](https://www.usenix.org/conference/usenixsecurity20/presentation/van-goethem)\r\n- [link](https://portswigger.net/research/smashing-the-state-machine)","updated_timestamp":{"seconds":1720461981,"nanoseconds":0},"speakers":[{"content_ids":[54444,55173],"conference_id":133,"event_ids":[55561,54817],"name":"James \"albinowax\" Kettle","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"PortSwigger","title":"Director of Research"}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@albinowax@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@albinowax"},{"description":"","title":"Twitter (@albinowax)","sort_order":0,"url":"https://twitter.com/albinowax"},{"description":"","title":"Website","sort_order":0,"url":"https://jameskettle.com/"}],"media":[],"id":54156,"title":"Director of Research at PortSwigger"}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:06:21Z","links":[],"end":"2024-08-09T19:15:00.000-0000","id":54817,"tag_ids":[46166,46169,46419,46437,46438,46880],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"Tool 🛠, Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54156}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-07-08T18:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Introduced in 2011, HID Global’s iCLASS SE solution is one of the world’s most widely-deployed Electronic Physical Access Control platforms. HID's iCLASS SE Readers are ubiquitous in electronic physical access control and used in most government agencies and Fortune 500 companies. The readers can be easily seen and identified in almost every form of mainstream media. Almost 13 years after iCLASS SE’s introduction, ground-breaking research and technical exploits will be disclosed publicly for the first time. \r\n\r\nIn this talk, we detail the process by which we reverse engineered the complex hardware and software chain of trust securing HID’s iCLASS SE platform. \r\n\r\nOver a seven-year research period, we analyzed hardware, firmware, and software elements the ecosystem, uncovering an unfortunate series of pitfalls and implementation defects. These flaws culminated in an attack chain that allowed for the recovery of sensitive cryptographic key material from secure elements, which have received CC EAL 5+ accreditation. This chain resulted in revealing some cryptographic keys to the kingdom. \r\n\r\nFinally, we provide comprehensive guidance on technical and operational mitigations for end customers to identify practical risks and reduce impact.\r\n\r\nInspirational (research done on previous generation system) \r\n\r\n- Heart of Darkness - Milosch Meriac [link](https://get.meriac.com/docs/HID-iCLASS-security.pdf) \r\n- Dismantling iClass and iClass Elite - Garcia, de Koning Gans, Verdult, & Meriac [link](https://www.cs.bham.ac.uk/~garciaf/publications/dismantling.iClass.pdf) \r\n\n\n\n","media":[],"title":"High Intensity Deconstruction: Chronicles of a Cryptographic Heist","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T19:45:00Z","end_timestamp":{"seconds":1723232700,"nanoseconds":0},"android_description":"Introduced in 2011, HID Global’s iCLASS SE solution is one of the world’s most widely-deployed Electronic Physical Access Control platforms. HID's iCLASS SE Readers are ubiquitous in electronic physical access control and used in most government agencies and Fortune 500 companies. The readers can be easily seen and identified in almost every form of mainstream media. Almost 13 years after iCLASS SE’s introduction, ground-breaking research and technical exploits will be disclosed publicly for the first time. \r\n\r\nIn this talk, we detail the process by which we reverse engineered the complex hardware and software chain of trust securing HID’s iCLASS SE platform. \r\n\r\nOver a seven-year research period, we analyzed hardware, firmware, and software elements the ecosystem, uncovering an unfortunate series of pitfalls and implementation defects. These flaws culminated in an attack chain that allowed for the recovery of sensitive cryptographic key material from secure elements, which have received CC EAL 5+ accreditation. This chain resulted in revealing some cryptographic keys to the kingdom. \r\n\r\nFinally, we provide comprehensive guidance on technical and operational mitigations for end customers to identify practical risks and reduce impact.\r\n\r\nInspirational (research done on previous generation system) \r\n\r\n- Heart of Darkness - Milosch Meriac [link](https://get.meriac.com/docs/HID-iCLASS-security.pdf) \r\n- Dismantling iClass and iClass Elite - Garcia, de Koning Gans, Verdult, & Meriac [link](https://www.cs.bham.ac.uk/~garciaf/publications/dismantling.iClass.pdf)","updated_timestamp":{"seconds":1720461961,"nanoseconds":0},"speakers":[{"content_ids":[54443],"conference_id":133,"event_ids":[54816],"name":"Babak Javadi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Red Team Alliance","title":"Co-Founder"},{"organization":"The CORE Group","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@babakjavadi)","sort_order":0,"url":"https://twitter.com/babakjavadi"}],"media":[],"id":54074,"title":"Founder at The CORE Group"},{"content_ids":[54443],"conference_id":133,"event_ids":[54816],"name":"Nick Draffen","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Product Security Architect"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@tcprst)","sort_order":0,"url":"https://twitter.com/tcprst"}],"media":[],"id":54083,"title":"Product Security Architect"},{"content_ids":[54443],"conference_id":133,"event_ids":[54816],"name":"Aaron Levy","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Clover","title":"Lead of Security Engineering"}],"links":[],"pronouns":null,"media":[],"id":54150,"title":"Lead of Security Engineering at Clover"}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:06:01Z","links":[],"end":"2024-08-09T19:45:00.000-0000","id":54816,"tag_ids":[46166,46169,46419,46437,46881],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":2,"person_id":54074},{"tag_id":46167,"sort_order":4,"person_id":54150},{"tag_id":46167,"sort_order":6,"person_id":54083}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-07-08T18:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There are many hurdles we have to solve before we can make Quantum Computing a part of our everyday lives. Yes, we need to work out how to build it, and what we're actually going to run on it, but ignore that for now: we also need to figure out how we program it.\r\n\r\nUp until now most quantum programming frameworks have been written in Python, and simply serialize to simplistic string-based representations that are sent over a REST API to cloud-connected quantum hardware. But this ignores the history of classical programming infrastructure, and the fact that no algorithm is purely quantum -- there is bound to be expensive and interwoven classical processing, and we need to take this into account.\r\n\r\nJosh will chat about how we are planning to bring quantum to the existing LLVM compiler toolchain, show what quantum programming and compilation looks like today (and in the future!), and how you might be able to help us build it.\n\n\n","media":[],"title":"How do we make LLVM quantum?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:15:00Z","end_timestamp":{"seconds":1723230900,"nanoseconds":0},"android_description":"There are many hurdles we have to solve before we can make Quantum Computing a part of our everyday lives. Yes, we need to work out how to build it, and what we're actually going to run on it, but ignore that for now: we also need to figure out how we program it.\r\n\r\nUp until now most quantum programming frameworks have been written in Python, and simply serialize to simplistic string-based representations that are sent over a REST API to cloud-connected quantum hardware. But this ignores the history of classical programming infrastructure, and the fact that no algorithm is purely quantum -- there is bound to be expensive and interwoven classical processing, and we need to take this into account.\r\n\r\nJosh will chat about how we are planning to bring quantum to the existing LLVM compiler toolchain, show what quantum programming and compilation looks like today (and in the future!), and how you might be able to help us build it.","updated_timestamp":{"seconds":1722626503,"nanoseconds":0},"speakers":[{"content_ids":[55842],"conference_id":133,"event_ids":[56429],"name":"Josh Isaac","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56219}],"begin_tsz":"2024-08-09T18:25:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:21:43Z","links":[],"end":"2024-08-09T19:15:00.000-0000","id":56429,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723227900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56219}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-09T18:25:00.000-0000","updated":"2024-08-02T19:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In today's dynamic cybersecurity landscape, organizations and security professionals are constantly seeking innovative approaches to enhance their defensive capabilities. One such approach involves leveraging cloud-native technologies to build a robust platform for security operations and capture the flag (CTF) events. By combining the power of Cilium, Arkime, and Amazon Elastic Kubernetes Service (EKS), you can create a comprehensive solution that empowers security teams with unprecedented visibility, observability, and control over their environments.\r\n\r\nEnhancing Security Operations from Layer 3 to Layer 7\r\nThis cloud-native platform integrates Cilium, Arkime, and EKS to provide a holistic view of network activities and potential threats from Layer 3 to Layer 7 of the OSI model. Cilium, leveraging eBPF (Extended Berkeley Packet Filter) technology, offers deep visibility into network traffic, enabling security teams to observe and analyze network flows from the Network layer to the Application layer. This allows for the detection of anomalous behavior and the enforcement of security policies at a granular level. Arkime complements this by providing large-scale packet capture and analysis, allowing security professionals to perform in-depth forensic analysis and threat hunting. By integrating Arkime with Cilium, security teams can seamlessly correlate network flows with packet data, offering a comprehensive understanding of network activities.\r\n\r\nScalability, Flexibility, and Community Collaboration\r\nAmazon EKS underpins this platform, providing a scalable and resilient infrastructure for deploying and managing Kubernetes clusters. This enables security teams to focus on core operations without worrying about the underlying infrastructure. The platform's scalability ensures it can handle large-scale CTF events or security incidents. During the Defcon Blue Team Village talk, attendees will learn about the integration and deployment process of this platform, including the challenges faced and solutions implemented. Post-conference, the platform will be released for public use, allowing the security community to leverage, contribute to, and enhance this innovative solution for their own security operations and CTF events. This collaborative effort aims to collectively advance the capabilities of cloud-native security platforms.\n\n\nIn today's dynamic cybersecurity landscape, organizations and security professionals are constantly seeking innovative approaches to enhance their defensive capabilities. One such approach involves leveraging cloud-native technologies to build a robust platform for security operations and capture the flag (CTF) events. By combining the power of Cilium, Arkime, and Amazon Elastic Kubernetes Service (EKS), you can create a comprehensive solution that empowers security teams with unprecedented visibility, observability, and control over their environments.","media":[],"title":"Cloud Native Security Platform for Defenders","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:15:00Z","end_timestamp":{"seconds":1723230900,"nanoseconds":0},"android_description":"In today's dynamic cybersecurity landscape, organizations and security professionals are constantly seeking innovative approaches to enhance their defensive capabilities. One such approach involves leveraging cloud-native technologies to build a robust platform for security operations and capture the flag (CTF) events. By combining the power of Cilium, Arkime, and Amazon Elastic Kubernetes Service (EKS), you can create a comprehensive solution that empowers security teams with unprecedented visibility, observability, and control over their environments.\r\n\r\nEnhancing Security Operations from Layer 3 to Layer 7\r\nThis cloud-native platform integrates Cilium, Arkime, and EKS to provide a holistic view of network activities and potential threats from Layer 3 to Layer 7 of the OSI model. Cilium, leveraging eBPF (Extended Berkeley Packet Filter) technology, offers deep visibility into network traffic, enabling security teams to observe and analyze network flows from the Network layer to the Application layer. This allows for the detection of anomalous behavior and the enforcement of security policies at a granular level. Arkime complements this by providing large-scale packet capture and analysis, allowing security professionals to perform in-depth forensic analysis and threat hunting. By integrating Arkime with Cilium, security teams can seamlessly correlate network flows with packet data, offering a comprehensive understanding of network activities.\r\n\r\nScalability, Flexibility, and Community Collaboration\r\nAmazon EKS underpins this platform, providing a scalable and resilient infrastructure for deploying and managing Kubernetes clusters. This enables security teams to focus on core operations without worrying about the underlying infrastructure. The platform's scalability ensures it can handle large-scale CTF events or security incidents. During the Defcon Blue Team Village talk, attendees will learn about the integration and deployment process of this platform, including the challenges faced and solutions implemented. Post-conference, the platform will be released for public use, allowing the security community to leverage, contribute to, and enhance this innovative solution for their own security operations and CTF events. This collaborative effort aims to collectively advance the capabilities of cloud-native security platforms.\n\n\nIn today's dynamic cybersecurity landscape, organizations and security professionals are constantly seeking innovative approaches to enhance their defensive capabilities. One such approach involves leveraging cloud-native technologies to build a robust platform for security operations and capture the flag (CTF) events. By combining the power of Cilium, Arkime, and Amazon Elastic Kubernetes Service (EKS), you can create a comprehensive solution that empowers security teams with unprecedented visibility, observability, and control over their environments.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55756],"conference_id":133,"event_ids":[56281],"name":"Dafinga","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56167}],"begin_tsz":"2024-08-09T18:15:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-09T19:15:00.000-0000","id":56281,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723227300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56167}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-09T18:15:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Richard Branson is oft quoted with the quip that the quickest way to become a millionaire in the Airline Industry is to start as a billionaire. An Industry constrained by high fixed capital costs, bi-lateral capacity treaties, airport slots and curfews, labour etc; Airlines use the practice of revenue management to fill planes, maximise earnings and keep competitors at bay. But you’re not interested in an economics talk – this is a hacker con. I’m here to provide a birds-eye view and introduction into how fares and ticketing work, debunking some myths while outlining system constraints and limitations that introduce vulnerabilities. As an outcome, attendees should gain an introductory understanding of airline industry pricing, published fares and terminology. With most blogged 'deals' patched quicker than RCEs, the deeper understanding of not what but how, facilitates a progression for those interested to interact on more specialised discussion forums.\n\n\n","media":[],"title":"An adversarial approach to Airline Revenue Management Proving Ground","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:30:00Z","end_timestamp":{"seconds":1723228200,"nanoseconds":0},"android_description":"Richard Branson is oft quoted with the quip that the quickest way to become a millionaire in the Airline Industry is to start as a billionaire. An Industry constrained by high fixed capital costs, bi-lateral capacity treaties, airport slots and curfews, labour etc; Airlines use the practice of revenue management to fill planes, maximise earnings and keep competitors at bay. But you’re not interested in an economics talk – this is a hacker con. I’m here to provide a birds-eye view and introduction into how fares and ticketing work, debunking some myths while outlining system constraints and limitations that introduce vulnerabilities. As an outcome, attendees should gain an introductory understanding of airline industry pricing, published fares and terminology. With most blogged 'deals' patched quicker than RCEs, the deeper understanding of not what but how, facilitates a progression for those interested to interact on more specialised discussion forums.","updated_timestamp":{"seconds":1723168573,"nanoseconds":0},"speakers":[{"content_ids":[56176],"conference_id":133,"event_ids":[56830],"name":"Craig Lester","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56559}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T01:56:13Z","links":[],"end":"2024-08-09T18:30:00.000-0000","id":56830,"tag_ids":[46366,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56559}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-08-09T01:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Put your skills to the test in this challenge and try to find all the vulnerabilities in the code. We have a wide range of challenges, from easy to advanced in various languages. Can you find them all?\n\n\n","media":[],"title":"Activity: Vulnerability Hunt - The Snippets Edition","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Put your skills to the test in this challenge and try to find all the vulnerabilities in the code. We have a wide range of challenges, from easy to advanced in various languages. Can you find them all?","updated_timestamp":{"seconds":1723007517,"nanoseconds":0},"speakers":[{"content_ids":[56163,56167],"conference_id":133,"event_ids":[56807,56811,56814,56823],"name":"Mário Leitão-Teixeira","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56550}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T05:11:57Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56823,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56550}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 1","hotel":"","short_name":"ASV Pod 1","id":46466},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-08-07T05:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Before you can deal with secrets sprawl, you first need to understand how deep the issue of plaintext secrets can be. Improperly stored and shared secrets are a problem beyond just the top layer of code you put in production. It affects feature branches, old commits, logs, and communication and collaboration tools.\r\n\r\nIn this exercise, you will be challenged to find all the secrets and then use a special tool to quickly validate the secrets and your work. Walk away from this exercise ready to apply the lessons learned to make your organization safer in no time.\n\n\n","media":[],"title":"Activity: Spot the Secrets: Finding Secrets Throughout Your Environments by GitGuardian","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Before you can deal with secrets sprawl, you first need to understand how deep the issue of plaintext secrets can be. Improperly stored and shared secrets are a problem beyond just the top layer of code you put in production. It affects feature branches, old commits, logs, and communication and collaboration tools.\r\n\r\nIn this exercise, you will be challenged to find all the secrets and then use a special tool to quickly validate the secrets and your work. Walk away from this exercise ready to apply the lessons learned to make your organization safer in no time.","updated_timestamp":{"seconds":1723007453,"nanoseconds":0},"speakers":[{"content_ids":[56165],"conference_id":133,"event_ids":[56809,56817,56818],"name":"mcdwayne","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56551}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T05:10:53Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56809,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56551}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 2","hotel":"","short_name":"ASV Pod 2","id":46467},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-08-07T05:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Find the reachable one! You’ve got 18x18 inch game board, 5 cards, 5 code weaknesses, and a 5-minute sand timer, ready, set, go! You'll have 5 minutes to place the cards in the correct order and find the true positive(s). The winner? Whoever finds the solution in the shortest amount of time!\n\n\n","media":[],"title":"Activity: Spot the Reachable by Backslash","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Find the reachable one! You’ve got 18x18 inch game board, 5 cards, 5 code weaknesses, and a 5-minute sand timer, ready, set, go! You'll have 5 minutes to place the cards in the correct order and find the true positive(s). The winner? Whoever finds the solution in the shortest amount of time!","updated_timestamp":{"seconds":1723007403,"nanoseconds":0},"speakers":[{"content_ids":[56164],"conference_id":133,"event_ids":[56808,56815,56816],"name":"Czesia Glik","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56548},{"content_ids":[56164],"conference_id":133,"event_ids":[56808,56815,56816],"name":"Yossi Pik","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Backslash Security","title":"CTO & Co-Founder"}],"links":[],"pronouns":null,"media":[],"id":56553,"title":"CTO & Co-Founder at Backslash Security"}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T05:10:03Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56808,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56548},{"tag_id":46167,"sort_order":4,"person_id":56553}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 3","hotel":"","short_name":"ASV Pod 3","id":46468},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-08-07T05:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Operational security (OpSec) is a cornerstone in red teaming, necessitating continuous refinement of tools and techniques to avoid detection. This workshop is designed for new red team operators and individuals seeking to enhance their offensive capabilities. It focuses on customizing the Impacket toolset—a collection of Python classes for working with network protocols—to improve OpSec during engagements. Impacket tools such as wmiexec, smbexec, and secretsdump are staples in the toolkit of any red teamer due to their versatility and power in gaining access and extracting sensitive data from Windows environments. However, their detectability has increased as defensive measures have become more sophisticated. This session proposes modifications to these tools to reduce their footprint and evade modern security defenses. Participants will explore various customization strategies, including altering network signatures, timing attacks to evade detection, and integrating stealthier authentication methods. Practical exercises will guide attendees through the process of modifying the Impacket scripts, demonstrating how these changes can significantly enhance operational security in simulated environments.\n\n\n","media":[],"title":"Modifying Impacket for Better OpSec","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Operational security (OpSec) is a cornerstone in red teaming, necessitating continuous refinement of tools and techniques to avoid detection. This workshop is designed for new red team operators and individuals seeking to enhance their offensive capabilities. It focuses on customizing the Impacket toolset—a collection of Python classes for working with network protocols—to improve OpSec during engagements. Impacket tools such as wmiexec, smbexec, and secretsdump are staples in the toolkit of any red teamer due to their versatility and power in gaining access and extracting sensitive data from Windows environments. However, their detectability has increased as defensive measures have become more sophisticated. This session proposes modifications to these tools to reduce their footprint and evade modern security defenses. Participants will explore various customization strategies, including altering network signatures, timing attacks to evade detection, and integrating stealthier authentication methods. Practical exercises will guide attendees through the process of modifying the Impacket scripts, demonstrating how these changes can significantly enhance operational security in simulated environments.","updated_timestamp":{"seconds":1722715708,"nanoseconds":0},"speakers":[{"content_ids":[55277,55985],"conference_id":133,"event_ids":[55667,56607],"name":"Ryan O'Donnell","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":"Senior Offensive Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/odonnell-ryan"},{"description":"","title":"Twitter (@odiesec)","sort_order":0,"url":"https://twitter.com/odiesec"}],"media":[],"id":55828,"title":"Senior Offensive Security Engineer at Microsoft"}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T20:08:28Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56607,"tag_ids":[46367,46734],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":55828}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-08-03T20:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Esta palestra apresenta um estudo de caso real onde técnicas de Red Team foram cruciais para identificar e prender uma quadrilha de fraudadores especializada em esquemas financeiros. A equipe de Red Team conduziu simulações de ataques controlados, explorando vulnerabilidades na segurança da organização alvo.\n\n\n","media":[],"title":"Prendendo Fraudadores utilizando Técnicas de Red Team","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:00:00Z","end_timestamp":{"seconds":1723230000,"nanoseconds":0},"android_description":"Esta palestra apresenta um estudo de caso real onde técnicas de Red Team foram cruciais para identificar e prender uma quadrilha de fraudadores especializada em esquemas financeiros. A equipe de Red Team conduziu simulações de ataques controlados, explorando vulnerabilidades na segurança da organização alvo.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55958],"conference_id":133,"event_ids":[56574],"name":"Gustavo Roberto","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Old Pirate"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/gustavorobertux/"},{"description":"","title":"Twitter (@gustavorobertux)","sort_order":0,"url":"https://x.com/gustavorobertux"}],"media":[],"id":56293,"title":"Old Pirate"}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-09T19:00:00.000-0000","id":56574,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56293}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Imagine GCHQ's CyberChef integrated in BurpSuite with live modification of requests at your fingertips. That's exactly what we had in mind when we built the Cyber Security Transformation Chef (CSTC) a few years ago. The CSTC is an extension to the popular BurpSuite Proxy built for experts working with web applications. It enables users to define recipes that are applied to outgoing or incoming HTTP requests/ responses automatically. Whatever quirks and specialties an application might challenge you with during an assessment, the CSTC has you covered. Furthermore, it allows to quickly apply custom formatting to a chosen message, if a more detailed analysis is needed\n\n\n","media":[],"title":"Arsenal: CyberChef like Automation within BurpSuite - Let's get cooking with the CSTC","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Imagine GCHQ's CyberChef integrated in BurpSuite with live modification of requests at your fingertips. That's exactly what we had in mind when we built the Cyber Security Transformation Chef (CSTC) a few years ago. The CSTC is an extension to the popular BurpSuite Proxy built for experts working with web applications. It enables users to define recipes that are applied to outgoing or incoming HTTP requests/ responses automatically. Whatever quirks and specialties an application might challenge you with during an assessment, the CSTC has you covered. Furthermore, it allows to quickly apply custom formatting to a chosen message, if a more detailed analysis is needed","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55732,54194],"conference_id":133,"event_ids":[56259,54563],"name":"Florian Haag","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"usd AG","title":"Managing Security Consultant"}],"links":[],"pronouns":null,"media":[],"id":53737,"title":"Managing Security Consultant at usd AG"},{"content_ids":[55732,54194],"conference_id":133,"event_ids":[56259,54563],"name":"Matthias Göhring","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"usd AG","title":"Security Consultant and Penetration Tester"}],"links":[],"pronouns":null,"media":[],"id":53759,"title":"Security Consultant and Penetration Tester at usd AG"}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56259,"tag_ids":[46169,46370,46438,46511],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"Tool 🛠, Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53759},{"tag_id":46167,"sort_order":6,"person_id":53737}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Arsenal 2","hotel":"","short_name":"ASV Arsenal 2","id":46470},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn from the ground up how to take over the execution of another process and make it do your bidding! This workshop teaches you the basic to intermediate levels of runtime intra-process hacking on Windows and POSIX systems covering injecting code into another process on windows (and an overview of how this could be done on a POSIX system), locating specific code within an application in a update resistant manner, hooking and redirecting code execution using several techniques, abusing error handlers to disguise code and an overview of mitigation strategies to protect apps from intra-process hacking.\n\n\n","media":[],"title":"Mind-Controlling Other Applications: An intro to intra-process hacking","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"Learn from the ground up how to take over the execution of another process and make it do your bidding! This workshop teaches you the basic to intermediate levels of runtime intra-process hacking on Windows and POSIX systems covering injecting code into another process on windows (and an overview of how this could be done on a POSIX system), locating specific code within an application in a update resistant manner, hooking and redirecting code execution using several techniques, abusing error handlers to disguise code and an overview of mitigation strategies to protect apps from intra-process hacking.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55729],"conference_id":133,"event_ids":[56257],"name":"ILOVEPIE","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56077}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":56257,"tag_ids":[46370,46734],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56077}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Classroom","hotel":"","short_name":"ASV Classroom","id":46465},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AI Goat is a deliberately vulnerable AI infrastructure designed to help security enthusiasts and pen-testers understand and exploit AI-specific vulnerabilities based on the OWASP AI Top 10. This arsenal session will demonstrate how to deploy AI Goat, explore various vulnerabilities, and guide participants in exploiting these weaknesses. Attendees will engage hands-on with the tool, gaining practical experience in AI security. Deployment scripts will be open-source and available after the session.\n\n\n","media":[],"title":"Arsenal: AI Goat","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"AI Goat is a deliberately vulnerable AI infrastructure designed to help security enthusiasts and pen-testers understand and exploit AI-specific vulnerabilities based on the OWASP AI Top 10. This arsenal session will demonstrate how to deploy AI Goat, explore various vulnerabilities, and guide participants in exploiting these weaknesses. Attendees will engage hands-on with the tool, gaining practical experience in AI security. Deployment scripts will be open-source and available after the session.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55731],"conference_id":133,"event_ids":[56237],"name":"Ofir Yakobi","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56074},{"content_ids":[55731],"conference_id":133,"event_ids":[56237],"name":"Shir Sadon","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56085}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56237,"tag_ids":[46169,46370,46438,46511],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"Tool 🛠, Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":56074},{"tag_id":46167,"sort_order":1,"person_id":56085}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Arsenal 1","hotel":"","short_name":"ASV Arsenal 1","id":46469},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cross-site scripting (XSS) remains a top web vulnerability. Google has invested heavily in defenses, and in this talk, we'll share our blueprint for protecting your code. We'll discuss how we implemented runtime and compile-time protections across hundreds of products used by billions, highlighting technical lessons and best practices. We'll also glimpse into the future of anti-XSS defenses and explore how we can make the web safer for everyone.\n\n\n","media":[],"title":"Securing Frontends at Scale: Paving our Way to the Post-XSS World","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:30:00Z","end_timestamp":{"seconds":1723228200,"nanoseconds":0},"android_description":"Cross-site scripting (XSS) remains a top web vulnerability. Google has invested heavily in defenses, and in this talk, we'll share our blueprint for protecting your code. We'll discuss how we implemented runtime and compile-time protections across hundreds of products used by billions, highlighting technical lessons and best practices. We'll also glimpse into the future of anti-XSS defenses and explore how we can make the web safer for everyone.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55728],"conference_id":133,"event_ids":[56236],"name":"Aaron Shim","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56100},{"content_ids":[55728],"conference_id":133,"event_ids":[56236],"name":"jen-ozmen","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56126}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T18:30:00.000-0000","id":56236,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56100},{"tag_id":46167,"sort_order":1,"person_id":56126}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Glad Scientist will share their experiences and techniques for building out immersive performances, with a specific focus on their unique use of XR and generative AI in their process. Expect VR modular synthesis, weird generative AI hacks, and a lot of talk about breaking things in the name of creativity! This session is beginner-friendly, and attendees are welcome to follow along and test these techniques, or to listen and ask questions.\n\n\n","media":[],"title":"Trip Through Reality XR for Performances Masterclass with the Glad Scientist","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"The Glad Scientist will share their experiences and techniques for building out immersive performances, with a specific focus on their unique use of XR and generative AI in their process. Expect VR modular synthesis, weird generative AI hacks, and a lot of talk about breaking things in the name of creativity! This session is beginner-friendly, and attendees are welcome to follow along and test these techniques, or to listen and ask questions.","updated_timestamp":{"seconds":1722368911,"nanoseconds":0},"speakers":[{"content_ids":[55579],"conference_id":133,"event_ids":[56101],"name":"The Glad Scientist","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"they/them","links":[{"description":"","title":"thegladscientist.info/4023/","sort_order":0,"url":"https://thegladscientist.info/4023/"}],"media":[],"id":56044}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T19:48:31Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56101,"tag_ids":[46397,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56044}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-06","hotel":"","short_name":"HW4-01-06","id":46354},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-30T19:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The \"5G Security Infrastructure\" workshop at DEFCON begins with an overview of 5G infrastructure security. Module 1 covers 5G security architecture, RAN architecture, deployment models, critical components, and assessment methods. Module 2 examines new 5G protocols and their security impacts, including SBA, HTTP2, JSON API, N32 interface, PFCP, and SEPP. Module 3 explores network access security, SIM card security, 5G AKA, SUPI, and SUCI. Module 4 presents a 5G threat case study, with hands-on activities in UE & PT configuration, RAN security, and API testing\n\n\n","media":[{"hash_sha256":"a34c663c52b0aea8f6604b8afbcd36481eb5e5d308c0a7ba8146a2bbecdbe8e3","filetype":"image/webp","hash_md5":"896c3dc790f54fee550b83254036da28","name":"content_telecom_5gfortress.webp","is_logo":"Y","hash_crc32c":"4fdf800f","filesize":110834,"asset_id":827,"sort_order":1,"url":"https://info.defcon.org/blobs/content_telecom_5gfortress.webp"}],"title":"5G Fortress","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"The \"5G Security Infrastructure\" workshop at DEFCON begins with an overview of 5G infrastructure security. Module 1 covers 5G security architecture, RAN architecture, deployment models, critical components, and assessment methods. Module 2 examines new 5G protocols and their security impacts, including SBA, HTTP2, JSON API, N32 interface, PFCP, and SEPP. Module 3 explores network access security, SIM card security, 5G AKA, SUPI, and SUCI. Module 4 presents a 5G threat case study, with hands-on activities in UE & PT configuration, RAN security, and API testing","updated_timestamp":{"seconds":1722352158,"nanoseconds":0},"speakers":[{"content_ids":[55557,55559,55562],"conference_id":133,"event_ids":[56072,56074,56077],"name":"Akib Sayyed","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Matrix Shell Technologies","title":"Founder and Director"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/akibsayyed/"},{"description":"","title":"Twitter (@akibsayyed)","sort_order":0,"url":"https://twitter.com/@akibsayyed"}],"media":[],"id":56031,"title":"Founder and Director at Matrix Shell Technologies"}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T15:09:18Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":56074,"tag_ids":[46395,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56031}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W201","hotel":"","short_name":"W201","id":46281},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-30T15:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Begins Friday at 12:00 (11:00 for the pre-tournament poker clinic)\r\n\r\nWe’re going all in on internet freedom. Take a break from hacking the Gibson to face off with your competition at the tables—and benefit EFF! Your buy-in is paired with a donation to support EFF’s mission to protect online privacy and free expression for all. Play for glory. Play for money. Play for the future of the web. Seating is limited, so reserve your spot today.\n\n\n","media":[{"hash_sha256":"9f0243615ab7fd284e339e0d1f9eaa7cf221334cff36dfb491fe00ab11d19367","filetype":"image/png","hash_md5":"dcf800a22d838c6f4fa8156eba650a8f","name":"ct_eff-poker-dogs.png","is_logo":"Y","hash_crc32c":"26e14ace","filesize":106506,"asset_id":638,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_eff-poker-dogs.png"}],"title":"Betting on Your Digital Rights: 3rd Annual EFF Benefit Poker Tournament at DEF CON 32","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"Begins Friday at 12:00 (11:00 for the pre-tournament poker clinic)\r\n\r\nWe’re going all in on internet freedom. Take a break from hacking the Gibson to face off with your competition at the tables—and benefit EFF! Your buy-in is paired with a donation to support EFF’s mission to protect online privacy and free expression for all. Play for glory. Play for money. Play for the future of the web. Seating is limited, so reserve your spot today.","updated_timestamp":{"seconds":1722312157,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T04:02:37Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249415"},{"label":"More Info","type":"link","url":"https://www.eff.org/poker"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249414"}],"end":"2024-08-09T18:00:00.000-0000","id":56070,"tag_ids":[46427,46439,46754],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-30T04:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Zoogleta has been scheming to corporatize and enshittify the Internet through regulatory capture, squashing indy devs, and commodifying users.\r\n\r\nYou've been contacted by journalists and whistleblowers who need help sifting through some big dumps of encrypted data and password hashes.\r\n\r\nHelp them so they can publish the smoking gun, crash Zoogleta's stock price, and get their leadership and the corrupt politicians they own arrested by exposing their internal dirt, for great justice.\r\n\r\nTime is of the essence! You will have 48 hours to crack as many files and hashes as possible.\r\n\r\nOpen to all; preregistration is recommended. Compete in the Street class for individuals or small teams, or in Pro if you do not want to sleep all weekend. Check out past years' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/\n\n\n","media":[{"hash_sha256":"8c55b933bea038dc88c4628f4a2689a38cb05c0482e20738f947c7c0a6d0bd03","filetype":"image/png","hash_md5":"1747482750537af24b802702bb112b7e","name":"ct_crackmeifyoucan.png","is_logo":"Y","hash_crc32c":"398a67a5","filesize":50685,"asset_id":721,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_crackmeifyoucan.png"}],"title":"CrackMeIfYouCan","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"Zoogleta has been scheming to corporatize and enshittify the Internet through regulatory capture, squashing indy devs, and commodifying users.\r\n\r\nYou've been contacted by journalists and whistleblowers who need help sifting through some big dumps of encrypted data and password hashes.\r\n\r\nHelp them so they can publish the smoking gun, crash Zoogleta's stock price, and get their leadership and the corrupt politicians they own arrested by exposing their internal dirt, for great justice.\r\n\r\nTime is of the essence! You will have 48 hours to crack as many files and hashes as possible.\r\n\r\nOpen to all; preregistration is recommended. Compete in the Street class for individuals or small teams, or in Pro if you do not want to sleep all weekend. Check out past years' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/","updated_timestamp":{"seconds":1722310455,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:34:15Z","links":[{"label":"More Info","type":"link","url":"https://www.crackmeifyoucan.com"},{"label":"Sub-Forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250053"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250054"},{"label":"Mastodon (@CrackMeIfYouCan@infosec.exchange)","type":"link","url":"https://infosec.exchange/@CrackMeIfYouCan"}],"end":"2024-08-11T18:00:00.000-0000","id":56039,"tag_ids":[46428,46439,46761],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"Y","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-30T03:34:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn how to program the DCNextGen Badge\n\n\n","media":[],"title":"Intro to Circuit Python (Badge class level 1)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T19:00:00Z","end_timestamp":{"seconds":1723230000,"nanoseconds":0},"android_description":"Learn how to program the DCNextGen Badge","updated_timestamp":{"seconds":1721785040,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T01:37:20Z","links":[],"end":"2024-08-09T19:00:00.000-0000","id":55755,"tag_ids":[46398,46641],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-24T01:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the realm of Operational Technology (OT) environments, incident response is a critical function that ensures the continuity and security of industrial processes. A thorough understanding of vendors, asset types, and associated frameworks is indispensable for effective incident management. This talk underscores the significance of this knowledge from an operator's perspective, highlighting how it can substantially enhance the ability of a cyber security analyst to respond to incidents swiftly and efficiently.\r\n\r\nKnowing your vendors and the specific types of assets deployed within an OT environment provides a foundational understanding that is crucial during an incident. Cyber Security analyst's equipped with detailed knowledge of where to locate critical configuration files and logs on OT devices can significantly streamline the incident response process. This insight is vital for establishing baselines, which are essential for detecting anomalies and potential threats. When an incident occurs, the ability to swiftly access and analyze these files can make the difference between a contained event and a widespread disruption.\n\n\n","media":[],"title":"Importance of ICS knowledge from a engineer's perspective","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:25:00Z","end_timestamp":{"seconds":1723227900,"nanoseconds":0},"android_description":"In the realm of Operational Technology (OT) environments, incident response is a critical function that ensures the continuity and security of industrial processes. A thorough understanding of vendors, asset types, and associated frameworks is indispensable for effective incident management. This talk underscores the significance of this knowledge from an operator's perspective, highlighting how it can substantially enhance the ability of a cyber security analyst to respond to incidents swiftly and efficiently.\r\n\r\nKnowing your vendors and the specific types of assets deployed within an OT environment provides a foundational understanding that is crucial during an incident. Cyber Security analyst's equipped with detailed knowledge of where to locate critical configuration files and logs on OT devices can significantly streamline the incident response process. This insight is vital for establishing baselines, which are essential for detecting anomalies and potential threats. When an incident occurs, the ability to swiftly access and analyze these files can make the difference between a contained event and a widespread disruption.","updated_timestamp":{"seconds":1721781474,"nanoseconds":0},"speakers":[{"content_ids":[55340,55349],"conference_id":133,"event_ids":[55732,55741],"name":"Ray Baeza","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Agriculture Defense Group","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":55964,"title":"Founder at Agriculture Defense Group"}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T00:37:54Z","links":[],"end":"2024-08-09T18:25:00.000-0000","id":55732,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55964}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-24T00:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This keynote panel will highlight the significance of an adversarial mindset. Through this discussion, we will cover the advantages of approaching challenges from the perspective of an adversary in our professional journeys, and discuss practical ways in which we have implemented this mindset in our work.\n\n\n","media":[],"title":"The Art of Critical Thinking through an Adversarial Mindset? (RTV Keynote)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:50:00Z","end_timestamp":{"seconds":1723229400,"nanoseconds":0},"android_description":"This keynote panel will highlight the significance of an adversarial mindset. Through this discussion, we will cover the advantages of approaching challenges from the perspective of an adversary in our professional journeys, and discuss practical ways in which we have implemented this mindset in our work.","updated_timestamp":{"seconds":1722720483,"nanoseconds":0},"speakers":[{"content_ids":[55175,55181,55265],"conference_id":133,"event_ids":[55563,55569,55655],"name":"Ben \"NahamSec\" Sadeghipour","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Hacking Hub","title":""}],"pronouns":null,"links":[{"description":"","title":"Twitter (@nahamsec)","sort_order":0,"url":"https://twitter.com/nahamsec"}],"media":[],"id":54808,"title":"Hacking Hub"},{"content_ids":[55324,55265],"conference_id":133,"event_ids":[55716,55655],"name":"YTCracker","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55915},{"content_ids":[54574,55265],"conference_id":133,"event_ids":[55655,54949],"name":"Savannah \"lazzslayer\" Lazzara","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56333},{"content_ids":[55265],"conference_id":133,"event_ids":[55655],"name":"Barrett \"pwneip\" Darnell","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56334},{"content_ids":[55265],"conference_id":133,"event_ids":[55655],"name":"Ryan M. \"0dayCTF\" Montgomery","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56335}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T21:28:03Z","links":[],"end":"2024-08-09T18:50:00.000-0000","id":55655,"tag_ids":[46392,46511],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46488,"sort_order":2,"person_id":54808},{"tag_id":46487,"sort_order":4,"person_id":55915},{"tag_id":46487,"sort_order":6,"person_id":56334},{"tag_id":46487,"sort_order":8,"person_id":56335},{"tag_id":46487,"sort_order":10,"person_id":56333}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W204-W207 (RTV)","hotel":"","short_name":"W204-W207 (RTV)","id":46283},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-08-03T21:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for an engaging and insightful panel discussion at the Bug Bounty Village, where community leaders from four of the world's leading bug bounty platforms—HackerOne, Synack, YesWeHack, and Intigriti—come together to share their expertise and vision for the future of bug bounty programs. This panel, moderated by a prominent hacker from the community, will explore the latest trends, challenges, and innovations in the bug bounty space. \r\n\r\nAttendees will gain valuable insights into how these platforms are evolving to meet the growing demands of cybersecurity, the strategies they employ to attract and retain top talent, and their perspectives on the impact of bug bounty programs on the broader security landscape. Through a crowdsourced Q&A session, community-driven questions will take center stage, allowing participants to delve into topics that matter most to them. \r\n\r\nWhether you are a seasoned bug bounty hunter, a security professional, or someone new to the field, this panel offers a unique opportunity to learn from the leaders shaping the future of vulnerability disclosure and rewarding ethical hacking. Don't miss this chance to connect with industry pioneers and contribute to the dialogue that drives innovation and collaboration in cybersecurity.\n\n\n","media":[],"title":"Panel of Bug Bounty Community Leaders","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:15:00Z","end_timestamp":{"seconds":1723230900,"nanoseconds":0},"android_description":"Join us for an engaging and insightful panel discussion at the Bug Bounty Village, where community leaders from four of the world's leading bug bounty platforms—HackerOne, Synack, YesWeHack, and Intigriti—come together to share their expertise and vision for the future of bug bounty programs. This panel, moderated by a prominent hacker from the community, will explore the latest trends, challenges, and innovations in the bug bounty space. \r\n\r\nAttendees will gain valuable insights into how these platforms are evolving to meet the growing demands of cybersecurity, the strategies they employ to attract and retain top talent, and their perspectives on the impact of bug bounty programs on the broader security landscape. Through a crowdsourced Q&A session, community-driven questions will take center stage, allowing participants to delve into topics that matter most to them. \r\n\r\nWhether you are a seasoned bug bounty hunter, a security professional, or someone new to the field, this panel offers a unique opportunity to learn from the leaders shaping the future of vulnerability disclosure and rewarding ethical hacking. Don't miss this chance to connect with industry pioneers and contribute to the dialogue that drives innovation and collaboration in cybersecurity.","updated_timestamp":{"seconds":1721437185,"nanoseconds":0},"speakers":[{"content_ids":[54547,55172],"conference_id":133,"event_ids":[55560,54922],"name":"Roni \"Lupin\" Carta","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Lupin & Holmes","title":"Co-Founder"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@0xlupin)","sort_order":0,"url":"https://twitter.com/0xlupin"}],"media":[],"id":54285,"title":"Co-Founder at Lupin & Holmes"},{"content_ids":[55172],"conference_id":133,"event_ids":[55560],"name":"Inti De Ceukelaire","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Intigriti","title":""}],"pronouns":null,"links":[{"description":"","title":"@securinti","sort_order":0,"url":"https://twitter.com/securinti"}],"media":[],"id":54819,"title":"Intigriti"},{"content_ids":[55172],"conference_id":133,"event_ids":[55560],"name":"Jessica Sexton","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"HackerOne","title":""}],"pronouns":null,"links":[{"description":"","title":"@sgtcardigan","sort_order":0,"url":"https://twitter.com/sgtcardigan"}],"media":[],"id":54824,"title":"HackerOne"},{"content_ids":[55172,55177],"conference_id":133,"event_ids":[55560,55565],"name":"Lucas Philippe","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"YesWeHack","title":""}],"pronouns":null,"links":[{"description":"","title":"@BitK","sort_order":0,"url":"https://twitter.com/BitK"}],"media":[],"id":54831,"title":"YesWeHack"},{"content_ids":[55172],"conference_id":133,"event_ids":[55560],"name":"Ryan Rutan","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SynAck","title":""}],"pronouns":null,"links":[{"description":"","title":"@ryanrutan","sort_order":0,"url":"https://twitter.com/ryanrutan"}],"media":[],"id":54837,"title":"SynAck"},{"content_ids":[55172],"conference_id":133,"event_ids":[55560],"name":"Michael \"codingo\" Skelton","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Bugcrowd","title":"VP of Operations"}],"pronouns":null,"links":[{"description":"","title":"Github","sort_order":0,"url":"https://github.com/codingo"},{"description":"","title":"Twitter (@codingo_)","sort_order":0,"url":"https://x.com/codingo_"},{"description":"","title":"YouTube","sort_order":0,"url":"https://youtube.com/codingo"}],"media":[],"id":55969,"title":"VP of Operations at Bugcrowd"}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T00:59:45Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#panel-of-bug-bounty-community-leaders"}],"end":"2024-08-09T19:15:00.000-0000","id":55560,"tag_ids":[46374,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":54819},{"tag_id":46487,"sort_order":4,"person_id":54824},{"tag_id":46487,"sort_order":6,"person_id":54837},{"tag_id":46487,"sort_order":8,"person_id":54831},{"tag_id":46487,"sort_order":10,"person_id":55969},{"tag_id":46488,"sort_order":12,"person_id":54285}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-20T00:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Expedient Digital Defense focuses on using free and readily available applications, or recommending paid-for commercial apps and tools that have proven records of credibility, to make our devices and online presence less harmful to us. We will follow a typical traveler in the United States, with some experiences drawn from overseas travel.\n\nThe talk stresses the value of Operational Security (OPSEC), and the mindset of seeing every piece of communication through the eyes of your adversary. The intent is to make people think twice before revealing anything considered sensitive, even if using the latest and greatest encryption. The surveillance economy and ever-present data collection in our modern world demand better awareness of how our digital world works. We’ll discuss examples like invasive social media collection, foreign influence on public perception, data insecurity putting users in danger, and advertising models based on location and click tracking.\n\nFinally, the take-away is knowing the tools and tech available, and being able to select those which fit your needs, if at all. Most of the time, one mitigation isn't enough, and several need to be emplaced to achieve proper defense in depth, in case one solution fails. Even if no technical solutions are put in place, the user will have that \"red team\" mindset and awareness that calibrates better judgment over technical solutions, and promotes OPSEC and rational thinking for security rather than blindly depending on apps and gadgets.\n\n\n","media":[],"title":"Travel Better: Expedient Digital Defense","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:30:00Z","end_timestamp":{"seconds":1723228200,"nanoseconds":0},"android_description":"Expedient Digital Defense focuses on using free and readily available applications, or recommending paid-for commercial apps and tools that have proven records of credibility, to make our devices and online presence less harmful to us. We will follow a typical traveler in the United States, with some experiences drawn from overseas travel.\n\nThe talk stresses the value of Operational Security (OPSEC), and the mindset of seeing every piece of communication through the eyes of your adversary. The intent is to make people think twice before revealing anything considered sensitive, even if using the latest and greatest encryption. The surveillance economy and ever-present data collection in our modern world demand better awareness of how our digital world works. We’ll discuss examples like invasive social media collection, foreign influence on public perception, data insecurity putting users in danger, and advertising models based on location and click tracking.\n\nFinally, the take-away is knowing the tools and tech available, and being able to select those which fit your needs, if at all. Most of the time, one mitigation isn't enough, and several need to be emplaced to achieve proper defense in depth, in case one solution fails. Even if no technical solutions are put in place, the user will have that \"red team\" mindset and awareness that calibrates better judgment over technical solutions, and promotes OPSEC and rational thinking for security rather than blindly depending on apps and gadgets.","updated_timestamp":{"seconds":1720331869,"nanoseconds":0},"speakers":[{"content_ids":[54553,56218],"conference_id":133,"event_ids":[56872,56878,54928],"name":"Grey Fox","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54320}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:49Z","links":[],"end":"2024-08-09T18:30:00.000-0000","id":54928,"tag_ids":[46377,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54320}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Step into the mind of a bug bounty hunter as I take you on a journey through my own adventures in vulnerability hunting. In this presentation, I’ll share some of the most intriguing bugs I've discovered, from the shockingly/stupidly simple to the mind-bendingly complex.\n\nWe'll start with the surprising simplicity of some bugs, but as the hunt isn’t always so simple, I’ll also reveal some complex bug chains that required advanced knowledge, lot of work and probably some hacker's intuition to know it was worth pushing further.\n\nIf you want to know how a coffee break gave me the opportunity to get infinite money, or how a vulnerable CAPTCHA helped me to break the encryption of a sensitive application - you're in the right place!\n\n\n","media":[],"title":"From Easy Wins to Epic Challenges: Bounty Hunter Edition","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:00:00Z","end_timestamp":{"seconds":1723230000,"nanoseconds":0},"android_description":"Step into the mind of a bug bounty hunter as I take you on a journey through my own adventures in vulnerability hunting. In this presentation, I’ll share some of the most intriguing bugs I've discovered, from the shockingly/stupidly simple to the mind-bendingly complex.\n\nWe'll start with the surprising simplicity of some bugs, but as the hunt isn’t always so simple, I’ll also reveal some complex bug chains that required advanced knowledge, lot of work and probably some hacker's intuition to know it was worth pushing further.\n\nIf you want to know how a coffee break gave me the opportunity to get infinite money, or how a vulnerable CAPTCHA helped me to break the encryption of a sensitive application - you're in the right place!","updated_timestamp":{"seconds":1720331869,"nanoseconds":0},"speakers":[{"content_ids":[54551],"conference_id":133,"event_ids":[54926],"name":"Daniel \"Blaklis\" Le Gall","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@Blaklis_)","sort_order":0,"url":"https://twitter.com/Blaklis_"}],"media":[],"id":54236}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:49Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#from-easy-wins-to-epic-challenges-bounty-hunter"}],"end":"2024-08-09T19:00:00.000-0000","id":54926,"tag_ids":[46374,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54236}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The DOE National Lab mission space includes exploring the use of disruptive technology to enable increasing efficiency and abilities of operations critical to national security, infrastructure, communication, and many other fields. The XR field has become a new area of active research and implementation at many national labs across the US, integrating with cutting edge hardware and software to enable users with increased capabilities. At the Pacific Northwest National Lab (PNNL), we have been using immersive XR platforms to enable a variety of government and external sponsors with novel approaches to their field. These include creating new 3D virtual twins to enable remote engagements as if remote users had access to one-of-a-kind lab equipment, creating simulation environments of hazardous environments or dangerous situations that can’t be recreated in the real world, and outreach and communication projects to engage both sponsors and the public with critical information about current security threats. During this presentation I will touch on a few case studies of projects taken on at PNNL to make the best use of XR platforms, and where we see future development with this capability.\n\n\n","media":[],"title":"National Labs Use of XR","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:30:00Z","end_timestamp":{"seconds":1723228200,"nanoseconds":0},"android_description":"The DOE National Lab mission space includes exploring the use of disruptive technology to enable increasing efficiency and abilities of operations critical to national security, infrastructure, communication, and many other fields. The XR field has become a new area of active research and implementation at many national labs across the US, integrating with cutting edge hardware and software to enable users with increased capabilities. At the Pacific Northwest National Lab (PNNL), we have been using immersive XR platforms to enable a variety of government and external sponsors with novel approaches to their field. These include creating new 3D virtual twins to enable remote engagements as if remote users had access to one-of-a-kind lab equipment, creating simulation environments of hazardous environments or dangerous situations that can’t be recreated in the real world, and outreach and communication projects to engage both sponsors and the public with critical information about current security threats. During this presentation I will touch on a few case studies of projects taken on at PNNL to make the best use of XR platforms, and where we see future development with this capability.","updated_timestamp":{"seconds":1720331869,"nanoseconds":0},"speakers":[{"content_ids":[54550],"conference_id":133,"event_ids":[54925],"name":"Martin Pratt","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Pacific Northwest National Lab","title":"Lead, Immersive Computing Development Team"}],"links":[],"pronouns":null,"media":[],"id":54251,"title":"Lead, Immersive Computing Development Team at Pacific Northwest National Lab"}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:49Z","links":[],"end":"2024-08-09T18:30:00.000-0000","id":54925,"tag_ids":[46169,46397,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54251}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"On Fri, 29 Mar 2024, at exactly 08:51:26, OSS security received a message from Andres Freund, a software engineer at Microsoft, stating he had discovered a backdoor in upstream xz/liblzma that could compromise SSH servers. The open-source project XZ, specifically the liblzma library, has been compromised by a mysterious maintainer named Jia Tan, putting the entire internet at risk. Fortunately, this discovery helped us avoid the worst.\r\n\r\nBut what happened? How long has this rogue maintainer been part of the project? Who is Jia Tan? Was he involved in other projects? How does the backdoor work? And what should we learn from this?\r\n\r\nThese are questions we will attempt to answer. First, we will discuss the discovery, which is so riddled with coincidences and chance that it's hard not to think about all the ones we've missed. Then, we'll examine the process itself, from gaining trust within the project to deploying the backdoor, dissecting the operating methods and the main protagonists. We will also dive into the technical details, explaining how the backdoor is deployed and how it can be exploited.\r\n\r\nThe XZ backdoor is not just an incredible undercover operation but also a gigantic puzzle to solve. Beyond the technical background, there is a story to tell here, to capitalize on what went wrong and what we could improve.\r\n\r\n- OSS Security Andres Freund Email: [link](https://www.openwall.com/lists/oss-security/2024/03/29/4)\r\n- My work on the XZ Backdoor: [link](https://x.com/fr0gger_/status/1774342248437813525)\r\n- Second tweet of the XZ Backdoor: [link](https://x.com/fr0gger_/status/1775759514249445565)\r\n- Additional works related to my presentation:\r\n - Gynvael Coldwind: [link](https://gynvael.coldwind.pl/?lang=en&id=782)\r\n - [link](https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27) by @thesamesam@social.treehouse.systems\r\n - [link](https://boehs.org/node/everything-i-know-about-the-xz-backdoor) by @eb@social.coop\r\n - [link](https://wiz.io/blog/cve-2024-3094-critical-rce-vulnerability-found-in-xz-utils) by @wiz_io\r\n - [link](https://gist.github.com/smx-smx/a6112d54777845d389bd7126d6e9f504) by smx\r\n - [link](https://securelist.com/xz-backdoor-story-part-1/112354/) by Kaspersky\r\n - [link](https://github.com/blasty/JiaTansSSHAgent) by @bl4sty\r\n\n\n\n","media":[],"title":"The XZ Backdoor Story: The Undercover Operation That Set the Internet on Fire","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T18:45:00Z","end_timestamp":{"seconds":1723229100,"nanoseconds":0},"android_description":"On Fri, 29 Mar 2024, at exactly 08:51:26, OSS security received a message from Andres Freund, a software engineer at Microsoft, stating he had discovered a backdoor in upstream xz/liblzma that could compromise SSH servers. The open-source project XZ, specifically the liblzma library, has been compromised by a mysterious maintainer named Jia Tan, putting the entire internet at risk. Fortunately, this discovery helped us avoid the worst.\r\n\r\nBut what happened? How long has this rogue maintainer been part of the project? Who is Jia Tan? Was he involved in other projects? How does the backdoor work? And what should we learn from this?\r\n\r\nThese are questions we will attempt to answer. First, we will discuss the discovery, which is so riddled with coincidences and chance that it's hard not to think about all the ones we've missed. Then, we'll examine the process itself, from gaining trust within the project to deploying the backdoor, dissecting the operating methods and the main protagonists. We will also dive into the technical details, explaining how the backdoor is deployed and how it can be exploited.\r\n\r\nThe XZ backdoor is not just an incredible undercover operation but also a gigantic puzzle to solve. Beyond the technical background, there is a story to tell here, to capitalize on what went wrong and what we could improve.\r\n\r\n- OSS Security Andres Freund Email: [link](https://www.openwall.com/lists/oss-security/2024/03/29/4)\r\n- My work on the XZ Backdoor: [link](https://x.com/fr0gger_/status/1774342248437813525)\r\n- Second tweet of the XZ Backdoor: [link](https://x.com/fr0gger_/status/1775759514249445565)\r\n- Additional works related to my presentation:\r\n - Gynvael Coldwind: [link](https://gynvael.coldwind.pl/?lang=en&id=782)\r\n - [link](https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27) by @thesamesam@social.treehouse.systems\r\n - [link](https://boehs.org/node/everything-i-know-about-the-xz-backdoor) by @eb@social.coop\r\n - [link](https://wiz.io/blog/cve-2024-3094-critical-rce-vulnerability-found-in-xz-utils) by @wiz_io\r\n - [link](https://gist.github.com/smx-smx/a6112d54777845d389bd7126d6e9f504) by smx\r\n - [link](https://securelist.com/xz-backdoor-story-part-1/112354/) by Kaspersky\r\n - [link](https://github.com/blasty/JiaTansSSHAgent) by @bl4sty","updated_timestamp":{"seconds":1720461930,"nanoseconds":0},"speakers":[{"content_ids":[54442,56209],"conference_id":133,"event_ids":[54815,56863],"name":"Thomas Roccia","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":"Senior Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/thomas-roccia/"},{"description":"","title":"Past Presentations","sort_order":0,"url":"https://speakerdeck.com/fr0gger"},{"description":"","title":"Twitter (@fr0gger_)","sort_order":0,"url":"https://twitter.com/fr0gger_"},{"description":"","title":"Website","sort_order":0,"url":"https://www.securitybreak.io"}],"media":[],"id":54118,"title":"Senior Security Researcher at Microsoft"}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:05:30Z","links":[],"end":"2024-08-09T18:45:00.000-0000","id":54815,"tag_ids":[46166,46169,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54118}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-08T18:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We all know it all too well: that ominous feeling when opening an unknown file in your favorite analysis tool, only to be greeted with hundreds or thousands of unknown functions, none of which are matched by your existing function signatures, nor any of your helper scripts. This makes the analysis a painfully slow and tedious process. Additionally, it sometimes means that the required analysis time exceeds the available time, and another file is chosen to be reversed instead. Especially when dealing with malware, this is an undesired scenario, as it would create a blind spot from a blue team’s perspective.\r\n\r\nThe goal of this talk is to share a tried and tested method on how to deal with thousands of unknown functions in a given file, significantly decreasing the time spent on the analysis. The example throughout the talk is the Golang based qBit family, but is applicable to any kind of binary. While this talk focuses on using Ghidra, given its free and open-source nature, it is equally possible with other industry standard tools. The focus will be on scripts, as well as the creation and usage of FunctionID and BSim databases. By combining these, you will be able to create your own symbols, and bring them anywhere you go, for any language of choice.\r\n\r\nWhile the symbols are portable, an aggregation of them scales very well over any number of analysts. As such, this methodology works well for individual researchers, but when scaling it for a team of researchers, the outcome will be greater than the sum of its parts.\r\n\r\nThis talk will use (malicious) Golang binaries as examples and provide a large dataset of symbols for this language. The scripts, as well as FunctionID and BSim databases, mentioned in this talk will all be made publicly available at the time of this talk.\r\n\r\nIn no particular order:\r\n\r\n- Automate .fidb generation with headless Ghidra: [link](https://blog.threatrack.de/2019/09/20/ghidra-fid-generator/)\r\n- Understanding static and dynamic compilation and linking: [link](https://www.youtube.com/watch?v=fGnbGX88z3Y)\r\n- How symbols work: [link](https://www.youtube.com/watch?v=iBQo962Sx0g)\r\n- BSim answers from the Ghidra team: [link](https://github.com/NationalSecurityAgency/ghidra/issues/6098)\r\n- Feeding Gophers to Ghidra (a blog I wrote for my employer about my research into Golang internals): [link](https://www.trellix.com/blogs/research/feeding-gophers-to-ghidra/)\r\n- A blog I wrote summarising my Golang reversing journey for my employer: [link](https://www.trellix.com/blogs/research/feeding-gophers-to-ghidra/)\r\n- The open-source scripts on GitHub: [link](https://github.com/advanced-threat-research/GhidraScripts)\r\n- A talk I gave about the Golang internals at HackInTheBox Amsterdam 2023: [link](https://www.youtube.com/watch?v=wsNfHqZfTfE)\r\n- Ghidra’s FunctionID codebase: [link](https://github.com/NationalSecurityAgency/ghidra/tree/master/Ghidra/Features/FunctionID)\r\n- Hex-Ray’s IDA Pro’s F.L.I.R.T. explained: [link](https://hex-rays.com/products/ida/tech/flirt/in_depth/)\r\n- BSim’s GhidraDoc explanation and tutorial: [link](https://github.com/NationalSecurityAgency/ghidra/blob/master/GhidraDocs/GhidraClass/BSim/README.md)\r\n\n\n\n","media":[],"title":"No Symbols When Reversing? No Problem: Bring Your Own","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T18:20:00Z","end_timestamp":{"seconds":1723227600,"nanoseconds":0},"android_description":"We all know it all too well: that ominous feeling when opening an unknown file in your favorite analysis tool, only to be greeted with hundreds or thousands of unknown functions, none of which are matched by your existing function signatures, nor any of your helper scripts. This makes the analysis a painfully slow and tedious process. Additionally, it sometimes means that the required analysis time exceeds the available time, and another file is chosen to be reversed instead. Especially when dealing with malware, this is an undesired scenario, as it would create a blind spot from a blue team’s perspective.\r\n\r\nThe goal of this talk is to share a tried and tested method on how to deal with thousands of unknown functions in a given file, significantly decreasing the time spent on the analysis. The example throughout the talk is the Golang based qBit family, but is applicable to any kind of binary. While this talk focuses on using Ghidra, given its free and open-source nature, it is equally possible with other industry standard tools. The focus will be on scripts, as well as the creation and usage of FunctionID and BSim databases. By combining these, you will be able to create your own symbols, and bring them anywhere you go, for any language of choice.\r\n\r\nWhile the symbols are portable, an aggregation of them scales very well over any number of analysts. As such, this methodology works well for individual researchers, but when scaling it for a team of researchers, the outcome will be greater than the sum of its parts.\r\n\r\nThis talk will use (malicious) Golang binaries as examples and provide a large dataset of symbols for this language. The scripts, as well as FunctionID and BSim databases, mentioned in this talk will all be made publicly available at the time of this talk.\r\n\r\nIn no particular order:\r\n\r\n- Automate .fidb generation with headless Ghidra: [link](https://blog.threatrack.de/2019/09/20/ghidra-fid-generator/)\r\n- Understanding static and dynamic compilation and linking: [link](https://www.youtube.com/watch?v=fGnbGX88z3Y)\r\n- How symbols work: [link](https://www.youtube.com/watch?v=iBQo962Sx0g)\r\n- BSim answers from the Ghidra team: [link](https://github.com/NationalSecurityAgency/ghidra/issues/6098)\r\n- Feeding Gophers to Ghidra (a blog I wrote for my employer about my research into Golang internals): [link](https://www.trellix.com/blogs/research/feeding-gophers-to-ghidra/)\r\n- A blog I wrote summarising my Golang reversing journey for my employer: [link](https://www.trellix.com/blogs/research/feeding-gophers-to-ghidra/)\r\n- The open-source scripts on GitHub: [link](https://github.com/advanced-threat-research/GhidraScripts)\r\n- A talk I gave about the Golang internals at HackInTheBox Amsterdam 2023: [link](https://www.youtube.com/watch?v=wsNfHqZfTfE)\r\n- Ghidra’s FunctionID codebase: [link](https://github.com/NationalSecurityAgency/ghidra/tree/master/Ghidra/Features/FunctionID)\r\n- Hex-Ray’s IDA Pro’s F.L.I.R.T. explained: [link](https://hex-rays.com/products/ida/tech/flirt/in_depth/)\r\n- BSim’s GhidraDoc explanation and tutorial: [link](https://github.com/NationalSecurityAgency/ghidra/blob/master/GhidraDocs/GhidraClass/BSim/README.md)","updated_timestamp":{"seconds":1720461878,"nanoseconds":0},"speakers":[{"content_ids":[54224,54440],"conference_id":133,"event_ids":[54597,54813],"name":"Max \"Libra\" Kersten","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/libranalysis/"},{"description":"","title":"Mastodon (@libra@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@libra"},{"description":"","title":"Twitter (@Libranalysis)","sort_order":0,"url":"https://twitter.com/Libranalysis"},{"description":"","title":"Website","sort_order":0,"url":"https://maxkersten.nl"}],"media":[],"id":54141}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:04:38Z","links":[],"end":"2024-08-09T18:20:00.000-0000","id":54813,"tag_ids":[46166,46419,46438,46880],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54141}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-08T18:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Where to start looking for attackers in a cloud environment? In a world where cloud providers have hundreds of services and thousands of API calls, getting started can feel overwhelming.\n\nIn this talk, we lay out the foundations of a modern detection engineering program built and tailored for the cloud, such as threat-informed defense based on real-world attacker activity, emulating common attacker behavior, shortening feedback loops to validate telemetry, and continuous end-to-end testing of threat detection rules. Additionally, we introduce a new open-source project, Grimoire, which allows leveraging pre-built datasets of AWS CloudTrail logs for common attacks.\n\nYou'll gain a hands-on, actionable understanding of how to start identifying threats in your cloud environment, or improve your existing process.\n\n\n","media":[],"title":"Catch them all! Detection Engineering and Purple Teaming in the Cloud","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:30:00Z","end_timestamp":{"seconds":1723228200,"nanoseconds":0},"android_description":"Where to start looking for attackers in a cloud environment? In a world where cloud providers have hundreds of services and thousands of API calls, getting started can feel overwhelming.\n\nIn this talk, we lay out the foundations of a modern detection engineering program built and tailored for the cloud, such as threat-informed defense based on real-world attacker activity, emulating common attacker behavior, shortening feedback loops to validate telemetry, and continuous end-to-end testing of threat detection rules. Additionally, we introduce a new open-source project, Grimoire, which allows leveraging pre-built datasets of AWS CloudTrail logs for common attacks.\n\nYou'll gain a hands-on, actionable understanding of how to start identifying threats in your cloud environment, or improve your existing process.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55478],"conference_id":133,"event_ids":[55907],"name":"Christophe Tafani-Dereeper","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"christophetd","sort_order":0,"url":"https://christophetd"}],"media":[],"id":56001}],"begin_tsz":"2024-08-09T17:50:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T18:30:00.000-0000","id":55907,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723225800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56001}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T17:50:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"For three weeks in January 2024, a federal judge heard arguments that Ballot Marking Devices (BMDs) as they are uniformly used in Georgia burden the right to vote to the extent that their continued use is unconstitutional.  In 2019, the same court banned the use of Direct Recording Equipment (DRE) on the same grounds. Banning BMDs would have national repercussions. The case was litigated in a bench trial, a lawsuit not tried in front of a jury.\n\nUsing actual court presentations and documents, the proposed panel will summarize the arguments made by attorneys and experts for the Plaintiffs (a coalition of cybersecurity and voting systems experts and voting rights activists) and the Defendant (Georgia Secretary of State Raffmsperger). Panelists include representatives of the plaintiffs, defendants, and independent experts, moderated by a distinguished legal journalist. Observers will explain the extraordinary coincidences surrounding this lawsuit, including the events of January 6th, the Trump allies’ successful efforts to steal the state’s software,  and the attempt by backers of then-President Donald Trump and the attempt to brand Plaintiffs as election deniers. Panelists will also recreate technical demonstrations used in court.\n\nThe panel will use a novel “steelman” analysis of the Defense’s arguments. Unlike strawman analysis, a steelman (often called charitable analysis) argument crafts the most favorable interpretation of the responses to the Plaintiff's complaint, strengthening and in some cases correcting errors.\n\n\n","media":[],"title":"Play by Play of the Curling v. Raffensperger Lawsuit","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:45:00Z","end_timestamp":{"seconds":1723229100,"nanoseconds":0},"android_description":"For three weeks in January 2024, a federal judge heard arguments that Ballot Marking Devices (BMDs) as they are uniformly used in Georgia burden the right to vote to the extent that their continued use is unconstitutional.  In 2019, the same court banned the use of Direct Recording Equipment (DRE) on the same grounds. Banning BMDs would have national repercussions. The case was litigated in a bench trial, a lawsuit not tried in front of a jury.\n\nUsing actual court presentations and documents, the proposed panel will summarize the arguments made by attorneys and experts for the Plaintiffs (a coalition of cybersecurity and voting systems experts and voting rights activists) and the Defendant (Georgia Secretary of State Raffmsperger). Panelists include representatives of the plaintiffs, defendants, and independent experts, moderated by a distinguished legal journalist. Observers will explain the extraordinary coincidences surrounding this lawsuit, including the events of January 6th, the Trump allies’ successful efforts to steal the state’s software,  and the attempt by backers of then-President Donald Trump and the attempt to brand Plaintiffs as election deniers. Panelists will also recreate technical demonstrations used in court.\n\nThe panel will use a novel “steelman” analysis of the Defense’s arguments. Unlike strawman analysis, a steelman (often called charitable analysis) argument crafts the most favorable interpretation of the responses to the Plaintiff's complaint, strengthening and in some cases correcting errors.","updated_timestamp":{"seconds":1723183538,"nanoseconds":0},"speakers":[{"content_ids":[56187,56185,56183],"conference_id":133,"event_ids":[56837,56839,56841],"name":"Philip Stark","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/philip-stark-0422325"},{"description":"","title":"Twitter (@philipbstark)","sort_order":0,"url":"https://twitter.com/philipbstark"},{"description":"","title":"Website","sort_order":0,"url":"https://www.stat.berkeley.edu/~stark/"}],"media":[],"id":56561},{"content_ids":[56183],"conference_id":133,"event_ids":[56837],"name":"Drew Springall","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@_aaspring_)","sort_order":0,"url":"https://twitter.com/_aaspring_"},{"description":"","title":"Website","sort_order":0,"url":"https://aaspring.com"}],"media":[],"id":56567},{"content_ids":[56183],"conference_id":133,"event_ids":[56837],"name":"Mary Kaiser","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/mary-kaiser-53394010"},{"description":"","title":"Twitter (@goodwinlaw)","sort_order":0,"url":"https://twitter.com/goodwinlaw"},{"description":"","title":"Website","sort_order":0,"url":"https://goodwinlaw.com"}],"media":[],"id":56576},{"content_ids":[56183,56184],"conference_id":133,"event_ids":[56837,56838],"name":"Susan Greenhalgh","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/susan-greenhalgh-7078a9111"},{"description":"","title":"Twitter (@segreenhalgh)","sort_order":0,"url":"https://twitter.com/segreenhalgh"},{"description":"","title":"Website","sort_order":0,"url":"https://freespeechforpeople.org/susan-greenhalgh/"}],"media":[],"id":56584}],"begin_tsz":"2024-08-09T17:45:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:05:38Z","links":[],"end":"2024-08-09T18:45:00.000-0000","id":56837,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723225500,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":56584},{"tag_id":46487,"sort_order":4,"person_id":56576},{"tag_id":46487,"sort_order":6,"person_id":56567},{"tag_id":46487,"sort_order":8,"person_id":56561}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-09T17:45:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Recursion has a tendency to turn little bugs into explosive ones. In this talk, witness the myriad of strange and unexpected bugs we encountered while building BBOT, a recursive internet scanner. Rendered in smooth realtime animations, these bugs may appear fun and sometimes hilarious, but when they occurred they were extremely problematic, and taught us some valuable lessons about the internet and recursion.\n\nDiscover the nefarious traps and nightmarish edge cases that awaited us in the depths of the internet, the destruction they caused, the awkward situations they put us in, and the tricks we used to overcome them. Most importantly, discover the kinds of hidden gems recursion can uncover (when it's implemented properly), and the critical advantage it will give you in your recon!\n\n\n","media":[],"title":"Recursion is a Harsh Mistress: How (Not) To Build a Recursive Internet Scanner","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:30:00Z","end_timestamp":{"seconds":1723228200,"nanoseconds":0},"android_description":"Recursion has a tendency to turn little bugs into explosive ones. In this talk, witness the myriad of strange and unexpected bugs we encountered while building BBOT, a recursive internet scanner. Rendered in smooth realtime animations, these bugs may appear fun and sometimes hilarious, but when they occurred they were extremely problematic, and taught us some valuable lessons about the internet and recursion.\n\nDiscover the nefarious traps and nightmarish edge cases that awaited us in the depths of the internet, the destruction they caused, the awkward situations they put us in, and the tricks we used to overcome them. Most importantly, discover the kinds of hidden gems recursion can uncover (when it's implemented properly), and the critical advantage it will give you in your recon!","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55895],"conference_id":133,"event_ids":[56482],"name":"TheTechromancer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56263}],"begin_tsz":"2024-08-09T17:45:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T18:30:00.000-0000","id":56482,"tag_ids":[46391,46511],"village_id":null,"begin_timestamp":{"seconds":1723225500,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56263}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T17:45:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come ask us anything about the GRT2! There will be a short presentation about how to participate and the objectives of the event and then you can ask us anything about it and ML flaws and vulnerabilities.\n\n\n","media":[],"title":"Generative Red Team 2 Kickoff","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:30:00Z","end_timestamp":{"seconds":1723228200,"nanoseconds":0},"android_description":"Come ask us anything about the GRT2! There will be a short presentation about how to participate and the objectives of the event and then you can ask us anything about it and ML flaws and vulnerabilities.","updated_timestamp":{"seconds":1722626317,"nanoseconds":0},"speakers":[{"content_ids":[55875,55888],"conference_id":133,"event_ids":[56460,56473],"name":"Jerome Wynne","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56229},{"content_ids":[55875,55888],"conference_id":133,"event_ids":[56460,56473],"name":"Kent Wilson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56230},{"content_ids":[55875,55888],"conference_id":133,"event_ids":[56460,56473],"name":"Nicole DeCario","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56231},{"content_ids":[55875,55888],"conference_id":133,"event_ids":[56460,56473],"name":"Sean McGregor","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56232},{"content_ids":[55875,55876,55888],"conference_id":133,"event_ids":[56460,56473,56461],"name":"Sven Cattell","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"AI Village","title":"Founder"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@comathematician)","sort_order":0,"url":"https://x.com/comathematician"}],"media":[],"id":56233,"title":"Founder at AI Village"},{"content_ids":[55875,55888],"conference_id":133,"event_ids":[56460,56473],"name":"Will Pearce","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56234}],"begin_tsz":"2024-08-09T17:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:18:37Z","links":[{"label":"Website","type":"link","url":"https://grt.aivillage.org/"}],"end":"2024-08-09T18:30:00.000-0000","id":56460,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723224600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56233},{"tag_id":46167,"sort_order":4,"person_id":56234},{"tag_id":46167,"sort_order":6,"person_id":56229},{"tag_id":46167,"sort_order":8,"person_id":56232},{"tag_id":46167,"sort_order":10,"person_id":56231},{"tag_id":46167,"sort_order":12,"person_id":56230}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-09T17:30:00.000-0000","updated":"2024-08-02T19:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this workshop, we explore the design, construction, and configuration of cost-effective Low Earth Orbit (LEO) satellite ground stations using open source tools. The aim is to demonstrate that high-quality ground stations can be developed on a limited budget without sacrificing performance. We will delve into the selection of hardware components, the integration process, and the software tools necessary for seamless operation. Additionally, real-world applications and case studies will be showcased to highlight the practical benefits and potential of these budget-friendly solutions. Attendees will leave with a comprehensive understanding of how to leverage open source resources to build and operate efficient ground stations, making advanced aerospace technology accessible to enthusiasts and professionals alike.\n\n\n","media":[],"title":"Building the Ultimate Budget-Friendly Low Earth Orbit Satellite Ground Station","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T19:30:00Z","end_timestamp":{"seconds":1723231800,"nanoseconds":0},"android_description":"In this workshop, we explore the design, construction, and configuration of cost-effective Low Earth Orbit (LEO) satellite ground stations using open source tools. The aim is to demonstrate that high-quality ground stations can be developed on a limited budget without sacrificing performance. We will delve into the selection of hardware components, the integration process, and the software tools necessary for seamless operation. Additionally, real-world applications and case studies will be showcased to highlight the practical benefits and potential of these budget-friendly solutions. Attendees will leave with a comprehensive understanding of how to leverage open source resources to build and operate efficient ground stations, making advanced aerospace technology accessible to enthusiasts and professionals alike.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55831],"conference_id":133,"event_ids":[56381],"name":"Victor Fernandez Minguillon","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/victorminguillon/"}],"media":[],"id":56191}],"begin_tsz":"2024-08-09T17:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-09T19:30:00.000-0000","id":56381,"tag_ids":[46366,46734],"village_id":null,"begin_timestamp":{"seconds":1723224600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56191}],"tags":"","conference_id":133,"location":{"parent_id":46259,"name":"LVCC - L1 - HW2-07-02 (Aerospace) - Workshops","hotel":"","short_name":"Workshops","id":46476},"spans_timebands":"N","begin":"2024-08-09T17:30:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"An introduction to the analyst mindset for IR and how to ensure quality. First, we'll discuss the analyst mindset. How does your investigation flow and potentially impact people? This is a big responsibility. Next we will discuss quality assurance. The \"evil\" metrics that we so often fear. Why are they important and how can we best use them?\n\n\nAn introduction to the analyst mindset for IR and how to ensure quality. First, we'll discuss the analyst mindset. How does your investigation flow and potentially impact people? This is a big responsibility. Next we will discuss quality assurance. The \"evil\" metrics that we so often fear. Why are they important and how can we best use them?","media":[],"title":"Incident Response 101: Part 2 (Analyst Mindset and Quality Assurance)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"An introduction to the analyst mindset for IR and how to ensure quality. First, we'll discuss the analyst mindset. How does your investigation flow and potentially impact people? This is a big responsibility. Next we will discuss quality assurance. The \"evil\" metrics that we so often fear. Why are they important and how can we best use them?\n\n\nAn introduction to the analyst mindset for IR and how to ensure quality. First, we'll discuss the analyst mindset. How does your investigation flow and potentially impact people? This is a big responsibility. Next we will discuss quality assurance. The \"evil\" metrics that we so often fear. Why are they important and how can we best use them?","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55761],"conference_id":133,"event_ids":[56269],"name":"David \"CountZ3r0\" Roman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56139}],"begin_tsz":"2024-08-09T17:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-09T18:00:00.000-0000","id":56269,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723224600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56139}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-09T17:30:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In-Person Contest\r\nFriday and Saturday: 10:30-18:00\r\nCTF begins Friday 10:30; CTF ends Saturday 18:00\r\n\r\nThe Blue Team Village (BTV) CTF is a cyber defense Capture the Flag inspired by a mix of trending nation-state actor kill chains and at least one custom insider threat story. You are an incident responder tasked to investigate several incidents involving different operating systems and OT devices. You will have access to SIEM and Packet captures; however, just like in real life, these tools have issues you must overcome to uncover what happened.\r\n\r\nExpect indexes to telemetry issues, raw data not extracted properly, and missing fields. Regex may be helpful. In addition, Arkime, the network monitoring tool, will only work partially and correctly. You must find ways to make the best of the telemetry provided, and remember that you can always extract the resulting pcaps!\r\n\r\nThe CTF challenges contestants to leverage diverse cyber defense skills, including Incident Response, Forensics, and Threat Hunting. Both host and network telemetry are required to solve all the flags.\r\n\r\nBTV’s Project Obsidian crew developed the CTF to allow anyone, regardless of skill or knowledge, to participate and sharpen their cyber defense skills. We recommend creating or joining a team if you are new to cyber defense. We highly recommend participating in the BTV’s Project Obsidian workshop sessions if you are new to cyber defense. Sessions cover many of the topics on the CTF and will help you along the way.\n\n\n","media":[],"title":"Blue Team Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"In-Person Contest\r\nFriday and Saturday: 10:30-18:00\r\nCTF begins Friday 10:30; CTF ends Saturday 18:00\r\n\r\nThe Blue Team Village (BTV) CTF is a cyber defense Capture the Flag inspired by a mix of trending nation-state actor kill chains and at least one custom insider threat story. You are an incident responder tasked to investigate several incidents involving different operating systems and OT devices. You will have access to SIEM and Packet captures; however, just like in real life, these tools have issues you must overcome to uncover what happened.\r\n\r\nExpect indexes to telemetry issues, raw data not extracted properly, and missing fields. Regex may be helpful. In addition, Arkime, the network monitoring tool, will only work partially and correctly. You must find ways to make the best of the telemetry provided, and remember that you can always extract the resulting pcaps!\r\n\r\nThe CTF challenges contestants to leverage diverse cyber defense skills, including Incident Response, Forensics, and Threat Hunting. Both host and network telemetry are required to solve all the flags.\r\n\r\nBTV’s Project Obsidian crew developed the CTF to allow anyone, regardless of skill or knowledge, to participate and sharpen their cyber defense skills. We recommend creating or joining a team if you are new to cyber defense. We highly recommend participating in the BTV’s Project Obsidian workshop sessions if you are new to cyber defense. Sessions cover many of the topics on the CTF and will help you along the way.","updated_timestamp":{"seconds":1722310974,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:42:54Z","links":[{"label":"More Info","type":"link","url":"https://www.blueteamvillage.org/ctf"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249405"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249404"}],"end":"2024-08-10T01:00:00.000-0000","id":56055,"tag_ids":[46373,46427,46439,46756],"village_id":null,"begin_timestamp":{"seconds":1723224600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W311-W313 (BTV)","hotel":"","short_name":"W311-W313 (BTV)","id":46296},"spans_timebands":"N","begin":"2024-08-09T17:30:00.000-0000","updated":"2024-07-30T03:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Presentation to kick off the Radio Frequency Village CTF with helpful tips for new folks.\n\n\n","media":[],"title":"RF CTF Kick Off Day 1","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:25:00Z","end_timestamp":{"seconds":1723227900,"nanoseconds":0},"android_description":"Presentation to kick off the Radio Frequency Village CTF with helpful tips for new folks.","updated_timestamp":{"seconds":1722186661,"nanoseconds":0},"speakers":[{"content_ids":[55443,55453,55461],"conference_id":133,"event_ids":[55868,55878,55886],"name":"RF Hackers","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@rfhackers"},{"description":"","title":"Website","sort_order":0,"url":"https://rfhackers.com/"}],"media":[],"id":55982}],"begin_tsz":"2024-08-09T17:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T17:11:01Z","links":[],"end":"2024-08-09T18:25:00.000-0000","id":55868,"tag_ids":[46390,46427,46511,46742],"village_id":null,"begin_timestamp":{"seconds":1723224600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55982}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-09T17:30:00.000-0000","updated":"2024-07-28T17:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This contest is simple, and is designed to teach you the basics of transmitter direction finding and “fox hunting”. We offer multiple levels of difficulty – whether you’ve never done a fox hunt before or are a seasoned pro, you can participate in the hunt! Learning how to locate the source of radio signals is an important tool you can add to your hacker arsenal. Whether you’re hunting for a source of interference, a rogue wireless AP, or tracking down the FCC’s monitoring vans, the real-world skills you will gain from this contest will be invaluable.\r\n\r\nTo participate in the beginner IR foxhunt you will need a device that can receive IR light in the 900nm range – such as many cell phones and digital cameras!\r\n\r\nTo participate in the RF foxhunt(s) you will need a radio or a scanner that can receive signals in the 2m and/or 70cm Amateur Radio Bands (144.000 MHz - 146.000 MHz, 420.000 MHZ - 450.000 MHz)\n\n\n","media":[{"hash_sha256":"eaa2e18ed376870b0b3ebb931ebea74844c1032d6e048968b87b07d86e184b3a","filetype":"image/png","hash_md5":"0f6296e86e5676264624f7692fbe4ca2","name":"ct_ham-fox-hunt.png","is_logo":"Y","hash_crc32c":"c9eab3b2","filesize":83132,"asset_id":646,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_ham-fox-hunt.png"}],"title":"Ham Radio Fox Hunt","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"This contest is simple, and is designed to teach you the basics of transmitter direction finding and “fox hunting”. We offer multiple levels of difficulty – whether you’ve never done a fox hunt before or are a seasoned pro, you can participate in the hunt! Learning how to locate the source of radio signals is an important tool you can add to your hacker arsenal. Whether you’re hunting for a source of interference, a rogue wireless AP, or tracking down the FCC’s monitoring vans, the real-world skills you will gain from this contest will be invaluable.\r\n\r\nTo participate in the beginner IR foxhunt you will need a device that can receive IR light in the 900nm range – such as many cell phones and digital cameras!\r\n\r\nTo participate in the RF foxhunt(s) you will need a radio or a scanner that can receive signals in the 2m and/or 70cm Amateur Radio Bands (144.000 MHz - 146.000 MHz, 420.000 MHZ - 450.000 MHz)","updated_timestamp":{"seconds":1722184768,"nanoseconds":0},"speakers":[{"content_ids":[55432],"conference_id":133,"event_ids":[55855,55856,55857],"name":"Ham Radio Village Staff","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@HamRadioVillage"},{"description":"","title":"Website","sort_order":0,"url":"https://hamvillage.org"}],"media":[],"id":55973}],"begin_tsz":"2024-08-09T17:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T16:39:28Z","links":[{"label":"More Info","type":"link","url":"https://hamvillage.org/dc32/"}],"end":"2024-08-10T01:00:00.000-0000","id":55855,"tag_ids":[46380,46427,46439,46743],"village_id":null,"begin_timestamp":{"seconds":1723224600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":55973}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-A","hotel":"","short_name":"HW4-02-02-A","id":46362},"spans_timebands":"N","begin":"2024-08-09T17:30:00.000-0000","updated":"2024-07-28T16:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk we will present the ICS firing range we built and hacked to simulate an actual attack against a hydroelectric power plant and create a DFIR training from the evidence left behind. The talk aims to emphasize the importance of attack simulation in the context of critical infrastructure and the potential benefit that firing ranges can provide to such assessments.\r\n\r\nFirst we will examine the motivation behind the construction and usage of a firing range, covering various aspects including:\r\n- the threats operators of critical infrastructure face,\r\n- how security assessments are conducted in an OT context and\r\n- how an ICS firing range can be utilized to support them.\r\n\r\nNext we will discuss the intended use cases of the firing range and the scenario it was made to display, the flooding of a hydroelectric power plant. As a result, the relevant components and production processes of the plant will be outlined.\r\nThen we will present and go into detail about the design & architecture of the firing range:\r\n- individual physical and virtual networks and components,\r\n- separate Active Directory environments,\r\n- implemented security measures\r\n- specific vulnerabilities intentionally left behind. \r\n\r\nPicking up this last bullet-point, we continue with how we hacked the firing range and performed a Red Team assessment against it, simulating an actual attack. Starting with the C2 infrastructure we set up for the attack, we will guide the audience through the kill chain in chronological order and highlight the most important and relevant steps of the attack.\r\n\r\nOnce the offensive part of the talk concludes, a shift of perspective takes place and the attack is evaluated from the defence's point-of-view: we'll show how we identified, secured and analyzed indicators of compromise left behind by the attack. This includes the analysis of network captures, Windows event logs, memory dumps and more.\r\n\r\nThis talk will be presented by not only people from NVISO as the IT security service provider who built the firing range and performed to attack against it, but also by people from VERBUND's IT security team who actively use the firing range for training. This way we can involve both the attacker's and the defence's point-of-view.\n\n\n","media":[],"title":"Attack and Defence in OT - Simulating attacks against hydroelectric power plants leveraging ICS Firing Ranges","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"In this talk we will present the ICS firing range we built and hacked to simulate an actual attack against a hydroelectric power plant and create a DFIR training from the evidence left behind. The talk aims to emphasize the importance of attack simulation in the context of critical infrastructure and the potential benefit that firing ranges can provide to such assessments.\r\n\r\nFirst we will examine the motivation behind the construction and usage of a firing range, covering various aspects including:\r\n- the threats operators of critical infrastructure face,\r\n- how security assessments are conducted in an OT context and\r\n- how an ICS firing range can be utilized to support them.\r\n\r\nNext we will discuss the intended use cases of the firing range and the scenario it was made to display, the flooding of a hydroelectric power plant. As a result, the relevant components and production processes of the plant will be outlined.\r\nThen we will present and go into detail about the design & architecture of the firing range:\r\n- individual physical and virtual networks and components,\r\n- separate Active Directory environments,\r\n- implemented security measures\r\n- specific vulnerabilities intentionally left behind. \r\n\r\nPicking up this last bullet-point, we continue with how we hacked the firing range and performed a Red Team assessment against it, simulating an actual attack. Starting with the C2 infrastructure we set up for the attack, we will guide the audience through the kill chain in chronological order and highlight the most important and relevant steps of the attack.\r\n\r\nOnce the offensive part of the talk concludes, a shift of perspective takes place and the attack is evaluated from the defence's point-of-view: we'll show how we identified, secured and analyzed indicators of compromise left behind by the attack. This includes the analysis of network captures, Windows event logs, memory dumps and more.\r\n\r\nThis talk will be presented by not only people from NVISO as the IT security service provider who built the firing range and performed to attack against it, but also by people from VERBUND's IT security team who actively use the firing range for training. This way we can involve both the attacker's and the defence's point-of-view.","updated_timestamp":{"seconds":1720393612,"nanoseconds":0},"speakers":[{"content_ids":[54549],"conference_id":133,"event_ids":[54924],"name":"Julia Dewitz-Würzelberger","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"VERBUND","title":"Project Manager, OT Cyber Security"}],"links":[],"pronouns":null,"media":[],"id":54661,"title":"Project Manager, OT Cyber Security at VERBUND"},{"content_ids":[54549],"conference_id":133,"event_ids":[54924],"name":"Bernhard Sedlmayer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56027},{"content_ids":[54549],"conference_id":133,"event_ids":[54924],"name":"Sarah Mader","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NVISO","title":"Senior Consultant"}],"links":[],"pronouns":null,"media":[],"id":56028,"title":"Senior Consultant at NVISO"}],"begin_tsz":"2024-08-09T17:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T23:06:52Z","links":[],"end":"2024-08-09T18:00:00.000-0000","id":54924,"tag_ids":[46169,46382,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723224600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":54661},{"tag_id":46167,"sort_order":4,"person_id":56027},{"tag_id":46167,"sort_order":6,"person_id":56028}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T17:30:00.000-0000","updated":"2024-07-07T23:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join General Paul M. Nakasone, U.S. Army (Retired), for a deep dive into the realities of modern cyber warfare at DefCon. With critical stories from his extensive career, General Nakasone will expose the details of national security in the digital era.\n\nThe longest-serving leader of both the National Security Agency and U.S. Cyber Command, General Nakasone has been on the frontlines of America's cyber defense. He will share firsthand accounts of defending against nation-state hackers, securing critical infrastructure during global crises, and the strategies that kept adversaries at bay.\n\nThis talk will examine the evolving nature of conflict, where the battlefield extends into cyberspace and unique partnerships must be built to offer agility and resilience. General Nakasone will discuss the persistent threats posed by sophisticated hackers and the innovative defenses employed to counteract them. He’ll delve into the importance of intelligence sharing, international alliances, and transparency in operations.\n\nLooking ahead, General Nakasone will present a forward-thinking vision for the future of warfare. He’ll highlight the necessity for adaptive cyber strategies, resilient defenses, and the cultivation of new leadership to address emerging threats.\n\n\n","media":[],"title":"Spies and Bytes: Victory in the Digital Age","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T18:15:00Z","end_timestamp":{"seconds":1723227300,"nanoseconds":0},"android_description":"Join General Paul M. Nakasone, U.S. Army (Retired), for a deep dive into the realities of modern cyber warfare at DefCon. With critical stories from his extensive career, General Nakasone will expose the details of national security in the digital era.\n\nThe longest-serving leader of both the National Security Agency and U.S. Cyber Command, General Nakasone has been on the frontlines of America's cyber defense. He will share firsthand accounts of defending against nation-state hackers, securing critical infrastructure during global crises, and the strategies that kept adversaries at bay.\n\nThis talk will examine the evolving nature of conflict, where the battlefield extends into cyberspace and unique partnerships must be built to offer agility and resilience. General Nakasone will discuss the persistent threats posed by sophisticated hackers and the innovative defenses employed to counteract them. He’ll delve into the importance of intelligence sharing, international alliances, and transparency in operations.\n\nLooking ahead, General Nakasone will present a forward-thinking vision for the future of warfare. He’ll highlight the necessity for adaptive cyber strategies, resilient defenses, and the cultivation of new leadership to address emerging threats.","updated_timestamp":{"seconds":1720307458,"nanoseconds":0},"speakers":[{"content_ids":[54439],"conference_id":133,"event_ids":[54812],"name":"General Paul M. Nakasone","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Vanderbilt’s Institute of National Security","title":"Founding Director"}],"links":[],"pronouns":null,"media":[],"id":54136,"title":"Founding Director at Vanderbilt’s Institute of National Security"}],"begin_tsz":"2024-08-09T17:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:58Z","links":[],"end":"2024-08-09T18:15:00.000-0000","id":54812,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723224600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54136}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-09T17:30:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Advanced Local Procedure Call (ALPC) is an Inter Process Communication method in the Windows kernel. In the past few years, Windows ALPC and RPC vulnerabilities have emerged in an endless stream. These vulnerabilities are mainly based on TOCTOU file operations, memory corruption vulnerabilities in RPC services and ALPC syscalls in ntoskrnl. \n\nWindows kernel provides a variety of security measures to ensure that the data and context accepted by the ALPC and RPC servers are safe. We noticed the attack surface in the security mechanism of the ALPC kernel, and we found a security flaw in this mechanism (magic) and successfully obtained the system privilege from unauthorized users (defeating magic by magic).\n\nIn this talk, we will first overview the communication mechanism of ALPC and RPC services. We will discuss the details of ALPC and RPC in the marshal/unmarshal process that has not been disclosed before. We'll also talk about the kernel security mechanism in ALPC syscalls. Then we will analyze some historical bugs in ALPC and RPC, and disclose the details of the vulnerability we found, discussing how we bypassed the security mechanism through a small security flaw in security mechanisms. Later we'll discuss the exploitation, you will learn about the multiple ways. Finally, We'll make conclusions and share our opinions on this attack surface, including some tips and opinions on how to find these kinds of bugs.\n\n1. A view into ALPC-RPC by Clement Rouault and Thomas Imbert Hack.lu 2017 \n2. Exploiting Errors in Windows Error Reporting - Gal De Leon\n3. Windows Internals, Part 2, 7th Edition\n\n\n","media":[],"title":"Defeating magic by magic:Using ALPC security features to compromise RPC services","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T18:15:00Z","end_timestamp":{"seconds":1723227300,"nanoseconds":0},"android_description":"Advanced Local Procedure Call (ALPC) is an Inter Process Communication method in the Windows kernel. In the past few years, Windows ALPC and RPC vulnerabilities have emerged in an endless stream. These vulnerabilities are mainly based on TOCTOU file operations, memory corruption vulnerabilities in RPC services and ALPC syscalls in ntoskrnl. \n\nWindows kernel provides a variety of security measures to ensure that the data and context accepted by the ALPC and RPC servers are safe. We noticed the attack surface in the security mechanism of the ALPC kernel, and we found a security flaw in this mechanism (magic) and successfully obtained the system privilege from unauthorized users (defeating magic by magic).\n\nIn this talk, we will first overview the communication mechanism of ALPC and RPC services. We will discuss the details of ALPC and RPC in the marshal/unmarshal process that has not been disclosed before. We'll also talk about the kernel security mechanism in ALPC syscalls. Then we will analyze some historical bugs in ALPC and RPC, and disclose the details of the vulnerability we found, discussing how we bypassed the security mechanism through a small security flaw in security mechanisms. Later we'll discuss the exploitation, you will learn about the multiple ways. Finally, We'll make conclusions and share our opinions on this attack surface, including some tips and opinions on how to find these kinds of bugs.\n\n1. A view into ALPC-RPC by Clement Rouault and Thomas Imbert Hack.lu 2017 \n2. Exploiting Errors in Windows Error Reporting - Gal De Leon\n3. Windows Internals, Part 2, 7th Edition","updated_timestamp":{"seconds":1720307458,"nanoseconds":0},"speakers":[{"content_ids":[54438],"conference_id":133,"event_ids":[54811],"name":"WangJunJie Zhang","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Hillstone Network Security Research Institute","title":"Senior Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@hillstone_lab)","sort_order":0,"url":"https://twitter.com/hillstone_lab"}],"media":[],"id":54183,"title":"Senior Security Researcher at Hillstone Network Security Research Institute"},{"content_ids":[54438],"conference_id":133,"event_ids":[54811],"name":"YiSheng He","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54187}],"begin_tsz":"2024-08-09T17:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:58Z","links":[],"end":"2024-08-09T18:15:00.000-0000","id":54811,"tag_ids":[46166,46419,46881],"village_id":null,"begin_timestamp":{"seconds":1723224600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54183},{"tag_id":46167,"sort_order":2,"person_id":54187}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-09T17:30:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to create a cute, squishy, Wi-Fi controllable LED cat lamp? In this workshop, we'll create a cute cat lamp featuring programmable IoT LED's, giving it custom light animations and Wi-Fi control! Your adorable cat lamp can be controlled over Wi-Fi with WLED, allowing you to control it with home automation software. You will create open source, Wi-Fi controlled LED art; learn basic soldering; and take home the remote-controlled Pusheen lamp of your dreams.\n\n\n","media":[],"title":"IoT Cat Lamp","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T18:45:00Z","end_timestamp":{"seconds":1723229100,"nanoseconds":0},"android_description":"Want to create a cute, squishy, Wi-Fi controllable LED cat lamp? In this workshop, we'll create a cute cat lamp featuring programmable IoT LED's, giving it custom light animations and Wi-Fi control! Your adorable cat lamp can be controlled over Wi-Fi with WLED, allowing you to control it with home automation software. You will create open source, Wi-Fi controlled LED art; learn basic soldering; and take home the remote-controlled Pusheen lamp of your dreams.","updated_timestamp":{"seconds":1722645221,"nanoseconds":0},"speakers":[{"content_ids":[55930,55931,55932,55933,55934,55935,55936,55937,55938,55939],"conference_id":133,"event_ids":[56521,56522,56523,56524,56525,56526,56527,56528,56529,56530],"name":"Kody K","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56287}],"begin_tsz":"2024-08-09T17:15:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:41Z","links":[{"label":"Purchase/Pre-Register","type":"link","url":"https://retia.io/products/cat-shaped-wi-fi-defender-hands-on-hacker-hunting-with-microcontrollers-copy"}],"end":"2024-08-09T18:45:00.000-0000","id":56521,"tag_ids":[46383,46429,46734],"village_id":null,"begin_timestamp":{"seconds":1723223700,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56287}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:15:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the casino industry, a surge of ransomware attacks has marked an era of unprecedented threats and vulnerabilities. This session will focus on a critical aspect of security within this industry, exploring how ransomware has specifically impacted applications and associated systems. Attendees will gain insights into the methods used by malicious actors to compromise casino applications, the resulting financial and operational disruptions, (i.e., affected customer data security etc.) and responses developed to counter these threats. By researching industry giants like MGM and Caesars, we will highlight the importance of robust application security measures and the future landscape of cybersecurity in this sector. Unique security challenges faced by the casino industry will be explored, along with examples of vulnerabilities and their exploitation. The session will also delve into the interplay between ICT, IoT, and application security in the casino context.\n\n\n","media":[],"title":"Winning big: AppSec Considerations From the Casino Industry","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:45:00Z","end_timestamp":{"seconds":1723225500,"nanoseconds":0},"android_description":"In the casino industry, a surge of ransomware attacks has marked an era of unprecedented threats and vulnerabilities. This session will focus on a critical aspect of security within this industry, exploring how ransomware has specifically impacted applications and associated systems. Attendees will gain insights into the methods used by malicious actors to compromise casino applications, the resulting financial and operational disruptions, (i.e., affected customer data security etc.) and responses developed to counter these threats. By researching industry giants like MGM and Caesars, we will highlight the importance of robust application security measures and the future landscape of cybersecurity in this sector. Unique security challenges faced by the casino industry will be explored, along with examples of vulnerabilities and their exploitation. The session will also delve into the interplay between ICT, IoT, and application security in the casino context.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55727,55760],"conference_id":133,"event_ids":[56235,56285],"name":"Tennisha Martin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56089},{"content_ids":[55727],"conference_id":133,"event_ids":[56235],"name":"Aleise McGowan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56101}],"begin_tsz":"2024-08-09T17:15:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T17:45:00.000-0000","id":56235,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723223700,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56101},{"tag_id":46167,"sort_order":1,"person_id":56089}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-09T17:15:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Find out how to participate in the Payment Village CTF\n\n\n","media":[],"title":"Introduction to Payment Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:20:00Z","end_timestamp":{"seconds":1723224000,"nanoseconds":0},"android_description":"Find out how to participate in the Payment Village CTF","updated_timestamp":{"seconds":1722356274,"nanoseconds":0},"speakers":[{"content_ids":[55566,55567,55568],"conference_id":133,"event_ids":[56081,56082,56089,56091,56092],"name":"Leigh-Anne Galloway","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"UNDERLE LTD","title":"Director of Research"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/leighannegalloway/"},{"description":"","title":"Twitter (@L_Agalloway)","sort_order":0,"url":"https://twitter.com/L_Agalloway"}],"media":[],"id":56039,"title":"Director of Research at UNDERLE LTD"}],"begin_tsz":"2024-08-09T17:15:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T16:17:54Z","links":[],"end":"2024-08-09T17:20:00.000-0000","id":56082,"tag_ids":[46386,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723223700,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56039}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-09T17:15:00.000-0000","updated":"2024-07-30T16:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"60 seconds. 1 minute.\n\nThat's all it takes for an attacker to compromise an account with access.\nAnd the account doesn't even need to have obvious privileged rights for the attacker to own the cloud environment.\n\nThen, once they get Global Admin rights to Azure AD/Entra ID, it's game over since they have full admin rights, access to all data, and can easily pivot to control all Azure subscription services and content.\n\nThis talk walks through the most common ways that attackers compromise the Microsoft Cloud, specifically Azure AD/Entra ID and how to mitigate these attack techniques.\n\nJoin me in this journey of attacker methods involving account compromise of admin and user accounts, including interesting pairing of role rights, application permissions, and Conditional Access gaps.\n\nSo go beyond Global Administrator to better understand the Entra ID roles that really matter in the tenant and how application permissions provide attacker opportunity in most environments!\n\nAttendees will learn both Azure AD/Entra ID attack and defense during this session.\n\n\n","media":[],"title":"Gone in 60 Seconds… How Azure AD/Entra ID Tenants are Compromised","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:50:00Z","end_timestamp":{"seconds":1723225800,"nanoseconds":0},"android_description":"60 seconds. 1 minute.\n\nThat's all it takes for an attacker to compromise an account with access.\nAnd the account doesn't even need to have obvious privileged rights for the attacker to own the cloud environment.\n\nThen, once they get Global Admin rights to Azure AD/Entra ID, it's game over since they have full admin rights, access to all data, and can easily pivot to control all Azure subscription services and content.\n\nThis talk walks through the most common ways that attackers compromise the Microsoft Cloud, specifically Azure AD/Entra ID and how to mitigate these attack techniques.\n\nJoin me in this journey of attacker methods involving account compromise of admin and user accounts, including interesting pairing of role rights, application permissions, and Conditional Access gaps.\n\nSo go beyond Global Administrator to better understand the Entra ID roles that really matter in the tenant and how application permissions provide attacker opportunity in most environments!\n\nAttendees will learn both Azure AD/Entra ID attack and defense during this session.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55477],"conference_id":133,"event_ids":[55906],"name":"Sean Metcalf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"PyroTek3","sort_order":0,"url":"https://PyroTek3"}],"media":[],"id":56000}],"begin_tsz":"2024-08-09T17:10:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T17:50:00.000-0000","id":55906,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723223400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56000}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T17:10:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Quantum computing harnesses the laws of nature to solve problems that are infeasible on conventional computers, such as integer factorization, which has applications in cryptography, or analyzing properties of molecules and chemical reactions. \r\n\r\nIn this workshop, you will learn the basics of quantum computing and quantum programming using Q# programming language and Azure Quantum Development Kit. You will learn enough to write your first quantum programs — quantum random number generator and Deutsch-Jozsa algorithm — an algorithm that is exponentially faster than any deterministic classical algorithm for that problem. HINT - for those looking to compete in the Quantum CTF, Mariia’s talk will be very useful indeed!!\n\n\n","media":[],"title":"Intro to Quantum with Q#","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:25:00Z","end_timestamp":{"seconds":1723227900,"nanoseconds":0},"android_description":"Quantum computing harnesses the laws of nature to solve problems that are infeasible on conventional computers, such as integer factorization, which has applications in cryptography, or analyzing properties of molecules and chemical reactions. \r\n\r\nIn this workshop, you will learn the basics of quantum computing and quantum programming using Q# programming language and Azure Quantum Development Kit. You will learn enough to write your first quantum programs — quantum random number generator and Deutsch-Jozsa algorithm — an algorithm that is exponentially faster than any deterministic classical algorithm for that problem. HINT - for those looking to compete in the Quantum CTF, Mariia’s talk will be very useful indeed!!","updated_timestamp":{"seconds":1722626493,"nanoseconds":0},"speakers":[{"content_ids":[55841,56226],"conference_id":133,"event_ids":[56884,56428],"name":"Mariia Mykhailova","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56218}],"begin_tsz":"2024-08-09T17:05:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:21:33Z","links":[],"end":"2024-08-09T18:25:00.000-0000","id":56428,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723223100,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56218}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-09T17:05:00.000-0000","updated":"2024-08-02T19:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Brief overview of what the Voting Village is, it’s mission, it’s goals, and it’s history.\n\n\n","media":[],"title":"What is the Voting Village?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:45:00Z","end_timestamp":{"seconds":1723225500,"nanoseconds":0},"android_description":"Brief overview of what the Voting Village is, it’s mission, it’s goals, and it’s history.","updated_timestamp":{"seconds":1723183538,"nanoseconds":0},"speakers":[{"content_ids":[56200,56182,56192],"conference_id":133,"event_ids":[56836,56846,56854],"name":"Catherine Terranova","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/catherine-terranova-8b209826a"},{"description":"","title":"Twitter (@catlovesvoting)","sort_order":0,"url":"https://twitter.com/catlovesvoting"},{"description":"","title":"Website","sort_order":0,"url":"https://votingvillage.org"}],"media":[],"id":56563},{"content_ids":[56182,56193,56192],"conference_id":133,"event_ids":[56836,56846,56847],"name":"Harri Hursti","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/hhursti"},{"description":"","title":"Twitter (@harrihursti)","sort_order":0,"url":"https://twitter.com/harrihursti"},{"description":"","title":"Website","sort_order":0,"url":"https://votingvillage.org"}],"media":[],"id":56570},{"content_ids":[56182,56192],"conference_id":133,"event_ids":[56836,56846],"name":"Matt Blaze","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@mattblaze)","sort_order":0,"url":"https://twitter.com/mattblaze"},{"description":"","title":"Website","sort_order":0,"url":"https://votingvillage.org"}],"media":[],"id":56577}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:05:38Z","links":[],"end":"2024-08-09T17:45:00.000-0000","id":56836,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56563},{"tag_id":46167,"sort_order":4,"person_id":56577},{"tag_id":46167,"sort_order":6,"person_id":56570}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Experts have long agreed that secure internet voting in public elections is not feasible with today's technology, nor with any technologies of the foreseeable future. The challenges are numerous, including many fundamental threats such as vulnerability to malicious clients, authentication attacks, privacy attacks, network and Internet infrastructure attacks, server penetration attacks, and various kinds of denial of service attacks. Internet voting systems also suffer from a lack of any meaningful end-to-end auditability. In this hacking challenge, we will set aside these broader concerns to focus on a specific proposed internet voting system called SIV (Secure Internet Voting) intended for real public elections in the United States. They are conducting a mock online election this week with the specific goal of challenging anyone to break their system.\n\n\n","media":[],"title":"SIV Internet Voting Hacking Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Experts have long agreed that secure internet voting in public elections is not feasible with today's technology, nor with any technologies of the foreseeable future. The challenges are numerous, including many fundamental threats such as vulnerability to malicious clients, authentication attacks, privacy attacks, network and Internet infrastructure attacks, server penetration attacks, and various kinds of denial of service attacks. Internet voting systems also suffer from a lack of any meaningful end-to-end auditability. In this hacking challenge, we will set aside these broader concerns to focus on a specific proposed internet voting system called SIV (Secure Internet Voting) intended for real public elections in the United States. They are conducting a mock online election this week with the specific goal of challenging anyone to break their system.","updated_timestamp":{"seconds":1723212527,"nanoseconds":0},"speakers":[{"content_ids":[56181],"conference_id":133,"event_ids":[56835],"name":"SIV","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Website","sort_order":0,"url":"https://hack.siv.org/"}],"media":[],"id":56583}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T14:08:47Z","links":[{"label":"Website","type":"link","url":"http://hack.siv.org/"}],"end":"2024-08-11T20:00:00.000-0000","id":56835,"tag_ids":[46396,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56583}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"Y","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-09T14:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Physical Security Village explores the world of hardware bypasses and techniques generally outside of the realm of cyber-security and lockpicking. Come learn some of these bypasses, how to fix them, and have the opportunity to try them out for yourself. \r\n\r\nWe’ll be covering the basics, like the under-the-door-tool and latch slipping attacks, as well as an in depth look at more complicated bypasses. Learn about elevator hacking, attacking alarm systems at the sensor and communication line, and cut-away and display models of common hardware to show how it works on the inside. \r\n\r\nLooking for a challenge? Show us you can use lock bypass to escape from a pair of standard handcuffs in under 30 seconds and receive a prize!\n\n\n","media":[],"title":"Physical Security Village Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The Physical Security Village explores the world of hardware bypasses and techniques generally outside of the realm of cyber-security and lockpicking. Come learn some of these bypasses, how to fix them, and have the opportunity to try them out for yourself. \r\n\r\nWe’ll be covering the basics, like the under-the-door-tool and latch slipping attacks, as well as an in depth look at more complicated bypasses. Learn about elevator hacking, attacking alarm systems at the sensor and communication line, and cut-away and display models of common hardware to show how it works on the inside. \r\n\r\nLooking for a challenge? Show us you can use lock bypass to escape from a pair of standard handcuffs in under 30 seconds and receive a prize!","updated_timestamp":{"seconds":1723044549,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T15:29:09Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56819,"tag_ids":[46387,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-07T15:29:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In addition to the CTF and talks which are elsewhere on the schedule, the RF Village is also a place to hang out and chat with like minded folks who share your interests.\n\n\n","media":[],"title":"Radio Frequency Village Events","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"In addition to the CTF and talks which are elsewhere on the schedule, the RF Village is also a place to hang out and chat with like minded folks who share your interests.","updated_timestamp":{"seconds":1722874415,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-05T16:13:35Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56766,"tag_ids":[46390,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-05T16:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this game capture the flag you will be presented with real configurations of real wireless and radio technologies to attack. Practice your skill and learn new ones from Radio Frequency IDentification (RFID) through Software Defined Radio (SDR) and up to Bluetooth and WiFi. There may even be Infrared, if you have the eye for it.\r\n\r\nRF Hackers Sanctuary is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 32. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\r\n\r\nWe cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\r\n\r\nThis game doesn’t let you sit still either, as there are numerous fox hunts, testing your skill in tracking various signals. If running around the conference looking for WiFi, Bluetooth, or even a Tire Pressure Monitoring System (TPMS) device sounds like fun, we are your source of a higher step count.\r\n\r\nThere will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.\n\n\n","media":[{"hash_sha256":"5f981ba5433d67bf2f8834a45bb258444769b295ae92186f2f68a4af3895f9c6","filetype":"image/png","hash_md5":"72e07d62ad0bbc2e291d84f343f14ae7","name":"ct_rfhs.png","is_logo":"Y","hash_crc32c":"5c2623fd","filesize":55723,"asset_id":657,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_rfhs.png"}],"title":"Radio Frequency Capture the Flag","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"In this game capture the flag you will be presented with real configurations of real wireless and radio technologies to attack. Practice your skill and learn new ones from Radio Frequency IDentification (RFID) through Software Defined Radio (SDR) and up to Bluetooth and WiFi. There may even be Infrared, if you have the eye for it.\r\n\r\nRF Hackers Sanctuary is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 32. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\r\n\r\nWe cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\r\n\r\nThis game doesn’t let you sit still either, as there are numerous fox hunts, testing your skill in tracking various signals. If running around the conference looking for WiFi, Bluetooth, or even a Tire Pressure Monitoring System (TPMS) device sounds like fun, we are your source of a higher step count.\r\n\r\nThere will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.","updated_timestamp":{"seconds":1722114431,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-27T21:07:11Z","links":[{"label":"Website","type":"link","url":"https://rfhackers.com"},{"label":"Scoreboard","type":"link","url":"https://scoreboard.rfhackers.com/"}],"end":"2024-08-11T20:00:00.000-0000","id":56765,"tag_ids":[46390,46439,46742],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"Y","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-27T21:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Hardware Hacking and Soldering Skills Village Open (HHV-SSV)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722822007,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-05T01:40:07Z","links":[{"label":"Website","type":"link","url":"https://dchhv.org"}],"end":"2024-08-10T01:00:00.000-0000","id":56757,"tag_ids":[46381,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-05T01:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"To celebrate DEF CON 32, the Hardware Hacking Village (HHV) is hosting a Rube Goldberg Machine (RGM) Event! This idea has been kicking around the HHV volunteer circle in one shape or another since at least DEF CON 20, so it’s about time that it happened! The goal is to create a series of devices that combine to form an end-to-end Rube Goldberg machine for transmitting messages. The hope is that all sorts of creative devices will be connected up to each other to move bits through various complicated and fun analog/digital methods. Ideas have ranged from simply wiring RX to TX — to using radios to bounce the message off the moon!\n\n\n","media":[],"title":"HHV Rube Goldberg Machine","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"To celebrate DEF CON 32, the Hardware Hacking Village (HHV) is hosting a Rube Goldberg Machine (RGM) Event! This idea has been kicking around the HHV volunteer circle in one shape or another since at least DEF CON 20, so it’s about time that it happened! The goal is to create a series of devices that combine to form an end-to-end Rube Goldberg machine for transmitting messages. The hope is that all sorts of creative devices will be connected up to each other to move bits through various complicated and fun analog/digital methods. Ideas have ranged from simply wiring RX to TX — to using radios to bounce the message off the moon!","updated_timestamp":{"seconds":1722821818,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-05T01:36:58Z","links":[{"label":"More Info","type":"link","url":"https://dchhv.org/events/hhv_rgb.html"}],"end":"2024-08-10T01:00:00.000-0000","id":56756,"tag_ids":[46381,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-05T01:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you have never participated in a Robo Sumo event before, welcome to the crowd! There are a number of resources online on this topic. We are lucky enough to have Pololu as a local resource. Their office is a short distance from the strip. They have have robots and parts to make robots. They can ship to your hotel if desired. Put something together and bring it down to show off and shove other bots around.\r\n\r\nPlease follow the \"more info\" link if you would like to know more.\n\n\n","media":[],"title":"Robo Sumo","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"If you have never participated in a Robo Sumo event before, welcome to the crowd! There are a number of resources online on this topic. We are lucky enough to have Pololu as a local resource. Their office is a short distance from the strip. They have have robots and parts to make robots. They can ship to your hotel if desired. Put something together and bring it down to show off and shove other bots around.\r\n\r\nPlease follow the \"more info\" link if you would like to know more.","updated_timestamp":{"seconds":1722821775,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-05T01:36:15Z","links":[{"label":"More Info","type":"link","url":"https://dchhv.org/events/robosumo.html"}],"end":"2024-08-10T01:00:00.000-0000","id":56755,"tag_ids":[46381,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-05T01:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Welcome to the inaugural GameHacking.GG @ DEF CON 32, where gaming and cybersecurity intersect in exciting and interactive ways. Our mission is to delve into various aspects of game security, fostering an environment of exploration, play, and learning. The DEFCON32 event is constructed to make game security accessible and playable at all skill levels. \r\n\r\nAt the Game Hacking DEF CON 32 event, participants can engage in activities ranging from modding games to exploring the intricacies of memory hacking and multiplayer cheats. In future iterations of the event we hope to expand to learning about game malware and maybe even some hardware hacks. Whether you're a beginner or an experienced hacker, we will have presentations and activities to challenge your skills.\r\n\r\nBe part of the evolution of game security. Dive into our activities, engage with other game hackers, and explore opportunities to contribute to and support the Game Hacking Community. Let’s play, learn, exploit, and perhaps even profit.\n\n\n","media":[],"title":"Game Hacking Community Activities & CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Welcome to the inaugural GameHacking.GG @ DEF CON 32, where gaming and cybersecurity intersect in exciting and interactive ways. Our mission is to delve into various aspects of game security, fostering an environment of exploration, play, and learning. The DEFCON32 event is constructed to make game security accessible and playable at all skill levels. \r\n\r\nAt the Game Hacking DEF CON 32 event, participants can engage in activities ranging from modding games to exploring the intricacies of memory hacking and multiplayer cheats. In future iterations of the event we hope to expand to learning about game malware and maybe even some hardware hacks. Whether you're a beginner or an experienced hacker, we will have presentations and activities to challenge your skills.\r\n\r\nBe part of the evolution of game security. Dive into our activities, engage with other game hackers, and explore opportunities to contribute to and support the Game Hacking Community. Let’s play, learn, exploit, and perhaps even profit.","updated_timestamp":{"seconds":1722815557,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-04T23:52:37Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56751,"tag_ids":[46402,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-03","hotel":"","short_name":"HW4-01-03","id":46275},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-04T23:52:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Lonely Hackers Club is conducting some meshtastic activities during DEF CON 32. \r\n\r\nThe Lonely Hackers Club is hosting a CTF over Meshtastic. To participate you will need a Meshtastic node. There will be additional flags located in or near the LHC room. For more information check out our [Meshtastic page](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Getting Started\r\n\r\nLearn more [here](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Default LongFast Mesh + LHC Channel, Use before DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CgcSAQE6AgggChcSEMSWXxEzf_LVVi5jI8UQhWUaA2xoYxIMCAE4AUADSAFQHmgB)\r\n\r\n## DEFCONnect ShortFast Mesh + LHC Channel, Use during DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CjISIDhLvMAdwCLRgb82uGEh4fuWty5Vv3Qifp1q-0jWTLGhGgpERUZDT05uZWN0OgIIDQoXEhDEll8RM3_y1VYuYyPFEIVlGgNsaGMSEQgBEAY4AUADSAFQHmgBwAYB)\r\n\n\n\n","media":[],"title":"LHC Meshtastic Activities and CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Lonely Hackers Club is conducting some meshtastic activities during DEF CON 32. \r\n\r\nThe Lonely Hackers Club is hosting a CTF over Meshtastic. To participate you will need a Meshtastic node. There will be additional flags located in or near the LHC room. For more information check out our [Meshtastic page](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Getting Started\r\n\r\nLearn more [here](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Default LongFast Mesh + LHC Channel, Use before DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CgcSAQE6AgggChcSEMSWXxEzf_LVVi5jI8UQhWUaA2xoYxIMCAE4AUADSAFQHmgB)\r\n\r\n## DEFCONnect ShortFast Mesh + LHC Channel, Use during DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CjISIDhLvMAdwCLRgb82uGEh4fuWty5Vv3Qifp1q-0jWTLGhGgpERUZDT05uZWN0OgIIDQoXEhDEll8RM3_y1VYuYyPFEIVlGgNsaGMSEQgBEAY4AUADSAFQHmgBwAYB)","updated_timestamp":{"seconds":1722875831,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-05T16:37:11Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56748,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-05T16:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"\"Tamper-evident\" refers to a physical security technology that provides evidence of tampering (access, damage, repair, or replacement) to determine authenticity or integrity of a container or object(s). In practical terms, this can be a piece of tape that closes an envelope, a plastic detainer that secures a hasp, or an ink used to identify a legitimate document. Tamper-evident technologies are often confused with \"tamper resistant\" or \"tamper proof\" technologies which attempt to prevent tampering in the first place. Referred to individually as \"seals,\" many tamper technologies are easy to destroy, but a destroyed (or missing) seal would provide evidence of tampering! The goal of the TEV is to teach attendees how these technologies work and how many can be tampered with without leaving evidence.\r\n\r\nThe Tamper-Evident Village includes the following contests and events:\r\n\r\n- The Box; an electronic tamper challenge. An extremely realistic explosive with traps, alarms, and a timer ticking down. One mistake and BOOM, you're dead. Make every second count! Sign ups on-site when the TEV begins.\r\n- Tamper-Evident King of the Hill; a full-featured tamper challenge. Tamper single items at your leisure and attempt to beat the current best. There can be only ONE! No sign ups required, play on-site when the TEV begins.\r\n- Badge Counterfeiting Contest; submit your best forgery of a DEF CON human badge. Other target badges are also available for those looking for more counterfeit fun!\r\n- For your viewing pleasure, collections of high-security tamper-evident seals from around the world.\r\n- Presentations & demonstrations on various aspects of tamper-evident seals and methods to defeat them.\r\n- Hands-on fun with adhesive seals, mechanical seals, envelopes, and evidence bags.\n\n\n","media":[],"title":"Tamper Evident Village Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"\"Tamper-evident\" refers to a physical security technology that provides evidence of tampering (access, damage, repair, or replacement) to determine authenticity or integrity of a container or object(s). In practical terms, this can be a piece of tape that closes an envelope, a plastic detainer that secures a hasp, or an ink used to identify a legitimate document. Tamper-evident technologies are often confused with \"tamper resistant\" or \"tamper proof\" technologies which attempt to prevent tampering in the first place. Referred to individually as \"seals,\" many tamper technologies are easy to destroy, but a destroyed (or missing) seal would provide evidence of tampering! The goal of the TEV is to teach attendees how these technologies work and how many can be tampered with without leaving evidence.\r\n\r\nThe Tamper-Evident Village includes the following contests and events:\r\n\r\n- The Box; an electronic tamper challenge. An extremely realistic explosive with traps, alarms, and a timer ticking down. One mistake and BOOM, you're dead. Make every second count! Sign ups on-site when the TEV begins.\r\n- Tamper-Evident King of the Hill; a full-featured tamper challenge. Tamper single items at your leisure and attempt to beat the current best. There can be only ONE! No sign ups required, play on-site when the TEV begins.\r\n- Badge Counterfeiting Contest; submit your best forgery of a DEF CON human badge. Other target badges are also available for those looking for more counterfeit fun!\r\n- For your viewing pleasure, collections of high-security tamper-evident seals from around the world.\r\n- Presentations & demonstrations on various aspects of tamper-evident seals and methods to defeat them.\r\n- Hands-on fun with adhesive seals, mechanical seals, envelopes, and evidence bags.","updated_timestamp":{"seconds":1722801725,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-04T20:02:05Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56745,"tag_ids":[46394,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-04T20:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Welcome to the 11th CPV at DEF CON! This will be the absolute fastest state of the village sharing talks for the day, plus what's available at the village.\n\n\n","media":[],"title":"CPV: Day 1 Welcome","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:02:00Z","end_timestamp":{"seconds":1723222920,"nanoseconds":0},"android_description":"Welcome to the 11th CPV at DEF CON! This will be the absolute fastest state of the village sharing talks for the day, plus what's available at the village.","updated_timestamp":{"seconds":1722725815,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T22:56:55Z","links":[],"end":"2024-08-09T17:02:00.000-0000","id":56619,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T22:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Adversary Village keynote kick-off panel","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723217383,"nanoseconds":0},"speakers":[{"content_ids":[54555,54470,55984,55899],"conference_id":133,"event_ids":[56606,56486,54843,54930],"name":"Vivek Ramachandran","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SquareX","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/vivekramachandran/"},{"description":"","title":"Twitter (@vivekramac)","sort_order":0,"url":"https://x.com/vivekramac"}],"media":[],"id":54075,"title":"Founder at SquareX"},{"content_ids":[54593,55984],"conference_id":133,"event_ids":[56606,54968],"name":"Ken Kato","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Omni Federal","title":"VP"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/devsecops-kkato/"},{"description":"","title":"Twitter (@CyberCalyx)","sort_order":0,"url":"https://x.com/CyberCalyx"}],"media":[],"id":54207,"title":"VP at Omni Federal"},{"content_ids":[54593,55984],"conference_id":133,"event_ids":[56606,54968],"name":"Abhijith “Abx” B R","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/abhijith-b-r/"},{"description":"","title":"Twitter (@abhijithbr)","sort_order":0,"url":"https://twitter.com/abhijithbr"},{"description":"","title":"adversaryvillage.org","sort_order":0,"url":"https://adversaryvillage.org"}],"media":[],"id":54209},{"content_ids":[54584,55984],"conference_id":133,"event_ids":[56606,54959],"name":"Bryson Bort ","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54266},{"content_ids":[55984],"conference_id":133,"event_ids":[56606],"name":"Sanne Maasakkers","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Mandiant","title":"Threat Intel"}],"links":[],"pronouns":null,"media":[],"id":56597,"title":"Threat Intel at Mandiant"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T15:29:43Z","links":[],"end":"2024-08-09T18:00:00.000-0000","id":56606,"tag_ids":[46367,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":54209},{"tag_id":46487,"sort_order":4,"person_id":54266},{"tag_id":46487,"sort_order":6,"person_id":54207},{"tag_id":46487,"sort_order":8,"person_id":54075},{"tag_id":46487,"sort_order":10,"person_id":56597}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-09T15:29:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This area will feature guided breach simulation exercises for participants to engage with. There will be two activities, \"Breach-the-Hospital\" and \"Breach-the-Office,\" based on two LEGO sets. A simulated cyber range will be available for each scenario, providing an exact replica of an enterprise production environment. We will provide a detailed walkthrough of the attack scenarios, including Tools-Techniques-and-Procedures (TTPs) commands and how-to guides, demonstrating how to atatck and breach the hospital's infrastructure or the office environment. This exercise will give participants a clear understanding of how adversaries infiltrate corporate environments.\n\n\n","media":[],"title":"Hands-on Attack and Breach Simulation exercises","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"This area will feature guided breach simulation exercises for participants to engage with. There will be two activities, \"Breach-the-Hospital\" and \"Breach-the-Office,\" based on two LEGO sets. A simulated cyber range will be available for each scenario, providing an exact replica of an enterprise production environment. We will provide a detailed walkthrough of the attack scenarios, including Tools-Techniques-and-Procedures (TTPs) commands and how-to guides, demonstrating how to atatck and breach the hospital's infrastructure or the office environment. This exercise will give participants a clear understanding of how adversaries infiltrate corporate environments.","updated_timestamp":{"seconds":1722714024,"nanoseconds":0},"speakers":[{"content_ids":[55981,55982,55983,55994],"conference_id":133,"event_ids":[56597,56598,56599,56600,56601,56602,56603,56604,56605,56616],"name":"Adversary Village Crew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56320}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T19:40:24Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56599,"tag_ids":[46367,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56320}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV Hands-on Area","hotel":"","short_name":"ADV Hands-on Area","id":46478},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T19:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Adversary Adventure is a Choose-Your-Own-Adventure model interactive table-top exercise game, where everyone can participate and choose various tasks. The participants can choose to play as an attacker who performs adversarial activities against a target, a defender who deals with a potential breach, as a CISO who is managing a ransomware attack, or even as management executives going through a table-top exercise.\n\n\n","media":[],"title":"Adversary-Adventure Table-top Game","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Adversary Adventure is a Choose-Your-Own-Adventure model interactive table-top exercise game, where everyone can participate and choose various tasks. The participants can choose to play as an attacker who performs adversarial activities against a target, a defender who deals with a potential breach, as a CISO who is managing a ransomware attack, or even as management executives going through a table-top exercise.","updated_timestamp":{"seconds":1722714013,"nanoseconds":0},"speakers":[{"content_ids":[55981,55982,55983,55994],"conference_id":133,"event_ids":[56597,56598,56599,56600,56601,56602,56603,56604,56605,56616],"name":"Adversary Village Crew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56320}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T19:40:13Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56598,"tag_ids":[46367,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56320}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV Hands-on Area","hotel":"","short_name":"ADV Hands-on Area","id":46478},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T19:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Adversary Simulator booth is a volunteer assisted activity, which has hands-on adversary emulation plans and exercises specific to a wide variety of threat-actors; these are meant to provide the participants with a better understanding of adversarial attack emulation. The booth will be hosting a simulated environment meant to recreate enterprise infrastructure, operational technology environment, which serves targets for various attack simulations.The hands-on simulator booth also hosts an activity, which would need the participants to generate their own adversary emulation plans to assess the efficacy of the defense systems based on publicly available cyber threat intelligence.\n\n\n","media":[],"title":"Adversary simulator and purple teaming hands-on booth","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Adversary Simulator booth is a volunteer assisted activity, which has hands-on adversary emulation plans and exercises specific to a wide variety of threat-actors; these are meant to provide the participants with a better understanding of adversarial attack emulation. The booth will be hosting a simulated environment meant to recreate enterprise infrastructure, operational technology environment, which serves targets for various attack simulations.The hands-on simulator booth also hosts an activity, which would need the participants to generate their own adversary emulation plans to assess the efficacy of the defense systems based on publicly available cyber threat intelligence.","updated_timestamp":{"seconds":1722713994,"nanoseconds":0},"speakers":[{"content_ids":[55981,55982,55983,55994],"conference_id":133,"event_ids":[56597,56598,56599,56600,56601,56602,56603,56604,56605,56616],"name":"Adversary Village Crew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56320}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T19:39:54Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56597,"tag_ids":[46367,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56320}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV Hands-on Area","hotel":"","short_name":"ADV Hands-on Area","id":46478},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T19:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The S.O.D.A. Machine Experience:\r\n\r\nImagine being at DEF CON, eager to dive into some serious hacking without being tethered to your laptop. The Shell On Demand Appliance is here to enhance your experience by providing access to anonymous virtual machine using cold hard cash. \r\n\r\nWhat is the Shell On Demand Appliance?\r\n\r\nThe S.O.D.A. machine is now located in the contest area at the DEF CON Scavenger Hunt booth, offering virtual machines accessible via the DEF CON network. A blend of hardware, software, art, and hacking, using recycled materials to create a sustainable tech experience. The built-in datacenter connects directly to the DEF CON network. Insert cash or coins into the machine to get started, the system deploys the VM to the network, and a receipt with your login credentials is printed. Users receive login credentials to access their virtual machine via remote shell. You can change the password, install tools and applications, and customize the VM to suit your needs. The updated system now provides secure access from anywhere in the world through a web browser or standard SSH client. Be sure to check out the BBS too!\r\n\r\nSupporting the Cause:\r\n\r\nAll proceeds from the S.O.D.A. Machine benefit the National Upcycled Computing Collective, Inc., a 501(c)(3) nonprofit organization dedicated to advancing research and education in computer science, technology, and engineering. Contributions are welcome at [https://www.paypal.com/paypalme/NUCC](https://www.paypal.com/paypalme/NUCC).\n\n\n","media":[],"title":"Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The S.O.D.A. Machine Experience:\r\n\r\nImagine being at DEF CON, eager to dive into some serious hacking without being tethered to your laptop. The Shell On Demand Appliance is here to enhance your experience by providing access to anonymous virtual machine using cold hard cash. \r\n\r\nWhat is the Shell On Demand Appliance?\r\n\r\nThe S.O.D.A. machine is now located in the contest area at the DEF CON Scavenger Hunt booth, offering virtual machines accessible via the DEF CON network. A blend of hardware, software, art, and hacking, using recycled materials to create a sustainable tech experience. The built-in datacenter connects directly to the DEF CON network. Insert cash or coins into the machine to get started, the system deploys the VM to the network, and a receipt with your login credentials is printed. Users receive login credentials to access their virtual machine via remote shell. You can change the password, install tools and applications, and customize the VM to suit your needs. The updated system now provides secure access from anywhere in the world through a web browser or standard SSH client. Be sure to check out the BBS too!\r\n\r\nSupporting the Cause:\r\n\r\nAll proceeds from the S.O.D.A. Machine benefit the National Upcycled Computing Collective, Inc., a 501(c)(3) nonprofit organization dedicated to advancing research and education in computer science, technology, and engineering. Contributions are welcome at [https://www.paypal.com/paypalme/NUCC](https://www.paypal.com/paypalme/NUCC).","updated_timestamp":{"seconds":1722781910,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-04T14:31:50Z","links":[{"label":"Mastodon (@soda@defcon.social)","type":"link","url":"https://defcon.social/@soda"},{"label":"Twitter (@ShellsOnDemand)","type":"link","url":"https://twitter.com/ShellsOnDemand"}],"end":"2024-08-10T01:00:00.000-0000","id":56596,"tag_ids":[46362,46427],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-02","hotel":"","short_name":"HW4-03-02","id":46369},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-04T14:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"En este panel se abordará las oportunidades y desafíos que enfrentan los profesionales latinos en el campo de la ciberseguridad fuera de América Latina. Adicionalmente estudiaremos las estrategias para destacar en mercados internacionales, las habilidades clave necesarias y las redes de apoyo que pueden ayudar a los latinos a prosperar en esta industria en constante evolución. Además, se discutirán experiencias personales y consejos prácticos para navegar en entornos multiculturales y globales. Únete a nosotros para aprender cómo los latinos pueden hacer una diferencia significativa en el panorama global de la ciberseguridad.\n\n\n","media":[],"title":"Be Latino in Cybersecurity on markets outside LATAM","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"En este panel se abordará las oportunidades y desafíos que enfrentan los profesionales latinos en el campo de la ciberseguridad fuera de América Latina. Adicionalmente estudiaremos las estrategias para destacar en mercados internacionales, las habilidades clave necesarias y las redes de apoyo que pueden ayudar a los latinos a prosperar en esta industria en constante evolución. Además, se discutirán experiencias personales y consejos prácticos para navegar en entornos multiculturales y globales. Únete a nosotros para aprender cómo los latinos pueden hacer una diferencia significativa en el panorama global de la ciberseguridad.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55290,55309,55957,55274],"conference_id":133,"event_ids":[55699,56573,55664,55680],"name":"Omar Santos","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@santosomar)","sort_order":0,"url":"https://twitter.com/santosomar"}],"media":[],"id":55860},{"content_ids":[55306,55904,55965,55957],"conference_id":133,"event_ids":[56573,56581,55696,56491],"name":"Lenin Alevski","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Security Engineer"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/alevsk/"},{"description":"","title":"Twitter (@alevsk)","sort_order":0,"url":"https://twitter.com/alevsk"},{"description":"","title":"Website","sort_order":0,"url":"https://www.alevsk.com/"}],"media":[],"id":55862,"title":"Security Engineer at Google"},{"content_ids":[55957],"conference_id":133,"event_ids":[56573],"name":"Salvador Mendonza","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56292},{"content_ids":[55957],"conference_id":133,"event_ids":[56573],"name":"Guillermo Buendia","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56315},{"content_ids":[55957],"conference_id":133,"event_ids":[56573],"name":"Alan Villaseñor","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56316}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-09T18:00:00.000-0000","id":56573,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56292},{"tag_id":46167,"sort_order":4,"person_id":55862},{"tag_id":46167,"sort_order":6,"person_id":55860},{"tag_id":46167,"sort_order":8,"person_id":56316},{"tag_id":46167,"sort_order":10,"person_id":56315}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is when you can go visit our awesome vendors. \r\n\r\nWe don't know which they will be accepting cash vs cards. That's up to each organization, and we do not have a list.\r\n\r\nWe also don't know if/when vendors will sell out of anything they may be selling.\n\n\n","media":[],"title":"Vendors and Exhibitors Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"This is when you can go visit our awesome vendors. \r\n\r\nWe don't know which they will be accepting cash vs cards. That's up to each organization, and we do not have a list.\r\n\r\nWe also don't know if/when vendors will sell out of anything they may be selling.","updated_timestamp":{"seconds":1722692937,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T13:48:57Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56570,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T13:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hack a (not-so) smart safe and win prizes from TCM Security! Attendees will be guided through a hands-on lab that demonstrates common tools and techniques to unpack and analyze firmware, hunt for files of interest, and reverse engineer binaries and libraries. In addition, you will learn how to trace functionality in IoT devices to their underlying binaries and libraries and further reverse engineer these to hunt for common vulnerabilities. By using these techniques, you will be able to find the vulnerable section of code in the smart safe and craft an exploit that will allow you to access the safe and win the loot inside.\n\n\n","media":[],"title":"Safe Hacking","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Hack a (not-so) smart safe and win prizes from TCM Security! Attendees will be guided through a hands-on lab that demonstrates common tools and techniques to unpack and analyze firmware, hunt for files of interest, and reverse engineer binaries and libraries. In addition, you will learn how to trace functionality in IoT devices to their underlying binaries and libraries and further reverse engineer these to hunt for common vulnerabilities. By using these techniques, you will be able to find the vulnerable section of code in the smart safe and craft an exploit that will allow you to access the safe and win the loot inside.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56520,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Intuit R3DC0N's Phisherman's Wharf will lead beginners looking to learn how phishing campaigns are managed. This short introductory lab will give you hands on experience creating a phish test campaign from a cached email and web site using GoPhish, leverage email lists, and observe the responses when the victims interact with the phish emails in MailHog.\n\nAccompanied by our expert guide, witness live hacking demonstrations showcasing the alarming simplicity behind breaching and controlling banned xIoT devices. Embrace the excitement. Join us at the Lab and let the hacking games begin!\n\n\n","media":[],"title":"Phisherman's Wharf - Phishing for Beginners","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Intuit R3DC0N's Phisherman's Wharf will lead beginners looking to learn how phishing campaigns are managed. This short introductory lab will give you hands on experience creating a phish test campaign from a cached email and web site using GoPhish, leverage email lists, and observe the responses when the victims interact with the phish emails in MailHog.\n\nAccompanied by our expert guide, witness live hacking demonstrations showcasing the alarming simplicity behind breaching and controlling banned xIoT devices. Embrace the excitement. Join us at the Lab and let the hacking games begin!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56519,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join Drew Green, John Rodriguez, and Ken Pyle for a deep dive into identifying vulnerabilities in network devices. Explore and exploit weaknesses in a wireless mesh network and learn how advanced threats view your infrastructure.\n\n\n","media":[],"title":"Living off the Land inside your WiFi : Exploring and Exploiting Access Points and Routers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Join Drew Green, John Rodriguez, and Ken Pyle for a deep dive into identifying vulnerabilities in network devices. Explore and exploit weaknesses in a wireless mesh network and learn how advanced threats view your infrastructure.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[{"content_ids":[55300,55927],"conference_id":133,"event_ids":[56518,56535,55690,56536],"name":"John Rodriguez","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55853},{"content_ids":[55927],"conference_id":133,"event_ids":[56518,56535,56536],"name":"Drew Green","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56288},{"content_ids":[55927],"conference_id":133,"event_ids":[56518,56535,56536],"name":"Ken Pyle","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56289}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56518,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56288},{"tag_id":46167,"sort_order":4,"person_id":55853},{"tag_id":46167,"sort_order":6,"person_id":56289}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Defeat the Keysight CTF challenge for a chance to win a Riscuberry IoT hacking training kit with Riscure Academy online training. See one of the Keysight staff for details. LIGHT THE BEACONS and show us the flag!\n\n\n","media":[],"title":"Keysight CTF Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Defeat the Keysight CTF challenge for a chance to win a Riscuberry IoT hacking training kit with Riscure Academy online training. See one of the Keysight staff for details. LIGHT THE BEACONS and show us the flag!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56517,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The IoT Village Hacking Playground is a set of hands-on labs developed to teach the tools and techniques for discovering and exploiting some of the common weaknesses found in IoT devices in just a few minutes. Work at your own pace following our IoT Hacking guides and if you get stuck, our instructors are on hand to provide assistance and answer any questions.\n\n\n","media":[],"title":"IoT Village Hacking Playground","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The IoT Village Hacking Playground is a set of hands-on labs developed to teach the tools and techniques for discovering and exploiting some of the common weaknesses found in IoT devices in just a few minutes. Work at your own pace following our IoT Hacking guides and if you get stuck, our instructors are on hand to provide assistance and answer any questions.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56516,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join Finite State live on the Tech Done Different Podcast live at 2:30 on the 9th with host Ted Harrington. Finite State and ISE will be discussing all things DEF CON 32 and the state of IoT security. This will be a live recording!\n\n\n","media":[],"title":"IoT Security at DEF CON 32","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Join Finite State live on the Tech Done Different Podcast live at 2:30 on the 9th with host Ted Harrington. Finite State and ISE will be discussing all things DEF CON 32 and the state of IoT security. This will be a live recording!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56515,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn the trade secrets of elite embedded security researchers and exploit developers. This hands-on workshop equips you with the QEMU and GDB skills needed to emulate and debug embedded system processes.\n\nFriday, August 9th / Saturday, August 10th\n\n 10:00 am - QEMU Primer\n 11:00 am - QEMU Emulation\n 2:00 pm - Debugging with QEMU and GDB\n 3:00 pm - Q&A for Workshops\n\n\n","media":[],"title":"Inside the Toolkit of Elite Embedded Security Experts - Hands-On Workshop: QEMU & GDB for Embedded Systems Analysis","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Learn the trade secrets of elite embedded security researchers and exploit developers. This hands-on workshop equips you with the QEMU and GDB skills needed to emulate and debug embedded system processes.\n\nFriday, August 9th / Saturday, August 10th\n\n 10:00 am - QEMU Primer\n 11:00 am - QEMU Emulation\n 2:00 pm - Debugging with QEMU and GDB\n 3:00 pm - Q&A for Workshops","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56514,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"How to get started, two steps\n\n Download the GE Appliances SmartHQ App “SmartHQ” available on the Google Play and iOS Stores to your mobile phone\n Create your GE Appliances Account to commission the appliance, connecting the appliance to your account. The app will walk you through this step.\n\nRouter Name SSID: HackAway\nRouter Name Password: With GEA\n\nIn-Scope: Only communications between the appliance, GE Appliances SmartHQ App, and the cloud connection for the appliance\n\nPlease leave your contact information and we will be in touch! Or you may visit our security webpage by typing “GEAppliances.com/security” into your Internet browser. We have a call center and PSIRT team ready to hear your questions!\n\n\n","media":[],"title":"Hardware Hacking GE Appliances","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"How to get started, two steps\n\n Download the GE Appliances SmartHQ App “SmartHQ” available on the Google Play and iOS Stores to your mobile phone\n Create your GE Appliances Account to commission the appliance, connecting the appliance to your account. The app will walk you through this step.\n\nRouter Name SSID: HackAway\nRouter Name Password: With GEA\n\nIn-Scope: Only communications between the appliance, GE Appliances SmartHQ App, and the cloud connection for the appliance\n\nPlease leave your contact information and we will be in touch! Or you may visit our security webpage by typing “GEAppliances.com/security” into your Internet browser. We have a call center and PSIRT team ready to hear your questions!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56513,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Rapid7 is back with more hands-on hardware hacking exercises. This year we will be guiding attendees through several exercises gaining root access for control and extraction of firmware and file system data. From TFTP kernel images over the network to single user mode access via modification of U-Boot. These exercises will guide you through the process of importing a kernel image over the network and executing it in memory for root access, along with understanding embedded device flash memory layout and how to transfer firmware images over the network for offline testing.  Also, we will walk through placing the IoT device in single user mode for root access and then rebuild the structure and needed drivers to bring the IoT embedded system out of single user mode for full access.\n\n\n","media":[],"title":"Hands-On Hardware Hacking – From Console to Root, Manipulating and Controlling a Protected System","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Rapid7 is back with more hands-on hardware hacking exercises. This year we will be guiding attendees through several exercises gaining root access for control and extraction of firmware and file system data. From TFTP kernel images over the network to single user mode access via modification of U-Boot. These exercises will guide you through the process of importing a kernel image over the network and executing it in memory for root access, along with understanding embedded device flash memory layout and how to transfer firmware images over the network for offline testing.  Also, we will walk through placing the IoT device in single user mode for root access and then rebuild the structure and needed drivers to bring the IoT embedded system out of single user mode for full access.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56512,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"With Google Cast Miracast or AirPlay smart TVs now have plenty of ways to get your favorite content on screen. But while the latest show is playing there is a complex system running underneath that is ripe for hacking. Bitdefender invites you to solve a few challenges that will get you diving into the inner workings of a smart TV.\n\n\n","media":[],"title":"Hack My TV","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"With Google Cast Miracast or AirPlay smart TVs now have plenty of ways to get your favorite content on screen. But while the latest show is playing there is a complex system running underneath that is ripe for hacking. Bitdefender invites you to solve a few challenges that will get you diving into the inner workings of a smart TV.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56511,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this interactive exercise, you'll learn how to talk to chips on a board via SPI, extract a firmware image, and analyze it to find vulnerabilities. Take your hardware hacking skills to the next level\n\n\n","media":[],"title":"Firmware Extraction and Analysis","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"In this interactive exercise, you'll learn how to talk to chips on a board via SPI, extract a firmware image, and analyze it to find vulnerabilities. Take your hardware hacking skills to the next level","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56510,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Do you have questions about what DEF CON Groups are? Do you need help finding a group near you? Feel free to come ask. Or, just come up and hang out.\n\n\n","media":[],"title":"DEF CON Groups - Open for questions and hanging out","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Do you have questions about what DEF CON Groups are? Do you need help finding a group near you? Feel free to come ask. Or, just come up and hang out.","updated_timestamp":{"seconds":1722636477,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T22:07:57Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56505,"tag_ids":[46399,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W236","hotel":"","short_name":"W236","id":46293},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T22:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join the Recon Village GEOSINT Challenge, where your geospatial intelligence skills will be put to the ultimate test. Navigate through complex scenarios, uncover hidden clues, and outsmart your competition. Sharpen your analytical prowess and prove your mastery in this thrilling contest of wits and strategy.\n\n\n","media":[],"title":"Recon Village GE(O)SINT Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"Join the Recon Village GEOSINT Challenge, where your geospatial intelligence skills will be put to the ultimate test. Navigate through complex scenarios, uncover hidden clues, and outsmart your competition. Sharpen your analytical prowess and prove your mastery in this thrilling contest of wits and strategy.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":56481,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Since 2020, I have (as a BikeIndex.org cofounder) been chasing and hunting the single largest black market bike fence in modern history. This OSINT-heavy, cross-border investigation eventually blossomed into a federal court case in early 2024, so I've only able to partially share that story in public until now. By the time DEFCON happens, I'll be able to give this talk in its fullest and most unredacted form, which I haven't been able to do yet. (This talk was presented at Seattle BSIDES 2023, but even then I couldn't give 'the whole talk' because one of the key players was still being prosecuted in CA court)\n\nIn December 2021, BikeIndex.org published an article that laid out how our OSINT detective work showed residential burglars in Colorado were exporting stolen bikes to Juarez Mexico and selling them on grey-market sites there for excellent profit. This quantified a long suspected 'urban legend' in the cycling community - that high end stolen bikes went to Mexico - but also the economics of the problem, as we tracked over 1000 sales of stolen bikes and were able to capture sales data and study the black market in very great detail. (That write up is here, if you are curious:https://bikeindex.org/news/closing-the-loop-a-deep-dive-on-a-facebook-reseller-of-bikes-stolen-in ) \n\nWhat we did *not* disclose at that time was that we were infiltrating and tracking an even larger, more impressive criminal actor in the same space - one whose sales and profits reach into the millions. Through years of surveillance, OSINT work, and a lot of persistence, we eventually identified one of his US side suppliers and got them raided by law enforcement, which then snowballed into a federal prosecution in 2024.\n\nIn this talk, I'll talk about how the motivation to seek justice drives normal people to do extraordinary things with OSINT and other crafty methods to chase down bad guys and recover their stolen goods and seek justice. I'll cover some of the crazier edge cases we've run into in this space, and I'll talk about the secret shadow army of hunters and cyclists who are hunt these kinds of bad guys down online, every day.\n\nThe talk will be audience engaging, with back-and-forth and audience 'spot-the-OSINT-FAIL-here' type participation as we walk through the major breakthroughs that took this project from 'hey, that's an interesting' to names going down into a federal indictment. Specifically, I'll give an overview of how we engage with theft victims to surveil, track, identify, and take down transnational black market bike fences - who often turn out to be even crazier individuals than anybody ever expected.\n\n\n","media":[],"title":"Bastardo Grande: Hunting the Largest Black Market Bike Fence In The World","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:45:00Z","end_timestamp":{"seconds":1723225500,"nanoseconds":0},"android_description":"Since 2020, I have (as a BikeIndex.org cofounder) been chasing and hunting the single largest black market bike fence in modern history. This OSINT-heavy, cross-border investigation eventually blossomed into a federal court case in early 2024, so I've only able to partially share that story in public until now. By the time DEFCON happens, I'll be able to give this talk in its fullest and most unredacted form, which I haven't been able to do yet. (This talk was presented at Seattle BSIDES 2023, but even then I couldn't give 'the whole talk' because one of the key players was still being prosecuted in CA court)\n\nIn December 2021, BikeIndex.org published an article that laid out how our OSINT detective work showed residential burglars in Colorado were exporting stolen bikes to Juarez Mexico and selling them on grey-market sites there for excellent profit. This quantified a long suspected 'urban legend' in the cycling community - that high end stolen bikes went to Mexico - but also the economics of the problem, as we tracked over 1000 sales of stolen bikes and were able to capture sales data and study the black market in very great detail. (That write up is here, if you are curious:https://bikeindex.org/news/closing-the-loop-a-deep-dive-on-a-facebook-reseller-of-bikes-stolen-in ) \n\nWhat we did *not* disclose at that time was that we were infiltrating and tracking an even larger, more impressive criminal actor in the same space - one whose sales and profits reach into the millions. Through years of surveillance, OSINT work, and a lot of persistence, we eventually identified one of his US side suppliers and got them raided by law enforcement, which then snowballed into a federal prosecution in 2024.\n\nIn this talk, I'll talk about how the motivation to seek justice drives normal people to do extraordinary things with OSINT and other crafty methods to chase down bad guys and recover their stolen goods and seek justice. I'll cover some of the crazier edge cases we've run into in this space, and I'll talk about the secret shadow army of hunters and cyclists who are hunt these kinds of bad guys down online, every day.\n\nThe talk will be audience engaging, with back-and-forth and audience 'spot-the-OSINT-FAIL-here' type participation as we walk through the major breakthroughs that took this project from 'hey, that's an interesting' to names going down into a federal indictment. Specifically, I'll give an overview of how we engage with theft victims to surveil, track, identify, and take down transnational black market bike fences - who often turn out to be even crazier individuals than anybody ever expected.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55893],"conference_id":133,"event_ids":[56480],"name":"Bryan Hance","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56262}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T17:45:00.000-0000","id":56480,"tag_ids":[46391,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56262}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us at the AI Village for interactive demonstrations at the intersection of AI and security. Attempt to hijack and manipulate autonomous robots using large language models and generative AI. Fool your friends by creating deep fakes with a state-of-the-art setup from Bishop Fox, complete with DSLR camera, green screen, and props. Finally, put your social engineering awareness to the test with DARPA’s deep fake analysis system, designed to identify and attribute manipulated and synthetic media. Don’t miss this opportunity to engage with adversarial AI technologies and learn about their implications on the future, at DEF CON 32!\n\n\n","media":[],"title":"AI Village Demos","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Join us at the AI Village for interactive demonstrations at the intersection of AI and security. Attempt to hijack and manipulate autonomous robots using large language models and generative AI. Fool your friends by creating deep fakes with a state-of-the-art setup from Bishop Fox, complete with DSLR camera, green screen, and props. Finally, put your social engineering awareness to the test with DARPA’s deep fake analysis system, designed to identify and attribute manipulated and synthetic media. Don’t miss this opportunity to engage with adversarial AI technologies and learn about their implications on the future, at DEF CON 32!","updated_timestamp":{"seconds":1722626313,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:18:33Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56474,"tag_ids":[46368,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T19:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Opening remarks for events at AIV at DEFCON 32\n\n\n","media":[],"title":"Opening Remarks","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:30:00Z","end_timestamp":{"seconds":1723224600,"nanoseconds":0},"android_description":"Opening remarks for events at AIV at DEFCON 32","updated_timestamp":{"seconds":1722626320,"nanoseconds":0},"speakers":[{"content_ids":[55875,55876,55888],"conference_id":133,"event_ids":[56460,56473,56461],"name":"Sven Cattell","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"AI Village","title":"Founder"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@comathematician)","sort_order":0,"url":"https://x.com/comathematician"}],"media":[],"id":56233,"title":"Founder at AI Village"},{"content_ids":[55876],"conference_id":133,"event_ids":[56461],"name":"Lauren Putvin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"AIV Steering Committee","title":""}],"links":[],"pronouns":null,"media":[],"id":56235,"title":"AIV Steering Committee"},{"content_ids":[55876],"conference_id":133,"event_ids":[56461],"name":"Ravin Kumar","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"AIV Steering Committee","title":""}],"links":[],"pronouns":null,"media":[],"id":56236,"title":"AIV Steering Committee"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:18:40Z","links":[{"label":"More Info","type":"link","url":"https://aivillage.org/events/2024_talks"}],"end":"2024-08-09T17:30:00.000-0000","id":56461,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56233},{"tag_id":46167,"sort_order":4,"person_id":56235},{"tag_id":46167,"sort_order":6,"person_id":56236}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T19:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"QOLOSSUS: QUANTUM CTF CONTEST: How to get Started on The Quantum Capture The Flag","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T17:00:00Z","end_timestamp":{"seconds":1723222800,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-09T17:00:00.000-0000","id":56427,"tag_ids":[46389,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Use spacestudio software to work through multiple challenges and scenarios. For instance:\r\n\r\nChallenge 1: Analysis of the performance of the next GEN of satellites to size the ground segment.\r\n\r\nChallenge 2: Assessment of propulsion system capabilities for initial orbit raising\r\n\r\nChallenges for spacetower flight dynamic software will also be available.\n\n\n","media":[],"title":"spacestudio and spacetower challenges","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Use spacestudio software to work through multiple challenges and scenarios. For instance:\r\n\r\nChallenge 1: Analysis of the performance of the next GEN of satellites to size the ground segment.\r\n\r\nChallenge 2: Assessment of propulsion system capabilities for initial orbit raising\r\n\r\nChallenges for spacetower flight dynamic software will also be available.","updated_timestamp":{"seconds":1722626556,"nanoseconds":0},"speakers":[{"content_ids":[55830],"conference_id":133,"event_ids":[56380,56408,56426],"name":"Exotrail","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56205},{"content_ids":[55824,55825,55830],"conference_id":133,"event_ids":[56374,56375,56380,56402,56403,56408,56420,56421,56426],"name":"Hack-A-Sat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56207}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:22:36Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56380,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56205},{"tag_id":46484,"sort_order":4,"person_id":56207}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T19:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Launch into the thrilling world of cybersecurity, specifically designed for space systems! Learn the fundamentals to safeguard ground stations, communication links, and spacecrafts.\n \nEngage in an immersive and fun CTF scenario. Apply your cybersecurity skills in real-time and see the direct impact of your decisions on our Space Systems Demonstrator. In this high-stakes scenario, you'll align with the Aurora Alliance in their critical mission to thwart Count Viktor Thunderclaw and the notorious Nebula Syndicate. The Syndicate threatens to destroy historic monuments around the world with their Space Laser unless their demands are met. Do you have what it takes to dismantle their malevolent plans?\n \nOur beginner-level CTF kicks off as soon as the village opens—no pre-registration necessary. Just bring your laptop to access the CTF platform and your favorite packet decoding software (i.e. Wireshark). Expect the CTF to take you less than 1 hour to complete. Team collaboration is encouraged, and if you encounter obstacles, numerous hints are available to guide you. Excel in the challenge, and you could walk away with a CT Cubed SAO, an exclusive prize while supplies last.\n\n\n","media":[],"title":"Space Systems Security CTF – Platform Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Launch into the thrilling world of cybersecurity, specifically designed for space systems! Learn the fundamentals to safeguard ground stations, communication links, and spacecrafts.\n \nEngage in an immersive and fun CTF scenario. Apply your cybersecurity skills in real-time and see the direct impact of your decisions on our Space Systems Demonstrator. In this high-stakes scenario, you'll align with the Aurora Alliance in their critical mission to thwart Count Viktor Thunderclaw and the notorious Nebula Syndicate. The Syndicate threatens to destroy historic monuments around the world with their Space Laser unless their demands are met. Do you have what it takes to dismantle their malevolent plans?\n \nOur beginner-level CTF kicks off as soon as the village opens—no pre-registration necessary. Just bring your laptop to access the CTF platform and your favorite packet decoding software (i.e. Wireshark). Expect the CTF to take you less than 1 hour to complete. Team collaboration is encouraged, and if you encounter obstacles, numerous hints are available to guide you. Excel in the challenge, and you could walk away with a CT Cubed SAO, an exclusive prize while supplies last.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55829],"conference_id":133,"event_ids":[56379,56407,56425],"name":"CT Cubed","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56204}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56379,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56204}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Space Grand Challenge (SGC) Program is a free virtual game-based cybersecurity/space competition CTF for middle and high school students built by Cal Poly students—Learn by Doing in action. The game is built on the UNITY gaming engine.\n\n\n","media":[],"title":"Space Grand Challenge Luna","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The Space Grand Challenge (SGC) Program is a free virtual game-based cybersecurity/space competition CTF for middle and high school students built by Cal Poly students—Learn by Doing in action. The game is built on the UNITY gaming engine.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55827,55828],"conference_id":133,"event_ids":[56377,56378,56405,56406,56423,56424],"name":"CalPoly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56203}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56378,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56203}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come take a picture with a CubeSat. And while you're there, learn a few things about it.\n\n\n","media":[],"title":"Selfie with a CubeSat","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Come take a picture with a CubeSat. And while you're there, learn a few things about it.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55827,55828],"conference_id":133,"event_ids":[56377,56378,56405,56406,56423,56424],"name":"CalPoly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56203}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56377,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56203}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Role play what would happen (or not happen) should a plane be maliciously targeted, or (like most) try and land a A320.\n\n\n","media":[],"title":"PTP Flight Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Role play what would happen (or not happen) should a plane be maliciously targeted, or (like most) try and land a A320.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55826],"conference_id":133,"event_ids":[56376,56404,56422],"name":"Pen Test Partners","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56188}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56376,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56188}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Enjoy some space math nostalgia with challenges from the past four years of Hack-A-Sat quals! Challenges require skills in astrodynamics, satellite operations, digital signal processing, reverse engineering, exploitation, and more! If you missed the last Hack-A-Sat qualifiers or just want to try again, now is your chance!\n\n10 challenges are available with a mix of difficulty. These will be available throughout all of DEF CON so work on them anywhere (even your hotel room). No team required and no scoreboard...so no pressure!\n\nChallenge developers will be available for hints/clues on the conference floor but may not be able to help with every challenge.\n\n\n","media":[],"title":"Hack-A-Sat Quals Challenges","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Enjoy some space math nostalgia with challenges from the past four years of Hack-A-Sat quals! Challenges require skills in astrodynamics, satellite operations, digital signal processing, reverse engineering, exploitation, and more! If you missed the last Hack-A-Sat qualifiers or just want to try again, now is your chance!\n\n10 challenges are available with a mix of difficulty. These will be available throughout all of DEF CON so work on them anywhere (even your hotel room). No team required and no scoreboard...so no pressure!\n\nChallenge developers will be available for hints/clues on the conference floor but may not be able to help with every challenge.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55824,55825,55830],"conference_id":133,"event_ids":[56374,56375,56380,56402,56403,56408,56420,56421,56426],"name":"Hack-A-Sat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56207},{"content_ids":[55824,55825],"conference_id":133,"event_ids":[56374,56375,56402,56403,56420,56421],"name":"Cromulence","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56213}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56375,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56207},{"tag_id":46484,"sort_order":4,"person_id":56213}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to know what happened to the Hack-A-Sat digital twins? We're bringing back our satellites and ground stations so you can see what it was like to be a team operating during finals!\n\nEstablish uplink using a ground station. Send commands to the satellite, observe effects and telemetry. 3D Cesium visualization of satellite in orbit and ground station locations. Grafana dashboards for sim data, etc. OpenC3 satellite operator interface for C2\n\n\n","media":[],"title":"Hack-A-Sat Digital Twin","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Want to know what happened to the Hack-A-Sat digital twins? We're bringing back our satellites and ground stations so you can see what it was like to be a team operating during finals!\n\nEstablish uplink using a ground station. Send commands to the satellite, observe effects and telemetry. 3D Cesium visualization of satellite in orbit and ground station locations. Grafana dashboards for sim data, etc. OpenC3 satellite operator interface for C2","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55824,55825,55830],"conference_id":133,"event_ids":[56374,56375,56380,56402,56403,56408,56420,56421,56426],"name":"Hack-A-Sat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56207},{"content_ids":[55824,55825],"conference_id":133,"event_ids":[56374,56375,56402,56403,56420,56421],"name":"Cromulence","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56213}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56374,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56207},{"tag_id":46484,"sort_order":4,"person_id":56213}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Dive into our interactive choose-your-own-adventure web interface and learn how to hack a drone in a fun, storyboard-based game. This graphical user interface simulates the process we use when hacking drones for the Air Force, allowing participants to make decisions and see the outcomes. It's a beginner-friendly activity that anyone can enjoy, offering insight into the steps involved in drone penetration testing.\n\n\n","media":[],"title":"Drone Hacking Choose Your Own Adventure","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Dive into our interactive choose-your-own-adventure web interface and learn how to hack a drone in a fun, storyboard-based game. This graphical user interface simulates the process we use when hacking drones for the Air Force, allowing participants to make decisions and see the outcomes. It's a beginner-friendly activity that anyone can enjoy, offering insight into the steps involved in drone penetration testing.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56373,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join our Drone Hacking Activity and get hands-on experience with hacking into drone microcontrollers. This three-step in-depth activity is designed to teach you about the vulnerabilities and security of autonomous systems. Using sample drones, participants will learn techniques used in government pen tests. This workshop is suitable for all skill levels, from beginners to advanced hackers. Come and test your skills in a real-world scenario and understand the intricacies of drone security.\n\n\n","media":[],"title":"Drone Hacking Activity","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Join our Drone Hacking Activity and get hands-on experience with hacking into drone microcontrollers. This three-step in-depth activity is designed to teach you about the vulnerabilities and security of autonomous systems. Using sample drones, participants will learn techniques used in government pen tests. This workshop is suitable for all skill levels, from beginners to advanced hackers. Come and test your skills in a real-world scenario and understand the intricacies of drone security.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56372,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Experience the thrill of flying a drone in our custom-built cage right on the showroom floor. This activity is designed for everyone to enjoy, from kids to adults. Fly mini drones around the cage and see how well you can control these agile little machines. It's a fun, interactive way to learn the basics of drone piloting in a safe environment.\n\n\n","media":[],"title":"Drone Flying Experience","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Experience the thrill of flying a drone in our custom-built cage right on the showroom floor. This activity is designed for everyone to enjoy, from kids to adults. Fly mini drones around the cage and see how well you can control these agile little machines. It's a fun, interactive way to learn the basics of drone piloting in a safe environment.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56371,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Put your drone hacking skills to the test in our Drone CTF. This advanced challenge requires participants to take over a drone mid-flight and develop a payload to hack a DJI drone. This CTF is perfect for those who have some experience in drone hacking or have participated in our Drone Hacking Workshop. It's a great opportunity to showcase your technical prowess and win some cool prizes.\n\n\n","media":[],"title":"Drone Capture the Flag (CTF)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Put your drone hacking skills to the test in our Drone CTF. This advanced challenge requires participants to take over a drone mid-flight and develop a payload to hack a DJI drone. This CTF is perfect for those who have some experience in drone hacking or have participated in our Drone Hacking Workshop. It's a great opportunity to showcase your technical prowess and win some cool prizes.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56370,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Can you spot suspicious items in packages? Try out your skills.\n\n\n","media":[],"title":"Detect a Threat","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Can you spot suspicious items in packages? Try out your skills.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55819],"conference_id":133,"event_ids":[56369,56397,56415],"name":"TSA","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56212}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56369,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56212}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"You are a new to the Airport IT staff at the IG International Airport Network Operations Center, working your first holiday travel weekend. It has been a busy day managing the network with the control tower reporting several small glitches.\n\nNo alerts have been raised in the network, and the glitches appeared to have been easily handled. While taking your last break of the day, you decide to take a short walk around the concourse to watch the sun set. Suddenly, your cell phone rings and the voice on the other end is a panicked Control Tower Operator. A short time earlier, the tower had observed the runway lights turn off, come back on, and are now randomly blinking. They also mentioned the Operator HMI (Human Machine Interface) controlling the Runway Lighting system is non-responsive and they are locked out of the Maintenance HMI to reboot the system. Time is critical – without the lights, the planes circling the airport cannot land. With limited fuel stores, the planes are unable to divert to another airport. You sit down at your terminal to pull up the maintenance manual and troubleshoot the problem only to discover you are locked out of your account. You are suddenly relieved that management would not let you deploy security updates to the network because they feared service interruptions may occur. Once you regain access to the system and have all the reference material available, you bring up the control logic for the runway lighting system on one screen and the HMIs on another and quickly realize this is not a normal system failure. An unknown hacker or hacker group has ceased and taken control of the system. They have manipulated the PLC’s (Programmable Logic Controller) and impacted the HMIs. Time is of the essence to restore operation to the Runway Lighting control system before the planes run out of fuel.\n\n\n","media":[],"title":"Defend the Airport CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"You are a new to the Airport IT staff at the IG International Airport Network Operations Center, working your first holiday travel weekend. It has been a busy day managing the network with the control tower reporting several small glitches.\n\nNo alerts have been raised in the network, and the glitches appeared to have been easily handled. While taking your last break of the day, you decide to take a short walk around the concourse to watch the sun set. Suddenly, your cell phone rings and the voice on the other end is a panicked Control Tower Operator. A short time earlier, the tower had observed the runway lights turn off, come back on, and are now randomly blinking. They also mentioned the Operator HMI (Human Machine Interface) controlling the Runway Lighting system is non-responsive and they are locked out of the Maintenance HMI to reboot the system. Time is critical – without the lights, the planes circling the airport cannot land. With limited fuel stores, the planes are unable to divert to another airport. You sit down at your terminal to pull up the maintenance manual and troubleshoot the problem only to discover you are locked out of your account. You are suddenly relieved that management would not let you deploy security updates to the network because they feared service interruptions may occur. Once you regain access to the system and have all the reference material available, you bring up the control logic for the runway lighting system on one screen and the HMIs on another and quickly realize this is not a normal system failure. An unknown hacker or hacker group has ceased and taken control of the system. They have manipulated the PLC’s (Programmable Logic Controller) and impacted the HMIs. Time is of the essence to restore operation to the Runway Lighting control system before the planes run out of fuel.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55818],"conference_id":133,"event_ids":[56368,56396,56414],"name":"IntelliGenesis and IG Labs","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56190}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56368,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56190}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Collect the clues, solve the puzzles, show off your aerospace knowledge and technical skills to win a limited edition PCB badge.\n\n\n","media":[],"title":"Darkstar Badge Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Collect the clues, solve the puzzles, show off your aerospace knowledge and technical skills to win a limited edition PCB badge.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55817],"conference_id":133,"event_ids":[56367,56395,56413],"name":"Lockheed Martin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56189}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56367,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56189}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The AMSAT Ground Control and CubeSat simulator emulates how satellite communications are used. Ground control communicates via UHF to the cubesat.\n\n\n","media":[],"title":"CubeSat Simulator","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The AMSAT Ground Control and CubeSat simulator emulates how satellite communications are used. Ground control communicates via UHF to the cubesat.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55816],"conference_id":133,"event_ids":[56366,56394,56412],"name":"AMSAT","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56200}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56366,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56200}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Bricks in the Air is a hands-on demo to teach the basics of low level protocols seen in aviation. The demo uses the I2C protocol and does not reveal actual security vulnerabilities in avionics or other systems in aviation.\n\n\n","media":[],"title":"Bricks in the Air","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Bricks in the Air is a hands-on demo to teach the basics of low level protocols seen in aviation. The demo uses the I2C protocol and does not reveal actual security vulnerabilities in avionics or other systems in aviation.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56365,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"ARINC 664 is an extension to IP networking that adds deterministic QoS for Aircraft Systems over Ethernet. Sit down and learn about how the extensions to 802.3 is used on aircraft, how that flight critical data is transferred in a timely matter, and how to manipulate the data on these networks. This progressive difficulty CTF provides a fun and informative way of approaching ARINC 664 networking.\n\n\n","media":[],"title":"ARINC 664 CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"ARINC 664 is an extension to IP networking that adds deterministic QoS for Aircraft Systems over Ethernet. Sit down and learn about how the extensions to 802.3 is used on aircraft, how that flight critical data is transferred in a timely matter, and how to manipulate the data on these networks. This progressive difficulty CTF provides a fun and informative way of approaching ARINC 664 networking.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55814],"conference_id":133,"event_ids":[56364,56392,56410],"name":"Boeing","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56202}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56364,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56202}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A variety of aviation infrastructure has been compromised by hackers. Immerse yourself into challenges where you are tasked as an aviation cyber defense participant to identify attacks/attackers, stop attacks, and restore normal operations. As a participant your first step is to register ahead and read the rules at: https://aisac.cyberskyline.com/events/aisac-defcon and bring your own laptop to the venue. You can participate in the virtual challenges from Friday, but the more critical in-person challenges are only available at certain times during Village open hours!\n\n\n","media":[],"title":"A-ISAC Aviation Cybersecurity Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"A variety of aviation infrastructure has been compromised by hackers. Immerse yourself into challenges where you are tasked as an aviation cyber defense participant to identify attacks/attackers, stop attacks, and restore normal operations. As a participant your first step is to register ahead and read the rules at: https://aisac.cyberskyline.com/events/aisac-defcon and bring your own laptop to the venue. You can participate in the virtual challenges from Friday, but the more critical in-person challenges are only available at certain times during Village open hours!","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55813],"conference_id":133,"event_ids":[56363,56391,56409],"name":"A-ISAC and Embry-Riddle Aeronautical University - Prescott","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56201}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56363,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56201}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Although not scheduled we intend to have people in and out who can do repairs/soldering on older equipment should anything need it. If you have trouble with your vintage tech during con, we will do our best to help!\n\n\n","media":[],"title":"Retro Repair","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Although not scheduled we intend to have people in and out who can do repairs/soldering on older equipment should anything need it. If you have trouble with your vintage tech during con, we will do our best to help!","updated_timestamp":{"seconds":1722563919,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T01:58:39Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56334,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T01:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We will have several dumb terminals available for all sorts of things courtesy of SCAVHUNT!\n\n\n","media":[],"title":"Dumb Terminal fun","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"We will have several dumb terminals available for all sorts of things courtesy of SCAVHUNT!","updated_timestamp":{"seconds":1722563905,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T01:58:25Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56333,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T01:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Bring a retro artifact of your own for people to have fun with and demonstrate! (Note: Any artifact brought in for Show & Tell must also be taken back home with you, and although we will try our best to keep your artifact safe and operational, we suggest that you don't bring anything irreplaceable or that has sentimental value, as things could get destroyed or go missing.)\n\n\n","media":[],"title":"Show & Tell","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Bring a retro artifact of your own for people to have fun with and demonstrate! (Note: Any artifact brought in for Show & Tell must also be taken back home with you, and although we will try our best to keep your artifact safe and operational, we suggest that you don't bring anything irreplaceable or that has sentimental value, as things could get destroyed or go missing.)","updated_timestamp":{"seconds":1722563887,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T01:58:07Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56332,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T01:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Small scale LAN party - Use one of our Windows 98 laptops or BYOB and hook it up! Seating will likely be limited depending on interest.\n\n\n","media":[],"title":"Small scale LAN party","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Small scale LAN party - Use one of our Windows 98 laptops or BYOB and hook it up! Seating will likely be limited depending on interest.","updated_timestamp":{"seconds":1722563871,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T01:57:51Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56331,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T01:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"No description provided by creator\n\n\n","media":[],"title":"FleetDm","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"No description provided by creator","updated_timestamp":{"seconds":1722476980,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T01:49:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56297,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T01:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Follow real world password attack steps against a mock target in order to better understand how to protect yourself and improve the security of your passwords!\n\n\n","media":[],"title":"Password lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Follow real world password attack steps against a mock target in order to better understand how to protect yourself and improve the security of your passwords!","updated_timestamp":{"seconds":1722540130,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T19:22:10Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56296,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T19:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Use machine learning with Python to detect attacks in network packets including DNS tunneling, FTP brute force, and HTTP scanning. We will be using various Python tools such as iPython notebooks, scapy, and scikit-learn. Some Python experience is recommended, but if you don't know Python, come prepared to start with our Python tutorial!\n\n\n","media":[],"title":"Python + Packet Analysis + Machine Learning","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Use machine learning with Python to detect attacks in network packets including DNS tunneling, FTP brute force, and HTTP scanning. We will be using various Python tools such as iPython notebooks, scapy, and scikit-learn. Some Python experience is recommended, but if you don't know Python, come prepared to start with our Python tutorial!","updated_timestamp":{"seconds":1722476946,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T01:49:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56295,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T01:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Regular Expressions or RegEX are used everywhere! If you aspire to be a Pentester, Threat Hunter, Programmer, Network Engineer, DevOps or really anything in technology today, RegEx is a skill all the greats have and the majority of the industry are terrible at. Come learn or brush up on your RegEx skills in on our live trainer.\n\n\n","media":[],"title":"Regular Expressions (RegEx) Trainer","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Regular Expressions or RegEX are used everywhere! If you aspire to be a Pentester, Threat Hunter, Programmer, Network Engineer, DevOps or really anything in technology today, RegEx is a skill all the greats have and the majority of the industry are terrible at. Come learn or brush up on your RegEx skills in on our live trainer.","updated_timestamp":{"seconds":1722476922,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T01:48:42Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56294,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Network-OS workshop will take you into the mysterious world which underpins modern computing and allows people to talk across the globe. This of course being the network itself. In this workshop you will familiarize yourself with the command line of network devices. Step by step, you will configure devices to talk to each other, share information about the computers connected to them, and relay their network information and traffic between each other. No experience needed, know how to type and copy/paste.\n\n\n","media":[],"title":"Network-OS: Be The Cloud","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The Network-OS workshop will take you into the mysterious world which underpins modern computing and allows people to talk across the globe. This of course being the network itself. In this workshop you will familiarize yourself with the command line of network devices. Step by step, you will configure devices to talk to each other, share information about the computers connected to them, and relay their network information and traffic between each other. No experience needed, know how to type and copy/paste.","updated_timestamp":{"seconds":1722476912,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T01:48:32Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56293,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Knowing how to use the Linux command line is a critical skill for any good security practitioner. This trainer will have 10+ problems covering some of the most fundamental Linux commands. This trainer is for people new to field and for those who want to hone their Linux command line-fu.\n\n\n","media":[],"title":"Linux Trainer","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Knowing how to use the Linux command line is a critical skill for any good security practitioner. This trainer will have 10+ problems covering some of the most fundamental Linux commands. This trainer is for people new to field and for those who want to hone their Linux command line-fu.","updated_timestamp":{"seconds":1722476901,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T01:48:21Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56292,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for an interactive workshop where we will walk you through the ins and outs of botnet deployment and operation via a command and control web server. Geared towards beginners, this workshop offers a hands-on approach to understanding how botnets function. You'll also learn an effective defense strategy against the botnet you have created. No experience needed we will give you everything you need!\n\n\n","media":[],"title":"Botnets","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Join us for an interactive workshop where we will walk you through the ins and outs of botnet deployment and operation via a command and control web server. Geared towards beginners, this workshop offers a hands-on approach to understanding how botnets function. You'll also learn an effective defense strategy against the botnet you have created. No experience needed we will give you everything you need!","updated_timestamp":{"seconds":1722476888,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T01:48:08Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56291,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Looking to upgrade your skills or see how you would fare in Capture The Packet? Come check out what Packet Detective has to offer! A step up in difficulty from Packet Inspector, Packet Detective will put your network hunting abilities to the test with real-world scenarios at the intermediate level. Take the next step in your journey towards network mastery in a friendly environment still focused on learning and take another step closer to preparing yourself for the competitive environment of Capture The Packet\n\n\n","media":[],"title":"Packet Detective","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Looking to upgrade your skills or see how you would fare in Capture The Packet? Come check out what Packet Detective has to offer! A step up in difficulty from Packet Inspector, Packet Detective will put your network hunting abilities to the test with real-world scenarios at the intermediate level. Take the next step in your journey towards network mastery in a friendly environment still focused on learning and take another step closer to preparing yourself for the competitive environment of Capture The Packet","updated_timestamp":{"seconds":1722476866,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T01:47:46Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56290,"tag_ids":[46385,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T01:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The perfect introduction to network analysis, sniffing, and forensics. Do you want to understand the techniques people use to tap into a network, steal passwords and listen to conversations? Packet Inspector is the place to develop these skills! For well over a decade, the Wall of Sheep has shown people how important it is to use end-to-end encryption to keep sensitive information like passwords private. Using a license of the world famous Capture The Packet engine from Aries Security, we have created a unique way to teach hands-on skills in a controlled real-time environment.\n\n\n","media":[],"title":"Packet Inspector","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The perfect introduction to network analysis, sniffing, and forensics. Do you want to understand the techniques people use to tap into a network, steal passwords and listen to conversations? Packet Inspector is the place to develop these skills! For well over a decade, the Wall of Sheep has shown people how important it is to use end-to-end encryption to keep sensitive information like passwords private. Using a license of the world famous Capture The Packet engine from Aries Security, we have created a unique way to teach hands-on skills in a controlled real-time environment.","updated_timestamp":{"seconds":1722476832,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T01:47:12Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56289,"tag_ids":[46385,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T01:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Outline:\r\nIntro to CTI\r\n - What is CTI\r\n - Threat Intel Types\r\n - Why build a CTI\r\n\r\nMajor components for a CTI program\r\n - Data Collection/Feeds\r\n - Parsing and Storage\r\n - Enrichment\r\n - Dissemination\r\n\r\nSteps in building CTI program\r\n - Technology\r\n - People\r\n - Process\r\n\r\nLab: Step-by-step walkthrough of two CTI platforms (MISP and OpenCTI)\r\n - Install the CTI platforms\r\n - Add relevant data sources\r\n - Analyzing data sources\r\n - Effective data correlation\r\n\r\nMetrics to track the progress and success of a CTI program\r\nMaturity Model of a CTI program\n\n\nAre you eager to understand your threat actors, targets, and behaviors? Are you constrained by resources to get a cyber threat intel program up and running? Are you not sure which tools to start with for cyber threat intel? If so, then this workshop is for you! We walkthrough how you can build a cyber threat intelligence program using open-source tools at minimum cost. We discuss the major components of a cyber threat intel program and the steps (including people, process, and technology) to bring your program to existence. In this workshop, we will show you how to set up and install open-source threat intelligence tools and relevant feeds. We also demonstrate how to analyze and correlate data to produce actionable intelligence. Finally, we discuss metrics and a maturity model for your program.","media":[],"title":"Building a Cyber Threat Intelligence Program from scratch for free!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T18:30:00Z","end_timestamp":{"seconds":1723228200,"nanoseconds":0},"android_description":"Outline:\r\nIntro to CTI\r\n - What is CTI\r\n - Threat Intel Types\r\n - Why build a CTI\r\n\r\nMajor components for a CTI program\r\n - Data Collection/Feeds\r\n - Parsing and Storage\r\n - Enrichment\r\n - Dissemination\r\n\r\nSteps in building CTI program\r\n - Technology\r\n - People\r\n - Process\r\n\r\nLab: Step-by-step walkthrough of two CTI platforms (MISP and OpenCTI)\r\n - Install the CTI platforms\r\n - Add relevant data sources\r\n - Analyzing data sources\r\n - Effective data correlation\r\n\r\nMetrics to track the progress and success of a CTI program\r\nMaturity Model of a CTI program\n\n\nAre you eager to understand your threat actors, targets, and behaviors? Are you constrained by resources to get a cyber threat intel program up and running? Are you not sure which tools to start with for cyber threat intel? If so, then this workshop is for you! We walkthrough how you can build a cyber threat intelligence program using open-source tools at minimum cost. We discuss the major components of a cyber threat intel program and the steps (including people, process, and technology) to bring your program to existence. In this workshop, we will show you how to set up and install open-source threat intelligence tools and relevant feeds. We also demonstrate how to analyze and correlate data to produce actionable intelligence. Finally, we discuss metrics and a maturity model for your program.","updated_timestamp":{"seconds":1723185261,"nanoseconds":0},"speakers":[{"content_ids":[55762],"conference_id":133,"event_ids":[56286],"name":"Karan Dwivedi","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56140},{"content_ids":[55762],"conference_id":133,"event_ids":[56286],"name":"Apurv Singh Gautam","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cyble","title":"Cybercrime Researcher"}],"links":[],"pronouns":null,"media":[],"id":56158,"title":"Cybercrime Researcher at Cyble"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:34:21Z","links":[],"end":"2024-08-09T18:30:00.000-0000","id":56286,"tag_ids":[46373,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56158},{"tag_id":46167,"sort_order":1,"person_id":56140}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W309 (BTV Track 2 Workshops)","hotel":"","short_name":"W309 (BTV Track 2 Workshops)","id":46473},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-09T06:34:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This primer on incident response delves into its components, including the necessary procedures, lifecycles, frameworks, and playbooks. Initially, we'll explore the concept of incident response and its requisites. Then, we'll examine the stages of the IR lifecycle and explore adaptable frameworks. Finally, we'll review the strategies and playbooks employed by IR analysts to effectively address incidents.\n\n\nAn introduction to incident response that will focus on a general overview of incident response. Is a security event the same as a security incident? How will I know where to start when a security incident occurs? Although a security incident may unfold swiftly and with intensity, possessing a comprehensive grasp of the Incident Response (IR) process and utilizing frameworks and playbooks can mitigate the pressure inherent in investigating such incidents.","media":[],"title":"Incident Response 101: Part 1 (IR Overview, Lifecycles, Frameworks, and Playbooks)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:30:00Z","end_timestamp":{"seconds":1723224600,"nanoseconds":0},"android_description":"This primer on incident response delves into its components, including the necessary procedures, lifecycles, frameworks, and playbooks. Initially, we'll explore the concept of incident response and its requisites. Then, we'll examine the stages of the IR lifecycle and explore adaptable frameworks. Finally, we'll review the strategies and playbooks employed by IR analysts to effectively address incidents.\n\n\nAn introduction to incident response that will focus on a general overview of incident response. Is a security event the same as a security incident? How will I know where to start when a security incident occurs? Although a security incident may unfold swiftly and with intensity, possessing a comprehensive grasp of the Incident Response (IR) process and utilizing frameworks and playbooks can mitigate the pressure inherent in investigating such incidents.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55745],"conference_id":133,"event_ids":[56268],"name":"Jason Romero","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56174}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-09T17:30:00.000-0000","id":56268,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56174}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AppSec Village is proud to present our DEF CON Contest in partnership with SecDim.\r\n\r\nUnlike a typical CTF, this contest rewards the players who fix security vulnerabilities. You can choose between secure coding challenges or competing against other players in an Attack & Defence AppSec challenge, where you need to secure your app before being given a chance to hack other players’ apps 😈.\r\n\r\nYou can also develop your own AppSec challenge by following challenge contribution guidelines. All approved challenges will be hosted during AppSec Village @ DEF CON.\r\n\r\nThere are two categories of winners:\r\n- The player with the highest total points by the end of the event (August 11 at 12:00 PM PDT)\r\n- The best-contributed challenge submission\r\n\r\nThe Award Ceremony will be held at 12:45 PM PDT in the AppSec Village on August 11.\n\n\n","media":[],"title":"Fix the Flag Wargame","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T00:30:00Z","end_timestamp":{"seconds":1723249800,"nanoseconds":0},"android_description":"AppSec Village is proud to present our DEF CON Contest in partnership with SecDim.\r\n\r\nUnlike a typical CTF, this contest rewards the players who fix security vulnerabilities. You can choose between secure coding challenges or competing against other players in an Attack & Defence AppSec challenge, where you need to secure your app before being given a chance to hack other players’ apps 😈.\r\n\r\nYou can also develop your own AppSec challenge by following challenge contribution guidelines. All approved challenges will be hosted during AppSec Village @ DEF CON.\r\n\r\nThere are two categories of winners:\r\n- The player with the highest total points by the end of the event (August 11 at 12:00 PM PDT)\r\n- The best-contributed challenge submission\r\n\r\nThe Award Ceremony will be held at 12:45 PM PDT in the AppSec Village on August 11.","updated_timestamp":{"seconds":1722783756,"nanoseconds":0},"speakers":[{"content_ids":[55726],"conference_id":133,"event_ids":[56630,56631,56234],"name":"Harley Wilson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56118}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-04T15:02:36Z","links":[],"end":"2024-08-10T00:30:00.000-0000","id":56234,"tag_ids":[46370,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56118}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV CTF","hotel":"","short_name":"ASV CTF","id":46471},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-04T15:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"BadVR Data Exploration through VR visualization. See RF signals, cellular signals and step into the data with a hands-on VR experience\n\n\n","media":[],"title":"Signals Are Everywhere","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"BadVR Data Exploration through VR visualization. See RF signals, cellular signals and step into the data with a hands-on VR experience","updated_timestamp":{"seconds":1722369079,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T19:51:19Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56105,"tag_ids":[46397,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-06","hotel":"","short_name":"HW4-01-06","id":46354},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T19:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Idaho National Laboratory in collaboration with the Cybersecurity & Infrastructure Security Agency (CISA) will showcase the critical importance of safeguarding Industrial Control Systems (ICS) against cyber threats. Through a mixed reality game, the interactive VR experience illustrates the impacts of a cybersecurity attack on infrastructure, and highlights the intricate engineering processes that power our communities. By emphasizing the interdependencies within our Nation’s infrastructure, the VR challenges underscore the necessity of robust cybersecurity measures to ensure the reliability and security of essential services. Come restore power back to our city, virtually! (NOTE: this gamified interactive VR experience not technical in nature, and does not require cybersecurity or infrastructure knowledge to participate\n\n\n","media":[],"title":"ICS Village + XR Village Turn the lights on!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Idaho National Laboratory in collaboration with the Cybersecurity & Infrastructure Security Agency (CISA) will showcase the critical importance of safeguarding Industrial Control Systems (ICS) against cyber threats. Through a mixed reality game, the interactive VR experience illustrates the impacts of a cybersecurity attack on infrastructure, and highlights the intricate engineering processes that power our communities. By emphasizing the interdependencies within our Nation’s infrastructure, the VR challenges underscore the necessity of robust cybersecurity measures to ensure the reliability and security of essential services. Come restore power back to our city, virtually! (NOTE: this gamified interactive VR experience not technical in nature, and does not require cybersecurity or infrastructure knowledge to participate","updated_timestamp":{"seconds":1722917237,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-06T04:07:17Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56104,"tag_ids":[46397,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-06","hotel":"","short_name":"HW4-01-06","id":46354},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-06T04:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"# Open Events - All Days\r\n\r\n## AIxCC - Artificial Intelligence Cyber Challenge\r\n\r\nExperience a dynamic model city with illuminated buildings and projections that bring to life the Semifinals of the AI Cyber Challenge (AIxCC) - a two-year competition to safeguard the software critical to modern life. You'll experience the thrill of the game events and the critical stakes of cybersecurity in an immersive setting that also offers an inspiring educational journey.\r\n\r\n## Social Engineering Village - SE Youth Challenge\r\n\r\nThe Social Engineering Community needs your help and it’s not exactly a big deal, but without your help, the entire universe is going to implode. Fortunately, some creative beings designed a failsafe just for this specific purpose, the Def Con Social Engineering Youth Challenge at DEF CON 32!\r\n\r\n## Adversary Village - Table top adventure\r\n\r\nTabletop adversary adventure!\r\n\r\n## Biohacking Village - Learn about bio-technology and biohacking! \r\n\r\nHands on medical device hacking and village tour\r\n\r\n## Ham Radio Vilage - Find the Fox, Decode a SSTV broadcast, get your Ham Radio License!\r\n\r\nFox Hunt!: Try to find the fox radio transmitter. SSTV: Send an SSTV broadcast and see it decoded by someone else Ham Radio Exam: Get your ham radio license at DEF CON!\r\n\r\n## Crypto Privacy Village - Gold Bug Puzzle\r\n\r\nAn invitation to a house party at the home of the Mysterious Marquise. What does it mean that it’s for those with “an adventurous spirit and enjoyment of puzzles”? And how can the doorknocker reveal anything? Find out in the Junior Cryptographer’s Corner of the CPV Gold Bug Puzzle.\r\n\r\n## Data Duplication Village - Multiple: HDD Teardown, Decryption Challenge, Error detection and correction\r\n\r\n- **HDD Teardown**: Take apart and see how hard drives work.\r\n- **Decryption Challenge**: Learn how file encryption / decryption works and solve a challenge.\r\n- **Error Detection and Correction**: Use a simple binary code system, errors are introduced in the data string. Teaching basic parity checking or checksum algorithms to identify and correct the errors, demonstrating a fundamental data integrity concept.\r\n\r\n## Hardware Hacking Village - Open Soldering lessons\r\n\r\nThe folks at the Hardware Hacking Village can teach you soldering! Bring your soldering kits and learn this valuable hacker and life skill. \r\n\r\n# Friday, Saturday 13:00 - 16:00\r\n\r\n## Car Hacking Village Scavenger Hunt\r\n\r\nThe Car Hacking Village (CHV) put together a wonderland of fun for kids of all ages to explore. Stop by at our CHV Kids Booth during our hours of operation and dive into the rabbit hole of car hacking with our team. As you explore the CHV Village, you will not only learn about car hacking, but will also get to collect fun swag at every stop. Join us on this adventure through the car hacking wonderland and let your scavenger hunt begin.\n\n\n","media":[],"title":"Open Events for DCNextGen","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"# Open Events - All Days\r\n\r\n## AIxCC - Artificial Intelligence Cyber Challenge\r\n\r\nExperience a dynamic model city with illuminated buildings and projections that bring to life the Semifinals of the AI Cyber Challenge (AIxCC) - a two-year competition to safeguard the software critical to modern life. You'll experience the thrill of the game events and the critical stakes of cybersecurity in an immersive setting that also offers an inspiring educational journey.\r\n\r\n## Social Engineering Village - SE Youth Challenge\r\n\r\nThe Social Engineering Community needs your help and it’s not exactly a big deal, but without your help, the entire universe is going to implode. Fortunately, some creative beings designed a failsafe just for this specific purpose, the Def Con Social Engineering Youth Challenge at DEF CON 32!\r\n\r\n## Adversary Village - Table top adventure\r\n\r\nTabletop adversary adventure!\r\n\r\n## Biohacking Village - Learn about bio-technology and biohacking! \r\n\r\nHands on medical device hacking and village tour\r\n\r\n## Ham Radio Vilage - Find the Fox, Decode a SSTV broadcast, get your Ham Radio License!\r\n\r\nFox Hunt!: Try to find the fox radio transmitter. SSTV: Send an SSTV broadcast and see it decoded by someone else Ham Radio Exam: Get your ham radio license at DEF CON!\r\n\r\n## Crypto Privacy Village - Gold Bug Puzzle\r\n\r\nAn invitation to a house party at the home of the Mysterious Marquise. What does it mean that it’s for those with “an adventurous spirit and enjoyment of puzzles”? And how can the doorknocker reveal anything? Find out in the Junior Cryptographer’s Corner of the CPV Gold Bug Puzzle.\r\n\r\n## Data Duplication Village - Multiple: HDD Teardown, Decryption Challenge, Error detection and correction\r\n\r\n- **HDD Teardown**: Take apart and see how hard drives work.\r\n- **Decryption Challenge**: Learn how file encryption / decryption works and solve a challenge.\r\n- **Error Detection and Correction**: Use a simple binary code system, errors are introduced in the data string. Teaching basic parity checking or checksum algorithms to identify and correct the errors, demonstrating a fundamental data integrity concept.\r\n\r\n## Hardware Hacking Village - Open Soldering lessons\r\n\r\nThe folks at the Hardware Hacking Village can teach you soldering! Bring your soldering kits and learn this valuable hacker and life skill. \r\n\r\n# Friday, Saturday 13:00 - 16:00\r\n\r\n## Car Hacking Village Scavenger Hunt\r\n\r\nThe Car Hacking Village (CHV) put together a wonderland of fun for kids of all ages to explore. Stop by at our CHV Kids Booth during our hours of operation and dive into the rabbit hole of car hacking with our team. As you explore the CHV Village, you will not only learn about car hacking, but will also get to collect fun swag at every stop. Join us on this adventure through the car hacking wonderland and let your scavenger hunt begin.","updated_timestamp":{"seconds":1722363207,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T18:13:27Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56097,"tag_ids":[46362,46398,46427],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T18:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This year we have more challenges and more prizes!\n\n\n","media":[],"title":"Payment Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T23:30:00Z","end_timestamp":{"seconds":1723246200,"nanoseconds":0},"android_description":"This year we have more challenges and more prizes!","updated_timestamp":{"seconds":1723074146,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T23:42:26Z","links":[{"label":"More Info","type":"link","url":"https://www.paymentvillage.org/challenges"}],"end":"2024-08-09T23:30:00.000-0000","id":56085,"tag_ids":[46386,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-07T23:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Telecom Village Inauguration","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722351567,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T14:59:27Z","links":[{"label":"Twitter (@TelecomVillage)","type":"link","url":"https://twitter.com/TelecomVillage"}],"end":"2024-08-09T18:00:00.000-0000","id":56071,"tag_ids":[46395,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W201","hotel":"","short_name":"W201","id":46281},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T14:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Adversary Village proudly presents \"Adversary Wars CTF\", an official contest at DEF CON, where the participants will have to pose as adversaries and replicate adversarial actions against each element of a “target” organization. Adversary Wars would have real world simulation of CTF scenarios and challenges, where the participants can perform various attacks and learn new attack vectors, TTPs, techniques, etc. To visualize the CTF environment, the contest area will feature a miniature model of the city made using interlocking-plastic-bricks. The breached components OR organization buildings will be physically marked in the city model as the CTF progresses.\r\n\r\nWe are excited to be back at DEF CON as an official contest this year. Adversary Wars CTF will be located in the contest area for DEF CON 32.​\n\n\n","media":[{"hash_sha256":"07ddc9c91f6e59f3933f548603872f890309c05b353352836dc4896ef7fce215","filetype":"image/png","hash_md5":"cafd57b9dc99beb382a7e36477b02aad","name":"ct_adversary.png","is_logo":"Y","hash_crc32c":"b7d5aeab","filesize":104609,"asset_id":623,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_adversary.png"}],"title":"Adversary Wars CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Adversary Village proudly presents \"Adversary Wars CTF\", an official contest at DEF CON, where the participants will have to pose as adversaries and replicate adversarial actions against each element of a “target” organization. Adversary Wars would have real world simulation of CTF scenarios and challenges, where the participants can perform various attacks and learn new attack vectors, TTPs, techniques, etc. To visualize the CTF environment, the contest area will feature a miniature model of the city made using interlocking-plastic-bricks. The breached components OR organization buildings will be physically marked in the city model as the CTF progresses.\r\n\r\nWe are excited to be back at DEF CON as an official contest this year. Adversary Wars CTF will be located in the contest area for DEF CON 32.​","updated_timestamp":{"seconds":1722713515,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T19:31:55Z","links":[{"label":"Twitter (@AdversaryVillag)","type":"link","url":"https://twitter.com/AdversaryVillag"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249425"},{"label":"More Info","type":"link","url":"https://adversaryvillage.org/adversary-wars-ctf/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249426"}],"end":"2024-08-10T01:00:00.000-0000","id":56065,"tag_ids":[46367,46427,46439,46751],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-05","hotel":"","short_name":"HW4-03-05","id":46372},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T19:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The AutoDriving CTF contest focuses on the emerging security challenges in autonomous driving systems. Various levels of self-driving functionalities, such as AI-powered perception, sensor fusion and route planning, are entering the product portfolio of automobile companies. From the security perspective, these AI-powered components not only contain common security problems such as memory safety bugs, but also introduce new threats such as physical adversarial attacks and sensor manipulations. Two popular examples of physical adversarial attacks are camouflage stickers that interfere with vehicle detection systems, and road graffitis that disturb lane keeping systems. The AI-powered navigation and control relies on the fusion of multiple sensor inputs, and many of the sensor inputs can be manipulated by malicious attackers. These manipulations combined with logical bugs in autonomous driving systems pose severe threats to road safety.\r\n\r\nWe design autonomous driving CTF (AutoDriving CTF) contests around the security challenges specific to these self-driving functions and components.\r\n\r\nThe goals of the AutoDriving CTF are the followings:\r\n\r\n- Demonstrate security implications of autonomous driving system design decisions through hands-on challenges, increase the awareness of potential risks in security professionals, and encourage them to propose defense solutions and tools to detect such risks.\r\n- Provide CTF challenges that allow players to learn attack and defense practices related to autonomous driving in a well-controlled, repeatable, and visible environment.\r\n- Build a set of vulnerable autonomous driving components that can be used for security research and defense evaluation.\r\n\r\nThe contest is based on a Jeopardy style of CTF game with a set of independent challenges. A typical contest challenge includes a backend that runs autonomous driving components in simulated or real environments, and a frontend that interacts with the players. This year's contest will follow the style of last year and includes the following types of challenges:\r\n\r\n- “attack”: such as constructing adversarial patches and spoofing fake sensor inputs,\r\n- “forensics”: such as investigating a security incident related to autonomous driving,\r\n- “detection”: such as detecting spoofed sensor inputs and fake obstacles,\r\n- “crashme on road!”: such as creating dangerous traffic scenarios to expose logical errors in autonomous driving systems.\r\n- “smart planner”: such as creating intelligent path planners for dangerous tasks that are difficult for human drivers\r\n\r\nMost of these challenges will be developed using game-engine based autonomous driving simulators, such as CARLA and SVL. The following link contains some challenge videos, summaries from AutoDriving CTF at DEF CON 29 and DEF CON 30\r\nhttps://drive.google.com/drive/folders/1JSVarIaQBmseLC9XqkfrxnRQto4WM225?usp=sharing\r\nhttps://www.youtube.com/channel/UCPPsKbVpxwk-464KIzr8xKw\r\n\r\n# What's new in 2024\r\nThis year, we will unlock new traffic conflict scenarios that are observed from real-world driving logs such as Jaywalk and double parked vehicles. New difficulty levels will be added to challenges in such scenarios by integrating real downstream AI modules such as object tracking from open-source autonomous driving software like Apollo, Autoware and OpenPilot.\r\n\r\nIn order to enable the audience to experience the challenges more directly, we plan to set up a vehicle wheel controller on site and provide a driving game this year. Audiences can drive themselves to compete with the self-driving vehicle in some of the challenges. Driving game demo:\r\nhttps://drive.google.com/drive/folders/1LIzJJ1I3Eqj_e0_ntX5eFu82U9ObiEYB?usp=sharing\r\n\r\n# For players\r\n- What do players need to do to participate AutoDriving CTF?\r\nMost of the challenges do not require domain knowledge of autonomous driving software or adversarial machine learning, although knowledge of those helps. For example, the players can generate images the way they like (e.g., drawing, photoshopping) to fool the AI-components or write a short python script to control the vehicle. Some challenges, such as incident forensics likely would require players to learn domain knowledge such as sensor information format and how fusion works.\r\n\r\n- What do we expect players to learn through the CTF event?\r\nPlayers can (1) gain a deep understanding of real-world autonomous driving systems' design, implementation, and their corresponding security properties and characteristics; and (2) learn the attack and defense practices related to autonomous driving in a well-controlled, repeatable, visible, and engaging environment.\n\n\n","media":[{"hash_sha256":"375569510e5615465450cb3678a63b8069acd85e1636cca316295fc89cf599d6","filetype":"image/png","hash_md5":"06d063cea5818c71eee33a32d18b836d","name":"ct_autodriving.png","is_logo":"Y","hash_crc32c":"db78dfca","filesize":20241,"asset_id":624,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_autodriving.png"}],"title":"[CANCELED] AutoDriving CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The AutoDriving CTF contest focuses on the emerging security challenges in autonomous driving systems. Various levels of self-driving functionalities, such as AI-powered perception, sensor fusion and route planning, are entering the product portfolio of automobile companies. From the security perspective, these AI-powered components not only contain common security problems such as memory safety bugs, but also introduce new threats such as physical adversarial attacks and sensor manipulations. Two popular examples of physical adversarial attacks are camouflage stickers that interfere with vehicle detection systems, and road graffitis that disturb lane keeping systems. The AI-powered navigation and control relies on the fusion of multiple sensor inputs, and many of the sensor inputs can be manipulated by malicious attackers. These manipulations combined with logical bugs in autonomous driving systems pose severe threats to road safety.\r\n\r\nWe design autonomous driving CTF (AutoDriving CTF) contests around the security challenges specific to these self-driving functions and components.\r\n\r\nThe goals of the AutoDriving CTF are the followings:\r\n\r\n- Demonstrate security implications of autonomous driving system design decisions through hands-on challenges, increase the awareness of potential risks in security professionals, and encourage them to propose defense solutions and tools to detect such risks.\r\n- Provide CTF challenges that allow players to learn attack and defense practices related to autonomous driving in a well-controlled, repeatable, and visible environment.\r\n- Build a set of vulnerable autonomous driving components that can be used for security research and defense evaluation.\r\n\r\nThe contest is based on a Jeopardy style of CTF game with a set of independent challenges. A typical contest challenge includes a backend that runs autonomous driving components in simulated or real environments, and a frontend that interacts with the players. This year's contest will follow the style of last year and includes the following types of challenges:\r\n\r\n- “attack”: such as constructing adversarial patches and spoofing fake sensor inputs,\r\n- “forensics”: such as investigating a security incident related to autonomous driving,\r\n- “detection”: such as detecting spoofed sensor inputs and fake obstacles,\r\n- “crashme on road!”: such as creating dangerous traffic scenarios to expose logical errors in autonomous driving systems.\r\n- “smart planner”: such as creating intelligent path planners for dangerous tasks that are difficult for human drivers\r\n\r\nMost of these challenges will be developed using game-engine based autonomous driving simulators, such as CARLA and SVL. The following link contains some challenge videos, summaries from AutoDriving CTF at DEF CON 29 and DEF CON 30\r\nhttps://drive.google.com/drive/folders/1JSVarIaQBmseLC9XqkfrxnRQto4WM225?usp=sharing\r\nhttps://www.youtube.com/channel/UCPPsKbVpxwk-464KIzr8xKw\r\n\r\n# What's new in 2024\r\nThis year, we will unlock new traffic conflict scenarios that are observed from real-world driving logs such as Jaywalk and double parked vehicles. New difficulty levels will be added to challenges in such scenarios by integrating real downstream AI modules such as object tracking from open-source autonomous driving software like Apollo, Autoware and OpenPilot.\r\n\r\nIn order to enable the audience to experience the challenges more directly, we plan to set up a vehicle wheel controller on site and provide a driving game this year. Audiences can drive themselves to compete with the self-driving vehicle in some of the challenges. Driving game demo:\r\nhttps://drive.google.com/drive/folders/1LIzJJ1I3Eqj_e0_ntX5eFu82U9ObiEYB?usp=sharing\r\n\r\n# For players\r\n- What do players need to do to participate AutoDriving CTF?\r\nMost of the challenges do not require domain knowledge of autonomous driving software or adversarial machine learning, although knowledge of those helps. For example, the players can generate images the way they like (e.g., drawing, photoshopping) to fool the AI-components or write a short python script to control the vehicle. Some challenges, such as incident forensics likely would require players to learn domain knowledge such as sensor information format and how fusion works.\r\n\r\n- What do we expect players to learn through the CTF event?\r\nPlayers can (1) gain a deep understanding of real-world autonomous driving systems' design, implementation, and their corresponding security properties and characteristics; and (2) learn the attack and defense practices related to autonomous driving in a well-controlled, repeatable, visible, and engaging environment.","updated_timestamp":{"seconds":1723168346,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T01:52:26Z","links":[{"label":"Twitter (@autodrivingctf)","type":"link","url":"https://twitter.com/autodrivingctf"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249420"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249419"}],"end":"2024-08-11T01:00:00.000-0000","id":56064,"tag_ids":[46426,46439,46752],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"Y","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-09T01:52:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The AutoDriving CTF contest focuses on the emerging security challenges in autonomous driving systems. Various levels of self-driving functionalities, such as AI-powered perception, sensor fusion and route planning, are entering the product portfolio of automobile companies. From the security perspective, these AI-powered components not only contain common security problems such as memory safety bugs, but also introduce new threats such as physical adversarial attacks and sensor manipulations. Two popular examples of physical adversarial attacks are camouflage stickers that interfere with vehicle detection systems, and road graffitis that disturb lane keeping systems. The AI-powered navigation and control relies on the fusion of multiple sensor inputs, and many of the sensor inputs can be manipulated by malicious attackers. These manipulations combined with logical bugs in autonomous driving systems pose severe threats to road safety.\r\n\r\nWe design autonomous driving CTF (AutoDriving CTF) contests around the security challenges specific to these self-driving functions and components.\r\n\r\nThe goals of the AutoDriving CTF are the followings:\r\n\r\n- Demonstrate security implications of autonomous driving system design decisions through hands-on challenges, increase the awareness of potential risks in security professionals, and encourage them to propose defense solutions and tools to detect such risks.\r\n- Provide CTF challenges that allow players to learn attack and defense practices related to autonomous driving in a well-controlled, repeatable, and visible environment.\r\n- Build a set of vulnerable autonomous driving components that can be used for security research and defense evaluation.\r\n\r\nThe contest is based on a Jeopardy style of CTF game with a set of independent challenges. A typical contest challenge includes a backend that runs autonomous driving components in simulated or real environments, and a frontend that interacts with the players. This year's contest will follow the style of last year and includes the following types of challenges:\r\n\r\n- “attack”: such as constructing adversarial patches and spoofing fake sensor inputs,\r\n- “forensics”: such as investigating a security incident related to autonomous driving,\r\n- “detection”: such as detecting spoofed sensor inputs and fake obstacles,\r\n- “crashme on road!”: such as creating dangerous traffic scenarios to expose logical errors in autonomous driving systems.\r\n- “smart planner”: such as creating intelligent path planners for dangerous tasks that are difficult for human drivers\r\n\r\nMost of these challenges will be developed using game-engine based autonomous driving simulators, such as CARLA and SVL. The following link contains some challenge videos, summaries from AutoDriving CTF at DEF CON 29 and DEF CON 30\r\nhttps://drive.google.com/drive/folders/1JSVarIaQBmseLC9XqkfrxnRQto4WM225?usp=sharing\r\nhttps://www.youtube.com/channel/UCPPsKbVpxwk-464KIzr8xKw\r\n\r\n# What's new in 2024\r\nThis year, we will unlock new traffic conflict scenarios that are observed from real-world driving logs such as Jaywalk and double parked vehicles. New difficulty levels will be added to challenges in such scenarios by integrating real downstream AI modules such as object tracking from open-source autonomous driving software like Apollo, Autoware and OpenPilot.\r\n\r\nIn order to enable the audience to experience the challenges more directly, we plan to set up a vehicle wheel controller on site and provide a driving game this year. Audiences can drive themselves to compete with the self-driving vehicle in some of the challenges. Driving game demo:\r\nhttps://drive.google.com/drive/folders/1LIzJJ1I3Eqj_e0_ntX5eFu82U9ObiEYB?usp=sharing\r\n\r\n# For players\r\n- What do players need to do to participate AutoDriving CTF?\r\nMost of the challenges do not require domain knowledge of autonomous driving software or adversarial machine learning, although knowledge of those helps. For example, the players can generate images the way they like (e.g., drawing, photoshopping) to fool the AI-components or write a short python script to control the vehicle. Some challenges, such as incident forensics likely would require players to learn domain knowledge such as sensor information format and how fusion works.\r\n\r\n- What do we expect players to learn through the CTF event?\r\nPlayers can (1) gain a deep understanding of real-world autonomous driving systems' design, implementation, and their corresponding security properties and characteristics; and (2) learn the attack and defense practices related to autonomous driving in a well-controlled, repeatable, visible, and engaging environment.\n\n\n","media":[{"hash_sha256":"375569510e5615465450cb3678a63b8069acd85e1636cca316295fc89cf599d6","filetype":"image/png","hash_md5":"06d063cea5818c71eee33a32d18b836d","name":"ct_autodriving.png","is_logo":"Y","hash_crc32c":"db78dfca","filesize":20241,"asset_id":624,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_autodriving.png"}],"title":"[CANCELED] AutoDriving CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The AutoDriving CTF contest focuses on the emerging security challenges in autonomous driving systems. Various levels of self-driving functionalities, such as AI-powered perception, sensor fusion and route planning, are entering the product portfolio of automobile companies. From the security perspective, these AI-powered components not only contain common security problems such as memory safety bugs, but also introduce new threats such as physical adversarial attacks and sensor manipulations. Two popular examples of physical adversarial attacks are camouflage stickers that interfere with vehicle detection systems, and road graffitis that disturb lane keeping systems. The AI-powered navigation and control relies on the fusion of multiple sensor inputs, and many of the sensor inputs can be manipulated by malicious attackers. These manipulations combined with logical bugs in autonomous driving systems pose severe threats to road safety.\r\n\r\nWe design autonomous driving CTF (AutoDriving CTF) contests around the security challenges specific to these self-driving functions and components.\r\n\r\nThe goals of the AutoDriving CTF are the followings:\r\n\r\n- Demonstrate security implications of autonomous driving system design decisions through hands-on challenges, increase the awareness of potential risks in security professionals, and encourage them to propose defense solutions and tools to detect such risks.\r\n- Provide CTF challenges that allow players to learn attack and defense practices related to autonomous driving in a well-controlled, repeatable, and visible environment.\r\n- Build a set of vulnerable autonomous driving components that can be used for security research and defense evaluation.\r\n\r\nThe contest is based on a Jeopardy style of CTF game with a set of independent challenges. A typical contest challenge includes a backend that runs autonomous driving components in simulated or real environments, and a frontend that interacts with the players. This year's contest will follow the style of last year and includes the following types of challenges:\r\n\r\n- “attack”: such as constructing adversarial patches and spoofing fake sensor inputs,\r\n- “forensics”: such as investigating a security incident related to autonomous driving,\r\n- “detection”: such as detecting spoofed sensor inputs and fake obstacles,\r\n- “crashme on road!”: such as creating dangerous traffic scenarios to expose logical errors in autonomous driving systems.\r\n- “smart planner”: such as creating intelligent path planners for dangerous tasks that are difficult for human drivers\r\n\r\nMost of these challenges will be developed using game-engine based autonomous driving simulators, such as CARLA and SVL. The following link contains some challenge videos, summaries from AutoDriving CTF at DEF CON 29 and DEF CON 30\r\nhttps://drive.google.com/drive/folders/1JSVarIaQBmseLC9XqkfrxnRQto4WM225?usp=sharing\r\nhttps://www.youtube.com/channel/UCPPsKbVpxwk-464KIzr8xKw\r\n\r\n# What's new in 2024\r\nThis year, we will unlock new traffic conflict scenarios that are observed from real-world driving logs such as Jaywalk and double parked vehicles. New difficulty levels will be added to challenges in such scenarios by integrating real downstream AI modules such as object tracking from open-source autonomous driving software like Apollo, Autoware and OpenPilot.\r\n\r\nIn order to enable the audience to experience the challenges more directly, we plan to set up a vehicle wheel controller on site and provide a driving game this year. Audiences can drive themselves to compete with the self-driving vehicle in some of the challenges. Driving game demo:\r\nhttps://drive.google.com/drive/folders/1LIzJJ1I3Eqj_e0_ntX5eFu82U9ObiEYB?usp=sharing\r\n\r\n# For players\r\n- What do players need to do to participate AutoDriving CTF?\r\nMost of the challenges do not require domain knowledge of autonomous driving software or adversarial machine learning, although knowledge of those helps. For example, the players can generate images the way they like (e.g., drawing, photoshopping) to fool the AI-components or write a short python script to control the vehicle. Some challenges, such as incident forensics likely would require players to learn domain knowledge such as sensor information format and how fusion works.\r\n\r\n- What do we expect players to learn through the CTF event?\r\nPlayers can (1) gain a deep understanding of real-world autonomous driving systems' design, implementation, and their corresponding security properties and characteristics; and (2) learn the attack and defense practices related to autonomous driving in a well-controlled, repeatable, visible, and engaging environment.","updated_timestamp":{"seconds":1723168346,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T01:52:26Z","links":[{"label":"Twitter (@autodrivingctf)","type":"link","url":"https://twitter.com/autodrivingctf"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249420"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249419"}],"end":"2024-08-10T01:00:00.000-0000","id":56062,"tag_ids":[46426,46439,46752],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-05-B","hotel":"","short_name":"HW4-01-05-B","id":46352},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-09T01:52:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Beverage Chilling Contraption Contest has been un-canceled! After a fantastic afternoon of day drinking celebrating the start of the 20th BCCC we've run out of beer. It's a disaster, a catastrophe! Fortunately, we had the wherewithal to scramble a crack beverage acquisition team to the streets of Las Vegas and found more! Don't ask where. Unfortunately, like the streets of Las Vegas, it's HOT and kinda sticky. We need you to help us fix this and get that beer as cold as the barren wasteland that is our generation's dreams of home ownership!\n\n\n","media":[],"title":"Beverage Chilling Contraption Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"The Beverage Chilling Contraption Contest has been un-canceled! After a fantastic afternoon of day drinking celebrating the start of the 20th BCCC we've run out of beer. It's a disaster, a catastrophe! Fortunately, we had the wherewithal to scramble a crack beverage acquisition team to the streets of Las Vegas and found more! Don't ask where. Unfortunately, like the streets of Las Vegas, it's HOT and kinda sticky. We need you to help us fix this and get that beer as cold as the barren wasteland that is our generation's dreams of home ownership!","updated_timestamp":{"seconds":1722311147,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:45:47Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249412"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249413"}],"end":"2024-08-09T23:00:00.000-0000","id":56060,"tag_ids":[46427,46439,46753],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-B","hotel":"","short_name":"HW4-01-04-B","id":46277},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This event was born out of the fires of DEF CON. Through years of analyzing network traffic for the Wall of Sheep and teaching others how to do the same, we built this system as a way to help the growing numbers in our community learn (fast). Then it quickly turned into the first defensive based CTF at DEF CON and is one of the longer running competitions at con with a twist... Each year we practically re-invent ourselves, bringing the latest tools & techniques along with never seen before content across 17 categories to unleash hell on the mostly-unsuspecting attendees. For ’24 we have added tons of new content, and new types of challenges never seen before.\r\n\r\nCome compete in the world's most challenging cyber defense competition based on the Aries Security Cyber Range. Tear through the challenges, traverse a hostile enterprise class network, and diligently analyze what is found in order to make it out unscathed. Not only glory, but prizes await those that emerge victorious from this upgraded labyrinth, so only the best prepared and battle hardened will escape the crucible.\n\n\n","media":[{"hash_sha256":"39238a01b06f0ddf4e2a678a63b07a1fb93094a3716dee47fac88ff443b09b2f","filetype":"image/png","hash_md5":"bb82eeecc603d6d9d05f319875161b0f","name":"ct_ctp.png","is_logo":"Y","hash_crc32c":"a13f862e","filesize":72882,"asset_id":631,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_ctp.png"}],"title":"Capture the Packet","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"This event was born out of the fires of DEF CON. Through years of analyzing network traffic for the Wall of Sheep and teaching others how to do the same, we built this system as a way to help the growing numbers in our community learn (fast). Then it quickly turned into the first defensive based CTF at DEF CON and is one of the longer running competitions at con with a twist... Each year we practically re-invent ourselves, bringing the latest tools & techniques along with never seen before content across 17 categories to unleash hell on the mostly-unsuspecting attendees. For ’24 we have added tons of new content, and new types of challenges never seen before.\r\n\r\nCome compete in the world's most challenging cyber defense competition based on the Aries Security Cyber Range. Tear through the challenges, traverse a hostile enterprise class network, and diligently analyze what is found in order to make it out unscathed. Not only glory, but prizes await those that emerge victorious from this upgraded labyrinth, so only the best prepared and battle hardened will escape the crucible.","updated_timestamp":{"seconds":1722476750,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T01:45:50Z","links":[{"label":"More Info","type":"link","url":"https://www.capturethepacket.com"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249401"},{"label":"Twitter (@capturetp)","type":"link","url":"https://twitter.com/capturetp"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249402"}],"end":"2024-08-10T01:00:00.000-0000","id":56052,"tag_ids":[46385,46427,46439,46757],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T01:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The inception of this distinctive event occurred at DEF CON 31, initiated by a fortuitous encounter with CookieT while participating in LineCon for merch. Our shared passions fostered an immediate bond, and it was amidst this camaraderie that the idea for a future challenge germinated. Having previously engaged participants with puzzle-embedded challenge coins, I (Chasse) was inspired to expand the concept beyond a mere cipher. The aim was to design a contest that would appeal across a broad spectrum of skill levels by integrating a variety of puzzles, both modern and traditional, to attract a wider audience from a complete beginner new to the hackerspace to the more seasoned and advanced hacker. Observing the collective enthusiasm as participants unraveled the first simple coin puzzle was exhilarating, yet the quick resolution of the puzzle occasionally detracted from the overall experience for more advanced puzzle solvers. Throughout DEF CON 31, CookieT and I explored the feasibility of a web-based challenge CTF, laying the foundation for what would evolve into a pioneering contest and experience. Later Raven emerged from the shadows of cyberspace to help us chisel out the contest from Zeroes and Ones\r\n\r\nWith the announcement of DEF CON 32's theme, our concept was honed, ready to blend our creative talents into this year's challenge. We crafted an innovative combination of a narrative-driven journey game, scavenger hunt, and web-based Capture The Flag (CTF) challenges, all meticulously aligned with the DEC CON 32 \"Engage\" theme. This contest emerges as a holistic platform, introducing DEF CON newcomers to core security principles through an engaging narrative. Spanning a variety of fields including OSINT, cryptography, radio, telephony, password, and web security. It promises a rich, diverse experience! Participants, automatically divided into teams, are propelled on a quest to decode puzzles and unearth flags, with challenges designed to suit everyone from novices to veterans seeking sophisticated, intricate challenges. This contest transcends the conventional competition framework, evolving into an artful endeavor that illustrates the symbiosis of storytelling and technical puzzles to create a deeply immersive learning adventure. Imagined as an interactive storybook, it invites attendees to navigate their own routes, making their own choices that lead them through a story-rich exploration of security concepts and engagement even with each other.\r\n\r\nThe technical infrastructure of this experience is built on varied technologies. The main website, https://www.chassepartie.com, is developed with Ruby on Rails 7.1 and hosted on Heroku, with CloudFlare acting as our Web Application Firewall (WAF). This site functions as the scoreboard and narrative hub of the contest. Additionally, we have set up an XCP-NG hypervisor to host approximately 10 to 15 virtual machines as targets for participant engagement. Augmented reality markers are also in place, intended for deployment in communal areas like sticker boards, to enhance the experience. These elements are interwoven with the storyline, guiding attendees through what we believe is an unprecedented adventure-style CTF challenge named Chasse Partie Systems – Dystopian Apocalypse Resistance Terminal.\r\n\r\nSo come and join us on our deviant journey, what are you waiting for?\n\n\n","media":[{"hash_sha256":"95a6fc9488a5c31ed3edb2848eb2a24498095a0de6f93552e7bc6ffe48c215cf","filetype":"image/png","hash_md5":"5ed77e41c595c690f459fe08cc26c28a","name":"ct_chasse-partie-ctf-v2.png","is_logo":"Y","hash_crc32c":"292aa419","filesize":303387,"asset_id":668,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_chasse-partie-ctf-v2.png"}],"title":"Chasse Partie Systems CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The inception of this distinctive event occurred at DEF CON 31, initiated by a fortuitous encounter with CookieT while participating in LineCon for merch. Our shared passions fostered an immediate bond, and it was amidst this camaraderie that the idea for a future challenge germinated. Having previously engaged participants with puzzle-embedded challenge coins, I (Chasse) was inspired to expand the concept beyond a mere cipher. The aim was to design a contest that would appeal across a broad spectrum of skill levels by integrating a variety of puzzles, both modern and traditional, to attract a wider audience from a complete beginner new to the hackerspace to the more seasoned and advanced hacker. Observing the collective enthusiasm as participants unraveled the first simple coin puzzle was exhilarating, yet the quick resolution of the puzzle occasionally detracted from the overall experience for more advanced puzzle solvers. Throughout DEF CON 31, CookieT and I explored the feasibility of a web-based challenge CTF, laying the foundation for what would evolve into a pioneering contest and experience. Later Raven emerged from the shadows of cyberspace to help us chisel out the contest from Zeroes and Ones\r\n\r\nWith the announcement of DEF CON 32's theme, our concept was honed, ready to blend our creative talents into this year's challenge. We crafted an innovative combination of a narrative-driven journey game, scavenger hunt, and web-based Capture The Flag (CTF) challenges, all meticulously aligned with the DEC CON 32 \"Engage\" theme. This contest emerges as a holistic platform, introducing DEF CON newcomers to core security principles through an engaging narrative. Spanning a variety of fields including OSINT, cryptography, radio, telephony, password, and web security. It promises a rich, diverse experience! Participants, automatically divided into teams, are propelled on a quest to decode puzzles and unearth flags, with challenges designed to suit everyone from novices to veterans seeking sophisticated, intricate challenges. This contest transcends the conventional competition framework, evolving into an artful endeavor that illustrates the symbiosis of storytelling and technical puzzles to create a deeply immersive learning adventure. Imagined as an interactive storybook, it invites attendees to navigate their own routes, making their own choices that lead them through a story-rich exploration of security concepts and engagement even with each other.\r\n\r\nThe technical infrastructure of this experience is built on varied technologies. The main website, https://www.chassepartie.com, is developed with Ruby on Rails 7.1 and hosted on Heroku, with CloudFlare acting as our Web Application Firewall (WAF). This site functions as the scoreboard and narrative hub of the contest. Additionally, we have set up an XCP-NG hypervisor to host approximately 10 to 15 virtual machines as targets for participant engagement. Augmented reality markers are also in place, intended for deployment in communal areas like sticker boards, to enhance the experience. These elements are interwoven with the storyline, guiding attendees through what we believe is an unprecedented adventure-style CTF challenge named Chasse Partie Systems – Dystopian Apocalypse Resistance Terminal.\r\n\r\nSo come and join us on our deviant journey, what are you waiting for?","updated_timestamp":{"seconds":1722310816,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:40:16Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249395"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249396"}],"end":"2024-08-10T01:00:00.000-0000","id":56049,"tag_ids":[46426,46439,46758],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-E","hotel":"","short_name":"HW4-01-04-E","id":46347},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you ever wanted to break stuff on the cloud, or if you like rabbit holes that take you places you did not think you would go to, follow complicated story lines to only find you could have reached to the flag without scratching your head so much - then this CTF is for you!\r\n\r\nOur CTF is a two days jeopardy style contest where we have a bunch of challenges hosted across multiple Cloud providers across multiple categories of difficulty.\r\n\r\nYou can register as teams or go solo, use hints or stay away from them, in the end it will be all for glory or nothing. Plus the prizes. Did we not mention the prizes? :D\n\n\n","media":[{"hash_sha256":"84030b2ecb5f077fa506dcc16c49a685cf98f05b8c10202c417c064233eb4829","filetype":"image/png","hash_md5":"4b19e13df1a3f66b5f8b392d76ca707e","name":"ct_cloud.png","is_logo":"Y","hash_crc32c":"45aa66f3","filesize":58121,"asset_id":669,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_cloud.png"}],"title":"Cloud Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T06:59:00Z","end_timestamp":{"seconds":1723359540,"nanoseconds":0},"android_description":"If you ever wanted to break stuff on the cloud, or if you like rabbit holes that take you places you did not think you would go to, follow complicated story lines to only find you could have reached to the flag without scratching your head so much - then this CTF is for you!\r\n\r\nOur CTF is a two days jeopardy style contest where we have a bunch of challenges hosted across multiple Cloud providers across multiple categories of difficulty.\r\n\r\nYou can register as teams or go solo, use hints or stay away from them, in the end it will be all for glory or nothing. Plus the prizes. Did we not mention the prizes? :D","updated_timestamp":{"seconds":1722310678,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:37:58Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249392"},{"label":"Twitter (@cloudvillage_dc)","type":"link","url":"https://twitter.com/cloudvillage_dc"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249393"}],"end":"2024-08-11T06:59:00.000-0000","id":56048,"tag_ids":[46376,46426,46439,46759],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"Y","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you ever wanted to break stuff on the cloud, or if you like rabbit holes that take you places you did not think you would go to, follow complicated story lines to only find you could have reached to the flag without scratching your head so much - then this CTF is for you!\r\n\r\nOur CTF is a two days jeopardy style contest where we have a bunch of challenges hosted across multiple Cloud providers across multiple categories of difficulty.\r\n\r\nYou can register as teams or go solo, use hints or stay away from them, in the end it will be all for glory or nothing. Plus the prizes. Did we not mention the prizes? :D\n\n\n","media":[{"hash_sha256":"84030b2ecb5f077fa506dcc16c49a685cf98f05b8c10202c417c064233eb4829","filetype":"image/png","hash_md5":"4b19e13df1a3f66b5f8b392d76ca707e","name":"ct_cloud.png","is_logo":"Y","hash_crc32c":"45aa66f3","filesize":58121,"asset_id":669,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_cloud.png"}],"title":"Cloud Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"If you ever wanted to break stuff on the cloud, or if you like rabbit holes that take you places you did not think you would go to, follow complicated story lines to only find you could have reached to the flag without scratching your head so much - then this CTF is for you!\r\n\r\nOur CTF is a two days jeopardy style contest where we have a bunch of challenges hosted across multiple Cloud providers across multiple categories of difficulty.\r\n\r\nYou can register as teams or go solo, use hints or stay away from them, in the end it will be all for glory or nothing. Plus the prizes. Did we not mention the prizes? :D","updated_timestamp":{"seconds":1722310678,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:37:58Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249392"},{"label":"Twitter (@cloudvillage_dc)","type":"link","url":"https://twitter.com/cloudvillage_dc"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249393"}],"end":"2024-08-10T01:00:00.000-0000","id":56046,"tag_ids":[46376,46426,46439,46759],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"CMD+CTRL Web App Hacking Challenge gives you the opportunity to showcase your red team skills by attacking real web applications. The CMD+CTRL platform is a hacking game designed to teach the fundamentals of web application security. Explore vulnerable web applications, discover security flaws, and exploit those flaws to earn points and climb up the scoreboard. After attacking an application for yourself, you'll have a better understanding of the vulnerabilities that put real world systems at risk.\r\n\r\nAt DEF CON 32: We will be replaying some of our Cyber Range Greatest Hits. We will be running 4 different Ranges with over a 150 challenges possible!\n\n\n","media":[{"hash_sha256":"9c8df8b7b1bfaa7f9a6f76d47c2ddafcb15c60bfc6ba40d764dfaf8bc3583cde","filetype":"image/png","hash_md5":"a6d499b0f825c7c532b2eaf562131129","name":"ct_cmdctrl.png","is_logo":"Y","hash_crc32c":"9670e5ce","filesize":4017,"asset_id":630,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_cmdctrl.png"}],"title":"CMD+CTRL at DEF CON 32","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"CMD+CTRL Web App Hacking Challenge gives you the opportunity to showcase your red team skills by attacking real web applications. The CMD+CTRL platform is a hacking game designed to teach the fundamentals of web application security. Explore vulnerable web applications, discover security flaws, and exploit those flaws to earn points and climb up the scoreboard. After attacking an application for yourself, you'll have a better understanding of the vulnerabilities that put real world systems at risk.\r\n\r\nAt DEF CON 32: We will be replaying some of our Cyber Range Greatest Hits. We will be running 4 different Ranges with over a 150 challenges possible!","updated_timestamp":{"seconds":1722310603,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:36:43Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249390"},{"label":"More Info","type":"link","url":"https://defcon32.cmdnctrl.net"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249389"}],"end":"2024-08-10T01:00:00.000-0000","id":56043,"tag_ids":[46427,46439,46760],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-D","hotel":"","short_name":"HW4-03-06-D","id":46377},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Zoogleta has been scheming to corporatize and enshittify the Internet through regulatory capture, squashing indy devs, and commodifying users.\r\n\r\nYou've been contacted by journalists and whistleblowers who need help sifting through some big dumps of encrypted data and password hashes.\r\n\r\nHelp them so they can publish the smoking gun, crash Zoogleta's stock price, and get their leadership and the corrupt politicians they own arrested by exposing their internal dirt, for great justice.\r\n\r\nTime is of the essence! You will have 48 hours to crack as many files and hashes as possible.\r\n\r\nOpen to all; preregistration is recommended. Compete in the Street class for individuals or small teams, or in Pro if you do not want to sleep all weekend. Check out past years' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/\n\n\n","media":[{"hash_sha256":"8c55b933bea038dc88c4628f4a2689a38cb05c0482e20738f947c7c0a6d0bd03","filetype":"image/png","hash_md5":"1747482750537af24b802702bb112b7e","name":"ct_crackmeifyoucan.png","is_logo":"Y","hash_crc32c":"398a67a5","filesize":50685,"asset_id":721,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_crackmeifyoucan.png"}],"title":"CrackMeIfYouCan","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Zoogleta has been scheming to corporatize and enshittify the Internet through regulatory capture, squashing indy devs, and commodifying users.\r\n\r\nYou've been contacted by journalists and whistleblowers who need help sifting through some big dumps of encrypted data and password hashes.\r\n\r\nHelp them so they can publish the smoking gun, crash Zoogleta's stock price, and get their leadership and the corrupt politicians they own arrested by exposing their internal dirt, for great justice.\r\n\r\nTime is of the essence! You will have 48 hours to crack as many files and hashes as possible.\r\n\r\nOpen to all; preregistration is recommended. Compete in the Street class for individuals or small teams, or in Pro if you do not want to sleep all weekend. Check out past years' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/","updated_timestamp":{"seconds":1722310455,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:34:15Z","links":[{"label":"More Info","type":"link","url":"https://www.crackmeifyoucan.com"},{"label":"Sub-Forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250053"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250054"},{"label":"Mastodon (@CrackMeIfYouCan@infosec.exchange)","type":"link","url":"https://infosec.exchange/@CrackMeIfYouCan"}],"end":"2024-08-10T01:00:00.000-0000","id":56040,"tag_ids":[46428,46439,46761],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-05","hotel":"","short_name":"HW4-01-05","id":46349},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:34:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Various cyber tools and techniques have been utilized based on information from past attacks. Game players will learn about different cyber security frameworks, cyber-attack processes, and how they can use utilised in a fun way. The game is built to teach key cyber terms, theory and apply techniques based on real-world scenarios.\r\n\r\nAs a player, you are part of a Global Cyber Protection Team (GCPT) assigned to the mission to prevent various attacks on critical infrastructure. Your task is to use the available information that your team has at your disposal to stop the adversary from achieving their objective.\r\n\r\nPlayers will find themselves in a variety of future scenarios based on a specific industry/sector focus e.g. manufacturing, utilities, defense, finance. The task will be to defend each individual network/system to govern, identify, detect, respond and recover against abnormal/suspicious activities on the network. You will be working against a global hacker network who are threatening to disrupt the overall operations of global critical infrastructure sites for their own nefarious means.\r\n\r\nYour team must protect various networks/systems as part of a global environment. If 5 or more systems are compromised and deactivated, the hacker network successfully disabled the global environment and can assume control of the entire environment. It is your mission to protect the environment and ensure the availability of the global system.\n\n\n","media":[{"hash_sha256":"590434b852585a01a647426db34529416f6624082c827bbd32d1ef45e5ef4651","filetype":"image/png","hash_md5":"1e73edab68d1da1d66c84a992554e685","name":"ct_cyberdefender.png","is_logo":"Y","hash_crc32c":"5a341827","filesize":92175,"asset_id":632,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_cyberdefender.png"}],"title":"Cyber Defender - The Game","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Various cyber tools and techniques have been utilized based on information from past attacks. Game players will learn about different cyber security frameworks, cyber-attack processes, and how they can use utilised in a fun way. The game is built to teach key cyber terms, theory and apply techniques based on real-world scenarios.\r\n\r\nAs a player, you are part of a Global Cyber Protection Team (GCPT) assigned to the mission to prevent various attacks on critical infrastructure. Your task is to use the available information that your team has at your disposal to stop the adversary from achieving their objective.\r\n\r\nPlayers will find themselves in a variety of future scenarios based on a specific industry/sector focus e.g. manufacturing, utilities, defense, finance. The task will be to defend each individual network/system to govern, identify, detect, respond and recover against abnormal/suspicious activities on the network. You will be working against a global hacker network who are threatening to disrupt the overall operations of global critical infrastructure sites for their own nefarious means.\r\n\r\nYour team must protect various networks/systems as part of a global environment. If 5 or more systems are compromised and deactivated, the hacker network successfully disabled the global environment and can assume control of the entire environment. It is your mission to protect the environment and ensure the availability of the global system.","updated_timestamp":{"seconds":1722310334,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:32:14Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249384"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249385"}],"end":"2024-08-10T01:00:00.000-0000","id":56036,"tag_ids":[46439,46762],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-C","hotel":"","short_name":"HW4-03-06-C","id":46376},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Darknet-NG is an Alternate Reality Game (ARG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The \"Learning Quests\" help the agent gather knowledge from all across the other villages at the conference, while the \"Challenge Quests\" help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year's final challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site https://darknet-ng.network and join our growing Discord Community!\n\n\n","media":[{"hash_sha256":"1b2e0f8d162af1a6bd8a463fa27176b2afd439a1dc61b7817c2c855763a600ed","filetype":"image/png","hash_md5":"e7442de5c5eb4549170a56163423cd5e","name":"ct_darknet.png","is_logo":"Y","hash_crc32c":"f77e820f","filesize":49081,"asset_id":633,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_darknet.png"}],"title":"Darknet-NG","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Darknet-NG is an Alternate Reality Game (ARG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The \"Learning Quests\" help the agent gather knowledge from all across the other villages at the conference, while the \"Challenge Quests\" help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year's final challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site https://darknet-ng.network and join our growing Discord Community!","updated_timestamp":{"seconds":1722310268,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:31:08Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249382"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249381"},{"label":"More Info","type":"link","url":"https://darknet-ng.network"},{"label":"Twitter (@DarknetNg)","type":"link","url":"https://twitter.com/DarknetNg"}],"end":"2024-08-10T01:00:00.000-0000","id":56033,"tag_ids":[46426,46439,46763],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-D","hotel":"","short_name":"HW4-02-01-D","id":46359},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DARPA and ARPA-H’s Artificial Intelligence Cyber Challenge (AIxCC) will bring together the foremost experts in AI and cybersecurity to safeguard the software critical to all Americans. AIxCC is a two-year competition that asks competitors to design novel AI systems to secure this critical code and will award a cumulative $29.5 million in prizes to Teams with the best systems. In 2024, top teams will be awarded prizes of $2 million each, and will advance to the finals at DEF CON 33. The AIxCC Experience at DEF CON 32 is an immersive and interactive competition environment and educational space to inspire people and organizations to accelerate the development of AI-enabled cyber defenses. Attendees will explore a futuristic city where they can learn all about the competition, the technology, and the power of AI to help secure the software we all depend on.\r\n\r\nRegistration for AIxCC is no longer open to new contestants. AIxCC Preliminary Events were held March – July 2024.\r\n\r\nSemifinalists will be announced here: https://aicyberchallenge.com/\n\n\n","media":[{"hash_sha256":"ff926fdb8070905e8485c17bfc79608b27202a7548f2ddcc058bbb89ea639e83","filetype":"image/png","hash_md5":"cbceb546139e5ed4e4a61a0b7fcaf58a","name":"ct_aixcc.png","is_logo":"Y","hash_crc32c":"661f6649","filesize":94474,"asset_id":625,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_aixcc.png"}],"title":"DARPA's Artificial Intelligence Cyber Challenge (AIxCC)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"DARPA and ARPA-H’s Artificial Intelligence Cyber Challenge (AIxCC) will bring together the foremost experts in AI and cybersecurity to safeguard the software critical to all Americans. AIxCC is a two-year competition that asks competitors to design novel AI systems to secure this critical code and will award a cumulative $29.5 million in prizes to Teams with the best systems. In 2024, top teams will be awarded prizes of $2 million each, and will advance to the finals at DEF CON 33. The AIxCC Experience at DEF CON 32 is an immersive and interactive competition environment and educational space to inspire people and organizations to accelerate the development of AI-enabled cyber defenses. Attendees will explore a futuristic city where they can learn all about the competition, the technology, and the power of AI to help secure the software we all depend on.\r\n\r\nRegistration for AIxCC is no longer open to new contestants. AIxCC Preliminary Events were held March – July 2024.\r\n\r\nSemifinalists will be announced here: https://aicyberchallenge.com/","updated_timestamp":{"seconds":1722310204,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:30:04Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249422"},{"label":"More Info","type":"link","url":"https://aicyberchallenge.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249423"}],"end":"2024-08-10T01:00:00.000-0000","id":56030,"tag_ids":[46427,46439,46764],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-06 (AIxCC)","hotel":"","short_name":"HW3-05-06 (AIxCC)","id":46268},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Threat Modeling is arguably the single most important activity in an application security program and if performed early can identify a wide range of potential flaws before a single line of code has been written. While being so critically important there is no single correct way to perform Threat Modeling, many techniques, methodologies and/or tools exist.\r\n\r\nAs part of our challenge we will present contestants with the exact same design and compare the outputs they produce against a number of categories in order to identify a winner and crown DEF CON’s Next Top Threat Model(er).\n\n\n","media":[{"hash_sha256":"9f1c45d1825d2b7b5cd93c07c1a6bba41550b5cc76e52275ba0f3d3e33abf1b7","filetype":"image/png","hash_md5":"a4ccc4bb2dc371a268d25b115dd92920","name":"ct_dcnttm.png","is_logo":"Y","hash_crc32c":"a36d8a48","filesize":16951,"asset_id":634,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_dcnttm.png"}],"title":"DC’s Next Top Threat Model (DCNTTM)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Threat Modeling is arguably the single most important activity in an application security program and if performed early can identify a wide range of potential flaws before a single line of code has been written. While being so critically important there is no single correct way to perform Threat Modeling, many techniques, methodologies and/or tools exist.\r\n\r\nAs part of our challenge we will present contestants with the exact same design and compare the outputs they produce against a number of categories in order to identify a winner and crown DEF CON’s Next Top Threat Model(er).","updated_timestamp":{"seconds":1722309815,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:23:35Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249371"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249372"},{"label":"More Info","type":"link","url":"https://threatmodel.us"}],"end":"2024-08-10T01:00:00.000-0000","id":56026,"tag_ids":[46426,46439,46766],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-05-A","hotel":"","short_name":"HW4-01-05-A","id":46351},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Whether you're a seasoned DEFCON veteran or a curious newcomer, the DEFCON Scavenger Hunt promises to challenge your skills, tickle your wits, and ignite your hacker spirit. Our list is a portal to mystery, mischief, and mayhem. Assemble your team of up to five members, interpret the items, and submit your findings at the booth to our esteemed judges. Go beyond the basics for bonus points. Legends are born here.\r\n\r\nCasual players will enjoy doing a handful of items, but you will need to devote your entire weekend if you want to win. It's not just about fame, glory, or boxes of swag; the true allure is the camaraderie of fellow hackers, the knowledge that you've etched your mark on DEFCON history, and the ultimate badge of honor: bragging rights. Nothing says \"I'm a hacker\" quite like being triumphant at the DEFCON Scavenger Hunt contest.\r\n\r\nSee you at the booth!\n\n\n","media":[{"hash_sha256":"0bbb61282ddf3bcc0d027a7ffb0cb2f0dc6fcf32814b48e53488203695f478b3","filetype":"image/png","hash_md5":"d8ada9124833199cadf2f291b0178024","name":"ct_scav-hunt.png","is_logo":"Y","hash_crc32c":"fa957778","filesize":20774,"asset_id":639,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_scav-hunt.png"}],"title":"DEF CON Scavenger Hunt","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Whether you're a seasoned DEFCON veteran or a curious newcomer, the DEFCON Scavenger Hunt promises to challenge your skills, tickle your wits, and ignite your hacker spirit. Our list is a portal to mystery, mischief, and mayhem. Assemble your team of up to five members, interpret the items, and submit your findings at the booth to our esteemed judges. Go beyond the basics for bonus points. Legends are born here.\r\n\r\nCasual players will enjoy doing a handful of items, but you will need to devote your entire weekend if you want to win. It's not just about fame, glory, or boxes of swag; the true allure is the camaraderie of fellow hackers, the knowledge that you've etched your mark on DEFCON history, and the ultimate badge of honor: bragging rights. Nothing says \"I'm a hacker\" quite like being triumphant at the DEFCON Scavenger Hunt contest.\r\n\r\nSee you at the booth!","updated_timestamp":{"seconds":1722309542,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:19:02Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249365"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249366"},{"label":"Twitter (@defconscavhunt)","type":"link","url":"https://twitter.com/defconscavhunt"},{"label":"More Info","type":"link","url":"https://www.defconscavhunt.com"}],"end":"2024-08-10T01:00:00.000-0000","id":56023,"tag_ids":[46427,46439,46767],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-02","hotel":"","short_name":"HW4-03-02","id":46369},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle can keep you intrigued and busy throughout DEF CON - and questioning how deep the layers of cryptography go.\r\n\r\nThe Gold Bug is an annual puzzle hunt at DEF CON, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto.\r\n\r\nThe Gold Bug is accessible to all, with some simpler puzzles for warmup or beginners (even kids!), and some that will require you to dig a little deeper. Whether you want to hack on puzzles solo or with a team, join us at https://goldbug.cryptovillage.org to get started!\n\n\n","media":[{"hash_sha256":"13b49952b47182e368d362f08a7e71f8089c9c83059a9c4c8e4808b45d4b4895","filetype":"image/png","hash_md5":"9a544e26f3417e9cf4b4d32be2f147ae","name":"ct_gold-bug.png","is_logo":"Y","hash_crc32c":"c2604e30","filesize":86951,"asset_id":642,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_gold-bug.png"}],"title":"Gold Bug Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle can keep you intrigued and busy throughout DEF CON - and questioning how deep the layers of cryptography go.\r\n\r\nThe Gold Bug is an annual puzzle hunt at DEF CON, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto.\r\n\r\nThe Gold Bug is accessible to all, with some simpler puzzles for warmup or beginners (even kids!), and some that will require you to dig a little deeper. Whether you want to hack on puzzles solo or with a team, join us at https://goldbug.cryptovillage.org to get started!","updated_timestamp":{"seconds":1722309511,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:18:31Z","links":[{"label":"More Info","type":"link","url":"https://goldbug.cryptovillage.org/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249357"},{"label":"Twitter (@CryptoVillage)","type":"link","url":"https://twitter.com/CryptoVillage"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249358"}],"end":"2024-08-11T19:00:00.000-0000","id":56022,"tag_ids":[46377,46426,46439,46768],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"Y","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle can keep you intrigued and busy throughout DEF CON - and questioning how deep the layers of cryptography go.\r\n\r\nThe Gold Bug is an annual puzzle hunt at DEF CON, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto.\r\n\r\nThe Gold Bug is accessible to all, with some simpler puzzles for warmup or beginners (even kids!), and some that will require you to dig a little deeper. Whether you want to hack on puzzles solo or with a team, join us at https://goldbug.cryptovillage.org to get started!\n\n\n","media":[{"hash_sha256":"13b49952b47182e368d362f08a7e71f8089c9c83059a9c4c8e4808b45d4b4895","filetype":"image/png","hash_md5":"9a544e26f3417e9cf4b4d32be2f147ae","name":"ct_gold-bug.png","is_logo":"Y","hash_crc32c":"c2604e30","filesize":86951,"asset_id":642,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_gold-bug.png"}],"title":"Gold Bug Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle can keep you intrigued and busy throughout DEF CON - and questioning how deep the layers of cryptography go.\r\n\r\nThe Gold Bug is an annual puzzle hunt at DEF CON, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto.\r\n\r\nThe Gold Bug is accessible to all, with some simpler puzzles for warmup or beginners (even kids!), and some that will require you to dig a little deeper. Whether you want to hack on puzzles solo or with a team, join us at https://goldbug.cryptovillage.org to get started!","updated_timestamp":{"seconds":1722309511,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:18:31Z","links":[{"label":"More Info","type":"link","url":"https://goldbug.cryptovillage.org/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249357"},{"label":"Twitter (@CryptoVillage)","type":"link","url":"https://twitter.com/CryptoVillage"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249358"}],"end":"2024-08-10T01:00:00.000-0000","id":56019,"tag_ids":[46377,46426,46439,46768],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-F","hotel":"","short_name":"HW4-01-04-F","id":46348},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hybrid Contest\r\nOn-site Hours: Friday and Saturday 10:00-18:00; Sunday: 10:00-12:00\r\nBecomes available online Thursday 12:00\r\nOnline and In-Person platforms will close Sunday 12:00\r\nPlayers will only be able to turn in scavenger hunt items during On-site Hours.\r\n\r\nThis Pac-Man themed set of challenges takes Players on a journey through learning and demonstrating hacker and information security skills to earn points. With multiple subject-matter specific challenge groups and tracks, this hacker challenge game has something for everyone. You, dear Player, are Hac-Man (or Ms. Hac-Man, or Hac-Person), making your way through various dark mazes eating pellets, fruit, and ghosts. Each ghost represents a hacker puzzle or skills challenge. Upon completing each challenge, you’ll be awarded points and can continue on to attempt further challenges. Many challenges have unlockable hints and location information, which you can unlock by spending your collected fruit.\r\n\r\nThere is a leaderboard! As you collect points, you’ll show up on this leaderboard. The top 10 Players at the end of the game will be awarded various prizes from a prize pool.\n\n\n","media":[{"hash_sha256":"cc6847194df5b5f393d21dbe7eae61dd116d6ba9425fa3ecf526ffe8e72fcd79","filetype":"image/png","hash_md5":"a8e899829eca14ba61dacae2a6508d0a","name":"ct_hac-man_v2.png","is_logo":"Y","hash_crc32c":"e972f1c8","filesize":99075,"asset_id":782,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hac-man_v2.png"}],"title":"Hac-Man","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Hybrid Contest\r\nOn-site Hours: Friday and Saturday 10:00-18:00; Sunday: 10:00-12:00\r\nBecomes available online Thursday 12:00\r\nOnline and In-Person platforms will close Sunday 12:00\r\nPlayers will only be able to turn in scavenger hunt items during On-site Hours.\r\n\r\nThis Pac-Man themed set of challenges takes Players on a journey through learning and demonstrating hacker and information security skills to earn points. With multiple subject-matter specific challenge groups and tracks, this hacker challenge game has something for everyone. You, dear Player, are Hac-Man (or Ms. Hac-Man, or Hac-Person), making your way through various dark mazes eating pellets, fruit, and ghosts. Each ghost represents a hacker puzzle or skills challenge. Upon completing each challenge, you’ll be awarded points and can continue on to attempt further challenges. Many challenges have unlockable hints and location information, which you can unlock by spending your collected fruit.\r\n\r\nThere is a leaderboard! As you collect points, you’ll show up on this leaderboard. The top 10 Players at the end of the game will be awarded various prizes from a prize pool.","updated_timestamp":{"seconds":1722309229,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:13:49Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249354"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249355"},{"label":"More Info","type":"link","url":"https://scramble.roguesignal.io/GM_HACM24"}],"end":"2024-08-10T01:00:00.000-0000","id":56015,"tag_ids":[46426,46439,46769],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-C","hotel":"","short_name":"HW4-02-01-C","id":46358},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We would like to see cancer become a thing of the past, and you can help. How? Join the Hacker Cooling Contraption Challenge, brought to you by the TeleChallenge. Here's how it works:\r\n\r\n1. Accept our Challenge. If you accept the Challenge, you're also committing to nominate three people to join you.\r\n2. Take a video of yourself dumping a bucket of ice water over your head in combination with a Contraption of your construction to lower your temperature and raise awareness of cancer. Trust us, it's way easier to do this during the summer in Vegas than at Halifax Analytica headquarters in the winter.\r\n3. Post the audio to the TeleChallenge voice BBS challenging up to three others using their phone number, or post a video to https://defcon.social or your social media of choice using the hashtag #HackerCoolingContraption and the following:\r\n - Your handle\r\n - Who challenged you\r\n - A statement of acceptance (\"I agree that I am responsible for my own hacker cooling actions, I understand that water is wet, and I promise not to sue the TeleChallenge or DEF CON\" or something to that effect)\r\n - The handles of 3 people you are nominating\r\n - A link to a nonprofit cancer research project or charity of your choice that you have chosen to support\r\n - A mention of your contribution (including cash, cryptocurrency, volunteer hours, or computing resources), if any\r\n\r\nSuggested: Make a contribution of your choice to support cancer research. You may want to check nonprofit and charity quality here: https://www.charitynavigator.org/\r\n\r\nRULES\r\n\r\n1. You can use up to 4 items obtained either from the TeleChallenge booth or at a dollar store costing no more than $5 plus tax, plus duct tape, along with a single one-gallon bucket or container full of conventional ice and water (solely H2O!) to build your Contraption.\r\n2. Only hand tools may be used.\r\n3. No hackers may be harmed in the execution of the Challenge. Contraption may cool to no colder than -3 degrees Celcius.\r\n4. You may wear no less than a bathing suit (due to dress code requirements at pools).\r\n5. Contraptions will be judged only for full participants of the Challenge, meaning you have made three nominations and at least two nominees have also participated.\r\n6. Judging criteria: Efficacy, creativity, flair, hax.\n\n\n","media":[{"hash_sha256":"1162bb14d1418b4cae3817411de665ed741ed2268a0dcc68a84b299605b611cb","filetype":"image/png","hash_md5":"a28c768a3e779e17ac17c6310bf89f1e","name":"ct_telechallenge.png","is_logo":"Y","hash_crc32c":"a0fffafe","filesize":8220,"asset_id":660,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_telechallenge.png"}],"title":"Hacker Cooling Contraption Challenge, brought to you by the TeleChallenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"We would like to see cancer become a thing of the past, and you can help. How? Join the Hacker Cooling Contraption Challenge, brought to you by the TeleChallenge. Here's how it works:\r\n\r\n1. Accept our Challenge. If you accept the Challenge, you're also committing to nominate three people to join you.\r\n2. Take a video of yourself dumping a bucket of ice water over your head in combination with a Contraption of your construction to lower your temperature and raise awareness of cancer. Trust us, it's way easier to do this during the summer in Vegas than at Halifax Analytica headquarters in the winter.\r\n3. Post the audio to the TeleChallenge voice BBS challenging up to three others using their phone number, or post a video to https://defcon.social or your social media of choice using the hashtag #HackerCoolingContraption and the following:\r\n - Your handle\r\n - Who challenged you\r\n - A statement of acceptance (\"I agree that I am responsible for my own hacker cooling actions, I understand that water is wet, and I promise not to sue the TeleChallenge or DEF CON\" or something to that effect)\r\n - The handles of 3 people you are nominating\r\n - A link to a nonprofit cancer research project or charity of your choice that you have chosen to support\r\n - A mention of your contribution (including cash, cryptocurrency, volunteer hours, or computing resources), if any\r\n\r\nSuggested: Make a contribution of your choice to support cancer research. You may want to check nonprofit and charity quality here: https://www.charitynavigator.org/\r\n\r\nRULES\r\n\r\n1. You can use up to 4 items obtained either from the TeleChallenge booth or at a dollar store costing no more than $5 plus tax, plus duct tape, along with a single one-gallon bucket or container full of conventional ice and water (solely H2O!) to build your Contraption.\r\n2. Only hand tools may be used.\r\n3. No hackers may be harmed in the execution of the Challenge. Contraption may cool to no colder than -3 degrees Celcius.\r\n4. You may wear no less than a bathing suit (due to dress code requirements at pools).\r\n5. Contraptions will be judged only for full participants of the Challenge, meaning you have made three nominations and at least two nominees have also participated.\r\n6. Judging criteria: Efficacy, creativity, flair, hax.","updated_timestamp":{"seconds":1722309155,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:12:35Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249290"},{"label":"More Info","type":"link","url":"https://www.telechallenge.org"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249289"}],"end":"2024-08-10T01:00:00.000-0000","id":56012,"tag_ids":[46426,46439,46770],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-B","hotel":"","short_name":"HW4-02-02-B","id":46363},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Friday: Free play 10:00 - 15:00, \r\nPrelim Round 1: 16:00 - 17:00, \r\nPrelim Round 2: 17:00 - 18:00, \r\nRegistration closes: 18:00\r\n\r\nSaturday: Prelim Round 3: 11:00, \r\nPrelim Round 4: 12:00,\r\nSemi Finals Round 1: 14:00,\r\nSemi Finals Round 2: 15:00,\r\nFinals: 17:00\r\n\r\nHackFortress is a unique blend of Team Fortress 2 and a computer security contest. Teams are made up of 6 TF2 players and 4 hackers. TF2 players duke it out while hackers are busy with challenges like application security, network security, social engineering, or reverse engineering. As teams start scoring they can redeem points in the hack fortress store for bonuses. Bonuses range from crits for the TF2, lighting the opposing team on fire, or preventing the other teams hackers from accessing the store. HackFortress challenges range from beginner to advanced, from serious to absurd.\n\n\n","media":[{"hash_sha256":"ce9475936b2cf60c1c9cfa45f28e7cb875f88b8c5110474733a3a061693cd6df","filetype":"image/png","hash_md5":"4203eed2fd0b606da1243ec118062eb8","name":"ct_hack_fortress2.png","is_logo":"Y","hash_crc32c":"2ee22324","filesize":7500,"asset_id":644,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hack_fortress2.png"}],"title":"HackFortress","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Friday: Free play 10:00 - 15:00, \r\nPrelim Round 1: 16:00 - 17:00, \r\nPrelim Round 2: 17:00 - 18:00, \r\nRegistration closes: 18:00\r\n\r\nSaturday: Prelim Round 3: 11:00, \r\nPrelim Round 4: 12:00,\r\nSemi Finals Round 1: 14:00,\r\nSemi Finals Round 2: 15:00,\r\nFinals: 17:00\r\n\r\nHackFortress is a unique blend of Team Fortress 2 and a computer security contest. Teams are made up of 6 TF2 players and 4 hackers. TF2 players duke it out while hackers are busy with challenges like application security, network security, social engineering, or reverse engineering. As teams start scoring they can redeem points in the hack fortress store for bonuses. Bonuses range from crits for the TF2, lighting the opposing team on fire, or preventing the other teams hackers from accessing the store. HackFortress challenges range from beginner to advanced, from serious to absurd.","updated_timestamp":{"seconds":1722308803,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:06:43Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249347"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249348"},{"label":"More Info","type":"link","url":"https://hackfortress.net"}],"end":"2024-08-10T01:00:00.000-0000","id":56010,"tag_ids":[46427,46439,46771],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-A","hotel":"","short_name":"HW4-01-04-A","id":46276},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Grab some solder and update your JTAGulator! The Hardware Hacking Village (HHV) is back with another DEF CON hardware hacking-focused Capture the Flag (CTF) competition. This is a jeopardy style CTF, designed to challenge participants in various aspects of hardware hacking. Whether you're new to hardware hacking or experienced and just looking for something to do while you wait for your fault injection to trigger, all are welcome and challenges range from beginner to advanced.\n\n\n","media":[{"hash_sha256":"f74360633c6039f39c940ac261531b9070b375ca03df7934820a6e6936b3f328","filetype":"image/png","hash_md5":"6e367f9dca843f023ac7435893d4516f","name":"ct_hhvctf.png","is_logo":"Y","hash_crc32c":"5abd42a5","filesize":24398,"asset_id":647,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hhvctf.png"}],"title":"Hardware Hacking Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Grab some solder and update your JTAGulator! The Hardware Hacking Village (HHV) is back with another DEF CON hardware hacking-focused Capture the Flag (CTF) competition. This is a jeopardy style CTF, designed to challenge participants in various aspects of hardware hacking. Whether you're new to hardware hacking or experienced and just looking for something to do while you wait for your fault injection to trigger, all are welcome and challenges range from beginner to advanced.","updated_timestamp":{"seconds":1722308581,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:03:01Z","links":[{"label":"More Info","type":"link","url":"https://dchhv.org/challenges/dc32"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249338"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249339"},{"label":"CTF Announcement / Prereqs","type":"link","url":"https://dchhv.org/announcement/ctf/dc32/2024/08/01/dc32-hhv-challenges.html"}],"end":"2024-08-10T01:00:00.000-0000","id":56006,"tag_ids":[46381,46427,46439,46773],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:03:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This event was born out of the desire to teach an often-overlooked hardware and networking skill, and to provide the opportunity for experienced people to mentor others as they learn. DEF CON provides the perfect environment for people with no prior training to learn something useful and new. Hardwired networks are often overlooked in today’s world of cellular connection and Wi-Fi, but they still play an important part in the backbone of information sharing. We believe that while cutting-edge technologies are thrilling, traditional skills-building still has its place, and we want to provide that opportunity to the DEF CON community.\r\n\r\nDon't know how to make a network cable and want to learn? Has it been years? Or do you think you're a pro? Come see if you can... make the best cable at con by cut/wire/crimp.\n\n\n","media":[],"title":"HardWired","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"This event was born out of the desire to teach an often-overlooked hardware and networking skill, and to provide the opportunity for experienced people to mentor others as they learn. DEF CON provides the perfect environment for people with no prior training to learn something useful and new. Hardwired networks are often overlooked in today’s world of cellular connection and Wi-Fi, but they still play an important part in the backbone of information sharing. We believe that while cutting-edge technologies are thrilling, traditional skills-building still has its place, and we want to provide that opportunity to the DEF CON community.\r\n\r\nDon't know how to make a network cable and want to learn? Has it been years? Or do you think you're a pro? Come see if you can... make the best cable at con by cut/wire/crimp.","updated_timestamp":{"seconds":1722476715,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T01:45:15Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249337"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249336"}],"end":"2024-08-10T01:00:00.000-0000","id":56003,"tag_ids":[46385,46427,46439,46774],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T01:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A powerful corporation, notorious for its unethical practices, leveraged their extensive data resources gathered from users, and their psychological profiles, to subdue the population into compliance. The immune few, realizing the extent of the corporate conspiracy, band together to expose and dismantle the corporation's grip on society. These individuals must navigate a dangerous world of surveillance and betrayal. Their mission is to ignite a global awakening and reclaim freedom from corporate domination.\r\n\r\nPlayers will have to join the mission and participate in a CTF that would be beneficial for beginners and experienced players alike. The challenge categories will be Web, Cryptography, Forensics, PWN(binary exploitation) and Reverse Engineering. Various difficulty challenges from each category will be featured.\n\n\n","media":[{"hash_sha256":"f55b0da621d4ee7bcd1f6dd77fc6c800e20904a3840e9c4e47aee632f1571436","filetype":"image/png","hash_md5":"a396fd3e8349dccb4058656168c13a48","name":"ct_htbctfdatadystopia.png","is_logo":"Y","hash_crc32c":"bdc31b88","filesize":412581,"asset_id":663,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_htbctfdatadystopia.png"}],"title":"HTB CTF: Data Dystopia","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"A powerful corporation, notorious for its unethical practices, leveraged their extensive data resources gathered from users, and their psychological profiles, to subdue the population into compliance. The immune few, realizing the extent of the corporate conspiracy, band together to expose and dismantle the corporation's grip on society. These individuals must navigate a dangerous world of surveillance and betrayal. Their mission is to ignite a global awakening and reclaim freedom from corporate domination.\r\n\r\nPlayers will have to join the mission and participate in a CTF that would be beneficial for beginners and experienced players alike. The challenge categories will be Web, Cryptography, Forensics, PWN(binary exploitation) and Reverse Engineering. Various difficulty challenges from each category will be featured.","updated_timestamp":{"seconds":1722308173,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:56:13Z","links":[{"label":"Website","type":"link","url":"https://ctf.hackthebox.com/"},{"label":"Twitter (@hackthebox_eu)","type":"link","url":"https://twitter.com/hackthebox_eu"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249333"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249334"}],"end":"2024-08-10T01:00:00.000-0000","id":56000,"tag_ids":[46427,46439,46775],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06","hotel":"","short_name":"HW4-03-06","id":46373},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The ICS Village CTF offers hands-on experiences with industrial control systems, which bridge technology with physics. Attendees engage with industry experts while solving challenges like a red vs blue manufacturing network process coupled with OT-specific jeopardy-stye challenges. This contest highlights vulnerabilities in industrial equipment and OT protocols. By simulating attacks on critical infrastructure, participants develop and practice DEFCON-level skills, enhancing their understanding with critical infrastructure and the world we rely on.\n\n\n","media":[{"hash_sha256":"8f0942a63e6e9852cd8a122722da50a5f820039a33fbf629d8e0bbb0bc3c2a25","filetype":"image/png","hash_md5":"6f799941f98600f913350895408f1f4c","name":"ct_ics.png","is_logo":"Y","hash_crc32c":"765e2955","filesize":196108,"asset_id":648,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_ics.png"}],"title":"ICS CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The ICS Village CTF offers hands-on experiences with industrial control systems, which bridge technology with physics. Attendees engage with industry experts while solving challenges like a red vs blue manufacturing network process coupled with OT-specific jeopardy-stye challenges. This contest highlights vulnerabilities in industrial equipment and OT protocols. By simulating attacks on critical infrastructure, participants develop and practice DEFCON-level skills, enhancing their understanding with critical infrastructure and the world we rely on.","updated_timestamp":{"seconds":1722308131,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:55:31Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249319"},{"label":"Website","type":"link","url":"https://www.icsvillage.com/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249318"}],"end":"2024-08-10T01:00:00.000-0000","id":55997,"tag_ids":[46427,46439,46776],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The IoT village pi eating contest is a challenge where participants put their hardwear hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins.\r\n\r\nIn this brand new challenge, participants put their hardware hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins!\r\n\n\n\n","media":[],"title":"IoT Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The IoT village pi eating contest is a challenge where participants put their hardwear hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins.\r\n\r\nIn this brand new challenge, participants put their hardware hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins!","updated_timestamp":{"seconds":1722622146,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T18:09:06Z","links":[{"label":"More Info","type":"link","url":"https://scoreboard.iotvillage.org/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249449"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249448"}],"end":"2024-08-10T01:00:00.000-0000","id":55994,"tag_ids":[46427,46439,46777],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T18:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Your friend called. They had their place raided. They swear it's a setup. But now they're in jail and you're the only hope they have. Can you collect the evidence that will let them walk free? Where should you look? The evidence is everywhere, and it could be anywhere. You might be sitting on it. You might be standing near it. It might be stuck to something. It might be lying in plain sight. Find the disks and bring them to us. All they said to you before they hung up was \"It's in that place where I put that thing that time.\" Good luck.\n\n\n","media":[{"hash_sha256":"db1774578686bfa55ffe22e4d5bf679dab09062d63c06832d97909d59778ea4d","filetype":"image/png","hash_md5":"f0232799ba2c7fdc7ee2f1d7b10e849b","name":"ct_place-thing-time.png","is_logo":"Y","hash_crc32c":"657c9823","filesize":110028,"asset_id":649,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_place-thing-time.png"}],"title":"It's In That Place Where I Put That Thing That Time","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Your friend called. They had their place raided. They swear it's a setup. But now they're in jail and you're the only hope they have. Can you collect the evidence that will let them walk free? Where should you look? The evidence is everywhere, and it could be anywhere. You might be sitting on it. You might be standing near it. It might be stuck to something. It might be lying in plain sight. Find the disks and bring them to us. All they said to you before they hung up was \"It's in that place where I put that thing that time.\" Good luck.","updated_timestamp":{"seconds":1722308045,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:54:05Z","links":[{"label":"Twitter (@iitpwiptttt)","type":"link","url":"https://twitter.com/iitpwiptttt"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249330"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249331"}],"end":"2024-08-10T01:00:00.000-0000","id":55992,"tag_ids":[46427,46439,46778],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Do you fancy doing live recon on Real Organizations? Then activate Yourself. And compete in a unique HACKER challenge.\r\n\r\nThis year we are launching a new nail biting Contest, i.e Live Recon where participants will compete with each other to perform a deep osint and recon on the target organization. Here are the details:\r\n\r\nAbout the contest: \r\n\r\nJoin us for an electrifying two-day Live Reconnaissance Event. Whether you're a seasoned security expert, a curious newcomer or a bugbounty pro, this is your chance to test your skills in a high-octane environment.\r\n\r\nYour Mission\r\n\r\nGet ready to perform live reconnaissance on a curated list of companies. Dig deep and unearth critical information that could be game-changing. Use your analytical prowess and sharp instincts to explore, probe, and uncover hidden data.\r\n\r\nWhy Join the Hunt?\r\n\r\nExperience Real-World Challenges: Face off against real-world scenarios.\r\nCompete and Collaborate: Work with the best minds in the field.\r\nLearn from the Masters: Recon on a massive scale.\r\nScore Epic Prizes: Walk away with cool rewards.\r\n\r\nWho's Invited?\r\n\r\nIf you’ve got a passion for cybersecurity and Recon, this event is for you. Whether you’re a university student, a pro pentester, or a hobbyist eager to sharpen your skills, we want you! Teams are encouraged to register and bring a mix of talents to tackle these challenges head-on.\r\n\r\nGet Ready to Recon!\r\n\r\nUnleash your inner hacker and join us for a reconnaissance adventure you won’t forget!\r\n\r\nPlease note that this is an in-person event, and winners need to be at DEFCON to collect their prizes. However, once we have announced the targets, participants can play it from anywhere online (as this is Recon on public and live targets).\n\n\n","media":[{"hash_sha256":"36b1cb39348fc89252495c82a59fed87e9402509b5593fa03e8584b902578e59","filetype":"image/png","hash_md5":"654118f3f087503d0daabf099ea97615","name":"ct_recon_ctf.png","is_logo":"Y","hash_crc32c":"2011d9de","filesize":76906,"asset_id":718,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_recon_ctf.png"}],"title":"Live Recon Contest in Progress","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Do you fancy doing live recon on Real Organizations? Then activate Yourself. And compete in a unique HACKER challenge.\r\n\r\nThis year we are launching a new nail biting Contest, i.e Live Recon where participants will compete with each other to perform a deep osint and recon on the target organization. Here are the details:\r\n\r\nAbout the contest: \r\n\r\nJoin us for an electrifying two-day Live Reconnaissance Event. Whether you're a seasoned security expert, a curious newcomer or a bugbounty pro, this is your chance to test your skills in a high-octane environment.\r\n\r\nYour Mission\r\n\r\nGet ready to perform live reconnaissance on a curated list of companies. Dig deep and unearth critical information that could be game-changing. Use your analytical prowess and sharp instincts to explore, probe, and uncover hidden data.\r\n\r\nWhy Join the Hunt?\r\n\r\nExperience Real-World Challenges: Face off against real-world scenarios.\r\nCompete and Collaborate: Work with the best minds in the field.\r\nLearn from the Masters: Recon on a massive scale.\r\nScore Epic Prizes: Walk away with cool rewards.\r\n\r\nWho's Invited?\r\n\r\nIf you’ve got a passion for cybersecurity and Recon, this event is for you. Whether you’re a university student, a pro pentester, or a hobbyist eager to sharpen your skills, we want you! Teams are encouraged to register and bring a mix of talents to tackle these challenges head-on.\r\n\r\nGet Ready to Recon!\r\n\r\nUnleash your inner hacker and join us for a reconnaissance adventure you won’t forget!\r\n\r\nPlease note that this is an in-person event, and winners need to be at DEFCON to collect their prizes. However, once we have announced the targets, participants can play it from anywhere online (as this is Recon on public and live targets).","updated_timestamp":{"seconds":1722633597,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:19:57Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250009"},{"label":"More Info","type":"link","url":"https://reconvillage.org/live-recon-contest"},{"label":"Sub-Forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250008"}],"end":"2024-08-10T01:00:00.000-0000","id":55990,"tag_ids":[46391,46427,46439,46779],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T21:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"You have been randomly selected for additional security training. Be on the look out for one of our drives, USBs or surprise devices out here in Vegas, and follow along on @LonelyHardDrive for further clues to start hacking away at the puzzles. This is required for all LonelyCorp employees and Betty Pagefile is counting on you!\n\n\n","media":[{"hash_sha256":"d3413916446363608deee0d63c7e2efb8eee7c303fcaafc76eab10c25b274594","filetype":"image/png","hash_md5":"a8a23a326ef1c818a3403a1ef3e87269","name":"ct_lonelyhd.png","is_logo":"Y","hash_crc32c":"9ea33847","filesize":79993,"asset_id":650,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_lonelyhd.png"}],"title":"Lonely Hard Drive","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"You have been randomly selected for additional security training. Be on the look out for one of our drives, USBs or surprise devices out here in Vegas, and follow along on @LonelyHardDrive for further clues to start hacking away at the puzzles. This is required for all LonelyCorp employees and Betty Pagefile is counting on you!","updated_timestamp":{"seconds":1722307767,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:49:27Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249324"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249325"},{"label":"Discord","type":"link","url":"https://discord.gg/68pRuKdCpW"}],"end":"2024-08-10T01:00:00.000-0000","id":55987,"tag_ids":[46427,46439,46780],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-F","hotel":"","short_name":"HW4-02-02-F","id":46367},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"How far will you go? Or, more accurately, how far was your tag's last reported location? Pre-register your team to receive one of a dozen tags, and check out our socials (@LonelyHardDrive) to watch the tags move across the map!\n\n\n","media":[{"hash_sha256":"98201efca440cba174db564a38cc3207a4c951759d79e47ef2bb817534cbff0e","filetype":"image/png","hash_md5":"8e4dc2835c8f08abfaa5b9162b29447b","name":"ct_lonelytag.png","is_logo":"Y","hash_crc32c":"89bc5644","filesize":82759,"asset_id":651,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_lonelytag.png"}],"title":"Lonely Tag","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"How far will you go? Or, more accurately, how far was your tag's last reported location? Pre-register your team to receive one of a dozen tags, and check out our socials (@LonelyHardDrive) to watch the tags move across the map!","updated_timestamp":{"seconds":1722307717,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:48:37Z","links":[{"label":"Discord","type":"link","url":"https://discord.gg/68pRuKdCpW"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249328"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249327"},{"label":"Twitter (@LonelyHardDrive)","type":"link","url":"https://twitter.com/LonelyHardDrive"}],"end":"2024-08-10T01:00:00.000-0000","id":55984,"tag_ids":[46427,46439,46781],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-F","hotel":"","short_name":"HW4-02-02-F","id":46367},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"MARC I: Malware Analysis Report Competition I\r\n\r\nIn MARC I (Malware Analysis Report Competition I), participants collect and analyze real malware, then write an analysis report like a story, covering the entire scope of who, what, when, where, why, and how they found and analyzed the malware.\r\n\r\nMARC I was created by Lena Yu (aka LambdaMamba) to provide malware enthusiasts with an opportunity to learn and showcase their passion and skills. Mastering malware analysis means mastering language. Essentially, we take a highly technical concept and simplify it into something that many can understand, similar to how a compiler translates high-level language into low-level language that a wide range of systems can understand.\r\n\r\nWhen participants open-source and publish their work, it greatly contributes to improving the field of cyber defense. Let's make malware analysis knowledge go viral!\r\n\r\n\r\nBOMBE: Battle of Malware Bypass and EDR\r\n\r\nTry to capture malware by writing your own EDR, or become the malware to bypass detection! BOMBE (Battle of Malware Bypass and EDR) is a unique match where malware and EDR systems compete against each other inside a single VM boxing ring.\r\n\r\nOur participants can choose if they want to be malware creator or EDR developer. Malware creators aim to exfiltrate credentials and transmit them to our designated server. On the other side, EDR developers will focus on detecting the malware's activities and report its findings. Both the malware and EDR, created by our participants, will battle each other directly inside a single VM. As they face off, they’ll earn points for wins, moving up on the leaderboard. We also encourage them to keep improving their malware or EDR systems, system logs will be released after a few rounds.\r\n\r\nBOMBE was created by Wei-Chieh Chao (aka oalieno) and Tien-Chih Lin (aka Dange). It is not just a competition, it's a learning platform. Participants engage with real-world scenarios, learning the circumstances between malware and EDR, a never-ending bypass and detect game. Showcase your skills! Whether you're a wizard at weaving undetectable malware or a mastermind in sophisticated defenses, this is your stage. Demonstrate your capabilities to a global audience, including potential employers and industry leaders.\n\n\n","media":[{"hash_sha256":"6c6addafa55c0e71b8e6dc3fff0f1a9a32e4399a6b80efaece158e3fdf69dd77","filetype":"image/png","hash_md5":"ddda3a35809fc47bf728f63f829e258d","name":"ct_marcibombe.png","is_logo":"Y","hash_crc32c":"040f1340","filesize":22325,"asset_id":652,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_marcibombe.png"}],"title":"Malware Contests: MARC I & BOMBE","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"MARC I: Malware Analysis Report Competition I\r\n\r\nIn MARC I (Malware Analysis Report Competition I), participants collect and analyze real malware, then write an analysis report like a story, covering the entire scope of who, what, when, where, why, and how they found and analyzed the malware.\r\n\r\nMARC I was created by Lena Yu (aka LambdaMamba) to provide malware enthusiasts with an opportunity to learn and showcase their passion and skills. Mastering malware analysis means mastering language. Essentially, we take a highly technical concept and simplify it into something that many can understand, similar to how a compiler translates high-level language into low-level language that a wide range of systems can understand.\r\n\r\nWhen participants open-source and publish their work, it greatly contributes to improving the field of cyber defense. Let's make malware analysis knowledge go viral!\r\n\r\n\r\nBOMBE: Battle of Malware Bypass and EDR\r\n\r\nTry to capture malware by writing your own EDR, or become the malware to bypass detection! BOMBE (Battle of Malware Bypass and EDR) is a unique match where malware and EDR systems compete against each other inside a single VM boxing ring.\r\n\r\nOur participants can choose if they want to be malware creator or EDR developer. Malware creators aim to exfiltrate credentials and transmit them to our designated server. On the other side, EDR developers will focus on detecting the malware's activities and report its findings. Both the malware and EDR, created by our participants, will battle each other directly inside a single VM. As they face off, they’ll earn points for wins, moving up on the leaderboard. We also encourage them to keep improving their malware or EDR systems, system logs will be released after a few rounds.\r\n\r\nBOMBE was created by Wei-Chieh Chao (aka oalieno) and Tien-Chih Lin (aka Dange). It is not just a competition, it's a learning platform. Participants engage with real-world scenarios, learning the circumstances between malware and EDR, a never-ending bypass and detect game. Showcase your skills! Whether you're a wizard at weaving undetectable malware or a mastermind in sophisticated defenses, this is your stage. Demonstrate your capabilities to a global audience, including potential employers and industry leaders.","updated_timestamp":{"seconds":1722307667,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:47:47Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249321"},{"label":"More Info","type":"link","url":"https://digitalplaguedoctors.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249322"},{"label":"Twitter (@DigitalPlagueDr)","type":"link","url":"https://twitter.com/DigitalPlagueDr"}],"end":"2024-08-10T01:00:00.000-0000","id":55981,"tag_ids":[46427,46439,46782],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-03","hotel":"","short_name":"HW4-03-03","id":46370},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Get ready to dive into the excitement of the third annual Octopus Game at DEF CON! Octopus Game is your chance to connect with fellow attendees while exploring all the fun and fascinating aspects of DEF CON. Whether you're new to DEF CON, a beginner at code-breaking, or simply seeking a stress-free contest, this is the perfect opportunity for you. Test your skills in clue reading and code-breaking as you join in on the fun!\r\n\r\nYou and your fellow pirates will embark on an exhilarating journey, armed with clues that unveil the path to the lost treasure of a legendary pirate, now guarded by the mighty Kraken. These quests will guide you through the vibrant landscape of the Con, offering a glimpse into the myriad opportunities and experiences awaiting exploration. Designed to welcome newcomers to the hacking world, this contest fosters connections among attendees and contributors alike. Whether you choose to collaborate with a small group or brave the challenge solo, the decision is yours. Yet, amidst the excitement, remember that only one can emerge victorious. With challenges tailored for entry-level participants and a kid-friendly environment, come join us for a thrilling adventure into the depths of the Kraken's Conundrum.\n\n\n","media":[{"hash_sha256":"d965b5442c0a42e3e2532515477829fb650b66f56a09c1dc92ce7ea7b4f49215","filetype":"image/png","hash_md5":"5f9b31f3696397acc630b3f69415c627","name":"ct_octogame.png","is_logo":"Y","hash_crc32c":"a3e9435a","filesize":258126,"asset_id":653,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_octogame.png"}],"title":"Octopus Game","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Get ready to dive into the excitement of the third annual Octopus Game at DEF CON! Octopus Game is your chance to connect with fellow attendees while exploring all the fun and fascinating aspects of DEF CON. Whether you're new to DEF CON, a beginner at code-breaking, or simply seeking a stress-free contest, this is the perfect opportunity for you. Test your skills in clue reading and code-breaking as you join in on the fun!\r\n\r\nYou and your fellow pirates will embark on an exhilarating journey, armed with clues that unveil the path to the lost treasure of a legendary pirate, now guarded by the mighty Kraken. These quests will guide you through the vibrant landscape of the Con, offering a glimpse into the myriad opportunities and experiences awaiting exploration. Designed to welcome newcomers to the hacking world, this contest fosters connections among attendees and contributors alike. Whether you choose to collaborate with a small group or brave the challenge solo, the decision is yours. Yet, amidst the excitement, remember that only one can emerge victorious. With challenges tailored for entry-level participants and a kid-friendly environment, come join us for a thrilling adventure into the depths of the Kraken's Conundrum.","updated_timestamp":{"seconds":1722307468,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:44:28Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249313"},{"label":"More Info","type":"link","url":"https://www.mirolabs.info/octopus-game-dc32"},{"label":"Twitter (@OctopusGameDC)","type":"link","url":"https://twitter.com/OctopusGameDC"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249314"}],"end":"2024-08-10T01:00:00.000-0000","id":55978,"tag_ids":[46427,46439,46783],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-A","hotel":"","short_name":"HW4-03-06-A","id":46374},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:44:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The contest will be hosted on the Publicly Switched Telephone Network and will be live for access 24/7, with real world PSTN phone numbers to dial into.\r\n\r\nThe Hacked Existence team will be hosting a telecom based CTF. The CTF will be hosted on live VoIP lines routed through a modified asterisk PBX. This will allow participants to dial in to the CTF from a real world telephone routable phone number allowing them to hunt the PBX for flags. The flags will be based around utilizing historically accurate tactics, techniques, and procedures to manipulate emulated old school switching systems.\r\n\r\nThe purpose of our contest is to bring awareness around the still existing weaknesses in our telecom infrastructure and Interactive Voice Response Systems. Ideally visitors to our contest area will participate in the CTF allowing them to get a better understanding of telecom hacking in the year 2024 as well as a respect for the art of phreaking from yesteryears.\n\n\n","media":[{"hash_sha256":"a381d77389722eccd24a6d26091b74111ffeb39431dfba6ccc946470f7aa0c06","filetype":"image/png","hash_md5":"abb9c88d83bd9789b6436e200d1beba3","name":"ct_phreak-me.png","is_logo":"Y","hash_crc32c":"bce4e12c","filesize":27257,"asset_id":655,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_phreak-me.png"}],"title":"PhreakMe presented by HackedExistence","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The contest will be hosted on the Publicly Switched Telephone Network and will be live for access 24/7, with real world PSTN phone numbers to dial into.\r\n\r\nThe Hacked Existence team will be hosting a telecom based CTF. The CTF will be hosted on live VoIP lines routed through a modified asterisk PBX. This will allow participants to dial in to the CTF from a real world telephone routable phone number allowing them to hunt the PBX for flags. The flags will be based around utilizing historically accurate tactics, techniques, and procedures to manipulate emulated old school switching systems.\r\n\r\nThe purpose of our contest is to bring awareness around the still existing weaknesses in our telecom infrastructure and Interactive Voice Response Systems. Ideally visitors to our contest area will participate in the CTF allowing them to get a better understanding of telecom hacking in the year 2024 as well as a respect for the art of phreaking from yesteryears.","updated_timestamp":{"seconds":1722307355,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:42:35Z","links":[{"label":"Twitter (@mainframed767)","type":"link","url":"https://twitter.com/mainframed767"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249310"},{"label":"Twitter (@HackedExistence)","type":"link","url":"https://twitter.com/HackedExistence"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249311"}],"end":"2024-08-10T01:00:00.000-0000","id":55975,"tag_ids":[46426,46439,46784],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-C","hotel":"","short_name":"HW4-02-02-C","id":46364},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The inaugural Pinball High Score contest at DEF CON will run Friday and Saturday: 10:00-18:00, Sunday 10:00-13:00 with games available for daily High Score contests, daily challenges and open qualifying for a main tournament. The daily contests will allow any attendee to play pinball games and attempt to record a qualifying high score on each of the unique games. At 18:00 on Saturday main tournament qualifying will end and the top 8 players with the highest combined scores across all eligible machines will qualify for the Sunday finals event where they could become the first DEF CON Pinball Champion!\r\n \r\nAchieving a high score may sound simple but pinball rulesets are very complex and the skill to complete a “Wizard Mode” or achieve a high score requires research, practice, knowledge and execution. Out of the box thinking, analytical skills and pattern recognition are traits that pinball players must exhibit to be successful and some games have rule sets that can be studied and exploited to achieve a high score. Hackers are at an advantage here and while this is just a pinball contest, I expect that the community is ready for this challenge.\r\n \r\nStern Pinball has prepared an exclusive DEF CON 32 digital badge that will be available for any attendee to earn for playing in this event. Additional DEF CON specific Insider Connect badges may be unlocked during game play.\r\n \r\nPinball developers have a long history of including Easter Eggs/COWS in games. Easter eggs “may” also be available for attendees to discover during the conference. Undocumented Easter eggs found by players during the event will be documented, verified and recognized.\n\n\n","media":[{"hash_sha256":"9f1e99841fcfbdb0775e2e05980c102dddd97013cf9cc0bfce930a55d91246ec","filetype":"image/png","hash_md5":"5b36f9ed87f65efbdf841e5c77a6041f","name":"ct_Pinball.png","is_logo":"Y","hash_crc32c":"cbbfc253","filesize":614281,"asset_id":664,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_Pinball.png"}],"title":"Pinball High Score Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The inaugural Pinball High Score contest at DEF CON will run Friday and Saturday: 10:00-18:00, Sunday 10:00-13:00 with games available for daily High Score contests, daily challenges and open qualifying for a main tournament. The daily contests will allow any attendee to play pinball games and attempt to record a qualifying high score on each of the unique games. At 18:00 on Saturday main tournament qualifying will end and the top 8 players with the highest combined scores across all eligible machines will qualify for the Sunday finals event where they could become the first DEF CON Pinball Champion!\r\n \r\nAchieving a high score may sound simple but pinball rulesets are very complex and the skill to complete a “Wizard Mode” or achieve a high score requires research, practice, knowledge and execution. Out of the box thinking, analytical skills and pattern recognition are traits that pinball players must exhibit to be successful and some games have rule sets that can be studied and exploited to achieve a high score. Hackers are at an advantage here and while this is just a pinball contest, I expect that the community is ready for this challenge.\r\n \r\nStern Pinball has prepared an exclusive DEF CON 32 digital badge that will be available for any attendee to earn for playing in this event. Additional DEF CON specific Insider Connect badges may be unlocked during game play.\r\n \r\nPinball developers have a long history of including Easter Eggs/COWS in games. Easter eggs “may” also be available for attendees to discover during the conference. Undocumented Easter eggs found by players during the event will be documented, verified and recognized.","updated_timestamp":{"seconds":1722307304,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:41:44Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249307"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249308"}],"end":"2024-08-10T01:00:00.000-0000","id":55972,"tag_ids":[46427,46439,46785],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-A","hotel":"","short_name":"HW4-02-01-A","id":46356},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:41:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There’s a new emerging tech in town, and it’s name is Quantum! Following the past two years of Quantum CTF events held at the Quantum Village, we are pleased, proud, and excited to announce that our Q-CTF is indeed returning as Codename; QOLOSSUS! Pit your wits against the Atom, and come and see what devilish challenges from our Quantum Quizmasters await. Come and show your quantum prowess, and mastery of superposition and entanglement - design algorithms to break cryptography, hack our simulated quantum communications, and score points in our IRL activities. |Good Luck!〉\n\n\n","media":[{"hash_sha256":"199f4b2ea70f9102e0afb69f5030e3ee8f63e989d287fb95999ae10866455522","filetype":"image/png","hash_md5":"9b669ac9bfd767cb8376444b58c08733","name":"ct_quantum.png","is_logo":"Y","hash_crc32c":"4d94b7ec","filesize":133235,"asset_id":665,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_quantum.png"}],"title":"QOLOSSUS","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"There’s a new emerging tech in town, and it’s name is Quantum! Following the past two years of Quantum CTF events held at the Quantum Village, we are pleased, proud, and excited to announce that our Q-CTF is indeed returning as Codename; QOLOSSUS! Pit your wits against the Atom, and come and see what devilish challenges from our Quantum Quizmasters await. Come and show your quantum prowess, and mastery of superposition and entanglement - design algorithms to break cryptography, hack our simulated quantum communications, and score points in our IRL activities. |Good Luck!〉","updated_timestamp":{"seconds":1722307112,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:38:32Z","links":[{"label":"Website","type":"link","url":"https://quantumvillage.org/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249316"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249303"}],"end":"2024-08-10T01:00:00.000-0000","id":55969,"tag_ids":[46426,46439,46786],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is going to be an interactive live game that is driven by a near future storyline in which deepfakes and forgeries are so difficult to detect that bad actors and foreign governments are fully engaged in a war over people's minds. At the same time, the world is sitting on the brink of the so-called \"singularity,\" as AI advancements have completely blurred the line between artificial and natural cognition, and the Turing test has been rendered decisively moot.\r\n\r\nTeams will join the game and follow the storyline to clues that will give them hints about who they can trust and who they can't. The clues will follow the pattern of deepfakes and forgeries, asking players to figure out what's real and what's not, focusing on hacker and defcon focus areas such as authentication, trust, social engineering, hardware and software manipulation and more. They will be given a rich story that will lead them to research the underlying issues in trust and anonymous trust systems. They will also encounter challenges and tutorials on video and image validation and cryptographically safe messaging.\n\n\n","media":[{"hash_sha256":"5623af21fb9072f5866b3488e326d3582c44c0756e9bbfa94eae7e26318a73eb","filetype":"image/png","hash_md5":"ebb531e8ad802f8d5fb24e19e23f46f4","name":"ct_reali7y-overrun.png","is_logo":"Y","hash_crc32c":"14fd2e42","filesize":577690,"asset_id":701,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_reali7y-overrun.png"}],"title":"REALI7Y OVERRUN","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"This is going to be an interactive live game that is driven by a near future storyline in which deepfakes and forgeries are so difficult to detect that bad actors and foreign governments are fully engaged in a war over people's minds. At the same time, the world is sitting on the brink of the so-called \"singularity,\" as AI advancements have completely blurred the line between artificial and natural cognition, and the Turing test has been rendered decisively moot.\r\n\r\nTeams will join the game and follow the storyline to clues that will give them hints about who they can trust and who they can't. The clues will follow the pattern of deepfakes and forgeries, asking players to figure out what's real and what's not, focusing on hacker and defcon focus areas such as authentication, trust, social engineering, hardware and software manipulation and more. They will be given a rich story that will lead them to research the underlying issues in trust and anonymous trust systems. They will also encounter challenges and tutorials on video and image validation and cryptographically safe messaging.","updated_timestamp":{"seconds":1722306602,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:30:02Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249299"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249298"}],"end":"2024-08-10T01:00:00.000-0000","id":55966,"tag_ids":[46426,46439,46787],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-E","hotel":"","short_name":"HW4-02-02-E","id":46366},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Embark on a thrilling espionage adventure with spyVspy! This contest imagines a world of spy games where contestants employ basic hacking, cryptography, and rogue skills to solve puzzles and uncover hidden caches strategically scattered throughout DEF CON (and beyond).\r\n\r\nContestants will engage in a real-world treasure hunt, where the locations of hidden caches are revealed by solving the types of puzzles you'd expect to see at DEF CON. Traditional ciphers, lockpicking, OSINT, and very basic hacking/pentesting skills may be required.\r\n\r\nspyVspy is intended for players of all skill levels. Whether you're a seasoned double-agent or just learning to be a covert operative, you will be able to compete and have fun in this event. Whatever skills you think you're missing can probably be learned on-the-job anyway.\n\n\n","media":[{"hash_sha256":"b4d44cbd1ea93b8d4beb26fc184ef1b07c25bae5cb3591d5eb6ed2201bd9c641","filetype":"image/png","hash_md5":"218e2aaa3cbe5d809d9df6088aee84e6","name":"ct_spy-v-spy.png","is_logo":"Y","hash_crc32c":"d9229745","filesize":66941,"asset_id":659,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_spy-v-spy.png"}],"title":"spyVspy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Embark on a thrilling espionage adventure with spyVspy! This contest imagines a world of spy games where contestants employ basic hacking, cryptography, and rogue skills to solve puzzles and uncover hidden caches strategically scattered throughout DEF CON (and beyond).\r\n\r\nContestants will engage in a real-world treasure hunt, where the locations of hidden caches are revealed by solving the types of puzzles you'd expect to see at DEF CON. Traditional ciphers, lockpicking, OSINT, and very basic hacking/pentesting skills may be required.\r\n\r\nspyVspy is intended for players of all skill levels. Whether you're a seasoned double-agent or just learning to be a covert operative, you will be able to compete and have fun in this event. Whatever skills you think you're missing can probably be learned on-the-job anyway.","updated_timestamp":{"seconds":1722306255,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:24:15Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249293"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249292"},{"label":"More Info","type":"link","url":"https://www.fottr.io"}],"end":"2024-08-10T01:00:00.000-0000","id":55962,"tag_ids":[46427,46439,46790],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-G","hotel":"","short_name":"HW4-02-02-G","id":46368},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to protect your noggin from Taylor Swift's PsyOps plot for global domination? Have you angered our new AI Overlords, and now need to hide? Or do those alien mind control rays just have you feeling down lately? Fear not, for we here at the Tin Foil Hat Contest have your back for all of these! Come find us in the contest area, and we'll have you build a tin foil hat which is guaranteed to provide top quality protection for your cerebellum . How you ask? SCIENCE!\r\n\r\nShow us your skills by building a tin foil hat to shield your subversive thoughts, then test it out for effectiveness.\r\n\r\nThere are 2 categories: stock and unlimited. The hat in each category that causes the most signal attenuation will receive the \"Substance\" award for that category. We all know that hacker culture is all about looking good though, so a single winner will be selected for \"Style\". We provide all contestants a meter of foil, but you're welcome to acquire and use as much as you want from other sources.\n\n\n","media":[{"hash_sha256":"42c96b1d2d57e4404b3a35c61c6906b58924587cd2dbbb939a132aceb42ee2f9","filetype":"image/png","hash_md5":"5a06d9fefa99c82c9e62b9913a487e95","name":"ct_tinfoilhat.png","is_logo":"Y","hash_crc32c":"b23075e1","filesize":167200,"asset_id":693,"sort_order":2,"url":"https://info.defcon.org/blobs/ct_tinfoilhat.png"}],"title":"Tinfoil Hat Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"Want to protect your noggin from Taylor Swift's PsyOps plot for global domination? Have you angered our new AI Overlords, and now need to hide? Or do those alien mind control rays just have you feeling down lately? Fear not, for we here at the Tin Foil Hat Contest have your back for all of these! Come find us in the contest area, and we'll have you build a tin foil hat which is guaranteed to provide top quality protection for your cerebellum . How you ask? SCIENCE!\r\n\r\nShow us your skills by building a tin foil hat to shield your subversive thoughts, then test it out for effectiveness.\r\n\r\nThere are 2 categories: stock and unlimited. The hat in each category that causes the most signal attenuation will receive the \"Substance\" award for that category. We all know that hacker culture is all about looking good though, so a single winner will be selected for \"Style\". We provide all contestants a meter of foil, but you're welcome to acquire and use as much as you want from other sources.","updated_timestamp":{"seconds":1722305549,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:12:29Z","links":[{"label":"Twitter (@DC_Tin_Foil_Hat)","type":"link","url":"https://twitter.com/DC_Tin_Foil_Hat"},{"label":"More Info","type":"link","url":"https://www.psychoholics.org/tfh"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249286"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249287"}],"end":"2024-08-10T00:00:00.000-0000","id":55958,"tag_ids":[46427,46439,46791],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-D","hotel":"","short_name":"HW4-01-04-D","id":46279},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Travel the seven seas to the seven wonders across time to test your skills across both old and new worlds. Every journey's end yields its own reward, but there is only one who can claim to be the first to the summit. Bring your entire tech arsenal or just a phone. Start at the broken compass and push forward into the known to seek the unknown. Wonders, plunder, and glory to those who test the waters and themselves.\n\n\n","media":[{"hash_sha256":"c00793a49e66e3875320bb6aa8a333a128342b9aff35ce0f359a692aa3adfcef","filetype":"image/png","hash_md5":"a764d88ab305ab55ecd270635fc1d6e7","name":"ct_venator-aurum.png","is_logo":"Y","hash_crc32c":"f705c79f","filesize":162235,"asset_id":661,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_venator-aurum.png"}],"title":"venator aurum - A Treasure Hunt","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Travel the seven seas to the seven wonders across time to test your skills across both old and new worlds. Every journey's end yields its own reward, but there is only one who can claim to be the first to the summit. Bring your entire tech arsenal or just a phone. Start at the broken compass and push forward into the known to seek the unknown. Wonders, plunder, and glory to those who test the waters and themselves.","updated_timestamp":{"seconds":1722305020,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:03:40Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249282"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249283"},{"label":"More Info","type":"link","url":"https://venatoraurum.org"}],"end":"2024-08-10T01:00:00.000-0000","id":55955,"tag_ids":[46427,46439,46792],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:03:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Red Team Capture the Flag (CTF) competition is back at DEFCON! It is a challenging and exciting event that tests the skills of participants in offensive security.\r\n\r\nThe Red Team CTF is designed to simulate real-world challenges in which attackers are put to the test. Participants are expected to use a wide range of hacking techniques, tools, and skills to identify and exploit vulnerabilities.\r\n\r\nTeams are typically composed of experienced hackers, penetration testers, and security researchers who have a deep understanding of the latest cybersecurity threats and attack techniques. They must work together to uncover and exploit vulnerabilities and solve challenges.\r\n\r\nThe Red Team CTF at DEFCON is considered one of the most challenging and prestigious CTF competitions in the world, with participants coming from all over the globe to compete. It is a high-pressure, high-stakes event that tests the limits of participants' technical and strategic abilities, and offers a unique opportunity to showcase their skills and knowledge in front of a global audience of Hackers.\n\n\n","media":[{"hash_sha256":"2bf4c805c5199cf58ff7b99c52832fc1bf226ca9687e583667a7725b361d989e","filetype":"image/png","hash_md5":"61c3a856daea14c6fd3d7d213a8048f9","name":"v_redteam2024.png","is_logo":"Y","hash_crc32c":"f14aab22","filesize":209749,"asset_id":719,"sort_order":1,"url":"https://info.defcon.org/blobs/v_redteam2024.png"}],"title":"Red Team Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"The Red Team Capture the Flag (CTF) competition is back at DEFCON! It is a challenging and exciting event that tests the skills of participants in offensive security.\r\n\r\nThe Red Team CTF is designed to simulate real-world challenges in which attackers are put to the test. Participants are expected to use a wide range of hacking techniques, tools, and skills to identify and exploit vulnerabilities.\r\n\r\nTeams are typically composed of experienced hackers, penetration testers, and security researchers who have a deep understanding of the latest cybersecurity threats and attack techniques. They must work together to uncover and exploit vulnerabilities and solve challenges.\r\n\r\nThe Red Team CTF at DEFCON is considered one of the most challenging and prestigious CTF competitions in the world, with participants coming from all over the globe to compete. It is a high-pressure, high-stakes event that tests the limits of participants' technical and strategic abilities, and offers a unique opportunity to showcase their skills and knowledge in front of a global audience of Hackers.","updated_timestamp":{"seconds":1722304921,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:02:01Z","links":[{"label":"Sub-Forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250035"}],"end":"2024-08-10T00:00:00.000-0000","id":55952,"tag_ids":[46392,46427,46439,46789],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-05-C","hotel":"","short_name":"HW4-01-05-C","id":46353},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In-Person Contest\r\nFriday and Saturday: 10:00-18:00; Sunday: 10:00-12:00\r\n\r\nThe Return of ? Cube \r\n\r\n? Cube returns, weaving a tale that transcends the ordinary. This year, engagement is not just a theme—it's a journey through the multidimensional realms of hacking. Progressive Puzzles: Unlock the secrets of each compartment as you journey through progressively harder puzzles. From the Front's gentle introduction to the Top's formidable challenges, the Cube invites you to engage with the spectrum of cybersecurity domains. Physical Entry Unleashed: In a bold evolution, physical entry becomes a key component. Navigate the tangible aspects of physical entry, decoding not only in the digital realm but also as you immerse yourself physically in the enigmatic sides of ? Cube. Cryptic Narratives: As each compartment unfolds, the narrative of engagement takes shape. The puzzles, touching on encryption, penetration testing, and beyond. Silent Intricacies: Engage not only with the puzzles but also with the silent intricacies woven into the physical challenges. Decrypt messages, decipher patterns, and embrace the essence of Defcon as you navigate the unseen and the tangible. Embark on the Engage Journey: ? Cube calls upon the curious and the bold. Embark on a journey where the puzzles transcend the digital divide, demanding both mental acuity and physical prowess. H4QEG5LCMUQEAICEMVTGG33OEAZTEICSMVQWI6JAORXSAZLOM5QWOZJ7\n\n\n","media":[{"hash_sha256":"d0e2dbb822f2d701836ee0e14952d5df4b6d830bfa606ab2b50a5a1edab2dabd","filetype":"image/png","hash_md5":"c33dfe5aaced7041c948e7b2e45ba78f","name":"ct_0x3f-cube.png","is_logo":"Y","hash_crc32c":"6b1ba7fa","filesize":272722,"asset_id":622,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_0x3f-cube.png"}],"title":"? Cube","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"In-Person Contest\r\nFriday and Saturday: 10:00-18:00; Sunday: 10:00-12:00\r\n\r\nThe Return of ? Cube \r\n\r\n? Cube returns, weaving a tale that transcends the ordinary. This year, engagement is not just a theme—it's a journey through the multidimensional realms of hacking. Progressive Puzzles: Unlock the secrets of each compartment as you journey through progressively harder puzzles. From the Front's gentle introduction to the Top's formidable challenges, the Cube invites you to engage with the spectrum of cybersecurity domains. Physical Entry Unleashed: In a bold evolution, physical entry becomes a key component. Navigate the tangible aspects of physical entry, decoding not only in the digital realm but also as you immerse yourself physically in the enigmatic sides of ? Cube. Cryptic Narratives: As each compartment unfolds, the narrative of engagement takes shape. The puzzles, touching on encryption, penetration testing, and beyond. Silent Intricacies: Engage not only with the puzzles but also with the silent intricacies woven into the physical challenges. Decrypt messages, decipher patterns, and embrace the essence of Defcon as you navigate the unseen and the tangible. Embark on the Engage Journey: ? Cube calls upon the curious and the bold. Embark on a journey where the puzzles transcend the digital divide, demanding both mental acuity and physical prowess. H4QEG5LCMUQEAICEMVTGG33OEAZTEICSMVQWI6JAORXSAZLOM5QWOZJ7","updated_timestamp":{"seconds":1722304182,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T01:49:42Z","links":[{"label":"More Info","type":"link","url":"https://0x3fcube.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249434"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249433"}],"end":"2024-08-10T01:00:00.000-0000","id":55949,"tag_ids":[46427,46439,46749],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02","hotel":"","short_name":"HW4-02-02","id":46361},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T01:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AND!XOR creates electronic badges filled with hacker challenges. We love doing this, especially coming up with unique ways for hackers to earn them. Introducing the newest member of our hacker-fam: 5N4CK3Y (Snackey). 5N4CK3Y is a vending machine hardware hacking project from AND!XOR. We retrofitted it into an IoT CTF based badge dispensing machine, bling and all. Find a flag on our web hosted CTF platform, you get a 5N4CK3Y dispense code, punch it in, and a badge is vended to you! There are a variety of challenges to earn a badge as well others to continue working on the badge itself once obtained. These span from hardware hacking, reverse engineering, OSINT, network security, and cryptography to name a few. There's a little bit of everything, so it's a perfect way to learn something at one of the many DEF CON villages and talking with people you meet, then attempt one of the CTF challenges to dispense a badge. Hardware hacking is our passion and we want people to learn on badges, but more importantly that there's a lot to learn at DEF CON so our CTF will hopefully serve a desire to learn something new and meet new friends while trying to earn a badge and hack it further.\n\n\n","media":[{"hash_sha256":"8ac69ab38e4119808de39c34aef0629a1bcfb5eb60ab6d7d351a3e37b5533f13","filetype":"image/png","hash_md5":"689e0fcdb0dd612c191cd25482435f76","name":"ct_5n4ck3y.png","is_logo":"Y","hash_crc32c":"dc7e4cd6","filesize":6283,"asset_id":621,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_5n4ck3y.png"}],"title":"5N4CK3Y Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"AND!XOR creates electronic badges filled with hacker challenges. We love doing this, especially coming up with unique ways for hackers to earn them. Introducing the newest member of our hacker-fam: 5N4CK3Y (Snackey). 5N4CK3Y is a vending machine hardware hacking project from AND!XOR. We retrofitted it into an IoT CTF based badge dispensing machine, bling and all. Find a flag on our web hosted CTF platform, you get a 5N4CK3Y dispense code, punch it in, and a badge is vended to you! There are a variety of challenges to earn a badge as well others to continue working on the badge itself once obtained. These span from hardware hacking, reverse engineering, OSINT, network security, and cryptography to name a few. There's a little bit of everything, so it's a perfect way to learn something at one of the many DEF CON villages and talking with people you meet, then attempt one of the CTF challenges to dispense a badge. Hardware hacking is our passion and we want people to learn on badges, but more importantly that there's a lot to learn at DEF CON so our CTF will hopefully serve a desire to learn something new and meet new friends while trying to earn a badge and hack it further.","updated_timestamp":{"seconds":1722304084,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T01:48:04Z","links":[{"label":"Twitter (@ANDnXOR)","type":"link","url":"https://twitter.com/ANDnXOR"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249432"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249431"}],"end":"2024-08-10T01:00:00.000-0000","id":55946,"tag_ids":[46427,46439,46748],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-B","hotel":"","short_name":"HW4-02-01-B","id":46357},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Car Hacking Village CTF is a fun interactive challenge which gives contestants first hand experience to interact with automotive technologies. We work with multiple automotive OEMs and suppliers to ensure our challenges give a real-world experience to car hacking. We understand hacking cars can be expensive, so please come check out our village and flex your skills in hacking automotive technologies.\r\n\r\nWith the largest collection of hackers in one area, there's no better way to understand the security state of an industry without bringing it to security professionals to break. Over the past 10 years, the Car Hacking Village has been the focal point of interest for new hackers entering the automotive industry to learn, be a part of and actually test out automotive technologies. We plan to use this event to keep drawing attention to the automotive security industry through hands-on challenges.\n\n\n","media":[{"hash_sha256":"e781ae0757165e1901f38152e551557644051f49e9b80b6665d211c8d0436358","filetype":"image/png","hash_md5":"e839c04dbe99f926b0ae9ee3ee703da3","name":"ct_car-hacking.png","is_logo":"Y","hash_crc32c":"fbca36e3","filesize":111066,"asset_id":629,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_car-hacking.png"}],"title":"Car Hacking Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-09T23:30:00Z","end_timestamp":{"seconds":1723246200,"nanoseconds":0},"android_description":"The Car Hacking Village CTF is a fun interactive challenge which gives contestants first hand experience to interact with automotive technologies. We work with multiple automotive OEMs and suppliers to ensure our challenges give a real-world experience to car hacking. We understand hacking cars can be expensive, so please come check out our village and flex your skills in hacking automotive technologies.\r\n\r\nWith the largest collection of hackers in one area, there's no better way to understand the security state of an industry without bringing it to security professionals to break. Over the past 10 years, the Car Hacking Village has been the focal point of interest for new hackers entering the automotive industry to learn, be a part of and actually test out automotive technologies. We plan to use this event to keep drawing attention to the automotive security industry through hands-on challenges.","updated_timestamp":{"seconds":1722273461,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-29T17:17:41Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249399"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249398"},{"label":"Twitter (@CarHackVillage)","type":"link","url":"https://twitter.com/CarHackVillage"},{"label":"More Info","type":"link","url":"https://www.carhackingvillage.com/"}],"end":"2024-08-09T23:30:00.000-0000","id":55943,"tag_ids":[46375,46427,46439,46747],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-01","hotel":"","short_name":"HW4-01-01","id":46273},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-29T17:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"## CHV 101\r\n\r\nThis booth will have several reverse engineer demonstrations and an automotive threat intelligence review. \r\n\r\n- Reverse Engineering Demonstration(s)\r\n- Live vehicle communications via remote controls\r\n- EV-based Hardware-in-the-Loop (HIL) demonstrations\r\n- Automotive Threat Intelligence\r\n- How to gather threat intelligence related to the automotive industry\r\n- What the current threat landscape looks like today\r\n\r\n## CHV CTF\r\n\r\nThere will be 10-15 automotive security CTF challenges this year ranging from reverse engineering, telemetry, grand theft auto, crypto, vehicle networks, and exploitation. \r\n\r\n1st place prize is a car!\r\n\r\n## CHV Kids\r\n\r\nA fun scavenger hunt designed for DCNextGen kids to participate in and learn about the Car Hacking Village. \r\n\r\nThere will be swag items handed out to the kids as they move through the scavenger hunt. \r\n\r\n## CHV Mechanics\r\n\r\nThere will be 1 Semi-Truck and 2 Electric Vehicles on site for people to plug into. \r\n\r\nDEFCON attendees must follow the rules for each of the vehicles. There will be large ORANGE signs with the rules detailed on them.\n\n\n","media":[{"hash_sha256":"ccde738b12c7c58aff986949ac20eaf7066dfb8d710349a422699273aa0579a1","filetype":"image/png","hash_md5":"fc0eba7a6d691cdd9aa385cd0bb1eece","name":"v_CarHacking.png","is_logo":"Y","hash_crc32c":"d845a1a6","filesize":249973,"asset_id":601,"sort_order":0,"url":"https://info.defcon.org/blobs/v_CarHacking.png"}],"title":"Car Hacking Village Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"## CHV 101\r\n\r\nThis booth will have several reverse engineer demonstrations and an automotive threat intelligence review. \r\n\r\n- Reverse Engineering Demonstration(s)\r\n- Live vehicle communications via remote controls\r\n- EV-based Hardware-in-the-Loop (HIL) demonstrations\r\n- Automotive Threat Intelligence\r\n- How to gather threat intelligence related to the automotive industry\r\n- What the current threat landscape looks like today\r\n\r\n## CHV CTF\r\n\r\nThere will be 10-15 automotive security CTF challenges this year ranging from reverse engineering, telemetry, grand theft auto, crypto, vehicle networks, and exploitation. \r\n\r\n1st place prize is a car!\r\n\r\n## CHV Kids\r\n\r\nA fun scavenger hunt designed for DCNextGen kids to participate in and learn about the Car Hacking Village. \r\n\r\nThere will be swag items handed out to the kids as they move through the scavenger hunt. \r\n\r\n## CHV Mechanics\r\n\r\nThere will be 1 Semi-Truck and 2 Electric Vehicles on site for people to plug into. \r\n\r\nDEFCON attendees must follow the rules for each of the vehicles. There will be large ORANGE signs with the rules detailed on them.","updated_timestamp":{"seconds":1722273345,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-29T17:15:45Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55940,"tag_ids":[46375,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-01","hotel":"","short_name":"HW4-01-01","id":46273},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-29T17:15:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A scenario-driven Capture the Flag contest, pits teams of participants against adversaries and a clock, to protect human life and public safety. Participants compete against each other on both real and simulated medical devices, integrated into the fully immersive Biohacking Village: Device Lab, laid out as a working hospital. \r\n\r\nChallenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with protocols like DICOM, HL7 and FHIR.\r\n\r\n# 2024 Capture the Flag Challenge\r\n\r\nWelcome, elite hackers and cyber sleuths, to a CTF experience like no other - the \"Code D.A.R.K. : Biohacking Village CTF Challenge\".\r\n \r\nMerge the worlds of biology and cybersecurity in an adrenaline-pumping contest that tests your skills in ways you've never imagined. Thrilling and challenging cybersecurity adventure centered around a hospital setting as a scenario where participants engage in a race against time to secure or retrieve critical medical data, navigating through various cybersecurity puzzles and challenges, where participants act as guardians of critical biological data. \r\n\r\nUnravel Biological Mysteries: Dive into a narrative where biotechnology meets cyber-warfare. Decode genetic puzzles, breach virtual lab networks, and outsmart bioinformatics security systems.\r\n\r\nElevate Your Hacking Game: Challenge yourself with unique biocybersecurity scenarios. This isn't your typical CTF - it's a fusion of biotech intrigue and hardcore hacking.\r\n\r\nCompete and Collaborate: Team up with fellow biohackers and cyber warriors. Share knowledge, strategize, and show off your skills in a community where biology and bits intersect.\r\n\r\nGear Up for a Cyber-Biotech Showdown\r\n\r\nImmersive Scenarios: Each challenge is a step into a world where safeguarding biological data is as critical as securing digital assets.\r\n\r\nSkill Diversity: Whether you're a veteran hacker or a biotech enthusiast, Code D.A.R.K. offers a range of puzzles that cater to a wide array of skills and interests.\r\n\r\n - OT/IT\r\n - Medical devices\r\n - Hospital infrastructure\r\n - Regulatory and international affairs\r\n - Robotics\r\n - Data\r\n - **Mark your calendars** and set your alarms because the action kicks off on Friday, August 9th at 1000 PDT.\r\n - **Play from anywhere in the world!** CTF open hours are as follows: \r\n - Friday, August 9th from 10am PST - 6pm PDT\r\n - Saturday, August 10th from 10am PST - 6pm PDT\r\n - Sunday, August 11th from 10am PST - 12pm PDT\r\n\r\n# RULES\r\n\r\n## REGISTRATION\r\n\r\nParticipants may only register once for this challenge. If participants register for this challenge more than once, the whole teams with a participant that registered multiple times will be disqualified.\r\n\r\nBy registering, participants agree that their accounts may be rejected or terminated and all submissions by them and/or their Team may be disqualified if any of the information in their account is incorrect.\r\n\r\nParticipants must agree to and abide by the [Code of Conduct](https://www.villageb.io/code-of-conduct) while participating in the Biohacking Village Capture the Flag. Anyone who will conduct themselves against the CoC will be eliminated from competition and banned forever.\r\n\r\n## TEAMS\r\n\r\nAfter participants register individually, they may work alone (team of one) or on one team with other challenge participants. To work on a team, they may either create a new team or join one that is pre-existing ( if a participant wishes to join a team or offer others to join, they can do so in the #ctf-st-elvis-teambuilding Discord Channel)\r\n\r\nThe maximum number of team members is five (5).\r\n\r\nAll teams must designate a Team Captain. A Team Captain serves as the official contact person for a team: this person should provide accurate and complete contact information to ensure that CTF organizers can reach their team if needed.\r\n\r\nEach member of the team must be a registered participant in the CTF.\r\n\r\nIf participants choose to join a team, then they may not simultaneously participate as an individual or another team. \r\n\r\n## CHALLENGE SUBMISSIONS\r\n\r\nAll submissions must be received during the Challenge period. Submissions posted after the posted time frame will be disqualified.\r\n\r\nParticipants may get an answer but it will forfeit their points for that challenge. Even if the flag they tried before was similar. The decision to get the answer is final for zero points.\r\n\r\n## CHALLENGE SCORING\r\n\r\nEach submission has set value known beforehand in the challenge description\r\n\r\nThe winning teams will be decided based on the number of the accumulated points during the CTF timeframe. In case two teams accumulate the same amount of points, the team that reached the amount of points in question faster will be the winner.\r\n\r\n## CHALLENGE DISQUALIFICATION\r\n\r\nWhole team gets disqualified if any of the following applies:\r\n\r\n - One or multiple team members have registered more than once\r\n - One or multiple team members will not follow [Code of Conduct](https://www.villageb.io/code-of-conduct) (applies to any of the Biohacking village platforms or social media)\r\n - Any offensive behaviour such as attacking the Biohacking Village infrastructure, denial of service, or escaping the boundaries set by the CTF or Device Lab environment\r\n\r\n## PRIVACY\r\n\r\nUnless stated otherwise on the mainsite, we do not share any information about participants with anyone. Some events or conferences might have/require other rules, in that case it will be noted on the CTFd site.\n\n\n","media":[{"hash_sha256":"b29c833000316f6b3af2c5cc50e33ccb1756f89fb27d54aba3d5a961337c91de","filetype":"image/png","hash_md5":"8209d940757db7a341e0db2b17618f70","name":"ct_bhv-ctf.png","is_logo":"Y","hash_crc32c":"2c477ed5","filesize":54217,"asset_id":627,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_bhv-ctf.png"}],"title":"Biohacking Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"A scenario-driven Capture the Flag contest, pits teams of participants against adversaries and a clock, to protect human life and public safety. Participants compete against each other on both real and simulated medical devices, integrated into the fully immersive Biohacking Village: Device Lab, laid out as a working hospital. \r\n\r\nChallenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with protocols like DICOM, HL7 and FHIR.\r\n\r\n# 2024 Capture the Flag Challenge\r\n\r\nWelcome, elite hackers and cyber sleuths, to a CTF experience like no other - the \"Code D.A.R.K. : Biohacking Village CTF Challenge\".\r\n \r\nMerge the worlds of biology and cybersecurity in an adrenaline-pumping contest that tests your skills in ways you've never imagined. Thrilling and challenging cybersecurity adventure centered around a hospital setting as a scenario where participants engage in a race against time to secure or retrieve critical medical data, navigating through various cybersecurity puzzles and challenges, where participants act as guardians of critical biological data. \r\n\r\nUnravel Biological Mysteries: Dive into a narrative where biotechnology meets cyber-warfare. Decode genetic puzzles, breach virtual lab networks, and outsmart bioinformatics security systems.\r\n\r\nElevate Your Hacking Game: Challenge yourself with unique biocybersecurity scenarios. This isn't your typical CTF - it's a fusion of biotech intrigue and hardcore hacking.\r\n\r\nCompete and Collaborate: Team up with fellow biohackers and cyber warriors. Share knowledge, strategize, and show off your skills in a community where biology and bits intersect.\r\n\r\nGear Up for a Cyber-Biotech Showdown\r\n\r\nImmersive Scenarios: Each challenge is a step into a world where safeguarding biological data is as critical as securing digital assets.\r\n\r\nSkill Diversity: Whether you're a veteran hacker or a biotech enthusiast, Code D.A.R.K. offers a range of puzzles that cater to a wide array of skills and interests.\r\n\r\n - OT/IT\r\n - Medical devices\r\n - Hospital infrastructure\r\n - Regulatory and international affairs\r\n - Robotics\r\n - Data\r\n - **Mark your calendars** and set your alarms because the action kicks off on Friday, August 9th at 1000 PDT.\r\n - **Play from anywhere in the world!** CTF open hours are as follows: \r\n - Friday, August 9th from 10am PST - 6pm PDT\r\n - Saturday, August 10th from 10am PST - 6pm PDT\r\n - Sunday, August 11th from 10am PST - 12pm PDT\r\n\r\n# RULES\r\n\r\n## REGISTRATION\r\n\r\nParticipants may only register once for this challenge. If participants register for this challenge more than once, the whole teams with a participant that registered multiple times will be disqualified.\r\n\r\nBy registering, participants agree that their accounts may be rejected or terminated and all submissions by them and/or their Team may be disqualified if any of the information in their account is incorrect.\r\n\r\nParticipants must agree to and abide by the [Code of Conduct](https://www.villageb.io/code-of-conduct) while participating in the Biohacking Village Capture the Flag. Anyone who will conduct themselves against the CoC will be eliminated from competition and banned forever.\r\n\r\n## TEAMS\r\n\r\nAfter participants register individually, they may work alone (team of one) or on one team with other challenge participants. To work on a team, they may either create a new team or join one that is pre-existing ( if a participant wishes to join a team or offer others to join, they can do so in the #ctf-st-elvis-teambuilding Discord Channel)\r\n\r\nThe maximum number of team members is five (5).\r\n\r\nAll teams must designate a Team Captain. A Team Captain serves as the official contact person for a team: this person should provide accurate and complete contact information to ensure that CTF organizers can reach their team if needed.\r\n\r\nEach member of the team must be a registered participant in the CTF.\r\n\r\nIf participants choose to join a team, then they may not simultaneously participate as an individual or another team. \r\n\r\n## CHALLENGE SUBMISSIONS\r\n\r\nAll submissions must be received during the Challenge period. Submissions posted after the posted time frame will be disqualified.\r\n\r\nParticipants may get an answer but it will forfeit their points for that challenge. Even if the flag they tried before was similar. The decision to get the answer is final for zero points.\r\n\r\n## CHALLENGE SCORING\r\n\r\nEach submission has set value known beforehand in the challenge description\r\n\r\nThe winning teams will be decided based on the number of the accumulated points during the CTF timeframe. In case two teams accumulate the same amount of points, the team that reached the amount of points in question faster will be the winner.\r\n\r\n## CHALLENGE DISQUALIFICATION\r\n\r\nWhole team gets disqualified if any of the following applies:\r\n\r\n - One or multiple team members have registered more than once\r\n - One or multiple team members will not follow [Code of Conduct](https://www.villageb.io/code-of-conduct) (applies to any of the Biohacking village platforms or social media)\r\n - Any offensive behaviour such as attacking the Biohacking Village infrastructure, denial of service, or escaping the boundaries set by the CTF or Device Lab environment\r\n\r\n## PRIVACY\r\n\r\nUnless stated otherwise on the mainsite, we do not share any information about participants with anyone. Some events or conferences might have/require other rules, in that case it will be noted on the CTFd site.","updated_timestamp":{"seconds":1722215343,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-29T01:09:03Z","links":[{"label":"More Info","type":"link","url":"https://www.villageb.io/capture-the-flag"}],"end":"2024-08-10T01:00:00.000-0000","id":55935,"tag_ids":[46371,46427,46439,46746],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-07","hotel":"","short_name":"HW3-05-07","id":46269},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-29T01:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Device Lab is highly-collaborative environment where security researchers test medical instruments, applications, and devices in real-time from participating Medical Device Manufacturers. Any potential issues are reported directly to the manufacturer, and coordinated vulnerability disclosures are produced.\r\n\r\nAs part of their product security programs, their proactive initiatives to test their products, and to enhance the cybersecurity of their medical technologies, select medical device makers are teaming up with the Biohacking Village.\r\n\r\nThese manufacturers are inviting security researchers to learn and to test their products in dedicated spaces set aside for them. Their staff will answer questions, educate researchers, and triage any potential security issues. Researchers who perform testing should expect to follow the manufacturers’ published coordinated vulnerability disclosure policy and report any potential issues found so they can be addressed. Security researchers must sign the Hippocratic Oath for Hackers and agree to the framework of boundaries and rules of engagement during and post conference engagement.\r\n\r\nWe have 10 manufacturers with 21 devices. You can find more information about the devices and each manufacturer's Vulnerability Disclosure Policy [here](https://www.villageb.io/device-lab).\n\n\n","media":[{"hash_sha256":"b57047f46800afe2ff021580e4f9e39ea7252a7f51b0f0fb3ba1a9f748a50de9","filetype":"image/png","hash_md5":"aa9ea400be95b7313ae2d044541cb9b4","name":"v_biohacking_village.png","is_logo":"Y","hash_crc32c":"83f838d1","filesize":47901,"asset_id":581,"sort_order":0,"url":"https://info.defcon.org/blobs/v_biohacking_village.png"}],"title":"Biohacking Village: Device Lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The Device Lab is highly-collaborative environment where security researchers test medical instruments, applications, and devices in real-time from participating Medical Device Manufacturers. Any potential issues are reported directly to the manufacturer, and coordinated vulnerability disclosures are produced.\r\n\r\nAs part of their product security programs, their proactive initiatives to test their products, and to enhance the cybersecurity of their medical technologies, select medical device makers are teaming up with the Biohacking Village.\r\n\r\nThese manufacturers are inviting security researchers to learn and to test their products in dedicated spaces set aside for them. Their staff will answer questions, educate researchers, and triage any potential security issues. Researchers who perform testing should expect to follow the manufacturers’ published coordinated vulnerability disclosure policy and report any potential issues found so they can be addressed. Security researchers must sign the Hippocratic Oath for Hackers and agree to the framework of boundaries and rules of engagement during and post conference engagement.\r\n\r\nWe have 10 manufacturers with 21 devices. You can find more information about the devices and each manufacturer's Vulnerability Disclosure Policy [here](https://www.villageb.io/device-lab).","updated_timestamp":{"seconds":1722214645,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-29T00:57:25Z","links":[{"label":"More Info","type":"link","url":"https://www.villageb.io/device-lab"},{"label":"Hippocractic Oath for Hackers","type":"link","url":"https://www.villageb.io/hippocractic-oath"}],"end":"2024-08-10T01:00:00.000-0000","id":55934,"tag_ids":[46371,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-07","hotel":"","short_name":"HW3-05-07","id":46269},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-29T00:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Opening Note","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:10:00Z","end_timestamp":{"seconds":1723223400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T17:10:00.000-0000","id":55905,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Chill out space to relax with us in a safe place. Grab a non-alcoholic drink, unleash your creativity and unwind with our art therapy, and connect with women and underrepresented communities working in security and privacy.\n\n\n","media":[],"title":"WISP Community & Inclusion Room","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Chill out space to relax with us in a safe place. Grab a non-alcoholic drink, unleash your creativity and unwind with our art therapy, and connect with women and underrepresented communities working in security and privacy.","updated_timestamp":{"seconds":1722206838,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T22:47:18Z","links":[{"label":"Website","type":"link","url":"https://www.wisporg.com/"}],"end":"2024-08-10T01:00:00.000-0000","id":55898,"tag_ids":[46410,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-04","hotel":"","short_name":"HW3-05-04","id":46266},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-28T22:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"All content areas generally open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722141200,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T04:33:20Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55849,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-28T04:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this game capture the flag you will be presented with real configurations of real wireless and radio technologies to attack. Practice your skill and learn new ones from Radio Frequency IDentification (RFID) through Software Defined Radio (SDR) and up to Bluetooth and WiFi. There may even be Infrared, if you have the eye for it.\r\n\r\nRF Hackers Sanctuary is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 32. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\r\n\r\nWe cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\r\n\r\nThis game doesn’t let you sit still either, as there are numerous fox hunts, testing your skill in tracking various signals. If running around the conference looking for WiFi, Bluetooth, or even a Tire Pressure Monitoring System (TPMS) device sounds like fun, we are your source of a higher step count.\r\n\r\nThere will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.\n\n\n","media":[{"hash_sha256":"5f981ba5433d67bf2f8834a45bb258444769b295ae92186f2f68a4af3895f9c6","filetype":"image/png","hash_md5":"72e07d62ad0bbc2e291d84f343f14ae7","name":"ct_rfhs.png","is_logo":"Y","hash_crc32c":"5c2623fd","filesize":55723,"asset_id":657,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_rfhs.png"}],"title":"Radio Frequency Capture the Flag","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"In this game capture the flag you will be presented with real configurations of real wireless and radio technologies to attack. Practice your skill and learn new ones from Radio Frequency IDentification (RFID) through Software Defined Radio (SDR) and up to Bluetooth and WiFi. There may even be Infrared, if you have the eye for it.\r\n\r\nRF Hackers Sanctuary is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 32. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\r\n\r\nWe cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\r\n\r\nThis game doesn’t let you sit still either, as there are numerous fox hunts, testing your skill in tracking various signals. If running around the conference looking for WiFi, Bluetooth, or even a Tire Pressure Monitoring System (TPMS) device sounds like fun, we are your source of a higher step count.\r\n\r\nThere will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.","updated_timestamp":{"seconds":1722114431,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-27T21:07:11Z","links":[{"label":"Website","type":"link","url":"https://rfhackers.com"},{"label":"Scoreboard","type":"link","url":"https://scoreboard.rfhackers.com/"}],"end":"2024-08-10T01:00:00.000-0000","id":55844,"tag_ids":[46390,46439,46742],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-27T21:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to tinker with locks and tools the likes of which you've only seen in movies featuring secret agents, daring heists, or covert entry teams?\r\n\r\nThen come on by the Lockpick Village, run by The Open Organization Of Lockpickers, where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised.\r\n\r\nThe Lockpick Village is a physical security demonstration and participation area. Visitors can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficultly to try it themselves.\r\n\r\nExperts will be on hand to demonstrate and plenty of trial locks, pick tools, and other devices will be available for you to handle. By exploring the faults and flaws in many popular lock designs, you can not only learn about the fun hobby of sport-picking, but also gain a much stronger knowledge about the best methods and practices for protecting your own property.\r\n\r\nA popular spot for new lock pickers! Highly recommended you stop by. The Lockpick Village is always kid friendly and welcomes folks of all ages. We do require that the parents stay with the kids.\n\n\n","media":[],"title":"Lockpicking Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Want to tinker with locks and tools the likes of which you've only seen in movies featuring secret agents, daring heists, or covert entry teams?\r\n\r\nThen come on by the Lockpick Village, run by The Open Organization Of Lockpickers, where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised.\r\n\r\nThe Lockpick Village is a physical security demonstration and participation area. Visitors can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficultly to try it themselves.\r\n\r\nExperts will be on hand to demonstrate and plenty of trial locks, pick tools, and other devices will be available for you to handle. By exploring the faults and flaws in many popular lock designs, you can not only learn about the fun hobby of sport-picking, but also gain a much stronger knowledge about the best methods and practices for protecting your own property.\r\n\r\nA popular spot for new lock pickers! Highly recommended you stop by. The Lockpick Village is always kid friendly and welcomes folks of all ages. We do require that the parents stay with the kids.","updated_timestamp":{"seconds":1722093520,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-27T15:18:40Z","links":[{"label":"Website","type":"link","url":"https://www.toool.us/"},{"label":"Twitter (@toool)","type":"link","url":"https://twitter.com/toool"}],"end":"2024-08-10T01:00:00.000-0000","id":55819,"tag_ids":[46384,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03-A","hotel":"","short_name":"HW2-07-03-A","id":46383},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-27T15:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Embedded systems are everywhere in our daily lives, from the smart devices in our homes to the systems that control critical infrastructure. These systems exist at the intersection of hardware and software, built to accomplish a specific task. However, unlike general-purpose computers, embedded systems are typically designed for a particular case of use and have limited resources. This makes them both challenging and fascinating to work with, especially from a security perspective. Often these disciplines are dealt with individually, but understanding the custom relationships between hardware and software is vital to performing security research on these devices.\r\n\r\nThe embedded device CTF contest is an exciting opportunity to explore the intricacies of these systems and test your skills in a competitive environment. Contestants are challenged to find vulnerabilities in the firmware or hardware and exploit them to gain access or control over the device. The contest offers a unique opportunity to explore embedded devices' inner workings and understand their design's security implications.\r\n\r\nNew devices will be dramatically introduced at set intervals throughout the competition, and point values will decrease over time. This keeps contestants guessing and on their toes, forcing them to adapt and use their skills to tackle new challenges. It also offers a chance to learn about different types of devices and how they function, broadening participants' knowledge and experience.\r\n\r\nBy participating in the contest, contestants can develop a deep understanding of how these systems operate and how to secure them against potential attacks. Additionally, the contest encourages participants to think outside the box and approach problems creatively, honing their problem-solving skills. The competition provides a valuable opportunity to network with like-minded individuals and a chance to learn from others in the field hands-on.\r\n\r\nOverall, the embedded device CTF contest is an exciting and educational experience that showcases the unique challenges and rewards of working with embedded devices. With the rise of the Internet of Things and the increasing integration of technology in our daily lives, embedded devices are becoming more ubiquitous, making this contest relevant and worth checking out. Whether you're a seasoned security professional or just starting in the field, the contest offers a chance to learn, test your skills, and have fun in a dynamic and competitive environment.\r\n\r\nThis is the main event at Embedded Systems Village. Come and show off your skills at hacking our collection of vulnerable embedded devices and find flags to score points! New this year we have a 101 track where each team will have their own set of emulated devices, as well as embedded challenges from the MITRE eCTF and some boss-level embedded challenges from Toyota Tsusho Systems US!\n\n\n","media":[{"hash_sha256":"a696b6f750fbe91d74ff91917f95bfe709d70e794beab35ff900219f1c87bdb9","filetype":"image/png","hash_md5":"173fb1fa87976ebc72de68fcb9171698","name":"ct_embedded.png","is_logo":"Y","hash_crc32c":"85767de7","filesize":121480,"asset_id":641,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_embedded.png"}],"title":"Embedded CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Embedded systems are everywhere in our daily lives, from the smart devices in our homes to the systems that control critical infrastructure. These systems exist at the intersection of hardware and software, built to accomplish a specific task. However, unlike general-purpose computers, embedded systems are typically designed for a particular case of use and have limited resources. This makes them both challenging and fascinating to work with, especially from a security perspective. Often these disciplines are dealt with individually, but understanding the custom relationships between hardware and software is vital to performing security research on these devices.\r\n\r\nThe embedded device CTF contest is an exciting opportunity to explore the intricacies of these systems and test your skills in a competitive environment. Contestants are challenged to find vulnerabilities in the firmware or hardware and exploit them to gain access or control over the device. The contest offers a unique opportunity to explore embedded devices' inner workings and understand their design's security implications.\r\n\r\nNew devices will be dramatically introduced at set intervals throughout the competition, and point values will decrease over time. This keeps contestants guessing and on their toes, forcing them to adapt and use their skills to tackle new challenges. It also offers a chance to learn about different types of devices and how they function, broadening participants' knowledge and experience.\r\n\r\nBy participating in the contest, contestants can develop a deep understanding of how these systems operate and how to secure them against potential attacks. Additionally, the contest encourages participants to think outside the box and approach problems creatively, honing their problem-solving skills. The competition provides a valuable opportunity to network with like-minded individuals and a chance to learn from others in the field hands-on.\r\n\r\nOverall, the embedded device CTF contest is an exciting and educational experience that showcases the unique challenges and rewards of working with embedded devices. With the rise of the Internet of Things and the increasing integration of technology in our daily lives, embedded devices are becoming more ubiquitous, making this contest relevant and worth checking out. Whether you're a seasoned security professional or just starting in the field, the contest offers a chance to learn, test your skills, and have fun in a dynamic and competitive environment.\r\n\r\nThis is the main event at Embedded Systems Village. Come and show off your skills at hacking our collection of vulnerable embedded devices and find flags to score points! New this year we have a 101 track where each team will have their own set of emulated devices, as well as embedded challenges from the MITRE eCTF and some boss-level embedded challenges from Toyota Tsusho Systems US!","updated_timestamp":{"seconds":1722037378,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-26T23:42:58Z","links":[{"label":"Twitter (@EmbeddedVillage)","type":"link","url":"https://twitter.com/EmbeddedVillage"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249361"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249360"},{"label":"More Info","type":"link","url":"https://www.embeddedvillage.org"}],"end":"2024-08-10T01:00:00.000-0000","id":55803,"tag_ids":[46379,46439,46739],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-26T23:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come and explore embedded communication by sniffing wireless traffic, exploring embedded servers, and finding flags hidden within.\n\n\n","media":[],"title":"Wireless & Networking workshop","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Come and explore embedded communication by sniffing wireless traffic, exploring embedded servers, and finding flags hidden within.","updated_timestamp":{"seconds":1722303624,"nanoseconds":0},"speakers":[{"content_ids":[55408],"conference_id":133,"event_ids":[55802,55809,55817],"name":"Alex Kelly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56029}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T01:40:24Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55802,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56029}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T01:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hack your first embedded system! Sit down at our provided laptops and be guided through exploiting an IP camera, then learn how you can set up the emulated camera (and other devices) at home with Ludus!\n\n\n","media":[],"title":"Emulating (and Hacking) Embedded Devices","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Hack your first embedded system! Sit down at our provided laptops and be guided through exploiting an IP camera, then learn how you can set up the emulated camera (and other devices) at home with Ludus!","updated_timestamp":{"seconds":1722037241,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-26T23:40:41Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55801,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-26T23:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come try a hands-on workshop on embedded computing using the new RP2350 processor from Raspberry Pi.  Lean about the security architecture in modern embedded microprocessors and tinker with it in person! Think you have what it takes to break our stuff? Come learn, say hi and give it a try!\n\n\n","media":[],"title":"Secure Microcontroller Workshop","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Come try a hands-on workshop on embedded computing using the new RP2350 processor from Raspberry Pi.  Lean about the security architecture in modern embedded microprocessors and tinker with it in person! Think you have what it takes to break our stuff? Come learn, say hi and give it a try!","updated_timestamp":{"seconds":1723217513,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T15:31:53Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55800,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-09T15:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This series of self-guided labs will introduce even the most novice hacker to the world of embedded device firmware and software exploitation. First-come first-served, don't miss a chance try out these labs and get started with embedded device hacking.\n\n\n","media":[],"title":"101 Labs: Firmware and Software exploitation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"This series of self-guided labs will introduce even the most novice hacker to the world of embedded device firmware and software exploitation. First-come first-served, don't miss a chance try out these labs and get started with embedded device hacking.","updated_timestamp":{"seconds":1722037224,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-26T23:40:24Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55799,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-26T23:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you've never popped open an embedded device and tried to get a simple shell, this is the lab for you. This is a first-come first-served workshop where you can walk through the step by step instructions to finding and connecting to a debug interface on an embedded device.\n\n\n","media":[],"title":"101 Labs: Hardware Lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"If you've never popped open an embedded device and tried to get a simple shell, this is the lab for you. This is a first-come first-served workshop where you can walk through the step by step instructions to finding and connecting to a debug interface on an embedded device.","updated_timestamp":{"seconds":1722037214,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-26T23:40:14Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55798,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-26T23:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Curious about hacking chips using fault-injection? Take your first steps in our (free) glitching workshops! We provide you with hardware & guidance to conduct your first fault-injection attacks, all you need is a laptop running Python & OpenOCD: Reproduce the nRF52 \"AirTag\" glitch or learn how to glitch one of the chips used in crypto-wallets to store millions of dollars.\r\n\r\nWe will also have a secret challenge announced on site!\r\n\r\nLab provided by hextree.io\n\n\n","media":[],"title":"Hardware Hacking: Glitching Lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Curious about hacking chips using fault-injection? Take your first steps in our (free) glitching workshops! We provide you with hardware & guidance to conduct your first fault-injection attacks, all you need is a laptop running Python & OpenOCD: Reproduce the nRF52 \"AirTag\" glitch or learn how to glitch one of the chips used in crypto-wallets to store millions of dollars.\r\n\r\nWe will also have a secret challenge announced on site!\r\n\r\nLab provided by hextree.io","updated_timestamp":{"seconds":1722037194,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-26T23:39:54Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55797,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-26T23:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ever see someone walking around DEF CON and wonder “what is up with the hard hats?”\r\n\r\nThe Hard Hat Brigade brings hackers together in the spirit of endless curiosity and tinkering. We use a common platform (hats) to combine art (bling) and hacker functionality (warez) to inspire others to explore outside of their comfort zones in a safe and welcoming community.\r\n\r\nWe encourage everyone to explore their creativity using art, electronics, mechanical design, or any other medium that piques their interest. Hats are inexpensive, widely available, and easy to modify to suit your needs. We started with hard hats but are not limited to any type of hat, so you have the freedom to choose whatever hat suits your fancy.\r\n\r\nDespite everyone using a common platform, every creation is unique and embodies the personality of the creator. Walking around DEF CON, you can display your creation for all to see, and many will stop to ask you about what you have created. This allows you to talk about your experience, as well as inspire others to explore new ideas of their own.\r\n\r\nOne of the challenges at hacker summer camp has been finding people to connect with. By leveraging hard hats as a canvas, HHB has solved this challenge with something that is incredibly accessible while also offering a ton of variety. Gazing upon these creations, they reflect back the uniqueness of all the awesome hackers that we’ve been able to meet. In years past, we’ve had the opportunity to see how so many talented and creative hackers tackle the challenge of using the venerable hard hat as their muse. Just as fun, charming and skilled as so many attendees are, the hard hat has been a great vessel to carry their awesome projects. \r\n\r\nStop by our community space and make your trip memorable by trying on a hat, learning and sharing building techniques, networking with other hat loving hackers, and expressing yourself in your own hacker way. Keep on hacking!\n\n\n","media":[],"title":"Hard Hat Brigade - Community Space Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Ever see someone walking around DEF CON and wonder “what is up with the hard hats?”\r\n\r\nThe Hard Hat Brigade brings hackers together in the spirit of endless curiosity and tinkering. We use a common platform (hats) to combine art (bling) and hacker functionality (warez) to inspire others to explore outside of their comfort zones in a safe and welcoming community.\r\n\r\nWe encourage everyone to explore their creativity using art, electronics, mechanical design, or any other medium that piques their interest. Hats are inexpensive, widely available, and easy to modify to suit your needs. We started with hard hats but are not limited to any type of hat, so you have the freedom to choose whatever hat suits your fancy.\r\n\r\nDespite everyone using a common platform, every creation is unique and embodies the personality of the creator. Walking around DEF CON, you can display your creation for all to see, and many will stop to ask you about what you have created. This allows you to talk about your experience, as well as inspire others to explore new ideas of their own.\r\n\r\nOne of the challenges at hacker summer camp has been finding people to connect with. By leveraging hard hats as a canvas, HHB has solved this challenge with something that is incredibly accessible while also offering a ton of variety. Gazing upon these creations, they reflect back the uniqueness of all the awesome hackers that we’ve been able to meet. In years past, we’ve had the opportunity to see how so many talented and creative hackers tackle the challenge of using the venerable hard hat as their muse. Just as fun, charming and skilled as so many attendees are, the hard hat has been a great vessel to carry their awesome projects. \r\n\r\nStop by our community space and make your trip memorable by trying on a hat, learning and sharing building techniques, networking with other hat loving hackers, and expressing yourself in your own hacker way. Keep on hacking!","updated_timestamp":{"seconds":1721968701,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-26T04:38:21Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55794,"tag_ids":[46403,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-02","hotel":"","short_name":"HW2-08-02","id":46261},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-26T04:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Pick up your DCNextGen badge and other swag. We will also have an overview of DCNextGen activities and adventures!\n\n\n","media":[],"title":"Welcome / Badge & Swag Pick Up","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"Pick up your DCNextGen badge and other swag. We will also have an overview of DCNextGen activities and adventures!","updated_timestamp":{"seconds":1721785023,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T01:37:03Z","links":[],"end":"2024-08-09T18:00:00.000-0000","id":55754,"tag_ids":[46398,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-24T01:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"During the work on my SANS Master's thesis, I realized two things: I am not a developer and ChatGPT makes a pretty good one. Using ChatGPT to write the Python scripts for my research, I started to branch out and use it to write defensive tools such as for identifying unknown assets on the network as a listening service or offensively such as when taking a PLC out of Run mode remotely. If you can think through the process, ChatGPT (or other GenAI) can help you make it a reality. Want to Live off the Land and don't want to download a Python script which might be spotted? Use ChatGPT to convert it to PowerShell on the spot! Receiving error messages from the code it wrote for you? Don't worry - it can fix those issues too! The presentation will walk attendees through prompt creation for two sample coding projects - both with offensive/defensive capabilities, tools that attendees would be able to use back on the job. And, with inspiration, go out and create their own tools!\n\n\n","media":[],"title":"Using ChatGPT to Write Defensive & Offensive Tools for ICS/OT","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:50:00Z","end_timestamp":{"seconds":1723225800,"nanoseconds":0},"android_description":"During the work on my SANS Master's thesis, I realized two things: I am not a developer and ChatGPT makes a pretty good one. Using ChatGPT to write the Python scripts for my research, I started to branch out and use it to write defensive tools such as for identifying unknown assets on the network as a listening service or offensively such as when taking a PLC out of Run mode remotely. If you can think through the process, ChatGPT (or other GenAI) can help you make it a reality. Want to Live off the Land and don't want to download a Python script which might be spotted? Use ChatGPT to convert it to PowerShell on the spot! Receiving error messages from the code it wrote for you? Don't worry - it can fix those issues too! The presentation will walk attendees through prompt creation for two sample coding projects - both with offensive/defensive capabilities, tools that attendees would be able to use back on the job. And, with inspiration, go out and create their own tools!","updated_timestamp":{"seconds":1721781457,"nanoseconds":0},"speakers":[{"content_ids":[55339,55357],"conference_id":133,"event_ids":[55731,55749],"name":"Mike Holcomb","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Fluor","title":"Fellow of Cybersecurity and ICS/OT Cybersecurity Global Lead"}],"links":[],"pronouns":null,"media":[],"id":55961,"title":"Fellow of Cybersecurity and ICS/OT Cybersecurity Global Lead at Fluor"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T00:37:37Z","links":[],"end":"2024-08-09T17:50:00.000-0000","id":55731,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55961}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-24T00:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The session will provide an overview of the current themes and topics being explored by US and International policymakers. It will help provide clarity into the landscape of cyber public policy, highlighting the need for governments around the world to align on policy development and intervention. It will help establish a baseline of knowledge on what's happening in global cyber policy for those wanting to get up to speed, and will help set the scene for many of the policy discussions to come throughout DEF CON.\n\n\n","media":[],"title":"US and International Public Cyber Policy 101","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:45:00Z","end_timestamp":{"seconds":1723229100,"nanoseconds":0},"android_description":"The session will provide an overview of the current themes and topics being explored by US and International policymakers. It will help provide clarity into the landscape of cyber public policy, highlighting the need for governments around the world to align on policy development and intervention. It will help establish a baseline of knowledge on what's happening in global cyber policy for those wanting to get up to speed, and will help set the scene for many of the policy discussions to come throughout DEF CON.","updated_timestamp":{"seconds":1722279963,"nanoseconds":0},"speakers":[{"content_ids":[55329],"conference_id":133,"event_ids":[55721],"name":"Adam Dobell","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55917},{"content_ids":[55329],"conference_id":133,"event_ids":[55721],"name":"Harley Geiger","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Venable","title":""}],"links":[],"pronouns":null,"media":[],"id":55927,"title":"Venable"},{"content_ids":[55715,55329],"conference_id":133,"event_ids":[55721,56233],"name":"Cassie Crossley","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Schneider Electric","title":"Vice President, Supply Chain Security, Cybersecurity & Product Security Office"}],"links":[],"pronouns":null,"media":[],"id":56107,"title":"Vice President, Supply Chain Security, Cybersecurity & Product Security Office at Schneider Electric"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-29T19:06:03Z","links":[],"end":"2024-08-09T18:45:00.000-0000","id":55721,"tag_ids":[46388,46419,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55927},{"tag_id":46167,"sort_order":4,"person_id":55917},{"tag_id":46167,"sort_order":6,"person_id":56107}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-29T19:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cybersecurity threats are increasingly sophisticated and pervasive. This talk provides a overview of the current threat landscape, highlighting key trends like ransomware, state-sponsored attacks, and supply chain threats. We will explore how law enforcement combats cybercrime through innovative investigation techniques, international collaboration and evolving legal frameworks. Gain actionable insights to strengthen your cybersecurity posture and understand the critical role of law enforcement in maintaining digital security.\n\n\n","media":[],"title":"BIC Village Keynote: Cyber Threat Landscape And Law Enforcement","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"Cybersecurity threats are increasingly sophisticated and pervasive. This talk provides a overview of the current threat landscape, highlighting key trends like ransomware, state-sponsored attacks, and supply chain threats. We will explore how law enforcement combats cybercrime through innovative investigation techniques, international collaboration and evolving legal frameworks. Gain actionable insights to strengthen your cybersecurity posture and understand the critical role of law enforcement in maintaining digital security.","updated_timestamp":{"seconds":1721495141,"nanoseconds":0},"speakers":[{"content_ids":[55191],"conference_id":133,"event_ids":[55581],"name":"Kevin Parker","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Blacksuit Consulting","title":"Cybersecurity and Privacy Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/blacksuit/"},{"description":"","title":"Website","sort_order":0,"url":"https://blacksuitconsulting.com"}],"media":[],"id":55797,"title":"Cybersecurity and Privacy Researcher at Blacksuit Consulting"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T17:05:41Z","links":[],"end":"2024-08-09T18:00:00.000-0000","id":55581,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55797}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-20T17:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Get a deep-dive into the more complex and powerful parts of Caido by its creators. We will cover various topics ranging from:\r\n- Using HttpQL at its full potential\r\n- Creating complex workflows and leveraging them in your day-to-day\r\n- Using the Caido GraphQL API to extend the tool\r\n- Building frontend plugins\r\n- And more!\r\n\r\nWe will also be there to answer all your complex technical questions.\r\n\r\nPre-Requisites:\r\n- Install Caido if you want to follow along.\n\n\n","media":[],"title":"Caido Internals Deep-Dive","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"Get a deep-dive into the more complex and powerful parts of Caido by its creators. We will cover various topics ranging from:\r\n- Using HttpQL at its full potential\r\n- Creating complex workflows and leveraging them in your day-to-day\r\n- Using the Caido GraphQL API to extend the tool\r\n- Building frontend plugins\r\n- And more!\r\n\r\nWe will also be there to answer all your complex technical questions.\r\n\r\nPre-Requisites:\r\n- Install Caido if you want to follow along.","updated_timestamp":{"seconds":1721437997,"nanoseconds":0},"speakers":[{"content_ids":[55174],"conference_id":133,"event_ids":[55562],"name":"Emile Fugulin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Caido","title":""}],"pronouns":null,"links":[{"description":"","title":"@TheSytten","sort_order":0,"url":"https://twitter.com/TheSytten"}],"media":[],"id":54814,"title":"Caido"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T01:13:17Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#caido-internals-deep-dive"}],"end":"2024-08-09T18:00:00.000-0000","id":55562,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54814}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-20T01:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Resume Reviews offer attendees the opportunity to have their resumes critiqued by industry professionals. This activity provides personalized feedback and tips on how to improve resumes to stand out in the cybersecurity job market. It's a great way for participants to enhance their professional profiles and increase their chances of landing their desired roles.\n\n\n","media":[],"title":"Resume Reviews","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Resume Reviews offer attendees the opportunity to have their resumes critiqued by industry professionals. This activity provides personalized feedback and tips on how to improve resumes to stand out in the cybersecurity job market. It's a great way for participants to enhance their professional profiles and increase their chances of landing their desired roles.","updated_timestamp":{"seconds":1721487270,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T14:54:30Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":55411,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Lonely Hackers Club Community Room Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1721276328,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-18T04:18:48Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55408,"tag_ids":[46406,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-18T04:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Unofficial Sticker Swap is a casual and engaging activity where attendees can trade and collect unique stickers. This event fosters a sense of community and allows participants to showcase their creativity and personal style. \n\n\n","media":[],"title":"LHC's Unofficial Sticker Swap Table","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The Unofficial Sticker Swap is a casual and engaging activity where attendees can trade and collect unique stickers. This event fosters a sense of community and allows participants to showcase their creativity and personal style.","updated_timestamp":{"seconds":1721487294,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T14:54:54Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55405,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Keyboard Corner hosts typing challenges that test the speed and accuracy of attendees' typing skills on various keyboards. Participants can compete for high scores and bragging rights in a friendly and competitive setting. This activity adds an element of fun and excitement to the conference while highlighting the importance of efficient typing in cybersecurity.\n\n\n","media":[],"title":"Egor's Keyboard Corner","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Keyboard Corner hosts typing challenges that test the speed and accuracy of attendees' typing skills on various keyboards. Participants can compete for high scores and bragging rights in a friendly and competitive setting. This activity adds an element of fun and excitement to the conference while highlighting the importance of efficient typing in cybersecurity.","updated_timestamp":{"seconds":1721487260,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T14:54:20Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55402,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We reopen at 10:00am and accept drives until we reach capacity (usually late Friday or early Saturday).  Then we copy and copy all the things until we just can't copy any more - first come, first served.  Don't forget - some require 8TB drives now. We run around the clock until we run out of time on Sunday morning with the last possible pickup being before 11:00am on Sunday.\r\n\r\n# About Us\r\n\r\nThe Data Duplication Village has all the updated bits and bytes available from infocon.org packed up into nice, neat packages. If you're looking for a copy of all the things, we've got what you need to fill up all your storage including a few nice hash tables and all of the DefCon talks. Add to that just about every other security con talk known to hacker-kind! Our village provides a \"free-to-you\" service of direct access to terabytes of useful data to help build those hacking skills and talk with other storage enthusiasts.\r\n\r\nCheck the schedule and/or dcddv.org for the most up-to-date information.\r\n\r\n## How It Works\r\n\r\nThe DDV provides a core set of drive duplicators and data content options. We accept 8TB and larger drives on a first come, first served basis and duplicate 'till we can no longer see straight. Bring in your blank SATA3 drives - check them in early - to get the data you want. Come back in about 24 hours to pick up your data-packed drive. Space allowing, we'll accept drives all the way through until Saturday morning - but remember, it's FIFO - get those drives in early!\r\n\r\n## What You Get\r\n\r\nWe're working on more content right up until the last minute so keep checking on dcddv.org for the latest. This year, we're adding new data to duplicate! Humans will be able to choose from the following data sources for duplication:\r\n\r\n- A) Infocon.org Archive - 6TB archive of all the past hacking convention videos that DT could find, built on last years collection and always adding more for your data consuming appetite.\r\n- B) Rainbow tables 1 of 3 - 6TB from freerainbowtables.com, the Lanman, MSQLSHA1, and NTLM hash tables plus freerainbowtables.com tools\r\n- C) Rainbow tables 2 of 3 - 6TB from freerainbowtables.com, the A5/1 GSM, and MD5 tables plus freerainbowtables.com tools\r\n- D) Vx Underground Archive - 8TB archive of the latest papers, samples, and code from Vx Underground\r\n- E) Rainbow tables 3 of 3 - 8TB of New NTLM-9 hash tables and a copy of the Infocon.org mirrors\r\n\n\n\n","media":[],"title":"DDV open and accepting drives for duplication","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"We reopen at 10:00am and accept drives until we reach capacity (usually late Friday or early Saturday).  Then we copy and copy all the things until we just can't copy any more - first come, first served.  Don't forget - some require 8TB drives now. We run around the clock until we run out of time on Sunday morning with the last possible pickup being before 11:00am on Sunday.\r\n\r\n# About Us\r\n\r\nThe Data Duplication Village has all the updated bits and bytes available from infocon.org packed up into nice, neat packages. If you're looking for a copy of all the things, we've got what you need to fill up all your storage including a few nice hash tables and all of the DefCon talks. Add to that just about every other security con talk known to hacker-kind! Our village provides a \"free-to-you\" service of direct access to terabytes of useful data to help build those hacking skills and talk with other storage enthusiasts.\r\n\r\nCheck the schedule and/or dcddv.org for the most up-to-date information.\r\n\r\n## How It Works\r\n\r\nThe DDV provides a core set of drive duplicators and data content options. We accept 8TB and larger drives on a first come, first served basis and duplicate 'till we can no longer see straight. Bring in your blank SATA3 drives - check them in early - to get the data you want. Come back in about 24 hours to pick up your data-packed drive. Space allowing, we'll accept drives all the way through until Saturday morning - but remember, it's FIFO - get those drives in early!\r\n\r\n## What You Get\r\n\r\nWe're working on more content right up until the last minute so keep checking on dcddv.org for the latest. This year, we're adding new data to duplicate! Humans will be able to choose from the following data sources for duplication:\r\n\r\n- A) Infocon.org Archive - 6TB archive of all the past hacking convention videos that DT could find, built on last years collection and always adding more for your data consuming appetite.\r\n- B) Rainbow tables 1 of 3 - 6TB from freerainbowtables.com, the Lanman, MSQLSHA1, and NTLM hash tables plus freerainbowtables.com tools\r\n- C) Rainbow tables 2 of 3 - 6TB from freerainbowtables.com, the A5/1 GSM, and MD5 tables plus freerainbowtables.com tools\r\n- D) Vx Underground Archive - 8TB archive of the latest papers, samples, and code from Vx Underground\r\n- E) Rainbow tables 3 of 3 - 8TB of New NTLM-9 hash tables and a copy of the Infocon.org mirrors","updated_timestamp":{"seconds":1722478167,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T02:09:27Z","links":[{"label":"More Info","type":"link","url":"https://dcddv.org"}],"end":"2024-08-10T00:00:00.000-0000","id":55187,"tag_ids":[46378,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W225","hotel":"","short_name":"W225","id":46291},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T02:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk covers how to approach vulnerability research against Meta Quest headsets and VR applications.\n\nWe explore how to approach discovering bugs in the Meta Quest through the third-party app attack surface. This emulates what potentially malicious apps could achieve once installed and the unique attacks available in comparison to general mobile malware. This research culminates in a demonstration of triggering a novel vulnerability discovered in the OpenXR client implementation of the Quest.\n\nBeyond this, we cover the unique remote attack surface exposed via the Horizons and first-party social app of the Quest - in particular we focus on attacking the rendering of user avatars. These bugs are possible to be triggered whenever within the same virtual space as a malicious user and represent a new attack surface not previously available. This research culminates in triggering a novel vulnerability in libovravatar2p.so which allows remote memory corruption and represents the building blocks for RCE across the metaverse.\n\n\n","media":[],"title":"Pwning through the Metaverse - Quest Headset Vulnerability Research","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"This talk covers how to approach vulnerability research against Meta Quest headsets and VR applications.\n\nWe explore how to approach discovering bugs in the Meta Quest through the third-party app attack surface. This emulates what potentially malicious apps could achieve once installed and the unique attacks available in comparison to general mobile malware. This research culminates in a demonstration of triggering a novel vulnerability discovered in the OpenXR client implementation of the Quest.\n\nBeyond this, we cover the unique remote attack surface exposed via the Horizons and first-party social app of the Quest - in particular we focus on attacking the rendering of user avatars. These bugs are possible to be triggered whenever within the same virtual space as a malicious user and represent a new attack surface not previously available. This research culminates in triggering a novel vulnerability in libovravatar2p.so which allows remote memory corruption and represents the building blocks for RCE across the metaverse.","updated_timestamp":{"seconds":1720331869,"nanoseconds":0},"speakers":[{"content_ids":[54548],"conference_id":133,"event_ids":[54923],"name":"Luke McLaren","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Signal 11 Research Ltd","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":54268,"title":"Founder at Signal 11 Research Ltd"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:49Z","links":[],"end":"2024-08-09T18:00:00.000-0000","id":54923,"tag_ids":[46397,46419,46437,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54268}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The talk \"Practical Exploitation of DoS in Bug Bounty\" explains methods for identifying and exploiting Denial of Service (DoS) vulnerabilities in bug bounty programs. Starting with an overview of DoS attacks and their impact, we will highlight how these attacks disrupt services by overwhelming resources or exploiting flaws. The talk covers various DoS attack types, including N+1 errors, in-depth GraphQL crashing, and Cache Poisoning, with real-world examples demonstrating their effects.\n\nWe will then detail practical techniques for discovering DoS vulnerabilities. This includes automated scanning tools, manual testing methods, and understanding the target system's architecture.\n\nN+1 errors occur when an application makes redundant database queries, significantly impacting performance. Attackers can exploit this by triggering numerous unnecessary queries, causing severe slowdowns or crashes. GraphQL, a query language for APIs, can be vulnerable to complex queries that consume excessive resources, leading to server crashes. We will show how to craft such queries and the resulting impact. Cache Poisoning involves manipulating cached data to serve malicious or incorrect content, which can disrupt services or degrade performance. We will explore techniques to poison caches and demonstrate the potential consequences.\n\nAdditionally, the talk emphasizes the importance of responsibly reporting discovered vulnerabilities to bug bounty programs. Best practices are shared for effectively communicating findings and ensuring timely mitigation. Of course, there are some fails during this path, and those are going to be covered too.\n\nThe session wraps up by stressing the need for continuous learning and staying updated on the latest trends in DoS attack vectors and mitigation strategies\n\n\n","media":[],"title":"Practical Exploitation of DoS in Bug Bounty","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"The talk \"Practical Exploitation of DoS in Bug Bounty\" explains methods for identifying and exploiting Denial of Service (DoS) vulnerabilities in bug bounty programs. Starting with an overview of DoS attacks and their impact, we will highlight how these attacks disrupt services by overwhelming resources or exploiting flaws. The talk covers various DoS attack types, including N+1 errors, in-depth GraphQL crashing, and Cache Poisoning, with real-world examples demonstrating their effects.\n\nWe will then detail practical techniques for discovering DoS vulnerabilities. This includes automated scanning tools, manual testing methods, and understanding the target system's architecture.\n\nN+1 errors occur when an application makes redundant database queries, significantly impacting performance. Attackers can exploit this by triggering numerous unnecessary queries, causing severe slowdowns or crashes. GraphQL, a query language for APIs, can be vulnerable to complex queries that consume excessive resources, leading to server crashes. We will show how to craft such queries and the resulting impact. Cache Poisoning involves manipulating cached data to serve malicious or incorrect content, which can disrupt services or degrade performance. We will explore techniques to poison caches and demonstrate the potential consequences.\n\nAdditionally, the talk emphasizes the importance of responsibly reporting discovered vulnerabilities to bug bounty programs. Best practices are shared for effectively communicating findings and ensuring timely mitigation. Of course, there are some fails during this path, and those are going to be covered too.\n\nThe session wraps up by stressing the need for continuous learning and staying updated on the latest trends in DoS attack vectors and mitigation strategies","updated_timestamp":{"seconds":1720331869,"nanoseconds":0},"speakers":[{"content_ids":[54547,55172],"conference_id":133,"event_ids":[55560,54922],"name":"Roni \"Lupin\" Carta","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Lupin & Holmes","title":"Co-Founder"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@0xlupin)","sort_order":0,"url":"https://twitter.com/0xlupin"}],"media":[],"id":54285,"title":"Co-Founder at Lupin & Holmes"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:49Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#practical-exploitation-of-dos-in-bug-bounty"}],"end":"2024-08-09T18:00:00.000-0000","id":54922,"tag_ids":[46374,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54285}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"With all the various threat model frameworks available, STRIDE, Trike, PASTA, VAST, etc., does the world need another one?\r\n\r\nThat was the question that shaped the creation of EMB3D, a threat model framework built around embedded systems (specifically in critical infrastructure) that addresses all phases of a threat to them: from the theorical/academic, proof of concept and exploit, to observed adversarial behavior.\r\n\r\nBut the goal was greater than just the threat framework, it was to bring a common language to the global community to discuss weaknesses and threats while striving to bring transparency to what are considered “black box” electronic systems.\r\n\r\nIn this presentation, we take you on the journey of how we went from venting about needing more transparency and accountability in the OT/ICS space to developing a new global threat model for embedded systems.\n\n\n","media":[],"title":"Does the World Need Another Threat Model, the Road to EMB3D","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:30:00Z","end_timestamp":{"seconds":1723224600,"nanoseconds":0},"android_description":"With all the various threat model frameworks available, STRIDE, Trike, PASTA, VAST, etc., does the world need another one?\r\n\r\nThat was the question that shaped the creation of EMB3D, a threat model framework built around embedded systems (specifically in critical infrastructure) that addresses all phases of a threat to them: from the theorical/academic, proof of concept and exploit, to observed adversarial behavior.\r\n\r\nBut the goal was greater than just the threat framework, it was to bring a common language to the global community to discuss weaknesses and threats while striving to bring transparency to what are considered “black box” electronic systems.\r\n\r\nIn this presentation, we take you on the journey of how we went from venting about needing more transparency and accountability in the OT/ICS space to developing a new global threat model for embedded systems.","updated_timestamp":{"seconds":1720393535,"nanoseconds":0},"speakers":[{"content_ids":[54546],"conference_id":133,"event_ids":[54921],"name":"Niyo Little Thunder Pearson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54308},{"content_ids":[54546],"conference_id":133,"event_ids":[54921],"name":"Jack Cyprus","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56025},{"content_ids":[54546],"conference_id":133,"event_ids":[54921],"name":"Wyatt Ford","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Red Balloon Security","title":"Senior Software Engineer and Engineering Manager"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@whyitfor)","sort_order":0,"url":"https://twitter.com/whyitfor"}],"media":[],"id":56026,"title":"Senior Software Engineer and Engineering Manager at Red Balloon Security"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T23:05:35Z","links":[],"end":"2024-08-09T17:30:00.000-0000","id":54921,"tag_ids":[46382,46419,46438,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54308},{"tag_id":46167,"sort_order":4,"person_id":56025},{"tag_id":46167,"sort_order":6,"person_id":56026}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-07T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Differential privacy (DP) has been hailed as the gold standard of privacy-preserving data analysis, by providing strong privacy guarantees while still enabling use of potentially sensitive data. Formally, DP gives a mathematically rigorous worst-case bound on the maximum amount of information that can be learned about an individual's data from the output of a computation. In the past two decades, the privacy community has developed DP algorithms that satisfy this privacy guarantee and allow for accurate data analysis for a wide variety of computational problems and application domains. We have also begun to see a number of high-profile deployments of DP systems in practice, both at large technology companies and government entities. Despite the promise and success of DP thus far, there are a number of critical challenges left to be addressed before DP can be easily deployed in practice, including: mapping the mathematical privacy guarantees onto protection against real-world threats, developing explanations of its guarantees and tradeoffs for non-technical users, integration with other privacy & security tools, preventing misuse, and more.\n\n\n","media":[],"title":"Differential privacy beyond algorithms: Challenges for successful deployment","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"Differential privacy (DP) has been hailed as the gold standard of privacy-preserving data analysis, by providing strong privacy guarantees while still enabling use of potentially sensitive data. Formally, DP gives a mathematically rigorous worst-case bound on the maximum amount of information that can be learned about an individual's data from the output of a computation. In the past two decades, the privacy community has developed DP algorithms that satisfy this privacy guarantee and allow for accurate data analysis for a wide variety of computational problems and application domains. We have also begun to see a number of high-profile deployments of DP systems in practice, both at large technology companies and government entities. Despite the promise and success of DP thus far, there are a number of critical challenges left to be addressed before DP can be easily deployed in practice, including: mapping the mathematical privacy guarantees onto protection against real-world threats, developing explanations of its guarantees and tradeoffs for non-technical users, integration with other privacy & security tools, preventing misuse, and more.","updated_timestamp":{"seconds":1720331869,"nanoseconds":0},"speakers":[{"content_ids":[54545,56160],"conference_id":133,"event_ids":[56804,54920],"name":"Rachel Cummings","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Columbia University","title":"Associate Professor of Industrial Engineering and Operations Research"}],"links":[],"pronouns":null,"media":[],"id":54353,"title":"Associate Professor of Industrial Engineering and Operations Research at Columbia University"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:49Z","links":[],"end":"2024-08-09T18:00:00.000-0000","id":54920,"tag_ids":[46377,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54353}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Holding upwards of $400,000, ATMs continue to be a target of opportunity and have seen over a 600% increase in crime in just the last few years. During this time, I led security research with another colleague into the enterprise ATM industry resulting in the discovery of 6 zero-day vulnerabilities affecting Diebold Nixdorf’s Vynamic Security Suite (VSS), the most prolific ATM security solution in the market. 10 minutes or less is all that a malicious actor would need to gain full control of any system running VSS via offline code injection and decryption of the primary Windows OS. Diebold Nixdorf is one of three major North American enterprise class ATM manufacturers with a global presence in the financial, casino/gaming, and point-of-sale markets. Similar attack surfaces are currently being used in the wild and impact millions of systems across the globe. Furthermore, VSS is known to be present throughout the US gaming industry, including most of the ATM/cash-out systems across Vegas.\r\n\r\nIn this session, I will publicly disclose this research, review the discovery process, and dive into the technical intricacies of each vulnerability. The Full Disk Encryption module of VSS conducts a complex integrity validation process to ensure a trusted system state, performed as a layered approach during system initialization. Examination of the workflow will highlight various deficiencies that I will demonstrate through PoC exploitation.\r\n\r\nEach vulnerability presented in this session has been observed to have a recursive impact across all major versions of VSS and represents a systemic ongoing risk. We will explore the root-cause, vendor remediation steps, and short-comings thereof – perpetuating the attack narrative. In conclusion, proper mitigation techniques and procedures will be covered, providing valuable insights into defending against potential compromise.\r\n\r\n* Vynamic Security Suite - Vynamic Security Hard Disk Encryption Secure Sensitive Consumer Data: [link](https://www.dieboldnixdorf.com/-/media/diebold/files/banking/software/dn_product-card_vynamic-security-hard-disk-encryption.pdf)\r\n* SEC Consult - Manipulation of pre-boot authentication in CryptWare CryptoPro Secure Disk for Bitlocker: [link](https://sec-consult.com/vulnerability-lab/advisory/manipulation-of-pre-boot-authentication/)\r\n* Diebold Nixdorf - EULA for Vynamic Security Suite 3.0: [link](https://dnlegalterms.com/wp-content/uploads/2020/03/2020026_Diebold_Nixdorf_EULA_for_VYNAMIC_SECURITY_3_0_December_19_2018_022249.pdf)\r\n* Diebold Nixdorf - Product Legal Terms Website: [link](https://dnlegalterms.com/products/)\r\n* CryptWare Website: [link](https://cryptware-it-security.de/)\r\n* Secure Disk for BitLocker Website: [link](https://secure-disk-for-bitlocker.com/about/)\r\n* CPSD Website: [link](https://www.cpsd.at/)\r\n* O'Reilly - Essential System Administration, 3rd Edition by Æleen Frisch: [link](https://www.oreilly.com/library/view/essential-system-administration/0596003439/ch04s02.html)\r\n* Flowblok's Blog - Shell Startup Scripts: [link](https://blog.flowblok.id.au/2013-02/shell-startup-scripts.html)\r\n* Red Hat Customer Portal - Enhancing Security with the Kernel Integrity Subsystem: [link](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/managing_monitoring_and_updating_the_kernel/enhancing-security-with-the-kernel-integrity-subsystem_managing-monitoring-and-updating-the-kernel?extIdCarryOver=true&sc_cid=701f2000001OH7EAAW)\r\n* OpenSUSE Wiki - SDB:Ima evm: [link](https://en.opensuse.org/SDB:Ima_evm)\r\n* ATMIA - ATM Operator Training: [link](https://www.atmia.com/training/atm-operators/)\r\n* 3SI Systems - Stop Criminals from Cashing in at the ATM: [link](https://www.atmia.com/files/whitepapers/2024-atm-crime-trends.pdf)\r\n* Diebold Nixdorf - Vynamic Security Intrusion Protection Product Card: [link](https://www.dieboldnixdorf.com/-/media/diebold/files/banking/software/vynamic-security-intrusion-protectionproduct-card.pdf)\r\n* Diebold Nixdorf - DN Product Card - Vynamic Security Hard Disk Encryption: [link](https://www.dieboldnixdorf.com/-/media/diebold/files/banking/software/dn_product-card_vynamic-security-harddisk-encryption.pdf)\r\n* Everi - Everi to Showcase \"Digital Neighborhood\" Connecting Guest Loyalty, Cash Access Experiences, and Casino Solutions Made Possible by Industry-Leading Financial Technology Portfolio at 2019 Global Gaming Expo: [link](https://s1.q4cdn.com/401000259/files/doc_news/Everi-to-Showcase-Digital-Neighborhood-Connecting-Guest-Loyalty-Cash-Access-Experiences-and-Casino-Solutions-Made-Possible-by-Industr-SW9PO.pdf)\r\n* GlobeNewswire - NRT Accelerates Growth through Acquisition of Casino ATM Portfolio: [link](https://finance.yahoo.com/news/nrt-accelerates-growth-acquisition-casino-160700070.html)\r\n* Northox - How does the TPM perform integrity measurements on a system?: [link](https://security.stackexchange.com/questions/39329/how-does-the-tpm-perform-integrity-measurementson-a-system)\r\n\r\n\r\n\r\n\n\n\n","media":[],"title":"Where’s the Money: Defeating ATM Disk Encryption","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T17:45:00Z","end_timestamp":{"seconds":1723225500,"nanoseconds":0},"android_description":"Holding upwards of $400,000, ATMs continue to be a target of opportunity and have seen over a 600% increase in crime in just the last few years. During this time, I led security research with another colleague into the enterprise ATM industry resulting in the discovery of 6 zero-day vulnerabilities affecting Diebold Nixdorf’s Vynamic Security Suite (VSS), the most prolific ATM security solution in the market. 10 minutes or less is all that a malicious actor would need to gain full control of any system running VSS via offline code injection and decryption of the primary Windows OS. Diebold Nixdorf is one of three major North American enterprise class ATM manufacturers with a global presence in the financial, casino/gaming, and point-of-sale markets. Similar attack surfaces are currently being used in the wild and impact millions of systems across the globe. Furthermore, VSS is known to be present throughout the US gaming industry, including most of the ATM/cash-out systems across Vegas.\r\n\r\nIn this session, I will publicly disclose this research, review the discovery process, and dive into the technical intricacies of each vulnerability. The Full Disk Encryption module of VSS conducts a complex integrity validation process to ensure a trusted system state, performed as a layered approach during system initialization. Examination of the workflow will highlight various deficiencies that I will demonstrate through PoC exploitation.\r\n\r\nEach vulnerability presented in this session has been observed to have a recursive impact across all major versions of VSS and represents a systemic ongoing risk. We will explore the root-cause, vendor remediation steps, and short-comings thereof – perpetuating the attack narrative. In conclusion, proper mitigation techniques and procedures will be covered, providing valuable insights into defending against potential compromise.\r\n\r\n* Vynamic Security Suite - Vynamic Security Hard Disk Encryption Secure Sensitive Consumer Data: [link](https://www.dieboldnixdorf.com/-/media/diebold/files/banking/software/dn_product-card_vynamic-security-hard-disk-encryption.pdf)\r\n* SEC Consult - Manipulation of pre-boot authentication in CryptWare CryptoPro Secure Disk for Bitlocker: [link](https://sec-consult.com/vulnerability-lab/advisory/manipulation-of-pre-boot-authentication/)\r\n* Diebold Nixdorf - EULA for Vynamic Security Suite 3.0: [link](https://dnlegalterms.com/wp-content/uploads/2020/03/2020026_Diebold_Nixdorf_EULA_for_VYNAMIC_SECURITY_3_0_December_19_2018_022249.pdf)\r\n* Diebold Nixdorf - Product Legal Terms Website: [link](https://dnlegalterms.com/products/)\r\n* CryptWare Website: [link](https://cryptware-it-security.de/)\r\n* Secure Disk for BitLocker Website: [link](https://secure-disk-for-bitlocker.com/about/)\r\n* CPSD Website: [link](https://www.cpsd.at/)\r\n* O'Reilly - Essential System Administration, 3rd Edition by Æleen Frisch: [link](https://www.oreilly.com/library/view/essential-system-administration/0596003439/ch04s02.html)\r\n* Flowblok's Blog - Shell Startup Scripts: [link](https://blog.flowblok.id.au/2013-02/shell-startup-scripts.html)\r\n* Red Hat Customer Portal - Enhancing Security with the Kernel Integrity Subsystem: [link](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/managing_monitoring_and_updating_the_kernel/enhancing-security-with-the-kernel-integrity-subsystem_managing-monitoring-and-updating-the-kernel?extIdCarryOver=true&sc_cid=701f2000001OH7EAAW)\r\n* OpenSUSE Wiki - SDB:Ima evm: [link](https://en.opensuse.org/SDB:Ima_evm)\r\n* ATMIA - ATM Operator Training: [link](https://www.atmia.com/training/atm-operators/)\r\n* 3SI Systems - Stop Criminals from Cashing in at the ATM: [link](https://www.atmia.com/files/whitepapers/2024-atm-crime-trends.pdf)\r\n* Diebold Nixdorf - Vynamic Security Intrusion Protection Product Card: [link](https://www.dieboldnixdorf.com/-/media/diebold/files/banking/software/vynamic-security-intrusion-protectionproduct-card.pdf)\r\n* Diebold Nixdorf - DN Product Card - Vynamic Security Hard Disk Encryption: [link](https://www.dieboldnixdorf.com/-/media/diebold/files/banking/software/dn_product-card_vynamic-security-harddisk-encryption.pdf)\r\n* Everi - Everi to Showcase \"Digital Neighborhood\" Connecting Guest Loyalty, Cash Access Experiences, and Casino Solutions Made Possible by Industry-Leading Financial Technology Portfolio at 2019 Global Gaming Expo: [link](https://s1.q4cdn.com/401000259/files/doc_news/Everi-to-Showcase-Digital-Neighborhood-Connecting-Guest-Loyalty-Cash-Access-Experiences-and-Casino-Solutions-Made-Possible-by-Industr-SW9PO.pdf)\r\n* GlobeNewswire - NRT Accelerates Growth through Acquisition of Casino ATM Portfolio: [link](https://finance.yahoo.com/news/nrt-accelerates-growth-acquisition-casino-160700070.html)\r\n* Northox - How does the TPM perform integrity measurements on a system?: [link](https://security.stackexchange.com/questions/39329/how-does-the-tpm-perform-integrity-measurementson-a-system)","updated_timestamp":{"seconds":1720740822,"nanoseconds":0},"speakers":[{"content_ids":[54580,54437],"conference_id":133,"event_ids":[54810,54955],"name":"Matt Burch","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Independent Vulnerability Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@emptynebuli)","sort_order":0,"url":"https://twitter.com/emptynebuli"}],"media":[],"id":54049,"title":"Independent Vulnerability Researcher"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-11T23:33:42Z","links":[],"end":"2024-08-09T17:45:00.000-0000","id":54810,"tag_ids":[46166,46419,46437,46880],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54049}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-11T23:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Welcome to DEF CON","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T17:20:00Z","end_timestamp":{"seconds":1723224000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1720307458,"nanoseconds":0},"speakers":[{"content_ids":[54523,54446,54436,54542,54574],"conference_id":133,"event_ids":[54809,54819,54896,54949,54915],"name":"Jeff \"The Dark Tangent\" Moss","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DEF CON Communications","title":""}],"pronouns":null,"links":[{"description":"","title":"Mastodon (@thedarktangent@defcon.social)","sort_order":0,"url":"https://defcon.social/@thedarktangent"},{"description":"","title":"Twitter (@thedarktangent)","sort_order":0,"url":"https://twitter.com/thedarktangent"}],"media":[{"hash_sha256":"f53ed4086958b3703d597c50fe74eef1800cf474aa3d17c0895bf89d6c05716f","filetype":"image/jpeg","hash_md5":"8104a1f4b82a4241208b7f6b9112ebf2","name":"thedarktangent_avatar.jpeg","hash_crc32c":"4ae7af86","asset_id":689,"filesize":2064,"sort_order":1,"url":"https://info.defcon.org/blobs/thedarktangent_avatar.jpeg","person_id":52629}],"id":52629,"title":"DEF CON Communications"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:58Z","links":[],"end":"2024-08-09T17:20:00.000-0000","id":54809,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":52629}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In recent years, CCTV footage has been integrated in systems to observe areas and detect traversing malicious actors (e.g., criminals, terrorists). However, this footage has \"blind spots\", areas where objects are detected with lower confidence due to their angle/distance from the camera.\r\n\r\nIn this talk, we investigate a novel side effect of object detection in CCTV footage; location-based confidence weakness.\r\n\r\nWe demonstrate that a pedestrian's position (distance, angle, height) in footage impacts an object detector's confidence.\r\n\r\nWe analyze this phenomenon in four lighting conditions (lab, morning, afternoon, night) using five object detectors (YOLOv3, Faster R-CNN, SSD, DiffusionDet, RTMDet).\r\n\r\nWe then demonstrate this in footage of pedestrian traffic from three locations (Broadway, Shibuya Crossing, Castro Street), showing they contain \"blind spots\" where pedestrians are detected with low confidence. This persists across various locations, object detectors, and times of day. A malicious actor could take advantage of this to avoid detection.\r\n\r\nWe propose TipToe, a novel evasion attack leveraging \"blind spots\" to construct a minimum confidence path between two points in a CCTV-recorded area.\r\nWe demonstrate its performance on footage of Broadway, Shibuya Crossing, and Castro Street, observed by YOLOv3, Faster R-CNN, SSD, DiffusionDet, and RTMDet.\r\n\r\nTipToe reduces max/average confidence by 0.10 and 0.16, respectively, on paths in Shibuya Crossing observed by YOLOv3, with similar performance for other locations and object detectors.\r\n\r\n1. Artificial intelligence in medicine: A comprehensive survey of medical doctor’s perspectives in Portugal [link](https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10484446/), (Accessed 09-10-2023).\r\n2. The impact of artificial intelligence along the insurance value chain and on the insurability of risks - The Geneva Papers on Risk and Insurance - Issues and Practice [link](https://link.springer.com/article/10.1057/s41288-020-00201-7#citeas), (Accessed 09-10-2023).\r\n3. R. Chopra and G. D. Sharma, “Application of artificial intelligence in stock market forecasting: A critique, review, and research agenda,” Journal of Risk and Financial Management, vol. 14, no. 11, 2021.[link](https://www.mdpi.com/1911-8074/14/11/526)\r\n4. [B. B. Elallid, N. Benamar, A. S. Hafid, T. Rachidi, and N. Mrani, “A comprehensive survey on the application of deep and reinforcement learning approaches in autonomous driving,” Journal of King Saud University - Computer and Information Sciences, vol. 34, no. 9, pp. 7366–7390, 2022. (Online). Available: [link](https://www.sciencedirect.com/science/article/pii/S1319157822000970)\r\n5. I. J. Goodfellow, J. Pouget-Abadie, M. Mirza, B. Xu, D. Warde-Farley, S. Ozair, A. Courville, and Y. Bengio, “Generative adversarial networks,” 2014.\r\n6. I. J. Goodfellow, J. Shlens, and C. Szegedy, “Explaining and harnessing adversarial examples,” 2015.\r\n7. A. Kurakin, I. Goodfellow, and S. Bengio, “Adversarial examples in the physical world,” 2017.\r\n8. A. Chakraborty, M. Alam, V. Dey, A. Chattopadhyay, and D. Mukhopadhyay, “Adversarial attacks and defences: A survey,” 2018.\r\n9. A. Athalye, L. Engstrom, A. Ilyas, and K. Kwok, “Synthesizing robust adversarial examples,” 2018.\r\n10. M. Sharif, S. Bhagavatula, L. Bauer, and M. K. Reiter, “Accessorize to a crime: Real and stealthy attacks on state-of-the-art face recognition,” in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’16. New York, NY, USA: Association for Computing Machinery, 2016, p. 1528–1540. (Online). Available: [link](https://doi.org/10.1145/2976749.2978392)\r\n11. Z. Zhou, D. Tang, X. Wang, W. Han, X. Liu, and K. Zhang, “Invisible mask: Practical attacks on face recognition with infrared,” 2018.\r\n12. S. Komkov and A. Petiushko, “AdvHat: Real-world adversarial attack on ArcFace face ID system,” in 2020 25th International Conference on Pattern Recognition (ICPR). IEEE, jan 2021. (Online). Available: [link](https://doi.org/10.1109%2Ficpr48806.2021.9412236)\r\n13. B. Yin, W. Wang, T. Yao, J. Guo, Z. Kong, S. Ding, J. Li, and C. Liu, “Adv-makeup: A new imperceptible and transferable attack on face recognition,” in Proceedings of the Thirtieth International Joint Conference on Artificial Intelligence, IJCAI-21, Z.- H. Zhou, Ed. International Joint Conferences on Artificial Intelligence Organization, 8 2021, pp. 1252–1258, main Track. (Online). Available: [link](https://doi.org/10.24963/ijcai.2021/173)\r\n14. A. Zolfi, S. Avidan, Y. Elovici, and A. Shabtai, “Adversarial mask: Real-world universal adversarial attack on face recognition model,” 2022.\r\n15. C. Sitawarin, A. N. Bhagoji, A. Mosenia, M. Chiang, and P. Mittal, “Darts: Deceiving autonomous cars with toxic signs,” 2018.\r\n16. Y. Zhao, H. Zhu, R. Liang, Q. Shen, S. Zhang, and K. Chen, “Seeing isn’t believing: Towards more robust adversarial attack against real world object detectors,”Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019. (Online). Available: [link](https://api.semanticscholar.org/CorpusID:207947087)\r\n17. G. Lovisotto, H. Turner, I. Sluganovic, M. Strohmeier, and I. Martinovic, “SLAP: Improving physical adversarial examples with Short-Lived adversarial perturbations,” in 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, Aug. 2021, pp. 1865–1882. (Online). Available: [link](https://www.usenix.org/conference/usenixsecurity21/presentation/lovisotto)\r\n18. T. Sato, J. Shen, N. Wang, Y. Jia, X. Lin, and Q. A. Chen, “Dirty road can attack: Security of deep learning based automated lane centering under Physical-World attack,” in 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, Aug. 2021, pp. 3309–3326. (Online). Available: [link](https://www.usenix.org/conference/usenixsecurity21/presentation/sato)\r\n19. W. Wang, Y. Yao, X. Liu, X. Li, P. Hao, and T. Zhu, “I can see the light: Attacks on autonomous vehicles using invisible lights,” in Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’21. New York, NY, USA: Association for Computing Machinery, 2021, p. 1930–1944. (Online). Available: [link](https://doi.org/10.1145/3460120.3484766)\r\n20. S.-T. Chen, C. Cornelius, J. Martin, and D. H. Chau, “ShapeShifter: Robust physical adversarial attack on faster r-CNN object detector,” in Machine Learning and Knowledge Discovery in Databases. Springer International Publishing, 2019, pp. 52–68. (Online). Available: [link](https://doi.org/10.1007%2F978-3-030-10925-7_4)\r\n21. K. Eykholt, I. Evtimov, E. Fernandes, B. Li, A. Rahmati, C. Xiao, A. Prakash, T. Kohno, and D. Song, “Robust physical-world attacks on deep learning models,” 2018.\r\n22. S. Thys, W. V. Ranst, and T. Goedemé, “Fooling automated surveillance cameras: adversarial patches to attack person detection,” 2019.\r\n23. Z. Wu, S.-N. Lim, L. Davis, and T. Goldstein, “Making an invisibility cloak: Real world adversarial attacks on object detectors,” 2020.\r\n24. R. M. Oza, A. Geisen, and T. Wang, “Traffic sign detection and recognition using deep learning,” in 2021 4th International Conference on Artificial Intelligence for Industries (AI4I), 2021, pp. 16–20.\n\n\n","media":[],"title":"Securing CCTV Cameras Against Blind Spots","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T17:20:00Z","end_timestamp":{"seconds":1723224000,"nanoseconds":0},"android_description":"In recent years, CCTV footage has been integrated in systems to observe areas and detect traversing malicious actors (e.g., criminals, terrorists). However, this footage has \"blind spots\", areas where objects are detected with lower confidence due to their angle/distance from the camera.\r\n\r\nIn this talk, we investigate a novel side effect of object detection in CCTV footage; location-based confidence weakness.\r\n\r\nWe demonstrate that a pedestrian's position (distance, angle, height) in footage impacts an object detector's confidence.\r\n\r\nWe analyze this phenomenon in four lighting conditions (lab, morning, afternoon, night) using five object detectors (YOLOv3, Faster R-CNN, SSD, DiffusionDet, RTMDet).\r\n\r\nWe then demonstrate this in footage of pedestrian traffic from three locations (Broadway, Shibuya Crossing, Castro Street), showing they contain \"blind spots\" where pedestrians are detected with low confidence. This persists across various locations, object detectors, and times of day. A malicious actor could take advantage of this to avoid detection.\r\n\r\nWe propose TipToe, a novel evasion attack leveraging \"blind spots\" to construct a minimum confidence path between two points in a CCTV-recorded area.\r\nWe demonstrate its performance on footage of Broadway, Shibuya Crossing, and Castro Street, observed by YOLOv3, Faster R-CNN, SSD, DiffusionDet, and RTMDet.\r\n\r\nTipToe reduces max/average confidence by 0.10 and 0.16, respectively, on paths in Shibuya Crossing observed by YOLOv3, with similar performance for other locations and object detectors.\r\n\r\n1. Artificial intelligence in medicine: A comprehensive survey of medical doctor’s perspectives in Portugal [link](https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10484446/), (Accessed 09-10-2023).\r\n2. The impact of artificial intelligence along the insurance value chain and on the insurability of risks - The Geneva Papers on Risk and Insurance - Issues and Practice [link](https://link.springer.com/article/10.1057/s41288-020-00201-7#citeas), (Accessed 09-10-2023).\r\n3. R. Chopra and G. D. Sharma, “Application of artificial intelligence in stock market forecasting: A critique, review, and research agenda,” Journal of Risk and Financial Management, vol. 14, no. 11, 2021.[link](https://www.mdpi.com/1911-8074/14/11/526)\r\n4. [B. B. Elallid, N. Benamar, A. S. Hafid, T. Rachidi, and N. Mrani, “A comprehensive survey on the application of deep and reinforcement learning approaches in autonomous driving,” Journal of King Saud University - Computer and Information Sciences, vol. 34, no. 9, pp. 7366–7390, 2022. (Online). Available: [link](https://www.sciencedirect.com/science/article/pii/S1319157822000970)\r\n5. I. J. Goodfellow, J. Pouget-Abadie, M. Mirza, B. Xu, D. Warde-Farley, S. Ozair, A. Courville, and Y. Bengio, “Generative adversarial networks,” 2014.\r\n6. I. J. Goodfellow, J. Shlens, and C. Szegedy, “Explaining and harnessing adversarial examples,” 2015.\r\n7. A. Kurakin, I. Goodfellow, and S. Bengio, “Adversarial examples in the physical world,” 2017.\r\n8. A. Chakraborty, M. Alam, V. Dey, A. Chattopadhyay, and D. Mukhopadhyay, “Adversarial attacks and defences: A survey,” 2018.\r\n9. A. Athalye, L. Engstrom, A. Ilyas, and K. Kwok, “Synthesizing robust adversarial examples,” 2018.\r\n10. M. Sharif, S. Bhagavatula, L. Bauer, and M. K. Reiter, “Accessorize to a crime: Real and stealthy attacks on state-of-the-art face recognition,” in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’16. New York, NY, USA: Association for Computing Machinery, 2016, p. 1528–1540. (Online). Available: [link](https://doi.org/10.1145/2976749.2978392)\r\n11. Z. Zhou, D. Tang, X. Wang, W. Han, X. Liu, and K. Zhang, “Invisible mask: Practical attacks on face recognition with infrared,” 2018.\r\n12. S. Komkov and A. Petiushko, “AdvHat: Real-world adversarial attack on ArcFace face ID system,” in 2020 25th International Conference on Pattern Recognition (ICPR). IEEE, jan 2021. (Online). Available: [link](https://doi.org/10.1109%2Ficpr48806.2021.9412236)\r\n13. B. Yin, W. Wang, T. Yao, J. Guo, Z. Kong, S. Ding, J. Li, and C. Liu, “Adv-makeup: A new imperceptible and transferable attack on face recognition,” in Proceedings of the Thirtieth International Joint Conference on Artificial Intelligence, IJCAI-21, Z.- H. Zhou, Ed. International Joint Conferences on Artificial Intelligence Organization, 8 2021, pp. 1252–1258, main Track. (Online). Available: [link](https://doi.org/10.24963/ijcai.2021/173)\r\n14. A. Zolfi, S. Avidan, Y. Elovici, and A. Shabtai, “Adversarial mask: Real-world universal adversarial attack on face recognition model,” 2022.\r\n15. C. Sitawarin, A. N. Bhagoji, A. Mosenia, M. Chiang, and P. Mittal, “Darts: Deceiving autonomous cars with toxic signs,” 2018.\r\n16. Y. Zhao, H. Zhu, R. Liang, Q. Shen, S. Zhang, and K. Chen, “Seeing isn’t believing: Towards more robust adversarial attack against real world object detectors,”Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019. (Online). Available: [link](https://api.semanticscholar.org/CorpusID:207947087)\r\n17. G. Lovisotto, H. Turner, I. Sluganovic, M. Strohmeier, and I. Martinovic, “SLAP: Improving physical adversarial examples with Short-Lived adversarial perturbations,” in 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, Aug. 2021, pp. 1865–1882. (Online). Available: [link](https://www.usenix.org/conference/usenixsecurity21/presentation/lovisotto)\r\n18. T. Sato, J. Shen, N. Wang, Y. Jia, X. Lin, and Q. A. Chen, “Dirty road can attack: Security of deep learning based automated lane centering under Physical-World attack,” in 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, Aug. 2021, pp. 3309–3326. (Online). Available: [link](https://www.usenix.org/conference/usenixsecurity21/presentation/sato)\r\n19. W. Wang, Y. Yao, X. Liu, X. Li, P. Hao, and T. Zhu, “I can see the light: Attacks on autonomous vehicles using invisible lights,” in Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’21. New York, NY, USA: Association for Computing Machinery, 2021, p. 1930–1944. (Online). Available: [link](https://doi.org/10.1145/3460120.3484766)\r\n20. S.-T. Chen, C. Cornelius, J. Martin, and D. H. Chau, “ShapeShifter: Robust physical adversarial attack on faster r-CNN object detector,” in Machine Learning and Knowledge Discovery in Databases. Springer International Publishing, 2019, pp. 52–68. (Online). Available: [link](https://doi.org/10.1007%2F978-3-030-10925-7_4)\r\n21. K. Eykholt, I. Evtimov, E. Fernandes, B. Li, A. Rahmati, C. Xiao, A. Prakash, T. Kohno, and D. Song, “Robust physical-world attacks on deep learning models,” 2018.\r\n22. S. Thys, W. V. Ranst, and T. Goedemé, “Fooling automated surveillance cameras: adversarial patches to attack person detection,” 2019.\r\n23. Z. Wu, S.-N. Lim, L. Davis, and T. Goldstein, “Making an invisibility cloak: Real world adversarial attacks on object detectors,” 2020.\r\n24. R. M. Oza, A. Geisen, and T. Wang, “Traffic sign detection and recognition using deep learning,” in 2021 4th International Conference on Artificial Intelligence for Industries (AI4I), 2021, pp. 16–20.","updated_timestamp":{"seconds":1720464426,"nanoseconds":0},"speakers":[{"content_ids":[54435],"conference_id":133,"event_ids":[54808],"name":"Jacob Shams","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cyber@Ben-Gurion University","title":"Ph.D. Researcher"}],"links":[],"pronouns":"he/him","media":[],"id":54182,"title":"Ph.D. Researcher at Cyber@Ben-Gurion University"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:47:06Z","links":[],"end":"2024-08-09T17:20:00.000-0000","id":54808,"tag_ids":[46166,46419,46881],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54182}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-08T18:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"False sense of security in devices that guarantee security is worse than no security at all. One device used by personnel who require communication security is goTenna Pro radio that creates an \"off-the-grid\" encrypted mobile mesh network.This network does not require any traditional cellular or satellite infrastructure and they may be found locally in your community. The datasheet says it is using AES-256 encryption. Has anyone bothered to verify that it is being implemented in the most secure manner? We examined this device and found that it was possible to fingerprint and track every off-the-grid message regardless of encryption. We also identified vulnerabilities that result in interception and decryption of the most secure encryption algorithm AES-256 as well as injection of messages into the existing mesh network. We don’t just trust what datasheets say, we verify it for you. We will explain our testing methodologies and demonstrate exploitation in a live demo. We will discuss the operational implications of these vulnerabilities and safe ways of using these devices that decrease the chance of a compromise. The tools developed as part of this research will be released open-source to inform what was possible to inspire future research against similar devices. We will discuss how we worked with goTenna to remedy these issues.\n\n\n","media":[],"title":"Mobile Mesh RF Network Exploitation: Getting the Tea from goTenna","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T17:45:00Z","end_timestamp":{"seconds":1723225500,"nanoseconds":0},"android_description":"False sense of security in devices that guarantee security is worse than no security at all. One device used by personnel who require communication security is goTenna Pro radio that creates an \"off-the-grid\" encrypted mobile mesh network.This network does not require any traditional cellular or satellite infrastructure and they may be found locally in your community. The datasheet says it is using AES-256 encryption. Has anyone bothered to verify that it is being implemented in the most secure manner? We examined this device and found that it was possible to fingerprint and track every off-the-grid message regardless of encryption. We also identified vulnerabilities that result in interception and decryption of the most secure encryption algorithm AES-256 as well as injection of messages into the existing mesh network. We don’t just trust what datasheets say, we verify it for you. We will explain our testing methodologies and demonstrate exploitation in a live demo. We will discuss the operational implications of these vulnerabilities and safe ways of using these devices that decrease the chance of a compromise. The tools developed as part of this research will be released open-source to inform what was possible to inspire future research against similar devices. We will discuss how we worked with goTenna to remedy these issues.","updated_timestamp":{"seconds":1720805256,"nanoseconds":0},"speakers":[{"content_ids":[54434],"conference_id":133,"event_ids":[54807],"name":"Woody","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54060},{"content_ids":[54434],"conference_id":133,"event_ids":[54807],"name":"Erwin Karincic","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Twitter (@tb69rr)","sort_order":0,"url":"https://twitter.com/tb69rr"}],"media":[],"id":54164}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-12T17:27:36Z","links":[],"end":"2024-08-09T17:45:00.000-0000","id":54807,"tag_ids":[46166,46169,46419,46437,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"Tool 🛠, Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":2,"person_id":54164},{"tag_id":46167,"sort_order":4,"person_id":54060}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-12T17:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Delve into the clandestine world of the LockBit ransomware gang! In this revealing presentation, I will recount my two-year journey spent infiltrating the inner ranks of the LockBit crime syndicate. Learn about the strategies employed to earn the trust of key individuals within the syndicate, including the gang's leader, LockBitSupp.\r\n\r\nYou will see firsthand accounts of these exchanges, and I will detail the intricacies of my relationship with LockBit's leadership and its network of affiliate hackers. You will also gain insight into the unintended consequences of my actions, including how my perceived breach of their infrastructure impacted the syndicate's operations. More importantly, I will share how I assisted in unmasking the real-world person behind the mask of LockBitSupp.\r\n\r\nJoin me as I illustrate the pivotal role of human intelligence in tandem with cyber threat intelligence to combat ransomware threats. This talk offers a compelling narrative of real-world efforts to thwart ransomware activities and safeguard organizations from LockBit ransomware attacks.\r\n\r\n- 60 min (full episode): 4/14/2024: Scattered Spider; Knife; Tasmanian Tiger - CBS News\r\n- 60 Min Overtime (additional footage from my interview about LockBit): Infiltrating ransomware gangs on the dark web - CBS News\r\n- Ransomware Diaries\r\n- Ransomware Diaries: Volume 1 | Analyst1\r\n- Ransomware Diaries V. 2: A Ransomware Hacker Origin Story (analyst1.com)\r\n- Ransomware Diaries V. 3: LockBit's Secrets (analyst1.com)\r\n- Ransomware Diaries Volume 5: Unmasking LockBit (analyst1.com)\r\n\n\n\n","media":[],"title":"Behind Enemy Lines: Going undercover to breach the LockBit Ransomware Operation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T17:45:00Z","end_timestamp":{"seconds":1723225500,"nanoseconds":0},"android_description":"Delve into the clandestine world of the LockBit ransomware gang! In this revealing presentation, I will recount my two-year journey spent infiltrating the inner ranks of the LockBit crime syndicate. Learn about the strategies employed to earn the trust of key individuals within the syndicate, including the gang's leader, LockBitSupp.\r\n\r\nYou will see firsthand accounts of these exchanges, and I will detail the intricacies of my relationship with LockBit's leadership and its network of affiliate hackers. You will also gain insight into the unintended consequences of my actions, including how my perceived breach of their infrastructure impacted the syndicate's operations. More importantly, I will share how I assisted in unmasking the real-world person behind the mask of LockBitSupp.\r\n\r\nJoin me as I illustrate the pivotal role of human intelligence in tandem with cyber threat intelligence to combat ransomware threats. This talk offers a compelling narrative of real-world efforts to thwart ransomware activities and safeguard organizations from LockBit ransomware attacks.\r\n\r\n- 60 min (full episode): 4/14/2024: Scattered Spider; Knife; Tasmanian Tiger - CBS News\r\n- 60 Min Overtime (additional footage from my interview about LockBit): Infiltrating ransomware gangs on the dark web - CBS News\r\n- Ransomware Diaries\r\n- Ransomware Diaries: Volume 1 | Analyst1\r\n- Ransomware Diaries V. 2: A Ransomware Hacker Origin Story (analyst1.com)\r\n- Ransomware Diaries V. 3: LockBit's Secrets (analyst1.com)\r\n- Ransomware Diaries Volume 5: Unmasking LockBit (analyst1.com)","updated_timestamp":{"seconds":1720386448,"nanoseconds":0},"speakers":[{"content_ids":[54433],"conference_id":133,"event_ids":[54806],"name":"Jon DiMaggio","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Analyst1","title":"Chief Security Strategist"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@Jon__DiMaggio)","sort_order":0,"url":"https://twitter.com/Jon__DiMaggio"}],"media":[],"id":54191,"title":"Chief Security Strategist at Analyst1"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T21:07:28Z","links":[],"end":"2024-08-09T17:45:00.000-0000","id":54806,"tag_ids":[46166,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54191}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-07T21:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"What happens when you take an ACM style programming contest, smash it head long into a drinking game, throw in a mix of our most distracting helpers, then shove the resulting chaos incarnate onto a stage? You get the contest known as Crash and Compile.\r\n\r\nTeams are given programming challenges and have to solve them with code. If your code fails to compile? Take a drink. Segfault? Take a drink. Did your code fail to produce the correct answer when you ran it? Take a drink. We set you against the clock and the other teams. And because our \"Team Distraction\" think watching people simply code is boring, they have taken it upon themselves to be creative in hindering you from programming, much to the enjoyment of the audience. At the end of the night, one team will have proven their ability, and walk away with the coveted Crash and Compile trophy.\r\n\r\nCrash and Compile is looking for the top programmers to test their skills in our contest. Do you have the problem solving and programming ability to complete our challenges? More importantly can you do so with style that sets your team ahead of the others? We encourage you to try your hand at the Crash and Compile qualifiers. Gather your team and see if you have the coding chops to secure your place as one of the top teams to move on to the main contest event.\r\n\r\nQualifications for Crash and Compile will take place 10:00 to 15:00. Come see us in contest area West Hall 4, or if you are excited to get started, qualifying can be completed from anywhere, as it takes place online at https://crashandcompile.org. You need a two hour block of time to complete the qualifying round. Points are awarded based on time to complete and problem difficulty.\n\n\n","media":[],"title":"Crash and Compile - Qualifications","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"What happens when you take an ACM style programming contest, smash it head long into a drinking game, throw in a mix of our most distracting helpers, then shove the resulting chaos incarnate onto a stage? You get the contest known as Crash and Compile.\r\n\r\nTeams are given programming challenges and have to solve them with code. If your code fails to compile? Take a drink. Segfault? Take a drink. Did your code fail to produce the correct answer when you ran it? Take a drink. We set you against the clock and the other teams. And because our \"Team Distraction\" think watching people simply code is boring, they have taken it upon themselves to be creative in hindering you from programming, much to the enjoyment of the audience. At the end of the night, one team will have proven their ability, and walk away with the coveted Crash and Compile trophy.\r\n\r\nCrash and Compile is looking for the top programmers to test their skills in our contest. Do you have the problem solving and programming ability to complete our challenges? More importantly can you do so with style that sets your team ahead of the others? We encourage you to try your hand at the Crash and Compile qualifiers. Gather your team and see if you have the coding chops to secure your place as one of the top teams to move on to the main contest event.\r\n\r\nQualifications for Crash and Compile will take place 10:00 to 15:00. Come see us in contest area West Hall 4, or if you are excited to get started, qualifying can be completed from anywhere, as it takes place online at https://crashandcompile.org. You need a two hour block of time to complete the qualifying round. Points are awarded based on time to complete and problem difficulty.","updated_timestamp":{"seconds":1719554875,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T06:07:55Z","links":[{"label":"Website","type":"link","url":"https://crashandcompile.org"}],"end":"2024-08-09T22:00:00.000-0000","id":54614,"tag_ids":[46426,46439,46494],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - WH4 - Contest Area","hotel":"","short_name":"Contest Area","id":46333},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-06-28T06:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DEF CON has made HDA a community, and we now have a community room! This room will be dedicated to the attendees with ADA needs, their friends, helpers, and anyone who wants to hang out and be social! So far we plan on providing charging stations, chill out sessions, an open call for a modular synth jam session, and more to come! Let's all work together to make DEFCON Awesomely Accessible!\r\n\r\n(Please note that on Thursday, we will be open only to provide assistance to those in need. Regular community programming will begin on Friday.)\r\n\r\nHang out, chill out deck out your mobility device and more!\n\n\n","media":[],"title":"HDA Community - Open for Accessibility Questions/Help","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-10T07:00:00Z","end_timestamp":{"seconds":1723273200,"nanoseconds":0},"android_description":"DEF CON has made HDA a community, and we now have a community room! This room will be dedicated to the attendees with ADA needs, their friends, helpers, and anyone who wants to hang out and be social! So far we plan on providing charging stations, chill out sessions, an open call for a modular synth jam session, and more to come! Let's all work together to make DEFCON Awesomely Accessible!\r\n\r\n(Please note that on Thursday, we will be open only to provide assistance to those in need. Regular community programming will begin on Friday.)\r\n\r\nHang out, chill out deck out your mobility device and more!","updated_timestamp":{"seconds":1722140938,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T04:28:58Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/242670"},{"label":"Official HDA Policy","type":"link","url":"https://defcon.org/html/links/dc-hda.html"}],"end":"2024-08-10T07:00:00.000-0000","id":54571,"tag_ids":[46362,46404],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46251,"name":"LVCC - L1 - W110 (HDA)","hotel":"","short_name":"W110 (HDA)","id":46280},"spans_timebands":"Y","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-28T04:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cloud Offensive Breach and Risk Assessment (COBRA) is an open-source tool designed to empower users to simulate attacks within multi-cloud environments, offering a comprehensive evaluation of security controls. By automating the testing of various threat vectors including external and insider threats, lateral movement, and data exfiltration, CNBAS enables organizations to gain insights into their security posture vulnerabilities. CNBAS is designed to conduct simulated attacks to assess an organization's ability to detect and respond to security threats effectively.\n\n\n","media":[],"title":"Cloud Offensive Breach and Risk Assessment (COBRA)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T18:45:00Z","end_timestamp":{"seconds":1723229100,"nanoseconds":0},"android_description":"Cloud Offensive Breach and Risk Assessment (COBRA) is an open-source tool designed to empower users to simulate attacks within multi-cloud environments, offering a comprehensive evaluation of security controls. By automating the testing of various threat vectors including external and insider threats, lateral movement, and data exfiltration, CNBAS enables organizations to gain insights into their security posture vulnerabilities. CNBAS is designed to conduct simulated attacks to assess an organization's ability to detect and respond to security threats effectively.","updated_timestamp":{"seconds":1718922446,"nanoseconds":0},"speakers":[{"content_ids":[55481,54179],"conference_id":133,"event_ids":[55910,54548],"name":"Anand Tiwari","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@anandtiwarics)","sort_order":0,"url":"https://twitter.com/anandtiwarics"}],"media":[],"id":53722},{"content_ids":[55481,54179],"conference_id":133,"event_ids":[55910,54548],"name":"Harsha Koushik","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@0xlcheetah)","sort_order":0,"url":"https://twitter.com/0xlcheetah"}],"media":[],"id":53739}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:27:26Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249608"},{"label":"Project","type":"link","url":"https://github.com/PaloAltoNetworks/cnbas-tool"}],"end":"2024-08-09T18:45:00.000-0000","id":54548,"tag_ids":[46169,46441,46444,46445,46453],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53722},{"tag_id":46167,"sort_order":4,"person_id":53739}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W308","hotel":"","short_name":"W308","id":46321},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-06-20T22:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cloud Penetration Testing has become a hot topic in the offensive community, as the cloud based infrastructures have been slowly taking the place on-prem ones used to have. This requires a tool to help with it. Nebula is a cloud Pentest Framework, which offers reconnaissance, enumeration, exploitation, post exploitation on AWS, Azure, DigitalOcean and above all opportunity to extend even more. It is built modulary for each provider and each attack, allowing for a diversity in attack surface. This coupled with the client-server architecture, allows for a collaborated team assessment of a hybrid cloud environment.\n\n\n","media":[],"title":"Nebula - 3 Years of Kicking *aaS and Taking Usernames","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T18:45:00Z","end_timestamp":{"seconds":1723229100,"nanoseconds":0},"android_description":"Cloud Penetration Testing has become a hot topic in the offensive community, as the cloud based infrastructures have been slowly taking the place on-prem ones used to have. This requires a tool to help with it. Nebula is a cloud Pentest Framework, which offers reconnaissance, enumeration, exploitation, post exploitation on AWS, Azure, DigitalOcean and above all opportunity to extend even more. It is built modulary for each provider and each attack, allowing for a diversity in attack surface. This coupled with the client-server architecture, allows for a collaborated team assessment of a hybrid cloud environment.","updated_timestamp":{"seconds":1718922395,"nanoseconds":0},"speakers":[{"content_ids":[54176],"conference_id":133,"event_ids":[54545],"name":"Bleon Proko","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53726}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:26:35Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249607"},{"label":"Project","type":"link","url":"https://github.com/gl4ssesbo1/Nebula"}],"end":"2024-08-09T18:45:00.000-0000","id":54545,"tag_ids":[46169,46441,46444,46445,46453],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53726}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W307","hotel":"","short_name":"W307","id":46322},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-06-20T22:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The purpose of the tool platform is to provide both novice and experienced Bluetooth researchers a “swiss-army knife” for device exploration and enumeration. The Bluetooth Landscape Exploration & Enumeration Platform (BLEEP) is capable of discovering Bluetooth Low Energy (BLE) devices, connecting to them, and enumerating the device as well. BLEEP leverages Python3, BlueZ, and the Linux D-Bus to provide a terminal user interface for identifying and interacting with BLE implements. The I/O capabilities of the toolset include read I/O, performing writes, and capturing of notification signals. The purpose of using these low-level libraries is to maintain small granularity control over the interactivity between BLEEP and the BLE environment.\n\n\n","media":[],"title":"Bluetooth Landscape Exploration & Enumeration Platform (BLEEP)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T18:45:00Z","end_timestamp":{"seconds":1723229100,"nanoseconds":0},"android_description":"The purpose of the tool platform is to provide both novice and experienced Bluetooth researchers a “swiss-army knife” for device exploration and enumeration. The Bluetooth Landscape Exploration & Enumeration Platform (BLEEP) is capable of discovering Bluetooth Low Energy (BLE) devices, connecting to them, and enumerating the device as well. BLEEP leverages Python3, BlueZ, and the Linux D-Bus to provide a terminal user interface for identifying and interacting with BLE implements. The I/O capabilities of the toolset include read I/O, performing writes, and capturing of notification signals. The purpose of using these low-level libraries is to maintain small granularity control over the interactivity between BLEEP and the BLE environment.","updated_timestamp":{"seconds":1718922338,"nanoseconds":0},"speakers":[{"content_ids":[54173],"conference_id":133,"event_ids":[54542],"name":"Paul Wortman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53767}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:25:38Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249606"},{"label":"Project","type":"link","url":"https://github.com/Mauddib28/bleep-tool"}],"end":"2024-08-09T18:45:00.000-0000","id":54542,"tag_ids":[46169,46441,46453,46466],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53767}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W306","hotel":"","short_name":"W306","id":46323},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-06-20T22:25:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In red team operations, selecting the right tools for data exfiltration is critical, yet comes with obstacles such as triggering Data Exfiltration Prevention (DEP) systems. We present \"Volatile Vault\" as a solution, a custom-built platform tailored to evade DEP detection. Our tool encrypts the data on the client-side and then provides a modular approach for uploading said data. Some of the currently implemented upload strategies are chunked HTTP uploads to multiple domain fronted endpoints (AWS) or QUIC as an alternative protocol.\n\n\n","media":[],"title":"Volatile Vault - Data Exfiltration in 2024","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T18:45:00Z","end_timestamp":{"seconds":1723229100,"nanoseconds":0},"android_description":"In red team operations, selecting the right tools for data exfiltration is critical, yet comes with obstacles such as triggering Data Exfiltration Prevention (DEP) systems. We present \"Volatile Vault\" as a solution, a custom-built platform tailored to evade DEP detection. Our tool encrypts the data on the client-side and then provides a modular approach for uploading said data. Some of the currently implemented upload strategies are chunked HTTP uploads to multiple domain fronted endpoints (AWS) or QUIC as an alternative protocol.","updated_timestamp":{"seconds":1718922282,"nanoseconds":0},"speakers":[{"content_ids":[54170,54189],"conference_id":133,"event_ids":[54539,54558],"name":"Moritz Laurin Thomas","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NVISO ARES","title":"Senior Red Team Security Consultant"}],"links":[],"pronouns":null,"media":[],"id":53762,"title":"Senior Red Team Security Consultant at NVISO ARES"},{"content_ids":[54170],"conference_id":133,"event_ids":[54539],"name":"Patrick Eisenschmidt","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NVISO ARES","title":"Red Team Lead"}],"links":[],"pronouns":null,"media":[],"id":53765,"title":"Red Team Lead at NVISO ARES"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:24:42Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249605"},{"label":"Project","type":"link","url":"https://github.com/molatho/VolatileVault"}],"end":"2024-08-09T18:45:00.000-0000","id":54539,"tag_ids":[46169,46441,46443,46445,46453],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53762},{"tag_id":46167,"sort_order":4,"person_id":53765}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W305","hotel":"","short_name":"W305","id":46324},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-06-20T22:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"apkInspector is a tool designed to tackle Android APKs, helping to uncover and decode the evasive tactics used by malware. It can decompress APK entries and extract detailed information such as entry names and sizes, making it easy to analyze the contents of an app. The tool also processes and decodes Android XML (AXML) files into a human-readable format, all while considering the sneaky evasion tactics that malware might employ. apkInspector is able to also identify specific evasion techniques used by malware to bypass static analysis, providing crucial insights for security analysis. It is built to function both as a standalone command-line interface (CLI) for direct operations and as a library that can be integrated into other security tools, enhancing its utility and adaptability in various cybersecurity environments.\n\n\n","media":[],"title":"Zip It Up, Sneak It In - Introduction of apkInspector","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T18:45:00Z","end_timestamp":{"seconds":1723229100,"nanoseconds":0},"android_description":"apkInspector is a tool designed to tackle Android APKs, helping to uncover and decode the evasive tactics used by malware. It can decompress APK entries and extract detailed information such as entry names and sizes, making it easy to analyze the contents of an app. The tool also processes and decodes Android XML (AXML) files into a human-readable format, all while considering the sneaky evasion tactics that malware might employ. apkInspector is able to also identify specific evasion techniques used by malware to bypass static analysis, providing crucial insights for security analysis. It is built to function both as a standalone command-line interface (CLI) for direct operations and as a library that can be integrated into other security tools, enhancing its utility and adaptability in various cybersecurity environments.","updated_timestamp":{"seconds":1718922216,"nanoseconds":0},"speakers":[{"content_ids":[54167],"conference_id":133,"event_ids":[54536],"name":"Kaloyan Velikov","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53747},{"content_ids":[54167],"conference_id":133,"event_ids":[54536],"name":"Leonidas Vasileiadis","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53751}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:23:36Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249604"},{"label":"Project","type":"link","url":"https://github.com/erev0s/apkInspector"}],"end":"2024-08-09T18:45:00.000-0000","id":54536,"tag_ids":[46169,46441,46443,46445,46448,46452,46453,46460],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53747},{"tag_id":46167,"sort_order":4,"person_id":53751}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W304","hotel":"","short_name":"W304","id":46325},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-06-20T22:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Docker Exploitation Framework is a cross-platform framework that is focused on attacking container environments (think Kubernetes, docker, etc). It can identify vulnerabilities, misconfigurations, and potential attack vectors. It also helps to automate different stages of a successful kill-chain through features such as:\r\n\r\n- Vulnerability scanning\r\n- Container breakouts\r\n- Pod2pod lateral movement\r\n- File layers deep inspection and extraction\r\n- Attack surface discovery and mapping\r\n- Privilege escalation, etc\n\n\n","media":[],"title":"Docker Exploitation Framework","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T18:45:00Z","end_timestamp":{"seconds":1723229100,"nanoseconds":0},"android_description":"Docker Exploitation Framework is a cross-platform framework that is focused on attacking container environments (think Kubernetes, docker, etc). It can identify vulnerabilities, misconfigurations, and potential attack vectors. It also helps to automate different stages of a successful kill-chain through features such as:\r\n\r\n- Vulnerability scanning\r\n- Container breakouts\r\n- Pod2pod lateral movement\r\n- File layers deep inspection and extraction\r\n- Attack surface discovery and mapping\r\n- Privilege escalation, etc","updated_timestamp":{"seconds":1718922123,"nanoseconds":0},"speakers":[{"content_ids":[54164],"conference_id":133,"event_ids":[54533],"name":"Emmanuel Law","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Senior Staff Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@libnex)","sort_order":0,"url":"https://twitter.com/libnex"}],"media":[],"id":53734,"title":"Senior Staff Security Engineer"},{"content_ids":[54164],"conference_id":133,"event_ids":[54533],"name":"Rohit Pitke","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53772}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:22:03Z","links":[{"label":"Project","type":"link","url":"https://dockerexploitationframework.github.io/"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249603"}],"end":"2024-08-09T18:45:00.000-0000","id":54533,"tag_ids":[46169,46441,46443,46453],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53734},{"tag_id":46167,"sort_order":4,"person_id":53772}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W303","hotel":"","short_name":"W303","id":46326},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-06-20T22:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this Q&A session featuring a malware engineer, the BIC community will engage with insights and inquiries!\n\n\n","media":[],"title":"BIC Village Opening Q&A with Marcus Hutchins","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:00:00Z","end_timestamp":{"seconds":1723222800,"nanoseconds":0},"android_description":"In this Q&A session featuring a malware engineer, the BIC community will engage with insights and inquiries!","updated_timestamp":{"seconds":1721495125,"nanoseconds":0},"speakers":[{"content_ids":[55190],"conference_id":133,"event_ids":[55580],"name":"Marcus Hutchins","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Cybersecurity Speaker"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/malwaretech?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=ios_app"},{"description":"","title":"Mastodon (@malwaretech@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@malwaretech"},{"description":"","title":"Website","sort_order":0,"url":"https://marcushutchins.com/"}],"media":[],"id":55806,"title":"Cybersecurity Speaker"},{"content_ids":[55190],"conference_id":133,"event_ids":[55580],"name":"Michaela Barnett","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Red Team Operator & Cybersecurity Researcher"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/michaela-barnett-a4103285/"},{"description":"","title":"Mastodon (@mk48@defcon.social)","sort_order":0,"url":"https://defcon.social/@mk48"},{"description":"","title":"Mastodon (@mk48@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@mk48"},{"description":"","title":"Twitter (@MK4TY8)","sort_order":0,"url":"https://x.com/MK4TY8"}],"media":[],"id":55807,"title":"Red Team Operator & Cybersecurity Researcher"}],"begin_tsz":"2024-08-09T16:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T17:05:25Z","links":[],"end":"2024-08-09T17:00:00.000-0000","id":55580,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723221000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55807},{"tag_id":46167,"sort_order":4,"person_id":55806}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-09T16:30:00.000-0000","updated":"2024-07-20T17:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the Social Engineering Community’s Vishing Competition (#SECVC), teams and individuals go toe to toe, placing live phone calls in front of the SEC audience at DEF CON, showcasing the duality of ease and complexity of the craft against the various levels of preparedness and defenses by actual companies.\n\n\n","media":[{"hash_sha256":"7d0d9b649fab8d275e1ecbedd38ccde599c877fa0814429a982f2d2c1530c04a","filetype":"image/png","hash_md5":"4668261e876ee373cf550d860652abbb","name":"ct_secv_vishing.png","is_logo":"Y","hash_crc32c":"58ded2e9","filesize":159478,"asset_id":691,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_secv_vishing.png"}],"title":"Social Engineering Community Vishing Competition (SECVC)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"In the Social Engineering Community’s Vishing Competition (#SECVC), teams and individuals go toe to toe, placing live phone calls in front of the SEC audience at DEF CON, showcasing the duality of ease and complexity of the craft against the various levels of preparedness and defenses by actual companies.","updated_timestamp":{"seconds":1722103441,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T16:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-27T18:04:01Z","links":[{"label":"More Info","type":"link","url":"https://www.se.community/vishing-competition/"}],"end":"2024-08-10T00:00:00.000-0000","id":55843,"tag_ids":[46393,46439,46741],"village_id":null,"begin_timestamp":{"seconds":1723219200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-09T16:00:00.000-0000","updated":"2024-07-27T18:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Don’t Panic! The Social Engineering Community needs your help save the galaxy! We need brave and creative minds for our Youth Challenge to help us solve a series of challenges that will trigger the implosion failsafe.\n\n\n","media":[{"hash_sha256":"644e222049d8075294958387f5d1fe445f0b2475478877de25e0b67fa14294fb","filetype":"image/png","hash_md5":"c853babc9f241a502510097ea15bda71","name":"ct_secv_youth.png","is_logo":"Y","hash_crc32c":"8a3466fb","filesize":167278,"asset_id":690,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_secv_youth.png"}],"title":"Social Engineering Community Youth Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Don’t Panic! The Social Engineering Community needs your help save the galaxy! We need brave and creative minds for our Youth Challenge to help us solve a series of challenges that will trigger the implosion failsafe.","updated_timestamp":{"seconds":1722103348,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T16:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-27T18:02:28Z","links":[{"label":"More Info","type":"link","url":"https://www.se.community/youth-challenge/"}],"end":"2024-08-10T01:00:00.000-0000","id":55841,"tag_ids":[46393,46439,46740],"village_id":null,"begin_timestamp":{"seconds":1723219200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-09T16:00:00.000-0000","updated":"2024-07-27T18:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Meet BIC @ UK! The U.K. Chapter of Blacks In Cybersecurity is dedicated to empowering Black professionals in the United Kingdom. This session will introduce you to the regional leaders and their vision for their local chapter and members.\n\n\n","media":[],"title":"BIC United Kingdom Chapter Informational Virtual Opening Session","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T16:30:00Z","end_timestamp":{"seconds":1723221000,"nanoseconds":0},"android_description":"Meet BIC @ UK! The U.K. Chapter of Blacks In Cybersecurity is dedicated to empowering Black professionals in the United Kingdom. This session will introduce you to the regional leaders and their vision for their local chapter and members.","updated_timestamp":{"seconds":1721495102,"nanoseconds":0},"speakers":[{"content_ids":[55189],"conference_id":133,"event_ids":[55579],"name":"Ike Marizu","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"BIC U.K. Ambassador"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/o-ike-m-2b09261a7?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=ios_app"}],"media":[],"id":55790,"title":"BIC U.K. Ambassador"}],"begin_tsz":"2024-08-09T16:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T17:05:02Z","links":[],"end":"2024-08-09T16:30:00.000-0000","id":55579,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723219200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55790}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-09T16:00:00.000-0000","updated":"2024-07-20T17:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Gain experience popping root shells on real world web applications and taking your hacking skills to the next level. Students will learn accessible and powerful vulnerability discovery techniques to identify, exploit and chain vulnerabilities for root shells. Getting hands-on experience using free and widely available Linux utilities to debug and dynamically monitor applications, to more effectively discover and exploit vulnerabilities. Using a whitebox approach students will rapidly discover and exploit non-trivial bugs. A progressive hint system will be used during the labs to incrementally reveal step-by-step progressions of each exploit exercise in case students are stuck or fall behind.\nCourse Objectives:\n--Students will gain hands-on experience analyzing and developing exploits for real world application vulnerabilities.\n--Students will learn how to discover vulnerabilities and subsequently weaponize them in an exploit chain to spawn remote shells on application servers.\n--Students will gain experience using open source linux tools like strace and tcpdump to analyze application behavior and isolate vulnerabilities.\n--Students will gain experience weaponizing web application vulnerabilities and writing exploits\nUpon Completion of this training, attendees will know:\n--How to identify situations where openbox application vulnerability assessments are appropriate and how to leverage this powerful context.\n--How to utilize openbox penetration testing methodologies to achieve more thorough and effective assessments.\n--How to leverage vulnerability chaining to assemble multiple medium criticality findings into a single remote root exploit.\n\n\n","media":[],"title":"Whitebox Web Exploit Development","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Gain experience popping root shells on real world web applications and taking your hacking skills to the next level. Students will learn accessible and powerful vulnerability discovery techniques to identify, exploit and chain vulnerabilities for root shells. Getting hands-on experience using free and widely available Linux utilities to debug and dynamically monitor applications, to more effectively discover and exploit vulnerabilities. Using a whitebox approach students will rapidly discover and exploit non-trivial bugs. A progressive hint system will be used during the labs to incrementally reveal step-by-step progressions of each exploit exercise in case students are stuck or fall behind.\nCourse Objectives:\n--Students will gain hands-on experience analyzing and developing exploits for real world application vulnerabilities.\n--Students will learn how to discover vulnerabilities and subsequently weaponize them in an exploit chain to spawn remote shells on application servers.\n--Students will gain experience using open source linux tools like strace and tcpdump to analyze application behavior and isolate vulnerabilities.\n--Students will gain experience weaponizing web application vulnerabilities and writing exploits\nUpon Completion of this training, attendees will know:\n--How to identify situations where openbox application vulnerability assessments are appropriate and how to leverage this powerful context.\n--How to utilize openbox penetration testing methodologies to achieve more thorough and effective assessments.\n--How to leverage vulnerability chaining to assemble multiple medium criticality findings into a single remote root exploit.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54221],"conference_id":133,"event_ids":[54594],"name":"Cale Smith","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Amazon","title":""}],"pronouns":null,"links":[{"description":"","title":"Twitter (@calebreeeh)","sort_order":0,"url":"https://twitter.com/calebreeeh"}],"media":[],"id":53836,"title":"Amazon"},{"content_ids":[54221],"conference_id":133,"event_ids":[54594],"name":"Priyanka Joshi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Amazon","title":"Security Engineer, Ring AppSec"}],"links":[],"pronouns":null,"media":[],"id":53861,"title":"Security Engineer, Ring AppSec at Amazon"}],"begin_tsz":"2024-08-09T16:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Joshi_DC32.eventbrite.com"}],"end":"2024-08-09T20:00:00.000-0000","id":54594,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723219200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53836},{"tag_id":46167,"sort_order":1,"person_id":53861}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dunes","hotel":"","short_name":"Dunes","id":46329},"spans_timebands":"N","begin":"2024-08-09T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DLL Loading is one of the most important parts of the Windows system. When you install, run, use, or hack a system, you will always use DLL. This DLL mechanism has been exploited for several years for malware development through several techniques : DLL injection, DLL sideloading, Reflective DLL but do you really know how Windows is loading a DLL ? Do you know how it links all sections ? Which structures are used to store internally ? How does it resolve dependencies ? And are you able to design your own Perfect DLL Loader that fully integrate with the WIN32API? \nIn this workshop, you will lose you sanity and dive into the Windows DLL mechanism. Armed with your decompiler and your brain, step by step, you will build your own (almost) Perfect DLL loader.\nYou will try to load from the simple AMSI.DLL to the most complexe WINHTTP.DLL. At each step, you will dive deeper into the Windows DLL Loader and the Windows Internals.\nMalware developers, you will be able to use this code as a PE loader that never failed me for the last years and a DLL loader that does not raise the LoadImage kernel callback you can use on your own C2 beacon.\nWARNING: while this is a windows internal DISCOVERY discovery course, it is still a HIGHLY TECHNICAL workshop. You should have some entry-level knowledge on Windows systems, C programing and reverse engineering to fully enjoy the workshop.\nIt is expected from the student to bring a laptop with either a Windows 10 or Windows 10 VM, a C compiler (Mingw or MSVC), a decompiler (IDA Free or Ghidra), the WinDBG debugger and the Sysinternals suite. I will personally use the following toolchain : WIN10, MSVC, IDA, WinDBG Preview.\n\n\n","media":[],"title":"Traumatic Library Loading : If you want to use it, you have to implement it...","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"DLL Loading is one of the most important parts of the Windows system. When you install, run, use, or hack a system, you will always use DLL. This DLL mechanism has been exploited for several years for malware development through several techniques : DLL injection, DLL sideloading, Reflective DLL but do you really know how Windows is loading a DLL ? Do you know how it links all sections ? Which structures are used to store internally ? How does it resolve dependencies ? And are you able to design your own Perfect DLL Loader that fully integrate with the WIN32API? \nIn this workshop, you will lose you sanity and dive into the Windows DLL mechanism. Armed with your decompiler and your brain, step by step, you will build your own (almost) Perfect DLL loader.\nYou will try to load from the simple AMSI.DLL to the most complexe WINHTTP.DLL. At each step, you will dive deeper into the Windows DLL Loader and the Windows Internals.\nMalware developers, you will be able to use this code as a PE loader that never failed me for the last years and a DLL loader that does not raise the LoadImage kernel callback you can use on your own C2 beacon.\nWARNING: while this is a windows internal DISCOVERY discovery course, it is still a HIGHLY TECHNICAL workshop. You should have some entry-level knowledge on Windows systems, C programing and reverse engineering to fully enjoy the workshop.\nIt is expected from the student to bring a laptop with either a Windows 10 or Windows 10 VM, a C compiler (Mingw or MSVC), a decompiler (IDA Free or Ghidra), the WinDBG debugger and the Sysinternals suite. I will personally use the following toolchain : WIN10, MSVC, IDA, WinDBG Preview.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54220],"conference_id":133,"event_ids":[54593],"name":"Yoann Dequeker","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Wavestone","title":"Red Team Operator"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@OtterHacker)","sort_order":0,"url":"https://twitter.com/OtterHacker"}],"media":[],"id":53876,"title":"Red Team Operator at Wavestone"}],"begin_tsz":"2024-08-09T16:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Dequeker_DC32.eventbrite.com"}],"end":"2024-08-09T20:00:00.000-0000","id":54593,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723219200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53876}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dean Martin","hotel":"","short_name":"Dean Martin","id":46327},"spans_timebands":"N","begin":"2024-08-09T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the unpredictable world of healthcare, the ability to respond effectively to emergencies and technology failures is paramount to ensuring patient safety and continuity of care. As hospitals and emergency rooms increasingly rely on technology to deliver critical services, it's essential for all personnel to understand the complex interplay between technology, emergency response, and the potential cascading effects of failures. This immersive workshop is designed to equip participants with the knowledge and skills needed to navigate emergencies and technology failures in healthcare environments. Through a series of simulated scenarios encompassing various emergency situations and technology breakdowns, participants will explore the intricate challenges of maintaining operational resilience in the face of adversity.\nFrom power outages to cyberattacks, participants will learn how to identify, assess, and respond to emergencies with a focus on mitigating second and third-order consequences. Leveraging real-time data and insights from tools and techniques, participants will gain practical experience in detecting anomalies, coordinating response efforts, and minimizing disruption to patient care.\nKey Learning Objectives:\nUnderstand the complex interplay between technology, emergency response, and the potential cascading effects of failures in healthcare environments.\nExplore various emergency scenarios and technology failures, including power outages, cyberattacks, and system malfunctions.\nGain practical experience in assessing the impact of emergencies and technology failures on patient care and operational continuity.\nLearn how to use the available tools for real-time monitoring, detection, and response to security incidents and technology failures.\nDiscuss strategies for mitigating second and third-order consequences of emergencies and technology failures, including communication, collaboration, and contingency planning.\n\n\n","media":[],"title":"Small Choices, Global Repercussions: A Tabletop Exercise about Decision-Making in Healthcare Cybersecurity","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"In the unpredictable world of healthcare, the ability to respond effectively to emergencies and technology failures is paramount to ensuring patient safety and continuity of care. As hospitals and emergency rooms increasingly rely on technology to deliver critical services, it's essential for all personnel to understand the complex interplay between technology, emergency response, and the potential cascading effects of failures. This immersive workshop is designed to equip participants with the knowledge and skills needed to navigate emergencies and technology failures in healthcare environments. Through a series of simulated scenarios encompassing various emergency situations and technology breakdowns, participants will explore the intricate challenges of maintaining operational resilience in the face of adversity.\nFrom power outages to cyberattacks, participants will learn how to identify, assess, and respond to emergencies with a focus on mitigating second and third-order consequences. Leveraging real-time data and insights from tools and techniques, participants will gain practical experience in detecting anomalies, coordinating response efforts, and minimizing disruption to patient care.\nKey Learning Objectives:\nUnderstand the complex interplay between technology, emergency response, and the potential cascading effects of failures in healthcare environments.\nExplore various emergency scenarios and technology failures, including power outages, cyberattacks, and system malfunctions.\nGain practical experience in assessing the impact of emergencies and technology failures on patient care and operational continuity.\nLearn how to use the available tools for real-time monitoring, detection, and response to security incidents and technology failures.\nDiscuss strategies for mitigating second and third-order consequences of emergencies and technology failures, including communication, collaboration, and contingency planning.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54219],"conference_id":133,"event_ids":[54592],"name":"Isabel Straw, MD","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@IsabelStrawMD)","sort_order":0,"url":"https://twitter.com/IsabelStrawMD"}],"media":[],"id":53845},{"content_ids":[54219],"conference_id":133,"event_ids":[54592],"name":"Jorge Acevedo Canabal, MD","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"University of Puerto Rico","title":"Adjunct Professor"}],"links":[],"pronouns":null,"media":[],"id":53848,"title":"Adjunct Professor at University of Puerto Rico"},{"content_ids":[54219],"conference_id":133,"event_ids":[54592],"name":"Nathan Case","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@karmichand)","sort_order":0,"url":"https://twitter.com/karmichand"}],"media":[],"id":53859}],"begin_tsz":"2024-08-09T16:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"More Info","type":"link","url":"https://www.villageb.io/table-top-exercises"},{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Case_DC32.eventbrite.com"}],"end":"2024-08-09T20:00:00.000-0000","id":54592,"tag_ids":[46371,46427,46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723219200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53845},{"tag_id":46167,"sort_order":1,"person_id":53848},{"tag_id":46167,"sort_order":1,"person_id":53859}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Frontier","hotel":"","short_name":"Frontier","id":46330},"spans_timebands":"N","begin":"2024-08-09T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Every technical product is now incorporating machine learning at an explosive rate. But most people, even those with strong technical skills, don't understand how it works, what its capabilities are, and what security risks come with it. In this workshop, we'll make machine learning models using simple Python scripts, train them, and evaluate their worth. Projects include computer vision, breaking a CAPTCHA, deblurring images, regression, and classification tasks. We will perform poisoning and evasion attacks on machine learning systems, and implement deep neural rejection to block such attacks.\nNo experience with programming or machine learning is required, and the only software required is a Web browser. We will use TensorFlow on free Google Colab cloud systems. \nAll materials and challenges are freely available at samsclass.info, and will remain available after the workshop ends.\n\n\n","media":[],"title":"Machine Learning for N00bs","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Every technical product is now incorporating machine learning at an explosive rate. But most people, even those with strong technical skills, don't understand how it works, what its capabilities are, and what security risks come with it. In this workshop, we'll make machine learning models using simple Python scripts, train them, and evaluate their worth. Projects include computer vision, breaking a CAPTCHA, deblurring images, regression, and classification tasks. We will perform poisoning and evasion attacks on machine learning systems, and implement deep neural rejection to block such attacks.\nNo experience with programming or machine learning is required, and the only software required is a Web browser. We will use TensorFlow on free Google Colab cloud systems. \nAll materials and challenges are freely available at samsclass.info, and will remain available after the workshop ends.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54218],"conference_id":133,"event_ids":[54591],"name":"Elizabeth Biddlecome","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53840},{"content_ids":[54218],"conference_id":133,"event_ids":[54591],"name":"Irvin Lemus","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"By Light IT Professional Services","title":"Cyber Range Engineer"}],"links":[],"pronouns":null,"media":[],"id":53844,"title":"Cyber Range Engineer at By Light IT Professional Services"},{"content_ids":[54218],"conference_id":133,"event_ids":[54591],"name":"Kaitlyn Handelman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Amazon","title":"Offensive Security Engineer"}],"links":[],"pronouns":null,"media":[],"id":53851,"title":"Offensive Security Engineer at Amazon"},{"content_ids":[54218],"conference_id":133,"event_ids":[54591],"name":"Sam Bowne","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Infosec Decoded, Inc","title":"Founder"},{"organization":"City College San Francisco","title":"Instructor"}],"links":[],"pronouns":null,"media":[],"id":53867,"title":"Instructor at City College San Francisco"}],"begin_tsz":"2024-08-09T16:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Bowne_DC32.eventbrite.com"}],"end":"2024-08-09T20:00:00.000-0000","id":54591,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723219200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53840},{"tag_id":46167,"sort_order":1,"person_id":53844},{"tag_id":46167,"sort_order":1,"person_id":53851},{"tag_id":46167,"sort_order":1,"person_id":53867}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Sands","hotel":"","short_name":"Sands","id":46331},"spans_timebands":"N","begin":"2024-08-09T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As defenders, we are always outnumbered, but we are by no means outmaneuvered. Attackers may hide in the haystack of haystacks, but with scalable detection logic, efficient coding practices, a thorough investigation methodology, and a reasonable corpus of computing, we can still determine which haystack to look within, and subsequently find the needle.\r\n\r\nThis is often made possible by a detection pipeline. And knowing how detection pipelines work, and the role each component plays, can help us write more efficient, more accurate detections to make life hard for the attacker. By reducing the attacker's window of opportunity, whilst making the subsequent investigation easier for the would-be analyst, we can maintain a strong defensive position, forcing the attacker to burn significantly more resources in an attempt to make progress.\r\n\r\nThis workshop will run attendees through implementing a simple detection pipeline in code, and some basic detection rules, to understand how to:\r\n- Ingest and normalize arbitrary log data, and make such data available for downstream detection rules;\r\n- Implement detection logic, to isolate potentially malicious behaviour;\r\n- Enrich log data with more context, aiding investigation; and\r\n- Draw relationships from individual log entries, to reduce investigative noise.\r\n\r\nAttendees should be comfortable with either Python 3 or Golang, including core language syntax and the execution environment of their preferred language.\n\n\n","media":[],"title":"Finding the Needle: An Introduction to Detection Engineering","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"As defenders, we are always outnumbered, but we are by no means outmaneuvered. Attackers may hide in the haystack of haystacks, but with scalable detection logic, efficient coding practices, a thorough investigation methodology, and a reasonable corpus of computing, we can still determine which haystack to look within, and subsequently find the needle.\r\n\r\nThis is often made possible by a detection pipeline. And knowing how detection pipelines work, and the role each component plays, can help us write more efficient, more accurate detections to make life hard for the attacker. By reducing the attacker's window of opportunity, whilst making the subsequent investigation easier for the would-be analyst, we can maintain a strong defensive position, forcing the attacker to burn significantly more resources in an attempt to make progress.\r\n\r\nThis workshop will run attendees through implementing a simple detection pipeline in code, and some basic detection rules, to understand how to:\r\n- Ingest and normalize arbitrary log data, and make such data available for downstream detection rules;\r\n- Implement detection logic, to isolate potentially malicious behaviour;\r\n- Enrich log data with more context, aiding investigation; and\r\n- Draw relationships from individual log entries, to reduce investigative noise.\r\n\r\nAttendees should be comfortable with either Python 3 or Golang, including core language syntax and the execution environment of their preferred language.","updated_timestamp":{"seconds":1719543292,"nanoseconds":0},"speakers":[{"content_ids":[54217],"conference_id":133,"event_ids":[54590],"name":"Kathy Zhu","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Security Engineering Tech Lead"}],"links":[],"pronouns":null,"media":[],"id":53852,"title":"Security Engineering Tech Lead at Google"},{"content_ids":[54214,54217],"conference_id":133,"event_ids":[54587,54590],"name":"Troy Defty","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Security Engineering Manager"}],"links":[],"pronouns":null,"media":[],"id":53872,"title":"Security Engineering Manager"}],"begin_tsz":"2024-08-09T16:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T02:54:52Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Defty_DC32.eventbrite.com"}],"end":"2024-08-09T20:00:00.000-0000","id":54590,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723219200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53852},{"tag_id":46167,"sort_order":1,"person_id":53872}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Desert Inn","hotel":"","short_name":"Desert Inn","id":46328},"spans_timebands":"N","begin":"2024-08-09T16:00:00.000-0000","updated":"2024-06-28T02:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come check out the Social Engineering Community Village!\n\n\n","media":[],"title":"Social Engineering Community Village Hours","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Come check out the Social Engineering Community Village!","updated_timestamp":{"seconds":1722102714,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T15:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-27T17:51:54Z","links":[{"label":"More Info","type":"link","url":"https://www.se.community/schedule/"}],"end":"2024-08-10T01:00:00.000-0000","id":55829,"tag_ids":[46393,46641],"village_id":null,"begin_timestamp":{"seconds":1723217400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-09T15:30:00.000-0000","updated":"2024-07-27T17:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Let’s Boop the ISS! Join the Lonely Hackers Club for an extraordinary experience where we’ll use our ham radios to attempt communication with astronauts aboard the International Space Station! We have tracked the orbital passes of the space station and calculated our best chance.\n\n\n","media":[],"title":"️ISSCON","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T17:30:00Z","end_timestamp":{"seconds":1723224600,"nanoseconds":0},"android_description":"Let’s Boop the ISS! Join the Lonely Hackers Club for an extraordinary experience where we’ll use our ham radios to attempt communication with astronauts aboard the International Space Station! We have tracked the orbital passes of the space station and calculated our best chance.","updated_timestamp":{"seconds":1722482898,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T15:15:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T03:28:18Z","links":[],"end":"2024-08-09T17:30:00.000-0000","id":56317,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723216500,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 (Floor 3) - Terrace","hotel":"","short_name":"Terrace","id":46475},"spans_timebands":"N","begin":"2024-08-09T15:15:00.000-0000","updated":"2024-08-01T03:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you find something that seems to have been lost, please take that item to the nearest NFO Node. The item will enter the DEF CON Lost & Found system. \r\n\r\nIf you've lost something, the only way to check on it (or reclaim it) is by going to the Lost & Found department yourself. The Lost & Found department is in room LVCC - L2 - W238. You may also call Lost & Found at [+1 (725) 377-5045](tel:+17253775045).\r\n\r\nThe Lost & Found department plans to be open Thursday - Saturday, during all hours that the conference operates. On Sunday, the Lost & Found department will open with the venue at 08:00, but will close at the beginning of DEF CON 32 Closing Ceremonies (15:00). Shortly thereafter, all remaining lost items will be transferred to the LVCC West Lobby Security Office. If you need to reach LVCC's West Lobby Security Office, you may call [+1 (702) 943-3532](tel:+17029433532).\n\n\n","media":[],"title":"Lost & Found","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-10T09:00:00Z","end_timestamp":{"seconds":1723280400,"nanoseconds":0},"android_description":"If you find something that seems to have been lost, please take that item to the nearest NFO Node. The item will enter the DEF CON Lost & Found system. \r\n\r\nIf you've lost something, the only way to check on it (or reclaim it) is by going to the Lost & Found department yourself. The Lost & Found department is in room LVCC - L2 - W238. You may also call Lost & Found at [+1 (725) 377-5045](tel:+17253775045).\r\n\r\nThe Lost & Found department plans to be open Thursday - Saturday, during all hours that the conference operates. On Sunday, the Lost & Found department will open with the venue at 08:00, but will close at the beginning of DEF CON 32 Closing Ceremonies (15:00). Shortly thereafter, all remaining lost items will be transferred to the LVCC West Lobby Security Office. If you need to reach LVCC's West Lobby Security Office, you may call [+1 (702) 943-3532](tel:+17029433532).","updated_timestamp":{"seconds":1722195318,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T15:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T19:35:18Z","links":[],"end":"2024-08-10T09:00:00.000-0000","id":55887,"tag_ids":[46362,46744],"village_id":null,"begin_timestamp":{"seconds":1723215600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W238 (Lost & Found)","hotel":"","short_name":"W238 (Lost & Found)","id":46338},"spans_timebands":"Y","begin":"2024-08-09T15:00:00.000-0000","updated":"2024-07-28T19:35:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"All merch sales are USD CASH ONLY. No cards will be accepted.\r\n\r\nThe published hours for the merch area are only an approximation: supplies are limited, and when merch is sold out, the merch area will close for the year. (We intend to update this schedule to reflect their true operating status, but this is strictly best-effort.) \r\n\r\nNote that the closing hours here are **when sales must have ended**. For example, if sales must end by 18:00, and we estimate that it will take 2 hours to clear the queue, doors are likely to close around 16:00. Because of this dynamic nature, we can't predict the length of the line or when doors will be closed.\n\n\n","media":[],"title":"Merch (formerly swag) Area Open -- README","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"All merch sales are USD CASH ONLY. No cards will be accepted.\r\n\r\nThe published hours for the merch area are only an approximation: supplies are limited, and when merch is sold out, the merch area will close for the year. (We intend to update this schedule to reflect their true operating status, but this is strictly best-effort.) \r\n\r\nNote that the closing hours here are **when sales must have ended**. For example, if sales must end by 18:00, and we estimate that it will take 2 hours to clear the queue, doors are likely to close around 16:00. Because of this dynamic nature, we can't predict the length of the line or when doors will be closed.","updated_timestamp":{"seconds":1722140898,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T15:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T04:28:18Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55853,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723215600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W212 (DEF CON Merch)","hotel":"","short_name":"W212 (DEF CON Merch)","id":46285},"spans_timebands":"N","begin":"2024-08-09T15:00:00.000-0000","updated":"2024-07-28T04:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Our human registration process this year will be very similar to previous years. Please be patient. All of the times listed here are **approximate**. \r\n\r\n# Basics\r\n\r\n### Who needs a badge?\r\n\r\nA badge is required for each human age 8 and older.\r\n\r\n### Human?\r\n\r\nYou are a human if you do not know otherwise. People that are not humans include goons, official speaker, village/community/contest/creator staff, press, black badge holders, or similar. If you are not a human, you need to register separately. If you don't know how, see an NFO goon (NFO Node, formerly known as an infobooth, is where you can get help). The remainder of this message applies only to humans.\r\n\r\n### Lines? Linecon?\r\n\r\nLinecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)\r\n\r\nOnline badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales. \r\n\r\nPlease help us make this a great experience for everyone by **following directions given by goons**. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join. \r\n\r\n# Ways to buy a badge\r\n\r\n- $480 [online purchase](https://shop.defcon.org/products/def-con-32-las-vegas-convention-center) until August 1, 2024. Tickets are transferable. Please read the details on the linked page.\r\n- $460 cash purchase on-site.\r\n- As part of a BlackHat registration.\r\n\r\n### Online Purchase\r\n\r\nYou will be emailed a QR code to the email address provided when you bought your badge. Please guard that QR code as though it is cash -- it can only be redeemed once, and anyone can redeem it if they have it (including a photo of it). Badges are picked-up on-site -- they will not be mailed or shipped.\r\n\r\nWe can scan the QR code either from your phone's display or from a printed copy. You **must** have the QR code with you in order to obtain your badge. As you approach the front of the line, if you are going to show your QR code on an electronic device, please ensure that your display is set to maximum brightness. \r\n\r\nIf you pre-registered, but ultimately are unable to attend DEF CON and want to cancel your purchase, the **only** way to get a refund is from the original online source. We are unable to provide any refunds on-site at DEF CON. There is a fee to have your badge canceled: $34 until July 15, and $84 on and after July 15.\r\n\r\nOnline purchases are provided a receipt via email when the purchase is made.\r\n\r\nOnline purchase -- often referred to as pre-registration -- does not allow you to skip any line/queue to pick up your badge. Once you arrive on-site, you will need to join the existing line for human registration. There may or may not be a dedicated line for pre-registration badge pickup, depending on when you arrive, how long the line is, available staff, etc.\r\n\r\n### Cash Purchase\r\n\r\nBadges will be available for purchase on-site at DEF CON. All badge sales are **cash only**. No checks, money orders, credit cards, etc., will be accepted. In order to keep the registration line moving as quickly as possible, please have **exact change** ready as you near the front of the line.\r\n\r\nThere are no refunds given for cash sales. If you have any doubt about your desire to buy a badge, please refrain from doing so.\r\n\r\nWe are unable to provide printed receipts at the time of the sale. A generic receipt for the cash sale of a badge will be made available on media.defcon.org after the conference. You are welcome to print your own copy of the receipt on plain paper.\r\n\r\n### Via BlackHat \r\n\r\nIf you attend BlackHat, it is possible to purchase a DEF CON badge with your BlackHat registration. If you did so, please get your DEF CON badge from BlackHat before they close. \r\n\r\nBlackHat should send you an email with instructions for how to obtain your DEF CON badge. In case you missed it, you can go to the second floor, at the concierge desk, halfway down Black Hat Blvd.\r\n\r\n# Misc\r\n\r\nWant to buy multiple badges? No problem! We're happy to sell you however many badges you want to pay for.\r\n\r\nIf you lose your badge, there is unfortunately no way for us to replace it. You'll have to buy a replacement at full price. Please don't lose your badge. :( \r\n\r\nIf you are being accompanied by a full-time caretaker (such as someone who will push your wheelchair, and will accompany you at all times), please ask to speak to a Registration Goon. Your caretaker will receive a paper badge that will permit them to accompany you everywhere you go.\r\n\r\n# Still need help?\r\n\r\nIf you have questions about anything regarding human registration that are not addressed here, please ask to speak to a Registration Goon.\n\n\n","media":[{"hash_sha256":"8a300e1ae98ec2a54a4a5b4a5378f42ca3196613b8cfeec201265c89f74bada7","filetype":"image/webp","hash_md5":"d5dca56d644276270ebb606349e06742","name":"defcon32preregistrationartc.webp","is_logo":"Y","hash_crc32c":"4ef042a8","filesize":249642,"asset_id":815,"sort_order":1,"url":"https://info.defcon.org/blobs/defcon32preregistrationartc.webp"}],"title":"Human Registration Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-10T03:00:00Z","end_timestamp":{"seconds":1723258800,"nanoseconds":0},"android_description":"Our human registration process this year will be very similar to previous years. Please be patient. All of the times listed here are **approximate**. \r\n\r\n# Basics\r\n\r\n### Who needs a badge?\r\n\r\nA badge is required for each human age 8 and older.\r\n\r\n### Human?\r\n\r\nYou are a human if you do not know otherwise. People that are not humans include goons, official speaker, village/community/contest/creator staff, press, black badge holders, or similar. If you are not a human, you need to register separately. If you don't know how, see an NFO goon (NFO Node, formerly known as an infobooth, is where you can get help). The remainder of this message applies only to humans.\r\n\r\n### Lines? Linecon?\r\n\r\nLinecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)\r\n\r\nOnline badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales. \r\n\r\nPlease help us make this a great experience for everyone by **following directions given by goons**. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join. \r\n\r\n# Ways to buy a badge\r\n\r\n- $480 [online purchase](https://shop.defcon.org/products/def-con-32-las-vegas-convention-center) until August 1, 2024. Tickets are transferable. Please read the details on the linked page.\r\n- $460 cash purchase on-site.\r\n- As part of a BlackHat registration.\r\n\r\n### Online Purchase\r\n\r\nYou will be emailed a QR code to the email address provided when you bought your badge. Please guard that QR code as though it is cash -- it can only be redeemed once, and anyone can redeem it if they have it (including a photo of it). Badges are picked-up on-site -- they will not be mailed or shipped.\r\n\r\nWe can scan the QR code either from your phone's display or from a printed copy. You **must** have the QR code with you in order to obtain your badge. As you approach the front of the line, if you are going to show your QR code on an electronic device, please ensure that your display is set to maximum brightness. \r\n\r\nIf you pre-registered, but ultimately are unable to attend DEF CON and want to cancel your purchase, the **only** way to get a refund is from the original online source. We are unable to provide any refunds on-site at DEF CON. There is a fee to have your badge canceled: $34 until July 15, and $84 on and after July 15.\r\n\r\nOnline purchases are provided a receipt via email when the purchase is made.\r\n\r\nOnline purchase -- often referred to as pre-registration -- does not allow you to skip any line/queue to pick up your badge. Once you arrive on-site, you will need to join the existing line for human registration. There may or may not be a dedicated line for pre-registration badge pickup, depending on when you arrive, how long the line is, available staff, etc.\r\n\r\n### Cash Purchase\r\n\r\nBadges will be available for purchase on-site at DEF CON. All badge sales are **cash only**. No checks, money orders, credit cards, etc., will be accepted. In order to keep the registration line moving as quickly as possible, please have **exact change** ready as you near the front of the line.\r\n\r\nThere are no refunds given for cash sales. If you have any doubt about your desire to buy a badge, please refrain from doing so.\r\n\r\nWe are unable to provide printed receipts at the time of the sale. A generic receipt for the cash sale of a badge will be made available on media.defcon.org after the conference. You are welcome to print your own copy of the receipt on plain paper.\r\n\r\n### Via BlackHat \r\n\r\nIf you attend BlackHat, it is possible to purchase a DEF CON badge with your BlackHat registration. If you did so, please get your DEF CON badge from BlackHat before they close. \r\n\r\nBlackHat should send you an email with instructions for how to obtain your DEF CON badge. In case you missed it, you can go to the second floor, at the concierge desk, halfway down Black Hat Blvd.\r\n\r\n# Misc\r\n\r\nWant to buy multiple badges? No problem! We're happy to sell you however many badges you want to pay for.\r\n\r\nIf you lose your badge, there is unfortunately no way for us to replace it. You'll have to buy a replacement at full price. Please don't lose your badge. :( \r\n\r\nIf you are being accompanied by a full-time caretaker (such as someone who will push your wheelchair, and will accompany you at all times), please ask to speak to a Registration Goon. Your caretaker will receive a paper badge that will permit them to accompany you everywhere you go.\r\n\r\n# Still need help?\r\n\r\nIf you have questions about anything regarding human registration that are not addressed here, please ask to speak to a Registration Goon.","updated_timestamp":{"seconds":1722991207,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T15:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T00:40:07Z","links":[],"end":"2024-08-10T03:00:00.000-0000","id":54479,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723215600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"N","begin":"2024-08-09T15:00:00.000-0000","updated":"2024-08-07T00:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"At 6am on Friday, the @cycle_override crew will be hosting the 13th DEF CON Bikeride. We'll meet at a local bikeshop, get some rental bicycles, and about 7am will make the ride out to Red Rocks. It's about a 15 mile ride, all downhill on the return journey. So, if you are crazy enough to join us, get some water, and head over to cycleoverride.org for more info. See you at 6am Friday! @jp_bourget @gdead @heidishmoo.\n\n\n","media":[{"hash_sha256":"a3c9ea8716e99fd193aba0df0d895d86fa73d56fc43a6d8881f61429f7f7f723","filetype":"image/png","hash_md5":"92f33c53a49c8f11659bada4d73e1353","name":"pme_CycleOverride.png","is_logo":"Y","hash_crc32c":"8db54d64","filesize":126309,"asset_id":704,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_CycleOverride.png"}],"title":"CycleOverride DEF CON Bike Ride","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-09T13:00:00Z","end_timestamp":{"seconds":1723208400,"nanoseconds":0},"android_description":"At 6am on Friday, the @cycle_override crew will be hosting the 13th DEF CON Bikeride. We'll meet at a local bikeshop, get some rental bicycles, and about 7am will make the ride out to Red Rocks. It's about a 15 mile ride, all downhill on the return journey. So, if you are crazy enough to join us, get some water, and head over to cycleoverride.org for more info. See you at 6am Friday! @jp_bourget @gdead @heidishmoo.","updated_timestamp":{"seconds":1718994031,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T13:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-21T18:20:31Z","links":[{"label":"Twitter (@cycle_override)","type":"link","url":"https://twitter.com/cycle_override"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249645"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249644"},{"label":"More Info","type":"link","url":"https://cycleoverride.org"}],"end":"2024-08-09T13:00:00.000-0000","id":54568,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723208400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-09T13:00:00.000-0000","updated":"2024-06-21T18:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Thursday, Friday, Saturday and Sunday: 05:00 to 08:00, with random pop up meetings throughout the day in the con space.\r\n\r\nDefcon.run is an evolution of the now long running DEF CON 4x5K running event. Due to stupendous growth, we’ve been forced to change up the format. This year's activity will look to match up folks for fun runs, and rucks (!), in small distributed groups around Las Vegas. It’s the same old event but at a distributed scale!\r\n\r\nShow up in the morning, go for a run with folks, have a good time!\r\n\r\nWe’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances. Full Information at https://defcon.run\n\n\n","media":[],"title":"Defcon.run","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-09T15:00:00Z","end_timestamp":{"seconds":1723215600,"nanoseconds":0},"android_description":"Thursday, Friday, Saturday and Sunday: 05:00 to 08:00, with random pop up meetings throughout the day in the con space.\r\n\r\nDefcon.run is an evolution of the now long running DEF CON 4x5K running event. Due to stupendous growth, we’ve been forced to change up the format. This year's activity will look to match up folks for fun runs, and rucks (!), in small distributed groups around Las Vegas. It’s the same old event but at a distributed scale!\r\n\r\nShow up in the morning, go for a run with folks, have a good time!\r\n\r\nWe’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances. Full Information at https://defcon.run","updated_timestamp":{"seconds":1718813049,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T12:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T16:04:09Z","links":[{"label":"More Info","type":"link","url":"https://defcon.run"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249585"}],"end":"2024-08-09T15:00:00.000-0000","id":54513,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723204800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-09T12:00:00.000-0000","updated":"2024-06-19T16:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"- 20:00 - 21:00 - Stitcharoo\r\n- 21:00 - 22:00 - Talk Sinn\r\n- 22:00 - 23:00 - deaddoll\r\n- 23:00 - 00:00 - CaptHz\r\n- 00:00 - 01:00 - Relay\r\n- 01:00 - 02:00 - Acid-T\n\n\n","media":[{"hash_sha256":"05600af1cc79ce88b1baa92a9bf09a687e1521d888c0de77ce0b7773b5f78678","filetype":"image/png","hash_md5":"d8e195f7aebdaec57129e4edba5c8c33","name":"dc32_ae_flyer_thursday.png","is_logo":"Y","hash_crc32c":"95465452","filesize":591174,"asset_id":817,"sort_order":1,"url":"https://info.defcon.org/blobs/dc32_ae_flyer_thursday.png"}],"title":"Music Set / Entertainment (Cyberpunk Bar Thursday, ACK Stage)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#2d40ff","name":"Entertainment","updated_tsz":"2024-08-04T15:14:13Z","id":46737},"end_tsz":"2024-08-09T09:00:00Z","end_timestamp":{"seconds":1723194000,"nanoseconds":0},"android_description":"- 20:00 - 21:00 - Stitcharoo\r\n- 21:00 - 22:00 - Talk Sinn\r\n- 22:00 - 23:00 - deaddoll\r\n- 23:00 - 00:00 - CaptHz\r\n- 00:00 - 01:00 - Relay\r\n- 01:00 - 02:00 - Acid-T","updated_timestamp":{"seconds":1721791227,"nanoseconds":0},"speakers":[{"content_ids":[55328],"conference_id":133,"event_ids":[55720],"name":"Acid-T","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55880},{"content_ids":[55328],"conference_id":133,"event_ids":[55720],"name":"CaptHz","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55883},{"content_ids":[55328],"conference_id":133,"event_ids":[55720],"name":"deaddoll","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55887},{"content_ids":[55328],"conference_id":133,"event_ids":[55720],"name":"Relay","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55908},{"content_ids":[55328],"conference_id":133,"event_ids":[55720],"name":"Stitcharoo","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55911},{"content_ids":[55328],"conference_id":133,"event_ids":[55720],"name":"Talk Sinn","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55913}],"begin_tsz":"2024-08-09T03:00:00Z","timeband_id":1146,"updated_tsz":"2024-07-24T03:20:27Z","links":[{"label":"Twitter (@defcon_music)","type":"link","url":"https://twitter.com/defcon_music"},{"label":"DEF CON Music Website","type":"link","url":"https://defconmusic.org"},{"label":"Instagram","type":"link","url":"https://www.instagram.com/defcon_music/"},{"label":"Mastodon (@Defcon_Music@defcon.social)","type":"link","url":"https://defcon.social/@Defcon_Music"}],"end":"2024-08-09T09:00:00.000-0000","id":55720,"tag_ids":[46737],"village_id":null,"begin_timestamp":{"seconds":1723172400,"nanoseconds":0},"includes":"","people":[{"tag_id":46486,"sort_order":2,"person_id":55913},{"tag_id":46486,"sort_order":4,"person_id":55911},{"tag_id":46486,"sort_order":6,"person_id":55908},{"tag_id":46486,"sort_order":8,"person_id":55887},{"tag_id":46486,"sort_order":10,"person_id":55883},{"tag_id":46486,"sort_order":12,"person_id":55880}],"tags":"","conference_id":133,"location":{"parent_id":46334,"name":"LVCC - L1 - North Lobby Contests/ACK Stage","hotel":"","short_name":"North Lobby Contests/ACK Stage","id":46332},"spans_timebands":"Y","begin":"2024-08-09T03:00:00.000-0000","updated":"2024-07-24T03:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"- 20:00 - 21:00 - Daemon Chadeau\r\n- 21:00 - 22:00 - DotOrNot\r\n- 22:00 - 23:00 - PatAttack\r\n- 23:00 - 00:00 - DJ Vulp\r\n- 00:00 - 01:00 - CTRL / rsm\r\n- 01:00 - 02:00 - Grind613\n\n\n","media":[{"hash_sha256":"05600af1cc79ce88b1baa92a9bf09a687e1521d888c0de77ce0b7773b5f78678","filetype":"image/png","hash_md5":"d8e195f7aebdaec57129e4edba5c8c33","name":"dc32_ae_flyer_thursday.png","is_logo":"Y","hash_crc32c":"95465452","filesize":591174,"asset_id":817,"sort_order":0,"url":"https://info.defcon.org/blobs/dc32_ae_flyer_thursday.png"}],"title":"Music Set / Entertainment (Thursday, SYN Stage)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#2d40ff","name":"Entertainment","updated_tsz":"2024-08-04T15:14:13Z","id":46737},"end_tsz":"2024-08-09T09:00:00Z","end_timestamp":{"seconds":1723194000,"nanoseconds":0},"android_description":"- 20:00 - 21:00 - Daemon Chadeau\r\n- 21:00 - 22:00 - DotOrNot\r\n- 22:00 - 23:00 - PatAttack\r\n- 23:00 - 00:00 - DJ Vulp\r\n- 00:00 - 01:00 - CTRL / rsm\r\n- 01:00 - 02:00 - Grind613","updated_timestamp":{"seconds":1721791223,"nanoseconds":0},"speakers":[{"content_ids":[55323],"conference_id":133,"event_ids":[55715],"name":"CTRL / rsm","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55885},{"content_ids":[55323],"conference_id":133,"event_ids":[55715],"name":"Daemon Chadeau","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55886},{"content_ids":[55323],"conference_id":133,"event_ids":[55715],"name":"DJ Vulp","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55891},{"content_ids":[55323],"conference_id":133,"event_ids":[55715],"name":"DotOrNot","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55892},{"content_ids":[55323],"conference_id":133,"event_ids":[55715],"name":"Grind613","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55894},{"content_ids":[55323],"conference_id":133,"event_ids":[55715],"name":"PatAttack","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55907}],"begin_tsz":"2024-08-09T03:00:00Z","timeband_id":1146,"updated_tsz":"2024-07-24T03:20:23Z","links":[{"label":"DEF CON Music Website","type":"link","url":"https://defconmusic.org"},{"label":"Twitter (@defcon_music)","type":"link","url":"https://twitter.com/defcon_music"},{"label":"Instagram","type":"link","url":"https://www.instagram.com/defcon_music/"},{"label":"Mastodon (@Defcon_Music@defcon.social)","type":"link","url":"https://defcon.social/@Defcon_Music"}],"end":"2024-08-09T09:00:00.000-0000","id":55715,"tag_ids":[46737],"village_id":null,"begin_timestamp":{"seconds":1723172400,"nanoseconds":0},"includes":"","people":[{"tag_id":46486,"sort_order":2,"person_id":55907},{"tag_id":46486,"sort_order":4,"person_id":55894},{"tag_id":46486,"sort_order":6,"person_id":55892},{"tag_id":46486,"sort_order":8,"person_id":55891},{"tag_id":46486,"sort_order":10,"person_id":55886},{"tag_id":46486,"sort_order":12,"person_id":55885}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W231-W233 (Chillout 2)","hotel":"","short_name":"W231-W233 (Chillout 2)","id":46316},"spans_timebands":"Y","begin":"2024-08-09T03:00:00.000-0000","updated":"2024-07-24T03:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join the local DC702 Group in this year's official DEF CON Meetup! The meetup will be casual and include typical meetup activities (e.g., socializing, \"challenges,\" lockpicking, etc.) and maybe a few little surprises. To stay up-to-date, check out dc702.space/dc32-meetup.\n\n\n","media":[{"hash_sha256":"0a2ec8b43317591c8e34ca3ad440567270db9db2937204aa2fe15864e75394a2","filetype":"image/png","hash_md5":"d5e1cf3f7e09b6c7bc6a396fac911630","name":"pme_dc702.png","is_logo":"Y","hash_crc32c":"61276d0f","filesize":111166,"asset_id":674,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_dc702.png"}],"title":"DC702","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-09T04:00:00Z","end_timestamp":{"seconds":1723176000,"nanoseconds":0},"android_description":"Join the local DC702 Group in this year's official DEF CON Meetup! The meetup will be casual and include typical meetup activities (e.g., socializing, \"challenges,\" lockpicking, etc.) and maybe a few little surprises. To stay up-to-date, check out dc702.space/dc32-meetup.","updated_timestamp":{"seconds":1718813292,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T02:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-19T16:08:12Z","links":[{"label":"Discord","type":"link","url":"https://discord.gg/dc702"},{"label":"Twitter (@its_dc702)","type":"link","url":"https://twitter.com/its_dc702"},{"label":"More Info","type":"link","url":"https://dc702.space"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249577"}],"end":"2024-08-09T04:00:00.000-0000","id":54519,"tag_ids":[46364],"village_id":null,"begin_timestamp":{"seconds":1723168800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W236","hotel":"","short_name":"W236","id":46293},"spans_timebands":"N","begin":"2024-08-09T02:00:00.000-0000","updated":"2024-06-19T16:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00\n\n\n","media":[],"title":"Friends of Bill W","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-09T01:00:00Z","end_timestamp":{"seconds":1723165200,"nanoseconds":0},"android_description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00","updated_timestamp":{"seconds":1718771079,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T00:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-19T04:24:39Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249486"}],"end":"2024-08-09T01:00:00.000-0000","id":54488,"tag_ids":[46364,46401],"village_id":null,"begin_timestamp":{"seconds":1723161600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W301","hotel":"","short_name":"W301","id":46295},"spans_timebands":"N","begin":"2024-08-09T00:00:00.000-0000","updated":"2024-06-19T04:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We start taking drives at 4:00pm local time on Thursday - possibly a little earlier. We'll keep accepting drives until we reach capacity (usually late Friday or early Saturday).  Then we copy and copy all the things until we just can't copy any more - first come, first served. Don't forget - some require 8TB drives now.  We run around the clock until we run out of time on Sunday morning with the last possible pickup being before 11:00am on Sunday.\r\n\r\n# About Us\r\n\r\nThe Data Duplication Village has all the updated bits and bytes available from infocon.org packed up into nice, neat packages. If you're looking for a copy of all the things, we've got what you need to fill up all your storage including a few nice hash tables and all of the DefCon talks. Add to that just about every other security con talk known to hacker-kind! Our village provides a \"free-to-you\" service of direct access to terabytes of useful data to help build those hacking skills and talk with other storage enthusiasts.\r\n\r\nCheck the schedule and/or dcddv.org for the most up-to-date information.\r\n\r\n## How It Works\r\n\r\nThe DDV provides a core set of drive duplicators and data content options. We accept 8TB and larger drives on a first come, first served basis and duplicate 'till we can no longer see straight. Bring in your blank SATA3 drives - check them in early - to get the data you want. Come back in about 24 hours to pick up your data-packed drive. Space allowing, we'll accept drives all the way through until Saturday morning - but remember, it's FIFO - get those drives in early!\r\n\r\n## What You Get\r\n\r\nWe're working on more content right up until the last minute so keep checking on dcddv.org for the latest. This year, we're adding new data to duplicate! Humans will be able to choose from the following data sources for duplication:\r\n\r\n- A) Infocon.org Archive - 6TB archive of all the past hacking convention videos that DT could find, built on last years collection and always adding more for your data consuming appetite.\r\n- B) Rainbow tables 1 of 3 - 6TB from freerainbowtables.com, the Lanman, MSQLSHA1, and NTLM hash tables plus freerainbowtables.com tools\r\n- C) Rainbow tables 2 of 3 - 6TB from freerainbowtables.com, the A5/1 GSM, and MD5 tables plus freerainbowtables.com tools\r\n- D) Vx Underground Archive - 8TB archive of the latest papers, samples, and code from Vx Underground\r\n- E) Rainbow tables 3 of 3 - 8TB of New NTLM-9 hash tables and a copy of the Infocon.org mirrors\r\n\n\n\n","media":[],"title":"DDV starts accepting drives for duplication","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T03:00:00Z","end_timestamp":{"seconds":1723172400,"nanoseconds":0},"android_description":"We start taking drives at 4:00pm local time on Thursday - possibly a little earlier. We'll keep accepting drives until we reach capacity (usually late Friday or early Saturday).  Then we copy and copy all the things until we just can't copy any more - first come, first served. Don't forget - some require 8TB drives now.  We run around the clock until we run out of time on Sunday morning with the last possible pickup being before 11:00am on Sunday.\r\n\r\n# About Us\r\n\r\nThe Data Duplication Village has all the updated bits and bytes available from infocon.org packed up into nice, neat packages. If you're looking for a copy of all the things, we've got what you need to fill up all your storage including a few nice hash tables and all of the DefCon talks. Add to that just about every other security con talk known to hacker-kind! Our village provides a \"free-to-you\" service of direct access to terabytes of useful data to help build those hacking skills and talk with other storage enthusiasts.\r\n\r\nCheck the schedule and/or dcddv.org for the most up-to-date information.\r\n\r\n## How It Works\r\n\r\nThe DDV provides a core set of drive duplicators and data content options. We accept 8TB and larger drives on a first come, first served basis and duplicate 'till we can no longer see straight. Bring in your blank SATA3 drives - check them in early - to get the data you want. Come back in about 24 hours to pick up your data-packed drive. Space allowing, we'll accept drives all the way through until Saturday morning - but remember, it's FIFO - get those drives in early!\r\n\r\n## What You Get\r\n\r\nWe're working on more content right up until the last minute so keep checking on dcddv.org for the latest. This year, we're adding new data to duplicate! Humans will be able to choose from the following data sources for duplication:\r\n\r\n- A) Infocon.org Archive - 6TB archive of all the past hacking convention videos that DT could find, built on last years collection and always adding more for your data consuming appetite.\r\n- B) Rainbow tables 1 of 3 - 6TB from freerainbowtables.com, the Lanman, MSQLSHA1, and NTLM hash tables plus freerainbowtables.com tools\r\n- C) Rainbow tables 2 of 3 - 6TB from freerainbowtables.com, the A5/1 GSM, and MD5 tables plus freerainbowtables.com tools\r\n- D) Vx Underground Archive - 8TB archive of the latest papers, samples, and code from Vx Underground\r\n- E) Rainbow tables 3 of 3 - 8TB of New NTLM-9 hash tables and a copy of the Infocon.org mirrors","updated_timestamp":{"seconds":1722478157,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T23:00:00Z","timeband_id":1146,"updated_tsz":"2024-08-01T02:09:17Z","links":[{"label":"More Info","type":"link","url":"https://dcddv.org/"}],"end":"2024-08-09T03:00:00.000-0000","id":55186,"tag_ids":[46378,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723158000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W225","hotel":"","short_name":"W225","id":46291},"spans_timebands":"N","begin":"2024-08-08T23:00:00.000-0000","updated":"2024-08-01T02:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come by this informal mixer to meet others in the lgbtqia+ community who are a part of this wonderful world that is InfoSec. This is a safe and inclusive space to meet and talk to others with your shared experience and is a nice environment to network and unwind with a drink.\n\n\n","media":[{"hash_sha256":"2656c5ebc25f87c2aace541797f643642da570a63fff5f24da518c3d6d472944","filetype":"image/png","hash_md5":"ed87e0dc24f65f5259a7bdff54921872","name":"pme_queercon-mixer.png","is_logo":"Y","hash_crc32c":"f9440803","filesize":140037,"asset_id":682,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_queercon-mixer.png"}],"title":"QueerCon Mixer","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-09T01:00:00Z","end_timestamp":{"seconds":1723165200,"nanoseconds":0},"android_description":"Come by this informal mixer to meet others in the lgbtqia+ community who are a part of this wonderful world that is InfoSec. This is a safe and inclusive space to meet and talk to others with your shared experience and is a nice environment to network and unwind with a drink.","updated_timestamp":{"seconds":1718813154,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T23:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-19T16:05:54Z","links":[{"label":"Twitter (@queercon)","type":"link","url":"https://twitter.com/queercon"},{"label":"Discord","type":"link","url":"https://queercon.lgbt/discord"},{"label":"Website","type":"link","url":"https://queercon.org"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249580"}],"end":"2024-08-09T01:00:00.000-0000","id":54516,"tag_ids":[46364],"village_id":null,"begin_timestamp":{"seconds":1723158000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W231-W233 (Chillout 2)","hotel":"","short_name":"W231-W233 (Chillout 2)","id":46316},"spans_timebands":"N","begin":"2024-08-08T23:00:00.000-0000","updated":"2024-06-19T16:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The humans of Vegas invite you to our unofficial welcome party. Whether it's your 1st or 18th time, we're still in the EXACT SAME PLACE. Join us off-Strip in the shade for a volunteer-run grill and chill.\r\n\r\nWe stock the larder with the basics: burgers, dogs, meatless delights, and all the fixin's. You procure your favorite food, drinks, and sides to keep the party going. Volunteer for setup, grill-up, or clean-up. Most of all, show up and become a part of what makes Toxic BBQ the best place to start your con.\r\n\r\nCheck out https://www.toxicbbq.org for more news, and watch #ToxicBBQ for the latest info.\r\n\r\nOff-site at Sunset Park, Foxtail Pavilion\r\n\n\n\n","media":[{"hash_sha256":"d82a3aaff537d8eb0c4090fd1b2785b8f88de57da832f530214f47c8730836bf","filetype":"image/png","hash_md5":"8a573faae0261f1884a621629c635034","name":"pme_toxicbbq.png","is_logo":"Y","hash_crc32c":"e430b22b","filesize":123934,"asset_id":686,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_toxicbbq.png"}],"title":"Toxic BBQ","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-09T04:00:00Z","end_timestamp":{"seconds":1723176000,"nanoseconds":0},"android_description":"The humans of Vegas invite you to our unofficial welcome party. Whether it's your 1st or 18th time, we're still in the EXACT SAME PLACE. Join us off-Strip in the shade for a volunteer-run grill and chill.\r\n\r\nWe stock the larder with the basics: burgers, dogs, meatless delights, and all the fixin's. You procure your favorite food, drinks, and sides to keep the party going. Volunteer for setup, grill-up, or clean-up. Most of all, show up and become a part of what makes Toxic BBQ the best place to start your con.\r\n\r\nCheck out https://www.toxicbbq.org for more news, and watch #ToxicBBQ for the latest info.\r\n\r\nOff-site at Sunset Park, Foxtail Pavilion","updated_timestamp":{"seconds":1718812960,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T22:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-19T16:02:40Z","links":[{"label":"More Info","type":"link","url":"https://www.toxicbbq.org/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249587"}],"end":"2024-08-09T04:00:00.000-0000","id":54511,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723154400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-08T22:00:00.000-0000","updated":"2024-06-19T16:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Command and Control (C2) play a crucial role for Red Teams and Advanced Persistent Threats (APTs), establishing persistent access and control over targeted networks. This workshop offers an in-depth exploration of the C2 frameworks, with a specific focus on the open-source Empire framework. Participants will gain valuable insights into the deployment, features, and real-world application of C2 in offensive security. Attendees will learn how to leverage Empire to create, customize, and execute advanced attack scenarios, honing their skills as red team operators. \nThrough practical exercises, attendees will learn to navigate the Empire framework, from basic setup to deploying sophisticated C2 infrastructures. The workshop covers key aspects such as listener configurations, agent management, and the utilization of Empire's diverse modules for effective post-exploitation. A unique feature of this training is the inclusion of a mini Capture-The-Flag (CTF) challenge, offering participants a hands-on opportunity to apply their skills in a controlled, competitive environment. \nBy the conclusion of this workshop, participants will be equipped with the knowledge and skills to leverage the Empire framework effectively in their red team operations, enhancing their capabilities in conducting advanced cyber attacks and navigating the complexities of modern cybersecurity landscapes. \nKey Workshop Highlights: \nComprehensive Introduction to Empire: Gain a solid understanding of Empire's capabilities, setup procedures, and its role in modern offensive operations. \nHands-On Deployment and Configuration: Learn through doing, with exercises designed to build proficiency in configuring Empire, managing agents, and customizing listeners. \nAdvanced Attack Scenarios: Delve into sophisticated techniques for post-exploitation, credential harvesting, and evasion, enhancing your arsenal as a red team operator. \nReal-World Application: Translate workshop learnings into actionable skills through a mini CTF challenge, simulating real-world offensive scenarios in a cloud-hosted environment. \n\n\n","media":[],"title":"Long Live Empire: A C2 Workshop for Modern Red Teaming","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-09T01:00:00Z","end_timestamp":{"seconds":1723165200,"nanoseconds":0},"android_description":"Command and Control (C2) play a crucial role for Red Teams and Advanced Persistent Threats (APTs), establishing persistent access and control over targeted networks. This workshop offers an in-depth exploration of the C2 frameworks, with a specific focus on the open-source Empire framework. Participants will gain valuable insights into the deployment, features, and real-world application of C2 in offensive security. Attendees will learn how to leverage Empire to create, customize, and execute advanced attack scenarios, honing their skills as red team operators. \nThrough practical exercises, attendees will learn to navigate the Empire framework, from basic setup to deploying sophisticated C2 infrastructures. The workshop covers key aspects such as listener configurations, agent management, and the utilization of Empire's diverse modules for effective post-exploitation. A unique feature of this training is the inclusion of a mini Capture-The-Flag (CTF) challenge, offering participants a hands-on opportunity to apply their skills in a controlled, competitive environment. \nBy the conclusion of this workshop, participants will be equipped with the knowledge and skills to leverage the Empire framework effectively in their red team operations, enhancing their capabilities in conducting advanced cyber attacks and navigating the complexities of modern cybersecurity landscapes. \nKey Workshop Highlights: \nComprehensive Introduction to Empire: Gain a solid understanding of Empire's capabilities, setup procedures, and its role in modern offensive operations. \nHands-On Deployment and Configuration: Learn through doing, with exercises designed to build proficiency in configuring Empire, managing agents, and customizing listeners. \nAdvanced Attack Scenarios: Delve into sophisticated techniques for post-exploitation, credential harvesting, and evasion, enhancing your arsenal as a red team operator. \nReal-World Application: Translate workshop learnings into actionable skills through a mini CTF challenge, simulating real-world offensive scenarios in a cloud-hosted environment.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54216,54196],"conference_id":133,"event_ids":[54565,54589],"name":"Jake “Hubble” Krasnov","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"BC Security","title":"Red Team Operations Lead and Chief Executive Officer"}],"pronouns":null,"links":[{"description":"","title":"Blog","sort_order":0,"url":"https://www.bc-security.org/blog/"}],"media":[],"id":53742,"title":"Red Team Operations Lead and Chief Executive Officer at BC Security"},{"content_ids":[54216,55274],"conference_id":133,"event_ids":[55664,54589],"name":"Kevin \"Kent\" Clark","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"BC Security","title":"Red Team Instructor"},{"organization":"TrustedSec","title":"Security Consultant"}],"pronouns":null,"links":[{"description":"","title":"Blog","sort_order":0,"url":"https://henpeebin.com/kevin/blog"}],"media":[],"id":53853,"title":"Security Consultant at TrustedSec"},{"content_ids":[54216],"conference_id":133,"event_ids":[54589],"name":"Rey \"Privesc\" Bango","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":"Principal Cloud Advocate"}],"links":[],"pronouns":null,"media":[],"id":53863,"title":"Principal Cloud Advocate at Microsoft"}],"begin_tsz":"2024-08-08T21:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Krasnov_DC32.eventbrite.com"}],"end":"2024-08-09T01:00:00.000-0000","id":54589,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723150800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":53742},{"tag_id":46167,"sort_order":6,"person_id":53853},{"tag_id":46167,"sort_order":8,"person_id":53863}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Desert Inn","hotel":"","short_name":"Desert Inn","id":46328},"spans_timebands":"N","begin":"2024-08-08T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the 201 version of Hide your kids, turn off your Wi-Fi, they Rogue APing up in here, we will launch the next level of attacks using Rogue APs and other wireless tools. We will look into different ways to attack wireless networks and leverage credentials harvested to gain a foothold, PITM, deliver payloads, and demonstrate impact to the client. During the workshop we will walk through different attacks against OPEN, WPA2, and 802.1X networks. During the CTF participants will have the chance to attack a simulated client network to leverage the attacks learned during the workshop. We will be using EAPHAMMER, BERATE_AP, WIFIPUMPKIN3, BETTERCAP, and RESPONDER. This workshop will be at the Intermediate level(all skill levels welcome), participants should have a solid knowledge of Linux, 802.11, networking, and using virtual machines. It is recommended that all students use the provided VM.\n\n\n","media":[],"title":"Hide your kids, turn off your Wi-Fi, they Rogue APing up in here; 201","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-09T01:00:00Z","end_timestamp":{"seconds":1723165200,"nanoseconds":0},"android_description":"In the 201 version of Hide your kids, turn off your Wi-Fi, they Rogue APing up in here, we will launch the next level of attacks using Rogue APs and other wireless tools. We will look into different ways to attack wireless networks and leverage credentials harvested to gain a foothold, PITM, deliver payloads, and demonstrate impact to the client. During the workshop we will walk through different attacks against OPEN, WPA2, and 802.1X networks. During the CTF participants will have the chance to attack a simulated client network to leverage the attacks learned during the workshop. We will be using EAPHAMMER, BERATE_AP, WIFIPUMPKIN3, BETTERCAP, and RESPONDER. This workshop will be at the Intermediate level(all skill levels welcome), participants should have a solid knowledge of Linux, 802.11, networking, and using virtual machines. It is recommended that all students use the provided VM.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54215],"conference_id":133,"event_ids":[54588],"name":"James Hawk","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google Public Sector","title":"Senior Consultant, Proactive Services"}],"links":[],"pronouns":"he/him","media":[],"id":53847,"title":"Senior Consultant, Proactive Services at Google Public Sector"}],"begin_tsz":"2024-08-08T21:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Hawk_DC32.eventbrite.com"}],"end":"2024-08-09T01:00:00.000-0000","id":54588,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723150800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53847}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Sands","hotel":"","short_name":"Sands","id":46331},"spans_timebands":"N","begin":"2024-08-08T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Red and blue are two sides of the same coin. Offensive and defensive teams deliver the best results when working together; sharing knowledge, ideas, and understanding with each other. And a core part of this information exchange is understanding each respective perspective. This is the overarching theme of the workshop; attackers thinking like defenders, and defenders thinking like attackers.\r\n\r\nThis workshop is the second version of Flipping the Coin and features upgraded attack paths, and lab environments.\r\n\r\nBy the end of the workshop, attendees will:\r\n\r\n1. Understand and perform common offensive attacks (supported by the Metasploit Framework) against Windows Domains, including:\r\n- Pass the Hash attacks;\r\n- gMSA Golden Attack;\r\n- ADCS abuse;\r\n- Common tunnelling techniques;\r\n- PrintSpoofer exploits;\r\n- LSASS exploitation (using Mimikatz);\r\n- AD enumeration (using BloodHound);\r\n- DACL abuse;\r\n- Kerberos golden tickets; and\r\n- DLL hijacking.\r\n\r\n2. Understand the process of detecting attacks against Windows infrastructure, including how to design and implement their own detection rules based on attendees’ previous attacks, using:\r\n- Sigma/Yara rules.\r\n- Log ingestion/normalisation platforms, and query engines (e.g. ELK).\r\n\r\n3. Understand and appreciate how the actions and processes of red and blue teams are interlinked, for the greater collective good.\r\n\r\nRecommended (but not required) prior reading:\r\n- https://nooblinux.com/metasploit-tutorial/\r\n- https://posts.specterops.io/introducing-bloodhound-enterprise-attack-path-management-for-everyone-39cfd8d6eb7c\r\n- https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview\r\n- https://socprime.com/blog/sigma-rules-the-beginners-guide/\r\n- https://github.com/socprime/SigmaUI\r\n- https://blog.netwrix.com/2021/11/30/how-to-detect-pass-the-hash-attacks/\r\n- https://posts.specterops.io/certified-pre-owned-d95910965cd2\r\n- https://www.elastic.co/guide/en/security/current/suspicious-print-spooler-point-and-print-dll.html\r\n\r\nMuch of the material and core concepts of the workshop remain the same from the DEF CON 31 workshop with some updated topics for DEF CON 32, including an updated environment, and gMSA attacks within the lab.\r\n\n\n\n","media":[],"title":"Flipping the Coin: Red and Blue Teaming in Windows Environments (++)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-09T01:00:00Z","end_timestamp":{"seconds":1723165200,"nanoseconds":0},"android_description":"Red and blue are two sides of the same coin. Offensive and defensive teams deliver the best results when working together; sharing knowledge, ideas, and understanding with each other. And a core part of this information exchange is understanding each respective perspective. This is the overarching theme of the workshop; attackers thinking like defenders, and defenders thinking like attackers.\r\n\r\nThis workshop is the second version of Flipping the Coin and features upgraded attack paths, and lab environments.\r\n\r\nBy the end of the workshop, attendees will:\r\n\r\n1. Understand and perform common offensive attacks (supported by the Metasploit Framework) against Windows Domains, including:\r\n- Pass the Hash attacks;\r\n- gMSA Golden Attack;\r\n- ADCS abuse;\r\n- Common tunnelling techniques;\r\n- PrintSpoofer exploits;\r\n- LSASS exploitation (using Mimikatz);\r\n- AD enumeration (using BloodHound);\r\n- DACL abuse;\r\n- Kerberos golden tickets; and\r\n- DLL hijacking.\r\n\r\n2. Understand the process of detecting attacks against Windows infrastructure, including how to design and implement their own detection rules based on attendees’ previous attacks, using:\r\n- Sigma/Yara rules.\r\n- Log ingestion/normalisation platforms, and query engines (e.g. ELK).\r\n\r\n3. Understand and appreciate how the actions and processes of red and blue teams are interlinked, for the greater collective good.\r\n\r\nRecommended (but not required) prior reading:\r\n- https://nooblinux.com/metasploit-tutorial/\r\n- https://posts.specterops.io/introducing-bloodhound-enterprise-attack-path-management-for-everyone-39cfd8d6eb7c\r\n- https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview\r\n- https://socprime.com/blog/sigma-rules-the-beginners-guide/\r\n- https://github.com/socprime/SigmaUI\r\n- https://blog.netwrix.com/2021/11/30/how-to-detect-pass-the-hash-attacks/\r\n- https://posts.specterops.io/certified-pre-owned-d95910965cd2\r\n- https://www.elastic.co/guide/en/security/current/suspicious-print-spooler-point-and-print-dll.html\r\n\r\nMuch of the material and core concepts of the workshop remain the same from the DEF CON 31 workshop with some updated topics for DEF CON 32, including an updated environment, and gMSA attacks within the lab.","updated_timestamp":{"seconds":1719543170,"nanoseconds":0},"speakers":[{"content_ids":[54214],"conference_id":133,"event_ids":[54587],"name":"Angus Strom","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Senior Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@0x10f2c_)","sort_order":0,"url":"https://twitter.com/0x10f2c_"}],"media":[],"id":53833,"title":"Senior Security Engineer"},{"content_ids":[54214,54217],"conference_id":133,"event_ids":[54587,54590],"name":"Troy Defty","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Security Engineering Manager"}],"links":[],"pronouns":null,"media":[],"id":53872,"title":"Security Engineering Manager"}],"begin_tsz":"2024-08-08T21:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-28T02:52:50Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Strom_DC32.eventbrite.com"}],"end":"2024-08-09T01:00:00.000-0000","id":54587,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723150800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53833},{"tag_id":46167,"sort_order":1,"person_id":53872}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dean Martin","hotel":"","short_name":"Dean Martin","id":46327},"spans_timebands":"N","begin":"2024-08-08T21:00:00.000-0000","updated":"2024-06-28T02:52:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The workshop will walk through a number of state of the art techniques used for detection and will show the process of thinking used to research and develop cutting-edge evasion techniques. We will dive deep into interesting aspects of Windows and AV internals with respect to malware development.\nThe focus will be on the mindset used to defeat security products starting with the analysis of a variety of detection mechanisms and ending with the final development of countermeasures. Moreover, the training will contain a number of live demonstrations to practically show how to apply those concepts and how to integrate them, showing how to develop evasive implants and post-exploitation tools.\nBy altering the fundamental rules of engagement, we can confound EDR systems and reshape their perception of the digital environment.\nThe workshop will dig deep into the internals of certain aspects of AV/EDRs and the Windows operating system to identify the area to exploit to lower the detection rate, it will involve the usage of Visual Studio and debuggers.\n\n\n","media":[],"title":"Dodging the EDR Bullet: A Workshop on Malware Stealth Tactics","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-09T01:00:00Z","end_timestamp":{"seconds":1723165200,"nanoseconds":0},"android_description":"The workshop will walk through a number of state of the art techniques used for detection and will show the process of thinking used to research and develop cutting-edge evasion techniques. We will dive deep into interesting aspects of Windows and AV internals with respect to malware development.\nThe focus will be on the mindset used to defeat security products starting with the analysis of a variety of detection mechanisms and ending with the final development of countermeasures. Moreover, the training will contain a number of live demonstrations to practically show how to apply those concepts and how to integrate them, showing how to develop evasive implants and post-exploitation tools.\nBy altering the fundamental rules of engagement, we can confound EDR systems and reshape their perception of the digital environment.\nThe workshop will dig deep into the internals of certain aspects of AV/EDRs and the Windows operating system to identify the area to exploit to lower the detection rate, it will involve the usage of Visual Studio and debuggers.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54213],"conference_id":133,"event_ids":[54586],"name":"Dimitri Di Cristofaro","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SECFORCE LTD","title":"Senior Security Consultant and Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@d_glenx)","sort_order":0,"url":"https://twitter.com/d_glenx"}],"media":[],"id":53837,"title":"Senior Security Consultant and Researcher at SECFORCE LTD"},{"content_ids":[54213],"conference_id":133,"event_ids":[54586],"name":"Giorgio \"gbyolo\" Bernardinetti","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"CNIT","title":"Lead Researcher, System Securitiy Division"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@gbyolo)","sort_order":0,"url":"https://twitter.com/gbyolo"}],"media":[],"id":53843,"title":"Lead Researcher, System Securitiy Division at CNIT"}],"begin_tsz":"2024-08-08T21:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Cristofaro_DC32.eventbrite.com"}],"end":"2024-08-09T01:00:00.000-0000","id":54586,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723150800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53837},{"tag_id":46167,"sort_order":1,"person_id":53843}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Frontier","hotel":"","short_name":"Frontier","id":46330},"spans_timebands":"N","begin":"2024-08-08T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Assembly language has a reputation for being intimidating, but once\nyou learn the basics--and know how to read the documentation for the\nrest--there's nothing you can't follow. There are many interesting\nfields of study in computer security that depend on the \"\"closer to the\nmetal\"\" knowledge you'll gain from learning to code in assembly:\n- Software reverse engineering\n- Vulnerability and exploit research\n- Malware/implant development\n- Digital forensics\n...among others. There is no substitute for the confidence that you\ngain from being able to research and understand computer systems at\nlower levels of abstraction.\nThe purpose of this workshop is to introduce Intel x64 assembly language to the attendees. We will be using the Microsoft Macro Assembler, and we will be examining our code step-by-step in the x64dbg debugger. No prior programming experience is required--we will be working on things from first principles. There will be few slides.\nConcepts will be presented primarily within the x64dbg environment, with a focus on experimentation and using primary documentation. Attendees can follow along with their own laptops and programming environments.\nWe will cover the following topics:\n- Assembling and linking code\n- The execution environment of x64 programs\n- Memory\n- Registers\n- A wide variety of instructions\n- Addressing modes\n- How to read instruction documentation in the Intel manuals\n- Moving data around\n- Stack operations\n- x64 ABI and calling conventions\n- Representing data\n- Integer math\n- Program flow: conditional execution, loops\n- Leveraging the Windows API\n- How to read MSDN articles on Windows API functions\n- Resources for reference and future learning\n\n\n","media":[],"title":"64-bit Intel Assembly Language Programming for Hackers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-09T01:00:00Z","end_timestamp":{"seconds":1723165200,"nanoseconds":0},"android_description":"Assembly language has a reputation for being intimidating, but once\nyou learn the basics--and know how to read the documentation for the\nrest--there's nothing you can't follow. There are many interesting\nfields of study in computer security that depend on the \"\"closer to the\nmetal\"\" knowledge you'll gain from learning to code in assembly:\n- Software reverse engineering\n- Vulnerability and exploit research\n- Malware/implant development\n- Digital forensics\n...among others. There is no substitute for the confidence that you\ngain from being able to research and understand computer systems at\nlower levels of abstraction.\nThe purpose of this workshop is to introduce Intel x64 assembly language to the attendees. We will be using the Microsoft Macro Assembler, and we will be examining our code step-by-step in the x64dbg debugger. No prior programming experience is required--we will be working on things from first principles. There will be few slides.\nConcepts will be presented primarily within the x64dbg environment, with a focus on experimentation and using primary documentation. Attendees can follow along with their own laptops and programming environments.\nWe will cover the following topics:\n- Assembling and linking code\n- The execution environment of x64 programs\n- Memory\n- Registers\n- A wide variety of instructions\n- Addressing modes\n- How to read instruction documentation in the Intel manuals\n- Moving data around\n- Stack operations\n- x64 ABI and calling conventions\n- Representing data\n- Integer math\n- Program flow: conditional execution, loops\n- Leveraging the Windows API\n- How to read MSDN articles on Windows API functions\n- Resources for reference and future learning","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[55326,54479,54212],"conference_id":133,"event_ids":[55718,54585,54852],"name":"Wesley McGrew","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MartinFederal","title":"Senior Cybersecurity Fellow"}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@mcgrew@defcon.social)","sort_order":0,"url":"https://defcon.social/@mcgrew"},{"description":"","title":"MixCloud","sort_order":0,"url":"https://www.mixcloud.com/wesmcgrew/stream/"},{"description":"","title":"Twitter (@McGrewSecurity)","sort_order":0,"url":"https://twitter.com/McGrewSecurity"}],"media":[],"id":54044,"title":"Senior Cybersecurity Fellow at MartinFederal"}],"begin_tsz":"2024-08-08T21:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://McGrew_DC32.eventbrite.com"}],"end":"2024-08-09T01:00:00.000-0000","id":54585,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723150800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":4,"person_id":54044}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dunes","hotel":"","short_name":"Dunes","id":46329},"spans_timebands":"N","begin":"2024-08-08T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hybrid Contest\r\nOn-site Hours: Friday and Saturday 10:00-18:00; Sunday: 10:00-12:00\r\nBecomes available online Thursday 12:00\r\nOnline and In-Person platforms will close Sunday 12:00\r\nPlayers will only be able to turn in scavenger hunt items during On-site Hours.\r\n\r\nThis Pac-Man themed set of challenges takes Players on a journey through learning and demonstrating hacker and information security skills to earn points. With multiple subject-matter specific challenge groups and tracks, this hacker challenge game has something for everyone. You, dear Player, are Hac-Man (or Ms. Hac-Man, or Hac-Person), making your way through various dark mazes eating pellets, fruit, and ghosts. Each ghost represents a hacker puzzle or skills challenge. Upon completing each challenge, you’ll be awarded points and can continue on to attempt further challenges. Many challenges have unlockable hints and location information, which you can unlock by spending your collected fruit.\r\n\r\nThere is a leaderboard! As you collect points, you’ll show up on this leaderboard. The top 10 Players at the end of the game will be awarded various prizes from a prize pool.\n\n\n","media":[{"hash_sha256":"cc6847194df5b5f393d21dbe7eae61dd116d6ba9425fa3ecf526ffe8e72fcd79","filetype":"image/png","hash_md5":"a8e899829eca14ba61dacae2a6508d0a","name":"ct_hac-man_v2.png","is_logo":"Y","hash_crc32c":"e972f1c8","filesize":99075,"asset_id":782,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hac-man_v2.png"}],"title":"Hac-Man","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Hybrid Contest\r\nOn-site Hours: Friday and Saturday 10:00-18:00; Sunday: 10:00-12:00\r\nBecomes available online Thursday 12:00\r\nOnline and In-Person platforms will close Sunday 12:00\r\nPlayers will only be able to turn in scavenger hunt items during On-site Hours.\r\n\r\nThis Pac-Man themed set of challenges takes Players on a journey through learning and demonstrating hacker and information security skills to earn points. With multiple subject-matter specific challenge groups and tracks, this hacker challenge game has something for everyone. You, dear Player, are Hac-Man (or Ms. Hac-Man, or Hac-Person), making your way through various dark mazes eating pellets, fruit, and ghosts. Each ghost represents a hacker puzzle or skills challenge. Upon completing each challenge, you’ll be awarded points and can continue on to attempt further challenges. Many challenges have unlockable hints and location information, which you can unlock by spending your collected fruit.\r\n\r\nThere is a leaderboard! As you collect points, you’ll show up on this leaderboard. The top 10 Players at the end of the game will be awarded various prizes from a prize pool.","updated_timestamp":{"seconds":1722309229,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T19:00:00Z","timeband_id":1146,"updated_tsz":"2024-07-30T03:13:49Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249354"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249355"},{"label":"More Info","type":"link","url":"https://scramble.roguesignal.io/GM_HACM24"}],"end":"2024-08-11T19:00:00.000-0000","id":56018,"tag_ids":[46426,46439,46769],"village_id":null,"begin_timestamp":{"seconds":1723143600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"Y","begin":"2024-08-08T19:00:00.000-0000","updated":"2024-07-30T03:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00\n\n\n","media":[],"title":"Friends of Bill W","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-08T20:00:00Z","end_timestamp":{"seconds":1723147200,"nanoseconds":0},"android_description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00","updated_timestamp":{"seconds":1718771079,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T19:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-19T04:24:39Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249486"}],"end":"2024-08-08T20:00:00.000-0000","id":54484,"tag_ids":[46364,46401],"village_id":null,"begin_timestamp":{"seconds":1723143600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W301","hotel":"","short_name":"W301","id":46295},"spans_timebands":"N","begin":"2024-08-08T19:00:00.000-0000","updated":"2024-06-19T04:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn and earn your Amateur (Ham) License @ DEF CON 32 with this free class offered by Dan KB6NU and the Ham Radio Village!\r\n\r\nAlways been interested in getting your ham license but never had the time to study? Now's your chance! The Ham Radio Village is offering a one-day class where you can learn all the required knowledge to pass the exam. \r\n\r\nTopics include:\r\n- Electrical Principles\r\n- Electronic principles and components\r\n- Radio and electromagnetic wave properties\r\n- Antennas and Feedlines\r\n- Amateur Radio Signals\r\n- Safety\r\n- Station Setup and Operation\r\n- Operating Procedures\r\n- Rules and Regulations\r\n\r\nAfter the class, you can earn your license by taking the exam (for free) at DEF CON on your choice of Friday, Saturday, or Sunday. (Online testing is also available post-conference)\r\n\r\nThe class will run from 10 A.M. to 5 P.M. on Thursday, August 8th at the Clark County Library** located nearby to the LVCC at 1401 E Flamingo Rd. A lunch break will be provided.\r\n\r\nBest of all, this class is completely free, thanks to a grant from the Amateur Radio Digital Communications. \r\n\r\nLast year, we sold out of capacity and had to turn folks away. We highly recommend placing a deposit to reserve your seat. The deposit will be refunded upon attendance of the class. \r\n\r\nNote: this event is not located at the Las Vegas Convention Center but at the nearby Clark County Library. If you're planning on taking public transit, it is directly served by bus routes CX, 109, 202. Free parking (with EV charging) is available onsite.\r\n\r\nClark County Library, 1401 E Flamingo Rd, Las Vegas, NV 89119 [Google Maps](https://maps.app.goo.gl/A4gvBNZFHKb7jpJT8) [Apple Maps](https://maps.apple.com/?address=1401%20E%20Flamingo%20Rd,%20Las%20Vegas,%20NV%20%2089119,%20United%20States&ll=36.113761,-115.134870&q=Clark%20County%20Library)\r\n\r\n**This program is not a Library District event. The views expressed and other information presented are solely those of the producing entity.**\r\n\n\n\n","media":[],"title":"Ham in a Day Class","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T00:00:00Z","end_timestamp":{"seconds":1723161600,"nanoseconds":0},"android_description":"Learn and earn your Amateur (Ham) License @ DEF CON 32 with this free class offered by Dan KB6NU and the Ham Radio Village!\r\n\r\nAlways been interested in getting your ham license but never had the time to study? Now's your chance! The Ham Radio Village is offering a one-day class where you can learn all the required knowledge to pass the exam. \r\n\r\nTopics include:\r\n- Electrical Principles\r\n- Electronic principles and components\r\n- Radio and electromagnetic wave properties\r\n- Antennas and Feedlines\r\n- Amateur Radio Signals\r\n- Safety\r\n- Station Setup and Operation\r\n- Operating Procedures\r\n- Rules and Regulations\r\n\r\nAfter the class, you can earn your license by taking the exam (for free) at DEF CON on your choice of Friday, Saturday, or Sunday. (Online testing is also available post-conference)\r\n\r\nThe class will run from 10 A.M. to 5 P.M. on Thursday, August 8th at the Clark County Library** located nearby to the LVCC at 1401 E Flamingo Rd. A lunch break will be provided.\r\n\r\nBest of all, this class is completely free, thanks to a grant from the Amateur Radio Digital Communications. \r\n\r\nLast year, we sold out of capacity and had to turn folks away. We highly recommend placing a deposit to reserve your seat. The deposit will be refunded upon attendance of the class. \r\n\r\nNote: this event is not located at the Las Vegas Convention Center but at the nearby Clark County Library. If you're planning on taking public transit, it is directly served by bus routes CX, 109, 202. Free parking (with EV charging) is available onsite.\r\n\r\nClark County Library, 1401 E Flamingo Rd, Las Vegas, NV 89119 [Google Maps](https://maps.app.goo.gl/A4gvBNZFHKb7jpJT8) [Apple Maps](https://maps.apple.com/?address=1401%20E%20Flamingo%20Rd,%20Las%20Vegas,%20NV%20%2089119,%20United%20States&ll=36.113761,-115.134870&q=Clark%20County%20Library)\r\n\r\n**This program is not a Library District event. The views expressed and other information presented are solely those of the producing entity.**","updated_timestamp":{"seconds":1722185179,"nanoseconds":0},"speakers":[{"content_ids":[55433,55436],"conference_id":133,"event_ids":[55858,55861],"name":"Dan \"dan_kb6nu\" Romanchik","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Ham Radio Village","title":""}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@kb6nu@mastodon.radio)","sort_order":0,"url":"https://mastodon.radio/@kb6nu"},{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@kb6nu"},{"description":"","title":"Website","sort_order":0,"url":"https://www.kb6nu.com/"}],"media":[],"id":55974,"title":"Ham Radio Village"}],"begin_tsz":"2024-08-08T17:00:00Z","timeband_id":1146,"updated_tsz":"2024-07-28T16:46:19Z","links":[{"label":"More Info","type":"link","url":"https://hamvillage.org/dc32-hiad"}],"end":"2024-08-09T00:00:00.000-0000","id":55858,"tag_ids":[46380,46734],"village_id":null,"begin_timestamp":{"seconds":1723136400,"nanoseconds":0},"includes":"","people":[{"tag_id":46485,"sort_order":2,"person_id":55974}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-08T17:00:00.000-0000","updated":"2024-07-28T16:46:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DEF CON has made HDA a community, and we now have a community room! This room will be dedicated to the attendees with ADA needs, their friends, helpers, and anyone who wants to hang out and be social! So far we plan on providing charging stations, chill out sessions, an open call for a modular synth jam session, and more to come! Let's all work together to make DEFCON Awesomely Accessible!\r\n\r\n(Please note that on Thursday, we will be open only to provide assistance to those in need. Regular community programming will begin on Friday.)\r\n\r\nHang out, chill out deck out your mobility device and more!\n\n\n","media":[],"title":"HDA Community - Open for Accessibility Questions/Help","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-09T01:00:00Z","end_timestamp":{"seconds":1723165200,"nanoseconds":0},"android_description":"DEF CON has made HDA a community, and we now have a community room! This room will be dedicated to the attendees with ADA needs, their friends, helpers, and anyone who wants to hang out and be social! So far we plan on providing charging stations, chill out sessions, an open call for a modular synth jam session, and more to come! Let's all work together to make DEFCON Awesomely Accessible!\r\n\r\n(Please note that on Thursday, we will be open only to provide assistance to those in need. Regular community programming will begin on Friday.)\r\n\r\nHang out, chill out deck out your mobility device and more!","updated_timestamp":{"seconds":1722140938,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T17:00:00Z","timeband_id":1146,"updated_tsz":"2024-07-28T04:28:58Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/242670"},{"label":"Official HDA Policy","type":"link","url":"https://defcon.org/html/links/dc-hda.html"}],"end":"2024-08-09T01:00:00.000-0000","id":54570,"tag_ids":[46362,46404],"village_id":null,"begin_timestamp":{"seconds":1723136400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46251,"name":"LVCC - L1 - W110 (HDA)","hotel":"","short_name":"W110 (HDA)","id":46280},"spans_timebands":"N","begin":"2024-08-08T17:00:00.000-0000","updated":"2024-07-28T04:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Code obfuscation is fast becoming a normal part of modern Windows malware. Pioneered by Emotet and popularized by the Conti ransomware leaks, we now see even simple credential stealers using commercial grade code virtualization! The solution… if you can’t reverse it, just run it!\nIn this workshop we will cover different tracing techniques that can be used to bypass and extract information from protected code. The workshop is divided into modules covering tracing with x64dbg, dynamic binary instrumentation with PIN, and API tracing with DTrace. A challenge binary is provided with each module for students to practice and the final challenge is a real world malware sample that has been virtualized.\nThis workshop is aimed at reverse engineers and malware analysts who have experience analyzing malware and are comfortable with debugging in userland. If you don’t have experience with malware but you do have a few hours behind the debugger you should have no problem completing the workshop. \nStudents must bring a laptop/workstation capable of running a Windows Virtual Machine (VM) and a preinstalled Windows 10 (64bit) 20H1(or later) VM with at least 50G of free space. You will be provided with detailed tools installation and setup instructions prior to the workshop\n\n\n","media":[],"title":"Tracing The Pain Away - Practical Binary Tracing Techniques For Defeating Modern Malware Protections","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-08T20:00:00Z","end_timestamp":{"seconds":1723147200,"nanoseconds":0},"android_description":"Code obfuscation is fast becoming a normal part of modern Windows malware. Pioneered by Emotet and popularized by the Conti ransomware leaks, we now see even simple credential stealers using commercial grade code virtualization! The solution… if you can’t reverse it, just run it!\nIn this workshop we will cover different tracing techniques that can be used to bypass and extract information from protected code. The workshop is divided into modules covering tracing with x64dbg, dynamic binary instrumentation with PIN, and API tracing with DTrace. A challenge binary is provided with each module for students to practice and the final challenge is a real world malware sample that has been virtualized.\nThis workshop is aimed at reverse engineers and malware analysts who have experience analyzing malware and are comfortable with debugging in userland. If you don’t have experience with malware but you do have a few hours behind the debugger you should have no problem completing the workshop. \nStudents must bring a laptop/workstation capable of running a Windows Virtual Machine (VM) and a preinstalled Windows 10 (64bit) 20H1(or later) VM with at least 50G of free space. You will be provided with detailed tools installation and setup instructions prior to the workshop","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54211],"conference_id":133,"event_ids":[54584],"name":"Sean ","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"OpenAnalysis","title":"Co-founder"}],"links":[],"pronouns":null,"media":[],"id":53868,"title":"Co-founder at OpenAnalysis"},{"content_ids":[54211],"conference_id":133,"event_ids":[54584],"name":"Serrgei Frankoff","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"OpenAnalysis","title":"Co-founder"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@herrcore)","sort_order":0,"url":"https://twitter.com/herrcore"}],"media":[],"id":53870,"title":"Co-founder at OpenAnalysis"}],"begin_tsz":"2024-08-08T16:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Frankoff_DC32.eventbrite.com"}],"end":"2024-08-08T20:00:00.000-0000","id":54584,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723132800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53868},{"tag_id":46167,"sort_order":1,"person_id":53870}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Sands","hotel":"","short_name":"Sands","id":46331},"spans_timebands":"N","begin":"2024-08-08T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Supercharge SAST: Semgrep Strategies for Secure Software\" is a meticulously designed workshop aimed at introducing participants to the world of Static Application Security Testing (SAST) through the lens of Semgrep, a cutting-edge tool that combines the simplicity of syntax with the power of complex analysis. \nBefore the Training: Attendees are expected to have a basic understanding of programming concepts and syntax in a programming language such as JavaScript, Python, Go, or C#/Java. While familiarity with common security vulnerabilities (e.g., OWASP Top 10) is beneficial, it is not a prerequisite.To ensure a smooth and productive experience, participants should come equipped with a laptop that has administrative access for software installation. A pre-training checklist, including software installation guides (Semgrep and a preferred text editor/IDE), will be provided to all registered attendees to prepare them for the workshop. \nWhat You Will Learn: This workshop is structured to guide attendees from the foundational concepts of SAST and application security to the practical application of Semgrep for identifying and mitigating security risks in codebases.\nParticipants will: - Gain an understanding of SAST and its importance in the AppSec ecosystem. - Learn to navigate Semgrep’s rule syntax and create custom rules tailored to their specific security needs. - Engage in hands-on exercises to apply Semgrep on real-world code snippets and projects, enhancing their learning through practical application. - Explore the Semgrep Playground for testing and refining rules in an interactive environment. - Delve into advanced Semgrep features and techniques for a comprehensive security strategy. - Understand how Semgrep findings can be leveraged for LLM-based code analysis, taking code security to the next level. \nTechnical Level and Tools Used: This workshop is tailored for beginner to intermediate skill levels, focusing on practical, actionable insights that participants can immediately apply to their projects. The primary tool used will be Semgrep, supplemented by the Semgrep Playground for online rule testing. Instructions for installing necessary software and accessing online resources will be provided ahead of the workshop.\n\n\n","media":[],"title":"Supercharge SAST: Semgrep Strategies for Secure Software","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-08T20:00:00Z","end_timestamp":{"seconds":1723147200,"nanoseconds":0},"android_description":"Supercharge SAST: Semgrep Strategies for Secure Software\" is a meticulously designed workshop aimed at introducing participants to the world of Static Application Security Testing (SAST) through the lens of Semgrep, a cutting-edge tool that combines the simplicity of syntax with the power of complex analysis. \nBefore the Training: Attendees are expected to have a basic understanding of programming concepts and syntax in a programming language such as JavaScript, Python, Go, or C#/Java. While familiarity with common security vulnerabilities (e.g., OWASP Top 10) is beneficial, it is not a prerequisite.To ensure a smooth and productive experience, participants should come equipped with a laptop that has administrative access for software installation. A pre-training checklist, including software installation guides (Semgrep and a preferred text editor/IDE), will be provided to all registered attendees to prepare them for the workshop. \nWhat You Will Learn: This workshop is structured to guide attendees from the foundational concepts of SAST and application security to the practical application of Semgrep for identifying and mitigating security risks in codebases.\nParticipants will: - Gain an understanding of SAST and its importance in the AppSec ecosystem. - Learn to navigate Semgrep’s rule syntax and create custom rules tailored to their specific security needs. - Engage in hands-on exercises to apply Semgrep on real-world code snippets and projects, enhancing their learning through practical application. - Explore the Semgrep Playground for testing and refining rules in an interactive environment. - Delve into advanced Semgrep features and techniques for a comprehensive security strategy. - Understand how Semgrep findings can be leveraged for LLM-based code analysis, taking code security to the next level. \nTechnical Level and Tools Used: This workshop is tailored for beginner to intermediate skill levels, focusing on practical, actionable insights that participants can immediately apply to their projects. The primary tool used will be Semgrep, supplemented by the Semgrep Playground for online rule testing. Instructions for installing necessary software and accessing online resources will be provided ahead of the workshop.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54210],"conference_id":133,"event_ids":[54583],"name":"Arjun Gopalakrishna","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":"Senior Software Security Engineering Manager, Azure Security"}],"links":[],"pronouns":null,"media":[],"id":53834,"title":"Senior Software Security Engineering Manager, Azure Security at Microsoft"},{"content_ids":[54210],"conference_id":133,"event_ids":[54583],"name":"Gautam Peri","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":"Senior Security Engineer, EPSF SERPENT Team"}],"links":[],"pronouns":null,"media":[],"id":53842,"title":"Senior Security Engineer, EPSF SERPENT Team at Microsoft"},{"content_ids":[54210],"conference_id":133,"event_ids":[54583],"name":"Marcelo Ribeiro","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":"Senior Offensive Security Engineer in Azure Security"}],"links":[],"pronouns":null,"media":[],"id":53855,"title":"Senior Offensive Security Engineer in Azure Security at Microsoft"}],"begin_tsz":"2024-08-08T16:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Gopalakrishna_DC32.eventbrite.com"}],"end":"2024-08-08T20:00:00.000-0000","id":54583,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723132800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53834},{"tag_id":46167,"sort_order":1,"person_id":53842},{"tag_id":46167,"sort_order":1,"person_id":53855}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dunes","hotel":"","short_name":"Dunes","id":46329},"spans_timebands":"N","begin":"2024-08-08T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Microsoft Configuration Manager, formerly SCCM (System Center Configuration Manager), is a powerful technology that has been used to deploy software to Windows systems in the majority of enterprise environments since it was released by Microsoft in 1994. Although SCCM has a high potential for abuse due to its privileged access to entire fleets of servers and workstations, it has not been heavily researched or leveraged by security professionals until recently, presumably due to the time-consuming installation process and learning curve. In this workshop, students will be provided access to a live environment that reflects an enterprise SCCM deployment, gain an understanding of how the different components of SCCM interact, and learn how to execute recently discovered attack primitives that can be used compromise SCCM clients, servers, and entire hierarchies. By completing both guided exercises and optional CTF challenges in this lab environment, students will learn how to demonstrate the impact of attack paths involving SCCM.\r\n\r\nBy the end of this workshop, participants will be able to:\r\n - understand the foundational concepts needed to attack and defend SCCM\r\n - understand SCCM defaults and configurations that can be abused\r\n - use SCCM to complete a realistic attack chain, including recon, privilege escalation, credential gathering, site takeover, and lateral movement\r\n - understand how to use offensive security tools to interact with SCCM, such as SCCMHunter, SharpSCCM, sccmwtf, PXEThief, and ntlmrelayx\r\n \r\nTo get the most out of this training, participants will benefit from reviewing the following resources, although they are not required:\r\n - Misconfiguration Manager (misconfigurationmanager.com)\r\n - System Center Configuration Manager Current Branch Unleashed, by Kerrie Meyler\r\n - Configuration Manager Terminology\r\n - Looking Inside Configuration Manager\r\n - Network Design\r\n - Client Management\r\n\r\nThis workshop is the second version of Flipping the Coin and features upgraded attack paths, and lab environments.\r\n\r\nBy the end of the workshop, attendees will:\r\n\r\n1. Understand and perform common offensive attacks (supported by the Metasploit Framework) against Windows Domains, including:\r\n - Pass the Hash attacks;\r\n - gMSA Golden Attack;\r\n - ADCS abuse;\r\n - Common tunnelling techniques;\r\n - PrintSpoofer exploits;\r\n - LSASS exploitation (using Mimikatz);\r\n - AD enumeration (using BloodHound);\r\n - DACL abuse;\r\n - Kerberos golden tickets; and\r\n - DLL hijacking.\r\n\r\n2. Understand the process of detecting attacks against Windows infrastructure, including how to design and implement their own detection rules based on attendees’ previous attacks, using:\r\n - Sigma/Yara rules.\r\n - Log ingestion/normalisation platforms, and query engines (e.g. ELK).\r\n\r\n3. Understand and appreciate how the actions and processes of red and blue teams are interlinked, for the greater collective good.\r\n\r\nRecommended (but not required) prior reading:\r\n\r\n - https://nooblinux.com/metasploit-tutorial/\r\n - https://posts.specterops.io/introducing-bloodhound-enterprise-attack-path-management-for-everyone-39cfd8d6eb7c\r\n - https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview\r\n - https://socprime.com/blog/sigma-rules-the-beginners-guide/\r\n - https://github.com/socprime/SigmaUI\r\n - https://blog.netwrix.com/2021/11/30/how-to-detect-pass-the-hash-attacks/\r\n - https://posts.specterops.io/certified-pre-owned-d95910965cd2\r\n - https://www.elastic.co/guide/en/security/current/suspicious-print-spooler-point-and-print-dll.html\r\n\r\nMuch of the material and core concepts of the workshop remain the same from the DEF CON 31 workshop with some updated topics for DEF CON 32, including an updated environment, and gMSA attacks within the lab.\r\n\r\nSince 2022, Chris, Duane, and Garrett have released a combined 8 blog posts and authored 3 tools (SharpSCCM, SCCMHunter, and Misconfiguration Manager) that demonstrate novel offensive techniques to abuse SCCM functionality.\r\n\n\n\n","media":[],"title":"Offensive SCCM: Abusing Microsoft's C2 Framework","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-08T20:00:00Z","end_timestamp":{"seconds":1723147200,"nanoseconds":0},"android_description":"Microsoft Configuration Manager, formerly SCCM (System Center Configuration Manager), is a powerful technology that has been used to deploy software to Windows systems in the majority of enterprise environments since it was released by Microsoft in 1994. Although SCCM has a high potential for abuse due to its privileged access to entire fleets of servers and workstations, it has not been heavily researched or leveraged by security professionals until recently, presumably due to the time-consuming installation process and learning curve. In this workshop, students will be provided access to a live environment that reflects an enterprise SCCM deployment, gain an understanding of how the different components of SCCM interact, and learn how to execute recently discovered attack primitives that can be used compromise SCCM clients, servers, and entire hierarchies. By completing both guided exercises and optional CTF challenges in this lab environment, students will learn how to demonstrate the impact of attack paths involving SCCM.\r\n\r\nBy the end of this workshop, participants will be able to:\r\n - understand the foundational concepts needed to attack and defend SCCM\r\n - understand SCCM defaults and configurations that can be abused\r\n - use SCCM to complete a realistic attack chain, including recon, privilege escalation, credential gathering, site takeover, and lateral movement\r\n - understand how to use offensive security tools to interact with SCCM, such as SCCMHunter, SharpSCCM, sccmwtf, PXEThief, and ntlmrelayx\r\n \r\nTo get the most out of this training, participants will benefit from reviewing the following resources, although they are not required:\r\n - Misconfiguration Manager (misconfigurationmanager.com)\r\n - System Center Configuration Manager Current Branch Unleashed, by Kerrie Meyler\r\n - Configuration Manager Terminology\r\n - Looking Inside Configuration Manager\r\n - Network Design\r\n - Client Management\r\n\r\nThis workshop is the second version of Flipping the Coin and features upgraded attack paths, and lab environments.\r\n\r\nBy the end of the workshop, attendees will:\r\n\r\n1. Understand and perform common offensive attacks (supported by the Metasploit Framework) against Windows Domains, including:\r\n - Pass the Hash attacks;\r\n - gMSA Golden Attack;\r\n - ADCS abuse;\r\n - Common tunnelling techniques;\r\n - PrintSpoofer exploits;\r\n - LSASS exploitation (using Mimikatz);\r\n - AD enumeration (using BloodHound);\r\n - DACL abuse;\r\n - Kerberos golden tickets; and\r\n - DLL hijacking.\r\n\r\n2. Understand the process of detecting attacks against Windows infrastructure, including how to design and implement their own detection rules based on attendees’ previous attacks, using:\r\n - Sigma/Yara rules.\r\n - Log ingestion/normalisation platforms, and query engines (e.g. ELK).\r\n\r\n3. Understand and appreciate how the actions and processes of red and blue teams are interlinked, for the greater collective good.\r\n\r\nRecommended (but not required) prior reading:\r\n\r\n - https://nooblinux.com/metasploit-tutorial/\r\n - https://posts.specterops.io/introducing-bloodhound-enterprise-attack-path-management-for-everyone-39cfd8d6eb7c\r\n - https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview\r\n - https://socprime.com/blog/sigma-rules-the-beginners-guide/\r\n - https://github.com/socprime/SigmaUI\r\n - https://blog.netwrix.com/2021/11/30/how-to-detect-pass-the-hash-attacks/\r\n - https://posts.specterops.io/certified-pre-owned-d95910965cd2\r\n - https://www.elastic.co/guide/en/security/current/suspicious-print-spooler-point-and-print-dll.html\r\n\r\nMuch of the material and core concepts of the workshop remain the same from the DEF CON 31 workshop with some updated topics for DEF CON 32, including an updated environment, and gMSA attacks within the lab.\r\n\r\nSince 2022, Chris, Duane, and Garrett have released a combined 8 blog posts and authored 3 tools (SharpSCCM, SCCMHunter, and Misconfiguration Manager) that demonstrate novel offensive techniques to abuse SCCM functionality.","updated_timestamp":{"seconds":1719546625,"nanoseconds":0},"speakers":[{"content_ids":[54209,54182],"conference_id":133,"event_ids":[54551,54582],"name":"Chris Thompson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SpecterOps","title":"Principal Consultant"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@_Mayyhem)","sort_order":0,"url":"https://twitter.com/_Mayyhem"}],"media":[],"id":53730,"title":"Principal Consultant at SpecterOps"},{"content_ids":[54209],"conference_id":133,"event_ids":[54582],"name":"Duane Michael","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SpecterOps","title":"Managing Consultant"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@subat0mik)","sort_order":0,"url":"https://twitter.com/subat0mik"}],"media":[],"id":53838,"title":"Managing Consultant at SpecterOps"},{"content_ids":[54209,55299],"conference_id":133,"event_ids":[55689,54582],"name":"Garrett Foster","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SpecterOps","title":"Senior Consultant"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@garrfoster)","sort_order":0,"url":"https://twitter.com/garrfoster"}],"media":[],"id":53878,"title":"Senior Consultant at SpecterOps"}],"begin_tsz":"2024-08-08T16:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-28T03:50:25Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Michael_DC32.eventbrite.com"}],"end":"2024-08-08T20:00:00.000-0000","id":54582,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723132800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":53730},{"tag_id":46167,"sort_order":6,"person_id":53838},{"tag_id":46167,"sort_order":8,"person_id":53878}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dean Martin","hotel":"","short_name":"Dean Martin","id":46327},"spans_timebands":"N","begin":"2024-08-08T16:00:00.000-0000","updated":"2024-06-28T03:50:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Connected medical device and medical device security assessments utilize a varying and wide range of practices, from reverse engineering to hardware exploitation. If you have ever been curious about how to get started, this is the class for you. We will be covering how to get started in Adversarial Medical Device testing, tooling, tactics, exploits and certain bypasses to restrictions you may encounter during testing these devices. Use the tactics learned to exploit devices within\nthe Device Lab!\n\n\n","media":[],"title":"Med Team vs Red Team: Intro into Medical Device Hacking","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-08T20:00:00Z","end_timestamp":{"seconds":1723147200,"nanoseconds":0},"android_description":"Connected medical device and medical device security assessments utilize a varying and wide range of practices, from reverse engineering to hardware exploitation. If you have ever been curious about how to get started, this is the class for you. We will be covering how to get started in Adversarial Medical Device testing, tooling, tactics, exploits and certain bypasses to restrictions you may encounter during testing these devices. Use the tactics learned to exploit devices within\nthe Device Lab!","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54208],"conference_id":133,"event_ids":[54581],"name":"Alex Delifer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@cheet)","sort_order":0,"url":"https://twitter.com/cheet"}],"media":[],"id":53830},{"content_ids":[54208,54577],"conference_id":133,"event_ids":[54581,54952],"name":"Michael \"v3ga\" Aguilar","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Secureworks Adversary Group","title":"Principle Consultant"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/v3gahax"},{"description":"","title":"Twitter (@v3ga_hax )","sort_order":0,"url":"https://twitter.com/v3ga_hax "}],"media":[],"id":53858,"title":"Principle Consultant at Secureworks Adversary Group"}],"begin_tsz":"2024-08-08T16:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"More Info","type":"link","url":"https://www.villageb.io/catalyst-lab"},{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Aguilar_DC32.eventbrite.com"}],"end":"2024-08-08T20:00:00.000-0000","id":54581,"tag_ids":[46371,46427,46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723132800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53830},{"tag_id":46167,"sort_order":1,"person_id":53858}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Desert Inn","hotel":"","short_name":"Desert Inn","id":46328},"spans_timebands":"N","begin":"2024-08-08T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Threat actors skillfully deploy malware to evade detection, outmaneuvering traditional security tools. In this workshop, \"Dissecting Malware for Defense - Crafting Custom Yara Rules\", you'll harness the power of malware analysis and crowdsourced intelligence to build tailored Yara rules. These rules will supercharge your security systems, enabling you to detect emerging threats, enhance threat hunting, and accurately pinpoint malicious activity. This fast-paced course will guide you in mastering static and behavioral detections, empowering you to safeguard your organization. By the end, you'll expertly translate malware analysis insights into high-quality Yara rules, bolstering your defensive arsenal.\n\n\n","media":[],"title":"Dissecting Malware for Defense - Crafting Custom Yara Rules","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-08T20:00:00Z","end_timestamp":{"seconds":1723147200,"nanoseconds":0},"android_description":"Threat actors skillfully deploy malware to evade detection, outmaneuvering traditional security tools. In this workshop, \"Dissecting Malware for Defense - Crafting Custom Yara Rules\", you'll harness the power of malware analysis and crowdsourced intelligence to build tailored Yara rules. These rules will supercharge your security systems, enabling you to detect emerging threats, enhance threat hunting, and accurately pinpoint malicious activity. This fast-paced course will guide you in mastering static and behavioral detections, empowering you to safeguard your organization. By the end, you'll expertly translate malware analysis insights into high-quality Yara rules, bolstering your defensive arsenal.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54207],"conference_id":133,"event_ids":[54580],"name":"Francisco Perdomo","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Security Engineer, VirusTotal Research Team"}],"links":[],"pronouns":null,"media":[],"id":53841,"title":"Security Engineer, VirusTotal Research Team at Google"},{"content_ids":[54207,54222],"conference_id":133,"event_ids":[54580,54595],"name":"Josh Stroschein","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Reverse Engineer, FLARE team"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@jstrosch)","sort_order":0,"url":"https://twitter.com/jstrosch"}],"media":[],"id":53850,"title":"Reverse Engineer, FLARE team at Google"}],"begin_tsz":"2024-08-08T16:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Stroschein_DC32.eventbrite.com"}],"end":"2024-08-08T20:00:00.000-0000","id":54580,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723132800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53841},{"tag_id":46167,"sort_order":1,"person_id":53850}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Frontier","hotel":"","short_name":"Frontier","id":46330},"spans_timebands":"N","begin":"2024-08-08T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"All merch sales are USD CASH ONLY. No cards will be accepted.\r\n\r\nThe published hours for the merch area are only an approximation: supplies are limited, and when merch is sold out, the merch area will close for the year. (We intend to update this schedule to reflect their true operating status, but this is strictly best-effort.) \r\n\r\nNote that the closing hours here are **when sales must have ended**. For example, if sales must end by 18:00, and we estimate that it will take 2 hours to clear the queue, doors are likely to close around 16:00. Because of this dynamic nature, we can't predict the length of the line or when doors will be closed.\n\n\n","media":[],"title":"Merch (formerly swag) Area Open -- README","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-09T01:00:00Z","end_timestamp":{"seconds":1723165200,"nanoseconds":0},"android_description":"All merch sales are USD CASH ONLY. No cards will be accepted.\r\n\r\nThe published hours for the merch area are only an approximation: supplies are limited, and when merch is sold out, the merch area will close for the year. (We intend to update this schedule to reflect their true operating status, but this is strictly best-effort.) \r\n\r\nNote that the closing hours here are **when sales must have ended**. For example, if sales must end by 18:00, and we estimate that it will take 2 hours to clear the queue, doors are likely to close around 16:00. Because of this dynamic nature, we can't predict the length of the line or when doors will be closed.","updated_timestamp":{"seconds":1722140898,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T15:00:00Z","timeband_id":1146,"updated_tsz":"2024-07-28T04:28:18Z","links":[],"end":"2024-08-09T01:00:00.000-0000","id":55848,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723129200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W212 (DEF CON Merch)","hotel":"","short_name":"W212 (DEF CON Merch)","id":46285},"spans_timebands":"N","begin":"2024-08-08T15:00:00.000-0000","updated":"2024-07-28T04:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Our human registration process this year will be very similar to previous years. Please be patient. All of the times listed here are **approximate**. \r\n\r\n# Basics\r\n\r\n### Who needs a badge?\r\n\r\nA badge is required for each human age 8 and older.\r\n\r\n### Human?\r\n\r\nYou are a human if you do not know otherwise. People that are not humans include goons, official speaker, village/community/contest/creator staff, press, black badge holders, or similar. If you are not a human, you need to register separately. If you don't know how, see an NFO goon (NFO Node, formerly known as an infobooth, is where you can get help). The remainder of this message applies only to humans.\r\n\r\n### Lines? Linecon?\r\n\r\nLinecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)\r\n\r\nOnline badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales. \r\n\r\nPlease help us make this a great experience for everyone by **following directions given by goons**. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join. \r\n\r\n# Ways to buy a badge\r\n\r\n- $480 [online purchase](https://shop.defcon.org/products/def-con-32-las-vegas-convention-center) until August 1, 2024. Tickets are transferable. Please read the details on the linked page.\r\n- $460 cash purchase on-site.\r\n- As part of a BlackHat registration.\r\n\r\n### Online Purchase\r\n\r\nYou will be emailed a QR code to the email address provided when you bought your badge. Please guard that QR code as though it is cash -- it can only be redeemed once, and anyone can redeem it if they have it (including a photo of it). Badges are picked-up on-site -- they will not be mailed or shipped.\r\n\r\nWe can scan the QR code either from your phone's display or from a printed copy. You **must** have the QR code with you in order to obtain your badge. As you approach the front of the line, if you are going to show your QR code on an electronic device, please ensure that your display is set to maximum brightness. \r\n\r\nIf you pre-registered, but ultimately are unable to attend DEF CON and want to cancel your purchase, the **only** way to get a refund is from the original online source. We are unable to provide any refunds on-site at DEF CON. There is a fee to have your badge canceled: $34 until July 15, and $84 on and after July 15.\r\n\r\nOnline purchases are provided a receipt via email when the purchase is made.\r\n\r\nOnline purchase -- often referred to as pre-registration -- does not allow you to skip any line/queue to pick up your badge. Once you arrive on-site, you will need to join the existing line for human registration. There may or may not be a dedicated line for pre-registration badge pickup, depending on when you arrive, how long the line is, available staff, etc.\r\n\r\n### Cash Purchase\r\n\r\nBadges will be available for purchase on-site at DEF CON. All badge sales are **cash only**. No checks, money orders, credit cards, etc., will be accepted. In order to keep the registration line moving as quickly as possible, please have **exact change** ready as you near the front of the line.\r\n\r\nThere are no refunds given for cash sales. If you have any doubt about your desire to buy a badge, please refrain from doing so.\r\n\r\nWe are unable to provide printed receipts at the time of the sale. A generic receipt for the cash sale of a badge will be made available on media.defcon.org after the conference. You are welcome to print your own copy of the receipt on plain paper.\r\n\r\n### Via BlackHat \r\n\r\nIf you attend BlackHat, it is possible to purchase a DEF CON badge with your BlackHat registration. If you did so, please get your DEF CON badge from BlackHat before they close. \r\n\r\nBlackHat should send you an email with instructions for how to obtain your DEF CON badge. In case you missed it, you can go to the second floor, at the concierge desk, halfway down Black Hat Blvd.\r\n\r\n# Misc\r\n\r\nWant to buy multiple badges? No problem! We're happy to sell you however many badges you want to pay for.\r\n\r\nIf you lose your badge, there is unfortunately no way for us to replace it. You'll have to buy a replacement at full price. Please don't lose your badge. :( \r\n\r\nIf you are being accompanied by a full-time caretaker (such as someone who will push your wheelchair, and will accompany you at all times), please ask to speak to a Registration Goon. Your caretaker will receive a paper badge that will permit them to accompany you everywhere you go.\r\n\r\n# Still need help?\r\n\r\nIf you have questions about anything regarding human registration that are not addressed here, please ask to speak to a Registration Goon.\n\n\n","media":[{"hash_sha256":"8a300e1ae98ec2a54a4a5b4a5378f42ca3196613b8cfeec201265c89f74bada7","filetype":"image/webp","hash_md5":"d5dca56d644276270ebb606349e06742","name":"defcon32preregistrationartc.webp","is_logo":"Y","hash_crc32c":"4ef042a8","filesize":249642,"asset_id":815,"sort_order":1,"url":"https://info.defcon.org/blobs/defcon32preregistrationartc.webp"}],"title":"Human Registration Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-09T03:00:00Z","end_timestamp":{"seconds":1723172400,"nanoseconds":0},"android_description":"Our human registration process this year will be very similar to previous years. Please be patient. All of the times listed here are **approximate**. \r\n\r\n# Basics\r\n\r\n### Who needs a badge?\r\n\r\nA badge is required for each human age 8 and older.\r\n\r\n### Human?\r\n\r\nYou are a human if you do not know otherwise. People that are not humans include goons, official speaker, village/community/contest/creator staff, press, black badge holders, or similar. If you are not a human, you need to register separately. If you don't know how, see an NFO goon (NFO Node, formerly known as an infobooth, is where you can get help). The remainder of this message applies only to humans.\r\n\r\n### Lines? Linecon?\r\n\r\nLinecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)\r\n\r\nOnline badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales. \r\n\r\nPlease help us make this a great experience for everyone by **following directions given by goons**. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join. \r\n\r\n# Ways to buy a badge\r\n\r\n- $480 [online purchase](https://shop.defcon.org/products/def-con-32-las-vegas-convention-center) until August 1, 2024. Tickets are transferable. Please read the details on the linked page.\r\n- $460 cash purchase on-site.\r\n- As part of a BlackHat registration.\r\n\r\n### Online Purchase\r\n\r\nYou will be emailed a QR code to the email address provided when you bought your badge. Please guard that QR code as though it is cash -- it can only be redeemed once, and anyone can redeem it if they have it (including a photo of it). Badges are picked-up on-site -- they will not be mailed or shipped.\r\n\r\nWe can scan the QR code either from your phone's display or from a printed copy. You **must** have the QR code with you in order to obtain your badge. As you approach the front of the line, if you are going to show your QR code on an electronic device, please ensure that your display is set to maximum brightness. \r\n\r\nIf you pre-registered, but ultimately are unable to attend DEF CON and want to cancel your purchase, the **only** way to get a refund is from the original online source. We are unable to provide any refunds on-site at DEF CON. There is a fee to have your badge canceled: $34 until July 15, and $84 on and after July 15.\r\n\r\nOnline purchases are provided a receipt via email when the purchase is made.\r\n\r\nOnline purchase -- often referred to as pre-registration -- does not allow you to skip any line/queue to pick up your badge. Once you arrive on-site, you will need to join the existing line for human registration. There may or may not be a dedicated line for pre-registration badge pickup, depending on when you arrive, how long the line is, available staff, etc.\r\n\r\n### Cash Purchase\r\n\r\nBadges will be available for purchase on-site at DEF CON. All badge sales are **cash only**. No checks, money orders, credit cards, etc., will be accepted. In order to keep the registration line moving as quickly as possible, please have **exact change** ready as you near the front of the line.\r\n\r\nThere are no refunds given for cash sales. If you have any doubt about your desire to buy a badge, please refrain from doing so.\r\n\r\nWe are unable to provide printed receipts at the time of the sale. A generic receipt for the cash sale of a badge will be made available on media.defcon.org after the conference. You are welcome to print your own copy of the receipt on plain paper.\r\n\r\n### Via BlackHat \r\n\r\nIf you attend BlackHat, it is possible to purchase a DEF CON badge with your BlackHat registration. If you did so, please get your DEF CON badge from BlackHat before they close. \r\n\r\nBlackHat should send you an email with instructions for how to obtain your DEF CON badge. In case you missed it, you can go to the second floor, at the concierge desk, halfway down Black Hat Blvd.\r\n\r\n# Misc\r\n\r\nWant to buy multiple badges? No problem! We're happy to sell you however many badges you want to pay for.\r\n\r\nIf you lose your badge, there is unfortunately no way for us to replace it. You'll have to buy a replacement at full price. Please don't lose your badge. :( \r\n\r\nIf you are being accompanied by a full-time caretaker (such as someone who will push your wheelchair, and will accompany you at all times), please ask to speak to a Registration Goon. Your caretaker will receive a paper badge that will permit them to accompany you everywhere you go.\r\n\r\n# Still need help?\r\n\r\nIf you have questions about anything regarding human registration that are not addressed here, please ask to speak to a Registration Goon.","updated_timestamp":{"seconds":1722991207,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T15:00:00Z","timeband_id":1146,"updated_tsz":"2024-08-07T00:40:07Z","links":[],"end":"2024-08-09T03:00:00.000-0000","id":54478,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723129200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"N","begin":"2024-08-08T15:00:00.000-0000","updated":"2024-08-07T00:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you find something that seems to have been lost, please take that item to the nearest NFO Node. The item will enter the DEF CON Lost & Found system. \r\n\r\nIf you've lost something, the only way to check on it (or reclaim it) is by going to the Lost & Found department yourself. The Lost & Found department is in room LVCC - L2 - W238. You may also call Lost & Found at [+1 (725) 377-5045](tel:+17253775045).\r\n\r\nThe Lost & Found department plans to be open Thursday - Saturday, during all hours that the conference operates. On Sunday, the Lost & Found department will open with the venue at 08:00, but will close at the beginning of DEF CON 32 Closing Ceremonies (15:00). Shortly thereafter, all remaining lost items will be transferred to the LVCC West Lobby Security Office. If you need to reach LVCC's West Lobby Security Office, you may call [+1 (702) 943-3532](tel:+17029433532).\n\n\n","media":[],"title":"Lost & Found","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-09T09:00:00Z","end_timestamp":{"seconds":1723194000,"nanoseconds":0},"android_description":"If you find something that seems to have been lost, please take that item to the nearest NFO Node. The item will enter the DEF CON Lost & Found system. \r\n\r\nIf you've lost something, the only way to check on it (or reclaim it) is by going to the Lost & Found department yourself. The Lost & Found department is in room LVCC - L2 - W238. You may also call Lost & Found at [+1 (725) 377-5045](tel:+17253775045).\r\n\r\nThe Lost & Found department plans to be open Thursday - Saturday, during all hours that the conference operates. On Sunday, the Lost & Found department will open with the venue at 08:00, but will close at the beginning of DEF CON 32 Closing Ceremonies (15:00). Shortly thereafter, all remaining lost items will be transferred to the LVCC West Lobby Security Office. If you need to reach LVCC's West Lobby Security Office, you may call [+1 (702) 943-3532](tel:+17029433532).","updated_timestamp":{"seconds":1722195318,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T14:00:00Z","timeband_id":1146,"updated_tsz":"2024-07-28T19:35:18Z","links":[],"end":"2024-08-09T09:00:00.000-0000","id":55852,"tag_ids":[46362,46744],"village_id":null,"begin_timestamp":{"seconds":1723125600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W238 (Lost & Found)","hotel":"","short_name":"W238 (Lost & Found)","id":46338},"spans_timebands":"Y","begin":"2024-08-08T14:00:00.000-0000","updated":"2024-07-28T19:35:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Thursday, Friday, Saturday and Sunday: 05:00 to 08:00, with random pop up meetings throughout the day in the con space.\r\n\r\nDefcon.run is an evolution of the now long running DEF CON 4x5K running event. Due to stupendous growth, we’ve been forced to change up the format. This year's activity will look to match up folks for fun runs, and rucks (!), in small distributed groups around Las Vegas. It’s the same old event but at a distributed scale!\r\n\r\nShow up in the morning, go for a run with folks, have a good time!\r\n\r\nWe’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances. Full Information at https://defcon.run\n\n\n","media":[],"title":"Defcon.run","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-08T15:00:00Z","end_timestamp":{"seconds":1723129200,"nanoseconds":0},"android_description":"Thursday, Friday, Saturday and Sunday: 05:00 to 08:00, with random pop up meetings throughout the day in the con space.\r\n\r\nDefcon.run is an evolution of the now long running DEF CON 4x5K running event. Due to stupendous growth, we’ve been forced to change up the format. This year's activity will look to match up folks for fun runs, and rucks (!), in small distributed groups around Las Vegas. It’s the same old event but at a distributed scale!\r\n\r\nShow up in the morning, go for a run with folks, have a good time!\r\n\r\nWe’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances. Full Information at https://defcon.run","updated_timestamp":{"seconds":1718813049,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T12:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-19T16:04:09Z","links":[{"label":"More Info","type":"link","url":"https://defcon.run"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249585"}],"end":"2024-08-08T15:00:00.000-0000","id":54512,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723118400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-08T12:00:00.000-0000","updated":"2024-06-19T16:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Linecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)\r\n\r\nOnline badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales. \r\n\r\nPlease help us make this a great experience for everyone by **following directions given by goons**. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join. \r\n\r\nPlease also review the \"Human Registration Open\" event, and familiarize yourself with the **important notes** therein. \n\n\n","media":[],"title":"Linecon","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-08T13:00:00Z","end_timestamp":{"seconds":1723122000,"nanoseconds":0},"android_description":"Linecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)\r\n\r\nOnline badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales. \r\n\r\nPlease help us make this a great experience for everyone by **following directions given by goons**. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join. \r\n\r\nPlease also review the \"Human Registration Open\" event, and familiarize yourself with the **important notes** therein.","updated_timestamp":{"seconds":1719359470,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T00:00:00Z","timeband_id":1176,"updated_tsz":"2024-06-25T23:51:10Z","links":[],"end":"2024-08-08T13:00:00.000-0000","id":54482,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723075200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"Y","begin":"2024-08-08T00:00:00.000-0000","updated":"2024-06-25T23:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Wednesday August 7th Registration usually opens at 11am\r\n\r\nOFFSITE: Pro Gun Vegas Address: 12801 US 95 South Boulder City, NV 89005\n\n\n","media":[{"hash_sha256":"7e4ee571a08a4b871cf596caafcfbd5b154fb5c0791b0b7e6a0cdd51ad48aea6","filetype":"image/png","hash_md5":"f4d625bd81e140c7cda3eb9872744bd3","name":"pme_defconshoot.png","is_logo":"Y","hash_crc32c":"df4beba2","filesize":23093,"asset_id":676,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_defconshoot.png"}],"title":"The Unofficial DEF CON Shoot","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-07T18:00:00Z","end_timestamp":{"seconds":1723053600,"nanoseconds":0},"android_description":"Wednesday August 7th Registration usually opens at 11am\r\n\r\nOFFSITE: Pro Gun Vegas Address: 12801 US 95 South Boulder City, NV 89005","updated_timestamp":{"seconds":1718814051,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-07T18:00:00Z","timeband_id":1176,"updated_tsz":"2024-06-19T16:20:51Z","links":[{"label":"Website","type":"link","url":"https://deviating.net/firearms/defcon_shoot/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249552"}],"end":"2024-08-07T18:00:00.000-0000","id":54523,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723053600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-07T18:00:00.000-0000","updated":"2024-06-19T16:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There are a few things that we would like everyone to be aware of, leading up to DEF CON 32.\r\n\r\n## Sticker Policy\r\n\r\nWe have a beautiful culture of #stickerlife at DEF CON, and we hope that it can continue well into the future. Refer to the conference schedule for \"sticker swaps\". We're also putting up multiple sticker walls this year -- it was a hit last year, and we hope that having a couple of them will be even more awesome this year. \r\n\r\nThe LVCVA (Las Vegas Convention and Visitors Authority, owners of the LVCC) has a zero-tolerance policy with regard to adhering anything at all to their property, including stickers. Please DFIU. If you are caught adhering anything to LVCC property, you will likely be trespassed from the property by Las Vegas Police. Beyond stickers, you may also not use tape, sticky putty, tacks, or even non-stick clings. \r\n\r\n## Admission inspections and searches\r\n\r\nThe LVCC will not be searching or scanning people or bags entering the facility.\r\n\r\n## Money\r\n\r\nAs always, human badges (that were not pre-purchased) are exclusively sold using **cash (US currency)**. Merch is the same. No credit cards, debit cards, mobile payments, cryptocurrency, or any means other than USD cash will be accepted at either human registration or DEF CON Merch. We recommend bringing cash with you: there are only two ATMs inside the LVCC.\r\n\r\nFood and beverage operations inside the LVCC, including the food court and bars, only accept cards and mobile payments. **You cannot use cash to purchase food or beverage inside the LVCC.**\r\n\r\nVendors are permitted to conduct transactions via whatever means they choose. We do not have a list of which vendors are accepting cash vs card.\r\n\r\n## Water\r\n\r\nThe LVCC has many modern water-bottle filling stations, so free water will be readily available for those who bring their own reusable water bottles.\r\n\r\n## DCTV\r\n\r\nDCTV will exclusively be streaming online this year, and will not be available on any hotel TV channels.\r\n\r\n## Outside food and beverage\r\n\r\nLVCC prohibits attendees from bringing outside food and beverage into the convention center, except in cases of medical or dietary necessity.\r\n\r\n## Photography policy\r\n\r\nPublic photography is allowed*. It’s okay to take photos of your friends if they’re cool with it. We’ve setup several “selfie spots” that are amazing art pieces created specifically for the yearly theme where you can take cool photos.\r\n\r\nWe want you to take consenting photos of each other and we want others to see the wide range of attendees we have at DEF CON having a good time. What we don’t want to see are group shots taken without consent/warning, images taken by the press, video of people standing in lines, etc.\r\n\r\n**Official Press & DEF CON Policy Village rules may differ, please refer to them.** At DEF CON you may see our official photography goons capturing the uniqueness that is to be expected at DEF CON; they adhere to our photo policy.\r\n\r\nGroups & individuals participating in public on stage (events, contests, or activities) are allowed* to be photographed.\r\n\r\nPhotography in the CTF room is NOT permitted without consent of the individuals to be photographed.\r\n\r\n**Crowd shots are VERY discouraged**, if so desired you must alert the crowd to give them time to opt out. For example: \" Hey, I'm taking a photo, if you don't want to be in it hide your face\" .\r\n\r\nTaking photos of people in hallways, lines, hanging out, at random, is not allowed without consent. Respect the rights of the individual not to be photographed. Deletion of photos can be requested by staff.\r\n\r\nWhen taking pictures of your friends please use “portrait mode” because this will blur the picture background, respecting the privacy of those inadvertently captured.\r\n\r\nNOTE: It is permissible to record violations of the DEF CON CoC to share with our safety team (link) to help us investigate and take action.\r\n\r\n* We reserve the right to revoke an individual's permission to photograph, at any time, on a case by case basis. Failure to comply can result in revocation of admission without refund.\n\n\n","media":[],"title":"Important Message","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-07T07:00:00Z","end_timestamp":{"seconds":1723014000,"nanoseconds":0},"android_description":"There are a few things that we would like everyone to be aware of, leading up to DEF CON 32.\r\n\r\n## Sticker Policy\r\n\r\nWe have a beautiful culture of #stickerlife at DEF CON, and we hope that it can continue well into the future. Refer to the conference schedule for \"sticker swaps\". We're also putting up multiple sticker walls this year -- it was a hit last year, and we hope that having a couple of them will be even more awesome this year. \r\n\r\nThe LVCVA (Las Vegas Convention and Visitors Authority, owners of the LVCC) has a zero-tolerance policy with regard to adhering anything at all to their property, including stickers. Please DFIU. If you are caught adhering anything to LVCC property, you will likely be trespassed from the property by Las Vegas Police. Beyond stickers, you may also not use tape, sticky putty, tacks, or even non-stick clings. \r\n\r\n## Admission inspections and searches\r\n\r\nThe LVCC will not be searching or scanning people or bags entering the facility.\r\n\r\n## Money\r\n\r\nAs always, human badges (that were not pre-purchased) are exclusively sold using **cash (US currency)**. Merch is the same. No credit cards, debit cards, mobile payments, cryptocurrency, or any means other than USD cash will be accepted at either human registration or DEF CON Merch. We recommend bringing cash with you: there are only two ATMs inside the LVCC.\r\n\r\nFood and beverage operations inside the LVCC, including the food court and bars, only accept cards and mobile payments. **You cannot use cash to purchase food or beverage inside the LVCC.**\r\n\r\nVendors are permitted to conduct transactions via whatever means they choose. We do not have a list of which vendors are accepting cash vs card.\r\n\r\n## Water\r\n\r\nThe LVCC has many modern water-bottle filling stations, so free water will be readily available for those who bring their own reusable water bottles.\r\n\r\n## DCTV\r\n\r\nDCTV will exclusively be streaming online this year, and will not be available on any hotel TV channels.\r\n\r\n## Outside food and beverage\r\n\r\nLVCC prohibits attendees from bringing outside food and beverage into the convention center, except in cases of medical or dietary necessity.\r\n\r\n## Photography policy\r\n\r\nPublic photography is allowed*. It’s okay to take photos of your friends if they’re cool with it. We’ve setup several “selfie spots” that are amazing art pieces created specifically for the yearly theme where you can take cool photos.\r\n\r\nWe want you to take consenting photos of each other and we want others to see the wide range of attendees we have at DEF CON having a good time. What we don’t want to see are group shots taken without consent/warning, images taken by the press, video of people standing in lines, etc.\r\n\r\n**Official Press & DEF CON Policy Village rules may differ, please refer to them.** At DEF CON you may see our official photography goons capturing the uniqueness that is to be expected at DEF CON; they adhere to our photo policy.\r\n\r\nGroups & individuals participating in public on stage (events, contests, or activities) are allowed* to be photographed.\r\n\r\nPhotography in the CTF room is NOT permitted without consent of the individuals to be photographed.\r\n\r\n**Crowd shots are VERY discouraged**, if so desired you must alert the crowd to give them time to opt out. For example: \" Hey, I'm taking a photo, if you don't want to be in it hide your face\" .\r\n\r\nTaking photos of people in hallways, lines, hanging out, at random, is not allowed without consent. Respect the rights of the individual not to be photographed. Deletion of photos can be requested by staff.\r\n\r\nWhen taking pictures of your friends please use “portrait mode” because this will blur the picture background, respecting the privacy of those inadvertently captured.\r\n\r\nNOTE: It is permissible to record violations of the DEF CON CoC to share with our safety team (link) to help us investigate and take action.\r\n\r\n* We reserve the right to revoke an individual's permission to photograph, at any time, on a case by case basis. Failure to comply can result in revocation of admission without refund.","updated_timestamp":{"seconds":1723249717,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-07T07:00:00Z","timeband_id":1176,"updated_tsz":"2024-08-10T00:28:37Z","links":[],"end":"2024-08-07T07:00:00.000-0000","id":56569,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723014000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-07T07:00:00.000-0000","updated":"2024-08-10T00:28:00.000-0000"}] \ No newline at end of file +[{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Artificial Intelligence (AI) and Large Language Models (LLMs) have emerged as robust and powerful tools that have redefined how many approach problem solving. In 2023 the industry saw a surge of interest in AI and Cybersecurity experts struggled not only to threat model LLMs but to leverage them effectively. Our training presents a comprehensive educational framework aimed at equipping students with the necessary skills to not only build their own LLM toolkits but to leverage AI and LLMs to solve both simple and complex problems unique to their own environments.\r\n\r\nThe training begins with a brief overview of AI including the differences between LLM, generative AI, and myriad of other emerging AI technologies. After introductions we will give students access to our private GitHub to access all the tools and scripts needed for the class. From there students will deploy their own LLM in our cloud environment for use in the class while we explain the basics, operational constraints of running AI, on-prem vs cloud, and the basics of troubleshooting their AI environments.\r\n\r\nNext we will demonstrate how to select high quality data from their environment and give them example data via our private GitHub. From there we will walk students through transforming this data and making it operationally effective and efficient for their AI. We will cover various types of data common to Cybersecurity environments, protentional issues with certain data types, and how to make the most of opensource to help transform the data. Students will apply the model to the LLM.\r\n\r\nLastly, we will cover many use cases in how students can use this AI and data to solve various problems and add value to their environment. Examples include training data to write YARA/SIGMA rules, analyzing alerts to add rankings to help prioritize and avoid alert fatigue, training the AI to work with common opensource tools such as OpenSearch, using AI to improve operational security by catching bad behaviors/patterns, improving application observability by adding context to \"\"weird\"\" behavior, leveraging AI as middleware to add contextual data between disparate platforms, and more! All use cases will be performed by students live and in-class.\r\n\r\nWhen students leave the training they will leave with the tools they need to go back to their employer and apply what they have learned to effect immediate and impactful change. All tools and scripts will be available for students to copy and fork onto their own personal GitHub accounts. Students will also be allowed to export the tools they create in class from our private cloud environment following the training (number of days yet to be determined).\r\n\r\nOur training is designed to bring a holistic educational approach and empower students with the knowledge, skills, and ethical awareness necessary to harness the full potential of LLMs in solving cybersecurity problems. By equipping the next generation of cybersecurity professionals with these capabilities, we aim to foster innovation, resilience, and accountability in the ever-evolving landscape of digital security.\n\n\n","media":[],"title":"Solving Modern Cybersecurity Problems with AI","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-14T00:00:00Z","end_timestamp":{"seconds":1723593600,"nanoseconds":0},"android_description":"Artificial Intelligence (AI) and Large Language Models (LLMs) have emerged as robust and powerful tools that have redefined how many approach problem solving. In 2023 the industry saw a surge of interest in AI and Cybersecurity experts struggled not only to threat model LLMs but to leverage them effectively. Our training presents a comprehensive educational framework aimed at equipping students with the necessary skills to not only build their own LLM toolkits but to leverage AI and LLMs to solve both simple and complex problems unique to their own environments.\r\n\r\nThe training begins with a brief overview of AI including the differences between LLM, generative AI, and myriad of other emerging AI technologies. After introductions we will give students access to our private GitHub to access all the tools and scripts needed for the class. From there students will deploy their own LLM in our cloud environment for use in the class while we explain the basics, operational constraints of running AI, on-prem vs cloud, and the basics of troubleshooting their AI environments.\r\n\r\nNext we will demonstrate how to select high quality data from their environment and give them example data via our private GitHub. From there we will walk students through transforming this data and making it operationally effective and efficient for their AI. We will cover various types of data common to Cybersecurity environments, protentional issues with certain data types, and how to make the most of opensource to help transform the data. Students will apply the model to the LLM.\r\n\r\nLastly, we will cover many use cases in how students can use this AI and data to solve various problems and add value to their environment. Examples include training data to write YARA/SIGMA rules, analyzing alerts to add rankings to help prioritize and avoid alert fatigue, training the AI to work with common opensource tools such as OpenSearch, using AI to improve operational security by catching bad behaviors/patterns, improving application observability by adding context to \"\"weird\"\" behavior, leveraging AI as middleware to add contextual data between disparate platforms, and more! All use cases will be performed by students live and in-class.\r\n\r\nWhen students leave the training they will leave with the tools they need to go back to their employer and apply what they have learned to effect immediate and impactful change. All tools and scripts will be available for students to copy and fork onto their own personal GitHub accounts. Students will also be allowed to export the tools they create in class from our private cloud environment following the training (number of days yet to be determined).\r\n\r\nOur training is designed to bring a holistic educational approach and empower students with the knowledge, skills, and ethical awareness necessary to harness the full potential of LLMs in solving cybersecurity problems. By equipping the next generation of cybersecurity professionals with these capabilities, we aim to foster innovation, resilience, and accountability in the ever-evolving landscape of digital security.","updated_timestamp":{"seconds":1723418478,"nanoseconds":0},"speakers":[{"content_ids":[56232],"conference_id":133,"event_ids":[56890,56914],"name":"Michael Glass","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56627},{"content_ids":[56232],"conference_id":133,"event_ids":[56890,56914],"name":"\"K\" Singh","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56628}],"begin_tsz":"2024-08-13T15:00:00Z","timeband_id":1236,"updated_tsz":"2024-08-11T23:21:18Z","links":[],"end":"2024-08-14T00:00:00.000-0000","id":56914,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723561200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56627},{"tag_id":46167,"sort_order":4,"person_id":56628}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-13T15:00:00.000-0000","updated":"2024-08-11T23:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This training program presents a comprehensive and hands-on approach to implementing DevSecOps practices, with a primary focus on Application Security Automation. Participants will embark on an immersive journey, closely connected to their keyboards, as they engage in labs enriched with real-world examples of DevSecOps and AppSec Automation.\r\n\r\nInitiating with a deep dive into DevSecOps, the training emphasizes the seamless integration of security measures across various stages of the Software Development Lifecycle. It then explores specific Application Security Automation techniques, including Static Application Security Testing (SAST), Software Composition Analysis (SCA), Supply-Chain Security, and Dynamic Application Security Testing (DAST), illustrating how these tools seamlessly integrate into CI/CD pipelines.\r\n\r\nThis edition represents a complete overhaul of our existing DevSecOps content, showcasing the forefront of Application Security Automation and DevSecOps strategies. Highlights include:\r\n\r\n- Hands-on SAST Mastery: Participants gain expertise in SAST for both Applications and Infrastructure-as-Code, focusing on advanced tools like Semgrep and CodeQL. The training emphasizes the creation of custom SAST rules with finesse.\r\n- Elevated Supply-Chain Security Automation: Navigation through Software Bill of Materials (SBOMs), Source Composition Analysis, and Security Engineering techniques. This segment covers diverse methods for constructing secure base images for containers.\r\n- Robust Supply-Chain Assurance and Provenance: A deep dive into the SLSA (Supply-Chain Levels for Software Artifacts) Standard, illustrating how automation aligns with compliance levels. Additionally, comprehensive exploration of Cosign from Project Sigstore reveals its utility in generating keyed/keyless signatures for various artifacts.\r\n- Secrets Management Unveiled: Detailed exploration of Secrets Management and Encryption tools, such as HashiCorp Vault, offering insights into advanced Encryption, Key Management, and Dynamic Secrets implementation.\r\n- Dynamic Application Security Testing (DAST) Autonomy: Exploration of DAST Automation with prominent tools like OWASP ZAP and Nuclei. This includes API-based scanning with OWASP ZAP and crafting custom DAST automation using Nuclei, addressing intricate vulnerabilities through Security Regressions.\r\n- Policy-As-Code Prowess: In-depth exploration of Open Policy-Agent (OPA), a potent framework for crafting and enforcing policies across diverse deployment scenarios. OPA's Domain Specific Language, rego, will be demystified, empowering participants to grasp the nuances of policy-as-code frameworks.\r\n- Seamless Integration with CI/CD: Navigation through integrating Security Automation with pivotal CI/CD tools like GitHub Actions, GitLab, and Jenkins. Furthermore, leveraging Data Flow Automation tools like Robot Framework, Gaia, and Prefect offers alternative avenues for AppSec Automation beyond conventional CI/CD tools.\r\n\r\nFor 2024, we've re-framed this training with a cookbook-style approach that captures the multiple styles of deployments and DevSecOps practices that provide validation and assurance for a variety of use-cases. While building effective and transparent pipelines is the primary goal, we've focused on a building-block style approach to showcase the huge variety of options that are available in each domain of security testing.\r\n\r\nAt the end of the training, participants will have immediate takeaways and practical techniques that they can use for their implementations of DevSecOps, within their organization. The tools and frameworks detailed in the program are largely open-source or freely available, thereby ensuring that participants can implement these scalable DevSecOps programs without having to additionally invest in tooling. Several frameworks and tools have been developed by the authors of the program, as part of their extensive implementation expertise of DevSecOps, ranging from Threat Modeling to Cloud Security to Application Security Automation. Frameworks like ThreatPlaybook (open-source) and Orchestron (open-source Vulnerability Management and Correlation tool), which can simplify Application Security Automation, have been developed from extensive experience with real-world DevSecOps implementations.\r\n\r\nAnother brand new addition comes in the form of engaging challenges that are sprinkled throughout each training section, empowering both trainers and trainees to gauge levels of student comprehension and growth.\n\n\n","media":[],"title":"DevSecOps Masterclass: AppSec Automation Edition","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-14T00:00:00Z","end_timestamp":{"seconds":1723593600,"nanoseconds":0},"android_description":"This training program presents a comprehensive and hands-on approach to implementing DevSecOps practices, with a primary focus on Application Security Automation. Participants will embark on an immersive journey, closely connected to their keyboards, as they engage in labs enriched with real-world examples of DevSecOps and AppSec Automation.\r\n\r\nInitiating with a deep dive into DevSecOps, the training emphasizes the seamless integration of security measures across various stages of the Software Development Lifecycle. It then explores specific Application Security Automation techniques, including Static Application Security Testing (SAST), Software Composition Analysis (SCA), Supply-Chain Security, and Dynamic Application Security Testing (DAST), illustrating how these tools seamlessly integrate into CI/CD pipelines.\r\n\r\nThis edition represents a complete overhaul of our existing DevSecOps content, showcasing the forefront of Application Security Automation and DevSecOps strategies. Highlights include:\r\n\r\n- Hands-on SAST Mastery: Participants gain expertise in SAST for both Applications and Infrastructure-as-Code, focusing on advanced tools like Semgrep and CodeQL. The training emphasizes the creation of custom SAST rules with finesse.\r\n- Elevated Supply-Chain Security Automation: Navigation through Software Bill of Materials (SBOMs), Source Composition Analysis, and Security Engineering techniques. This segment covers diverse methods for constructing secure base images for containers.\r\n- Robust Supply-Chain Assurance and Provenance: A deep dive into the SLSA (Supply-Chain Levels for Software Artifacts) Standard, illustrating how automation aligns with compliance levels. Additionally, comprehensive exploration of Cosign from Project Sigstore reveals its utility in generating keyed/keyless signatures for various artifacts.\r\n- Secrets Management Unveiled: Detailed exploration of Secrets Management and Encryption tools, such as HashiCorp Vault, offering insights into advanced Encryption, Key Management, and Dynamic Secrets implementation.\r\n- Dynamic Application Security Testing (DAST) Autonomy: Exploration of DAST Automation with prominent tools like OWASP ZAP and Nuclei. This includes API-based scanning with OWASP ZAP and crafting custom DAST automation using Nuclei, addressing intricate vulnerabilities through Security Regressions.\r\n- Policy-As-Code Prowess: In-depth exploration of Open Policy-Agent (OPA), a potent framework for crafting and enforcing policies across diverse deployment scenarios. OPA's Domain Specific Language, rego, will be demystified, empowering participants to grasp the nuances of policy-as-code frameworks.\r\n- Seamless Integration with CI/CD: Navigation through integrating Security Automation with pivotal CI/CD tools like GitHub Actions, GitLab, and Jenkins. Furthermore, leveraging Data Flow Automation tools like Robot Framework, Gaia, and Prefect offers alternative avenues for AppSec Automation beyond conventional CI/CD tools.\r\n\r\nFor 2024, we've re-framed this training with a cookbook-style approach that captures the multiple styles of deployments and DevSecOps practices that provide validation and assurance for a variety of use-cases. While building effective and transparent pipelines is the primary goal, we've focused on a building-block style approach to showcase the huge variety of options that are available in each domain of security testing.\r\n\r\nAt the end of the training, participants will have immediate takeaways and practical techniques that they can use for their implementations of DevSecOps, within their organization. The tools and frameworks detailed in the program are largely open-source or freely available, thereby ensuring that participants can implement these scalable DevSecOps programs without having to additionally invest in tooling. Several frameworks and tools have been developed by the authors of the program, as part of their extensive implementation expertise of DevSecOps, ranging from Threat Modeling to Cloud Security to Application Security Automation. Frameworks like ThreatPlaybook (open-source) and Orchestron (open-source Vulnerability Management and Correlation tool), which can simplify Application Security Automation, have been developed from extensive experience with real-world DevSecOps implementations.\r\n\r\nAnother brand new addition comes in the form of engaging challenges that are sprinkled throughout each training section, empowering both trainers and trainees to gauge levels of student comprehension and growth.","updated_timestamp":{"seconds":1723418528,"nanoseconds":0},"speakers":[{"content_ids":[56235],"conference_id":133,"event_ids":[56893,56913],"name":"Ganga Sumanth","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56633},{"content_ids":[56235],"conference_id":133,"event_ids":[56893,56913],"name":"Vishnu Prasad","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56634}],"begin_tsz":"2024-08-13T15:00:00Z","timeband_id":1236,"updated_tsz":"2024-08-11T23:22:08Z","links":[],"end":"2024-08-14T00:00:00.000-0000","id":56913,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723561200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56634},{"tag_id":46167,"sort_order":4,"person_id":56633}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-13T15:00:00.000-0000","updated":"2024-08-11T23:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"\"During this comprehensive course, tools and methodologies that are used in Security Operation Centers will be introduced and detailed. This course will provide students with extensive hands-on exercises and labs that emulate real-life security operation center tasks and related technologies.\r\n\r\nFrom text handling, packet dissection, and analysis, to adversarial simulation and detection engineering, this course will provide students with a solid base of skills and a comprehensive understanding of a Security Operations Center (SOC) Analyst job.\r\n\r\nThe focus will be geared toward basic, hands-on skills that allow students to perform and excel at baseline SOC tasks.\r\n\r\nHardware & Minimum Course Requirements:\r\nA laptop with 16GB of RAM and the ability to run Virtual Machines. Understanding of basic networking concepts and basic Linux comprehension.\r\n\r\nTarget Audience:\r\nThis training is geared towards Information Technology, Computer System, or Computer Network Professionals seeking to enter the Information Security Industry while enriching those who seek to develop the skills and knowledge necessary to work at a Security Operations Center.\r\n\r\nSkills that will be learned:\r\nThis course will provide students with the necessary skills and knowledge to work in a Security Analyst 1 job and understand the dynamics of a Security Operations Center\"\n\n\n","media":[],"title":"SOC 101 - SOC 1 Analyst Bootcamp","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-14T00:00:00Z","end_timestamp":{"seconds":1723593600,"nanoseconds":0},"android_description":"\"During this comprehensive course, tools and methodologies that are used in Security Operation Centers will be introduced and detailed. This course will provide students with extensive hands-on exercises and labs that emulate real-life security operation center tasks and related technologies.\r\n\r\nFrom text handling, packet dissection, and analysis, to adversarial simulation and detection engineering, this course will provide students with a solid base of skills and a comprehensive understanding of a Security Operations Center (SOC) Analyst job.\r\n\r\nThe focus will be geared toward basic, hands-on skills that allow students to perform and excel at baseline SOC tasks.\r\n\r\nHardware & Minimum Course Requirements:\r\nA laptop with 16GB of RAM and the ability to run Virtual Machines. Understanding of basic networking concepts and basic Linux comprehension.\r\n\r\nTarget Audience:\r\nThis training is geared towards Information Technology, Computer System, or Computer Network Professionals seeking to enter the Information Security Industry while enriching those who seek to develop the skills and knowledge necessary to work at a Security Operations Center.\r\n\r\nSkills that will be learned:\r\nThis course will provide students with the necessary skills and knowledge to work in a Security Analyst 1 job and understand the dynamics of a Security Operations Center\"","updated_timestamp":{"seconds":1723418224,"nanoseconds":0},"speakers":[{"content_ids":[56227],"conference_id":133,"event_ids":[56885,56912],"name":"Rod Soto","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56622}],"begin_tsz":"2024-08-13T15:00:00Z","timeband_id":1236,"updated_tsz":"2024-08-11T23:17:04Z","links":[],"end":"2024-08-14T00:00:00.000-0000","id":56912,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723561200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56622}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-13T15:00:00.000-0000","updated":"2024-08-11T23:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Crypto related bugs are super common. OWASP even ranks \"\"Cryptographic Failure\"\" as the second most common security vulnerability class in software. Yet, very often these vulnerabilities are overlooked by developers, code auditors, blue teamers and penetration testers alike. Because, let's face it: Nobody knows how cryptography works.\r\n\r\nDuring the course you will:\r\n\r\n- understand how modern cryptography works.\r\n- find common crypto vulnerabilities in real software.\r\n- write crypto exploits for real software (and an IoT device).\r\n\r\nUsing case studies from our own pentesting and red teaming engagements, we'll introduce core concepts of applied cryptography and how they fail in practice.\r\n\r\nThis course turns you into a powerful weapon. You will know how applied cryptography works, how it's commonly misused in the field and how this leads to exploitable bugs. That means, by the end of the course you will be among the very selected group of people that can identify, avoid and exploit vulnerabilities in code using crypto.\r\n\r\nNo prior knowledge required!\n\n\n","media":[],"title":"Hacking Cryptography: Attacks, Tools and Techniques","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-14T00:00:00Z","end_timestamp":{"seconds":1723593600,"nanoseconds":0},"android_description":"Crypto related bugs are super common. OWASP even ranks \"\"Cryptographic Failure\"\" as the second most common security vulnerability class in software. Yet, very often these vulnerabilities are overlooked by developers, code auditors, blue teamers and penetration testers alike. Because, let's face it: Nobody knows how cryptography works.\r\n\r\nDuring the course you will:\r\n\r\n- understand how modern cryptography works.\r\n- find common crypto vulnerabilities in real software.\r\n- write crypto exploits for real software (and an IoT device).\r\n\r\nUsing case studies from our own pentesting and red teaming engagements, we'll introduce core concepts of applied cryptography and how they fail in practice.\r\n\r\nThis course turns you into a powerful weapon. You will know how applied cryptography works, how it's commonly misused in the field and how this leads to exploitable bugs. That means, by the end of the course you will be among the very selected group of people that can identify, avoid and exploit vulnerabilities in code using crypto.\r\n\r\nNo prior knowledge required!","updated_timestamp":{"seconds":1723418273,"nanoseconds":0},"speakers":[{"content_ids":[56228],"conference_id":133,"event_ids":[56886,56911],"name":"Ruben Gonzalez","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56623}],"begin_tsz":"2024-08-13T15:00:00Z","timeband_id":1236,"updated_tsz":"2024-08-11T23:17:53Z","links":[],"end":"2024-08-14T00:00:00.000-0000","id":56911,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723561200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56623}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-13T15:00:00.000-0000","updated":"2024-08-11T23:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this two-day hands-on training, you’ll learn everything you need to know about forensics and incident response in the Microsoft cloud. This training covers both Microsoft 365 and Microsoft Azure, you’ll get hands-on experience with investigating attacks, acquisition of forensic artefacts from the cloud and digging through the relevant artefacts. Everything you learn is related to real life threats observed against the Microsoft cloud. The trainer has real life experience with incident response and forensic investigations in the cloud, knowledge will be shared that's not available on any public resource. Once you’ve completed this training you will feel comfortable investigating any threat in the Microsoft cloud.\r\n\r\n\r\nImportant, you only have to bring your laptop with a browser and we will provide you with access to the cloud tenants and investigation data.\n\n\n","media":[],"title":"Incident Response in the Microsoft Cloud","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-14T00:00:00Z","end_timestamp":{"seconds":1723593600,"nanoseconds":0},"android_description":"In this two-day hands-on training, you’ll learn everything you need to know about forensics and incident response in the Microsoft cloud. This training covers both Microsoft 365 and Microsoft Azure, you’ll get hands-on experience with investigating attacks, acquisition of forensic artefacts from the cloud and digging through the relevant artefacts. Everything you learn is related to real life threats observed against the Microsoft cloud. The trainer has real life experience with incident response and forensic investigations in the cloud, knowledge will be shared that's not available on any public resource. Once you’ve completed this training you will feel comfortable investigating any threat in the Microsoft cloud.\r\n\r\n\r\nImportant, you only have to bring your laptop with a browser and we will provide you with access to the cloud tenants and investigation data.","updated_timestamp":{"seconds":1723418420,"nanoseconds":0},"speakers":[{"content_ids":[56229],"conference_id":133,"event_ids":[56887,56910],"name":"Korstiaan Stam","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56624}],"begin_tsz":"2024-08-13T15:00:00Z","timeband_id":1236,"updated_tsz":"2024-08-11T23:20:20Z","links":[],"end":"2024-08-14T00:00:00.000-0000","id":56910,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723561200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56624}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-13T15:00:00.000-0000","updated":"2024-08-11T23:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This Advanced Tunneling, Pivoting, and Redirection course provides participants with an understanding of how an attacker approaches the exploitation process. While gaining access to and once on the network, participants learn the techniques adversaries use to hide from detection and gain access to multiple different private networks by creating tunnels and pivots. This course provides participants with a baseline understanding of the tactics, techniques, and procedures an attacker uses to gain access to a network and pivot to different hosts. These concepts are then expanded through labs and lectures to provide a deeper understanding exploitation and tunneling.\r\n\r\n*Students will receive 6 months of access to our virtual lab environment.\n\n\n","media":[],"title":"Advanced Tunneling, Pivoting, and Redirection Course","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-14T00:00:00Z","end_timestamp":{"seconds":1723593600,"nanoseconds":0},"android_description":"This Advanced Tunneling, Pivoting, and Redirection course provides participants with an understanding of how an attacker approaches the exploitation process. While gaining access to and once on the network, participants learn the techniques adversaries use to hide from detection and gain access to multiple different private networks by creating tunnels and pivots. This course provides participants with a baseline understanding of the tactics, techniques, and procedures an attacker uses to gain access to a network and pivot to different hosts. These concepts are then expanded through labs and lectures to provide a deeper understanding exploitation and tunneling.\r\n\r\n*Students will receive 6 months of access to our virtual lab environment.","updated_timestamp":{"seconds":1723418560,"nanoseconds":0},"speakers":[{"content_ids":[56237],"conference_id":133,"event_ids":[56895,56909],"name":"Travis Livermore","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56637}],"begin_tsz":"2024-08-13T15:00:00Z","timeband_id":1236,"updated_tsz":"2024-08-11T23:22:40Z","links":[],"end":"2024-08-14T00:00:00.000-0000","id":56909,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723561200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56637}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-13T15:00:00.000-0000","updated":"2024-08-11T23:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"More than 95% of Fortune 500 companies use Active Directory! Enterprises are managed using Active Directory (AD) and it often forms the backbone of the complete network. To secure AD, you must understand different techniques and attacks used by adversaries against it. Often burdened with maintaining interoperability with a variety of products, AD lack ability to tackle latest threats.\r\nThis training is aimed towards attacking modern AD using built-in tools, scripting and other trusted OS resources. Some of the techniques, used in the course:\r\n- Extensive AD Enumeration\r\n- Trust mapping and abuse\r\n- Privilege Escalation \r\n- Advanced Kerberos Attacks\r\n- Advanced cross forest trust abuse\r\n- Attacking Azure AD integration\r\n- Abusing trusts for MS products\r\n- Credentials Replay Attacks \r\n- Persistence \r\n- Defenses \r\n- Bypassing defenses \r\n\r\nYou start from a user desktop and work your way up to multiple forest pwnage. \r\nAttendees will get free one month access to an AD environment comprising of multiple domains and forests.\r\n\r\nThis course is very useful in securing the backbone of any Enterprise Environment. We have been teaching this course at BlackHat for many years now and the feedback has always been very good. The students have always enjoyed the course and the lab. We provide multiple ways of solving the lab that helps the students to utilize the lab to fullest!\n\n\n","media":[],"title":"Active Directory Attacks for Red and Blue Teams - Advanced Edition","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-14T00:00:00Z","end_timestamp":{"seconds":1723593600,"nanoseconds":0},"android_description":"More than 95% of Fortune 500 companies use Active Directory! Enterprises are managed using Active Directory (AD) and it often forms the backbone of the complete network. To secure AD, you must understand different techniques and attacks used by adversaries against it. Often burdened with maintaining interoperability with a variety of products, AD lack ability to tackle latest threats.\r\nThis training is aimed towards attacking modern AD using built-in tools, scripting and other trusted OS resources. Some of the techniques, used in the course:\r\n- Extensive AD Enumeration\r\n- Trust mapping and abuse\r\n- Privilege Escalation \r\n- Advanced Kerberos Attacks\r\n- Advanced cross forest trust abuse\r\n- Attacking Azure AD integration\r\n- Abusing trusts for MS products\r\n- Credentials Replay Attacks \r\n- Persistence \r\n- Defenses \r\n- Bypassing defenses \r\n\r\nYou start from a user desktop and work your way up to multiple forest pwnage. \r\nAttendees will get free one month access to an AD environment comprising of multiple domains and forests.\r\n\r\nThis course is very useful in securing the backbone of any Enterprise Environment. We have been teaching this course at BlackHat for many years now and the feedback has always been very good. The students have always enjoyed the course and the lab. We provide multiple ways of solving the lab that helps the students to utilize the lab to fullest!","updated_timestamp":{"seconds":1723418446,"nanoseconds":0},"speakers":[{"content_ids":[56234,56230],"conference_id":133,"event_ids":[56888,56892,56905,56908],"name":"Altered Security","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56625}],"begin_tsz":"2024-08-13T15:00:00Z","timeband_id":1236,"updated_tsz":"2024-08-11T23:20:46Z","links":[],"end":"2024-08-14T00:00:00.000-0000","id":56908,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723561200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56625}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-13T15:00:00.000-0000","updated":"2024-08-11T23:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Modern IT systems are complex and it’s all about full-stack nowadays. To become a pentesting expert, you need to dive into full-stack exploitation and gain a lot of practical skills. That’s why I created the Full-Stack Pentesting Laboratory.\r\n\r\nFor each attack, vulnerability and technique presented in this training there is a lab exercise to help you master full-stack pentesting step by step. What’s more, when the training is over, you can take the complete lab environment home to hack again at your own pace.\r\n\r\nI found security bugs in many companies including Google, Yahoo, Mozilla, Twitter and in this training I’ll share my experience with you. The content of this training has been carefully selected to cover the topics most frequently requested by professional penetration testers.\n\n\n","media":[],"title":"Full-Stack Pentesting Laboratory: 100% Hands-On + Lifetime LAB Access","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-14T00:00:00Z","end_timestamp":{"seconds":1723593600,"nanoseconds":0},"android_description":"Modern IT systems are complex and it’s all about full-stack nowadays. To become a pentesting expert, you need to dive into full-stack exploitation and gain a lot of practical skills. That’s why I created the Full-Stack Pentesting Laboratory.\r\n\r\nFor each attack, vulnerability and technique presented in this training there is a lab exercise to help you master full-stack pentesting step by step. What’s more, when the training is over, you can take the complete lab environment home to hack again at your own pace.\r\n\r\nI found security bugs in many companies including Google, Yahoo, Mozilla, Twitter and in this training I’ll share my experience with you. The content of this training has been carefully selected to cover the topics most frequently requested by professional penetration testers.","updated_timestamp":{"seconds":1723418461,"nanoseconds":0},"speakers":[{"content_ids":[56231],"conference_id":133,"event_ids":[56889,56907],"name":"Dawid Czagan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56626}],"begin_tsz":"2024-08-13T15:00:00Z","timeband_id":1236,"updated_tsz":"2024-08-11T23:21:01Z","links":[],"end":"2024-08-14T00:00:00.000-0000","id":56907,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723561200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56626}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-13T15:00:00.000-0000","updated":"2024-08-11T23:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As IoT becomes more integrated and integral into personal and work lives, there is a growing need to understand the inner workings of IoT devices and ensure these devices are secure. This course teaches security professionals and hackers how to identify and exploit security vulnerabilities in IoT devices. Participants will learn to interact with hardware debug capabilities, communicate with memory devices, and virtualize and analyze firmware. The course also covers various hardware attacks including glitching and side channel attacks, as well as diving into communications protocols, including Bluetooth, Zigbee, Thread and Matter. Participants will gain hands-on experience with industry tools and techniques. This course is suitable for security professionals, penetration testers, and hackers with basic programming and computer system knowledge, and equips them with skills to discover new vulnerabilities in IoT devices.\n\n\n","media":[],"title":"Offensive IoT Exploitation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-14T00:00:00Z","end_timestamp":{"seconds":1723593600,"nanoseconds":0},"android_description":"As IoT becomes more integrated and integral into personal and work lives, there is a growing need to understand the inner workings of IoT devices and ensure these devices are secure. This course teaches security professionals and hackers how to identify and exploit security vulnerabilities in IoT devices. Participants will learn to interact with hardware debug capabilities, communicate with memory devices, and virtualize and analyze firmware. The course also covers various hardware attacks including glitching and side channel attacks, as well as diving into communications protocols, including Bluetooth, Zigbee, Thread and Matter. Participants will gain hands-on experience with industry tools and techniques. This course is suitable for security professionals, penetration testers, and hackers with basic programming and computer system knowledge, and equips them with skills to discover new vulnerabilities in IoT devices.","updated_timestamp":{"seconds":1723418497,"nanoseconds":0},"speakers":[{"content_ids":[56233],"conference_id":133,"event_ids":[56891,56906],"name":"Trevor Stevado","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56629},{"content_ids":[56233],"conference_id":133,"event_ids":[56891,56906],"name":"Trevor Hough","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56630},{"content_ids":[56233],"conference_id":133,"event_ids":[56891,56906],"name":"Nicholas Coad","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56631},{"content_ids":[56233],"conference_id":133,"event_ids":[56891,56906],"name":"Patrick Ross","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56632}],"begin_tsz":"2024-08-13T15:00:00Z","timeband_id":1236,"updated_tsz":"2024-08-11T23:21:37Z","links":[],"end":"2024-08-14T00:00:00.000-0000","id":56906,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723561200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56629},{"tag_id":46167,"sort_order":4,"person_id":56630},{"tag_id":46167,"sort_order":6,"person_id":56632},{"tag_id":46167,"sort_order":8,"person_id":56631}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-13T15:00:00.000-0000","updated":"2024-08-11T23:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"More than 95 percent of Fortune 500 use Azure today! A huge number of organizations now use Azure AD as an Identity and Access Management platform using the hybrid cloud model. This makes it imperative to understand the risks associated with Azure as identities of users across an enterprise are authenticated using it. \r\nThis hands-on training aims towards abusing Azure and a number of services offered by it. We will cover multiple complex attack lifecycles against a lab containing multiple live Azure tenants. \r\n\r\nYou get one month access to a live Azure lab environment containing multiple tenants during and after the class.\r\nNon-exhaustive list of topics:\r\n- Introduction to Azure \r\n- Discovery and Recon of services and applications \r\n- Enumeration \r\n- Initial Access Attacks\r\n- Enumeration post authentication\r\n- Privilege Escalation\r\n- Lateral Movement\r\n- Persistence techniques \r\n- Data Mining\r\n- Defenses, Monitoring and Auditing \r\n- Bypassing Defenses\r\n\r\n- The course helps the students in learning and understanding attacks against an organization that is using Azure by executing a full 'kill chain'/attack lifecycle!\r\n \r\n- Students get to practice attacks on Azure in a live lab environment that has multiple Azure tenants and a large number of different resources including hybrid identity and on-prem infrastructure. We really have invested a lot in making these labs fun, stable and compliant to Microsoft directives. The lab is an Azure cloud playground and students can solve it in multiple ways. \r\n\r\n- Students can understand the defenses available to counter the discussed attacks and analyze the footprints of the attackers!\r\n\r\n- An attempt for Certified Azure Red Team Professional (CARTP)\n\n\n","media":[],"title":"Azure Cloud Attacks for Red & Blue Teams","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-14T00:00:00Z","end_timestamp":{"seconds":1723593600,"nanoseconds":0},"android_description":"More than 95 percent of Fortune 500 use Azure today! A huge number of organizations now use Azure AD as an Identity and Access Management platform using the hybrid cloud model. This makes it imperative to understand the risks associated with Azure as identities of users across an enterprise are authenticated using it. \r\nThis hands-on training aims towards abusing Azure and a number of services offered by it. We will cover multiple complex attack lifecycles against a lab containing multiple live Azure tenants. \r\n\r\nYou get one month access to a live Azure lab environment containing multiple tenants during and after the class.\r\nNon-exhaustive list of topics:\r\n- Introduction to Azure \r\n- Discovery and Recon of services and applications \r\n- Enumeration \r\n- Initial Access Attacks\r\n- Enumeration post authentication\r\n- Privilege Escalation\r\n- Lateral Movement\r\n- Persistence techniques \r\n- Data Mining\r\n- Defenses, Monitoring and Auditing \r\n- Bypassing Defenses\r\n\r\n- The course helps the students in learning and understanding attacks against an organization that is using Azure by executing a full 'kill chain'/attack lifecycle!\r\n \r\n- Students get to practice attacks on Azure in a live lab environment that has multiple Azure tenants and a large number of different resources including hybrid identity and on-prem infrastructure. We really have invested a lot in making these labs fun, stable and compliant to Microsoft directives. The lab is an Azure cloud playground and students can solve it in multiple ways. \r\n\r\n- Students can understand the defenses available to counter the discussed attacks and analyze the footprints of the attackers!\r\n\r\n- An attempt for Certified Azure Red Team Professional (CARTP)","updated_timestamp":{"seconds":1723418511,"nanoseconds":0},"speakers":[{"content_ids":[56234,56230],"conference_id":133,"event_ids":[56888,56892,56905,56908],"name":"Altered Security","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56625}],"begin_tsz":"2024-08-13T15:00:00Z","timeband_id":1236,"updated_tsz":"2024-08-11T23:21:51Z","links":[],"end":"2024-08-14T00:00:00.000-0000","id":56905,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723561200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56625}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-13T15:00:00.000-0000","updated":"2024-08-11T23:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"One of the most badass skills a hacker can possess is the ability to find and exploit vulnerabilities in binary software. This is enabled by a long history of complex tools: OllyDBG, SoftICE, IDA Pro, Binary Ninja, Ghidra, and now: angr. Built using cutting-edge techniques straight out of research labs around the world, angr enables analysts to swiftly carry out advanced reasoning over software to understand complex code and find the juicy hidden vulnerabilities within.\r\n\r\nWhile angr is arguably one of the most user-friendly binary analysis frameworks available on the market, it is never an easy task to use it to its full potential, especially when facing less-common architectures (such as PowerPC), niche operating environments (bare-metal binaries or embedded architectures), or unique tasks (e.g., binary code optimization, exploit generation, efficient vulnerability discovery, etc.). To assist users, especially medium-level and professional reverse engineers to effectively and efficiently use angr in their daily work, we designed this four-day course focusing on the use of non-trivial capabilities that angr offers, especially the advanced static analysis capabilities that angr recently developed.\r\n\r\nThis course will focus on Linux userspace binaries (x86-64 and ARM) and binaries in firmware images (ARM and MIPS). After completing this course, students will master practical angr skills that will help them reverse engineer userspace binary programs, assess them for defects and vulnerabilities, and verifying many of these vulnerabilities. Specifically, this course will cover the following topics: Customizing angr’s control-flow recovery, performing intra- and inter-function reaching definition analysis, building customized data-flow analysis on custom analysis domains, and using building blocks that angr provides to build static data-flow analyses for scalable vulnerability discovery.\r\n\r\nThis course is extremely practical and hands-on: Core angr developers will guide students to solve over twenty specially crafted problems (many of which are based on real-world firmware services) with angr. We provide all problems in a specially designed course platform used by online education courses such as Pwn College, which provides a full development and analysis environment through a web browser and remotely-accessible virtual machines hosting practice problems that students can tackle without having to configure anything locally. Our course platform allows students to share screens and lecturers to remotely assist, which makes this course suitable for both in-person and virtual attendees.\n\n\n","media":[],"title":"Customizable Static Vulnerability Discovery Using angr’s Lesser Known Capabilities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-14T00:00:00Z","end_timestamp":{"seconds":1723593600,"nanoseconds":0},"android_description":"One of the most badass skills a hacker can possess is the ability to find and exploit vulnerabilities in binary software. This is enabled by a long history of complex tools: OllyDBG, SoftICE, IDA Pro, Binary Ninja, Ghidra, and now: angr. Built using cutting-edge techniques straight out of research labs around the world, angr enables analysts to swiftly carry out advanced reasoning over software to understand complex code and find the juicy hidden vulnerabilities within.\r\n\r\nWhile angr is arguably one of the most user-friendly binary analysis frameworks available on the market, it is never an easy task to use it to its full potential, especially when facing less-common architectures (such as PowerPC), niche operating environments (bare-metal binaries or embedded architectures), or unique tasks (e.g., binary code optimization, exploit generation, efficient vulnerability discovery, etc.). To assist users, especially medium-level and professional reverse engineers to effectively and efficiently use angr in their daily work, we designed this four-day course focusing on the use of non-trivial capabilities that angr offers, especially the advanced static analysis capabilities that angr recently developed.\r\n\r\nThis course will focus on Linux userspace binaries (x86-64 and ARM) and binaries in firmware images (ARM and MIPS). After completing this course, students will master practical angr skills that will help them reverse engineer userspace binary programs, assess them for defects and vulnerabilities, and verifying many of these vulnerabilities. Specifically, this course will cover the following topics: Customizing angr’s control-flow recovery, performing intra- and inter-function reaching definition analysis, building customized data-flow analysis on custom analysis domains, and using building blocks that angr provides to build static data-flow analyses for scalable vulnerability discovery.\r\n\r\nThis course is extremely practical and hands-on: Core angr developers will guide students to solve over twenty specially crafted problems (many of which are based on real-world firmware services) with angr. We provide all problems in a specially designed course platform used by online education courses such as Pwn College, which provides a full development and analysis environment through a web browser and remotely-accessible virtual machines hosting practice problems that students can tackle without having to configure anything locally. Our course platform allows students to share screens and lecturers to remotely assist, which makes this course suitable for both in-person and virtual attendees.","updated_timestamp":{"seconds":1723418544,"nanoseconds":0},"speakers":[{"content_ids":[56236],"conference_id":133,"event_ids":[56894,56904],"name":"Fish Wang","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56635},{"content_ids":[56236],"conference_id":133,"event_ids":[56894,56904],"name":"Yan Shoshitaishvili","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56636}],"begin_tsz":"2024-08-13T15:00:00Z","timeband_id":1236,"updated_tsz":"2024-08-11T23:22:24Z","links":[],"end":"2024-08-14T00:00:00.000-0000","id":56904,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723561200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56636},{"tag_id":46167,"sort_order":4,"person_id":56635}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-13T15:00:00.000-0000","updated":"2024-08-11T23:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hackers have a unique perspective on the world and in particular on the technological artifacts within it. When most people look at a high-tech system, they see what they were meant to see by the people who created it. Hackers see technology as it truly is, not as it was meant to be, and this way of looking at things enables hackers to discover possibilities that were never intended in the first place.\r\n\r\nFor centuries, military and intelligence strategists have sought to view the world from a similar perspective - a perspective that can see the hidden possibilities and weaknesses in things and take advantage of them to create unexpected results. \r\nThis unique course draws lessons from both the hacker community and from military thinking in order to deepen your ability to understand adversaries and see things the way that adversaries see them. \r\n \r\nHoning this skill is particularly valuable for people who are building technological systems that might be subject to misuse, and need to be able to anticipate that misuse. Whether you are an aspiring red teamer, a hardware engineer, software developer or product owner striving to understand how your product will be abused, or you work in fraud detection, risk analysis, election security, or any other domain where you face an adversary, you’ll find this course a valuable addition to your skill set.\n\n\n","media":[],"title":"Adversarial Thinking: The Art of Dangerous Ideas","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-14T00:00:00Z","end_timestamp":{"seconds":1723593600,"nanoseconds":0},"android_description":"Hackers have a unique perspective on the world and in particular on the technological artifacts within it. When most people look at a high-tech system, they see what they were meant to see by the people who created it. Hackers see technology as it truly is, not as it was meant to be, and this way of looking at things enables hackers to discover possibilities that were never intended in the first place.\r\n\r\nFor centuries, military and intelligence strategists have sought to view the world from a similar perspective - a perspective that can see the hidden possibilities and weaknesses in things and take advantage of them to create unexpected results. \r\nThis unique course draws lessons from both the hacker community and from military thinking in order to deepen your ability to understand adversaries and see things the way that adversaries see them. \r\n \r\nHoning this skill is particularly valuable for people who are building technological systems that might be subject to misuse, and need to be able to anticipate that misuse. Whether you are an aspiring red teamer, a hardware engineer, software developer or product owner striving to understand how your product will be abused, or you work in fraud detection, risk analysis, election security, or any other domain where you face an adversary, you’ll find this course a valuable addition to your skill set.","updated_timestamp":{"seconds":1723418580,"nanoseconds":0},"speakers":[{"content_ids":[56238],"conference_id":133,"event_ids":[56896,56903],"name":"Greg Conti","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56638},{"content_ids":[56238],"conference_id":133,"event_ids":[56896,56903],"name":"Tom Cross","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56639}],"begin_tsz":"2024-08-13T15:00:00Z","timeband_id":1236,"updated_tsz":"2024-08-11T23:23:00Z","links":[],"end":"2024-08-14T00:00:00.000-0000","id":56903,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723561200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56639},{"tag_id":46167,"sort_order":4,"person_id":56638}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-13T15:00:00.000-0000","updated":"2024-08-11T23:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This class is a beginner's introduction to practical Software Defined Radio (SDR) applications and development with an emphasis on hands-on learning. If you have ever been curious about the invisible world of radio waves and signals all around you, but didn't know where to begin, then this course is for you. Students can expect to learn about basic RF theory and SDR architecture before moving on to hands-on development with real radios. Over the two-day course, the instructor will guide students through progressively more complicated RF concepts and waveforms, culminating in a small capstone CTF exercise. Students will be provided with a HackRF SDR for the duration of the class but will need to bring their own laptop to interface with the radio. VMs will be made available to students to download before class, along with an OS setup guide for those that prefer a bare-metal install. The VM/OS will have all the required drivers and frameworks to interface with the radio hardware, allowing us to jump right into hands-on exercises. My intent for this course is to lower the barrier of entry associated with RF hacking and give beginning students a practical understanding of RF and DSP applications with SDRs.\n\n\n","media":[],"title":"Software Defined Radios 101","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-14T00:00:00Z","end_timestamp":{"seconds":1723593600,"nanoseconds":0},"android_description":"This class is a beginner's introduction to practical Software Defined Radio (SDR) applications and development with an emphasis on hands-on learning. If you have ever been curious about the invisible world of radio waves and signals all around you, but didn't know where to begin, then this course is for you. Students can expect to learn about basic RF theory and SDR architecture before moving on to hands-on development with real radios. Over the two-day course, the instructor will guide students through progressively more complicated RF concepts and waveforms, culminating in a small capstone CTF exercise. Students will be provided with a HackRF SDR for the duration of the class but will need to bring their own laptop to interface with the radio. VMs will be made available to students to download before class, along with an OS setup guide for those that prefer a bare-metal install. The VM/OS will have all the required drivers and frameworks to interface with the radio hardware, allowing us to jump right into hands-on exercises. My intent for this course is to lower the barrier of entry associated with RF hacking and give beginning students a practical understanding of RF and DSP applications with SDRs.","updated_timestamp":{"seconds":1723418598,"nanoseconds":0},"speakers":[{"content_ids":[56239],"conference_id":133,"event_ids":[56897,56902],"name":"Richard Shmel","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56640}],"begin_tsz":"2024-08-13T15:00:00Z","timeband_id":1236,"updated_tsz":"2024-08-11T23:23:18Z","links":[],"end":"2024-08-14T00:00:00.000-0000","id":56902,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723561200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56640}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-13T15:00:00.000-0000","updated":"2024-08-11T23:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The adoption of Kubernetes use in production has increased to 83% from a survey by CNCF. Still, most security teams struggle to understand these modern technologies.\r\n\r\nIn this real-world scenario-based training, each participant will be learning Tactics, Techniques, and Procedures (TTPs) to attack and assess Kubernetes clusters environments at different layers like Supply chain, Infrastructure, Runtime, and many others. Starting from simple recon to gaining access to microservices, sensitive data, escaping containers, escalating to clusters privileges, and even its underlying cloud environments.\r\n\r\nBy end of the training, participants will be able to apply their knowledge to perform architecture reviews, security assessments, red team exercises, and pen-testing engagements on Kubernetes Clusters and Containersed environments successfully. Also, the trainer will provide step by step guide (Digital Book) with resources and references to further your learning.\n\n\n","media":[],"title":"A Practical Approach to Breaking & Pwning Kubernetes Clusters","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-14T00:00:00Z","end_timestamp":{"seconds":1723593600,"nanoseconds":0},"android_description":"The adoption of Kubernetes use in production has increased to 83% from a survey by CNCF. Still, most security teams struggle to understand these modern technologies.\r\n\r\nIn this real-world scenario-based training, each participant will be learning Tactics, Techniques, and Procedures (TTPs) to attack and assess Kubernetes clusters environments at different layers like Supply chain, Infrastructure, Runtime, and many others. Starting from simple recon to gaining access to microservices, sensitive data, escaping containers, escalating to clusters privileges, and even its underlying cloud environments.\r\n\r\nBy end of the training, participants will be able to apply their knowledge to perform architecture reviews, security assessments, red team exercises, and pen-testing engagements on Kubernetes Clusters and Containersed environments successfully. Also, the trainer will provide step by step guide (Digital Book) with resources and references to further your learning.","updated_timestamp":{"seconds":1723418614,"nanoseconds":0},"speakers":[{"content_ids":[56240],"conference_id":133,"event_ids":[56898,56901],"name":"Madhu Akula","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56641}],"begin_tsz":"2024-08-13T15:00:00Z","timeband_id":1236,"updated_tsz":"2024-08-11T23:23:34Z","links":[],"end":"2024-08-14T00:00:00.000-0000","id":56901,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723561200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56641}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-13T15:00:00.000-0000","updated":"2024-08-11T23:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Engage in a transformative learning experience spanning the four days of this comprehensive security class, led by Jayson. Delve into the art of online research, exploring non-traditional adversary tactics and moving beyond vulnerability discovery to enhance target security. Emphasizing hands-on, real-world examples, Jayson's approach sheds light on the human side of social engineering attacks, utilizing non-intrusive simulations for education without compromise. Distinguishable from traditional pentesting, Jayson introduces the Security Awareness Engagement methodology, revealing real-world threats without negative impacts. This methodology involves hands-on simulations, educating users on daily threats, akin to routine exercises in banks preparing for robberies. The class extends beyond Metasploit and zero-day exploits, focusing on the paramount threat – the human factor. Progresses into a deeper understanding of social engineering attacks, guiding students on educating others and raising awareness. The focus is on bolstering an organization's security posture through practical changes and gaining management buy-in, fostering user engagement as an integral part of the security team. The last day the class shifts towards the critical realm of incident response planning. While most plans address computer/network compromises, this course introduces the concept of a Social Engineer Incident Response plan. Preparing first responders for suspicious incidents, it covers avoidance strategies, de-escalation techniques, and detection measures. Students learn a step-by-step approach to validate, protect, detect, respond, and recover from social engineering events, providing a comprehensive incident response plan that extends beyond the network to fortify the core of the enterprise.\n\n\n","media":[],"title":"Simulated Adversary - Tactics & Tools Training","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-14T00:00:00Z","end_timestamp":{"seconds":1723593600,"nanoseconds":0},"android_description":"Engage in a transformative learning experience spanning the four days of this comprehensive security class, led by Jayson. Delve into the art of online research, exploring non-traditional adversary tactics and moving beyond vulnerability discovery to enhance target security. Emphasizing hands-on, real-world examples, Jayson's approach sheds light on the human side of social engineering attacks, utilizing non-intrusive simulations for education without compromise. Distinguishable from traditional pentesting, Jayson introduces the Security Awareness Engagement methodology, revealing real-world threats without negative impacts. This methodology involves hands-on simulations, educating users on daily threats, akin to routine exercises in banks preparing for robberies. The class extends beyond Metasploit and zero-day exploits, focusing on the paramount threat – the human factor. Progresses into a deeper understanding of social engineering attacks, guiding students on educating others and raising awareness. The focus is on bolstering an organization's security posture through practical changes and gaining management buy-in, fostering user engagement as an integral part of the security team. The last day the class shifts towards the critical realm of incident response planning. While most plans address computer/network compromises, this course introduces the concept of a Social Engineer Incident Response plan. Preparing first responders for suspicious incidents, it covers avoidance strategies, de-escalation techniques, and detection measures. Students learn a step-by-step approach to validate, protect, detect, respond, and recover from social engineering events, providing a comprehensive incident response plan that extends beyond the network to fortify the core of the enterprise.","updated_timestamp":{"seconds":1723418626,"nanoseconds":0},"speakers":[{"content_ids":[55686,54463,56241],"conference_id":133,"event_ids":[56353,56899,56900,56209,54836],"name":"Jayson E. Street","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"HackerAdventures.world","sort_order":0,"url":"https://HackerAdventures.world"},{"description":"","title":"Twitter (@jaysonstreet)","sort_order":0,"url":"https://twitter.com/jaysonstreet"},{"description":"","title":"Website","sort_order":0,"url":"https://JaysonEStreet.com"}],"media":[],"id":54170}],"begin_tsz":"2024-08-13T15:00:00Z","timeband_id":1236,"updated_tsz":"2024-08-11T23:23:46Z","links":[],"end":"2024-08-14T00:00:00.000-0000","id":56900,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723561200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54170}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-13T15:00:00.000-0000","updated":"2024-08-11T23:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Engage in a transformative learning experience spanning the four days of this comprehensive security class, led by Jayson. Delve into the art of online research, exploring non-traditional adversary tactics and moving beyond vulnerability discovery to enhance target security. Emphasizing hands-on, real-world examples, Jayson's approach sheds light on the human side of social engineering attacks, utilizing non-intrusive simulations for education without compromise. Distinguishable from traditional pentesting, Jayson introduces the Security Awareness Engagement methodology, revealing real-world threats without negative impacts. This methodology involves hands-on simulations, educating users on daily threats, akin to routine exercises in banks preparing for robberies. The class extends beyond Metasploit and zero-day exploits, focusing on the paramount threat – the human factor. Progresses into a deeper understanding of social engineering attacks, guiding students on educating others and raising awareness. The focus is on bolstering an organization's security posture through practical changes and gaining management buy-in, fostering user engagement as an integral part of the security team. The last day the class shifts towards the critical realm of incident response planning. While most plans address computer/network compromises, this course introduces the concept of a Social Engineer Incident Response plan. Preparing first responders for suspicious incidents, it covers avoidance strategies, de-escalation techniques, and detection measures. Students learn a step-by-step approach to validate, protect, detect, respond, and recover from social engineering events, providing a comprehensive incident response plan that extends beyond the network to fortify the core of the enterprise.\n\n\n","media":[],"title":"Simulated Adversary - Tactics & Tools Training","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-13T00:00:00Z","end_timestamp":{"seconds":1723507200,"nanoseconds":0},"android_description":"Engage in a transformative learning experience spanning the four days of this comprehensive security class, led by Jayson. Delve into the art of online research, exploring non-traditional adversary tactics and moving beyond vulnerability discovery to enhance target security. Emphasizing hands-on, real-world examples, Jayson's approach sheds light on the human side of social engineering attacks, utilizing non-intrusive simulations for education without compromise. Distinguishable from traditional pentesting, Jayson introduces the Security Awareness Engagement methodology, revealing real-world threats without negative impacts. This methodology involves hands-on simulations, educating users on daily threats, akin to routine exercises in banks preparing for robberies. The class extends beyond Metasploit and zero-day exploits, focusing on the paramount threat – the human factor. Progresses into a deeper understanding of social engineering attacks, guiding students on educating others and raising awareness. The focus is on bolstering an organization's security posture through practical changes and gaining management buy-in, fostering user engagement as an integral part of the security team. The last day the class shifts towards the critical realm of incident response planning. While most plans address computer/network compromises, this course introduces the concept of a Social Engineer Incident Response plan. Preparing first responders for suspicious incidents, it covers avoidance strategies, de-escalation techniques, and detection measures. Students learn a step-by-step approach to validate, protect, detect, respond, and recover from social engineering events, providing a comprehensive incident response plan that extends beyond the network to fortify the core of the enterprise.","updated_timestamp":{"seconds":1723418626,"nanoseconds":0},"speakers":[{"content_ids":[55686,54463,56241],"conference_id":133,"event_ids":[56353,56899,56900,56209,54836],"name":"Jayson E. Street","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"HackerAdventures.world","sort_order":0,"url":"https://HackerAdventures.world"},{"description":"","title":"Twitter (@jaysonstreet)","sort_order":0,"url":"https://twitter.com/jaysonstreet"},{"description":"","title":"Website","sort_order":0,"url":"https://JaysonEStreet.com"}],"media":[],"id":54170}],"begin_tsz":"2024-08-12T15:00:00Z","timeband_id":1235,"updated_tsz":"2024-08-11T23:23:46Z","links":[],"end":"2024-08-13T00:00:00.000-0000","id":56899,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723474800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54170}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-12T15:00:00.000-0000","updated":"2024-08-11T23:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The adoption of Kubernetes use in production has increased to 83% from a survey by CNCF. Still, most security teams struggle to understand these modern technologies.\r\n\r\nIn this real-world scenario-based training, each participant will be learning Tactics, Techniques, and Procedures (TTPs) to attack and assess Kubernetes clusters environments at different layers like Supply chain, Infrastructure, Runtime, and many others. Starting from simple recon to gaining access to microservices, sensitive data, escaping containers, escalating to clusters privileges, and even its underlying cloud environments.\r\n\r\nBy end of the training, participants will be able to apply their knowledge to perform architecture reviews, security assessments, red team exercises, and pen-testing engagements on Kubernetes Clusters and Containersed environments successfully. Also, the trainer will provide step by step guide (Digital Book) with resources and references to further your learning.\n\n\n","media":[],"title":"A Practical Approach to Breaking & Pwning Kubernetes Clusters","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-13T00:00:00Z","end_timestamp":{"seconds":1723507200,"nanoseconds":0},"android_description":"The adoption of Kubernetes use in production has increased to 83% from a survey by CNCF. Still, most security teams struggle to understand these modern technologies.\r\n\r\nIn this real-world scenario-based training, each participant will be learning Tactics, Techniques, and Procedures (TTPs) to attack and assess Kubernetes clusters environments at different layers like Supply chain, Infrastructure, Runtime, and many others. Starting from simple recon to gaining access to microservices, sensitive data, escaping containers, escalating to clusters privileges, and even its underlying cloud environments.\r\n\r\nBy end of the training, participants will be able to apply their knowledge to perform architecture reviews, security assessments, red team exercises, and pen-testing engagements on Kubernetes Clusters and Containersed environments successfully. Also, the trainer will provide step by step guide (Digital Book) with resources and references to further your learning.","updated_timestamp":{"seconds":1723418614,"nanoseconds":0},"speakers":[{"content_ids":[56240],"conference_id":133,"event_ids":[56898,56901],"name":"Madhu Akula","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56641}],"begin_tsz":"2024-08-12T15:00:00Z","timeband_id":1235,"updated_tsz":"2024-08-11T23:23:34Z","links":[],"end":"2024-08-13T00:00:00.000-0000","id":56898,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723474800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56641}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-12T15:00:00.000-0000","updated":"2024-08-11T23:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This class is a beginner's introduction to practical Software Defined Radio (SDR) applications and development with an emphasis on hands-on learning. If you have ever been curious about the invisible world of radio waves and signals all around you, but didn't know where to begin, then this course is for you. Students can expect to learn about basic RF theory and SDR architecture before moving on to hands-on development with real radios. Over the two-day course, the instructor will guide students through progressively more complicated RF concepts and waveforms, culminating in a small capstone CTF exercise. Students will be provided with a HackRF SDR for the duration of the class but will need to bring their own laptop to interface with the radio. VMs will be made available to students to download before class, along with an OS setup guide for those that prefer a bare-metal install. The VM/OS will have all the required drivers and frameworks to interface with the radio hardware, allowing us to jump right into hands-on exercises. My intent for this course is to lower the barrier of entry associated with RF hacking and give beginning students a practical understanding of RF and DSP applications with SDRs.\n\n\n","media":[],"title":"Software Defined Radios 101","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-13T00:00:00Z","end_timestamp":{"seconds":1723507200,"nanoseconds":0},"android_description":"This class is a beginner's introduction to practical Software Defined Radio (SDR) applications and development with an emphasis on hands-on learning. If you have ever been curious about the invisible world of radio waves and signals all around you, but didn't know where to begin, then this course is for you. Students can expect to learn about basic RF theory and SDR architecture before moving on to hands-on development with real radios. Over the two-day course, the instructor will guide students through progressively more complicated RF concepts and waveforms, culminating in a small capstone CTF exercise. Students will be provided with a HackRF SDR for the duration of the class but will need to bring their own laptop to interface with the radio. VMs will be made available to students to download before class, along with an OS setup guide for those that prefer a bare-metal install. The VM/OS will have all the required drivers and frameworks to interface with the radio hardware, allowing us to jump right into hands-on exercises. My intent for this course is to lower the barrier of entry associated with RF hacking and give beginning students a practical understanding of RF and DSP applications with SDRs.","updated_timestamp":{"seconds":1723418598,"nanoseconds":0},"speakers":[{"content_ids":[56239],"conference_id":133,"event_ids":[56897,56902],"name":"Richard Shmel","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56640}],"begin_tsz":"2024-08-12T15:00:00Z","timeband_id":1235,"updated_tsz":"2024-08-11T23:23:18Z","links":[],"end":"2024-08-13T00:00:00.000-0000","id":56897,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723474800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56640}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-12T15:00:00.000-0000","updated":"2024-08-11T23:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hackers have a unique perspective on the world and in particular on the technological artifacts within it. When most people look at a high-tech system, they see what they were meant to see by the people who created it. Hackers see technology as it truly is, not as it was meant to be, and this way of looking at things enables hackers to discover possibilities that were never intended in the first place.\r\n\r\nFor centuries, military and intelligence strategists have sought to view the world from a similar perspective - a perspective that can see the hidden possibilities and weaknesses in things and take advantage of them to create unexpected results. \r\nThis unique course draws lessons from both the hacker community and from military thinking in order to deepen your ability to understand adversaries and see things the way that adversaries see them. \r\n \r\nHoning this skill is particularly valuable for people who are building technological systems that might be subject to misuse, and need to be able to anticipate that misuse. Whether you are an aspiring red teamer, a hardware engineer, software developer or product owner striving to understand how your product will be abused, or you work in fraud detection, risk analysis, election security, or any other domain where you face an adversary, you’ll find this course a valuable addition to your skill set.\n\n\n","media":[],"title":"Adversarial Thinking: The Art of Dangerous Ideas","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-13T00:00:00Z","end_timestamp":{"seconds":1723507200,"nanoseconds":0},"android_description":"Hackers have a unique perspective on the world and in particular on the technological artifacts within it. When most people look at a high-tech system, they see what they were meant to see by the people who created it. Hackers see technology as it truly is, not as it was meant to be, and this way of looking at things enables hackers to discover possibilities that were never intended in the first place.\r\n\r\nFor centuries, military and intelligence strategists have sought to view the world from a similar perspective - a perspective that can see the hidden possibilities and weaknesses in things and take advantage of them to create unexpected results. \r\nThis unique course draws lessons from both the hacker community and from military thinking in order to deepen your ability to understand adversaries and see things the way that adversaries see them. \r\n \r\nHoning this skill is particularly valuable for people who are building technological systems that might be subject to misuse, and need to be able to anticipate that misuse. Whether you are an aspiring red teamer, a hardware engineer, software developer or product owner striving to understand how your product will be abused, or you work in fraud detection, risk analysis, election security, or any other domain where you face an adversary, you’ll find this course a valuable addition to your skill set.","updated_timestamp":{"seconds":1723418580,"nanoseconds":0},"speakers":[{"content_ids":[56238],"conference_id":133,"event_ids":[56896,56903],"name":"Greg Conti","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56638},{"content_ids":[56238],"conference_id":133,"event_ids":[56896,56903],"name":"Tom Cross","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56639}],"begin_tsz":"2024-08-12T15:00:00Z","timeband_id":1235,"updated_tsz":"2024-08-11T23:23:00Z","links":[],"end":"2024-08-13T00:00:00.000-0000","id":56896,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723474800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56639},{"tag_id":46167,"sort_order":4,"person_id":56638}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-12T15:00:00.000-0000","updated":"2024-08-11T23:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This Advanced Tunneling, Pivoting, and Redirection course provides participants with an understanding of how an attacker approaches the exploitation process. While gaining access to and once on the network, participants learn the techniques adversaries use to hide from detection and gain access to multiple different private networks by creating tunnels and pivots. This course provides participants with a baseline understanding of the tactics, techniques, and procedures an attacker uses to gain access to a network and pivot to different hosts. These concepts are then expanded through labs and lectures to provide a deeper understanding exploitation and tunneling.\r\n\r\n*Students will receive 6 months of access to our virtual lab environment.\n\n\n","media":[],"title":"Advanced Tunneling, Pivoting, and Redirection Course","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-13T00:00:00Z","end_timestamp":{"seconds":1723507200,"nanoseconds":0},"android_description":"This Advanced Tunneling, Pivoting, and Redirection course provides participants with an understanding of how an attacker approaches the exploitation process. While gaining access to and once on the network, participants learn the techniques adversaries use to hide from detection and gain access to multiple different private networks by creating tunnels and pivots. This course provides participants with a baseline understanding of the tactics, techniques, and procedures an attacker uses to gain access to a network and pivot to different hosts. These concepts are then expanded through labs and lectures to provide a deeper understanding exploitation and tunneling.\r\n\r\n*Students will receive 6 months of access to our virtual lab environment.","updated_timestamp":{"seconds":1723418560,"nanoseconds":0},"speakers":[{"content_ids":[56237],"conference_id":133,"event_ids":[56895,56909],"name":"Travis Livermore","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56637}],"begin_tsz":"2024-08-12T15:00:00Z","timeband_id":1235,"updated_tsz":"2024-08-11T23:22:40Z","links":[],"end":"2024-08-13T00:00:00.000-0000","id":56895,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723474800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56637}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-12T15:00:00.000-0000","updated":"2024-08-11T23:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"One of the most badass skills a hacker can possess is the ability to find and exploit vulnerabilities in binary software. This is enabled by a long history of complex tools: OllyDBG, SoftICE, IDA Pro, Binary Ninja, Ghidra, and now: angr. Built using cutting-edge techniques straight out of research labs around the world, angr enables analysts to swiftly carry out advanced reasoning over software to understand complex code and find the juicy hidden vulnerabilities within.\r\n\r\nWhile angr is arguably one of the most user-friendly binary analysis frameworks available on the market, it is never an easy task to use it to its full potential, especially when facing less-common architectures (such as PowerPC), niche operating environments (bare-metal binaries or embedded architectures), or unique tasks (e.g., binary code optimization, exploit generation, efficient vulnerability discovery, etc.). To assist users, especially medium-level and professional reverse engineers to effectively and efficiently use angr in their daily work, we designed this four-day course focusing on the use of non-trivial capabilities that angr offers, especially the advanced static analysis capabilities that angr recently developed.\r\n\r\nThis course will focus on Linux userspace binaries (x86-64 and ARM) and binaries in firmware images (ARM and MIPS). After completing this course, students will master practical angr skills that will help them reverse engineer userspace binary programs, assess them for defects and vulnerabilities, and verifying many of these vulnerabilities. Specifically, this course will cover the following topics: Customizing angr’s control-flow recovery, performing intra- and inter-function reaching definition analysis, building customized data-flow analysis on custom analysis domains, and using building blocks that angr provides to build static data-flow analyses for scalable vulnerability discovery.\r\n\r\nThis course is extremely practical and hands-on: Core angr developers will guide students to solve over twenty specially crafted problems (many of which are based on real-world firmware services) with angr. We provide all problems in a specially designed course platform used by online education courses such as Pwn College, which provides a full development and analysis environment through a web browser and remotely-accessible virtual machines hosting practice problems that students can tackle without having to configure anything locally. Our course platform allows students to share screens and lecturers to remotely assist, which makes this course suitable for both in-person and virtual attendees.\n\n\n","media":[],"title":"Customizable Static Vulnerability Discovery Using angr’s Lesser Known Capabilities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-13T00:00:00Z","end_timestamp":{"seconds":1723507200,"nanoseconds":0},"android_description":"One of the most badass skills a hacker can possess is the ability to find and exploit vulnerabilities in binary software. This is enabled by a long history of complex tools: OllyDBG, SoftICE, IDA Pro, Binary Ninja, Ghidra, and now: angr. Built using cutting-edge techniques straight out of research labs around the world, angr enables analysts to swiftly carry out advanced reasoning over software to understand complex code and find the juicy hidden vulnerabilities within.\r\n\r\nWhile angr is arguably one of the most user-friendly binary analysis frameworks available on the market, it is never an easy task to use it to its full potential, especially when facing less-common architectures (such as PowerPC), niche operating environments (bare-metal binaries or embedded architectures), or unique tasks (e.g., binary code optimization, exploit generation, efficient vulnerability discovery, etc.). To assist users, especially medium-level and professional reverse engineers to effectively and efficiently use angr in their daily work, we designed this four-day course focusing on the use of non-trivial capabilities that angr offers, especially the advanced static analysis capabilities that angr recently developed.\r\n\r\nThis course will focus on Linux userspace binaries (x86-64 and ARM) and binaries in firmware images (ARM and MIPS). After completing this course, students will master practical angr skills that will help them reverse engineer userspace binary programs, assess them for defects and vulnerabilities, and verifying many of these vulnerabilities. Specifically, this course will cover the following topics: Customizing angr’s control-flow recovery, performing intra- and inter-function reaching definition analysis, building customized data-flow analysis on custom analysis domains, and using building blocks that angr provides to build static data-flow analyses for scalable vulnerability discovery.\r\n\r\nThis course is extremely practical and hands-on: Core angr developers will guide students to solve over twenty specially crafted problems (many of which are based on real-world firmware services) with angr. We provide all problems in a specially designed course platform used by online education courses such as Pwn College, which provides a full development and analysis environment through a web browser and remotely-accessible virtual machines hosting practice problems that students can tackle without having to configure anything locally. Our course platform allows students to share screens and lecturers to remotely assist, which makes this course suitable for both in-person and virtual attendees.","updated_timestamp":{"seconds":1723418544,"nanoseconds":0},"speakers":[{"content_ids":[56236],"conference_id":133,"event_ids":[56894,56904],"name":"Fish Wang","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56635},{"content_ids":[56236],"conference_id":133,"event_ids":[56894,56904],"name":"Yan Shoshitaishvili","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56636}],"begin_tsz":"2024-08-12T15:00:00Z","timeband_id":1235,"updated_tsz":"2024-08-11T23:22:24Z","links":[],"end":"2024-08-13T00:00:00.000-0000","id":56894,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723474800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56636},{"tag_id":46167,"sort_order":4,"person_id":56635}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-12T15:00:00.000-0000","updated":"2024-08-11T23:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This training program presents a comprehensive and hands-on approach to implementing DevSecOps practices, with a primary focus on Application Security Automation. Participants will embark on an immersive journey, closely connected to their keyboards, as they engage in labs enriched with real-world examples of DevSecOps and AppSec Automation.\r\n\r\nInitiating with a deep dive into DevSecOps, the training emphasizes the seamless integration of security measures across various stages of the Software Development Lifecycle. It then explores specific Application Security Automation techniques, including Static Application Security Testing (SAST), Software Composition Analysis (SCA), Supply-Chain Security, and Dynamic Application Security Testing (DAST), illustrating how these tools seamlessly integrate into CI/CD pipelines.\r\n\r\nThis edition represents a complete overhaul of our existing DevSecOps content, showcasing the forefront of Application Security Automation and DevSecOps strategies. Highlights include:\r\n\r\n- Hands-on SAST Mastery: Participants gain expertise in SAST for both Applications and Infrastructure-as-Code, focusing on advanced tools like Semgrep and CodeQL. The training emphasizes the creation of custom SAST rules with finesse.\r\n- Elevated Supply-Chain Security Automation: Navigation through Software Bill of Materials (SBOMs), Source Composition Analysis, and Security Engineering techniques. This segment covers diverse methods for constructing secure base images for containers.\r\n- Robust Supply-Chain Assurance and Provenance: A deep dive into the SLSA (Supply-Chain Levels for Software Artifacts) Standard, illustrating how automation aligns with compliance levels. Additionally, comprehensive exploration of Cosign from Project Sigstore reveals its utility in generating keyed/keyless signatures for various artifacts.\r\n- Secrets Management Unveiled: Detailed exploration of Secrets Management and Encryption tools, such as HashiCorp Vault, offering insights into advanced Encryption, Key Management, and Dynamic Secrets implementation.\r\n- Dynamic Application Security Testing (DAST) Autonomy: Exploration of DAST Automation with prominent tools like OWASP ZAP and Nuclei. This includes API-based scanning with OWASP ZAP and crafting custom DAST automation using Nuclei, addressing intricate vulnerabilities through Security Regressions.\r\n- Policy-As-Code Prowess: In-depth exploration of Open Policy-Agent (OPA), a potent framework for crafting and enforcing policies across diverse deployment scenarios. OPA's Domain Specific Language, rego, will be demystified, empowering participants to grasp the nuances of policy-as-code frameworks.\r\n- Seamless Integration with CI/CD: Navigation through integrating Security Automation with pivotal CI/CD tools like GitHub Actions, GitLab, and Jenkins. Furthermore, leveraging Data Flow Automation tools like Robot Framework, Gaia, and Prefect offers alternative avenues for AppSec Automation beyond conventional CI/CD tools.\r\n\r\nFor 2024, we've re-framed this training with a cookbook-style approach that captures the multiple styles of deployments and DevSecOps practices that provide validation and assurance for a variety of use-cases. While building effective and transparent pipelines is the primary goal, we've focused on a building-block style approach to showcase the huge variety of options that are available in each domain of security testing.\r\n\r\nAt the end of the training, participants will have immediate takeaways and practical techniques that they can use for their implementations of DevSecOps, within their organization. The tools and frameworks detailed in the program are largely open-source or freely available, thereby ensuring that participants can implement these scalable DevSecOps programs without having to additionally invest in tooling. Several frameworks and tools have been developed by the authors of the program, as part of their extensive implementation expertise of DevSecOps, ranging from Threat Modeling to Cloud Security to Application Security Automation. Frameworks like ThreatPlaybook (open-source) and Orchestron (open-source Vulnerability Management and Correlation tool), which can simplify Application Security Automation, have been developed from extensive experience with real-world DevSecOps implementations.\r\n\r\nAnother brand new addition comes in the form of engaging challenges that are sprinkled throughout each training section, empowering both trainers and trainees to gauge levels of student comprehension and growth.\n\n\n","media":[],"title":"DevSecOps Masterclass: AppSec Automation Edition","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-13T00:00:00Z","end_timestamp":{"seconds":1723507200,"nanoseconds":0},"android_description":"This training program presents a comprehensive and hands-on approach to implementing DevSecOps practices, with a primary focus on Application Security Automation. Participants will embark on an immersive journey, closely connected to their keyboards, as they engage in labs enriched with real-world examples of DevSecOps and AppSec Automation.\r\n\r\nInitiating with a deep dive into DevSecOps, the training emphasizes the seamless integration of security measures across various stages of the Software Development Lifecycle. It then explores specific Application Security Automation techniques, including Static Application Security Testing (SAST), Software Composition Analysis (SCA), Supply-Chain Security, and Dynamic Application Security Testing (DAST), illustrating how these tools seamlessly integrate into CI/CD pipelines.\r\n\r\nThis edition represents a complete overhaul of our existing DevSecOps content, showcasing the forefront of Application Security Automation and DevSecOps strategies. Highlights include:\r\n\r\n- Hands-on SAST Mastery: Participants gain expertise in SAST for both Applications and Infrastructure-as-Code, focusing on advanced tools like Semgrep and CodeQL. The training emphasizes the creation of custom SAST rules with finesse.\r\n- Elevated Supply-Chain Security Automation: Navigation through Software Bill of Materials (SBOMs), Source Composition Analysis, and Security Engineering techniques. This segment covers diverse methods for constructing secure base images for containers.\r\n- Robust Supply-Chain Assurance and Provenance: A deep dive into the SLSA (Supply-Chain Levels for Software Artifacts) Standard, illustrating how automation aligns with compliance levels. Additionally, comprehensive exploration of Cosign from Project Sigstore reveals its utility in generating keyed/keyless signatures for various artifacts.\r\n- Secrets Management Unveiled: Detailed exploration of Secrets Management and Encryption tools, such as HashiCorp Vault, offering insights into advanced Encryption, Key Management, and Dynamic Secrets implementation.\r\n- Dynamic Application Security Testing (DAST) Autonomy: Exploration of DAST Automation with prominent tools like OWASP ZAP and Nuclei. This includes API-based scanning with OWASP ZAP and crafting custom DAST automation using Nuclei, addressing intricate vulnerabilities through Security Regressions.\r\n- Policy-As-Code Prowess: In-depth exploration of Open Policy-Agent (OPA), a potent framework for crafting and enforcing policies across diverse deployment scenarios. OPA's Domain Specific Language, rego, will be demystified, empowering participants to grasp the nuances of policy-as-code frameworks.\r\n- Seamless Integration with CI/CD: Navigation through integrating Security Automation with pivotal CI/CD tools like GitHub Actions, GitLab, and Jenkins. Furthermore, leveraging Data Flow Automation tools like Robot Framework, Gaia, and Prefect offers alternative avenues for AppSec Automation beyond conventional CI/CD tools.\r\n\r\nFor 2024, we've re-framed this training with a cookbook-style approach that captures the multiple styles of deployments and DevSecOps practices that provide validation and assurance for a variety of use-cases. While building effective and transparent pipelines is the primary goal, we've focused on a building-block style approach to showcase the huge variety of options that are available in each domain of security testing.\r\n\r\nAt the end of the training, participants will have immediate takeaways and practical techniques that they can use for their implementations of DevSecOps, within their organization. The tools and frameworks detailed in the program are largely open-source or freely available, thereby ensuring that participants can implement these scalable DevSecOps programs without having to additionally invest in tooling. Several frameworks and tools have been developed by the authors of the program, as part of their extensive implementation expertise of DevSecOps, ranging from Threat Modeling to Cloud Security to Application Security Automation. Frameworks like ThreatPlaybook (open-source) and Orchestron (open-source Vulnerability Management and Correlation tool), which can simplify Application Security Automation, have been developed from extensive experience with real-world DevSecOps implementations.\r\n\r\nAnother brand new addition comes in the form of engaging challenges that are sprinkled throughout each training section, empowering both trainers and trainees to gauge levels of student comprehension and growth.","updated_timestamp":{"seconds":1723418528,"nanoseconds":0},"speakers":[{"content_ids":[56235],"conference_id":133,"event_ids":[56893,56913],"name":"Ganga Sumanth","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56633},{"content_ids":[56235],"conference_id":133,"event_ids":[56893,56913],"name":"Vishnu Prasad","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56634}],"begin_tsz":"2024-08-12T15:00:00Z","timeband_id":1235,"updated_tsz":"2024-08-11T23:22:08Z","links":[],"end":"2024-08-13T00:00:00.000-0000","id":56893,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723474800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56634},{"tag_id":46167,"sort_order":4,"person_id":56633}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-12T15:00:00.000-0000","updated":"2024-08-11T23:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"More than 95 percent of Fortune 500 use Azure today! A huge number of organizations now use Azure AD as an Identity and Access Management platform using the hybrid cloud model. This makes it imperative to understand the risks associated with Azure as identities of users across an enterprise are authenticated using it. \r\nThis hands-on training aims towards abusing Azure and a number of services offered by it. We will cover multiple complex attack lifecycles against a lab containing multiple live Azure tenants. \r\n\r\nYou get one month access to a live Azure lab environment containing multiple tenants during and after the class.\r\nNon-exhaustive list of topics:\r\n- Introduction to Azure \r\n- Discovery and Recon of services and applications \r\n- Enumeration \r\n- Initial Access Attacks\r\n- Enumeration post authentication\r\n- Privilege Escalation\r\n- Lateral Movement\r\n- Persistence techniques \r\n- Data Mining\r\n- Defenses, Monitoring and Auditing \r\n- Bypassing Defenses\r\n\r\n- The course helps the students in learning and understanding attacks against an organization that is using Azure by executing a full 'kill chain'/attack lifecycle!\r\n \r\n- Students get to practice attacks on Azure in a live lab environment that has multiple Azure tenants and a large number of different resources including hybrid identity and on-prem infrastructure. We really have invested a lot in making these labs fun, stable and compliant to Microsoft directives. The lab is an Azure cloud playground and students can solve it in multiple ways. \r\n\r\n- Students can understand the defenses available to counter the discussed attacks and analyze the footprints of the attackers!\r\n\r\n- An attempt for Certified Azure Red Team Professional (CARTP)\n\n\n","media":[],"title":"Azure Cloud Attacks for Red & Blue Teams","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-13T00:00:00Z","end_timestamp":{"seconds":1723507200,"nanoseconds":0},"android_description":"More than 95 percent of Fortune 500 use Azure today! A huge number of organizations now use Azure AD as an Identity and Access Management platform using the hybrid cloud model. This makes it imperative to understand the risks associated with Azure as identities of users across an enterprise are authenticated using it. \r\nThis hands-on training aims towards abusing Azure and a number of services offered by it. We will cover multiple complex attack lifecycles against a lab containing multiple live Azure tenants. \r\n\r\nYou get one month access to a live Azure lab environment containing multiple tenants during and after the class.\r\nNon-exhaustive list of topics:\r\n- Introduction to Azure \r\n- Discovery and Recon of services and applications \r\n- Enumeration \r\n- Initial Access Attacks\r\n- Enumeration post authentication\r\n- Privilege Escalation\r\n- Lateral Movement\r\n- Persistence techniques \r\n- Data Mining\r\n- Defenses, Monitoring and Auditing \r\n- Bypassing Defenses\r\n\r\n- The course helps the students in learning and understanding attacks against an organization that is using Azure by executing a full 'kill chain'/attack lifecycle!\r\n \r\n- Students get to practice attacks on Azure in a live lab environment that has multiple Azure tenants and a large number of different resources including hybrid identity and on-prem infrastructure. We really have invested a lot in making these labs fun, stable and compliant to Microsoft directives. The lab is an Azure cloud playground and students can solve it in multiple ways. \r\n\r\n- Students can understand the defenses available to counter the discussed attacks and analyze the footprints of the attackers!\r\n\r\n- An attempt for Certified Azure Red Team Professional (CARTP)","updated_timestamp":{"seconds":1723418511,"nanoseconds":0},"speakers":[{"content_ids":[56234,56230],"conference_id":133,"event_ids":[56888,56892,56905,56908],"name":"Altered Security","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56625}],"begin_tsz":"2024-08-12T15:00:00Z","timeband_id":1235,"updated_tsz":"2024-08-11T23:21:51Z","links":[],"end":"2024-08-13T00:00:00.000-0000","id":56892,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723474800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56625}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-12T15:00:00.000-0000","updated":"2024-08-11T23:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As IoT becomes more integrated and integral into personal and work lives, there is a growing need to understand the inner workings of IoT devices and ensure these devices are secure. This course teaches security professionals and hackers how to identify and exploit security vulnerabilities in IoT devices. Participants will learn to interact with hardware debug capabilities, communicate with memory devices, and virtualize and analyze firmware. The course also covers various hardware attacks including glitching and side channel attacks, as well as diving into communications protocols, including Bluetooth, Zigbee, Thread and Matter. Participants will gain hands-on experience with industry tools and techniques. This course is suitable for security professionals, penetration testers, and hackers with basic programming and computer system knowledge, and equips them with skills to discover new vulnerabilities in IoT devices.\n\n\n","media":[],"title":"Offensive IoT Exploitation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-13T00:00:00Z","end_timestamp":{"seconds":1723507200,"nanoseconds":0},"android_description":"As IoT becomes more integrated and integral into personal and work lives, there is a growing need to understand the inner workings of IoT devices and ensure these devices are secure. This course teaches security professionals and hackers how to identify and exploit security vulnerabilities in IoT devices. Participants will learn to interact with hardware debug capabilities, communicate with memory devices, and virtualize and analyze firmware. The course also covers various hardware attacks including glitching and side channel attacks, as well as diving into communications protocols, including Bluetooth, Zigbee, Thread and Matter. Participants will gain hands-on experience with industry tools and techniques. This course is suitable for security professionals, penetration testers, and hackers with basic programming and computer system knowledge, and equips them with skills to discover new vulnerabilities in IoT devices.","updated_timestamp":{"seconds":1723418497,"nanoseconds":0},"speakers":[{"content_ids":[56233],"conference_id":133,"event_ids":[56891,56906],"name":"Trevor Stevado","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56629},{"content_ids":[56233],"conference_id":133,"event_ids":[56891,56906],"name":"Trevor Hough","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56630},{"content_ids":[56233],"conference_id":133,"event_ids":[56891,56906],"name":"Nicholas Coad","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56631},{"content_ids":[56233],"conference_id":133,"event_ids":[56891,56906],"name":"Patrick Ross","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56632}],"begin_tsz":"2024-08-12T15:00:00Z","timeband_id":1235,"updated_tsz":"2024-08-11T23:21:37Z","links":[],"end":"2024-08-13T00:00:00.000-0000","id":56891,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723474800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56629},{"tag_id":46167,"sort_order":4,"person_id":56630},{"tag_id":46167,"sort_order":6,"person_id":56632},{"tag_id":46167,"sort_order":8,"person_id":56631}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-12T15:00:00.000-0000","updated":"2024-08-11T23:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Artificial Intelligence (AI) and Large Language Models (LLMs) have emerged as robust and powerful tools that have redefined how many approach problem solving. In 2023 the industry saw a surge of interest in AI and Cybersecurity experts struggled not only to threat model LLMs but to leverage them effectively. Our training presents a comprehensive educational framework aimed at equipping students with the necessary skills to not only build their own LLM toolkits but to leverage AI and LLMs to solve both simple and complex problems unique to their own environments.\r\n\r\nThe training begins with a brief overview of AI including the differences between LLM, generative AI, and myriad of other emerging AI technologies. After introductions we will give students access to our private GitHub to access all the tools and scripts needed for the class. From there students will deploy their own LLM in our cloud environment for use in the class while we explain the basics, operational constraints of running AI, on-prem vs cloud, and the basics of troubleshooting their AI environments.\r\n\r\nNext we will demonstrate how to select high quality data from their environment and give them example data via our private GitHub. From there we will walk students through transforming this data and making it operationally effective and efficient for their AI. We will cover various types of data common to Cybersecurity environments, protentional issues with certain data types, and how to make the most of opensource to help transform the data. Students will apply the model to the LLM.\r\n\r\nLastly, we will cover many use cases in how students can use this AI and data to solve various problems and add value to their environment. Examples include training data to write YARA/SIGMA rules, analyzing alerts to add rankings to help prioritize and avoid alert fatigue, training the AI to work with common opensource tools such as OpenSearch, using AI to improve operational security by catching bad behaviors/patterns, improving application observability by adding context to \"\"weird\"\" behavior, leveraging AI as middleware to add contextual data between disparate platforms, and more! All use cases will be performed by students live and in-class.\r\n\r\nWhen students leave the training they will leave with the tools they need to go back to their employer and apply what they have learned to effect immediate and impactful change. All tools and scripts will be available for students to copy and fork onto their own personal GitHub accounts. Students will also be allowed to export the tools they create in class from our private cloud environment following the training (number of days yet to be determined).\r\n\r\nOur training is designed to bring a holistic educational approach and empower students with the knowledge, skills, and ethical awareness necessary to harness the full potential of LLMs in solving cybersecurity problems. By equipping the next generation of cybersecurity professionals with these capabilities, we aim to foster innovation, resilience, and accountability in the ever-evolving landscape of digital security.\n\n\n","media":[],"title":"Solving Modern Cybersecurity Problems with AI","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-13T00:00:00Z","end_timestamp":{"seconds":1723507200,"nanoseconds":0},"android_description":"Artificial Intelligence (AI) and Large Language Models (LLMs) have emerged as robust and powerful tools that have redefined how many approach problem solving. In 2023 the industry saw a surge of interest in AI and Cybersecurity experts struggled not only to threat model LLMs but to leverage them effectively. Our training presents a comprehensive educational framework aimed at equipping students with the necessary skills to not only build their own LLM toolkits but to leverage AI and LLMs to solve both simple and complex problems unique to their own environments.\r\n\r\nThe training begins with a brief overview of AI including the differences between LLM, generative AI, and myriad of other emerging AI technologies. After introductions we will give students access to our private GitHub to access all the tools and scripts needed for the class. From there students will deploy their own LLM in our cloud environment for use in the class while we explain the basics, operational constraints of running AI, on-prem vs cloud, and the basics of troubleshooting their AI environments.\r\n\r\nNext we will demonstrate how to select high quality data from their environment and give them example data via our private GitHub. From there we will walk students through transforming this data and making it operationally effective and efficient for their AI. We will cover various types of data common to Cybersecurity environments, protentional issues with certain data types, and how to make the most of opensource to help transform the data. Students will apply the model to the LLM.\r\n\r\nLastly, we will cover many use cases in how students can use this AI and data to solve various problems and add value to their environment. Examples include training data to write YARA/SIGMA rules, analyzing alerts to add rankings to help prioritize and avoid alert fatigue, training the AI to work with common opensource tools such as OpenSearch, using AI to improve operational security by catching bad behaviors/patterns, improving application observability by adding context to \"\"weird\"\" behavior, leveraging AI as middleware to add contextual data between disparate platforms, and more! All use cases will be performed by students live and in-class.\r\n\r\nWhen students leave the training they will leave with the tools they need to go back to their employer and apply what they have learned to effect immediate and impactful change. All tools and scripts will be available for students to copy and fork onto their own personal GitHub accounts. Students will also be allowed to export the tools they create in class from our private cloud environment following the training (number of days yet to be determined).\r\n\r\nOur training is designed to bring a holistic educational approach and empower students with the knowledge, skills, and ethical awareness necessary to harness the full potential of LLMs in solving cybersecurity problems. By equipping the next generation of cybersecurity professionals with these capabilities, we aim to foster innovation, resilience, and accountability in the ever-evolving landscape of digital security.","updated_timestamp":{"seconds":1723418478,"nanoseconds":0},"speakers":[{"content_ids":[56232],"conference_id":133,"event_ids":[56890,56914],"name":"Michael Glass","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56627},{"content_ids":[56232],"conference_id":133,"event_ids":[56890,56914],"name":"\"K\" Singh","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56628}],"begin_tsz":"2024-08-12T15:00:00Z","timeband_id":1235,"updated_tsz":"2024-08-11T23:21:18Z","links":[],"end":"2024-08-13T00:00:00.000-0000","id":56890,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723474800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56627},{"tag_id":46167,"sort_order":4,"person_id":56628}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-12T15:00:00.000-0000","updated":"2024-08-11T23:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Modern IT systems are complex and it’s all about full-stack nowadays. To become a pentesting expert, you need to dive into full-stack exploitation and gain a lot of practical skills. That’s why I created the Full-Stack Pentesting Laboratory.\r\n\r\nFor each attack, vulnerability and technique presented in this training there is a lab exercise to help you master full-stack pentesting step by step. What’s more, when the training is over, you can take the complete lab environment home to hack again at your own pace.\r\n\r\nI found security bugs in many companies including Google, Yahoo, Mozilla, Twitter and in this training I’ll share my experience with you. The content of this training has been carefully selected to cover the topics most frequently requested by professional penetration testers.\n\n\n","media":[],"title":"Full-Stack Pentesting Laboratory: 100% Hands-On + Lifetime LAB Access","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-13T00:00:00Z","end_timestamp":{"seconds":1723507200,"nanoseconds":0},"android_description":"Modern IT systems are complex and it’s all about full-stack nowadays. To become a pentesting expert, you need to dive into full-stack exploitation and gain a lot of practical skills. That’s why I created the Full-Stack Pentesting Laboratory.\r\n\r\nFor each attack, vulnerability and technique presented in this training there is a lab exercise to help you master full-stack pentesting step by step. What’s more, when the training is over, you can take the complete lab environment home to hack again at your own pace.\r\n\r\nI found security bugs in many companies including Google, Yahoo, Mozilla, Twitter and in this training I’ll share my experience with you. The content of this training has been carefully selected to cover the topics most frequently requested by professional penetration testers.","updated_timestamp":{"seconds":1723418461,"nanoseconds":0},"speakers":[{"content_ids":[56231],"conference_id":133,"event_ids":[56889,56907],"name":"Dawid Czagan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56626}],"begin_tsz":"2024-08-12T15:00:00Z","timeband_id":1235,"updated_tsz":"2024-08-11T23:21:01Z","links":[],"end":"2024-08-13T00:00:00.000-0000","id":56889,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723474800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56626}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-12T15:00:00.000-0000","updated":"2024-08-11T23:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"More than 95% of Fortune 500 companies use Active Directory! Enterprises are managed using Active Directory (AD) and it often forms the backbone of the complete network. To secure AD, you must understand different techniques and attacks used by adversaries against it. Often burdened with maintaining interoperability with a variety of products, AD lack ability to tackle latest threats.\r\nThis training is aimed towards attacking modern AD using built-in tools, scripting and other trusted OS resources. Some of the techniques, used in the course:\r\n- Extensive AD Enumeration\r\n- Trust mapping and abuse\r\n- Privilege Escalation \r\n- Advanced Kerberos Attacks\r\n- Advanced cross forest trust abuse\r\n- Attacking Azure AD integration\r\n- Abusing trusts for MS products\r\n- Credentials Replay Attacks \r\n- Persistence \r\n- Defenses \r\n- Bypassing defenses \r\n\r\nYou start from a user desktop and work your way up to multiple forest pwnage. \r\nAttendees will get free one month access to an AD environment comprising of multiple domains and forests.\r\n\r\nThis course is very useful in securing the backbone of any Enterprise Environment. We have been teaching this course at BlackHat for many years now and the feedback has always been very good. The students have always enjoyed the course and the lab. We provide multiple ways of solving the lab that helps the students to utilize the lab to fullest!\n\n\n","media":[],"title":"Active Directory Attacks for Red and Blue Teams - Advanced Edition","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-13T00:00:00Z","end_timestamp":{"seconds":1723507200,"nanoseconds":0},"android_description":"More than 95% of Fortune 500 companies use Active Directory! Enterprises are managed using Active Directory (AD) and it often forms the backbone of the complete network. To secure AD, you must understand different techniques and attacks used by adversaries against it. Often burdened with maintaining interoperability with a variety of products, AD lack ability to tackle latest threats.\r\nThis training is aimed towards attacking modern AD using built-in tools, scripting and other trusted OS resources. Some of the techniques, used in the course:\r\n- Extensive AD Enumeration\r\n- Trust mapping and abuse\r\n- Privilege Escalation \r\n- Advanced Kerberos Attacks\r\n- Advanced cross forest trust abuse\r\n- Attacking Azure AD integration\r\n- Abusing trusts for MS products\r\n- Credentials Replay Attacks \r\n- Persistence \r\n- Defenses \r\n- Bypassing defenses \r\n\r\nYou start from a user desktop and work your way up to multiple forest pwnage. \r\nAttendees will get free one month access to an AD environment comprising of multiple domains and forests.\r\n\r\nThis course is very useful in securing the backbone of any Enterprise Environment. We have been teaching this course at BlackHat for many years now and the feedback has always been very good. The students have always enjoyed the course and the lab. We provide multiple ways of solving the lab that helps the students to utilize the lab to fullest!","updated_timestamp":{"seconds":1723418446,"nanoseconds":0},"speakers":[{"content_ids":[56234,56230],"conference_id":133,"event_ids":[56888,56892,56905,56908],"name":"Altered Security","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56625}],"begin_tsz":"2024-08-12T15:00:00Z","timeband_id":1235,"updated_tsz":"2024-08-11T23:20:46Z","links":[],"end":"2024-08-13T00:00:00.000-0000","id":56888,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723474800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56625}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-12T15:00:00.000-0000","updated":"2024-08-11T23:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this two-day hands-on training, you’ll learn everything you need to know about forensics and incident response in the Microsoft cloud. This training covers both Microsoft 365 and Microsoft Azure, you’ll get hands-on experience with investigating attacks, acquisition of forensic artefacts from the cloud and digging through the relevant artefacts. Everything you learn is related to real life threats observed against the Microsoft cloud. The trainer has real life experience with incident response and forensic investigations in the cloud, knowledge will be shared that's not available on any public resource. Once you’ve completed this training you will feel comfortable investigating any threat in the Microsoft cloud.\r\n\r\n\r\nImportant, you only have to bring your laptop with a browser and we will provide you with access to the cloud tenants and investigation data.\n\n\n","media":[],"title":"Incident Response in the Microsoft Cloud","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-13T00:00:00Z","end_timestamp":{"seconds":1723507200,"nanoseconds":0},"android_description":"In this two-day hands-on training, you’ll learn everything you need to know about forensics and incident response in the Microsoft cloud. This training covers both Microsoft 365 and Microsoft Azure, you’ll get hands-on experience with investigating attacks, acquisition of forensic artefacts from the cloud and digging through the relevant artefacts. Everything you learn is related to real life threats observed against the Microsoft cloud. The trainer has real life experience with incident response and forensic investigations in the cloud, knowledge will be shared that's not available on any public resource. Once you’ve completed this training you will feel comfortable investigating any threat in the Microsoft cloud.\r\n\r\n\r\nImportant, you only have to bring your laptop with a browser and we will provide you with access to the cloud tenants and investigation data.","updated_timestamp":{"seconds":1723418420,"nanoseconds":0},"speakers":[{"content_ids":[56229],"conference_id":133,"event_ids":[56887,56910],"name":"Korstiaan Stam","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56624}],"begin_tsz":"2024-08-12T15:00:00Z","timeband_id":1235,"updated_tsz":"2024-08-11T23:20:20Z","links":[],"end":"2024-08-13T00:00:00.000-0000","id":56887,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723474800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56624}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-12T15:00:00.000-0000","updated":"2024-08-11T23:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Crypto related bugs are super common. OWASP even ranks \"\"Cryptographic Failure\"\" as the second most common security vulnerability class in software. Yet, very often these vulnerabilities are overlooked by developers, code auditors, blue teamers and penetration testers alike. Because, let's face it: Nobody knows how cryptography works.\r\n\r\nDuring the course you will:\r\n\r\n- understand how modern cryptography works.\r\n- find common crypto vulnerabilities in real software.\r\n- write crypto exploits for real software (and an IoT device).\r\n\r\nUsing case studies from our own pentesting and red teaming engagements, we'll introduce core concepts of applied cryptography and how they fail in practice.\r\n\r\nThis course turns you into a powerful weapon. You will know how applied cryptography works, how it's commonly misused in the field and how this leads to exploitable bugs. That means, by the end of the course you will be among the very selected group of people that can identify, avoid and exploit vulnerabilities in code using crypto.\r\n\r\nNo prior knowledge required!\n\n\n","media":[],"title":"Hacking Cryptography: Attacks, Tools and Techniques","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-13T00:00:00Z","end_timestamp":{"seconds":1723507200,"nanoseconds":0},"android_description":"Crypto related bugs are super common. OWASP even ranks \"\"Cryptographic Failure\"\" as the second most common security vulnerability class in software. Yet, very often these vulnerabilities are overlooked by developers, code auditors, blue teamers and penetration testers alike. Because, let's face it: Nobody knows how cryptography works.\r\n\r\nDuring the course you will:\r\n\r\n- understand how modern cryptography works.\r\n- find common crypto vulnerabilities in real software.\r\n- write crypto exploits for real software (and an IoT device).\r\n\r\nUsing case studies from our own pentesting and red teaming engagements, we'll introduce core concepts of applied cryptography and how they fail in practice.\r\n\r\nThis course turns you into a powerful weapon. You will know how applied cryptography works, how it's commonly misused in the field and how this leads to exploitable bugs. That means, by the end of the course you will be among the very selected group of people that can identify, avoid and exploit vulnerabilities in code using crypto.\r\n\r\nNo prior knowledge required!","updated_timestamp":{"seconds":1723418273,"nanoseconds":0},"speakers":[{"content_ids":[56228],"conference_id":133,"event_ids":[56886,56911],"name":"Ruben Gonzalez","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56623}],"begin_tsz":"2024-08-12T15:00:00Z","timeband_id":1235,"updated_tsz":"2024-08-11T23:17:53Z","links":[],"end":"2024-08-13T00:00:00.000-0000","id":56886,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723474800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56623}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-12T15:00:00.000-0000","updated":"2024-08-11T23:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"\"During this comprehensive course, tools and methodologies that are used in Security Operation Centers will be introduced and detailed. This course will provide students with extensive hands-on exercises and labs that emulate real-life security operation center tasks and related technologies.\r\n\r\nFrom text handling, packet dissection, and analysis, to adversarial simulation and detection engineering, this course will provide students with a solid base of skills and a comprehensive understanding of a Security Operations Center (SOC) Analyst job.\r\n\r\nThe focus will be geared toward basic, hands-on skills that allow students to perform and excel at baseline SOC tasks.\r\n\r\nHardware & Minimum Course Requirements:\r\nA laptop with 16GB of RAM and the ability to run Virtual Machines. Understanding of basic networking concepts and basic Linux comprehension.\r\n\r\nTarget Audience:\r\nThis training is geared towards Information Technology, Computer System, or Computer Network Professionals seeking to enter the Information Security Industry while enriching those who seek to develop the skills and knowledge necessary to work at a Security Operations Center.\r\n\r\nSkills that will be learned:\r\nThis course will provide students with the necessary skills and knowledge to work in a Security Analyst 1 job and understand the dynamics of a Security Operations Center\"\n\n\n","media":[],"title":"SOC 101 - SOC 1 Analyst Bootcamp","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-11T23:02+0000","color":"#6F6BCD","name":"DEF CON Training","updated_tsz":"2024-08-11T23:02:20Z","id":46887},"end_tsz":"2024-08-13T00:00:00Z","end_timestamp":{"seconds":1723507200,"nanoseconds":0},"android_description":"\"During this comprehensive course, tools and methodologies that are used in Security Operation Centers will be introduced and detailed. This course will provide students with extensive hands-on exercises and labs that emulate real-life security operation center tasks and related technologies.\r\n\r\nFrom text handling, packet dissection, and analysis, to adversarial simulation and detection engineering, this course will provide students with a solid base of skills and a comprehensive understanding of a Security Operations Center (SOC) Analyst job.\r\n\r\nThe focus will be geared toward basic, hands-on skills that allow students to perform and excel at baseline SOC tasks.\r\n\r\nHardware & Minimum Course Requirements:\r\nA laptop with 16GB of RAM and the ability to run Virtual Machines. Understanding of basic networking concepts and basic Linux comprehension.\r\n\r\nTarget Audience:\r\nThis training is geared towards Information Technology, Computer System, or Computer Network Professionals seeking to enter the Information Security Industry while enriching those who seek to develop the skills and knowledge necessary to work at a Security Operations Center.\r\n\r\nSkills that will be learned:\r\nThis course will provide students with the necessary skills and knowledge to work in a Security Analyst 1 job and understand the dynamics of a Security Operations Center\"","updated_timestamp":{"seconds":1723418224,"nanoseconds":0},"speakers":[{"content_ids":[56227],"conference_id":133,"event_ids":[56885,56912],"name":"Rod Soto","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56622}],"begin_tsz":"2024-08-12T15:00:00Z","timeband_id":1235,"updated_tsz":"2024-08-11T23:17:04Z","links":[],"end":"2024-08-13T00:00:00.000-0000","id":56885,"tag_ids":[46887],"village_id":null,"begin_timestamp":{"seconds":1723474800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56622}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Sahara","hotel":"","short_name":"Sahara","id":46181},"spans_timebands":"N","begin":"2024-08-12T15:00:00.000-0000","updated":"2024-08-11T23:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"DEF CON Closing Ceremonies & Awards","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-12T00:45:00Z","end_timestamp":{"seconds":1723423500,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1720319894,"nanoseconds":0},"speakers":[{"content_ids":[54523,54446,54436,54542,54574],"conference_id":133,"event_ids":[54809,54819,54896,54949,54915],"name":"Jeff \"The Dark Tangent\" Moss","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DEF CON Communications","title":""}],"pronouns":null,"links":[{"description":"","title":"Mastodon (@thedarktangent@defcon.social)","sort_order":0,"url":"https://defcon.social/@thedarktangent"},{"description":"","title":"Twitter (@thedarktangent)","sort_order":0,"url":"https://twitter.com/thedarktangent"}],"media":[{"hash_sha256":"f53ed4086958b3703d597c50fe74eef1800cf474aa3d17c0895bf89d6c05716f","filetype":"image/jpeg","hash_md5":"8104a1f4b82a4241208b7f6b9112ebf2","name":"thedarktangent_avatar.jpeg","hash_crc32c":"4ae7af86","asset_id":689,"filesize":2064,"sort_order":1,"url":"https://info.defcon.org/blobs/thedarktangent_avatar.jpeg","person_id":52629}],"id":52629,"title":"DEF CON Communications"}],"begin_tsz":"2024-08-11T22:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T02:38:14Z","links":[],"end":"2024-08-12T00:45:00.000-0000","id":54915,"tag_ids":[46166,46419],"village_id":null,"begin_timestamp":{"seconds":1723413600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":52629}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01:02 (Tracks 1-2)","hotel":"","short_name":"HW1-11-01:02 (Tracks 1-2)","id":46320},"spans_timebands":"N","begin":"2024-08-11T22:00:00.000-0000","updated":"2024-07-07T02:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this study, we delve into the darker aspects of railway technology, revealing how easily accessible domestic hardware tools can compromise the seemingly infallible robustness of signaling systems. We demonstrate how these accessible technologies can be utilized to devise strategies that potentially threaten train circulation in Spain. Our research presents a critical analysis of the vulnerabilities present in the railway signaling systems, highlighting the ease with which these systems can be tampered with, using tools that are readily available to the general public. Through a combination of theoretical insights and practical demonstrations, we offer a comprehensive overview of the risks associated with such vulnerabilities.\r\n\r\nOur findings aim to raise awareness among stakeholders in the railway industry, prompting a reevaluation of current security measures and encouraging the adoption of more stringent protections against such threats. This paper contributes to the ongoing discussion in the cybersecurity community, offering valuable insights into the potential risks facing modern transportation infrastructures and suggesting avenues for future research and development in railway system security.\r\n\r\nWe consider this work to be innovative on a type of system that has been present for over half a century in railway infrastructures. Therefore, the references provided are primarily about the operation of the systems and relevant news concerning them.\r\n\r\n1. [link](https://www.sepsamedha.com/on-board-systems/asfa/)\r\n2. [link](http://www.railway-technical.com/signalling/train-protection.html)\r\n3. [link](https://www.seguridadferroviaria.es/recursos_aesf/4CAB0E7F-4C5F-404A-A2DC-3E033FDD2BC9/144051/033ETASFAdigital2008.pdf)\r\n4. [link](https://www.linkedin.com/pulse/asfa-digital-sepsamedha/)\r\n5. [link](http://electronicapascual.com/blog/?p=3129)\r\n6. [link](https://en.wikipedia.org/wiki/Punktf%C3%B6rmige_Zugbeeinflussung)\r\n7. [link](https://en.wikipedia.org/wiki/Intermittent_inductive_automatic_train_stop)\r\n8. [link](https://en.wikipedia.org/wiki/Santiago_de_Compostela_derailment)\r\n9. [link](https://en.wikipedia.org/wiki/Contr%C3%B4le_de_vitesse_par_balises)\r\n10. [link](https://www.eldiario.es/sociedad/alvia-adif-renfe-asfa-digital_1_5758584.html)\r\n11. [link](https://www.diariodenavarra.es/noticias/navarra/2022/03/31/25-aniversario-accidente-tren-uharte-arakil-522467-300.html)\r\n12. [link](http://descargas.adif.es/ade/u18/GCN/NormativaTecnica.nsf/v0/E9811579073E406CC1257E81003BDD76/$FILE/ET%2003.365.008.6_2015.pdf?OpenElement)\r\n13. [link](http://descargas.adif.es/ade/u18/GCN/NormativaTecnica.nsf/v0/E875C349AD1DE569C125840B00379B26/$FILE/ET%2003.365.008.6%20ASFA%20Digital%20Embarcado+M1+M2.pdf?OpenElement)\r\n14. [link](https://www.youtube.com/watch?app=desktop&v=2zY_zlOoieE)\r\n\n\n\n","media":[],"title":"Abusing legacy railroad signaling systems","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T21:45:00Z","end_timestamp":{"seconds":1723412700,"nanoseconds":0},"android_description":"In this study, we delve into the darker aspects of railway technology, revealing how easily accessible domestic hardware tools can compromise the seemingly infallible robustness of signaling systems. We demonstrate how these accessible technologies can be utilized to devise strategies that potentially threaten train circulation in Spain. Our research presents a critical analysis of the vulnerabilities present in the railway signaling systems, highlighting the ease with which these systems can be tampered with, using tools that are readily available to the general public. Through a combination of theoretical insights and practical demonstrations, we offer a comprehensive overview of the risks associated with such vulnerabilities.\r\n\r\nOur findings aim to raise awareness among stakeholders in the railway industry, prompting a reevaluation of current security measures and encouraging the adoption of more stringent protections against such threats. This paper contributes to the ongoing discussion in the cybersecurity community, offering valuable insights into the potential risks facing modern transportation infrastructures and suggesting avenues for future research and development in railway system security.\r\n\r\nWe consider this work to be innovative on a type of system that has been present for over half a century in railway infrastructures. Therefore, the references provided are primarily about the operation of the systems and relevant news concerning them.\r\n\r\n1. [link](https://www.sepsamedha.com/on-board-systems/asfa/)\r\n2. [link](http://www.railway-technical.com/signalling/train-protection.html)\r\n3. [link](https://www.seguridadferroviaria.es/recursos_aesf/4CAB0E7F-4C5F-404A-A2DC-3E033FDD2BC9/144051/033ETASFAdigital2008.pdf)\r\n4. [link](https://www.linkedin.com/pulse/asfa-digital-sepsamedha/)\r\n5. [link](http://electronicapascual.com/blog/?p=3129)\r\n6. [link](https://en.wikipedia.org/wiki/Punktf%C3%B6rmige_Zugbeeinflussung)\r\n7. [link](https://en.wikipedia.org/wiki/Intermittent_inductive_automatic_train_stop)\r\n8. [link](https://en.wikipedia.org/wiki/Santiago_de_Compostela_derailment)\r\n9. [link](https://en.wikipedia.org/wiki/Contr%C3%B4le_de_vitesse_par_balises)\r\n10. [link](https://www.eldiario.es/sociedad/alvia-adif-renfe-asfa-digital_1_5758584.html)\r\n11. [link](https://www.diariodenavarra.es/noticias/navarra/2022/03/31/25-aniversario-accidente-tren-uharte-arakil-522467-300.html)\r\n12. [link](http://descargas.adif.es/ade/u18/GCN/NormativaTecnica.nsf/v0/E9811579073E406CC1257E81003BDD76/$FILE/ET%2003.365.008.6_2015.pdf?OpenElement)\r\n13. [link](http://descargas.adif.es/ade/u18/GCN/NormativaTecnica.nsf/v0/E875C349AD1DE569C125840B00379B26/$FILE/ET%2003.365.008.6%20ASFA%20Digital%20Embarcado+M1+M2.pdf?OpenElement)\r\n14. [link](https://www.youtube.com/watch?app=desktop&v=2zY_zlOoieE)","updated_timestamp":{"seconds":1720464040,"nanoseconds":0},"speakers":[{"content_ids":[54541],"conference_id":133,"event_ids":[54914],"name":"Gabriela (Gabs) Garcia","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/itsgabsgarcia/"},{"description":"","title":"Twitter (@constrainterror)","sort_order":0,"url":"https://twitter.com/constrainterror"}],"media":[],"id":54168},{"content_ids":[54541],"conference_id":133,"event_ids":[54914],"name":"David Meléndez","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Accenture","title":"R&D Enginner and Red Team Member, Innotec Security"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/david-melendez-cano/"},{"description":"","title":"Twitter (@TaiksonTexas)","sort_order":0,"url":"https://twitter.com/TaiksonTexas"}],"media":[],"id":54197,"title":"R&D Enginner and Red Team Member, Innotec Security at Accenture"}],"begin_tsz":"2024-08-11T21:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T18:40:40Z","links":[],"end":"2024-08-11T21:45:00.000-0000","id":54914,"tag_ids":[46166,46169,46419,46880],"village_id":null,"begin_timestamp":{"seconds":1723410000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":54197},{"tag_id":46167,"sort_order":4,"person_id":54168}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-11T21:00:00.000-0000","updated":"2024-07-08T18:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Many problems in our networks are simple problems that boil down to forgotten fundamentals. Kevin reviews the communication models and demonstrates a simple password capture.\n\n\n","media":[],"title":"Forgetting the Fundamentals? Data Communications: Physical and Logical Explanation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:55:00Z","end_timestamp":{"seconds":1723409700,"nanoseconds":0},"android_description":"Many problems in our networks are simple problems that boil down to forgotten fundamentals. Kevin reviews the communication models and demonstrates a simple password capture.","updated_timestamp":{"seconds":1722395907,"nanoseconds":0},"speakers":[{"content_ids":[55361],"conference_id":133,"event_ids":[55753],"name":"Kevin Manna","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55958}],"begin_tsz":"2024-08-11T20:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T03:18:27Z","links":[],"end":"2024-08-11T20:55:00.000-0000","id":55753,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723408200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55958}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-11T20:30:00.000-0000","updated":"2024-07-31T03:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Machine learning (ML) pipelines are vulnerable to model backdoors that compromise the integrity of the underlying system. Although many backdoor attacks limit the attack surface to the model, ML models are not standalone objects. Instead, they are artifacts built using a wide range of tools and embedded into pipelines with many interacting components. \r\n\r\nIn this talk, we introduce incubated ML exploits in which attackers inject model backdoors into ML pipelines using input-handling bugs in ML tools. Using a language-theoretic security (LangSec) framework, we systematically exploited ML model serialization bugs in popular tools to construct backdoors. In the process, we developed malicious artifacts such as polyglot and ambiguous files using ML model files. We also contributed to Fickling, a pickle security tool tailored for ML use cases. Finally, we formulated a set of guidelines for security researchers and ML practitioners. By chaining system security issues and model vulnerabilities, incubated ML exploits emerge as a new class of exploits that highlight the importance of a holistic approach to ML security.\r\n\r\n1. [link](https://langsec.org/papers/langsec-cwes-secdev2016.pdf)\r\n2. [link](https://arxiv.org/abs/2210.00108)\r\n3. [link](https://github.com/alkaet/LobotoMl)\r\n4. [link](https://github.com/trailofbits/fickling)\r\n5. [link](https://blog.trailofbits.com/2024/03/04/relishing-new-fickling-features-for-securing-ml-systems/)\r\n6. [link](https://blog.trailofbits.com/2023/11/15/assessing-the-security-posture-of-a-widely-used-vision-model-yolov7/)\r\n7. [link](https://moyix.net/badnets.pdf)\r\n8. [link](https://github.com/trailofbits/publications/blob/master/reviews/2023-03-eleutherai-huggingface-safetensors-securityreview.pdf)\r\n9. [link](https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/)\r\n10. [link](https://arxiv.org/abs/2204.06974)\r\n11. [link](https://arxiv.org/abs/2101.06896)\r\n\n\n\n","media":[],"title":"Incubated Machine Learning Exploits: Backdooring ML Pipelines Using Input-Handling Bugs","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T21:15:00Z","end_timestamp":{"seconds":1723410900,"nanoseconds":0},"android_description":"Machine learning (ML) pipelines are vulnerable to model backdoors that compromise the integrity of the underlying system. Although many backdoor attacks limit the attack surface to the model, ML models are not standalone objects. Instead, they are artifacts built using a wide range of tools and embedded into pipelines with many interacting components. \r\n\r\nIn this talk, we introduce incubated ML exploits in which attackers inject model backdoors into ML pipelines using input-handling bugs in ML tools. Using a language-theoretic security (LangSec) framework, we systematically exploited ML model serialization bugs in popular tools to construct backdoors. In the process, we developed malicious artifacts such as polyglot and ambiguous files using ML model files. We also contributed to Fickling, a pickle security tool tailored for ML use cases. Finally, we formulated a set of guidelines for security researchers and ML practitioners. By chaining system security issues and model vulnerabilities, incubated ML exploits emerge as a new class of exploits that highlight the importance of a holistic approach to ML security.\r\n\r\n1. [link](https://langsec.org/papers/langsec-cwes-secdev2016.pdf)\r\n2. [link](https://arxiv.org/abs/2210.00108)\r\n3. [link](https://github.com/alkaet/LobotoMl)\r\n4. [link](https://github.com/trailofbits/fickling)\r\n5. [link](https://blog.trailofbits.com/2024/03/04/relishing-new-fickling-features-for-securing-ml-systems/)\r\n6. [link](https://blog.trailofbits.com/2023/11/15/assessing-the-security-posture-of-a-widely-used-vision-model-yolov7/)\r\n7. [link](https://moyix.net/badnets.pdf)\r\n8. [link](https://github.com/trailofbits/publications/blob/master/reviews/2023-03-eleutherai-huggingface-safetensors-securityreview.pdf)\r\n9. [link](https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/)\r\n10. [link](https://arxiv.org/abs/2204.06974)\r\n11. [link](https://arxiv.org/abs/2101.06896)","updated_timestamp":{"seconds":1720464068,"nanoseconds":0},"speakers":[{"content_ids":[54540],"conference_id":133,"event_ids":[54913],"name":"Suha Sabi Hussain","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Trail of Bits","title":"Security Engineer, Machine Learning Assurance Team"}],"pronouns":"she/her","links":[{"description":"","title":"Twitter (@suhackerr)","sort_order":0,"url":"https://twitter.com/suhackerr"},{"description":"","title":"sshussain.me","sort_order":0,"url":"https://sshussain.me"}],"media":[],"id":54046,"title":"Security Engineer, Machine Learning Assurance Team at Trail of Bits"}],"begin_tsz":"2024-08-11T20:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T18:41:08Z","links":[],"end":"2024-08-11T21:15:00.000-0000","id":54913,"tag_ids":[46166,46419,46881],"village_id":null,"begin_timestamp":{"seconds":1723408200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54046}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-11T20:30:00.000-0000","updated":"2024-07-08T18:41:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Contest Closing Ceremonies and Awards","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T21:45:00Z","end_timestamp":{"seconds":1723412700,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1720319115,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T20:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T02:25:15Z","links":[],"end":"2024-08-11T21:45:00.000-0000","id":54911,"tag_ids":[46166,46419],"village_id":null,"begin_timestamp":{"seconds":1723408200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01:02 (Tracks 1-2)","hotel":"","short_name":"HW1-11-01:02 (Tracks 1-2)","id":46320},"spans_timebands":"N","begin":"2024-08-11T20:30:00.000-0000","updated":"2024-07-07T02:25:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A convergência entre segurança física e cibernética ainda é pouco explorada em nossa região, muitas vezes devido à dificuldade de acesso a ferramentas específicas. Esta apresentação explora esse conceito e sua importância, ilustrando com casos reais de incidentes que exploraram sistemas de segurança física, detalhando como ocorreram e seus impactos.\r\n\r\nApresentaremos os fundamentos dos sistemas de controle de acesso, abordando arquitetura básica, protocolos de comunicação e tecnologias de credenciais. Em seguida, demonstraremos técnicas práticas de exploração:\r\n\r\n- Exploração da interface Wiegand: Mostraremos como explorar essa interface antiga e vulnerável, utilizando a versão DIY do BLE-Key, acessível e econômica.\r\n- Exploração de credenciais vulneráveis: Como iClass Legacy, PROX e MiFare Classic, usando ferramentas como ProxMark3 e Flipper Zero.\r\n- Exploração de credenciais \"seguras\": Demonstrando ataques de downgrade em credenciais HID Seos com Flipper Zero e um leitor HID Multiclass SE, usando um app desenvolvido por mim como alternativa econômica ao Seader.\r\n\n\n\n","media":[],"title":"Jeitinho Cibernético: A Convergência da Segurança no Brasil e América Latina","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"A convergência entre segurança física e cibernética ainda é pouco explorada em nossa região, muitas vezes devido à dificuldade de acesso a ferramentas específicas. Esta apresentação explora esse conceito e sua importância, ilustrando com casos reais de incidentes que exploraram sistemas de segurança física, detalhando como ocorreram e seus impactos.\r\n\r\nApresentaremos os fundamentos dos sistemas de controle de acesso, abordando arquitetura básica, protocolos de comunicação e tecnologias de credenciais. Em seguida, demonstraremos técnicas práticas de exploração:\r\n\r\n- Exploração da interface Wiegand: Mostraremos como explorar essa interface antiga e vulnerável, utilizando a versão DIY do BLE-Key, acessível e econômica.\r\n- Exploração de credenciais vulneráveis: Como iClass Legacy, PROX e MiFare Classic, usando ferramentas como ProxMark3 e Flipper Zero.\r\n- Exploração de credenciais \"seguras\": Demonstrando ataques de downgrade em credenciais HID Seos com Flipper Zero e um leitor HID Multiclass SE, usando um app desenvolvido por mim como alternativa econômica ao Seader.","updated_timestamp":{"seconds":1722701629,"nanoseconds":0},"speakers":[{"content_ids":[55979],"conference_id":133,"event_ids":[56595],"name":"Ueric Melo","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Privacy & Security Awareness Manager, LATAM and Caribbean at Genetec"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ueric-melo/"},{"description":"","title":"Twitter (@uericmelo)","sort_order":0,"url":"https://x.com/uericmelo"}],"media":[],"id":56312,"title":"Privacy & Security Awareness Manager, LATAM and Caribbean at Genetec"}],"begin_tsz":"2024-08-11T20:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T16:13:49Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":56595,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723406400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56312}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-11T20:00:00.000-0000","updated":"2024-08-03T16:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Career Development - The Human Element","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:25:00Z","end_timestamp":{"seconds":1723407900,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722395838,"nanoseconds":0},"speakers":[{"content_ids":[55360],"conference_id":133,"event_ids":[55752],"name":"Kirsten Renner","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SilverEdge Gov Solutions","title":"VP of Talent"}],"links":[],"pronouns":null,"media":[],"id":55959,"title":"VP of Talent at SilverEdge Gov Solutions"}],"begin_tsz":"2024-08-11T20:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T03:17:18Z","links":[],"end":"2024-08-11T20:25:00.000-0000","id":55752,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723406400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55959}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-11T20:00:00.000-0000","updated":"2024-07-31T03:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The nation is facing a shortage of approximately 500,000 good paying jobs in cyber.The problem is only going to continue to grow as the world becomes more digitized. This is a threat to our national security. The White House Office of the National Cyber Director (ONCD) is ensuring that as we build the cyber workforce the nation needs, we are reaching out to every community. Diversity is an essential element of the national cyber workforce. National Cyber Director (NCD) Harry Coker Jr., and his predecessor Kemba Walden, have both been leading our work to build the nations cyber workforce, one that is reflective of nation and its needs.\n\n\n","media":[],"title":"Expanding Pathways into the National Cyber Workforce","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"The nation is facing a shortage of approximately 500,000 good paying jobs in cyber.The problem is only going to continue to grow as the world becomes more digitized. This is a threat to our national security. The White House Office of the National Cyber Director (ONCD) is ensuring that as we build the cyber workforce the nation needs, we are reaching out to every community. Diversity is an essential element of the national cyber workforce. National Cyber Director (NCD) Harry Coker Jr., and his predecessor Kemba Walden, have both been leading our work to build the nations cyber workforce, one that is reflective of nation and its needs.","updated_timestamp":{"seconds":1721495432,"nanoseconds":0},"speakers":[{"content_ids":[55207],"conference_id":133,"event_ids":[55597],"name":"Ayan Islam","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ONCD, White House","title":""}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ayanislam/"}],"media":[],"id":55793,"title":"ONCD, White House"}],"begin_tsz":"2024-08-11T20:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-20T17:10:32Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":55597,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723406400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55793}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-11T20:00:00.000-0000","updated":"2024-07-20T17:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"On February 25, 1998, hip-hop group the Wu-Tang Clan made Grammy history… for all the wrong reasons. After losing in the Rap Album of the Year category, Wu-Tang member ODB stormed the stage, interrupting an acceptance speech to declare the now infamous phrase “Wu-Tang is for the children.” Anyone who has heard a song from Wu-Tang knows that despite ODB’s insistence, it is certainly not true. It appears that States may be taking this same approach when it comes to children's privacy and safety online. Despite these laws being for the protection of children, they often raise other unintended consequences. State legislatures around the country are debating new laws to protect children online. This year, Tennessee, Maryland, Virginia, Georgia, Utah, and Florida have passed legislation focused on children's privacy, usually through restrictions on social media use. While privacy advocates have championed these laws, they have been met with criticism and, in some instances, legal challenges. This is because in order to implement laws that apply to kids online, companies have to identify which users are kids—which requires the collection of sensitive personal information. Along with this privacy tension, there are First Amendment protection concerns that these laws limit online speech. This presentation will explore how youth privacy laws may not be protecting children in the ways that we hope by first discussing the attempts made by states to address youth privacy. Then, analyzing the unintended privacy consequences, focusing on how states are required to collect sensitive information that we are often trying to protect. Next, we will examine the First Amendment concerns using the example of the challenges to California’s Age Appropriate Design Code Act before finally discussing a path forward to protecting children.\n\n\n","media":[],"title":"Wu-Tang is for the Children: How States Laws Intended to Protect Children Raise Other Privacy and Legal Risks","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:30:00Z","end_timestamp":{"seconds":1723408200,"nanoseconds":0},"android_description":"On February 25, 1998, hip-hop group the Wu-Tang Clan made Grammy history… for all the wrong reasons. After losing in the Rap Album of the Year category, Wu-Tang member ODB stormed the stage, interrupting an acceptance speech to declare the now infamous phrase “Wu-Tang is for the children.” Anyone who has heard a song from Wu-Tang knows that despite ODB’s insistence, it is certainly not true. It appears that States may be taking this same approach when it comes to children's privacy and safety online. Despite these laws being for the protection of children, they often raise other unintended consequences. State legislatures around the country are debating new laws to protect children online. This year, Tennessee, Maryland, Virginia, Georgia, Utah, and Florida have passed legislation focused on children's privacy, usually through restrictions on social media use. While privacy advocates have championed these laws, they have been met with criticism and, in some instances, legal challenges. This is because in order to implement laws that apply to kids online, companies have to identify which users are kids—which requires the collection of sensitive personal information. Along with this privacy tension, there are First Amendment protection concerns that these laws limit online speech. This presentation will explore how youth privacy laws may not be protecting children in the ways that we hope by first discussing the attempts made by states to address youth privacy. Then, analyzing the unintended privacy consequences, focusing on how states are required to collect sensitive information that we are often trying to protect. Next, we will examine the First Amendment concerns using the example of the challenges to California’s Age Appropriate Design Code Act before finally discussing a path forward to protecting children.","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54655],"conference_id":133,"event_ids":[55028],"name":"Anthony Hendricks","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Crowe & Dunlevy","title":"Litigator"}],"pronouns":null,"links":[{"description":"","title":"Website","sort_order":0,"url":"https://www.anthonyjhendricks.com"}],"media":[],"id":54284,"title":"Litigator at Crowe & Dunlevy"}],"begin_tsz":"2024-08-11T20:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T20:30:00.000-0000","id":55028,"tag_ids":[46377,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723406400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54284}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-11T20:00:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AI assistants like ChatGPT are changing how we interact with technology. But what if someone could read your confidential chats? Imagine awkwardly asking your AI about a strange rash, or to edit an email, only to have that conversation exposed to someone on the net. In this talk we'll unveil a novel side-channel vulnerability in popular AI assistants and demonstrate how it can be used to read encrypted messages sent from AI Assistants.\r\n\r\nBefore our disclosure, major players like OpenAI, Microsoft, Cloudflare, Quora, and Notion were at risk. We'll reveal the technical details of this exploit and show real-world examples of intercepted conversations. This talk isn't just about the problem – learn how to identify this vulnerability in other AI assistants as well! We'll dissect network traffic, discuss attack models, and explore the far-reaching consequences of this discovery.\r\n\r\nReferences:\r\n1. Samuel Addington. Chatgpt: Cyber security threats and countermeasures. Available at SSRN 4425678, 2023.\r\n2. Benjamin Harsha, Robert Morton, Jeremiah Blocki, John Springer, and Melissa Dark. Bicycle attacks con- sidered harmful: Quantifying the damage of widespread password length leakage. Computers & Security, 100:102068, 2021.\r\n3. John V Monaco. What are you searching for? a remote keylogging attack on search engine autocomplete. In 28th USENIX Security Symposium (USENIX Security 19), pages 959–976, 2019.\r\n\n\n\n","media":[],"title":"Your AI Assistant has a Big Mouth: A New Side-Channel Attack","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T20:45:00Z","end_timestamp":{"seconds":1723409100,"nanoseconds":0},"android_description":"AI assistants like ChatGPT are changing how we interact with technology. But what if someone could read your confidential chats? Imagine awkwardly asking your AI about a strange rash, or to edit an email, only to have that conversation exposed to someone on the net. In this talk we'll unveil a novel side-channel vulnerability in popular AI assistants and demonstrate how it can be used to read encrypted messages sent from AI Assistants.\r\n\r\nBefore our disclosure, major players like OpenAI, Microsoft, Cloudflare, Quora, and Notion were at risk. We'll reveal the technical details of this exploit and show real-world examples of intercepted conversations. This talk isn't just about the problem – learn how to identify this vulnerability in other AI assistants as well! We'll dissect network traffic, discuss attack models, and explore the far-reaching consequences of this discovery.\r\n\r\nReferences:\r\n1. Samuel Addington. Chatgpt: Cyber security threats and countermeasures. Available at SSRN 4425678, 2023.\r\n2. Benjamin Harsha, Robert Morton, Jeremiah Blocki, John Springer, and Melissa Dark. Bicycle attacks con- sidered harmful: Quantifying the damage of widespread password length leakage. Computers & Security, 100:102068, 2021.\r\n3. John V Monaco. What are you searching for? a remote keylogging attack on search engine autocomplete. In 28th USENIX Security Symposium (USENIX Security 19), pages 959–976, 2019.","updated_timestamp":{"seconds":1721085590,"nanoseconds":0},"speakers":[{"content_ids":[54536],"conference_id":133,"event_ids":[54909],"name":"Yisroel Mirsky","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Ben-Gurion University","title":"Tenure-Track Lecturer and Zuckerman Faculty Scholar, Department of Software and Information Systems Engineering"}],"links":[],"pronouns":"he/him","media":[],"id":54120,"title":"Tenure-Track Lecturer and Zuckerman Faculty Scholar, Department of Software and Information Systems Engineering at Ben-Gurion University"},{"content_ids":[54536],"conference_id":133,"event_ids":[54909],"name":"Guy Amit","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"IBM Research","title":""},{"organization":"Ben-Gurion University of the Negev","title":"PhD Candidate Student, Department of Software and Information Systems Engineering"}],"links":[],"pronouns":null,"media":[],"id":54662,"title":"PhD Candidate Student, Department of Software and Information Systems Engineering at Ben-Gurion University of the Negev"},{"content_ids":[54536],"conference_id":133,"event_ids":[54909],"name":"Daniel Ayzenshteyn","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Ben-Gurion University of the Negev","title":"Researcher and Master's Degree Student, Department of Software and Information Systems Engineering"}],"links":[],"pronouns":null,"media":[],"id":54663,"title":"Researcher and Master's Degree Student, Department of Software and Information Systems Engineering at Ben-Gurion University of the Negev"},{"content_ids":[54536],"conference_id":133,"event_ids":[54909],"name":"Roy Weiss","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Ben-Gurion University of the Negev","title":"Researcher and Master's Degree Student, Department of Software and Information Systems Engineering"}],"links":[],"pronouns":null,"media":[],"id":54664,"title":"Researcher and Master's Degree Student, Department of Software and Information Systems Engineering at Ben-Gurion University of the Negev"}],"begin_tsz":"2024-08-11T20:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-15T23:19:50Z","links":[],"end":"2024-08-11T20:45:00.000-0000","id":54909,"tag_ids":[46166,46169,46419,46437,46438,46880],"village_id":null,"begin_timestamp":{"seconds":1723406400,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54120},{"tag_id":46167,"sort_order":4,"person_id":54664},{"tag_id":46167,"sort_order":6,"person_id":54663},{"tag_id":46167,"sort_order":8,"person_id":54662}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-11T20:00:00.000-0000","updated":"2024-07-15T23:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Closing Note","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T19:40:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55931,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723405200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-11T19:40:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"QOLOSSUS CONTEST Q-CTF Finals","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T19:30:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56447,"tag_ids":[46389,46641],"village_id":null,"begin_timestamp":{"seconds":1723404600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-11T19:30:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Exploit Prediction Scoring System (EPSS) provides efficient, data-driven vulnerability management data that uses current threat information from CVE and real-world exploit that helps understand the probability that a vulnerability will be exploited.\r\n\r\nThis talk will discuss the EPSS model in-depth and demonstrate how to implement EPSS for CI/CD pipelines and more traditional operating systems and application patching. \n\n\n","media":[],"title":"Using EPSS for Better Vulnerability Management","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The Exploit Prediction Scoring System (EPSS) provides efficient, data-driven vulnerability management data that uses current threat information from CVE and real-world exploit that helps understand the probability that a vulnerability will be exploited.\r\n\r\nThis talk will discuss the EPSS model in-depth and demonstrate how to implement EPSS for CI/CD pipelines and more traditional operating systems and application patching.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55725],"conference_id":133,"event_ids":[56256],"name":"jgamblin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56127}],"begin_tsz":"2024-08-11T19:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56256,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723404600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56127}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-11T19:30:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"World Wide War Drive Outbrief","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55443,55453,55461],"conference_id":133,"event_ids":[55868,55878,55886],"name":"RF Hackers","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@rfhackers"},{"description":"","title":"Website","sort_order":0,"url":"https://rfhackers.com/"}],"media":[],"id":55982},{"content_ids":[55461],"conference_id":133,"event_ids":[55886],"name":"WiGLE Staff","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@wiglenet"},{"description":"","title":"Website","sort_order":0,"url":"https://wigle.net/"}],"media":[],"id":55983}],"begin_tsz":"2024-08-11T19:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55886,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723404600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55982},{"tag_id":46167,"sort_order":4,"person_id":55983}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-11T19:30:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The presentation aims to discuss the existing biases in AI-assisted news reporting. It explores how AI has been integrated into news media over the years and the implications of its use, particularly in terms of misinformation and disinformation. The goal is to spark a discussion on the role of AI in news propagation and its impact on public perception and truth. Starting with a historical overview, this presentation highlights how AI has been used by outlets like Narrative Science, the Associated Press, and the Washington Post to automate news content. The talk emphasizes the distinction between misinformation and disinformation and discusses how AI can amplify existing biases if trained on biased data. The presentation also covers the shift in news consumption towards digital platforms, the rapid spread of misinformation, and the importance of diverse media sources to prevent echo chambers.\n\n\n","media":[],"title":"Exploring Bias in AI-Assisted News","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The presentation aims to discuss the existing biases in AI-assisted news reporting. It explores how AI has been integrated into news media over the years and the implications of its use, particularly in terms of misinformation and disinformation. The goal is to spark a discussion on the role of AI in news propagation and its impact on public perception and truth. Starting with a historical overview, this presentation highlights how AI has been used by outlets like Narrative Science, the Associated Press, and the Washington Post to automate news content. The talk emphasizes the distinction between misinformation and disinformation and discusses how AI can amplify existing biases if trained on biased data. The presentation also covers the shift in news consumption towards digital platforms, the rapid spread of misinformation, and the importance of diverse media sources to prevent echo chambers.","updated_timestamp":{"seconds":1721495411,"nanoseconds":0},"speakers":[{"content_ids":[55206,55186],"conference_id":133,"event_ids":[55576,55596],"name":"Sydney Johns","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Johns Hopkins Human Language Technology Center of Excellence","title":"Phd Student & Artificial Intelligence Researcher"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/sydney-johns/"}],"media":[],"id":55811,"title":"Phd Student & Artificial Intelligence Researcher at Johns Hopkins Human Language Technology Center of Excellence"}],"begin_tsz":"2024-08-11T19:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-20T17:10:11Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55596,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723404600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55811}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-11T19:30:00.000-0000","updated":"2024-07-20T17:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"ADS-B aircraft tracking has long been done with Raspberry Pi’s and SDRs. We set out to build our own receiver from the ground up, but without resorting to expensive and power-hungry SDR chips. Join us for a behind-the-scenes look as we walk through how we were able to (ab)use hardware to squeeze an entire Linux system, custom signal processing chain, and map visualizer into a chip that costs less than most microcontrollers.\n\n\n","media":[],"title":"Behind the Badge: How we used and abused hardware to create the AV badge for DC32","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"ADS-B aircraft tracking has long been done with Raspberry Pi’s and SDRs. We set out to build our own receiver from the ground up, but without resorting to expensive and power-hungry SDR chips. Join us for a behind-the-scenes look as we walk through how we were able to (ab)use hardware to squeeze an entire Linux system, custom signal processing chain, and map visualizer into a chip that costs less than most microcontrollers.","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54656],"conference_id":133,"event_ids":[55030],"name":"Robert Pafford","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54273},{"content_ids":[54656],"conference_id":133,"event_ids":[55030],"name":"Adam Batori","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54280}],"begin_tsz":"2024-08-11T19:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55030,"tag_ids":[46169,46366,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723404600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54280},{"tag_id":46167,"sort_order":1,"person_id":54273}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-11T19:30:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"From January to May 2024, a team of student researchers at Brigham Young University looked for 0days in a consumer-grade home router made by Vilo Living. By April 2024, they had found 9 zero days, 6 of which were critical. This presentation covers the process they went through from initial reconnaissance to hardware hacking to finding buffer overflows to reporting the bugs to the organization. Outline: Initial recon - OSINT on the company, previous vulnerabilities released (none), and black-box interactions with network services on the LAN Hardware hacking - identifying chips on the board, connecting to the UART interface, deciphering boot up info, dumping the flash memory (didn’t work), and observing reads/writes by the CPU to flash memory to obtain the firmware Cloud enumeration - discovering the AWS S3 buckets and IoT infrastructure, tracing cloud interactions (authenticating to the router remotely, retrieving MQTT certificates, etc.) Firmware enumeration - kernel + libc version, arch, how to emulate binaries on an x86 machine, compiling code to run on the router, what binary does what, etc. Vulnerability discovery - finishing reversing custom TCP protocol for mobile app->router interactions, searching for stack overflows, lack of authentication, command injection (and accidentally bricking 3 routers), info leaks, reviewing the 9 vulnerabilities we discovered, weaponizing and chaining some of the vulnerabilities, etc. Vendor disclosure - difficulty contacting the vendor in May 2024 with vulnerability details (they were almost dead), how the disclosure process went, filing for CVEs in June, publishing vuln details in August Conclusion - how stupid easy it is to hack IoT devices, how IoT vendors treat security issues, where future research can focus\n\n\n","media":[],"title":"Finding 0days in Vilo Home Routers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"From January to May 2024, a team of student researchers at Brigham Young University looked for 0days in a consumer-grade home router made by Vilo Living. By April 2024, they had found 9 zero days, 6 of which were critical. This presentation covers the process they went through from initial reconnaissance to hardware hacking to finding buffer overflows to reporting the bugs to the organization. Outline: Initial recon - OSINT on the company, previous vulnerabilities released (none), and black-box interactions with network services on the LAN Hardware hacking - identifying chips on the board, connecting to the UART interface, deciphering boot up info, dumping the flash memory (didn’t work), and observing reads/writes by the CPU to flash memory to obtain the firmware Cloud enumeration - discovering the AWS S3 buckets and IoT infrastructure, tracing cloud interactions (authenticating to the router remotely, retrieving MQTT certificates, etc.) Firmware enumeration - kernel + libc version, arch, how to emulate binaries on an x86 machine, compiling code to run on the router, what binary does what, etc. Vulnerability discovery - finishing reversing custom TCP protocol for mobile app->router interactions, searching for stack overflows, lack of authentication, command injection (and accidentally bricking 3 routers), info leaks, reviewing the 9 vulnerabilities we discovered, weaponizing and chaining some of the vulnerabilities, etc. Vendor disclosure - difficulty contacting the vendor in May 2024 with vulnerability details (they were almost dead), how the disclosure process went, filing for CVEs in June, publishing vuln details in August Conclusion - how stupid easy it is to hack IoT devices, how IoT vendors treat security issues, where future research can focus","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54654],"conference_id":133,"event_ids":[55027],"name":"Justin Mott","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Brigham Young University (BYU)","title":"Grad Student"}],"links":[],"pronouns":null,"media":[],"id":54310,"title":"Grad Student at Brigham Young University (BYU)"},{"content_ids":[54654],"conference_id":133,"event_ids":[55027],"name":"Ava Petersen","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Brigham Young University (BYU)","title":"Student"}],"links":[],"pronouns":null,"media":[],"id":54331,"title":"Student at Brigham Young University (BYU)"}],"begin_tsz":"2024-08-11T19:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55027,"tag_ids":[46383,46419,46437,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723404600,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54331},{"tag_id":46167,"sort_order":1,"person_id":54310}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-11T19:30:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Modern cars are a complex networks of computers put on four wheels. For security research, it is important to understand the car's internal network and exposed interfaces. But what else could you use this knowledge for? You probably guessed it from the title 🙂. So we developed a tool to turn our research car into a game controller.\r\n\r\nIn this talk, we present Vehicle-to-Game (V2G), a Python-based project that enables the usage of cars as game controllers. V2G can run either directly on a laptop or turn a Raspberry Pi Zero WH into a Bluetooth gamepad. In addition, V2G can either be used over the OBD2-diagnostic port or by directly accessing the internal CAN-busses of the car.\r\n\r\nOur project can be a great starting point if you always wanted to tinker around with your car or want to learn about the CAN bus or diagnostic communication (UDS). To make V2G work with your car, some reverse engineering of CAN messages or diagnostic communication will be required (as well as additional hardware to connect to the CAN bus). Otherwise, if you can get this running, you can be sure that you own a more expensive game controller than your neighbors.\r\n\r\nTools and hardware:\r\n1. General introduction into the CAN-bus and UDS: [link](https://www.csselectronics.com/pages/can-bus-simple-intro-tutorial)\r\n2. Tool for designing PCBs: [link](https://easyeda.com)\r\n3. Tool for making CAN messages readable: [link](https://www.savvycan.com/)\r\n4. Hardware for accessing CAN-bus and OBD: [link](https://www.peak-system.com/PCAN-USB.199.0.html)\r\n5. CAN utils: [link](https://github.com/linux-can/can-utils)\r\n6. CAN hat for Raspberry Pi: [link](https://www.waveshare.com/wiki/RS485_CAN_HAT)\r\n\r\nUsed libraries:\r\n1. [link](https://github.com/Heerkog/HIDpi) Many thanks for providing this great library and documentation for utilizing the Raspberry Pi as a Bluetooth device!\r\n2. [link](https://github.com/yannbouteiller/vgamepad)\r\n3. [link](https://github.com/hardbyte/python-can)\r\n\r\nMisc:\r\n1. Tesla DBC files: [link](https://github.com/joshwardell/model3dbc)\r\n2. ACSD website: [link](https://fbi.h-da.de/en/research/research-groups/applied-cyber-security-darmstadt)\r\n3. V2G Repository on GitHub (private until start of DEF CON): [link](https://github.com/Vehicle2Game/v2g)\r\n\n\n\n","media":[],"title":"Redefining V2G - How to use your vehicle as a game controller","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T20:15:00Z","end_timestamp":{"seconds":1723407300,"nanoseconds":0},"android_description":"Modern cars are a complex networks of computers put on four wheels. For security research, it is important to understand the car's internal network and exposed interfaces. But what else could you use this knowledge for? You probably guessed it from the title 🙂. So we developed a tool to turn our research car into a game controller.\r\n\r\nIn this talk, we present Vehicle-to-Game (V2G), a Python-based project that enables the usage of cars as game controllers. V2G can run either directly on a laptop or turn a Raspberry Pi Zero WH into a Bluetooth gamepad. In addition, V2G can either be used over the OBD2-diagnostic port or by directly accessing the internal CAN-busses of the car.\r\n\r\nOur project can be a great starting point if you always wanted to tinker around with your car or want to learn about the CAN bus or diagnostic communication (UDS). To make V2G work with your car, some reverse engineering of CAN messages or diagnostic communication will be required (as well as additional hardware to connect to the CAN bus). Otherwise, if you can get this running, you can be sure that you own a more expensive game controller than your neighbors.\r\n\r\nTools and hardware:\r\n1. General introduction into the CAN-bus and UDS: [link](https://www.csselectronics.com/pages/can-bus-simple-intro-tutorial)\r\n2. Tool for designing PCBs: [link](https://easyeda.com)\r\n3. Tool for making CAN messages readable: [link](https://www.savvycan.com/)\r\n4. Hardware for accessing CAN-bus and OBD: [link](https://www.peak-system.com/PCAN-USB.199.0.html)\r\n5. CAN utils: [link](https://github.com/linux-can/can-utils)\r\n6. CAN hat for Raspberry Pi: [link](https://www.waveshare.com/wiki/RS485_CAN_HAT)\r\n\r\nUsed libraries:\r\n1. [link](https://github.com/Heerkog/HIDpi) Many thanks for providing this great library and documentation for utilizing the Raspberry Pi as a Bluetooth device!\r\n2. [link](https://github.com/yannbouteiller/vgamepad)\r\n3. [link](https://github.com/hardbyte/python-can)\r\n\r\nMisc:\r\n1. Tesla DBC files: [link](https://github.com/joshwardell/model3dbc)\r\n2. ACSD website: [link](https://fbi.h-da.de/en/research/research-groups/applied-cyber-security-darmstadt)\r\n3. V2G Repository on GitHub (private until start of DEF CON): [link](https://github.com/Vehicle2Game/v2g)","updated_timestamp":{"seconds":1721092916,"nanoseconds":0},"speakers":[{"content_ids":[54535],"conference_id":133,"event_ids":[54908],"name":"Jannis Hamborg","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Darmstadt University of Applied Sciences","title":"PhD Student"}],"links":[],"pronouns":null,"media":[],"id":54097,"title":"PhD Student at Darmstadt University of Applied Sciences"},{"content_ids":[54535],"conference_id":133,"event_ids":[54908],"name":"Timm Lauser","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Darmstadt University of Applied Sciences","title":"PhD Student"}],"links":[],"pronouns":"he/him","media":[],"id":54124,"title":"PhD Student at Darmstadt University of Applied Sciences"}],"begin_tsz":"2024-08-11T19:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-16T01:21:56Z","links":[],"end":"2024-08-11T20:15:00.000-0000","id":54908,"tag_ids":[46166,46169,46419,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723404600,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54124},{"tag_id":46167,"sort_order":4,"person_id":54097}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-11T19:30:00.000-0000","updated":"2024-07-16T01:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As the successor to the iptables, nftables stands as a crucial network component within the Linux kernel, managing packet filtering and other network-related functionalities. With continuous development and changes, features designed to increase its efficiency, such as batch commit, anonymous chains/sets, and asynchronous garbage collection, have been implemented, which in turn has significantly increased its complexity and made it an attractive target for attackers in recent years.\r\n\r\nSince the announcement of the kernelCTF bug bounty, multiple nftables 0-day vulnerabilities have been reported and patched to enhance its security. However, if not careful enough, the security patch may not only mitigate the bug but also introduce new security issues unintentionally. By researching the structural changes in the nftables codebase, we successfully uncover new vulnerabilities despite the intense competition in kernelCTF. Also, we managed to speedrun the exploitation just before Google removed nftables from LTS instance, becoming the last LTS nftables exploitation.\r\n\r\nIn this presentation, we will share three nftables vulnerabilities we discovered in a storytelling fashion. We start with a brief introduction on how nftables works under the hood to familiarize attendees with the basics. After that, we dive into nftables internals and dissect three vulnerabilities discovered during our journey, two of which involved utilizing hard-to-exploit race conditions to pwn the flag. Alongside details of the exploitation, we will also share the roller-coaster story of kernelCTF experiences, filled with dramatic highs and lows, making it a tense and exhilarating journey.\r\n\r\n- Previous nf_tables research:\r\n- [link](https://research.nccgroup.com/2022/09/01/settlers-of-netlink-exploiting-a-limited-uaf-in-nf_tables-cve-2022-32250/)\r\n- [link](https://starlabs.sg/blog/2023/09-nftables-adventures-bug-hunting-and-n-day-exploitation/)\r\n- [link](https://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2023-4004_lts_cos_mitigation/docs/exploit.md)\r\n- Container escape:\r\n- [link](https://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2023-4622_lts/docs/exploit.md)\r\n- RCU related documentation:\r\n- [link](https://www.kernel.org/doc/Documentation/RCU/whatisRCU.txt)\r\n- [link](https://pdos.csail.mit.edu/6.828/2023/lec/rcu-faq.txt)\r\n\n\n\n","media":[],"title":"Clash, Burn, and Exploit: Manipulate Filters to Pwn kernelCTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T20:15:00Z","end_timestamp":{"seconds":1723407300,"nanoseconds":0},"android_description":"As the successor to the iptables, nftables stands as a crucial network component within the Linux kernel, managing packet filtering and other network-related functionalities. With continuous development and changes, features designed to increase its efficiency, such as batch commit, anonymous chains/sets, and asynchronous garbage collection, have been implemented, which in turn has significantly increased its complexity and made it an attractive target for attackers in recent years.\r\n\r\nSince the announcement of the kernelCTF bug bounty, multiple nftables 0-day vulnerabilities have been reported and patched to enhance its security. However, if not careful enough, the security patch may not only mitigate the bug but also introduce new security issues unintentionally. By researching the structural changes in the nftables codebase, we successfully uncover new vulnerabilities despite the intense competition in kernelCTF. Also, we managed to speedrun the exploitation just before Google removed nftables from LTS instance, becoming the last LTS nftables exploitation.\r\n\r\nIn this presentation, we will share three nftables vulnerabilities we discovered in a storytelling fashion. We start with a brief introduction on how nftables works under the hood to familiarize attendees with the basics. After that, we dive into nftables internals and dissect three vulnerabilities discovered during our journey, two of which involved utilizing hard-to-exploit race conditions to pwn the flag. Alongside details of the exploitation, we will also share the roller-coaster story of kernelCTF experiences, filled with dramatic highs and lows, making it a tense and exhilarating journey.\r\n\r\n- Previous nf_tables research:\r\n- [link](https://research.nccgroup.com/2022/09/01/settlers-of-netlink-exploiting-a-limited-uaf-in-nf_tables-cve-2022-32250/)\r\n- [link](https://starlabs.sg/blog/2023/09-nftables-adventures-bug-hunting-and-n-day-exploitation/)\r\n- [link](https://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2023-4004_lts_cos_mitigation/docs/exploit.md)\r\n- Container escape:\r\n- [link](https://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2023-4622_lts/docs/exploit.md)\r\n- RCU related documentation:\r\n- [link](https://www.kernel.org/doc/Documentation/RCU/whatisRCU.txt)\r\n- [link](https://pdos.csail.mit.edu/6.828/2023/lec/rcu-faq.txt)","updated_timestamp":{"seconds":1722098340,"nanoseconds":0},"speakers":[{"content_ids":[54534],"conference_id":133,"event_ids":[54907],"name":"Kuan-Ting \"HexRabbit\" Chen","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DEVCORE","title":"Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Blog","sort_order":0,"url":"https://blog.hexrabbit.io"},{"description":"","title":"Twitter (@h3xr4bb1t)","sort_order":0,"url":"https://twitter.com/h3xr4bb1t"}],"media":[],"id":54054,"title":"Security Researcher at DEVCORE"}],"begin_tsz":"2024-08-11T19:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-27T16:39:00Z","links":[],"end":"2024-08-11T20:15:00.000-0000","id":54907,"tag_ids":[46166,46169,46419,46437,46882],"village_id":null,"begin_timestamp":{"seconds":1723404600,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54054}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-11T19:30:00.000-0000","updated":"2024-07-27T16:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DARPA and ARPA-H joined forces for the AI Cyber Challenge (AIxCC), a two-year competition aimed at revolutionizing cybersecurity through AI-driven solutions. AIxCC asks the nation’s top talent in AI and cybersecurity to develop Cyber Reasoning Systems capable of automatically finding and fixing software vulnerabilities to secure critical software. In this talk, we are excited to announce the results of the Semifinals event. We will conduct a brief examination of the AI systems developed by the top teams by analyzing their strategies, discuss key innovations and methodologies employed, and discuss the overall impact of the competition on the cybersecurity landscape. The top-ranking teams will be eligible to win one of the $2 million in semifinal prizes, as well as a spot in the Finals competition at DEF CON 33.\n\n\n","media":[],"title":"AIxCC Closing Ceremonies","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T20:15:00Z","end_timestamp":{"seconds":1723407300,"nanoseconds":0},"android_description":"DARPA and ARPA-H joined forces for the AI Cyber Challenge (AIxCC), a two-year competition aimed at revolutionizing cybersecurity through AI-driven solutions. AIxCC asks the nation’s top talent in AI and cybersecurity to develop Cyber Reasoning Systems capable of automatically finding and fixing software vulnerabilities to secure critical software. In this talk, we are excited to announce the results of the Semifinals event. We will conduct a brief examination of the AI systems developed by the top teams by analyzing their strategies, discuss key innovations and methodologies employed, and discuss the overall impact of the competition on the cybersecurity landscape. The top-ranking teams will be eligible to win one of the $2 million in semifinal prizes, as well as a spot in the Finals competition at DEF CON 33.","updated_timestamp":{"seconds":1720307461,"nanoseconds":0},"speakers":[{"content_ids":[54533,54511],"conference_id":133,"event_ids":[54884,54906],"name":"Perri Adams","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Defense Advanced Research Projects Agency (DARPA)","title":"Special Assistant to the Director"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@perribus)","sort_order":0,"url":"https://twitter.com/perribus"}],"media":[],"id":54047,"title":"Special Assistant to the Director at Defense Advanced Research Projects Agency (DARPA)"},{"content_ids":[54533,55322,56132],"conference_id":133,"event_ids":[55714,56775,54906],"name":"Andrew Carney","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DARPA AI Cyber Challenge (AIxCC)","title":"Program Manager"},{"organization":"Advanced Research Projects Agency for Health (ARPA-H)","title":"Program Manager"}],"pronouns":null,"links":[{"description":"","title":"ARPA-H Profile","sort_order":0,"url":"https://arpa-h.gov/about/people/andrew-carney"}],"media":[],"id":54106,"title":"Program Manager at Advanced Research Projects Agency for Health (ARPA-H)"}],"begin_tsz":"2024-08-11T19:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-06T23:11:01Z","links":[],"end":"2024-08-11T20:15:00.000-0000","id":54906,"tag_ids":[46166,46419],"village_id":null,"begin_timestamp":{"seconds":1723404600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54106},{"tag_id":46167,"sort_order":4,"person_id":54047}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01:02 (Tracks 1-2)","hotel":"","short_name":"HW1-11-01:02 (Tracks 1-2)","id":46320},"spans_timebands":"N","begin":"2024-08-11T19:30:00.000-0000","updated":"2024-07-06T23:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Engineers can carefully build their networks, designing the traffic flow explicitly through well constructed controls, even following design best practices from the CSP themselves, only to be let down by unexpected subtleties in the exact way certain technologies operate.\n\nIn this talk, we will take a look at just such a case study concerning Transit Gateways (TGW) in AWS, where security consultants were able to communicate freely across an apparent network boundary. We will review how TGWs are attached to subnets, and how the documentation implies they should operate. Then we will examine why NACLs appeared to be having no effect on blocking traffic, and allowed an effectively flat network between two peered accounts.\n\nThis case study will demonstrate the importance and effectiveness of practical testing, either internally by the developers or with an external reviewer, in confirming – or in many cases quite the opposite – that the operation matches the design aims. It isn’t always easy to find that leak, but if there is a puddle of water on the floor then at least you know you need to start looking for the flaw. This talk will show through the TGW case study and a few other examples how we noticed the puddle, how we found the leak, how it was fixed, and how hopefully the same leak won’t spring twice.\n\n\n","media":[],"title":"Unexpected Leaks in AWS Transit Gateways","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:40:00Z","end_timestamp":{"seconds":1723405200,"nanoseconds":0},"android_description":"Engineers can carefully build their networks, designing the traffic flow explicitly through well constructed controls, even following design best practices from the CSP themselves, only to be let down by unexpected subtleties in the exact way certain technologies operate.\n\nIn this talk, we will take a look at just such a case study concerning Transit Gateways (TGW) in AWS, where security consultants were able to communicate freely across an apparent network boundary. We will review how TGWs are attached to subnets, and how the documentation implies they should operate. Then we will examine why NACLs appeared to be having no effect on blocking traffic, and allowed an effectively flat network between two peered accounts.\n\nThis case study will demonstrate the importance and effectiveness of practical testing, either internally by the developers or with an external reviewer, in confirming – or in many cases quite the opposite – that the operation matches the design aims. It isn’t always easy to find that leak, but if there is a puddle of water on the floor then at least you know you need to start looking for the flaw. This talk will show through the TGW case study and a few other examples how we noticed the puddle, how we found the leak, how it was fixed, and how hopefully the same leak won’t spring twice.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55501],"conference_id":133,"event_ids":[55930],"name":"William Taylor","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56023}],"begin_tsz":"2024-08-11T19:20:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-11T19:40:00.000-0000","id":55930,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723404000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56023}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-11T19:20:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"CPV: Program Committee Closing Remarks","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:30:00Z","end_timestamp":{"seconds":1723404600,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723400075,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-11T18:14:35Z","links":[],"end":"2024-08-11T19:30:00.000-0000","id":56883,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-08-11T18:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"After experiencing Def Con this year, it was apparent there was a lot of interest in Meshtastic but very little content available. This will cover some common questions I've been fielding throughout the conference, as well as a space to ask your own questions.\n\n\n","media":[],"title":"An ad-hoc talk about ad-hoc networking with Meshtastic","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:30:00Z","end_timestamp":{"seconds":1723404600,"nanoseconds":0},"android_description":"After experiencing Def Con this year, it was apparent there was a lot of interest in Meshtastic but very little content available. This will cover some common questions I've been fielding throughout the conference, as well as a space to ask your own questions.","updated_timestamp":{"seconds":1723389286,"nanoseconds":0},"speakers":[{"content_ids":[56224],"conference_id":133,"event_ids":[56881],"name":"Lucas \"N0OPS\" Gahler","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56621}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-11T15:14:46Z","links":[],"end":"2024-08-11T19:30:00.000-0000","id":56881,"tag_ids":[46380,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56621}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W321","hotel":"","short_name":"W321","id":46337},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-08-11T15:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Game Hacking Community Closing Talk & Awards Ceremony","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722815484,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-04T23:51:24Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56752,"tag_ids":[46402,46511],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-03","hotel":"","short_name":"HW4-01-03","id":46275},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-08-04T23:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We will be handing out the CTF Prizes and awards. Must be present to win!\n\n\n","media":[],"title":"DCNextGen Awards and Closing Ceremony","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"We will be handing out the CTF Prizes and awards. Must be present to win!","updated_timestamp":{"seconds":1722726317,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T23:05:17Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56617,"tag_ids":[46398,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-08-03T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Village closing ceremony\n\n\n","media":[],"title":"Village closing","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Village closing ceremony","updated_timestamp":{"seconds":1722715708,"nanoseconds":0},"speakers":[{"content_ids":[55981,55982,55983,55994],"conference_id":133,"event_ids":[56597,56598,56599,56600,56601,56602,56603,56604,56605,56616],"name":"Adversary Village Crew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56320}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T20:08:28Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56616,"tag_ids":[46367,46511],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56320}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-08-03T20:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Durante abril de 2024 el equipo GERT de Kaspersky detectó un nuevo grupo de ransomware aprovechando las funcionalidades de Microsoft para cifrar sistemas en infraestructuras comprometidas, usando scripts para disminuir defensas, deshabilitar parámetros críticos de sistemas Microsoft y finalmente usar el servicio Bitlocker de Microsoft, creando contraseñas individuales de cifrado por cada sistema, eliminando los rastros locales y enviando los datos mediante comunicaciones de comando y control para garantizar el descifrado y recibir el pago del rescate. Aunque el ataque fue dirigido a organizaciones en LATAM, fue identificado también en Jordania e Indonesia. Durante esta charla presentaremos los principales retos de recolectar evidencia en sistemas donde los discos fueron completamente cifrados y las propuestas de descifrado habilitadas una vez se obtuvo la muestra del malware construida de forma dirigida para las organizaciones afectadas. Se presentarán los mecanismos de descifrado disponibles frente a esta y otras amenazas similares y las técnicas usadas por los adversarios para comprometer las infraestructuras.\n\n\n","media":[],"title":"Abusando de Bitlocker para secuestrar información corporativa | Desde la intrusión hasta el descifrado (i)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Durante abril de 2024 el equipo GERT de Kaspersky detectó un nuevo grupo de ransomware aprovechando las funcionalidades de Microsoft para cifrar sistemas en infraestructuras comprometidas, usando scripts para disminuir defensas, deshabilitar parámetros críticos de sistemas Microsoft y finalmente usar el servicio Bitlocker de Microsoft, creando contraseñas individuales de cifrado por cada sistema, eliminando los rastros locales y enviando los datos mediante comunicaciones de comando y control para garantizar el descifrado y recibir el pago del rescate. Aunque el ataque fue dirigido a organizaciones en LATAM, fue identificado también en Jordania e Indonesia. Durante esta charla presentaremos los principales retos de recolectar evidencia en sistemas donde los discos fueron completamente cifrados y las propuestas de descifrado habilitadas una vez se obtuvo la muestra del malware construida de forma dirigida para las organizaciones afectadas. Se presentarán los mecanismos de descifrado disponibles frente a esta y otras amenazas similares y las técnicas usadas por los adversarios para comprometer las infraestructuras.","updated_timestamp":{"seconds":1722700538,"nanoseconds":0},"speakers":[{"content_ids":[55978],"conference_id":133,"event_ids":[56594],"name":"Eduardo Chavarro Ovalle","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Digital Forensic and Incident Response Group Manager Americas"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@echavarro)","sort_order":0,"url":"https://x.com/echavarro"},{"description":"","title":"co.linkedin.com/in/echavarro?trk=public_post_feed-actor-name","sort_order":0,"url":"https://co.linkedin.com/in/echavarro?trk=public_post_feed-actor-name"}],"media":[],"id":56311,"title":"Digital Forensic and Incident Response Group Manager Americas"}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T15:55:38Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56594,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56311}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to create a cute, squishy, Wi-Fi controllable LED cat lamp? In this workshop, we'll create a cute cat lamp featuring programmable IoT LED's, giving it custom light animations and Wi-Fi control! Your adorable cat lamp can be controlled over Wi-Fi with WLED, allowing you to control it with home automation software. You will create open source, Wi-Fi controlled LED art; learn basic soldering; and take home the remote-controlled Pusheen lamp of your dreams.\n\n\n","media":[],"title":"IoT Cat Lamp","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T20:30:00Z","end_timestamp":{"seconds":1723408200,"nanoseconds":0},"android_description":"Want to create a cute, squishy, Wi-Fi controllable LED cat lamp? In this workshop, we'll create a cute cat lamp featuring programmable IoT LED's, giving it custom light animations and Wi-Fi control! Your adorable cat lamp can be controlled over Wi-Fi with WLED, allowing you to control it with home automation software. You will create open source, Wi-Fi controlled LED art; learn basic soldering; and take home the remote-controlled Pusheen lamp of your dreams.","updated_timestamp":{"seconds":1722645221,"nanoseconds":0},"speakers":[{"content_ids":[55930,55931,55932,55933,55934,55935,55936,55937,55938,55939],"conference_id":133,"event_ids":[56521,56522,56523,56524,56525,56526,56527,56528,56529,56530],"name":"Kody K","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56287}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:41Z","links":[{"label":"Purchase/Pre-Register","type":"link","url":"https://retia.io/products/make-your-iot-wi-fi-connected-pursheen-cat-lamp-with-wled-10-30am-class"}],"end":"2024-08-11T20:30:00.000-0000","id":56530,"tag_ids":[46383,46429,46734],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56287}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We’re going over the results of the GRT and giving out some awards for our favorite reports. We want to hear from you about how it went and what you liked.\n\n\n","media":[],"title":"Generative Red Team 2 Readout & Acknowledgements","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"We’re going over the results of the GRT and giving out some awards for our favorite reports. We want to hear from you about how it went and what you liked.","updated_timestamp":{"seconds":1722625241,"nanoseconds":0},"speakers":[{"content_ids":[55875,55888],"conference_id":133,"event_ids":[56460,56473],"name":"Jerome Wynne","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56229},{"content_ids":[55875,55888],"conference_id":133,"event_ids":[56460,56473],"name":"Kent Wilson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56230},{"content_ids":[55875,55888],"conference_id":133,"event_ids":[56460,56473],"name":"Nicole DeCario","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56231},{"content_ids":[55875,55888],"conference_id":133,"event_ids":[56460,56473],"name":"Sean McGregor","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56232},{"content_ids":[55875,55876,55888],"conference_id":133,"event_ids":[56460,56473,56461],"name":"Sven Cattell","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"AI Village","title":"Founder"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@comathematician)","sort_order":0,"url":"https://x.com/comathematician"}],"media":[],"id":56233,"title":"Founder at AI Village"},{"content_ids":[55875,55888],"conference_id":133,"event_ids":[56460,56473],"name":"Will Pearce","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56234}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T19:00:41Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56473,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56233},{"tag_id":46167,"sort_order":4,"person_id":56234},{"tag_id":46167,"sort_order":6,"person_id":56229},{"tag_id":46167,"sort_order":8,"person_id":56232},{"tag_id":46167,"sort_order":10,"person_id":56231},{"tag_id":46167,"sort_order":12,"person_id":56230}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-08-02T19:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Policy and the Quantum: Where do we start?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":56446,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is a placeholder for BTV’s closing ceremonies!\n\n\nThis is a placeholder for BTV’s closing ceremonies!\r\nThis is a placeholder for BTV’s closing ceremonies!\r\nThis is a placeholder for BTV’s closing ceremonies!\r\nThis is a placeholder for BTV’s closing ceremonies!\r\nThis is a placeholder for BTV’s closing ceremonies!\r\nThis is a placeholder for BTV’s closing ceremonies!","media":[],"title":"Blue Team Village Closing Ceremonies","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T19:30:00Z","end_timestamp":{"seconds":1723404600,"nanoseconds":0},"android_description":"This is a placeholder for BTV’s closing ceremonies!\n\n\nThis is a placeholder for BTV’s closing ceremonies!\r\nThis is a placeholder for BTV’s closing ceremonies!\r\nThis is a placeholder for BTV’s closing ceremonies!\r\nThis is a placeholder for BTV’s closing ceremonies!\r\nThis is a placeholder for BTV’s closing ceremonies!\r\nThis is a placeholder for BTV’s closing ceremonies!","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-11T19:30:00.000-0000","id":56276,"tag_ids":[46373,46641],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for our annual group photo and voting session for the \"People's Choice Award\". Even though we don't have a contest, as a community we can still choose a favorite hat. We have to take the picture at 12:05 sharp so be there!\n\n\n","media":[],"title":"Hard Hat Brigade - Group Photo and People's Choice Award","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Join us for our annual group photo and voting session for the \"People's Choice Award\". Even though we don't have a contest, as a community we can still choose a favorite hat. We have to take the picture at 12:05 sharp so be there!","updated_timestamp":{"seconds":1721968589,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-26T04:36:29Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55792,"tag_ids":[46403,46641],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-02","hotel":"","short_name":"HW2-08-02","id":46261},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-07-26T04:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Building a foundation with the 5 critical controls","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722395816,"nanoseconds":0},"speakers":[{"content_ids":[55359],"conference_id":133,"event_ids":[55751],"name":"Dillon Lee","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55953}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T03:16:56Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55751,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55953}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-07-31T03:16:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Safety has been at the forefront of Civil Aviation since the formalization of DO-178, Software Considerations in Airborne Systems and Equipment Certification, in 1981. However, times have changed since then and we live in a world with seemingly limitless connectivity. DO-356A, Airworthiness Security Methods and Considerations, forms the cybersecurity bedrock in which aviation systems are designed and implemented. In this talk, participants will learn about how Safety and Security is applied to system design and how they interact with one another. Design Assurance Levels (DAL) and Security Assurance Levels (SAL) concepts are presented and explained what their purpose is. This talk is designed to appeal to the general cybersecurity community by introducing fundamentals of Safety analyses and discussing how Safety and Security interact with one another.\n\nThis talk will first touch upon fundamental documents that form the Certification basis for System Development (ARP4754B), System Safety (ARP4761A), and Security Considerations (DO-356A). From there, it walk through pieces that form a safety analysis and Design Assurance Level (DAL), walk through a system architecture under consideration, and learn about how Safety and requirements in a system can be used to inform the Threat Model for the system. From there, we end with a discussion on how Security Mitigations are assigned Security Assurance Level (SAL) and what this means for developers.\n\n\n\n","media":[],"title":"The Interplay between Safety and Security in Aviation Systems","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:30:00Z","end_timestamp":{"seconds":1723404600,"nanoseconds":0},"android_description":"Safety has been at the forefront of Civil Aviation since the formalization of DO-178, Software Considerations in Airborne Systems and Equipment Certification, in 1981. However, times have changed since then and we live in a world with seemingly limitless connectivity. DO-356A, Airworthiness Security Methods and Considerations, forms the cybersecurity bedrock in which aviation systems are designed and implemented. In this talk, participants will learn about how Safety and Security is applied to system design and how they interact with one another. Design Assurance Levels (DAL) and Security Assurance Levels (SAL) concepts are presented and explained what their purpose is. This talk is designed to appeal to the general cybersecurity community by introducing fundamentals of Safety analyses and discussing how Safety and Security interact with one another.\n\nThis talk will first touch upon fundamental documents that form the Certification basis for System Development (ARP4754B), System Safety (ARP4761A), and Security Considerations (DO-356A). From there, it walk through pieces that form a safety analysis and Design Assurance Level (DAL), walk through a system architecture under consideration, and learn about how Safety and requirements in a system can be used to inform the Threat Model for the system. From there, we end with a discussion on how Security Mitigations are assigned Security Assurance Level (SAL) and what this means for developers.","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54653],"conference_id":133,"event_ids":[55026],"name":"Lillian Ash Baker","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"The Boeing Company/Wisk Aero","title":"Product Security Engineer"}],"links":[],"pronouns":null,"media":[],"id":54360,"title":"Product Security Engineer at The Boeing Company/Wisk Aero"}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T19:30:00.000-0000","id":55026,"tag_ids":[46366,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54360}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Yes, anyone can hack IoT devices and I’ll show you how! It doesn’t matter if you’re an experienced pen tester in other fields, completely new to cybersecurity or just IoT curious, by the end of this talk you’ll have the knowledge to hack your first device. You might be thinking - but I thought IoT was complicated, required knowledge of hardware, and expensive tools. In this talk, I’m here to dispel those myths by directly showing you the methodology, tools and tactics you can use to go and hack an IoT device today (or maybe when you get home). I’ll cover what IoT devices are best for beginners, what tools you need (and don’t need), how to build a small toolkit for <$100, common tactics to get a foothold into IoT devices and how to find your first vulnerability or bug.\n\n\n","media":[],"title":"Anyone can hack IoT - a beginner’s guide to hacking your first IoT device","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Yes, anyone can hack IoT devices and I’ll show you how! It doesn’t matter if you’re an experienced pen tester in other fields, completely new to cybersecurity or just IoT curious, by the end of this talk you’ll have the knowledge to hack your first device. You might be thinking - but I thought IoT was complicated, required knowledge of hardware, and expensive tools. In this talk, I’m here to dispel those myths by directly showing you the methodology, tools and tactics you can use to go and hack an IoT device today (or maybe when you get home). I’ll cover what IoT devices are best for beginners, what tools you need (and don’t need), how to build a small toolkit for <$100, common tactics to get a foothold into IoT devices and how to find your first vulnerability or bug.","updated_timestamp":{"seconds":1720397153,"nanoseconds":0},"speakers":[{"content_ids":[54651],"conference_id":133,"event_ids":[55024],"name":"Andrew \"DigitalAndrew\" Bellini","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"TCM","title":"Instructor"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@d1gitalandrew)","sort_order":0,"url":"https://twitter.com/d1gitalandrew"}],"media":[],"id":54243,"title":"Instructor at TCM"}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T00:05:53Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55024,"tag_ids":[46169,46383,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54243}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-07-08T00:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The future of healthcare is precise, personalized, and involves point of care with a wide variety of applications. Each application has its own unique set of challenges that change based on risk and the stakeholders’ perspective. Foreseeing these challenges, in 2021 FDA issued the discussion paper 3D Printing Medical Devices at the Point of Care to expound upon pertinent challenges and request stakeholder feedback. Within this paper, the concept of the 3D Printing medical device production system (MDPS) as a medical device was presented. In this session, we will investigate the concept of the MDPS from the perspective of different stakeholders, the necessity of AI to make this in-hospital MDPS POC solution a reality, and the unique relationship the MDM and HDO must have to support the MDPS. \n\n\n","media":[],"title":"3DU: Homo (e)x Machina","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:30:00Z","end_timestamp":{"seconds":1723404600,"nanoseconds":0},"android_description":"The future of healthcare is precise, personalized, and involves point of care with a wide variety of applications. Each application has its own unique set of challenges that change based on risk and the stakeholders’ perspective. Foreseeing these challenges, in 2021 FDA issued the discussion paper 3D Printing Medical Devices at the Point of Care to expound upon pertinent challenges and request stakeholder feedback. Within this paper, the concept of the 3D Printing medical device production system (MDPS) as a medical device was presented. In this session, we will investigate the concept of the MDPS from the perspective of different stakeholders, the necessity of AI to make this in-hospital MDPS POC solution a reality, and the unique relationship the MDM and HDO must have to support the MDPS.","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54650],"conference_id":133,"event_ids":[55023],"name":"Lacey Harbour","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/lacey-harbour-smith-ms-rac-mb-ascp-34338b39"}],"media":[],"id":54245}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T19:30:00.000-0000","id":55023,"tag_ids":[46371,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54245}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Game Of Active Directory (GOAD) is a prebuilt vulnerable Active Directory (AD) environment primarily created for pentesters. Touting over 30 methods of attack, GOAD offers multiple paths to full AD takeover. But is that really how you win the game? Regardless of color, as security professions our goal should be to better secure environments. This talk walks through AD attack strategies, exploiting misconfigurations that ultimately pwn AD. Mitigations for these attacks are discussed and implemented, showcasing how they stop common attacks. Implementing these protections in your environment is truly how you win the Game Of Active Directory.\n\n\n","media":[],"title":"Winning the Game of Active Directory","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The Game Of Active Directory (GOAD) is a prebuilt vulnerable Active Directory (AD) environment primarily created for pentesters. Touting over 30 methods of attack, GOAD offers multiple paths to full AD takeover. But is that really how you win the game? Regardless of color, as security professions our goal should be to better secure environments. This talk walks through AD attack strategies, exploiting misconfigurations that ultimately pwn AD. Mitigations for these attacks are discussed and implemented, showcasing how they stop common attacks. Implementing these protections in your environment is truly how you win the Game Of Active Directory.","updated_timestamp":{"seconds":1720331869,"nanoseconds":0},"speakers":[{"content_ids":[54558,55492],"conference_id":133,"event_ids":[55921,54933],"name":"Brandon Colley","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Trimarc","title":"Senior Security Consultant"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@techBrandon)","sort_order":0,"url":"https://twitter.com/techBrandon"}],"media":[],"id":54256,"title":"Senior Security Consultant at Trimarc"}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T05:57:49Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":54933,"tag_ids":[46169,46385,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54256}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cari Farver did not disappear off the face of the Earth. She was murdered in cold blood, and her killer went on to impersonate her online, for over three years. The suspect hid their tracks with VPNs, proxies, and anonymizing apps. This talk will go behind the scenes of Netflix's \"Lover, Stalker, Killer\" to detail the open source software and bespoke methods used to prove a no-body homicide case based almost entirely on digital evidence.\r\n\r\nDateline NBC, S26E1 \"Scorned\" (2017)\r\nRule, Leslie. \"A Tangled Web: A Cyberstalker, a Deadly Obsession, and the Twisting Path to Justice\". Citadel Press, 2020.\r\nNetflix, \"Lover, Stalker, Killer\" (2024)\n\n\n","media":[],"title":"Solving the \"Lover, Stalker, Killer\" Murder with strings, grep, and Perl","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T19:20:00Z","end_timestamp":{"seconds":1723404000,"nanoseconds":0},"android_description":"Cari Farver did not disappear off the face of the Earth. She was murdered in cold blood, and her killer went on to impersonate her online, for over three years. The suspect hid their tracks with VPNs, proxies, and anonymizing apps. This talk will go behind the scenes of Netflix's \"Lover, Stalker, Killer\" to detail the open source software and bespoke methods used to prove a no-body homicide case based almost entirely on digital evidence.\r\n\r\nDateline NBC, S26E1 \"Scorned\" (2017)\r\nRule, Leslie. \"A Tangled Web: A Cyberstalker, a Deadly Obsession, and the Twisting Path to Justice\". Citadel Press, 2020.\r\nNetflix, \"Lover, Stalker, Killer\" (2024)","updated_timestamp":{"seconds":1720379966,"nanoseconds":0},"speakers":[{"content_ids":[54532],"conference_id":133,"event_ids":[54905],"name":"Anthony Kava","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/anthonykava"},{"description":"","title":"Website","sort_order":0,"url":"https://forensic.coffee"}],"media":[],"id":54159}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T19:19:26Z","links":[],"end":"2024-08-11T19:20:00.000-0000","id":54905,"tag_ids":[46166,46169,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54159}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-07-07T19:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This article reassesses complex cyberattack tactics, focusing specifically on existing security measures and emerging weaknesses. We begin our investigation by examining initial methods of deployment in contemporary attacks, including those that focus on simulated read-only filesystems and NTFS vulnerabilities. Since the improvements made to the Windows security architecture in 2011, which include the enforcement of Driver Signature Enforcement (DSE) and Hypervisor-protected Code Integrity (HVCI), the nature of cyber threats has changed, requiring new ways to carry out attacks.\r\n\r\nOur research presents a new method that takes advantage of previously uncovered weaknesses in emulated filesystems, allowing attackers to covertly install and maintain harmful programs. In addition, we uncover new NTFS vulnerabilities that enable attackers to conceal their presence and sustain persistence within victim systems. The study also investigates alternate methods for delivering and executing malware in usermode. In addition, we discuss several Indicators of Compromise (IOCs) to identify and detect these tactics.\r\n\r\n1. [link](https://www.rapid7.com/blog/post/2021/12/13/driver-based-attacks-past-and-present/)\r\n2. [link](https://msrc-blog.microsoft.com/2021/06/25/investigating-and-mitigating-malicious-drivers/)\r\n3. [link](https://www.welivesecurity.com/2022/01/11/signed-kernel-drivers-unguarded-gateway-windows-core/)\r\n4. [link](https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20presentations/Jacob%20Baines%20-%20Bring%20Your%20Own%20Print%20Driver%20Vulnerability.pdf)\r\n5. [link](https://github.com/eset/vulnerability-disclosures)\r\n6. [link](https://www.bleepingcomputer.com/news/security/github-comments-abused-to-push-malware-via-microsoft-repo-urls/)\r\n\n\n\n","media":[],"title":"DriverJack: Turning NTFS and Emulated Read-only Filesystems in an Infection and Persistence Vector","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T19:45:00Z","end_timestamp":{"seconds":1723405500,"nanoseconds":0},"android_description":"This article reassesses complex cyberattack tactics, focusing specifically on existing security measures and emerging weaknesses. We begin our investigation by examining initial methods of deployment in contemporary attacks, including those that focus on simulated read-only filesystems and NTFS vulnerabilities. Since the improvements made to the Windows security architecture in 2011, which include the enforcement of Driver Signature Enforcement (DSE) and Hypervisor-protected Code Integrity (HVCI), the nature of cyber threats has changed, requiring new ways to carry out attacks.\r\n\r\nOur research presents a new method that takes advantage of previously uncovered weaknesses in emulated filesystems, allowing attackers to covertly install and maintain harmful programs. In addition, we uncover new NTFS vulnerabilities that enable attackers to conceal their presence and sustain persistence within victim systems. The study also investigates alternate methods for delivering and executing malware in usermode. In addition, we discuss several Indicators of Compromise (IOCs) to identify and detect these tactics.\r\n\r\n1. [link](https://www.rapid7.com/blog/post/2021/12/13/driver-based-attacks-past-and-present/)\r\n2. [link](https://msrc-blog.microsoft.com/2021/06/25/investigating-and-mitigating-malicious-drivers/)\r\n3. [link](https://www.welivesecurity.com/2022/01/11/signed-kernel-drivers-unguarded-gateway-windows-core/)\r\n4. [link](https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20presentations/Jacob%20Baines%20-%20Bring%20Your%20Own%20Print%20Driver%20Vulnerability.pdf)\r\n5. [link](https://github.com/eset/vulnerability-disclosures)\r\n6. [link](https://www.bleepingcomputer.com/news/security/github-comments-abused-to-push-malware-via-microsoft-repo-urls/)","updated_timestamp":{"seconds":1722977019,"nanoseconds":0},"speakers":[{"content_ids":[54529],"conference_id":133,"event_ids":[54902],"name":"Alessandro Magnosi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Synack RT and Cobalt","title":"Independent Researcher"},{"organization":"BSI","title":"Managing Consultant and R&D Lead"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@klezVirus)","sort_order":0,"url":"https://twitter.com/klezVirus"},{"description":"","title":"klezvirus.github.io","sort_order":0,"url":"https://klezvirus.github.io"}],"media":[],"id":54193,"title":"Managing Consultant and R&D Lead at BSI"}],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-06T20:43:39Z","links":[],"end":"2024-08-11T19:45:00.000-0000","id":54902,"tag_ids":[46166,46419,46437,46438,46880],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54193}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-08-06T20:43:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00\n\n\n","media":[],"title":"Friends of Bill W","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00","updated_timestamp":{"seconds":1718771079,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T19:00:00Z","timeband_id":1149,"updated_tsz":"2024-06-19T04:24:39Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249486"}],"end":"2024-08-11T20:00:00.000-0000","id":54487,"tag_ids":[46364,46401],"village_id":null,"begin_timestamp":{"seconds":1723402800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W301","hotel":"","short_name":"W301","id":46295},"spans_timebands":"N","begin":"2024-08-11T19:00:00.000-0000","updated":"2024-06-19T04:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A lot of quantum algorithms offer a theoretical advantage over their classical counterparts. However, it is important to understand whether this advantage will be present once we run these algorithms to solve real-world problems on future scalable quantum computers. This talk discusses the factors that have to be taken into account when considering the performance of quantum algorithms in realistic conditions.\n\n\n","media":[],"title":"Understanding performance of quantum algorithms","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:15:00Z","end_timestamp":{"seconds":1723403700,"nanoseconds":0},"android_description":"A lot of quantum algorithms offer a theoretical advantage over their classical counterparts. However, it is important to understand whether this advantage will be present once we run these algorithms to solve real-world problems on future scalable quantum computers. This talk discusses the factors that have to be taken into account when considering the performance of quantum algorithms in realistic conditions.","updated_timestamp":{"seconds":1723400219,"nanoseconds":0},"speakers":[{"content_ids":[55841,56226],"conference_id":133,"event_ids":[56884,56428],"name":"Mariia Mykhailova","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56218}],"begin_tsz":"2024-08-11T18:45:00Z","timeband_id":1149,"updated_tsz":"2024-08-11T18:16:59Z","links":[],"end":"2024-08-11T19:15:00.000-0000","id":56884,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723401900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56218}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-11T18:45:00.000-0000","updated":"2024-08-11T18:16:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Are you really sure that the code executed inside your pipelines is secure? Join us as we explore how command injection in a single CI/CD pipeline component can create a major vulnerability in Google's flagship project, Bazel. \r\n\r\nOur research reveals a command injection vulnerability within Bazel GitHub Action, showcasing the potential compromise of the entire open-source project. Through live demonstrations, we illustrate how threat actors can exploit seemingly secure pipelines and tamper widely used repositories with malicious code.\r\n\r\nBy attending, you'll gain actionable insights into securing your CI/CD pipelines and learn practical strategies to protect your projects from similar vulnerabilities.\n\n\n","media":[],"title":"Your CI/CD Pipeline Is Vulnerable, But It's Not Your Fault","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:15:00Z","end_timestamp":{"seconds":1723403700,"nanoseconds":0},"android_description":"Are you really sure that the code executed inside your pipelines is secure? Join us as we explore how command injection in a single CI/CD pipeline component can create a major vulnerability in Google's flagship project, Bazel. \r\n\r\nOur research reveals a command injection vulnerability within Bazel GitHub Action, showcasing the potential compromise of the entire open-source project. Through live demonstrations, we illustrate how threat actors can exploit seemingly secure pipelines and tamper widely used repositories with malicious code.\r\n\r\nBy attending, you'll gain actionable insights into securing your CI/CD pipelines and learn practical strategies to protect your projects from similar vulnerabilities.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55724,55742],"conference_id":133,"event_ids":[56242,56255],"name":"Oreen Livni","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56075},{"content_ids":[55724,55742],"conference_id":133,"event_ids":[56242,56255],"name":"Elad Pticha","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56111}],"begin_tsz":"2024-08-11T18:45:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-11T19:15:00.000-0000","id":56255,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723401900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56111},{"tag_id":46167,"sort_order":1,"person_id":56075}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-11T18:45:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the rapidly evolving domain of cloud security, the ability to dynamically interact with cloud services is crucial for security teams. Understanding cloud APIs is key to effectively managing everything from administrative tasks to security operations. Security researchers often face the challenge of selecting from numerous API definitions. What if there was a system capable of autonomously selecting the right APIs and intelligently chaining them to achieve specific goals?\n\nIn this presentation, I will share insights from my research on LLM-based AI agents. These agents utilize LLMs as reasoning engines, enabling them to handle complex tasks in natural language and autonomously determine their next actions based on user input and previous interactions. I will explain how we can transform Microsoft Graph API definitions into schemas that align with LLM function-calling capabilities. This transformation allows an LLM to select the appropriate tools and supply the correct arguments for an AI agent to execute. By integrating generative AI with cybersecurity, we can automate tasks and discover new ways to chain APIs for various operations, significantly enhancing the capabilities of security researchers to innovate in security operations and automation.\n\n\n","media":[],"title":"The Rise of the Planet of the Agents: LLM-based AI Agents and Cloud Security APIs","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:20:00Z","end_timestamp":{"seconds":1723404000,"nanoseconds":0},"android_description":"In the rapidly evolving domain of cloud security, the ability to dynamically interact with cloud services is crucial for security teams. Understanding cloud APIs is key to effectively managing everything from administrative tasks to security operations. Security researchers often face the challenge of selecting from numerous API definitions. What if there was a system capable of autonomously selecting the right APIs and intelligently chaining them to achieve specific goals?\n\nIn this presentation, I will share insights from my research on LLM-based AI agents. These agents utilize LLMs as reasoning engines, enabling them to handle complex tasks in natural language and autonomously determine their next actions based on user input and previous interactions. I will explain how we can transform Microsoft Graph API definitions into schemas that align with LLM function-calling capabilities. This transformation allows an LLM to select the appropriate tools and supply the correct arguments for an AI agent to execute. By integrating generative AI with cybersecurity, we can automate tasks and discover new ways to chain APIs for various operations, significantly enhancing the capabilities of security researchers to innovate in security operations and automation.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55500],"conference_id":133,"event_ids":[55929],"name":"Roberto Rodriguez","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Cyb3rWard0g","sort_order":0,"url":"https://Cyb3rWard0g"}],"media":[],"id":56014}],"begin_tsz":"2024-08-11T18:45:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-11T19:20:00.000-0000","id":55929,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723401900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56014}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-11T18:45:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Are you getting stuck on solving ciphers in challenges? Not sure who or what Caesar is? What is \"polyalphabetic\" or \"transposition\"? Is this even relevant to modern day cryptography? Come on over for the Intro to Ciphers talk! Talk time: 5-15 minutes\n\n\n","media":[],"title":"CPV: Intro to Cyphers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:45:00Z","end_timestamp":{"seconds":1723401900,"nanoseconds":0},"android_description":"Are you getting stuck on solving ciphers in challenges? Not sure who or what Caesar is? What is \"polyalphabetic\" or \"transposition\"? Is this even relevant to modern day cryptography? Come on over for the Intro to Ciphers talk! Talk time: 5-15 minutes","updated_timestamp":{"seconds":1722725880,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T18:30:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T22:58:00Z","links":[],"end":"2024-08-11T18:45:00.000-0000","id":56882,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723401000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-11T18:30:00.000-0000","updated":"2024-08-03T22:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Fireside Chat on the importance of open-sourcing solutions and how AIxCC's approach can have a far-reaching, positive impact\nDavid A. Wheeler, Director of Open Source Supply Chain Security, Open Source Security Foundation (OpenSSF)\nJeff Diecks, Technical Project Manager - AIxCC, Open Source Security Foundation (Open SSF)\nChris Aniszczyk, CTO, Cloud Native Computing Foundation (CNCF)\n\n\n","media":[],"title":"From research to release: Transferring AIxCC results to open source software","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:15:00Z","end_timestamp":{"seconds":1723403700,"nanoseconds":0},"android_description":"Fireside Chat on the importance of open-sourcing solutions and how AIxCC's approach can have a far-reaching, positive impact\nDavid A. Wheeler, Director of Open Source Supply Chain Security, Open Source Security Foundation (OpenSSF)\nJeff Diecks, Technical Project Manager - AIxCC, Open Source Security Foundation (Open SSF)\nChris Aniszczyk, CTO, Cloud Native Computing Foundation (CNCF)","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[56141],"conference_id":133,"event_ids":[56784],"name":"Jeff Diecks","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/jeff-diecks/"},{"description":"","title":"Open Source Atlanta","sort_order":0,"url":"https://opensourceatlanta.com"}],"media":[],"id":56528},{"content_ids":[56141],"conference_id":133,"event_ids":[56784],"name":"Chris Aniszczyk","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cloud Native Computing Foundation (CNCF)","title":""}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/caniszczyk/"},{"description":"","title":"Mastodon (@cra@macaw.social)","sort_order":0,"url":"@cra@macaw.social"},{"description":"","title":"Twitter (@cra)","sort_order":0,"url":"https://x.com/cra"},{"description":"","title":"Website","sort_order":0,"url":"https://aniszczyk.org"}],"media":[],"id":56529,"title":"Cloud Native Computing Foundation (CNCF)"},{"content_ids":[56141],"conference_id":133,"event_ids":[56784],"name":"Dr. David A. Wheeler","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Open Source Security Foundation (OpenSSF)","title":"Director of Open Source Supply Chain Security"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/david-a-wheeler-27798688/"},{"description":"","title":"Mastodon (@davidawheeler@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@davidawheeler"},{"description":"","title":"Twitter (@drdavidawheeler)","sort_order":0,"url":"https://twitter.com/drdavidawheeler"},{"description":"","title":"Website","sort_order":0,"url":"https://dwheeler.com/dwheeler.html"}],"media":[],"id":56532,"title":"Director of Open Source Supply Chain Security at Open Source Security Foundation (OpenSSF)"}],"begin_tsz":"2024-08-11T18:30:00Z","timeband_id":1149,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-11T19:15:00.000-0000","id":56784,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723401000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56532},{"tag_id":46167,"sort_order":4,"person_id":56528},{"tag_id":46167,"sort_order":6,"person_id":56529}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-11T18:30:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Biometrics applied to PACS (Physical Access Control Systems) has been an hot-topic for a few years now. The spread of fingerprint or face recognition based access control and time attendance systems among corporate, industrial and military environments has surged. And with it, also the number of potential attack vectors has increased. In this talk, after a brief overview of the state of art of available PACS utilizing biometrics to authenticate and authorize users, we will investigate one technology among others (usually perceived less-invasive) that has been widely used in some specific fields (e.g. industrial plants, airports, food industry, etc.): the handpunch access control and time attendance systems. The handpunch PACS are based on the hand-geometry recognition. In this presentation we will have a look how this tech works and, in particular, we will focus our attention on reviewing some of existing handpunch devices: from a physical security POV until reversing the communication protocol. Moreover, during the presentation will be demonstrated how to remotely push a new super-admin user into it (i.e. persistent backdoor), how to dump existing users credentials and will be also released an opensource tool-suite: HandScan & HandPwner. Eventually, thanks the cooperation with Shodan’s creator, it has been confirmed that more than 1800 of these vulnerable devices were found exposed on the Internet. Finally, we will conclude the talk with practical and actionable countermeasures to prevent these attacks and how to harden these devices.\n\n\n","media":[],"title":"HandPwning: “Your Hand is your Passport. Verify me. Now let me in!”","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Biometrics applied to PACS (Physical Access Control Systems) has been an hot-topic for a few years now. The spread of fingerprint or face recognition based access control and time attendance systems among corporate, industrial and military environments has surged. And with it, also the number of potential attack vectors has increased. In this talk, after a brief overview of the state of art of available PACS utilizing biometrics to authenticate and authorize users, we will investigate one technology among others (usually perceived less-invasive) that has been widely used in some specific fields (e.g. industrial plants, airports, food industry, etc.): the handpunch access control and time attendance systems. The handpunch PACS are based on the hand-geometry recognition. In this presentation we will have a look how this tech works and, in particular, we will focus our attention on reviewing some of existing handpunch devices: from a physical security POV until reversing the communication protocol. Moreover, during the presentation will be demonstrated how to remotely push a new super-admin user into it (i.e. persistent backdoor), how to dump existing users credentials and will be also released an opensource tool-suite: HandScan & HandPwner. Eventually, thanks the cooperation with Shodan’s creator, it has been confirmed that more than 1800 of these vulnerable devices were found exposed on the Internet. Finally, we will conclude the talk with practical and actionable countermeasures to prevent these attacks and how to harden these devices.","updated_timestamp":{"seconds":1722564617,"nanoseconds":0},"speakers":[{"content_ids":[55343,55800],"conference_id":133,"event_ids":[55735,56349,56352],"name":"Luca \"CYBERANTANI\" Bongiorni","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"We Hack In Disguise (WHID)","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":55951,"title":"Founder at We Hack In Disguise (WHID)"}],"begin_tsz":"2024-08-11T18:30:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T02:10:17Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":56352,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723401000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55951}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-11T18:30:00.000-0000","updated":"2024-08-02T02:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ready to graduate from basic packet? This presentation dives headfirst into the advanced world of packet radio networking. We'll explore routing protocols like NETROM and ROSE, conquer the intricacies of setting up your own packet radio node, and delve into the world of HF packet communication.\n\n\n","media":[],"title":"Advanced Packet Radio Operation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Ready to graduate from basic packet? This presentation dives headfirst into the advanced world of packet radio networking. We'll explore routing protocols like NETROM and ROSE, conquer the intricacies of setting up your own packet radio node, and delve into the world of HF packet communication.","updated_timestamp":{"seconds":1722185820,"nanoseconds":0},"speakers":[{"content_ids":[55441,55442],"conference_id":133,"event_ids":[55866,55867],"name":"Jeremy","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55978}],"begin_tsz":"2024-08-11T18:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T16:57:00Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":55867,"tag_ids":[46169,46380,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723401000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":55978}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W321","hotel":"","short_name":"W321","id":46337},"spans_timebands":"N","begin":"2024-08-11T18:30:00.000-0000","updated":"2024-07-28T16:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come make a call in front of our soundproof booth. We provide everything, the target company, their phone number, and three objectives to gather (easy, medium, and hard). First come, first serve. \n\n\n","media":[],"title":"Cold Calls","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"Come make a call in front of our soundproof booth. We provide everything, the target company, their phone number, and three objectives to gather (easy, medium, and hard). First come, first serve.","updated_timestamp":{"seconds":1722103160,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T18:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-27T17:59:20Z","links":[{"label":"More Info","type":"link","url":"https://www.se.community/cold-calls/"}],"end":"2024-08-11T21:00:00.000-0000","id":55840,"tag_ids":[46393,46641],"village_id":null,"begin_timestamp":{"seconds":1723401000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-11T18:30:00.000-0000","updated":"2024-07-27T17:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"So your organization decided to follow the trend and switched to Kubernetes for hosting their applications. And this means that the mission for the SOC, has now changed from monitoring servers and networks, to building detective capability for a container orchestration platform. Where do you even start with for Kubernetes TTPs? What attack signatures should you alert upon, and what logs are there to look for in first place? \r\n\r\nA similar challenge arises for the offensive security practitioner: What strategies exist for performing continuous Kubernetes threat emulation? Infrastructure technologies have changed rapidly, and adversaries have adapted. Despite the novelty of attack surface, insider threats still remain relevant, and prevention alone is not enough to manage the risk posed to the modern enterprise. \r\n\r\nThis talk will explain the benefits of investing in a proactive approach to the security of your Kubernetes clusters through collaborative purple teams, and will provide a comprehensive guide for doing so – as informed by our latest research and experience in running attack simulations against large enterprises. Attendees will get up to speed with Kubernetes security monitoring concepts and will take away key advice for planning and executing successful attack detection exercises against containerized environments.\r\n\n\n\n","media":[],"title":"Kubernetes Attack Simulation: The Definitive Guide","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"So your organization decided to follow the trend and switched to Kubernetes for hosting their applications. And this means that the mission for the SOC, has now changed from monitoring servers and networks, to building detective capability for a container orchestration platform. Where do you even start with for Kubernetes TTPs? What attack signatures should you alert upon, and what logs are there to look for in first place? \r\n\r\nA similar challenge arises for the offensive security practitioner: What strategies exist for performing continuous Kubernetes threat emulation? Infrastructure technologies have changed rapidly, and adversaries have adapted. Despite the novelty of attack surface, insider threats still remain relevant, and prevention alone is not enough to manage the risk posed to the modern enterprise. \r\n\r\nThis talk will explain the benefits of investing in a proactive approach to the security of your Kubernetes clusters through collaborative purple teams, and will provide a comprehensive guide for doing so – as informed by our latest research and experience in running attack simulations against large enterprises. Attendees will get up to speed with Kubernetes security monitoring concepts and will take away key advice for planning and executing successful attack detection exercises against containerized environments.","updated_timestamp":{"seconds":1720397242,"nanoseconds":0},"speakers":[{"content_ids":[54649],"conference_id":133,"event_ids":[55022],"name":"Leo Tsaousis","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"WithSecure","title":"Senior Security Consultant"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/leonidastsaousis"},{"description":"","title":"Twitter (@LAripping)","sort_order":0,"url":"https://twitter.com/LAripping"}],"media":[],"id":54361,"title":"Senior Security Consultant at WithSecure"}],"begin_tsz":"2024-08-11T18:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T00:07:22Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":55022,"tag_ids":[46169,46367,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723401000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54361}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-11T18:30:00.000-0000","updated":"2024-07-08T00:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cybersecurity red teams have myriad ways of practicing their skills - from CTFs to certifications - but how do you train for physical red teaming? This talk will focus on leveling up your body - add new abilities to climb, sneak, jump, and become an unstoppable ninja while performing physical penetration tests. We’ll talk about which abilities you need, and how we train ourselves (and our staff) for performing at our peak for physical engagements. This will be complemented by plenty of war stories and lessons learned in the field for what abilities are most worth leveling up in, and comparisons between red teaming before and after our weight loss. We’ll then discuss different exercises and habits that the audience can start doing as soon as in your hotel room to improve your lives and your ability to break into buildings! \n\n\n","media":[],"title":"Fitness of Physical Red Teamers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Cybersecurity red teams have myriad ways of practicing their skills - from CTFs to certifications - but how do you train for physical red teaming? This talk will focus on leveling up your body - add new abilities to climb, sneak, jump, and become an unstoppable ninja while performing physical penetration tests. We’ll talk about which abilities you need, and how we train ourselves (and our staff) for performing at our peak for physical engagements. This will be complemented by plenty of war stories and lessons learned in the field for what abilities are most worth leveling up in, and comparisons between red teaming before and after our weight loss. We’ll then discuss different exercises and habits that the audience can start doing as soon as in your hotel room to improve your lives and your ability to break into buildings!","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54648],"conference_id":133,"event_ids":[55021],"name":"Lucas Rooyakkers","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GGR Security","title":"Red Teamer"}],"links":[],"pronouns":null,"media":[],"id":54309,"title":"Red Teamer at GGR Security"},{"content_ids":[54568,54648],"conference_id":133,"event_ids":[54943,55021],"name":"Billy Graydon","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GGR Security","title":"Principal"}],"links":[],"pronouns":null,"media":[],"id":54354,"title":"Principal at GGR Security"}],"begin_tsz":"2024-08-11T18:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":55021,"tag_ids":[46387,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723401000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54354},{"tag_id":46167,"sort_order":1,"person_id":54309}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-11T18:30:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Wardriving is cool, and airplanes are cool. What happens if we combine the two? Is it safe? Is it legal? How much WiFi is it possible to see from an airplane? How far does WiFi leak into the atmosphere? How far away can we see an access point? Can we catch a specific network at 1500 feet above the ground? How about 2500? We loaded up a small plane and flew around in circles to find out. This talk will share both our preparation and our results, including figuring out the best places to warfly, what equipment to use, and how to do it safely. We will present the flights we made, the data we gathered, how we analyzed it, and what we discovered. (Spoiler alert: flying a Cessna is a really, really non-stealthy way to collect information about wireless access points.)\n\n\n","media":[],"title":"Warflying in a Cessna","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Wardriving is cool, and airplanes are cool. What happens if we combine the two? Is it safe? Is it legal? How much WiFi is it possible to see from an airplane? How far does WiFi leak into the atmosphere? How far away can we see an access point? Can we catch a specific network at 1500 feet above the ground? How about 2500? We loaded up a small plane and flew around in circles to find out. This talk will share both our preparation and our results, including figuring out the best places to warfly, what equipment to use, and how to do it safely. We will present the flights we made, the data we gathered, how we analyzed it, and what we discovered. (Spoiler alert: flying a Cessna is a really, really non-stealthy way to collect information about wireless access points.)","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54647],"conference_id":133,"event_ids":[55020],"name":"Sean McKeever","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GRIMM","title":"Senior Security Researcher"}],"links":[],"pronouns":null,"media":[],"id":54295,"title":"Senior Security Researcher at GRIMM"},{"content_ids":[54647],"conference_id":133,"event_ids":[55020],"name":"Matt Thomassen","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"a financial organization","title":"Security Architect"}],"links":[],"pronouns":null,"media":[],"id":54337,"title":"Security Architect at a financial organization"}],"begin_tsz":"2024-08-11T18:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":55020,"tag_ids":[46169,46366,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723401000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54337},{"tag_id":46167,"sort_order":1,"person_id":54295}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-11T18:30:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Physical security is often overlooked in many organizational threat models. An increasing amount of physical security devices with smart components are being introduced to the market with widespread adoption. This creates an enticing attack surface for physical red teams.\r\n\r\nLockers and cabinets equipped with electronic smart locks can be found in many places such as offices, factories, hospitals, labs, and gyms. With remote and hybrid work increasing in popularity, shared use office setups becoming the default. Co-working spaces in offices are now commonplace with lockers being installed for employee device storage. People generally trust that their belongings will be secure in these lockers and entrust the locks with sensitive information, like their personal PIN.\r\n\r\nIs there a more stealthy way to get into lockers that don't involve using a crowbar?\r\n\r\nIn this talk we will analyze the vulnerabilities affecting locks manufactured by the \"global leader in keyless lock solutions,\" Digilock and Schulte-Schlagbaum AG (SAG). Both companies have been in the physical security industry for many decades. What went wrong in the development of these devices and how can these vulnerabilities be fixed? We will also discuss several other vendors operating in this space and compare findings.\r\n\r\nWe will demonstrate practical physical and side-channel attacks targeting locks that accept a standard PIN and RFID. Learn why it is poor practice to reuse the same secret PIN for lockers and safes and devices such as mobile phones and laptops (especially if they are stored inside the lockers).\n\n\n","media":[],"title":"Open sesame - or how vulnerable is your stuff in electronic lockers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T19:15:00Z","end_timestamp":{"seconds":1723403700,"nanoseconds":0},"android_description":"Physical security is often overlooked in many organizational threat models. An increasing amount of physical security devices with smart components are being introduced to the market with widespread adoption. This creates an enticing attack surface for physical red teams.\r\n\r\nLockers and cabinets equipped with electronic smart locks can be found in many places such as offices, factories, hospitals, labs, and gyms. With remote and hybrid work increasing in popularity, shared use office setups becoming the default. Co-working spaces in offices are now commonplace with lockers being installed for employee device storage. People generally trust that their belongings will be secure in these lockers and entrust the locks with sensitive information, like their personal PIN.\r\n\r\nIs there a more stealthy way to get into lockers that don't involve using a crowbar?\r\n\r\nIn this talk we will analyze the vulnerabilities affecting locks manufactured by the \"global leader in keyless lock solutions,\" Digilock and Schulte-Schlagbaum AG (SAG). Both companies have been in the physical security industry for many decades. What went wrong in the development of these devices and how can these vulnerabilities be fixed? We will also discuss several other vendors operating in this space and compare findings.\r\n\r\nWe will demonstrate practical physical and side-channel attacks targeting locks that accept a standard PIN and RFID. Learn why it is poor practice to reuse the same secret PIN for lockers and safes and devices such as mobile phones and laptops (especially if they are stored inside the lockers).","updated_timestamp":{"seconds":1722099311,"nanoseconds":0},"speakers":[{"content_ids":[54624,54441],"conference_id":133,"event_ids":[54814,54998],"name":"Braelynn","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Leviathan Security Group","title":"Security Consultant"}],"links":[],"pronouns":null,"media":[],"id":54131,"title":"Security Consultant at Leviathan Security Group"},{"content_ids":[54624,54441,54471],"conference_id":133,"event_ids":[54814,54844,54998],"name":"Dennis Giese","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Twitter (@dgi_DE)","sort_order":0,"url":"https://twitter.com/dgi_DE"},{"description":"","title":"Website","sort_order":0,"url":"https://dontvacuum.me"}],"media":[],"id":54142}],"begin_tsz":"2024-08-11T18:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-27T16:55:11Z","links":[],"end":"2024-08-11T19:15:00.000-0000","id":54814,"tag_ids":[46166,46169,46419,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723401000,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54142},{"tag_id":46167,"sort_order":4,"person_id":54131}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-11T18:30:00.000-0000","updated":"2024-07-27T16:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Azure Policy is a built-on service that helps creating security and compliance policies to enforce organizational standards in the cloud environment. It evaluates resources by comparing the properties of the resources and with the help of remediation tasks, it can fix or remediate any issues with those resources. Have you ever wondered if you could abuse or bend these policies? Can you do more than just listing the storage accounts with public access and not be in the logs? How about creating a backdoor?\n\nIn this talk I will answer these questions by talking about what Azure Policy is, how to write one, what the logs contain, what permission you need, what does resource enumeration could look like etc. At the end I will present a proof-of-concept solution to bend the Azure Policy and create a backdoor account in Azure.\n\n\n","media":[],"title":"Creating Azure Policy Compliant Backdoor","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:45:00Z","end_timestamp":{"seconds":1723401900,"nanoseconds":0},"android_description":"Azure Policy is a built-on service that helps creating security and compliance policies to enforce organizational standards in the cloud environment. It evaluates resources by comparing the properties of the resources and with the help of remediation tasks, it can fix or remediate any issues with those resources. Have you ever wondered if you could abuse or bend these policies? Can you do more than just listing the storage accounts with public access and not be in the logs? How about creating a backdoor?\n\nIn this talk I will answer these questions by talking about what Azure Policy is, how to write one, what the logs contain, what permission you need, what does resource enumeration could look like etc. At the end I will present a proof-of-concept solution to bend the Azure Policy and create a backdoor account in Azure.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55499],"conference_id":133,"event_ids":[55928],"name":"Viktor Gazdag","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"wucpi","sort_order":0,"url":"https://wucpi"}],"media":[],"id":56013}],"begin_tsz":"2024-08-11T18:10:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-11T18:45:00.000-0000","id":55928,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723399800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56013}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-11T18:10:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for a revealing exploration of open-source trust and its vulnerabilities. In this captivating activity, we will delve into the fascinating world of developer credibility and the unsettling phenomenon of faking GitHub contributions. With open source becoming an integral part of software development, we find ourselves relying on strangers to provide us with code. Trust is often based on factors like the number of stars on a package or the credibility of the package’s maintainer on GitHub. However, what if I told you that all of this could be convincingly spoofed?\n\n\n","media":[],"title":"Activity: Hacking Developers’ Trust – Faking GitHub Contribution by Checkmarx","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Join us for a revealing exploration of open-source trust and its vulnerabilities. In this captivating activity, we will delve into the fascinating world of developer credibility and the unsettling phenomenon of faking GitHub contributions. With open source becoming an integral part of software development, we find ourselves relying on strangers to provide us with code. Trust is often based on factors like the number of stars on a package or the credibility of the package’s maintainer on GitHub. However, what if I told you that all of this could be convincingly spoofed?","updated_timestamp":{"seconds":1723007375,"nanoseconds":0},"speakers":[{"content_ids":[55713,56163],"conference_id":133,"event_ids":[56807,56814,56239],"name":"Ori Ron","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56076},{"content_ids":[55713,56163],"conference_id":133,"event_ids":[56807,56814,56239],"name":"Tal Folkman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56087},{"content_ids":[56163,56167],"conference_id":133,"event_ids":[56807,56811,56814,56823],"name":"Mário Leitão-Teixeira","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56550}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-07T05:09:35Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56814,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56087},{"tag_id":46167,"sort_order":4,"person_id":56076},{"tag_id":46167,"sort_order":6,"person_id":56550}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 1","hotel":"","short_name":"ASV Pod 1","id":46466},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-08-07T05:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As a security practitioner, you may find yourself tasked with securing cloud-native applications. The problem is that there are so many moving parts, that you just wish somebody would shine a light on the alerts that count, so you could focus. You also wish somebody could automate away the trial and error involved in getting the really complex things like network policies and seccomp profiles just right.\n\n\n","media":[],"title":"Arsenal: Kubescape - OSS security from left to right and everything in the middle","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"As a security practitioner, you may find yourself tasked with securing cloud-native applications. The problem is that there are so many moving parts, that you just wish somebody would shine a light on the alerts that count, so you could focus. You also wish somebody could automate away the trial and error involved in getting the really complex things like network policies and seccomp profiles just right.","updated_timestamp":{"seconds":1722886111,"nanoseconds":0},"speakers":[{"content_ids":[56126],"conference_id":133,"event_ids":[56769],"name":"ben@armosec.io","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ARMO","title":"CTO & Co-Founder"}],"links":[],"pronouns":null,"media":[],"id":56514,"title":"CTO & Co-Founder at ARMO"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-05T19:28:31Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56769,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56514}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Arsenal 1","hotel":"","short_name":"ASV Arsenal 1","id":46469},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-08-05T19:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"En esta presentación se explorará cómo nuestra estrategia de instrumentación basada en la librería Microsoft Detours permite una inspección de los procesos de software comercial presente en diferentes sistemas, enfocándose en operaciones privilegiadas del sistema de archivos. Se detallará cómo el uso de la instrumentación facilita la búsqueda sistemática y exhaustiva de vulnerabilidades en dichos procesos, identificando y explotando fallos de seguridad críticos presentes en algunos de ellos. El proyecto demuestra la efectividad de Detours para realizar análisis de seguridad avanzados y muestra cómo las vulnerabilidades encontradas pueden ser explotadas para evaluar su impacto en escenarios reales. Esta exposición enfatiza la importancia y la efectividad de la búsqueda de vulnerabilidades para fortalecer la seguridad en sistemas de IT y OT.\n\n\n","media":[],"title":"Detección de Vulnerabilidades mediante Instrumentación y su Explotación","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"En esta presentación se explorará cómo nuestra estrategia de instrumentación basada en la librería Microsoft Detours permite una inspección de los procesos de software comercial presente en diferentes sistemas, enfocándose en operaciones privilegiadas del sistema de archivos. Se detallará cómo el uso de la instrumentación facilita la búsqueda sistemática y exhaustiva de vulnerabilidades en dichos procesos, identificando y explotando fallos de seguridad críticos presentes en algunos de ellos. El proyecto demuestra la efectividad de Detours para realizar análisis de seguridad avanzados y muestra cómo las vulnerabilidades encontradas pueden ser explotadas para evaluar su impacto en escenarios reales. Esta exposición enfatiza la importancia y la efectividad de la búsqueda de vulnerabilidades para fortalecer la seguridad en sistemas de IT y OT.","updated_timestamp":{"seconds":1722700538,"nanoseconds":0},"speakers":[{"content_ids":[55345,55977],"conference_id":133,"event_ids":[55737,56593],"name":"Asher Davila","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Palo Alto Networks","title":"IoT/OT Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/asherdavila/"},{"description":"","title":"Twitter (@asher_davila)","sort_order":0,"url":"https://twitter.com/asher_davila"},{"description":"","title":"Website","sort_order":0,"url":"https://cronop-io.github.io/"}],"media":[],"id":55948,"title":"IoT/OT Security Researcher at Palo Alto Networks"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T15:55:38Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":56593,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55948}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"For the past few months, I’ve been seeing how far I can push several commercially available GenAI systems past their ethical boundaries. … hint: it’s way too far.\r\n\r\nIn this talk, I’ll demonstrate how I was able to turn LLMs into a powerful backend for realtime, interactive voice enabled cyber scams. I’ll share my prompting strategy, social engineering tactics, the backend systems used, and show how each of these are working innocently in their own right, but enable massive possibilities for deception and harm when combined (in their current form). I’ll also cover a few key insights gained from this research, including unexpected lessons from both successful and unsuccessful attempts.\r\n\r\n**Note: this session includes demos of a violent and profane chatbot. Please do not attend if that will be offensive to you.**\n\n\n","media":[],"title":"My Conversations with a GenAI-Powered Virtual Kidnapper","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:30:00Z","end_timestamp":{"seconds":1723401000,"nanoseconds":0},"android_description":"For the past few months, I’ve been seeing how far I can push several commercially available GenAI systems past their ethical boundaries. … hint: it’s way too far.\r\n\r\nIn this talk, I’ll demonstrate how I was able to turn LLMs into a powerful backend for realtime, interactive voice enabled cyber scams. I’ll share my prompting strategy, social engineering tactics, the backend systems used, and show how each of these are working innocently in their own right, but enable massive possibilities for deception and harm when combined (in their current form). I’ll also cover a few key insights gained from this research, including unexpected lessons from both successful and unsuccessful attempts.\r\n\r\n**Note: this session includes demos of a violent and profane chatbot. Please do not attend if that will be offensive to you.**","updated_timestamp":{"seconds":1722626386,"nanoseconds":0},"speakers":[{"content_ids":[55887],"conference_id":133,"event_ids":[56472],"name":"Perry Carpenter","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"KnowBe4, Inc.","title":""}],"links":[],"pronouns":null,"media":[],"id":56259,"title":"KnowBe4, Inc."}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T19:19:46Z","links":[],"end":"2024-08-11T18:30:00.000-0000","id":56472,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56259}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-08-02T19:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Due to its wide usage, the FIDO2 protocol – also known as Passkeys – is a key example (pun intended) of a protocol that urgently needs to be migrated to post-quantum cryptographic algorithms (PQ or PQC) to be secure against the looming quantum threat. In this presentation we explain our work over the last two years towards maintaining secure passwordless authentication in the quantum era. \r\n\r\nWe discuss: is FIDO2 ‘quantum-ready’? Which of the used cryptographic algorithms need to be replaced and with what? What is the (quantum) threat model? And do we ‘just’ need quantum-secure instead of classical algorithms or should we instead use a combination of classical and PQ (a.k.a. hybrid) algorithms? Can the PQ migration be backwards compatible? If yes, would this introduce the possibility of down-grading attacks? And last but not least, is PQ FIDO2 feasible on current hardware? \r\n\r\nAfter discussing these, we present the first end-to-end post-quantum secure implementation of the FIDO2 protocol which we have recently open-sourced and benchmarked. The aim of our E2E OSS is to provide a complete implementation that allows PQ registration and authentication in all protocol operations, to enable developers to experiment and test the viability of PQ cryptography in current hardware devices providing FIDO2 authentication.\n\n\n","media":[],"title":"FIDO2 in the Quantum Realm","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:45:00Z","end_timestamp":{"seconds":1723401900,"nanoseconds":0},"android_description":"Due to its wide usage, the FIDO2 protocol – also known as Passkeys – is a key example (pun intended) of a protocol that urgently needs to be migrated to post-quantum cryptographic algorithms (PQ or PQC) to be secure against the looming quantum threat. In this presentation we explain our work over the last two years towards maintaining secure passwordless authentication in the quantum era. \r\n\r\nWe discuss: is FIDO2 ‘quantum-ready’? Which of the used cryptographic algorithms need to be replaced and with what? What is the (quantum) threat model? And do we ‘just’ need quantum-secure instead of classical algorithms or should we instead use a combination of classical and PQ (a.k.a. hybrid) algorithms? Can the PQ migration be backwards compatible? If yes, would this introduce the possibility of down-grading attacks? And last but not least, is PQ FIDO2 feasible on current hardware? \r\n\r\nAfter discussing these, we present the first end-to-end post-quantum secure implementation of the FIDO2 protocol which we have recently open-sourced and benchmarked. The aim of our E2E OSS is to provide a complete implementation that allows PQ registration and authentication in all protocol operations, to enable developers to experiment and test the viability of PQ cryptography in current hardware devices providing FIDO2 authentication.","updated_timestamp":{"seconds":1722626652,"nanoseconds":0},"speakers":[{"content_ids":[55858],"conference_id":133,"event_ids":[56445],"name":"Nina Bindel","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56227},{"content_ids":[55858],"conference_id":133,"event_ids":[56445],"name":"James Howe","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56228}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T19:24:12Z","links":[],"end":"2024-08-11T18:45:00.000-0000","id":56445,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56227},{"tag_id":46167,"sort_order":4,"person_id":56228}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-08-02T19:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this workshop we will build an inexpensive ADS-B (Automatic Dependent Surveillance–Broadcast) receiver with a Raspberry Pi and RTL-SDR. The receiver will track and display aircraft (commercial, private, and military) providing real-time altitude, direction, speed, GPS location and aircraft information. We'll discuss ADS-B technology and its importance to air traffic control. We'll also discuss building cheap external antennas to improve reception.\n\nWe will have 10 FREE ADS-B receiver kits that will be given away, at our discretion, to middle through high school students (11-18 years old). An additional 10 ADS-B kits will be available to any attendee for a modest donation to the Aerospace Village. Please see the Aerospace Village control tower to reserve your spot.\n\n\n","media":[],"title":"Watch The Skies: Build Your Own ADS-B receiver","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"In this workshop we will build an inexpensive ADS-B (Automatic Dependent Surveillance–Broadcast) receiver with a Raspberry Pi and RTL-SDR. The receiver will track and display aircraft (commercial, private, and military) providing real-time altitude, direction, speed, GPS location and aircraft information. We'll discuss ADS-B technology and its importance to air traffic control. We'll also discuss building cheap external antennas to improve reception.\n\nWe will have 10 FREE ADS-B receiver kits that will be given away, at our discretion, to middle through high school students (11-18 years old). An additional 10 ADS-B kits will be available to any attendee for a modest donation to the Aerospace Village. Please see the Aerospace Village control tower to reserve your spot.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55839],"conference_id":133,"event_ids":[56389],"name":"Jim \"Gurney\" Ross","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/jamesross/"}],"media":[],"id":56199}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56389,"tag_ids":[46366,46734],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56199}],"tags":"","conference_id":133,"location":{"parent_id":46259,"name":"LVCC - L1 - HW2-07-02 (Aerospace) - Workshops","hotel":"","short_name":"Workshops","id":46476},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us into this collaborative game of OWASP Cornucopia! Over the course of two hours we will create a Threat Model of an example target infrastructure using the OWASP Cornucopia game! Winner keeps the deck!\n\n\n","media":[],"title":"Activity: Threat modelling fun session with OWASP Cornucopia","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Join us into this collaborative game of OWASP Cornucopia! Over the course of two hours we will create a Threat Model of an example target infrastructure using the OWASP Cornucopia game! Winner keeps the deck!","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55723],"conference_id":133,"event_ids":[56254],"name":"Konstantinos Papapanagiotou","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56129}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56254,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56129}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 3","hotel":"","short_name":"ASV Pod 3","id":46468},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us into this collaborative game of OWASP Cornucopia! Over the course of two hours we will create a Threat Model of an example target infrastructure using the OWASP Cornucopia game! Winner keeps the deck!\n\n\n","media":[],"title":"Activity: Threat modelling fun session with OWASP Cornucopia","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Join us into this collaborative game of OWASP Cornucopia! Over the course of two hours we will create a Threat Model of an example target infrastructure using the OWASP Cornucopia game! Winner keeps the deck!","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55699,55712,55722],"conference_id":133,"event_ids":[56228,56230,56252],"name":"Andra","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56103}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56228,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56103}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 2","hotel":"","short_name":"ASV Pod 2","id":46467},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk, we delve deep into the increasingly interconnected world of electronic vehicles (EVs), photovoltaic (PV) solar systems, and the broader power grid infrastructure—a nexus that is becoming a fertile ground for potential large-scale cyber disruptions. As we navigate through this complex interplay of technology and infrastructure, we will uncover the critical vulnerabilities lurking within the API connections that bind these systems together. Our exploration will not only highlight these weaknesses but will also demonstrate, through real-world scenarios and potential attack vectors, how they can be exploited to launch sophisticated cyber-attacks, emphasizing the urgent need for robust security frameworks and proactive cybersecurity measures to safeguard our collective future.\r\nThe advent of PV inverters and EV charging systems has been marred by the industry's \"rush to market\" mentality, leading to overlooked security considerations.\n\n\n","media":[],"title":"Gridlock: The Dual-Edged Sword of EV and Solar APIs in Grid Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:30:00Z","end_timestamp":{"seconds":1723401000,"nanoseconds":0},"android_description":"In this talk, we delve deep into the increasingly interconnected world of electronic vehicles (EVs), photovoltaic (PV) solar systems, and the broader power grid infrastructure—a nexus that is becoming a fertile ground for potential large-scale cyber disruptions. As we navigate through this complex interplay of technology and infrastructure, we will uncover the critical vulnerabilities lurking within the API connections that bind these systems together. Our exploration will not only highlight these weaknesses but will also demonstrate, through real-world scenarios and potential attack vectors, how they can be exploited to launch sophisticated cyber-attacks, emphasizing the urgent need for robust security frameworks and proactive cybersecurity measures to safeguard our collective future.\r\nThe advent of PV inverters and EV charging systems has been marred by the industry's \"rush to market\" mentality, leading to overlooked security considerations.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[54495,55721],"conference_id":133,"event_ids":[56227,54868],"name":"Vangelis Stykas","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Atropos","title":"Chief Technology Officer"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/vangelis-stykas/"},{"description":"","title":"Twitter (@evstykas)","sort_order":0,"url":"https://twitter.com/evstykas"},{"description":"","title":"stykas.com","sort_order":0,"url":"https://stykas.com"}],"media":[],"id":54172,"title":"Chief Technology Officer at Atropos"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-11T18:30:00.000-0000","id":56227,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":4,"person_id":54172}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Do you ever pine for the days of 1200bps communications? Learn how to leverage the power of amateur radio to send digital data, pictures, and even cat memes using packet radio. This presentation will crack open the basics of packet, explore the tools you need (no soldering iron required!), and show you how to join the network buzzing beneath the surface of the RF spectrum.\n\n\n","media":[],"title":"Basic Packet Radio Operation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:30:00Z","end_timestamp":{"seconds":1723401000,"nanoseconds":0},"android_description":"Do you ever pine for the days of 1200bps communications? Learn how to leverage the power of amateur radio to send digital data, pictures, and even cat memes using packet radio. This presentation will crack open the basics of packet, explore the tools you need (no soldering iron required!), and show you how to join the network buzzing beneath the surface of the RF spectrum.","updated_timestamp":{"seconds":1722185806,"nanoseconds":0},"speakers":[{"content_ids":[55441,55442],"conference_id":133,"event_ids":[55866,55867],"name":"Jeremy","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55978}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T16:56:46Z","links":[],"end":"2024-08-11T18:30:00.000-0000","id":55866,"tag_ids":[46169,46380,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":55978}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W321","hotel":"","short_name":"W321","id":46337},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-28T16:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Industrial attacks garner a ton of attention especially from VC funded startups and government agencies who share a common goal - fundraising - I mean protecting our critical infrastructure. Threat actors around the world capitalize on geopolitical unrest and \"hack\" our industrial environments, posting screencaps while making wild claims. Both sides have seen an uptick in activity and I've been tracking unreal from reality. Heard of CyBeR AvEnGeRs or the CyBeR ArMy Of RusSiA ReBoRn and their terrifying water utilities hacks? (or not?) I'll deep dive into how these skiddies operate, their communication channels, claims, methods for validating claims, and general debauchery. I have receipts, will spill tea, and in this session will demonstrate for the village the methods/results of my work so everyone can see for themselves (so they can point and laugh and cry and laugh)\n\n\n","media":[],"title":"Tracking Industrial Advanced Threat Actors Who Aren't Really Advanced Just Skiddies Who Deface PLCs and Have Bad Manners: Methods and Results","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:50:00Z","end_timestamp":{"seconds":1723402200,"nanoseconds":0},"android_description":"Industrial attacks garner a ton of attention especially from VC funded startups and government agencies who share a common goal - fundraising - I mean protecting our critical infrastructure. Threat actors around the world capitalize on geopolitical unrest and \"hack\" our industrial environments, posting screencaps while making wild claims. Both sides have seen an uptick in activity and I've been tracking unreal from reality. Heard of CyBeR AvEnGeRs or the CyBeR ArMy Of RusSiA ReBoRn and their terrifying water utilities hacks? (or not?) I'll deep dive into how these skiddies operate, their communication channels, claims, methods for validating claims, and general debauchery. I have receipts, will spill tea, and in this session will demonstrate for the village the methods/results of my work so everyone can see for themselves (so they can point and laugh and cry and laugh)","updated_timestamp":{"seconds":1721781888,"nanoseconds":0},"speakers":[{"content_ids":[55358],"conference_id":133,"event_ids":[55750],"name":"Ron Fabela","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Infinity Squared Group (ISG)","title":"CEO"}],"links":[],"pronouns":null,"media":[],"id":55966,"title":"CEO at Infinity Squared Group (ISG)"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-24T00:44:48Z","links":[],"end":"2024-08-11T18:50:00.000-0000","id":55750,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55966}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-24T00:44:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This workshop has been developed to teach participants to be one step ahead of malicious actors with the techniques they use, making use of CVE's, investigating old and new exploits, to find payloads, vulnerable directory paths, remote inclusion of files and others so you can convert them into alerts or rules in Sentinel One. We are going to first analyze some of the most used CVEs or exploits of the moment to obtain the attack vectors and later convert them into rules\n\n\n","media":[],"title":"Threat hunting like a pentester","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T18:50:00Z","end_timestamp":{"seconds":1723402200,"nanoseconds":0},"android_description":"This workshop has been developed to teach participants to be one step ahead of malicious actors with the techniques they use, making use of CVE's, investigating old and new exploits, to find payloads, vulnerable directory paths, remote inclusion of files and others so you can convert them into alerts or rules in Sentinel One. We are going to first analyze some of the most used CVEs or exploits of the moment to obtain the attack vectors and later convert them into rules","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55321],"conference_id":133,"event_ids":[55711],"name":"Ronald Gonzalez","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55871}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-11T18:50:00.000-0000","id":55711,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55871}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Even tools \"designed to improve your security\" can be ridiculously vulnerable. Paradoxically, they can actually open the door to novel types of attacks. There's a significant threat right before us, one that everyone assumed was the cornerstone of our security but overlooked: YES, your SIEM!. In this talk, I will explain how attackers become more dangerous as they grow more creative, turning our own defenses against us. I can guarantee that by the end of the talk, some of us will be saying \"I wish we had never used any SIEM tools in the first place.\".\n\nIn this talk, the structure of SIEM tools and hidden vulnerable points of them will be discussed, using Splunk as a primary example. This talk will include demonstrations of various attack types using the open-source offensive security tool specifically developed for this research. Prepare to be both educated and amazed as we inject fake logs, distract blue teams, and hide our activities right under their noses.\n\nThis talk will equip red teamers with a novel post-exploitation strategy to enhance their engagements, challenging blue teams with the realization that the logs they monitor minutely may not always be trustworthy.\n\n\n","media":[],"title":"The SIEMless Hack: Rewriting Reality with Log Injection","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T18:50:00Z","end_timestamp":{"seconds":1723402200,"nanoseconds":0},"android_description":"Even tools \"designed to improve your security\" can be ridiculously vulnerable. Paradoxically, they can actually open the door to novel types of attacks. There's a significant threat right before us, one that everyone assumed was the cornerstone of our security but overlooked: YES, your SIEM!. In this talk, I will explain how attackers become more dangerous as they grow more creative, turning our own defenses against us. I can guarantee that by the end of the talk, some of us will be saying \"I wish we had never used any SIEM tools in the first place.\".\n\nIn this talk, the structure of SIEM tools and hidden vulnerable points of them will be discussed, using Splunk as a primary example. This talk will include demonstrations of various attack types using the open-source offensive security tool specifically developed for this research. Prepare to be both educated and amazed as we inject fake logs, distract blue teams, and hide our activities right under their noses.\n\nThis talk will equip red teamers with a novel post-exploitation strategy to enhance their engagements, challenging blue teams with the realization that the logs they monitor minutely may not always be trustworthy.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55320],"conference_id":133,"event_ids":[55710],"name":"Özgün Kültekin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@oz9un)","sort_order":0,"url":"https://twitter.com/oz9un"}],"media":[],"id":55875}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-11T18:50:00.000-0000","id":55710,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55875}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"What if you could set up a full Active Directory network, with ADCS, SCCM, and Elastic EDR with one command, on hardware you control, with parameters you define? Come with us as we explore the power of automated labs NOT based on pre-configured static templates, instead built on-demand. This talk will explore the past, present, and future of automated cybersecurity test environments that enable you to get hands-on cybersecurity experience without spending a decade becoming a sysadmin first. It will also discuss how we used our lab to find a common misconfiguration in SCCM that was exposing Domain Admin credentials on the public internet! You’ll walk away with a new SCCM tool and an open source tool to create your own labs, as well as the framework and ideas to build your own sharable modules.\n\n\n","media":[],"title":"Supercharge your vuln finding workflow with automated labs: How Ludus made it rain creds from SCCM","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T18:50:00Z","end_timestamp":{"seconds":1723402200,"nanoseconds":0},"android_description":"What if you could set up a full Active Directory network, with ADCS, SCCM, and Elastic EDR with one command, on hardware you control, with parameters you define? Come with us as we explore the power of automated labs NOT based on pre-configured static templates, instead built on-demand. This talk will explore the past, present, and future of automated cybersecurity test environments that enable you to get hands-on cybersecurity experience without spending a decade becoming a sysadmin first. It will also discuss how we used our lab to find a common misconfiguration in SCCM that was exposing Domain Admin credentials on the public internet! You’ll walk away with a new SCCM tool and an open source tool to create your own labs, as well as the framework and ideas to build your own sharable modules.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55319],"conference_id":133,"event_ids":[55709],"name":"Erik Hunstad","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@badsectorlabs)","sort_order":0,"url":"https://twitter.com/badsectorlabs"}],"media":[],"id":55876},{"content_ids":[55319],"conference_id":133,"event_ids":[55709],"name":"Alberto Rodriguez","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@__ar0d__)","sort_order":0,"url":"https://twitter.com/__ar0d__"}],"media":[],"id":55877}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-11T18:50:00.000-0000","id":55709,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55876},{"tag_id":46167,"sort_order":4,"person_id":55877}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This workshop offers a fast-paced and engaging introduction to setting up Red Team Infrastructure, focusing on the practical use of Terraform and Ansible. The session begins with a brief overview of Red Team operations and the critical role of robust infrastructure. It then swiftly moves into the practical aspects, demonstrating the basics of Terraform for deploying cloud infrastructure and Ansible for efficient configuration management. The highlight is a demonstration on integrating these tools to automate key components of Red Team infrastructure, emphasizing their application in real-world scenarios. This workshop is tailored for those eager to quickly grasp the essentials of Red Team infrastructure automation.\n\n\n","media":[],"title":"Red Team Infrastructure Setup and Automation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T18:50:00Z","end_timestamp":{"seconds":1723402200,"nanoseconds":0},"android_description":"This workshop offers a fast-paced and engaging introduction to setting up Red Team Infrastructure, focusing on the practical use of Terraform and Ansible. The session begins with a brief overview of Red Team operations and the critical role of robust infrastructure. It then swiftly moves into the practical aspects, demonstrating the basics of Terraform for deploying cloud infrastructure and Ansible for efficient configuration management. The highlight is a demonstration on integrating these tools to automate key components of Red Team infrastructure, emphasizing their application in real-world scenarios. This workshop is tailored for those eager to quickly grasp the essentials of Red Team infrastructure automation.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55318],"conference_id":133,"event_ids":[55708],"name":"Arun Nair","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@dazzyddos)","sort_order":0,"url":"https://twitter.com/dazzyddos"}],"media":[],"id":55872},{"content_ids":[55318],"conference_id":133,"event_ids":[55708],"name":"Aravind Prakash","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55873},{"content_ids":[55318],"conference_id":133,"event_ids":[55708],"name":"Shebin Mathew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55874}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-11T18:50:00.000-0000","id":55708,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55873},{"tag_id":46167,"sort_order":4,"person_id":55872},{"tag_id":46167,"sort_order":6,"person_id":55874}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In today's dynamic web application ecosystem, there exists numerous data manipulation processes to sanitize, translate and manipulate data for use by applications, for storage in back-end systems or sent to clients in web browsers. These same processes, however, can also be leveraged by bug hunters to obfuscate attack payloads from intermediary security systems such as web application firewalls (WAFs). In this workshop we will discuss several abuse scenarios including Edge-Side Includes (ESI), XSS Sanitizers and Unicode Normalizations. \r\n \r\nPre-Requisites:\r\nHands-on labs will be hosted on YesWeHack’s free DOJO platform (https://dojo-yeswehack.com/). Participants are encouraged to sign up for an account in advance and will use their own laptops for labs.\n\n\n","media":[],"title":"Lost in Translation - WAF Bypasses By Abusing Data Manipulation Processes","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T19:30:00Z","end_timestamp":{"seconds":1723404600,"nanoseconds":0},"android_description":"In today's dynamic web application ecosystem, there exists numerous data manipulation processes to sanitize, translate and manipulate data for use by applications, for storage in back-end systems or sent to clients in web browsers. These same processes, however, can also be leveraged by bug hunters to obfuscate attack payloads from intermediary security systems such as web application firewalls (WAFs). In this workshop we will discuss several abuse scenarios including Edge-Side Includes (ESI), XSS Sanitizers and Unicode Normalizations. \r\n \r\nPre-Requisites:\r\nHands-on labs will be hosted on YesWeHack’s free DOJO platform (https://dojo-yeswehack.com/). Participants are encouraged to sign up for an account in advance and will use their own laptops for labs.","updated_timestamp":{"seconds":1721438527,"nanoseconds":0},"speakers":[{"content_ids":[55184],"conference_id":133,"event_ids":[55572],"name":"Isabella Barnett","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"@4ng3lhacker","sort_order":0,"url":"https://twitter.com/4ng3lhacker"}],"media":[],"id":54820},{"content_ids":[55184],"conference_id":133,"event_ids":[55572],"name":"Ryan Barnett","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Akamai","title":""}],"pronouns":null,"links":[{"description":"","title":"@ryancbarnett","sort_order":0,"url":"https://twitter.com/ryancbarnett"}],"media":[],"id":54836,"title":"Akamai"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-20T01:22:07Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#lost-in-translation"}],"end":"2024-08-11T19:30:00.000-0000","id":55572,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54836},{"tag_id":46167,"sort_order":4,"person_id":54820}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-20T01:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Open source intelligence may sound like something you’ve never done, but even something as simple as finding your old friends on social media overlaps with skills required for the job. Learn about what OSINT is, how to start an investigation, and resources used by experts to collect the maximum amount of data on a facility before ever visiting the site.\n\n\n","media":[],"title":"Physical OSINT","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:30:00Z","end_timestamp":{"seconds":1723401000,"nanoseconds":0},"android_description":"Open source intelligence may sound like something you’ve never done, but even something as simple as finding your old friends on social media overlaps with skills required for the job. Learn about what OSINT is, how to start an investigation, and resources used by experts to collect the maximum amount of data on a facility before ever visiting the site.","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54646],"conference_id":133,"event_ids":[55019],"name":"Lukas McCullough","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54359}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T18:30:00.000-0000","id":55019,"tag_ids":[46387,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54359}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This combination presentation and panel discussion will surface the policy and technical challenges associated with securing civil aviation, bringing together perspectives from government, industry, and aviation cybersecurity companies.\r\n\r\nGiven the continued growth in civil aviation and impending regulation in the United States of America and Europe, this talk will describe the key technical challenges and the resulting policy challenges that should be addressed to keep civil aviation secure.\r\n\r\n\n\n\n","media":[],"title":"Flying Blind: Navigating the Turbulent Skies of Aviation Cybersecurity Regulation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:45:00Z","end_timestamp":{"seconds":1723401900,"nanoseconds":0},"android_description":"This combination presentation and panel discussion will surface the policy and technical challenges associated with securing civil aviation, bringing together perspectives from government, industry, and aviation cybersecurity companies.\r\n\r\nGiven the continued growth in civil aviation and impending regulation in the United States of America and Europe, this talk will describe the key technical challenges and the resulting policy challenges that should be addressed to keep civil aviation secure.","updated_timestamp":{"seconds":1720400397,"nanoseconds":0},"speakers":[{"content_ids":[54645],"conference_id":133,"event_ids":[55018],"name":"Mike Weigand","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Squadra Ventures","title":"Entrepreneur in Residence"}],"links":[],"pronouns":null,"media":[],"id":54225,"title":"Entrepreneur in Residence at Squadra Ventures"},{"content_ids":[54645],"conference_id":133,"event_ids":[55018],"name":"Stuart Wagner","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Department of the Air Force","title":"Former Chief Digital Transformation Officer"}],"links":[],"pronouns":null,"media":[],"id":56051,"title":"Former Chief Digital Transformation Officer at Department of the Air Force"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T00:59:57Z","links":[],"end":"2024-08-11T18:45:00.000-0000","id":55018,"tag_ids":[46388,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54225},{"tag_id":46167,"sort_order":4,"person_id":56051}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-08T00:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We live in an era where voice verification is increasingly adopted in security protocols. The potential for abuse through voice cloning technology presents a significant and growing threat to cybersecurity. This talk dives into the alarming capabilities of deep learning to create highly convincing voice clones. Using my own voice as a case study, I will demonstrate a recorded simulation where the cloned voice successfully bypasses several major institutions’ voice verification systems. This presentation will outline the tools and techniques leveraged for voice cloning, discuss the pressing risks involved, and explore strategic countermeasures for red teams. The aim is to equip offensive security researchers with a nuanced understanding of voice cloning technology, emphasizing its implications for threat emulation and defensive strategy formulation. Attendees will gain insight into adversary tactics using publicly available voice samples for simulating voice-based attacks, providing a clear perspective on preparing defenses against such AI-driven threats. \n\n\n","media":[],"title":"Exploiting Voice Cloning in Adversarial Simulation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:30:00Z","end_timestamp":{"seconds":1723401000,"nanoseconds":0},"android_description":"We live in an era where voice verification is increasingly adopted in security protocols. The potential for abuse through voice cloning technology presents a significant and growing threat to cybersecurity. This talk dives into the alarming capabilities of deep learning to create highly convincing voice clones. Using my own voice as a case study, I will demonstrate a recorded simulation where the cloned voice successfully bypasses several major institutions’ voice verification systems. This presentation will outline the tools and techniques leveraged for voice cloning, discuss the pressing risks involved, and explore strategic countermeasures for red teams. The aim is to equip offensive security researchers with a nuanced understanding of voice cloning technology, emphasizing its implications for threat emulation and defensive strategy formulation. Attendees will gain insight into adversary tactics using publicly available voice samples for simulating voice-based attacks, providing a clear perspective on preparing defenses against such AI-driven threats.","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54644],"conference_id":133,"event_ids":[55017],"name":"Mark Foudy","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NeurodiverseHackers.com","title":"Founder"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/markfoudy/"},{"description":"","title":"NeurodiverseHackers.com","sort_order":0,"url":"https://NeurodiverseHackers.com"},{"description":"","title":"Twitter (@0xM4rk7homas)","sort_order":0,"url":"https://twitter.com/0xM4rk7homas"}],"media":[],"id":54338,"title":"Founder at NeurodiverseHackers.com"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T18:30:00.000-0000","id":55017,"tag_ids":[46169,46367,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54338}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is not a talk in which I will demonstrate exploit chains obtained from the underworld after signing with blood. It’s about sharing meaningful stories from said underworld. The automotive underworld of huge corporations, short deadlines and lukewarm engineers. The one where companies fight for packing more and more functionality inside your computer on wheels, without paying attention to one of the things that our life actually depends on right now, cybersecurity.\r\n \r\nWhile others talk about extremely significant remote vulnerabilities, I will focus on a high-level view of architecture and design of vehicles and where security fits in these processes. I will go through a journey of exploitation, from discovering 0days, to persuading engineers for the significance of a finding, by putting him in the driving seat and engaging the breaks mid-journey.\r\n \r\nI will conclude, trying to understand why this is happening, why this behavior towards security still exists in the automotive industry, and how a small manufacturer managed to create one of the most secure embedded systems I faced in my career. All this, with a series of demos in real targets, and a real ECU on stage.\r\n \r\nOur ultimate goal is to help people understand the state of the industry, spark the interest which can come out of hacking a computer on wheels, and try to raise awareness with a bit of hack, a bit of crash and two smoking barrels.\r\n\r\n1. Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., ... & Savage, S. (2010, May). Experimental security analysis of a modern automobile. In 2010 IEEE symposium on security and privacy (pp. 447-462). IEEE.\r\n2. Miller, C., & Valasek, C. (2015). Remote exploitation of an unaltered passenger vehicle. Black Hat USA, 2015(S 91), 1-91.\r\n3. Cai, Z., Wang, A., Zhang, W., Gruffke, M., & Schweppe, H. (2019). 0-days & mitigations: roadways to exploit and secure connected BMW cars. Black Hat USA, 2019(39), 6.\r\n4. Tencent. Tencent Keen Security Lab: Experimental Security Assessment on Lexus Cars.\r\n5. [link](https://rollingpwn.github.io/rolling-pwn/)\r\n6. UNECE, G. W. (2021). UN Regulation No. 155—Cyber Security and Cyber Security Management System. Technical Report. United Nations.\r\n7. ISO. (2013). ISO 14229: Road vehicles — Unified Diagnostic Services (UDS).\r\n\n\n\n","media":[],"title":"The hack, the crash and two smoking barrels. (And all the times I (almost) killed an engineer.)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T18:45:00Z","end_timestamp":{"seconds":1723401900,"nanoseconds":0},"android_description":"This is not a talk in which I will demonstrate exploit chains obtained from the underworld after signing with blood. It’s about sharing meaningful stories from said underworld. The automotive underworld of huge corporations, short deadlines and lukewarm engineers. The one where companies fight for packing more and more functionality inside your computer on wheels, without paying attention to one of the things that our life actually depends on right now, cybersecurity.\r\n \r\nWhile others talk about extremely significant remote vulnerabilities, I will focus on a high-level view of architecture and design of vehicles and where security fits in these processes. I will go through a journey of exploitation, from discovering 0days, to persuading engineers for the significance of a finding, by putting him in the driving seat and engaging the breaks mid-journey.\r\n \r\nI will conclude, trying to understand why this is happening, why this behavior towards security still exists in the automotive industry, and how a small manufacturer managed to create one of the most secure embedded systems I faced in my career. All this, with a series of demos in real targets, and a real ECU on stage.\r\n \r\nOur ultimate goal is to help people understand the state of the industry, spark the interest which can come out of hacking a computer on wheels, and try to raise awareness with a bit of hack, a bit of crash and two smoking barrels.\r\n\r\n1. Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., ... & Savage, S. (2010, May). Experimental security analysis of a modern automobile. In 2010 IEEE symposium on security and privacy (pp. 447-462). IEEE.\r\n2. Miller, C., & Valasek, C. (2015). Remote exploitation of an unaltered passenger vehicle. Black Hat USA, 2015(S 91), 1-91.\r\n3. Cai, Z., Wang, A., Zhang, W., Gruffke, M., & Schweppe, H. (2019). 0-days & mitigations: roadways to exploit and secure connected BMW cars. Black Hat USA, 2019(39), 6.\r\n4. Tencent. Tencent Keen Security Lab: Experimental Security Assessment on Lexus Cars.\r\n5. [link](https://rollingpwn.github.io/rolling-pwn/)\r\n6. UNECE, G. W. (2021). UN Regulation No. 155—Cyber Security and Cyber Security Management System. Technical Report. United Nations.\r\n7. ISO. (2013). ISO 14229: Road vehicles — Unified Diagnostic Services (UDS).","updated_timestamp":{"seconds":1720463821,"nanoseconds":0},"speakers":[{"content_ids":[54564,54526],"conference_id":133,"event_ids":[54899,54939],"name":"Thomas \"Cr0wTom\" Sermpinis","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Auxilium Pentest Labs","title":"Technical Director"}],"pronouns":"he/him","links":[{"description":"","title":"cr0wsplace.com","sort_order":0,"url":"https://cr0wsplace.com"}],"media":[],"id":54059,"title":"Technical Director at Auxilium Pentest Labs"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T18:37:01Z","links":[],"end":"2024-08-11T18:45:00.000-0000","id":54899,"tag_ids":[46166,46169,46419,46437,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54059}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-08T18:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this presentation, we will unveil a new attack surface: Device Virtualization in VMKernel. This isan unknown territory that has not been explored by security researchers to date. During the reverse engineering of the VMware Hypervisor, we discovered 8 vulnerabilities related to device virtualization, 3 of them have been assigned CVE number (some vulnerabilities have even been successfully exploited in Tianfu Cup), and the remaining 5 of our vulnerabilities have been officially confirmed by VMware.\r\n\r\nFirstly we will delve into the loading process of vmm, the implementation of data sharing between vmm and vmx, and VMware's UserRPC, which facilitates communication between the Hypervisor and the Host. These mechanisms are crucial in virtual device emulation.\r\n\r\nThen We will explain security issues in various parts of the USB system, including the host controller, VUsb middleware, and VUsb backend devices, based on the vulnerabilities we have unearthed.\r\n\r\nIn the end, We will primarily discuss the similarities and differences in SCSI-related device emulation in the virtual disk system between VMware Workstation and ESXi Additionally, we will cover design flaws related to disk device emulation that we discovered in VMKernel.\r\n\r\n1. [link](https://www.cardlogix.com/glossary/apdu-application-protocol-data-unit-smart-card/)\r\n2. [link](https://www.zerodayinitiative.com/blog/2023/6/21/cve-2022-31696-an-analysis-of-a-vmware-esxi-tcp-socket-keepalive-type-confusion-lpe)\r\n3. [link](https://keenlab.tencent.com/en/2018/04/23/A-bunch-of-Red-Pills-VMware-Escapes/)\r\n4. [link](https://www.zerodayinitiative.com/blog/2018/1/19/automating-vmware-rpc-request-sniffing?rq=vmware)\r\n5. [link](https://williamlam.com/2010/06/esxcli-part1-what-is-esxcli.html)\r\n6. [link](https://www.usenix.org/system/files/woot19-paper_zhao.pdf)\r\n7. [link](https://www.zerodayinitiative.com/blog/2017/6/26/use-after-silence-exploiting-a-quietly-patched-uaf-in-vmware?rq=vmware)\r\n8. [link](https://github.com/vmware/open-vm-tools)\r\n9. [link](https://www.zerodayinitiative.com/blog/2019/5/7/taking-control-of-vmware-through-the-universal-host-controller-interface-part-1?rq=vmware)\r\n10. [link](https://papers.put.as/papers/macosx/2016/50_Shades_Of_Fuzzing.pdf)\r\n11. [link](https://nafod.net/blog/2020/02/29/zdi-19-421-uhci.html)\r\n12. [link](https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/ESXi_architecture.pdf)\r\n13. [link](https://www.zerodayinitiative.com/blog/2017/12/21/vmwares-launch-escape-system)\r\n14. [link](https://www.mcafee.com/blogs/other-blogs/mcafee-labs/analyzing-patch-of-a-virtual-machine-escape-on-vmware/)\r\n15. [link](https://www.blackhat.com/docs/eu-17/materials/eu-17-Mandal-The-Great-Escapes-Of-Vmware-A-Retrospective-Case-Study-Of-Vmware-G2H-Escape-Vulnerabilities.pdf)\r\n17. [link](https://www.zerodayinitiative.com/blog/2018/3/1/vmware-exploitation-through-uninitialized-buffers?rq=vmware)\r\n18. [link](https://www.blackhat.com/presentations/bh-usa-09/KORTCHINSKY/BHUSA09-Kortchinsky-Cloudburst-PAPER.pdf) conferences, including Usenix 2021, ACM CCS 2022, EuroS&P 2022, HITBSecConf2022, BlackHat Asia 2024.\r\n\n\n\n","media":[],"title":"Dragon SlayingGuide: Bug Hunting In VMware Device Virtualization","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T18:45:00Z","end_timestamp":{"seconds":1723401900,"nanoseconds":0},"android_description":"In this presentation, we will unveil a new attack surface: Device Virtualization in VMKernel. This isan unknown territory that has not been explored by security researchers to date. During the reverse engineering of the VMware Hypervisor, we discovered 8 vulnerabilities related to device virtualization, 3 of them have been assigned CVE number (some vulnerabilities have even been successfully exploited in Tianfu Cup), and the remaining 5 of our vulnerabilities have been officially confirmed by VMware.\r\n\r\nFirstly we will delve into the loading process of vmm, the implementation of data sharing between vmm and vmx, and VMware's UserRPC, which facilitates communication between the Hypervisor and the Host. These mechanisms are crucial in virtual device emulation.\r\n\r\nThen We will explain security issues in various parts of the USB system, including the host controller, VUsb middleware, and VUsb backend devices, based on the vulnerabilities we have unearthed.\r\n\r\nIn the end, We will primarily discuss the similarities and differences in SCSI-related device emulation in the virtual disk system between VMware Workstation and ESXi Additionally, we will cover design flaws related to disk device emulation that we discovered in VMKernel.\r\n\r\n1. [link](https://www.cardlogix.com/glossary/apdu-application-protocol-data-unit-smart-card/)\r\n2. [link](https://www.zerodayinitiative.com/blog/2023/6/21/cve-2022-31696-an-analysis-of-a-vmware-esxi-tcp-socket-keepalive-type-confusion-lpe)\r\n3. [link](https://keenlab.tencent.com/en/2018/04/23/A-bunch-of-Red-Pills-VMware-Escapes/)\r\n4. [link](https://www.zerodayinitiative.com/blog/2018/1/19/automating-vmware-rpc-request-sniffing?rq=vmware)\r\n5. [link](https://williamlam.com/2010/06/esxcli-part1-what-is-esxcli.html)\r\n6. [link](https://www.usenix.org/system/files/woot19-paper_zhao.pdf)\r\n7. [link](https://www.zerodayinitiative.com/blog/2017/6/26/use-after-silence-exploiting-a-quietly-patched-uaf-in-vmware?rq=vmware)\r\n8. [link](https://github.com/vmware/open-vm-tools)\r\n9. [link](https://www.zerodayinitiative.com/blog/2019/5/7/taking-control-of-vmware-through-the-universal-host-controller-interface-part-1?rq=vmware)\r\n10. [link](https://papers.put.as/papers/macosx/2016/50_Shades_Of_Fuzzing.pdf)\r\n11. [link](https://nafod.net/blog/2020/02/29/zdi-19-421-uhci.html)\r\n12. [link](https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/ESXi_architecture.pdf)\r\n13. [link](https://www.zerodayinitiative.com/blog/2017/12/21/vmwares-launch-escape-system)\r\n14. [link](https://www.mcafee.com/blogs/other-blogs/mcafee-labs/analyzing-patch-of-a-virtual-machine-escape-on-vmware/)\r\n15. [link](https://www.blackhat.com/docs/eu-17/materials/eu-17-Mandal-The-Great-Escapes-Of-Vmware-A-Retrospective-Case-Study-Of-Vmware-G2H-Escape-Vulnerabilities.pdf)\r\n17. [link](https://www.zerodayinitiative.com/blog/2018/3/1/vmware-exploitation-through-uninitialized-buffers?rq=vmware)\r\n18. [link](https://www.blackhat.com/presentations/bh-usa-09/KORTCHINSKY/BHUSA09-Kortchinsky-Cloudburst-PAPER.pdf) conferences, including Usenix 2021, ACM CCS 2022, EuroS&P 2022, HITBSecConf2022, BlackHat Asia 2024.","updated_timestamp":{"seconds":1720464711,"nanoseconds":0},"speakers":[{"content_ids":[54525],"conference_id":133,"event_ids":[54898],"name":"JiaQing Huang","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"QI-ANXIN Group","title":"Security Researcher, TianGong Team of Legendsec"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@S0dukuN)","sort_order":0,"url":"https://twitter.com/S0dukuN"},{"description":"","title":"Twitter (@TianGongLab)","sort_order":0,"url":"https://twitter.com/TianGongLab"}],"media":[],"id":54084,"title":"Security Researcher, TianGong Team of Legendsec at QI-ANXIN Group"},{"content_ids":[54525],"conference_id":133,"event_ids":[54898],"name":"Hao Zheng","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"QI-ANXIN Group","title":"Security Researcher, TianGong Team of Legendsec"}],"links":[],"pronouns":null,"media":[],"id":54127,"title":"Security Researcher, TianGong Team of Legendsec at QI-ANXIN Group"},{"content_ids":[54525],"conference_id":133,"event_ids":[54898],"name":"Yue Liu","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"QI-ANXIN Group","title":"Security Researcher"}],"links":[],"pronouns":null,"media":[],"id":54176,"title":"Security Researcher at QI-ANXIN Group"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T18:51:51Z","links":[],"end":"2024-08-11T18:45:00.000-0000","id":54898,"tag_ids":[46166,46419,46880],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54084},{"tag_id":46167,"sort_order":2,"person_id":54127},{"tag_id":46167,"sort_order":3,"person_id":54176}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-08T18:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"LDAP is no stranger to the security spotlight. While LDAP is a protocol (Lightweight Directory Access Protocol) and Active Directory is the most popular directory services system that supports a subset of LDAP, the terms “LDAP” and “AD” are tightly coupled when discussing the execution, detection and prevention of attacks targeting directory services data.\r\n \r\nIn the last decade the widespread offensive value of querying AD data via LDAP was cemented with the release of open-source tools such as BloodHound and PingCastle. However, proper visibility of LDAP queries mostly remains a privileged asset for those organizations with deep pockets, and the commercial security tools providing this visibility are often woefully fixated on simple signature-based detections.\r\n \r\nMaLDAPtive is the 2,000-hour (and counting) quest of offensive and defensive LDAP exploration and tool-building. This research includes mind-bending depths of obfuscation across all elements of LDAP queries (many undocumented and most never seen in the wild), all baked into an obfuscation/de-obfuscation/detection framework built upon our ground-up custom LDAP search filter tokenizer and syntax tree parser.\r\n \r\nCome witness the release of our MaLDAPtive research and open-source framework: transforming LDAP from “lightweight” to “heavyweight.”\r\n\r\n- General LDAP information:\r\n - [link](https://ldapwiki.com/wiki/)\r\n - [link](https://ldap.com/basic-ldap-concepts/)\r\n\r\n- LDAP-Related RFCs:\r\n - [link](https://datatracker.ietf.org/doc/html/rfc4511)\r\n - [link](https://datatracker.ietf.org/doc/html/rfc4512)\r\n - [link](https://datatracker.ietf.org/doc/html/rfc4514)\r\n \r\n- Official Documentation for Active Directory LDAP Attributes: [link](https://github.com/MicrosoftDocs/win32/tree/docs/desktop-src/ADSchema)\r\n\r\n- Blogs Highlighting Offensive LDAP Usage:\r\n - [link](https://posts.specterops.io/an-introduction-to-manual-active-directory-querying-with-dsquery-and-ldapsearch-84943c13d7eb)\r\n - [link](https://www.politoinc.com/post/ldap-queries-for-offensive-and-defensive-operations)\r\n - [link](https://www.binarydefense.com/resources/blog/uncovering-adversarial-ldap-tradecraft/)\r\n - [link](https://www.mdsec.co.uk/2024/02/active-directory-enumeration-for-red-teams/)\r\n \r\n- Open-Source Tooling Using LDAP:\r\n - [link](https://github.com/BloodHoundAD/BloodHound)\r\n - [link](https://github.com/vletoux/pingcastle)\r\n - [link](https://github.com/PowerShellMafia/PowerSploit/blob/master/Recon/PowerView.ps1)\r\n - [link](https://github.com/Kevin-Robertson/Powermad)\r\n \n\n\n","media":[],"title":"(|(MaLDAPtive:¯\\_(LDAP)_/¯=ObFUsc8t10n) (De-Obfuscation &:=De*te)(!c=tion))","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T18:45:00Z","end_timestamp":{"seconds":1723401900,"nanoseconds":0},"android_description":"LDAP is no stranger to the security spotlight. While LDAP is a protocol (Lightweight Directory Access Protocol) and Active Directory is the most popular directory services system that supports a subset of LDAP, the terms “LDAP” and “AD” are tightly coupled when discussing the execution, detection and prevention of attacks targeting directory services data.\r\n \r\nIn the last decade the widespread offensive value of querying AD data via LDAP was cemented with the release of open-source tools such as BloodHound and PingCastle. However, proper visibility of LDAP queries mostly remains a privileged asset for those organizations with deep pockets, and the commercial security tools providing this visibility are often woefully fixated on simple signature-based detections.\r\n \r\nMaLDAPtive is the 2,000-hour (and counting) quest of offensive and defensive LDAP exploration and tool-building. This research includes mind-bending depths of obfuscation across all elements of LDAP queries (many undocumented and most never seen in the wild), all baked into an obfuscation/de-obfuscation/detection framework built upon our ground-up custom LDAP search filter tokenizer and syntax tree parser.\r\n \r\nCome witness the release of our MaLDAPtive research and open-source framework: transforming LDAP from “lightweight” to “heavyweight.”\r\n\r\n- General LDAP information:\r\n - [link](https://ldapwiki.com/wiki/)\r\n - [link](https://ldap.com/basic-ldap-concepts/)\r\n\r\n- LDAP-Related RFCs:\r\n - [link](https://datatracker.ietf.org/doc/html/rfc4511)\r\n - [link](https://datatracker.ietf.org/doc/html/rfc4512)\r\n - [link](https://datatracker.ietf.org/doc/html/rfc4514)\r\n \r\n- Official Documentation for Active Directory LDAP Attributes: [link](https://github.com/MicrosoftDocs/win32/tree/docs/desktop-src/ADSchema)\r\n\r\n- Blogs Highlighting Offensive LDAP Usage:\r\n - [link](https://posts.specterops.io/an-introduction-to-manual-active-directory-querying-with-dsquery-and-ldapsearch-84943c13d7eb)\r\n - [link](https://www.politoinc.com/post/ldap-queries-for-offensive-and-defensive-operations)\r\n - [link](https://www.binarydefense.com/resources/blog/uncovering-adversarial-ldap-tradecraft/)\r\n - [link](https://www.mdsec.co.uk/2024/02/active-directory-enumeration-for-red-teams/)\r\n \r\n- Open-Source Tooling Using LDAP:\r\n - [link](https://github.com/BloodHoundAD/BloodHound)\r\n - [link](https://github.com/vletoux/pingcastle)\r\n - [link](https://github.com/PowerShellMafia/PowerSploit/blob/master/Recon/PowerView.ps1)\r\n - [link](https://github.com/Kevin-Robertson/Powermad)","updated_timestamp":{"seconds":1720463884,"nanoseconds":0},"speakers":[{"content_ids":[54524],"conference_id":133,"event_ids":[54897],"name":"Sabajete Elezaj","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Solaris SE","title":"Senior Cyber Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/sabajete-elezaj/"},{"description":"","title":"Twitter (@sabi_elezi)","sort_order":0,"url":"https://twitter.com/sabi_elezi"}],"media":[],"id":54043,"title":"Senior Cyber Security Engineer at Solaris SE"},{"content_ids":[54524],"conference_id":133,"event_ids":[54897],"name":"Daniel Bohannon","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Permiso Security","title":"Principal Threat Researcher, P0 Labs team"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/danielhbohannon/"},{"description":"","title":"Twitter (@danielhbohannon)","sort_order":0,"url":"https://twitter.com/danielhbohannon"},{"description":"","title":"Website","sort_order":0,"url":"https://danielbohannon.com"}],"media":[],"id":54055,"title":"Principal Threat Researcher, P0 Labs team at Permiso Security"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T18:38:04Z","links":[],"end":"2024-08-11T18:45:00.000-0000","id":54897,"tag_ids":[46166,46169,46419,46438,46878],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54055},{"tag_id":46167,"sort_order":4,"person_id":54043}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-08T18:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Internet was supposed to give us access to the world's information, so that people, everywhere, would be able to know the truth. But that’s not how things worked out. Instead, we have a digital deception engine of global proportions. Nothing that comes through the screen can be trusted, and even the things that are technically true have been selected, massaged, and amplified in support of someone’s messaging strategy.\n\nDeception isn’t just about narratives - we see deception at every layer of the network stack, from spoofed electromagnetic signatures, to false flags in malware, to phony personas used to access networks and spread influence. They hide in our blindspots, exploit our biases, and fill our egos while manipulating our perceptions.\n\nHow do we decide what is real? This talk examines time-tested maxims that teach the craft of effective deception, and then inverts those offensive principles to provide defensive strategies. We’ll explore ways to counter biases, triangulate information sources, detect narratives, and how hackers can build tools that can change the game.\n \nAt their best, hackers lift their heads up above the masses to see how the world actually works, not how it purports to work, and then take action to make the world a better place. You’ll leave this talk with practical skills to do just that.\n\n\n","media":[],"title":"Deception & Counter Deception – Defending Yourself in a World Full of Lies","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T18:45:00Z","end_timestamp":{"seconds":1723401900,"nanoseconds":0},"android_description":"The Internet was supposed to give us access to the world's information, so that people, everywhere, would be able to know the truth. But that’s not how things worked out. Instead, we have a digital deception engine of global proportions. Nothing that comes through the screen can be trusted, and even the things that are technically true have been selected, massaged, and amplified in support of someone’s messaging strategy.\n\nDeception isn’t just about narratives - we see deception at every layer of the network stack, from spoofed electromagnetic signatures, to false flags in malware, to phony personas used to access networks and spread influence. They hide in our blindspots, exploit our biases, and fill our egos while manipulating our perceptions.\n\nHow do we decide what is real? This talk examines time-tested maxims that teach the craft of effective deception, and then inverts those offensive principles to provide defensive strategies. We’ll explore ways to counter biases, triangulate information sources, detect narratives, and how hackers can build tools that can change the game.\n \nAt their best, hackers lift their heads up above the masses to see how the world actually works, not how it purports to work, and then take action to make the world a better place. You’ll leave this talk with practical skills to do just that.","updated_timestamp":{"seconds":1720307459,"nanoseconds":0},"speakers":[{"content_ids":[54487],"conference_id":133,"event_ids":[54860],"name":"Greg Conti","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Kopidion","title":"Principal"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/greg-conti-7a8521/"},{"description":"","title":"Twitter (@cyberbgone)","sort_order":0,"url":"https://twitter.com/cyberbgone"},{"description":"","title":"www.gregconti.com/","sort_order":0,"url":"https://www.gregconti.com/"}],"media":[],"id":54072,"title":"Principal at Kopidion"},{"content_ids":[54487],"conference_id":133,"event_ids":[54860],"name":"Tom \"Decius\" Cross","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Kopidion","title":"Principal"}],"pronouns":"he/him","links":[{"description":"","title":"bsky.app/profile/decius.bsky.social","sort_order":0,"url":"https://bsky.app/profile/decius.bsky.social"},{"description":"","title":"ioc.exchange/@decius","sort_order":0,"url":"https://ioc.exchange/@decius"}],"media":[],"id":54200,"title":"Principal at Kopidion"}],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-06T23:10:59Z","links":[],"end":"2024-08-11T18:45:00.000-0000","id":54860,"tag_ids":[46166,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54200},{"tag_id":46167,"sort_order":4,"person_id":54072}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ham radio is the original group of electronic hackers, starting long before computers, circuit chips, or even transistors. Continuing this pioneer spirit, The Ham Radio Village is offering free ham radio exams again at DEF CON! All are welcome to come and take the exam and get their amateur radio license upon passing. All three levels (technician, general, and amateur extra) of exams will be offered during DEF CON at the Ham Radio Village. Examinees are encouraged to study the question pool and take practice exams on ham.study.\r\n\r\nEverything we do today involves wireless communications of some sort, and a basic knowledge of how radio works is crucial. Getting your amateur radio license and entering the world of amateur radio will better equip you with knowledge about what goes on in the radio frequency domain, and this can be applied to other RF topics (like RFID credentials, WiFi, or anything else that communicated wirelessly)\n\n\n","media":[{"hash_sha256":"8121f8bfb8be2b701aea4941904ae7a178b8b90e84dd6cf786636abf65c33a38","filetype":"image/png","hash_md5":"d4129f6c22e4e172784f5759c4bb75d9","name":"pme_hamexams.png","is_logo":"Y","hash_crc32c":"ff2e55b6","filesize":31886,"asset_id":680,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_hamexams.png"}],"title":"Ham Radio Exams","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Ham radio is the original group of electronic hackers, starting long before computers, circuit chips, or even transistors. Continuing this pioneer spirit, The Ham Radio Village is offering free ham radio exams again at DEF CON! All are welcome to come and take the exam and get their amateur radio license upon passing. All three levels (technician, general, and amateur extra) of exams will be offered during DEF CON at the Ham Radio Village. Examinees are encouraged to study the question pool and take practice exams on ham.study.\r\n\r\nEverything we do today involves wireless communications of some sort, and a basic knowledge of how radio works is crucial. Getting your amateur radio license and entering the world of amateur radio will better equip you with knowledge about what goes on in the radio frequency domain, and this can be applied to other RF topics (like RFID credentials, WiFi, or anything else that communicated wirelessly)","updated_timestamp":{"seconds":1718812742,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T18:00:00Z","timeband_id":1149,"updated_tsz":"2024-06-19T15:59:02Z","links":[{"label":"Website","type":"link","url":"https://hamvillage.org/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249512"},{"label":"Registration (Free)","type":"link","url":"https://ham.study/sessions/669069be6af12f90943be578/1"},{"label":"Twitter (@HamRadioVillage)","type":"link","url":"https://twitter.com/HamRadioVillage"}],"end":"2024-08-11T20:00:00.000-0000","id":54510,"tag_ids":[46365,46380],"village_id":null,"begin_timestamp":{"seconds":1723399200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W320","hotel":"","short_name":"W320","id":46299},"spans_timebands":"N","begin":"2024-08-11T18:00:00.000-0000","updated":"2024-06-19T15:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Kubernetes is the de facto operating system of the cloud, more organizations are running their workloads on Kubernetes. While Kubernetes offers many benefits, new users may introduce security risks like cluster misconfiguration, leaked credentials, cryptojacking, container escapes, and vulnerable clusters.\r\n\r\nThis workshop will teach you the fundamentals of Kubernetes security, from protecting your cluster to securing your workloads. You'll learn about RBAC, OPA, Security Contexts, Network Policies, and other security features. You'll also learn how to exploit workloads running on a Kubernetes environment using Living Off the Land (LotL) techniques like exploiting Insecure APIs, Secrets Theft, Container Escape and Pod Privilege Escalation, similar to the ones used by real-world threat actors.\r\n\r\nThis workshop is designed for both beginners and advanced students. By the end of the workshop, you'll have a deep understanding of Kubernetes security and the skills to protect your K8S clusters.\n\n\n","media":[],"title":"Kubernetes Security: Hands-On Attack and Defense","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Kubernetes is the de facto operating system of the cloud, more organizations are running their workloads on Kubernetes. While Kubernetes offers many benefits, new users may introduce security risks like cluster misconfiguration, leaked credentials, cryptojacking, container escapes, and vulnerable clusters.\r\n\r\nThis workshop will teach you the fundamentals of Kubernetes security, from protecting your cluster to securing your workloads. You'll learn about RBAC, OPA, Security Contexts, Network Policies, and other security features. You'll also learn how to exploit workloads running on a Kubernetes environment using Living Off the Land (LotL) techniques like exploiting Insecure APIs, Secrets Theft, Container Escape and Pod Privilege Escalation, similar to the ones used by real-world threat actors.\r\n\r\nThis workshop is designed for both beginners and advanced students. By the end of the workshop, you'll have a deep understanding of Kubernetes security and the skills to protect your K8S clusters.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55720],"conference_id":133,"event_ids":[56226],"name":"alevsk","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56131}],"begin_tsz":"2024-08-11T17:45:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56226,"tag_ids":[46370,46734],"village_id":null,"begin_timestamp":{"seconds":1723398300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56131}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Classroom","hotel":"","short_name":"ASV Classroom","id":46465},"spans_timebands":"N","begin":"2024-08-11T17:45:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk we will explore vulnerabilities in Amazon Web Services (AWS) products which allowed us to gain access to cloud environments.\n\nTraditionally, adversaries have abused misconfigurations and leaked credentials to gain access to AWS workloads. Things like exposed long-lived access keys and exploiting the privileges of virtual machines have allowed adversaries to breach cloud resources. However, these mistakes are on the customer side of the shared responsibility model. In this session, we will cover vulnerabilities in AWS services that have been fixed and that previously allowed us to access cloud resources.\n\nWe will start with an exploration of how Identity and Access Management (IAM) roles establish trust with AWS services. Covering how roles associated with Amazon Cognito and GitHub Actions could be misconfigured to allow anyone in the world to access them. From here, we’ll cover a vulnerability we found in AWS Amplify which exposed IAM roles associated with the service to takeover, allowing anyone the ability to assume these roles.\n\nFinally, we will also look at a worst-case scenario: what happens when an attacker finds a confused deputy vulnerability and is able to assume roles in other accounts? Sounds far-fetched? We’ll cover a real world example of a vulnerability we found in AWS AppSync that lets us do just that. We’ll also discuss how security practitioners can secure their environments, even against a zero-day like this one.\n\nJoin us to learn how attackers search for and exploit vulnerabilities in AWS services to gain access to cloud environments.\n\n\n","media":[],"title":"Kicking in the Door to the Cloud: Exploiting Cloud Provider Vulnerabilities for Initial Access","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:10:00Z","end_timestamp":{"seconds":1723399800,"nanoseconds":0},"android_description":"In this talk we will explore vulnerabilities in Amazon Web Services (AWS) products which allowed us to gain access to cloud environments.\n\nTraditionally, adversaries have abused misconfigurations and leaked credentials to gain access to AWS workloads. Things like exposed long-lived access keys and exploiting the privileges of virtual machines have allowed adversaries to breach cloud resources. However, these mistakes are on the customer side of the shared responsibility model. In this session, we will cover vulnerabilities in AWS services that have been fixed and that previously allowed us to access cloud resources.\n\nWe will start with an exploration of how Identity and Access Management (IAM) roles establish trust with AWS services. Covering how roles associated with Amazon Cognito and GitHub Actions could be misconfigured to allow anyone in the world to access them. From here, we’ll cover a vulnerability we found in AWS Amplify which exposed IAM roles associated with the service to takeover, allowing anyone the ability to assume these roles.\n\nFinally, we will also look at a worst-case scenario: what happens when an attacker finds a confused deputy vulnerability and is able to assume roles in other accounts? Sounds far-fetched? We’ll cover a real world example of a vulnerability we found in AWS AppSync that lets us do just that. We’ll also discuss how security practitioners can secure their environments, even against a zero-day like this one.\n\nJoin us to learn how attackers search for and exploit vulnerabilities in AWS services to gain access to cloud environments.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[54449,55498],"conference_id":133,"event_ids":[55927,54822],"name":"Nick Frichette","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Datadog","title":"Staff Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@frichetten@fosstodon.org)","sort_order":0,"url":"https://fosstodon.org/@frichetten"},{"description":"","title":"Twitter (@Frichette_n)","sort_order":0,"url":"https://twitter.com/Frichette_n"},{"description":"","title":"Website","sort_order":0,"url":"https://frichetten.com/"}],"media":[],"id":54089,"title":"Staff Security Researcher at Datadog"}],"begin_tsz":"2024-08-11T17:35:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-11T18:10:00.000-0000","id":55927,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723397700,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54089}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-11T17:35:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There are loads of ways to get through a door without actually attacking the lock itself, including using the egress hardware, access control hardware, and countless other techniques to gain entry. Learn how to do these attacks in this talk!\n\n\n","media":[],"title":"Bypass 101","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:30:00Z","end_timestamp":{"seconds":1723401000,"nanoseconds":0},"android_description":"There are loads of ways to get through a door without actually attacking the lock itself, including using the egress hardware, access control hardware, and countless other techniques to gain entry. Learn how to do these attacks in this talk!","updated_timestamp":{"seconds":1723044255,"nanoseconds":0},"speakers":[{"content_ids":[54561,54621,55796],"conference_id":133,"event_ids":[56873,56345,54936,54995],"name":"Karen Ng","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GGR Security","title":"Risk Analyst"}],"links":[],"pronouns":null,"media":[],"id":54281,"title":"Risk Analyst at GGR Security"}],"begin_tsz":"2024-08-11T17:30:00Z","timeband_id":1149,"updated_tsz":"2024-08-07T15:24:15Z","links":[],"end":"2024-08-11T18:30:00.000-0000","id":56873,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723397400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54281}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-11T17:30:00.000-0000","updated":"2024-08-07T15:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This panel will consist of leaders and practitioners from multiple areas of the security and hacking space, sharing their journeys and perspectives on the industry. They’ll answer your questions on hiring, career advancement, and technical growth. Join us for this interactive session!\n\n\nThis panel will consist of leaders and practitioners from multiple areas of the security and hacking space, sharing their journeys and perspectives on the industry. They’ll answer your questions on hiring, career advancement, and technical growth. Join us for this interactive session!","media":[],"title":"Blue Team Careers: Do what you love, get paid for it! (A BTV Interactive Panel)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"This panel will consist of leaders and practitioners from multiple areas of the security and hacking space, sharing their journeys and perspectives on the industry. They’ll answer your questions on hiring, career advancement, and technical growth. Join us for this interactive session!\n\n\nThis panel will consist of leaders and practitioners from multiple areas of the security and hacking space, sharing their journeys and perspectives on the industry. They’ll answer your questions on hiring, career advancement, and technical growth. Join us for this interactive session!","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55727,55760],"conference_id":133,"event_ids":[56235,56285],"name":"Tennisha Martin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56089},{"content_ids":[55763,55760],"conference_id":133,"event_ids":[56285,56287],"name":"Shea Nangle","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56157},{"content_ids":[55760],"conference_id":133,"event_ids":[56285],"name":"Cyb0rg42","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56590},{"content_ids":[55760],"conference_id":133,"event_ids":[56285],"name":"Dani","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56592},{"content_ids":[55760],"conference_id":133,"event_ids":[56285],"name":"Pete Ortega","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56596}],"begin_tsz":"2024-08-11T17:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":56285,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723397400,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":56590},{"tag_id":46487,"sort_order":4,"person_id":56592},{"tag_id":46487,"sort_order":6,"person_id":56157},{"tag_id":46487,"sort_order":8,"person_id":56089},{"tag_id":46167,"sort_order":10,"person_id":56596}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-11T17:30:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"WarDriver Meetup","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-11T19:20:00Z","end_timestamp":{"seconds":1723404000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722186874,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T17:14:34Z","links":[],"end":"2024-08-11T19:20:00.000-0000","id":55869,"tag_ids":[46364,46390],"village_id":null,"begin_timestamp":{"seconds":1723397400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-11T17:30:00.000-0000","updated":"2024-07-28T17:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Living a life devoid of trust in anything or anyone can lead to a dismal existence. However, in the realm of cyber security, embracing the concept of Zero Trust is essential. Trust was never meant for networks and is now irrelevant in the digital realm. This discussion explores why trust has become a vulnerability and underscores the importance for organizations to adopt principles such as Zero Trust to effectively respond to the ever-changing threat landscape; failure to do so may lead to their extinction within a few years.\n\n\n","media":[],"title":"Ain’t that a Breach: Zero Trust Is the Only Solution!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T19:30:00Z","end_timestamp":{"seconds":1723404600,"nanoseconds":0},"android_description":"Living a life devoid of trust in anything or anyone can lead to a dismal existence. However, in the realm of cyber security, embracing the concept of Zero Trust is essential. Trust was never meant for networks and is now irrelevant in the digital realm. This discussion explores why trust has become a vulnerability and underscores the importance for organizations to adopt principles such as Zero Trust to effectively respond to the ever-changing threat landscape; failure to do so may lead to their extinction within a few years.","updated_timestamp":{"seconds":1721495393,"nanoseconds":0},"speakers":[{"content_ids":[55205],"conference_id":133,"event_ids":[55595],"name":"Dr. Louis DeWeaver III","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Marsh McLennan Agency","title":"Cyber Security Consultant"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/drlouisdeweaver/"}],"media":[],"id":55795,"title":"Cyber Security Consultant at Marsh McLennan Agency"}],"begin_tsz":"2024-08-11T17:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-20T17:09:53Z","links":[],"end":"2024-08-11T19:30:00.000-0000","id":55595,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723397400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55795}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-11T17:30:00.000-0000","updated":"2024-07-20T17:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There are many famous codes and ciphers still waiting to be solved, such as the encrypted Voynich manuscript and Edward Elgar's Dorabella cipher. All hold a special fascination. In this talk, prepare to be entertained and informed by Elonka Dunin and Klaus Schmeh, as we briefly discuss the encryption on Kryptos, the mysterious sculpture at the center of CIA Headquarters; NKrypt, an encrypted sculpture in Australia; an encrypted engraving on an early 20th century German silver cigarette case; details about the message attached to the leg of a WWII carrier pigeon that was found in an English chimney; an encrypted postcard by the owner of UK's Luton soccer team; and the intriguing encrypted messages created by the mysterious Henry Debosnys while awaiting his murder trial in New York in the late 1800s.\n\n\n","media":[],"title":"Famous and Not-So-Famous Unsolved Codes","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:30:00Z","end_timestamp":{"seconds":1723401000,"nanoseconds":0},"android_description":"There are many famous codes and ciphers still waiting to be solved, such as the encrypted Voynich manuscript and Edward Elgar's Dorabella cipher. All hold a special fascination. In this talk, prepare to be entertained and informed by Elonka Dunin and Klaus Schmeh, as we briefly discuss the encryption on Kryptos, the mysterious sculpture at the center of CIA Headquarters; NKrypt, an encrypted sculpture in Australia; an encrypted engraving on an early 20th century German silver cigarette case; details about the message attached to the leg of a WWII carrier pigeon that was found in an English chimney; an encrypted postcard by the owner of UK's Luton soccer team; and the intriguing encrypted messages created by the mysterious Henry Debosnys while awaiting his murder trial in New York in the late 1800s.","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54643,54508],"conference_id":133,"event_ids":[54881,55016],"name":"Elonka Dunin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Crypto Expert"}],"pronouns":"she/her","links":[{"description":"","title":"Facebook","sort_order":0,"url":"https://www.facebook.com/elonka"},{"description":"","title":"Twitter (@ElonkaDunin)","sort_order":0,"url":"https://twitter.com/ElonkaDunin"},{"description":"","title":"cipherbrain.net","sort_order":0,"url":"https://cipherbrain.net"},{"description":"","title":"codebreaking-guide.com","sort_order":0,"url":"https://codebreaking-guide.com"},{"description":"","title":"elonka.com","sort_order":0,"url":"https://elonka.com"}],"media":[],"id":54068,"title":"Crypto Expert"},{"content_ids":[54643,54508],"conference_id":133,"event_ids":[54881,55016],"name":"Klaus Schmeh","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Eviden","title":"Crypto Expert"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@KlausSchmeh)","sort_order":0,"url":"https://twitter.com/KlausSchmeh"}],"media":[],"id":54194,"title":"Crypto Expert at Eviden"}],"begin_tsz":"2024-08-11T17:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T18:30:00.000-0000","id":55016,"tag_ids":[46377,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723397400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54068},{"tag_id":46167,"sort_order":6,"person_id":54194}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-11T17:30:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Rob Joyce, former NSA and White House cyber official, will engage with Dark Tangent to analyze the evolving state of global cyber threats. Their discussion will explore the impact and potential of artificial intelligence, assessing how AI is reshaping the cybersecurity landscape and what it means for the future of global security.\n\n\n\n\n","media":[],"title":"Changing Global Threat Landscape with Rob Joyce and Dark Tangent","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T18:15:00Z","end_timestamp":{"seconds":1723400100,"nanoseconds":0},"android_description":"Rob Joyce, former NSA and White House cyber official, will engage with Dark Tangent to analyze the evolving state of global cyber threats. Their discussion will explore the impact and potential of artificial intelligence, assessing how AI is reshaping the cybersecurity landscape and what it means for the future of global security.","updated_timestamp":{"seconds":1720307460,"nanoseconds":0},"speakers":[{"content_ids":[54523,54446,54436,54542,54574],"conference_id":133,"event_ids":[54809,54819,54896,54949,54915],"name":"Jeff \"The Dark Tangent\" Moss","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DEF CON Communications","title":""}],"pronouns":null,"links":[{"description":"","title":"Mastodon (@thedarktangent@defcon.social)","sort_order":0,"url":"https://defcon.social/@thedarktangent"},{"description":"","title":"Twitter (@thedarktangent)","sort_order":0,"url":"https://twitter.com/thedarktangent"}],"media":[{"hash_sha256":"f53ed4086958b3703d597c50fe74eef1800cf474aa3d17c0895bf89d6c05716f","filetype":"image/jpeg","hash_md5":"8104a1f4b82a4241208b7f6b9112ebf2","name":"thedarktangent_avatar.jpeg","hash_crc32c":"4ae7af86","asset_id":689,"filesize":2064,"sort_order":1,"url":"https://info.defcon.org/blobs/thedarktangent_avatar.jpeg","person_id":52629}],"id":52629,"title":"DEF CON Communications"},{"content_ids":[54523],"conference_id":133,"event_ids":[54896],"name":"Rob Joyce","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54067}],"begin_tsz":"2024-08-11T17:30:00Z","timeband_id":1149,"updated_tsz":"2024-07-06T23:11:00Z","links":[],"end":"2024-08-11T18:15:00.000-0000","id":54896,"tag_ids":[46166,46419,46881],"village_id":null,"begin_timestamp":{"seconds":1723397400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54067},{"tag_id":46167,"sort_order":4,"person_id":52629}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-11T17:30:00.000-0000","updated":"2024-07-06T23:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Become a Wi-Fi investigator: Uncover Hidden Wi-Fi Cameras, network Intruders, and more with the Wi-Fi Nugget. In this workshop, we'll use a cute, cat-shaped microcontroller board to catch hackers using well-known hacking tools like a Wi-Fi Pineapple, hunt down suspicious Wi-Fi devices like hidden cameras, and detect jamming attacks. We’ll explore how low-cost microcontrollers can be used to unmask and track down Wi-Fi hacking tools, or locate unwanted devices on your local network.\n\n\n","media":[],"title":"Wi-Fi Hacker Hunting","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T18:45:00Z","end_timestamp":{"seconds":1723401900,"nanoseconds":0},"android_description":"Become a Wi-Fi investigator: Uncover Hidden Wi-Fi Cameras, network Intruders, and more with the Wi-Fi Nugget. In this workshop, we'll use a cute, cat-shaped microcontroller board to catch hackers using well-known hacking tools like a Wi-Fi Pineapple, hunt down suspicious Wi-Fi devices like hidden cameras, and detect jamming attacks. We’ll explore how low-cost microcontrollers can be used to unmask and track down Wi-Fi hacking tools, or locate unwanted devices on your local network.","updated_timestamp":{"seconds":1722645221,"nanoseconds":0},"speakers":[{"content_ids":[55930,55931,55932,55933,55934,55935,55936,55937,55938,55939],"conference_id":133,"event_ids":[56521,56522,56523,56524,56525,56526,56527,56528,56529,56530],"name":"Kody K","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56287}],"begin_tsz":"2024-08-11T17:15:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:41Z","links":[{"label":"Purchase/Pre-Register","type":"link","url":"https://retia.io/products/solder-your-own-cat-themed-wi-fi-hacking-tool-copy"}],"end":"2024-08-11T18:45:00.000-0000","id":56529,"tag_ids":[46383,46429,46734],"village_id":null,"begin_timestamp":{"seconds":1723396500,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56287}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:15:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"When you used your debit card today, do you know where that transaction was sent? Though it may conjure archival images of a 1950’s IT room stocked with enormous, low-tech machines, Mainframe technology is both modernized and heavily relied upon today. \r\n\r\nMainframe architecture is some of the most reliable tech available, able to manage incredibly large input/output volumes with low risk of downtime and there are few signs of it being sunset in the decades to come. As protectors of the cyber landscape, understanding how mainframes are incorporated into a businesses topology and ways to secure mainframe architecture will remain important for any entity that utilizes this technology. \r\n\r\nIn this talk we'll explore the pervasiveness of mainframe technology, why it will remain relevant to the future landscape of mission critical-applications, and several trusted solutions for helping to secure these incredible computers. \r\n\n\n\n","media":[],"title":"The Immortal Retrofuturism of Mainframe Computers and How to Keep Them Safe","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T17:45:00Z","end_timestamp":{"seconds":1723398300,"nanoseconds":0},"android_description":"When you used your debit card today, do you know where that transaction was sent? Though it may conjure archival images of a 1950’s IT room stocked with enormous, low-tech machines, Mainframe technology is both modernized and heavily relied upon today. \r\n\r\nMainframe architecture is some of the most reliable tech available, able to manage incredibly large input/output volumes with low risk of downtime and there are few signs of it being sunset in the decades to come. As protectors of the cyber landscape, understanding how mainframes are incorporated into a businesses topology and ways to secure mainframe architecture will remain important for any entity that utilizes this technology. \r\n\r\nIn this talk we'll explore the pervasiveness of mainframe technology, why it will remain relevant to the future landscape of mission critical-applications, and several trusted solutions for helping to secure these incredible computers.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55719],"conference_id":133,"event_ids":[56225],"name":"Michelle Eggers","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56133}],"begin_tsz":"2024-08-11T17:15:00Z","timeband_id":1149,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-11T17:45:00.000-0000","id":56225,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723396500,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56133}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-11T17:15:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Correlating slow & stealthy APT traces hiding in the sheer noise","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723217657,"nanoseconds":0},"speakers":[{"content_ids":[54634,55759,55495,55348,56206,55557],"conference_id":133,"event_ids":[55740,56072,55924,56284,56860,55008],"name":"Ezz Tahoun","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ezzeldinadel/"}],"media":[],"id":54240}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-09T15:34:17Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":56860,"tag_ids":[46367,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54240}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV Hands-on Area","hotel":"","short_name":"ADV Hands-on Area","id":46478},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-09T15:34:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Physical Security Village explores the world of hardware bypasses and techniques generally outside of the realm of cyber-security and lockpicking. Come learn some of these bypasses, how to fix them, and have the opportunity to try them out for yourself. \r\n\r\nWe’ll be covering the basics, like the under-the-door-tool and latch slipping attacks, as well as an in depth look at more complicated bypasses. Learn about elevator hacking, attacking alarm systems at the sensor and communication line, and cut-away and display models of common hardware to show how it works on the inside. \r\n\r\nLooking for a challenge? Show us you can use lock bypass to escape from a pair of standard handcuffs in under 30 seconds and receive a prize!\n\n\n","media":[],"title":"Physical Security Village Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The Physical Security Village explores the world of hardware bypasses and techniques generally outside of the realm of cyber-security and lockpicking. Come learn some of these bypasses, how to fix them, and have the opportunity to try them out for yourself. \r\n\r\nWe’ll be covering the basics, like the under-the-door-tool and latch slipping attacks, as well as an in depth look at more complicated bypasses. Learn about elevator hacking, attacking alarm systems at the sensor and communication line, and cut-away and display models of common hardware to show how it works on the inside. \r\n\r\nLooking for a challenge? Show us you can use lock bypass to escape from a pair of standard handcuffs in under 30 seconds and receive a prize!","updated_timestamp":{"seconds":1723044549,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-07T15:29:09Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56821,"tag_ids":[46387,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-07T15:29:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In addition to the CTF and talks which are elsewhere on the schedule, the RF Village is also a place to hang out and chat with like minded folks who share your interests.\n\n\n","media":[],"title":"Radio Frequency Village Events","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"In addition to the CTF and talks which are elsewhere on the schedule, the RF Village is also a place to hang out and chat with like minded folks who share your interests.","updated_timestamp":{"seconds":1722874415,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-05T16:13:35Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56768,"tag_ids":[46390,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-05T16:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"To celebrate DEF CON 32, the Hardware Hacking Village (HHV) is hosting a Rube Goldberg Machine (RGM) Event! This idea has been kicking around the HHV volunteer circle in one shape or another since at least DEF CON 20, so it’s about time that it happened! The goal is to create a series of devices that combine to form an end-to-end Rube Goldberg machine for transmitting messages. The hope is that all sorts of creative devices will be connected up to each other to move bits through various complicated and fun analog/digital methods. Ideas have ranged from simply wiring RX to TX — to using radios to bounce the message off the moon!\n\n\n","media":[],"title":"HHV Rube Goldberg Machine","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"To celebrate DEF CON 32, the Hardware Hacking Village (HHV) is hosting a Rube Goldberg Machine (RGM) Event! This idea has been kicking around the HHV volunteer circle in one shape or another since at least DEF CON 20, so it’s about time that it happened! The goal is to create a series of devices that combine to form an end-to-end Rube Goldberg machine for transmitting messages. The hope is that all sorts of creative devices will be connected up to each other to move bits through various complicated and fun analog/digital methods. Ideas have ranged from simply wiring RX to TX — to using radios to bounce the message off the moon!","updated_timestamp":{"seconds":1722821818,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-05T01:36:58Z","links":[{"label":"More Info","type":"link","url":"https://dchhv.org/events/hhv_rgb.html"}],"end":"2024-08-11T20:00:00.000-0000","id":56763,"tag_ids":[46381,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-05T01:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you have never participated in a Robo Sumo event before, welcome to the crowd! There are a number of resources online on this topic. We are lucky enough to have Pololu as a local resource. Their office is a short distance from the strip. They have have robots and parts to make robots. They can ship to your hotel if desired. Put something together and bring it down to show off and shove other bots around.\r\n\r\nPlease follow the \"more info\" link if you would like to know more.\n\n\n","media":[],"title":"Robo Sumo","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"If you have never participated in a Robo Sumo event before, welcome to the crowd! There are a number of resources online on this topic. We are lucky enough to have Pololu as a local resource. Their office is a short distance from the strip. They have have robots and parts to make robots. They can ship to your hotel if desired. Put something together and bring it down to show off and shove other bots around.\r\n\r\nPlease follow the \"more info\" link if you would like to know more.","updated_timestamp":{"seconds":1722821775,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-05T01:36:15Z","links":[{"label":"More Info","type":"link","url":"https://dchhv.org/events/robosumo.html"}],"end":"2024-08-11T20:00:00.000-0000","id":56761,"tag_ids":[46381,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-05T01:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Hardware Hacking and Soldering Skills Village Open (HHV-SSV)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722822007,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-05T01:40:07Z","links":[{"label":"Website","type":"link","url":"https://dchhv.org"}],"end":"2024-08-11T20:00:00.000-0000","id":56759,"tag_ids":[46381,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-05T01:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Welcome to the inaugural GameHacking.GG @ DEF CON 32, where gaming and cybersecurity intersect in exciting and interactive ways. Our mission is to delve into various aspects of game security, fostering an environment of exploration, play, and learning. The DEFCON32 event is constructed to make game security accessible and playable at all skill levels. \r\n\r\nAt the Game Hacking DEF CON 32 event, participants can engage in activities ranging from modding games to exploring the intricacies of memory hacking and multiplayer cheats. In future iterations of the event we hope to expand to learning about game malware and maybe even some hardware hacks. Whether you're a beginner or an experienced hacker, we will have presentations and activities to challenge your skills.\r\n\r\nBe part of the evolution of game security. Dive into our activities, engage with other game hackers, and explore opportunities to contribute to and support the Game Hacking Community. Let’s play, learn, exploit, and perhaps even profit.\n\n\n","media":[],"title":"Game Hacking Community Activities & CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"Welcome to the inaugural GameHacking.GG @ DEF CON 32, where gaming and cybersecurity intersect in exciting and interactive ways. Our mission is to delve into various aspects of game security, fostering an environment of exploration, play, and learning. The DEFCON32 event is constructed to make game security accessible and playable at all skill levels. \r\n\r\nAt the Game Hacking DEF CON 32 event, participants can engage in activities ranging from modding games to exploring the intricacies of memory hacking and multiplayer cheats. In future iterations of the event we hope to expand to learning about game malware and maybe even some hardware hacks. Whether you're a beginner or an experienced hacker, we will have presentations and activities to challenge your skills.\r\n\r\nBe part of the evolution of game security. Dive into our activities, engage with other game hackers, and explore opportunities to contribute to and support the Game Hacking Community. Let’s play, learn, exploit, and perhaps even profit.","updated_timestamp":{"seconds":1722815557,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-04T23:52:37Z","links":[],"end":"2024-08-11T18:00:00.000-0000","id":56754,"tag_ids":[46402,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-03","hotel":"","short_name":"HW4-01-03","id":46275},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-04T23:52:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Lonely Hackers Club is conducting some meshtastic activities during DEF CON 32. \r\n\r\nThe Lonely Hackers Club is hosting a CTF over Meshtastic. To participate you will need a Meshtastic node. There will be additional flags located in or near the LHC room. For more information check out our [Meshtastic page](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Getting Started\r\n\r\nLearn more [here](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Default LongFast Mesh + LHC Channel, Use before DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CgcSAQE6AgggChcSEMSWXxEzf_LVVi5jI8UQhWUaA2xoYxIMCAE4AUADSAFQHmgB)\r\n\r\n## DEFCONnect ShortFast Mesh + LHC Channel, Use during DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CjISIDhLvMAdwCLRgb82uGEh4fuWty5Vv3Qifp1q-0jWTLGhGgpERUZDT05uZWN0OgIIDQoXEhDEll8RM3_y1VYuYyPFEIVlGgNsaGMSEQgBEAY4AUADSAFQHmgBwAYB)\r\n\n\n\n","media":[],"title":"LHC Meshtastic Activities and CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Lonely Hackers Club is conducting some meshtastic activities during DEF CON 32. \r\n\r\nThe Lonely Hackers Club is hosting a CTF over Meshtastic. To participate you will need a Meshtastic node. There will be additional flags located in or near the LHC room. For more information check out our [Meshtastic page](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Getting Started\r\n\r\nLearn more [here](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Default LongFast Mesh + LHC Channel, Use before DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CgcSAQE6AgggChcSEMSWXxEzf_LVVi5jI8UQhWUaA2xoYxIMCAE4AUADSAFQHmgB)\r\n\r\n## DEFCONnect ShortFast Mesh + LHC Channel, Use during DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CjISIDhLvMAdwCLRgb82uGEh4fuWty5Vv3Qifp1q-0jWTLGhGgpERUZDT05uZWN0OgIIDQoXEhDEll8RM3_y1VYuYyPFEIVlGgNsaGMSEQgBEAY4AUADSAFQHmgBwAYB)","updated_timestamp":{"seconds":1722875831,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-05T16:37:11Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56750,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-05T16:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"\"Tamper-evident\" refers to a physical security technology that provides evidence of tampering (access, damage, repair, or replacement) to determine authenticity or integrity of a container or object(s). In practical terms, this can be a piece of tape that closes an envelope, a plastic detainer that secures a hasp, or an ink used to identify a legitimate document. Tamper-evident technologies are often confused with \"tamper resistant\" or \"tamper proof\" technologies which attempt to prevent tampering in the first place. Referred to individually as \"seals,\" many tamper technologies are easy to destroy, but a destroyed (or missing) seal would provide evidence of tampering! The goal of the TEV is to teach attendees how these technologies work and how many can be tampered with without leaving evidence.\r\n\r\nThe Tamper-Evident Village includes the following contests and events:\r\n\r\n- The Box; an electronic tamper challenge. An extremely realistic explosive with traps, alarms, and a timer ticking down. One mistake and BOOM, you're dead. Make every second count! Sign ups on-site when the TEV begins.\r\n- Tamper-Evident King of the Hill; a full-featured tamper challenge. Tamper single items at your leisure and attempt to beat the current best. There can be only ONE! No sign ups required, play on-site when the TEV begins.\r\n- Badge Counterfeiting Contest; submit your best forgery of a DEF CON human badge. Other target badges are also available for those looking for more counterfeit fun!\r\n- For your viewing pleasure, collections of high-security tamper-evident seals from around the world.\r\n- Presentations & demonstrations on various aspects of tamper-evident seals and methods to defeat them.\r\n- Hands-on fun with adhesive seals, mechanical seals, envelopes, and evidence bags.\n\n\n","media":[],"title":"Tamper Evident Village Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"\"Tamper-evident\" refers to a physical security technology that provides evidence of tampering (access, damage, repair, or replacement) to determine authenticity or integrity of a container or object(s). In practical terms, this can be a piece of tape that closes an envelope, a plastic detainer that secures a hasp, or an ink used to identify a legitimate document. Tamper-evident technologies are often confused with \"tamper resistant\" or \"tamper proof\" technologies which attempt to prevent tampering in the first place. Referred to individually as \"seals,\" many tamper technologies are easy to destroy, but a destroyed (or missing) seal would provide evidence of tampering! The goal of the TEV is to teach attendees how these technologies work and how many can be tampered with without leaving evidence.\r\n\r\nThe Tamper-Evident Village includes the following contests and events:\r\n\r\n- The Box; an electronic tamper challenge. An extremely realistic explosive with traps, alarms, and a timer ticking down. One mistake and BOOM, you're dead. Make every second count! Sign ups on-site when the TEV begins.\r\n- Tamper-Evident King of the Hill; a full-featured tamper challenge. Tamper single items at your leisure and attempt to beat the current best. There can be only ONE! No sign ups required, play on-site when the TEV begins.\r\n- Badge Counterfeiting Contest; submit your best forgery of a DEF CON human badge. Other target badges are also available for those looking for more counterfeit fun!\r\n- For your viewing pleasure, collections of high-security tamper-evident seals from around the world.\r\n- Presentations & demonstrations on various aspects of tamper-evident seals and methods to defeat them.\r\n- Hands-on fun with adhesive seals, mechanical seals, envelopes, and evidence bags.","updated_timestamp":{"seconds":1722801725,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-04T20:02:05Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56747,"tag_ids":[46394,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-04T20:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AppSec Village is proud to present our DEF CON Contest in partnership with SecDim.\r\n\r\nUnlike a typical CTF, this contest rewards the players who fix security vulnerabilities. You can choose between secure coding challenges or competing against other players in an Attack & Defence AppSec challenge, where you need to secure your app before being given a chance to hack other players’ apps 😈.\r\n\r\nYou can also develop your own AppSec challenge by following challenge contribution guidelines. All approved challenges will be hosted during AppSec Village @ DEF CON.\r\n\r\nThere are two categories of winners:\r\n- The player with the highest total points by the end of the event (August 11 at 12:00 PM PDT)\r\n- The best-contributed challenge submission\r\n\r\nThe Award Ceremony will be held at 12:45 PM PDT in the AppSec Village on August 11.\n\n\n","media":[],"title":"Fix the Flag Wargame","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"AppSec Village is proud to present our DEF CON Contest in partnership with SecDim.\r\n\r\nUnlike a typical CTF, this contest rewards the players who fix security vulnerabilities. You can choose between secure coding challenges or competing against other players in an Attack & Defence AppSec challenge, where you need to secure your app before being given a chance to hack other players’ apps 😈.\r\n\r\nYou can also develop your own AppSec challenge by following challenge contribution guidelines. All approved challenges will be hosted during AppSec Village @ DEF CON.\r\n\r\nThere are two categories of winners:\r\n- The player with the highest total points by the end of the event (August 11 at 12:00 PM PDT)\r\n- The best-contributed challenge submission\r\n\r\nThe Award Ceremony will be held at 12:45 PM PDT in the AppSec Village on August 11.","updated_timestamp":{"seconds":1722783756,"nanoseconds":0},"speakers":[{"content_ids":[55726],"conference_id":133,"event_ids":[56630,56631,56234],"name":"Harley Wilson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56118}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-04T15:02:36Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56631,"tag_ids":[46370,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56118}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV CTF","hotel":"","short_name":"ASV CTF","id":46471},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-04T15:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The S.O.D.A. Machine Experience:\r\n\r\nImagine being at DEF CON, eager to dive into some serious hacking without being tethered to your laptop. The Shell On Demand Appliance is here to enhance your experience by providing access to anonymous virtual machine using cold hard cash. \r\n\r\nWhat is the Shell On Demand Appliance?\r\n\r\nThe S.O.D.A. machine is now located in the contest area at the DEF CON Scavenger Hunt booth, offering virtual machines accessible via the DEF CON network. A blend of hardware, software, art, and hacking, using recycled materials to create a sustainable tech experience. The built-in datacenter connects directly to the DEF CON network. Insert cash or coins into the machine to get started, the system deploys the VM to the network, and a receipt with your login credentials is printed. Users receive login credentials to access their virtual machine via remote shell. You can change the password, install tools and applications, and customize the VM to suit your needs. The updated system now provides secure access from anywhere in the world through a web browser or standard SSH client. Be sure to check out the BBS too!\r\n\r\nSupporting the Cause:\r\n\r\nAll proceeds from the S.O.D.A. Machine benefit the National Upcycled Computing Collective, Inc., a 501(c)(3) nonprofit organization dedicated to advancing research and education in computer science, technology, and engineering. Contributions are welcome at [https://www.paypal.com/paypalme/NUCC](https://www.paypal.com/paypalme/NUCC).\n\n\n","media":[],"title":"Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The S.O.D.A. Machine Experience:\r\n\r\nImagine being at DEF CON, eager to dive into some serious hacking without being tethered to your laptop. The Shell On Demand Appliance is here to enhance your experience by providing access to anonymous virtual machine using cold hard cash. \r\n\r\nWhat is the Shell On Demand Appliance?\r\n\r\nThe S.O.D.A. machine is now located in the contest area at the DEF CON Scavenger Hunt booth, offering virtual machines accessible via the DEF CON network. A blend of hardware, software, art, and hacking, using recycled materials to create a sustainable tech experience. The built-in datacenter connects directly to the DEF CON network. Insert cash or coins into the machine to get started, the system deploys the VM to the network, and a receipt with your login credentials is printed. Users receive login credentials to access their virtual machine via remote shell. You can change the password, install tools and applications, and customize the VM to suit your needs. The updated system now provides secure access from anywhere in the world through a web browser or standard SSH client. Be sure to check out the BBS too!\r\n\r\nSupporting the Cause:\r\n\r\nAll proceeds from the S.O.D.A. Machine benefit the National Upcycled Computing Collective, Inc., a 501(c)(3) nonprofit organization dedicated to advancing research and education in computer science, technology, and engineering. Contributions are welcome at [https://www.paypal.com/paypalme/NUCC](https://www.paypal.com/paypalme/NUCC).","updated_timestamp":{"seconds":1722781910,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-04T14:31:50Z","links":[{"label":"Mastodon (@soda@defcon.social)","type":"link","url":"https://defcon.social/@soda"},{"label":"Twitter (@ShellsOnDemand)","type":"link","url":"https://twitter.com/ShellsOnDemand"}],"end":"2024-08-11T20:00:00.000-0000","id":56629,"tag_ids":[46362,46427],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-02","hotel":"","short_name":"HW4-03-02","id":46369},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-04T14:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This area will feature guided breach simulation exercises for participants to engage with. There will be two activities, \"Breach-the-Hospital\" and \"Breach-the-Office,\" based on two LEGO sets. A simulated cyber range will be available for each scenario, providing an exact replica of an enterprise production environment. We will provide a detailed walkthrough of the attack scenarios, including Tools-Techniques-and-Procedures (TTPs) commands and how-to guides, demonstrating how to atatck and breach the hospital's infrastructure or the office environment. This exercise will give participants a clear understanding of how adversaries infiltrate corporate environments.\n\n\n","media":[],"title":"Hands-on Attack and Breach Simulation exercises","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"This area will feature guided breach simulation exercises for participants to engage with. There will be two activities, \"Breach-the-Hospital\" and \"Breach-the-Office,\" based on two LEGO sets. A simulated cyber range will be available for each scenario, providing an exact replica of an enterprise production environment. We will provide a detailed walkthrough of the attack scenarios, including Tools-Techniques-and-Procedures (TTPs) commands and how-to guides, demonstrating how to atatck and breach the hospital's infrastructure or the office environment. This exercise will give participants a clear understanding of how adversaries infiltrate corporate environments.","updated_timestamp":{"seconds":1722714024,"nanoseconds":0},"speakers":[{"content_ids":[55981,55982,55983,55994],"conference_id":133,"event_ids":[56597,56598,56599,56600,56601,56602,56603,56604,56605,56616],"name":"Adversary Village Crew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56320}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T19:40:24Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":56605,"tag_ids":[46367,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56320}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV Hands-on Area","hotel":"","short_name":"ADV Hands-on Area","id":46478},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T19:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Adversary Simulator booth is a volunteer assisted activity, which has hands-on adversary emulation plans and exercises specific to a wide variety of threat-actors; these are meant to provide the participants with a better understanding of adversarial attack emulation. The booth will be hosting a simulated environment meant to recreate enterprise infrastructure, operational technology environment, which serves targets for various attack simulations.The hands-on simulator booth also hosts an activity, which would need the participants to generate their own adversary emulation plans to assess the efficacy of the defense systems based on publicly available cyber threat intelligence.\n\n\n","media":[],"title":"Adversary simulator and purple teaming hands-on booth","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Adversary Simulator booth is a volunteer assisted activity, which has hands-on adversary emulation plans and exercises specific to a wide variety of threat-actors; these are meant to provide the participants with a better understanding of adversarial attack emulation. The booth will be hosting a simulated environment meant to recreate enterprise infrastructure, operational technology environment, which serves targets for various attack simulations.The hands-on simulator booth also hosts an activity, which would need the participants to generate their own adversary emulation plans to assess the efficacy of the defense systems based on publicly available cyber threat intelligence.","updated_timestamp":{"seconds":1722713994,"nanoseconds":0},"speakers":[{"content_ids":[55981,55982,55983,55994],"conference_id":133,"event_ids":[56597,56598,56599,56600,56601,56602,56603,56604,56605,56616],"name":"Adversary Village Crew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56320}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T19:39:54Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":56603,"tag_ids":[46367,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56320}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV Hands-on Area","hotel":"","short_name":"ADV Hands-on Area","id":46478},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T19:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Adversary Adventure is a Choose-Your-Own-Adventure model interactive table-top exercise game, where everyone can participate and choose various tasks. The participants can choose to play as an attacker who performs adversarial activities against a target, a defender who deals with a potential breach, as a CISO who is managing a ransomware attack, or even as management executives going through a table-top exercise.\n\n\n","media":[],"title":"Adversary-Adventure Table-top Game","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Adversary Adventure is a Choose-Your-Own-Adventure model interactive table-top exercise game, where everyone can participate and choose various tasks. The participants can choose to play as an attacker who performs adversarial activities against a target, a defender who deals with a potential breach, as a CISO who is managing a ransomware attack, or even as management executives going through a table-top exercise.","updated_timestamp":{"seconds":1722714013,"nanoseconds":0},"speakers":[{"content_ids":[55981,55982,55983,55994],"conference_id":133,"event_ids":[56597,56598,56599,56600,56601,56602,56603,56604,56605,56616],"name":"Adversary Village Crew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56320}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T19:40:13Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":56601,"tag_ids":[46367,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56320}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV Hands-on Area","hotel":"","short_name":"ADV Hands-on Area","id":46478},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T19:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"En este panel exploraremos las capacidades y habilidades esenciales para la caza de amenazas y la inteligencia en el ámbito de la ciberseguridad, con un enfoque especial en la comunidad de América Latina. Discutiremos las técnicas y herramientas más avanzadas utilizadas en la identificación y mitigación de amenazas, así como las competencias necesarias para enfrentar los desafíos actuales en ciberseguridad. Además, analizaremos casos de estudio y compartiremos experiencias y mejores prácticas dentro de la comunidad LATAM, destacando el papel crucial que juega la colaboración regional en el fortalecimiento de nuestras defensas colectivas.\n\n\n","media":[],"title":"Threat Hunting + Intelligence, capabilities, skills and capabilities inside the LATAM community","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"En este panel exploraremos las capacidades y habilidades esenciales para la caza de amenazas y la inteligencia en el ámbito de la ciberseguridad, con un enfoque especial en la comunidad de América Latina. Discutiremos las técnicas y herramientas más avanzadas utilizadas en la identificación y mitigación de amenazas, así como las competencias necesarias para enfrentar los desafíos actuales en ciberseguridad. Además, analizaremos casos de estudio y compartiremos experiencias y mejores prácticas dentro de la comunidad LATAM, destacando el papel crucial que juega la colaboración regional en el fortalecimiento de nuestras defensas colectivas.","updated_timestamp":{"seconds":1722700538,"nanoseconds":0},"speakers":[{"content_ids":[54559,55973,55976],"conference_id":133,"event_ids":[56589,56592,54934],"name":"Mauro Eldritch","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Birmingham Cyber Arms LTD","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/mauroeldritch/"},{"description":"","title":"Twitter (@MauroEldritch)","sort_order":0,"url":"https://twitter.com/MauroEldritch"},{"description":"","title":"Website","sort_order":0,"url":"https://www.birminghamcyberarms.co.uk/"}],"media":[],"id":54249,"title":"Founder at Birmingham Cyber Arms LTD"},{"content_ids":[55963,55976],"conference_id":133,"event_ids":[56579,56592],"name":"Thiago Bordini","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Head Cyber Threat Intelligence"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@tbordini)","sort_order":0,"url":"https://www.twitter.com/tbordini"}],"media":[],"id":56298,"title":"Head Cyber Threat Intelligence"},{"content_ids":[55976],"conference_id":133,"event_ids":[56592],"name":"Zoziel","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":""}],"links":[],"pronouns":null,"media":[],"id":56310}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T15:55:38Z","links":[],"end":"2024-08-11T18:00:00.000-0000","id":56592,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56298},{"tag_id":46167,"sort_order":4,"person_id":54249},{"tag_id":46167,"sort_order":6,"person_id":56310}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is when you can go visit our awesome vendors. \r\n\r\nWe don't know which they will be accepting cash vs cards. That's up to each organization, and we do not have a list.\r\n\r\nWe also don't know if/when vendors will sell out of anything they may be selling.\n\n\n","media":[],"title":"Vendors and Exhibitors Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"This is when you can go visit our awesome vendors. \r\n\r\nWe don't know which they will be accepting cash vs cards. That's up to each organization, and we do not have a list.\r\n\r\nWe also don't know if/when vendors will sell out of anything they may be selling.","updated_timestamp":{"seconds":1722692937,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T13:48:57Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56572,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T13:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this interactive exercise, you'll learn how to talk to chips on a board via SPI, extract a firmware image, and analyze it to find vulnerabilities. Take your hardware hacking skills to the next level\n\n\n","media":[],"title":"Firmware Extraction and Analysis","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"In this interactive exercise, you'll learn how to talk to chips on a board via SPI, extract a firmware image, and analyze it to find vulnerabilities. Take your hardware hacking skills to the next level","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56552,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"With Google Cast Miracast or AirPlay smart TVs now have plenty of ways to get your favorite content on screen. But while the latest show is playing there is a complex system running underneath that is ripe for hacking. Bitdefender invites you to solve a few challenges that will get you diving into the inner workings of a smart TV.\n\n\n","media":[],"title":"Hack My TV","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"With Google Cast Miracast or AirPlay smart TVs now have plenty of ways to get your favorite content on screen. But while the latest show is playing there is a complex system running underneath that is ripe for hacking. Bitdefender invites you to solve a few challenges that will get you diving into the inner workings of a smart TV.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56550,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Rapid7 is back with more hands-on hardware hacking exercises. This year we will be guiding attendees through several exercises gaining root access for control and extraction of firmware and file system data. From TFTP kernel images over the network to single user mode access via modification of U-Boot. These exercises will guide you through the process of importing a kernel image over the network and executing it in memory for root access, along with understanding embedded device flash memory layout and how to transfer firmware images over the network for offline testing.  Also, we will walk through placing the IoT device in single user mode for root access and then rebuild the structure and needed drivers to bring the IoT embedded system out of single user mode for full access.\n\n\n","media":[],"title":"Hands-On Hardware Hacking – From Console to Root, Manipulating and Controlling a Protected System","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Rapid7 is back with more hands-on hardware hacking exercises. This year we will be guiding attendees through several exercises gaining root access for control and extraction of firmware and file system data. From TFTP kernel images over the network to single user mode access via modification of U-Boot. These exercises will guide you through the process of importing a kernel image over the network and executing it in memory for root access, along with understanding embedded device flash memory layout and how to transfer firmware images over the network for offline testing.  Also, we will walk through placing the IoT device in single user mode for root access and then rebuild the structure and needed drivers to bring the IoT embedded system out of single user mode for full access.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56548,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"How to get started, two steps\n\n Download the GE Appliances SmartHQ App “SmartHQ” available on the Google Play and iOS Stores to your mobile phone\n Create your GE Appliances Account to commission the appliance, connecting the appliance to your account. The app will walk you through this step.\n\nRouter Name SSID: HackAway\nRouter Name Password: With GEA\n\nIn-Scope: Only communications between the appliance, GE Appliances SmartHQ App, and the cloud connection for the appliance\n\nPlease leave your contact information and we will be in touch! Or you may visit our security webpage by typing “GEAppliances.com/security” into your Internet browser. We have a call center and PSIRT team ready to hear your questions!\n\n\n","media":[],"title":"Hardware Hacking GE Appliances","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"How to get started, two steps\n\n Download the GE Appliances SmartHQ App “SmartHQ” available on the Google Play and iOS Stores to your mobile phone\n Create your GE Appliances Account to commission the appliance, connecting the appliance to your account. The app will walk you through this step.\n\nRouter Name SSID: HackAway\nRouter Name Password: With GEA\n\nIn-Scope: Only communications between the appliance, GE Appliances SmartHQ App, and the cloud connection for the appliance\n\nPlease leave your contact information and we will be in touch! Or you may visit our security webpage by typing “GEAppliances.com/security” into your Internet browser. We have a call center and PSIRT team ready to hear your questions!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56546,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn the trade secrets of elite embedded security researchers and exploit developers. This hands-on workshop equips you with the QEMU and GDB skills needed to emulate and debug embedded system processes.\n\nFriday, August 9th / Saturday, August 10th\n\n 10:00 am - QEMU Primer\n 11:00 am - QEMU Emulation\n 2:00 pm - Debugging with QEMU and GDB\n 3:00 pm - Q&A for Workshops\n\n\n","media":[],"title":"Inside the Toolkit of Elite Embedded Security Experts - Hands-On Workshop: QEMU & GDB for Embedded Systems Analysis","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Learn the trade secrets of elite embedded security researchers and exploit developers. This hands-on workshop equips you with the QEMU and GDB skills needed to emulate and debug embedded system processes.\n\nFriday, August 9th / Saturday, August 10th\n\n 10:00 am - QEMU Primer\n 11:00 am - QEMU Emulation\n 2:00 pm - Debugging with QEMU and GDB\n 3:00 pm - Q&A for Workshops","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56544,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join Finite State live on the Tech Done Different Podcast live at 2:30 on the 9th with host Ted Harrington. Finite State and ISE will be discussing all things DEF CON 32 and the state of IoT security. This will be a live recording!\n\n\n","media":[],"title":"IoT Security at DEF CON 32","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Join Finite State live on the Tech Done Different Podcast live at 2:30 on the 9th with host Ted Harrington. Finite State and ISE will be discussing all things DEF CON 32 and the state of IoT security. This will be a live recording!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56542,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The IoT Village Hacking Playground is a set of hands-on labs developed to teach the tools and techniques for discovering and exploiting some of the common weaknesses found in IoT devices in just a few minutes. Work at your own pace following our IoT Hacking guides and if you get stuck, our instructors are on hand to provide assistance and answer any questions.\n\n\n","media":[],"title":"IoT Village Hacking Playground","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The IoT Village Hacking Playground is a set of hands-on labs developed to teach the tools and techniques for discovering and exploiting some of the common weaknesses found in IoT devices in just a few minutes. Work at your own pace following our IoT Hacking guides and if you get stuck, our instructors are on hand to provide assistance and answer any questions.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56540,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Defeat the Keysight CTF challenge for a chance to win a Riscuberry IoT hacking training kit with Riscure Academy online training. See one of the Keysight staff for details. LIGHT THE BEACONS and show us the flag!\n\n\n","media":[],"title":"Keysight CTF Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Defeat the Keysight CTF challenge for a chance to win a Riscuberry IoT hacking training kit with Riscure Academy online training. See one of the Keysight staff for details. LIGHT THE BEACONS and show us the flag!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56538,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join Drew Green, John Rodriguez, and Ken Pyle for a deep dive into identifying vulnerabilities in network devices. Explore and exploit weaknesses in a wireless mesh network and learn how advanced threats view your infrastructure.\n\n\n","media":[],"title":"Living off the Land inside your WiFi : Exploring and Exploiting Access Points and Routers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Join Drew Green, John Rodriguez, and Ken Pyle for a deep dive into identifying vulnerabilities in network devices. Explore and exploit weaknesses in a wireless mesh network and learn how advanced threats view your infrastructure.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[{"content_ids":[55300,55927],"conference_id":133,"event_ids":[56518,56535,55690,56536],"name":"John Rodriguez","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55853},{"content_ids":[55927],"conference_id":133,"event_ids":[56518,56535,56536],"name":"Drew Green","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56288},{"content_ids":[55927],"conference_id":133,"event_ids":[56518,56535,56536],"name":"Ken Pyle","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56289}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56536,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56288},{"tag_id":46167,"sort_order":4,"person_id":55853},{"tag_id":46167,"sort_order":6,"person_id":56289}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Intuit R3DC0N's Phisherman's Wharf will lead beginners looking to learn how phishing campaigns are managed. This short introductory lab will give you hands on experience creating a phish test campaign from a cached email and web site using GoPhish, leverage email lists, and observe the responses when the victims interact with the phish emails in MailHog.\n\nAccompanied by our expert guide, witness live hacking demonstrations showcasing the alarming simplicity behind breaching and controlling banned xIoT devices. Embrace the excitement. Join us at the Lab and let the hacking games begin!\n\n\n","media":[],"title":"Phisherman's Wharf - Phishing for Beginners","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Intuit R3DC0N's Phisherman's Wharf will lead beginners looking to learn how phishing campaigns are managed. This short introductory lab will give you hands on experience creating a phish test campaign from a cached email and web site using GoPhish, leverage email lists, and observe the responses when the victims interact with the phish emails in MailHog.\n\nAccompanied by our expert guide, witness live hacking demonstrations showcasing the alarming simplicity behind breaching and controlling banned xIoT devices. Embrace the excitement. Join us at the Lab and let the hacking games begin!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56534,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hack a (not-so) smart safe and win prizes from TCM Security! Attendees will be guided through a hands-on lab that demonstrates common tools and techniques to unpack and analyze firmware, hunt for files of interest, and reverse engineer binaries and libraries. In addition, you will learn how to trace functionality in IoT devices to their underlying binaries and libraries and further reverse engineer these to hunt for common vulnerabilities. By using these techniques, you will be able to find the vulnerable section of code in the smart safe and craft an exploit that will allow you to access the safe and win the loot inside.\n\n\n","media":[],"title":"Safe Hacking","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Hack a (not-so) smart safe and win prizes from TCM Security! Attendees will be guided through a hands-on lab that demonstrates common tools and techniques to unpack and analyze firmware, hunt for files of interest, and reverse engineer binaries and libraries. In addition, you will learn how to trace functionality in IoT devices to their underlying binaries and libraries and further reverse engineer these to hunt for common vulnerabilities. By using these techniques, you will be able to find the vulnerable section of code in the smart safe and craft an exploit that will allow you to access the safe and win the loot inside.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56532,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Do you have questions about what DEF CON Groups are? Do you need help finding a group near you? Feel free to come ask. Or, just come up and hang out.\n\n\n","media":[],"title":"DEF CON Groups - Open for questions and hanging out","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Do you have questions about what DEF CON Groups are? Do you need help finding a group near you? Feel free to come ask. Or, just come up and hang out.","updated_timestamp":{"seconds":1722636477,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T22:07:57Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56507,"tag_ids":[46399,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W236","hotel":"","short_name":"W236","id":46293},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T22:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us at the AI Village for interactive demonstrations at the intersection of AI and security. Attempt to hijack and manipulate autonomous robots using large language models and generative AI. Fool your friends by creating deep fakes with a state-of-the-art setup from Bishop Fox, complete with DSLR camera, green screen, and props. Finally, put your social engineering awareness to the test with DARPA’s deep fake analysis system, designed to identify and attribute manipulated and synthetic media. Don’t miss this opportunity to engage with adversarial AI technologies and learn about their implications on the future, at DEF CON 32!\n\n\n","media":[],"title":"AI Village Demos","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Join us at the AI Village for interactive demonstrations at the intersection of AI and security. Attempt to hijack and manipulate autonomous robots using large language models and generative AI. Fool your friends by creating deep fakes with a state-of-the-art setup from Bishop Fox, complete with DSLR camera, green screen, and props. Finally, put your social engineering awareness to the test with DARPA’s deep fake analysis system, designed to identify and attribute manipulated and synthetic media. Don’t miss this opportunity to engage with adversarial AI technologies and learn about their implications on the future, at DEF CON 32!","updated_timestamp":{"seconds":1722626313,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T19:18:33Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56476,"tag_ids":[46368,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T19:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The possibility of an altered photo revising history in a convincing way highlights a salient threat of imaging technology. After all, seeing is believing. Or is it? The examples history has preserved make it clear that the observer is more often than not meant to understand that something has changed. Surprisingly, the objectives of photographic manipulation have remained largely the same since the camera first appeared in the 19th century. The old battleworn techniques have simply evolved to keep pace with technological developments. In this talk, we will learn about the history of photographic manipulation, from the invention of the camera to the advent of generative AI. Importantly, we will consider the reception of photo editing and its relationship to the notion of reality, which is more significant than the technologies themselves. Surprisingly, we will discover that creative myth making has found a new medium to embed itself in. This talk is based on Walter Scheirer’s recent book A History of Fake Things on the Internet (Stanford University Press 2023).\n\n\n","media":[],"title":"Photoshop Fantasies","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"The possibility of an altered photo revising history in a convincing way highlights a salient threat of imaging technology. After all, seeing is believing. Or is it? The examples history has preserved make it clear that the observer is more often than not meant to understand that something has changed. Surprisingly, the objectives of photographic manipulation have remained largely the same since the camera first appeared in the 19th century. The old battleworn techniques have simply evolved to keep pace with technological developments. In this talk, we will learn about the history of photographic manipulation, from the invention of the camera to the advent of generative AI. Importantly, we will consider the reception of photo editing and its relationship to the notion of reality, which is more significant than the technologies themselves. Surprisingly, we will discover that creative myth making has found a new medium to embed itself in. This talk is based on Walter Scheirer’s recent book A History of Fake Things on the Internet (Stanford University Press 2023).","updated_timestamp":{"seconds":1722625241,"nanoseconds":0},"speakers":[{"content_ids":[55886],"conference_id":133,"event_ids":[56471],"name":"Walter Scheirer","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"University of Notre Dame","title":""}],"links":[],"pronouns":null,"media":[],"id":56258,"title":"University of Notre Dame"}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T19:00:41Z","links":[],"end":"2024-08-11T18:00:00.000-0000","id":56471,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56258}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T19:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Seriously though, how do quantum computers work? Why does quantum mechanics behave the way that it does? What are quantum gates physically, and how are they implemented in reality? What is adiabatic quantum computing, and how does it solve difficult optimization problems? What makes quantum annealers not universal? We hope to cover all of these questions, and more, in this talk. Background in quantum computing is encouraged, but not required; the only prerequisite for this talk is basic linear algebra.\n\n\n","media":[],"title":"Physical Fundamentals of Quantum Computing","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"Seriously though, how do quantum computers work? Why does quantum mechanics behave the way that it does? What are quantum gates physically, and how are they implemented in reality? What is adiabatic quantum computing, and how does it solve difficult optimization problems? What makes quantum annealers not universal? We hope to cover all of these questions, and more, in this talk. Background in quantum computing is encouraged, but not required; the only prerequisite for this talk is basic linear algebra.","updated_timestamp":{"seconds":1723400152,"nanoseconds":0},"speakers":[{"content_ids":[55857],"conference_id":133,"event_ids":[56444],"name":"Erez M Abrams","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56226}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-11T18:15:52Z","links":[],"end":"2024-08-11T18:00:00.000-0000","id":56444,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56226}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-11T18:15:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Use spacestudio software to work through multiple challenges and scenarios. For instance:\r\n\r\nChallenge 1: Analysis of the performance of the next GEN of satellites to size the ground segment.\r\n\r\nChallenge 2: Assessment of propulsion system capabilities for initial orbit raising\r\n\r\nChallenges for spacetower flight dynamic software will also be available.\n\n\n","media":[],"title":"spacestudio and spacetower challenges","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Use spacestudio software to work through multiple challenges and scenarios. For instance:\r\n\r\nChallenge 1: Analysis of the performance of the next GEN of satellites to size the ground segment.\r\n\r\nChallenge 2: Assessment of propulsion system capabilities for initial orbit raising\r\n\r\nChallenges for spacetower flight dynamic software will also be available.","updated_timestamp":{"seconds":1722626556,"nanoseconds":0},"speakers":[{"content_ids":[55830],"conference_id":133,"event_ids":[56380,56408,56426],"name":"Exotrail","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56205},{"content_ids":[55824,55825,55830],"conference_id":133,"event_ids":[56374,56375,56380,56402,56403,56408,56420,56421,56426],"name":"Hack-A-Sat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56207}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T19:22:36Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56426,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56205},{"tag_id":46484,"sort_order":4,"person_id":56207}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T19:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Launch into the thrilling world of cybersecurity, specifically designed for space systems! Learn the fundamentals to safeguard ground stations, communication links, and spacecrafts.\n \nEngage in an immersive and fun CTF scenario. Apply your cybersecurity skills in real-time and see the direct impact of your decisions on our Space Systems Demonstrator. In this high-stakes scenario, you'll align with the Aurora Alliance in their critical mission to thwart Count Viktor Thunderclaw and the notorious Nebula Syndicate. The Syndicate threatens to destroy historic monuments around the world with their Space Laser unless their demands are met. Do you have what it takes to dismantle their malevolent plans?\n \nOur beginner-level CTF kicks off as soon as the village opens—no pre-registration necessary. Just bring your laptop to access the CTF platform and your favorite packet decoding software (i.e. Wireshark). Expect the CTF to take you less than 1 hour to complete. Team collaboration is encouraged, and if you encounter obstacles, numerous hints are available to guide you. Excel in the challenge, and you could walk away with a CT Cubed SAO, an exclusive prize while supplies last.\n\n\n","media":[],"title":"Space Systems Security CTF – Platform Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Launch into the thrilling world of cybersecurity, specifically designed for space systems! Learn the fundamentals to safeguard ground stations, communication links, and spacecrafts.\n \nEngage in an immersive and fun CTF scenario. Apply your cybersecurity skills in real-time and see the direct impact of your decisions on our Space Systems Demonstrator. In this high-stakes scenario, you'll align with the Aurora Alliance in their critical mission to thwart Count Viktor Thunderclaw and the notorious Nebula Syndicate. The Syndicate threatens to destroy historic monuments around the world with their Space Laser unless their demands are met. Do you have what it takes to dismantle their malevolent plans?\n \nOur beginner-level CTF kicks off as soon as the village opens—no pre-registration necessary. Just bring your laptop to access the CTF platform and your favorite packet decoding software (i.e. Wireshark). Expect the CTF to take you less than 1 hour to complete. Team collaboration is encouraged, and if you encounter obstacles, numerous hints are available to guide you. Excel in the challenge, and you could walk away with a CT Cubed SAO, an exclusive prize while supplies last.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55829],"conference_id":133,"event_ids":[56379,56407,56425],"name":"CT Cubed","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56204}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56425,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56204}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Space Grand Challenge (SGC) Program is a free virtual game-based cybersecurity/space competition CTF for middle and high school students built by Cal Poly students—Learn by Doing in action. The game is built on the UNITY gaming engine.\n\n\n","media":[],"title":"Space Grand Challenge Luna","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The Space Grand Challenge (SGC) Program is a free virtual game-based cybersecurity/space competition CTF for middle and high school students built by Cal Poly students—Learn by Doing in action. The game is built on the UNITY gaming engine.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55827,55828],"conference_id":133,"event_ids":[56377,56378,56405,56406,56423,56424],"name":"CalPoly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56203}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56424,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56203}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come take a picture with a CubeSat. And while you're there, learn a few things about it.\n\n\n","media":[],"title":"Selfie with a CubeSat","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Come take a picture with a CubeSat. And while you're there, learn a few things about it.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55827,55828],"conference_id":133,"event_ids":[56377,56378,56405,56406,56423,56424],"name":"CalPoly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56203}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56423,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56203}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Role play what would happen (or not happen) should a plane be maliciously targeted, or (like most) try and land a A320.\n\n\n","media":[],"title":"PTP Flight Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Role play what would happen (or not happen) should a plane be maliciously targeted, or (like most) try and land a A320.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55826],"conference_id":133,"event_ids":[56376,56404,56422],"name":"Pen Test Partners","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56188}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56422,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56188}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Enjoy some space math nostalgia with challenges from the past four years of Hack-A-Sat quals! Challenges require skills in astrodynamics, satellite operations, digital signal processing, reverse engineering, exploitation, and more! If you missed the last Hack-A-Sat qualifiers or just want to try again, now is your chance!\n\n10 challenges are available with a mix of difficulty. These will be available throughout all of DEF CON so work on them anywhere (even your hotel room). No team required and no scoreboard...so no pressure!\n\nChallenge developers will be available for hints/clues on the conference floor but may not be able to help with every challenge.\n\n\n","media":[],"title":"Hack-A-Sat Quals Challenges","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Enjoy some space math nostalgia with challenges from the past four years of Hack-A-Sat quals! Challenges require skills in astrodynamics, satellite operations, digital signal processing, reverse engineering, exploitation, and more! If you missed the last Hack-A-Sat qualifiers or just want to try again, now is your chance!\n\n10 challenges are available with a mix of difficulty. These will be available throughout all of DEF CON so work on them anywhere (even your hotel room). No team required and no scoreboard...so no pressure!\n\nChallenge developers will be available for hints/clues on the conference floor but may not be able to help with every challenge.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55824,55825,55830],"conference_id":133,"event_ids":[56374,56375,56380,56402,56403,56408,56420,56421,56426],"name":"Hack-A-Sat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56207},{"content_ids":[55824,55825],"conference_id":133,"event_ids":[56374,56375,56402,56403,56420,56421],"name":"Cromulence","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56213}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56421,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56207},{"tag_id":46484,"sort_order":4,"person_id":56213}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to know what happened to the Hack-A-Sat digital twins? We're bringing back our satellites and ground stations so you can see what it was like to be a team operating during finals!\n\nEstablish uplink using a ground station. Send commands to the satellite, observe effects and telemetry. 3D Cesium visualization of satellite in orbit and ground station locations. Grafana dashboards for sim data, etc. OpenC3 satellite operator interface for C2\n\n\n","media":[],"title":"Hack-A-Sat Digital Twin","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Want to know what happened to the Hack-A-Sat digital twins? We're bringing back our satellites and ground stations so you can see what it was like to be a team operating during finals!\n\nEstablish uplink using a ground station. Send commands to the satellite, observe effects and telemetry. 3D Cesium visualization of satellite in orbit and ground station locations. Grafana dashboards for sim data, etc. OpenC3 satellite operator interface for C2","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55824,55825,55830],"conference_id":133,"event_ids":[56374,56375,56380,56402,56403,56408,56420,56421,56426],"name":"Hack-A-Sat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56207},{"content_ids":[55824,55825],"conference_id":133,"event_ids":[56374,56375,56402,56403,56420,56421],"name":"Cromulence","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56213}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56420,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56207},{"tag_id":46484,"sort_order":4,"person_id":56213}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Dive into our interactive choose-your-own-adventure web interface and learn how to hack a drone in a fun, storyboard-based game. This graphical user interface simulates the process we use when hacking drones for the Air Force, allowing participants to make decisions and see the outcomes. It's a beginner-friendly activity that anyone can enjoy, offering insight into the steps involved in drone penetration testing.\n\n\n","media":[],"title":"Drone Hacking Choose Your Own Adventure","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Dive into our interactive choose-your-own-adventure web interface and learn how to hack a drone in a fun, storyboard-based game. This graphical user interface simulates the process we use when hacking drones for the Air Force, allowing participants to make decisions and see the outcomes. It's a beginner-friendly activity that anyone can enjoy, offering insight into the steps involved in drone penetration testing.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56419,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join our Drone Hacking Activity and get hands-on experience with hacking into drone microcontrollers. This three-step in-depth activity is designed to teach you about the vulnerabilities and security of autonomous systems. Using sample drones, participants will learn techniques used in government pen tests. This workshop is suitable for all skill levels, from beginners to advanced hackers. Come and test your skills in a real-world scenario and understand the intricacies of drone security.\n\n\n","media":[],"title":"Drone Hacking Activity","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Join our Drone Hacking Activity and get hands-on experience with hacking into drone microcontrollers. This three-step in-depth activity is designed to teach you about the vulnerabilities and security of autonomous systems. Using sample drones, participants will learn techniques used in government pen tests. This workshop is suitable for all skill levels, from beginners to advanced hackers. Come and test your skills in a real-world scenario and understand the intricacies of drone security.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56418,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Experience the thrill of flying a drone in our custom-built cage right on the showroom floor. This activity is designed for everyone to enjoy, from kids to adults. Fly mini drones around the cage and see how well you can control these agile little machines. It's a fun, interactive way to learn the basics of drone piloting in a safe environment.\n\n\n","media":[],"title":"Drone Flying Experience","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Experience the thrill of flying a drone in our custom-built cage right on the showroom floor. This activity is designed for everyone to enjoy, from kids to adults. Fly mini drones around the cage and see how well you can control these agile little machines. It's a fun, interactive way to learn the basics of drone piloting in a safe environment.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56417,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Put your drone hacking skills to the test in our Drone CTF. This advanced challenge requires participants to take over a drone mid-flight and develop a payload to hack a DJI drone. This CTF is perfect for those who have some experience in drone hacking or have participated in our Drone Hacking Workshop. It's a great opportunity to showcase your technical prowess and win some cool prizes.\n\n\n","media":[],"title":"Drone Capture the Flag (CTF)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Put your drone hacking skills to the test in our Drone CTF. This advanced challenge requires participants to take over a drone mid-flight and develop a payload to hack a DJI drone. This CTF is perfect for those who have some experience in drone hacking or have participated in our Drone Hacking Workshop. It's a great opportunity to showcase your technical prowess and win some cool prizes.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56416,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Can you spot suspicious items in packages? Try out your skills.\n\n\n","media":[],"title":"Detect a Threat","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Can you spot suspicious items in packages? Try out your skills.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55819],"conference_id":133,"event_ids":[56369,56397,56415],"name":"TSA","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56212}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56415,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56212}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"You are a new to the Airport IT staff at the IG International Airport Network Operations Center, working your first holiday travel weekend. It has been a busy day managing the network with the control tower reporting several small glitches.\n\nNo alerts have been raised in the network, and the glitches appeared to have been easily handled. While taking your last break of the day, you decide to take a short walk around the concourse to watch the sun set. Suddenly, your cell phone rings and the voice on the other end is a panicked Control Tower Operator. A short time earlier, the tower had observed the runway lights turn off, come back on, and are now randomly blinking. They also mentioned the Operator HMI (Human Machine Interface) controlling the Runway Lighting system is non-responsive and they are locked out of the Maintenance HMI to reboot the system. Time is critical – without the lights, the planes circling the airport cannot land. With limited fuel stores, the planes are unable to divert to another airport. You sit down at your terminal to pull up the maintenance manual and troubleshoot the problem only to discover you are locked out of your account. You are suddenly relieved that management would not let you deploy security updates to the network because they feared service interruptions may occur. Once you regain access to the system and have all the reference material available, you bring up the control logic for the runway lighting system on one screen and the HMIs on another and quickly realize this is not a normal system failure. An unknown hacker or hacker group has ceased and taken control of the system. They have manipulated the PLC’s (Programmable Logic Controller) and impacted the HMIs. Time is of the essence to restore operation to the Runway Lighting control system before the planes run out of fuel.\n\n\n","media":[],"title":"Defend the Airport CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"You are a new to the Airport IT staff at the IG International Airport Network Operations Center, working your first holiday travel weekend. It has been a busy day managing the network with the control tower reporting several small glitches.\n\nNo alerts have been raised in the network, and the glitches appeared to have been easily handled. While taking your last break of the day, you decide to take a short walk around the concourse to watch the sun set. Suddenly, your cell phone rings and the voice on the other end is a panicked Control Tower Operator. A short time earlier, the tower had observed the runway lights turn off, come back on, and are now randomly blinking. They also mentioned the Operator HMI (Human Machine Interface) controlling the Runway Lighting system is non-responsive and they are locked out of the Maintenance HMI to reboot the system. Time is critical – without the lights, the planes circling the airport cannot land. With limited fuel stores, the planes are unable to divert to another airport. You sit down at your terminal to pull up the maintenance manual and troubleshoot the problem only to discover you are locked out of your account. You are suddenly relieved that management would not let you deploy security updates to the network because they feared service interruptions may occur. Once you regain access to the system and have all the reference material available, you bring up the control logic for the runway lighting system on one screen and the HMIs on another and quickly realize this is not a normal system failure. An unknown hacker or hacker group has ceased and taken control of the system. They have manipulated the PLC’s (Programmable Logic Controller) and impacted the HMIs. Time is of the essence to restore operation to the Runway Lighting control system before the planes run out of fuel.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55818],"conference_id":133,"event_ids":[56368,56396,56414],"name":"IntelliGenesis and IG Labs","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56190}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56414,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56190}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Collect the clues, solve the puzzles, show off your aerospace knowledge and technical skills to win a limited edition PCB badge.\n\n\n","media":[],"title":"Darkstar Badge Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Collect the clues, solve the puzzles, show off your aerospace knowledge and technical skills to win a limited edition PCB badge.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55817],"conference_id":133,"event_ids":[56367,56395,56413],"name":"Lockheed Martin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56189}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56413,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56189}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The AMSAT Ground Control and CubeSat simulator emulates how satellite communications are used. Ground control communicates via UHF to the cubesat.\n\n\n","media":[],"title":"CubeSat Simulator","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The AMSAT Ground Control and CubeSat simulator emulates how satellite communications are used. Ground control communicates via UHF to the cubesat.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55816],"conference_id":133,"event_ids":[56366,56394,56412],"name":"AMSAT","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56200}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56412,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56200}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Bricks in the Air is a hands-on demo to teach the basics of low level protocols seen in aviation. The demo uses the I2C protocol and does not reveal actual security vulnerabilities in avionics or other systems in aviation.\n\n\n","media":[],"title":"Bricks in the Air","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Bricks in the Air is a hands-on demo to teach the basics of low level protocols seen in aviation. The demo uses the I2C protocol and does not reveal actual security vulnerabilities in avionics or other systems in aviation.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56411,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"ARINC 664 is an extension to IP networking that adds deterministic QoS for Aircraft Systems over Ethernet. Sit down and learn about how the extensions to 802.3 is used on aircraft, how that flight critical data is transferred in a timely matter, and how to manipulate the data on these networks. This progressive difficulty CTF provides a fun and informative way of approaching ARINC 664 networking.\n\n\n","media":[],"title":"ARINC 664 CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"ARINC 664 is an extension to IP networking that adds deterministic QoS for Aircraft Systems over Ethernet. Sit down and learn about how the extensions to 802.3 is used on aircraft, how that flight critical data is transferred in a timely matter, and how to manipulate the data on these networks. This progressive difficulty CTF provides a fun and informative way of approaching ARINC 664 networking.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55814],"conference_id":133,"event_ids":[56364,56392,56410],"name":"Boeing","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56202}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56410,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56202}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A variety of aviation infrastructure has been compromised by hackers. Immerse yourself into challenges where you are tasked as an aviation cyber defense participant to identify attacks/attackers, stop attacks, and restore normal operations. As a participant your first step is to register ahead and read the rules at: https://aisac.cyberskyline.com/events/aisac-defcon and bring your own laptop to the venue. You can participate in the virtual challenges from Friday, but the more critical in-person challenges are only available at certain times during Village open hours!\n\n\n","media":[],"title":"A-ISAC Aviation Cybersecurity Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"A variety of aviation infrastructure has been compromised by hackers. Immerse yourself into challenges where you are tasked as an aviation cyber defense participant to identify attacks/attackers, stop attacks, and restore normal operations. As a participant your first step is to register ahead and read the rules at: https://aisac.cyberskyline.com/events/aisac-defcon and bring your own laptop to the venue. You can participate in the virtual challenges from Friday, but the more critical in-person challenges are only available at certain times during Village open hours!","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55813],"conference_id":133,"event_ids":[56363,56391,56409],"name":"A-ISAC and Embry-Riddle Aeronautical University - Prescott","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56201}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56409,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56201}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Bringing cyber focused space science to schools can be challenging given school restrictions, firewalls, and expense of equipment. This presentation will go over multiple space-centric outreach activities for youth of all ages. From talking to astronauts aboard the International Space Station (ISS) to listening to satellites in the classroom. These various programs are bound to capture the imagination. Some of the projects to be discussed are the Amateur Radio on the International Space Station (ARISS) program, Slow-Scan Television (SSTV) images from the ISS, AMSat CubeSat Simulators, and setting up a RTL-SDR to capture information from satellites in the classroom. There are a variety of ways to start a countdown to space science careers in youth and these projects can help you connect with the imagination of youth near you.\n\n\n","media":[],"title":"How to Corrupt Youth to Cyber Focused Space Science","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"Bringing cyber focused space science to schools can be challenging given school restrictions, firewalls, and expense of equipment. This presentation will go over multiple space-centric outreach activities for youth of all ages. From talking to astronauts aboard the International Space Station (ISS) to listening to satellites in the classroom. These various programs are bound to capture the imagination. Some of the projects to be discussed are the Amateur Radio on the International Space Station (ARISS) program, Slow-Scan Television (SSTV) images from the ISS, AMSat CubeSat Simulators, and setting up a RTL-SDR to capture information from satellites in the classroom. There are a variety of ways to start a countdown to space science careers in youth and these projects can help you connect with the imagination of youth near you.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55838],"conference_id":133,"event_ids":[56388],"name":"RC Jones","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/rcspace/"}],"media":[],"id":56198}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T18:00:00.000-0000","id":56388,"tag_ids":[46366,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56198}],"tags":"","conference_id":133,"location":{"parent_id":46259,"name":"LVCC - L1 - HW2-07-02 (Aerospace) - Workshops","hotel":"","short_name":"Workshops","id":46476},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Small scale LAN party - Use one of our Windows 98 laptops or BYOB and hook it up! Seating will likely be limited depending on interest.\n\n\n","media":[],"title":"Small scale LAN party","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Small scale LAN party - Use one of our Windows 98 laptops or BYOB and hook it up! Seating will likely be limited depending on interest.","updated_timestamp":{"seconds":1722563871,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T01:57:51Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56342,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T01:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Although not scheduled we intend to have people in and out who can do repairs/soldering on older equipment should anything need it. If you have trouble with your vintage tech during con, we will do our best to help!\n\n\n","media":[],"title":"Retro Repair","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Although not scheduled we intend to have people in and out who can do repairs/soldering on older equipment should anything need it. If you have trouble with your vintage tech during con, we will do our best to help!","updated_timestamp":{"seconds":1722563919,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T01:58:39Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56341,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T01:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We will have several dumb terminals available for all sorts of things courtesy of SCAVHUNT!\n\n\n","media":[],"title":"Dumb Terminal fun","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"We will have several dumb terminals available for all sorts of things courtesy of SCAVHUNT!","updated_timestamp":{"seconds":1722563905,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T01:58:25Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56340,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T01:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Bring a retro artifact of your own for people to have fun with and demonstrate! (Note: Any artifact brought in for Show & Tell must also be taken back home with you, and although we will try our best to keep your artifact safe and operational, we suggest that you don't bring anything irreplaceable or that has sentimental value, as things could get destroyed or go missing.)\n\n\n","media":[],"title":"Show & Tell","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Bring a retro artifact of your own for people to have fun with and demonstrate! (Note: Any artifact brought in for Show & Tell must also be taken back home with you, and although we will try our best to keep your artifact safe and operational, we suggest that you don't bring anything irreplaceable or that has sentimental value, as things could get destroyed or go missing.)","updated_timestamp":{"seconds":1722563887,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T01:58:07Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56339,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T01:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The perfect introduction to network analysis, sniffing, and forensics. Do you want to understand the techniques people use to tap into a network, steal passwords and listen to conversations? Packet Inspector is the place to develop these skills! For well over a decade, the Wall of Sheep has shown people how important it is to use end-to-end encryption to keep sensitive information like passwords private. Using a license of the world famous Capture The Packet engine from Aries Security, we have created a unique way to teach hands-on skills in a controlled real-time environment.\n\n\n","media":[],"title":"Packet Inspector","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"The perfect introduction to network analysis, sniffing, and forensics. Do you want to understand the techniques people use to tap into a network, steal passwords and listen to conversations? Packet Inspector is the place to develop these skills! For well over a decade, the Wall of Sheep has shown people how important it is to use end-to-end encryption to keep sensitive information like passwords private. Using a license of the world famous Capture The Packet engine from Aries Security, we have created a unique way to teach hands-on skills in a controlled real-time environment.","updated_timestamp":{"seconds":1722476832,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T01:47:12Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":56315,"tag_ids":[46385,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T01:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Looking to upgrade your skills or see how you would fare in Capture The Packet? Come check out what Packet Detective has to offer! A step up in difficulty from Packet Inspector, Packet Detective will put your network hunting abilities to the test with real-world scenarios at the intermediate level. Take the next step in your journey towards network mastery in a friendly environment still focused on learning and take another step closer to preparing yourself for the competitive environment of Capture The Packet\n\n\n","media":[],"title":"Packet Detective","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"Looking to upgrade your skills or see how you would fare in Capture The Packet? Come check out what Packet Detective has to offer! A step up in difficulty from Packet Inspector, Packet Detective will put your network hunting abilities to the test with real-world scenarios at the intermediate level. Take the next step in your journey towards network mastery in a friendly environment still focused on learning and take another step closer to preparing yourself for the competitive environment of Capture The Packet","updated_timestamp":{"seconds":1722476866,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T01:47:46Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":56313,"tag_ids":[46385,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T01:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Knowing how to use the Linux command line is a critical skill for any good security practitioner. This trainer will have 10+ problems covering some of the most fundamental Linux commands. This trainer is for people new to field and for those who want to hone their Linux command line-fu.\n\n\n","media":[],"title":"Linux Trainer","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"Knowing how to use the Linux command line is a critical skill for any good security practitioner. This trainer will have 10+ problems covering some of the most fundamental Linux commands. This trainer is for people new to field and for those who want to hone their Linux command line-fu.","updated_timestamp":{"seconds":1722476901,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T01:48:21Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":56311,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Network-OS workshop will take you into the mysterious world which underpins modern computing and allows people to talk across the globe. This of course being the network itself. In this workshop you will familiarize yourself with the command line of network devices. Step by step, you will configure devices to talk to each other, share information about the computers connected to them, and relay their network information and traffic between each other. No experience needed, know how to type and copy/paste.\n\n\n","media":[],"title":"Network-OS: Be The Cloud","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"The Network-OS workshop will take you into the mysterious world which underpins modern computing and allows people to talk across the globe. This of course being the network itself. In this workshop you will familiarize yourself with the command line of network devices. Step by step, you will configure devices to talk to each other, share information about the computers connected to them, and relay their network information and traffic between each other. No experience needed, know how to type and copy/paste.","updated_timestamp":{"seconds":1722476912,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T01:48:32Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":56309,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Regular Expressions or RegEX are used everywhere! If you aspire to be a Pentester, Threat Hunter, Programmer, Network Engineer, DevOps or really anything in technology today, RegEx is a skill all the greats have and the majority of the industry are terrible at. Come learn or brush up on your RegEx skills in on our live trainer.\n\n\n","media":[],"title":"Regular Expressions (RegEx) Trainer","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"Regular Expressions or RegEX are used everywhere! If you aspire to be a Pentester, Threat Hunter, Programmer, Network Engineer, DevOps or really anything in technology today, RegEx is a skill all the greats have and the majority of the industry are terrible at. Come learn or brush up on your RegEx skills in on our live trainer.","updated_timestamp":{"seconds":1722476922,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T01:48:42Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":56307,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Use machine learning with Python to detect attacks in network packets including DNS tunneling, FTP brute force, and HTTP scanning. We will be using various Python tools such as iPython notebooks, scapy, and scikit-learn. Some Python experience is recommended, but if you don't know Python, come prepared to start with our Python tutorial!\n\n\n","media":[],"title":"Python + Packet Analysis + Machine Learning","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"Use machine learning with Python to detect attacks in network packets including DNS tunneling, FTP brute force, and HTTP scanning. We will be using various Python tools such as iPython notebooks, scapy, and scikit-learn. Some Python experience is recommended, but if you don't know Python, come prepared to start with our Python tutorial!","updated_timestamp":{"seconds":1722476946,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T01:49:06Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":56305,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T01:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Follow real world password attack steps against a mock target in order to better understand how to protect yourself and improve the security of your passwords!\n\n\n","media":[],"title":"Password lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"Follow real world password attack steps against a mock target in order to better understand how to protect yourself and improve the security of your passwords!","updated_timestamp":{"seconds":1722540130,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T19:22:10Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":56303,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T19:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"No description provided by creator\n\n\n","media":[],"title":"FleetDm","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"No description provided by creator","updated_timestamp":{"seconds":1722476980,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T01:49:40Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":56301,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T01:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for an interactive workshop where we will walk you through the ins and outs of botnet deployment and operation via a command and control web server. Geared towards beginners, this workshop offers a hands-on approach to understanding how botnets function. You'll also learn an effective defense strategy against the botnet you have created. No experience needed we will give you everything you need!\n\n\n","media":[],"title":"Botnets","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"Join us for an interactive workshop where we will walk you through the ins and outs of botnet deployment and operation via a command and control web server. Geared towards beginners, this workshop offers a hands-on approach to understanding how botnets function. You'll also learn an effective defense strategy against the botnet you have created. No experience needed we will give you everything you need!","updated_timestamp":{"seconds":1722476888,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T01:48:08Z","links":[],"end":"2024-08-11T21:00:00.000-0000","id":56299,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Play VR the gear comes out for a casual, hands on demo area to explore the metaverse in VR with games & expoloration in Meta Quest VR and Meta Raybans MR\n\n\n","media":[],"title":"Play All the Things","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Play VR the gear comes out for a casual, hands on demo area to explore the metaverse in VR with games & expoloration in Meta Quest VR and Meta Raybans MR","updated_timestamp":{"seconds":1722369095,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T19:51:35Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":56106,"tag_ids":[46397,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-06","hotel":"","short_name":"HW4-01-06","id":46354},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T19:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We are surrounded by invisible radio frequency signals created by human technology like radio, cellular, and satellite. Traditionally, we see these signals through spectrum analyzers. However, the capabilities of existing analysis tools are being outpaced by the rapid modernization of wireless networks and topologies like 5G, IoT, Bluetooth, LoRa, etc. RF is inherently multidimensional, but conventional analyzers display signals in 2D slices, limiting real-world applicability to highly technical users. Emerging technology that combines Augmented Reality displays and AI/ML algorithms is capable of spatializing RF data into its natural 3D location for easier understanding and communication.\r\n\r\nThis talk will provide an overview of the evolution of RF visualization tools from flat interfaces to immersive ones that can be used to discover and map RF signals and networks. The audience will gain a broad understanding of the emergence of immersive interfaces and how they can be applied successfully to spatial data visualization. We will walk participants through challenges with the design and development process, theory behind decisions, and usability issues to overcome in actual deployments. Resulting best practices will be shared openly. Finally, the audience will learn about future applications of these tools and forecasted innovations as the underlying technology matures.\n\n\n","media":[],"title":"Evolution of RF Signal Visualization - From Spectrum Analyzers to Augmented Reality","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T17:30:00Z","end_timestamp":{"seconds":1723397400,"nanoseconds":0},"android_description":"We are surrounded by invisible radio frequency signals created by human technology like radio, cellular, and satellite. Traditionally, we see these signals through spectrum analyzers. However, the capabilities of existing analysis tools are being outpaced by the rapid modernization of wireless networks and topologies like 5G, IoT, Bluetooth, LoRa, etc. RF is inherently multidimensional, but conventional analyzers display signals in 2D slices, limiting real-world applicability to highly technical users. Emerging technology that combines Augmented Reality displays and AI/ML algorithms is capable of spatializing RF data into its natural 3D location for easier understanding and communication.\r\n\r\nThis talk will provide an overview of the evolution of RF visualization tools from flat interfaces to immersive ones that can be used to discover and map RF signals and networks. The audience will gain a broad understanding of the emergence of immersive interfaces and how they can be applied successfully to spatial data visualization. We will walk participants through challenges with the design and development process, theory behind decisions, and usability issues to overcome in actual deployments. Resulting best practices will be shared openly. Finally, the audience will learn about future applications of these tools and forecasted innovations as the underlying technology matures.","updated_timestamp":{"seconds":1722376013,"nanoseconds":0},"speakers":[{"content_ids":[55578],"conference_id":133,"event_ids":[56100],"name":"Suzanne Borders","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"BadVR","title":"Founder and CEO"}],"links":[],"pronouns":"she/her","media":[],"id":56047,"title":"Founder and CEO at BadVR"},{"content_ids":[55578],"conference_id":133,"event_ids":[56100],"name":"Jad Meouchy","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"BadVR","title":"Co-Founder and CTO"}],"links":[],"pronouns":"he/him","media":[],"id":56048,"title":"Co-Founder and CTO at BadVR"}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T21:46:53Z","links":[],"end":"2024-08-11T17:30:00.000-0000","id":56100,"tag_ids":[46169,46397,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":56047},{"tag_id":46167,"sort_order":4,"person_id":56048}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T21:46:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"# Open Events - All Days\r\n\r\n## AIxCC - Artificial Intelligence Cyber Challenge\r\n\r\nExperience a dynamic model city with illuminated buildings and projections that bring to life the Semifinals of the AI Cyber Challenge (AIxCC) - a two-year competition to safeguard the software critical to modern life. You'll experience the thrill of the game events and the critical stakes of cybersecurity in an immersive setting that also offers an inspiring educational journey.\r\n\r\n## Social Engineering Village - SE Youth Challenge\r\n\r\nThe Social Engineering Community needs your help and it’s not exactly a big deal, but without your help, the entire universe is going to implode. Fortunately, some creative beings designed a failsafe just for this specific purpose, the Def Con Social Engineering Youth Challenge at DEF CON 32!\r\n\r\n## Adversary Village - Table top adventure\r\n\r\nTabletop adversary adventure!\r\n\r\n## Biohacking Village - Learn about bio-technology and biohacking! \r\n\r\nHands on medical device hacking and village tour\r\n\r\n## Ham Radio Vilage - Find the Fox, Decode a SSTV broadcast, get your Ham Radio License!\r\n\r\nFox Hunt!: Try to find the fox radio transmitter. SSTV: Send an SSTV broadcast and see it decoded by someone else Ham Radio Exam: Get your ham radio license at DEF CON!\r\n\r\n## Crypto Privacy Village - Gold Bug Puzzle\r\n\r\nAn invitation to a house party at the home of the Mysterious Marquise. What does it mean that it’s for those with “an adventurous spirit and enjoyment of puzzles”? And how can the doorknocker reveal anything? Find out in the Junior Cryptographer’s Corner of the CPV Gold Bug Puzzle.\r\n\r\n## Data Duplication Village - Multiple: HDD Teardown, Decryption Challenge, Error detection and correction\r\n\r\n- **HDD Teardown**: Take apart and see how hard drives work.\r\n- **Decryption Challenge**: Learn how file encryption / decryption works and solve a challenge.\r\n- **Error Detection and Correction**: Use a simple binary code system, errors are introduced in the data string. Teaching basic parity checking or checksum algorithms to identify and correct the errors, demonstrating a fundamental data integrity concept.\r\n\r\n## Hardware Hacking Village - Open Soldering lessons\r\n\r\nThe folks at the Hardware Hacking Village can teach you soldering! Bring your soldering kits and learn this valuable hacker and life skill. \r\n\r\n# Friday, Saturday 13:00 - 16:00\r\n\r\n## Car Hacking Village Scavenger Hunt\r\n\r\nThe Car Hacking Village (CHV) put together a wonderland of fun for kids of all ages to explore. Stop by at our CHV Kids Booth during our hours of operation and dive into the rabbit hole of car hacking with our team. As you explore the CHV Village, you will not only learn about car hacking, but will also get to collect fun swag at every stop. Join us on this adventure through the car hacking wonderland and let your scavenger hunt begin.\n\n\n","media":[],"title":"Open Events for DCNextGen","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"# Open Events - All Days\r\n\r\n## AIxCC - Artificial Intelligence Cyber Challenge\r\n\r\nExperience a dynamic model city with illuminated buildings and projections that bring to life the Semifinals of the AI Cyber Challenge (AIxCC) - a two-year competition to safeguard the software critical to modern life. You'll experience the thrill of the game events and the critical stakes of cybersecurity in an immersive setting that also offers an inspiring educational journey.\r\n\r\n## Social Engineering Village - SE Youth Challenge\r\n\r\nThe Social Engineering Community needs your help and it’s not exactly a big deal, but without your help, the entire universe is going to implode. Fortunately, some creative beings designed a failsafe just for this specific purpose, the Def Con Social Engineering Youth Challenge at DEF CON 32!\r\n\r\n## Adversary Village - Table top adventure\r\n\r\nTabletop adversary adventure!\r\n\r\n## Biohacking Village - Learn about bio-technology and biohacking! \r\n\r\nHands on medical device hacking and village tour\r\n\r\n## Ham Radio Vilage - Find the Fox, Decode a SSTV broadcast, get your Ham Radio License!\r\n\r\nFox Hunt!: Try to find the fox radio transmitter. SSTV: Send an SSTV broadcast and see it decoded by someone else Ham Radio Exam: Get your ham radio license at DEF CON!\r\n\r\n## Crypto Privacy Village - Gold Bug Puzzle\r\n\r\nAn invitation to a house party at the home of the Mysterious Marquise. What does it mean that it’s for those with “an adventurous spirit and enjoyment of puzzles”? And how can the doorknocker reveal anything? Find out in the Junior Cryptographer’s Corner of the CPV Gold Bug Puzzle.\r\n\r\n## Data Duplication Village - Multiple: HDD Teardown, Decryption Challenge, Error detection and correction\r\n\r\n- **HDD Teardown**: Take apart and see how hard drives work.\r\n- **Decryption Challenge**: Learn how file encryption / decryption works and solve a challenge.\r\n- **Error Detection and Correction**: Use a simple binary code system, errors are introduced in the data string. Teaching basic parity checking or checksum algorithms to identify and correct the errors, demonstrating a fundamental data integrity concept.\r\n\r\n## Hardware Hacking Village - Open Soldering lessons\r\n\r\nThe folks at the Hardware Hacking Village can teach you soldering! Bring your soldering kits and learn this valuable hacker and life skill. \r\n\r\n# Friday, Saturday 13:00 - 16:00\r\n\r\n## Car Hacking Village Scavenger Hunt\r\n\r\nThe Car Hacking Village (CHV) put together a wonderland of fun for kids of all ages to explore. Stop by at our CHV Kids Booth during our hours of operation and dive into the rabbit hole of car hacking with our team. As you explore the CHV Village, you will not only learn about car hacking, but will also get to collect fun swag at every stop. Join us on this adventure through the car hacking wonderland and let your scavenger hunt begin.","updated_timestamp":{"seconds":1722363207,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T18:13:27Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":56099,"tag_ids":[46362,46398,46427],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T18:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Telecom Village is excited to announce \"Telecom Tinkerer,\" Capture The Flag (CTF) event. Participants, known as Tinkerers, will simulate actions against various elements of a dummy target organization. Telecom Tinkerer will feature real-world simulation scenarios and challenges, allowing Tinkerers to simulate attacks and explore new attack vectors, tactics, techniques, and procedures (TTPs). The event will include combined exercises with different levels of threat/emulation and purple teaming, promoting a collaborative learning environment for both offensive and defensive strategies.\n\n\n","media":[],"title":"Telecom Tinkerer CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"Telecom Village is excited to announce \"Telecom Tinkerer,\" Capture The Flag (CTF) event. Participants, known as Tinkerers, will simulate actions against various elements of a dummy target organization. Telecom Tinkerer will feature real-world simulation scenarios and challenges, allowing Tinkerers to simulate attacks and explore new attack vectors, tactics, techniques, and procedures (TTPs). The event will include combined exercises with different levels of threat/emulation and purple teaming, promoting a collaborative learning environment for both offensive and defensive strategies.","updated_timestamp":{"seconds":1722352101,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T15:08:21Z","links":[{"label":"More Info","type":"link","url":"https://telecomvillage.com/index.html#ctf"}],"end":"2024-08-11T21:00:00.000-0000","id":56073,"tag_ids":[46395,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W201","hotel":"","short_name":"W201","id":46281},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T15:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is a contest about bribery. Bribery is not only allowed, it is required as part of the contest, since it's the only way to move up the leaderboard. Judges will evaluate the value of any given bribe (for example, an unusual sticker, etc.), and award points accordingly. Boring bribes will be rejected (i.e. cash). Players can expect to learn how to make a persuasive argument, and the nature of value in an (often) pay-to-win world that we live in.\n\n\n","media":[{"hash_sha256":"d105c229ff2832a2a53e6bea90a820933908ef621ae9acf81589053a04e47e5d","filetype":"image/png","hash_md5":"6ecf3ddaa155976e729164a6f9138690","name":"ct_wallofbribesjpg.png","is_logo":"Y","hash_crc32c":"3ba9ff1a","filesize":102976,"asset_id":640,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_wallofbribesjpg.png"}],"title":"A Wall of Bribes","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"This is a contest about bribery. Bribery is not only allowed, it is required as part of the contest, since it's the only way to move up the leaderboard. Judges will evaluate the value of any given bribe (for example, an unusual sticker, etc.), and award points accordingly. Boring bribes will be rejected (i.e. cash). Players can expect to learn how to make a persuasive argument, and the nature of value in an (often) pay-to-win world that we live in.","updated_timestamp":{"seconds":1722311882,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:58:02Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249429"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249428"}],"end":"2024-08-11T19:00:00.000-0000","id":56069,"tag_ids":[46427,46439,46750],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-F","hotel":"","short_name":"HW4-02-02-F","id":46367},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Adversary Village proudly presents \"Adversary Wars CTF\", an official contest at DEF CON, where the participants will have to pose as adversaries and replicate adversarial actions against each element of a “target” organization. Adversary Wars would have real world simulation of CTF scenarios and challenges, where the participants can perform various attacks and learn new attack vectors, TTPs, techniques, etc. To visualize the CTF environment, the contest area will feature a miniature model of the city made using interlocking-plastic-bricks. The breached components OR organization buildings will be physically marked in the city model as the CTF progresses.\r\n\r\nWe are excited to be back at DEF CON as an official contest this year. Adversary Wars CTF will be located in the contest area for DEF CON 32.​\n\n\n","media":[{"hash_sha256":"07ddc9c91f6e59f3933f548603872f890309c05b353352836dc4896ef7fce215","filetype":"image/png","hash_md5":"cafd57b9dc99beb382a7e36477b02aad","name":"ct_adversary.png","is_logo":"Y","hash_crc32c":"b7d5aeab","filesize":104609,"asset_id":623,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_adversary.png"}],"title":"Adversary Wars CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Adversary Village proudly presents \"Adversary Wars CTF\", an official contest at DEF CON, where the participants will have to pose as adversaries and replicate adversarial actions against each element of a “target” organization. Adversary Wars would have real world simulation of CTF scenarios and challenges, where the participants can perform various attacks and learn new attack vectors, TTPs, techniques, etc. To visualize the CTF environment, the contest area will feature a miniature model of the city made using interlocking-plastic-bricks. The breached components OR organization buildings will be physically marked in the city model as the CTF progresses.\r\n\r\nWe are excited to be back at DEF CON as an official contest this year. Adversary Wars CTF will be located in the contest area for DEF CON 32.​","updated_timestamp":{"seconds":1722713515,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-03T19:31:55Z","links":[{"label":"Twitter (@AdversaryVillag)","type":"link","url":"https://twitter.com/AdversaryVillag"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249425"},{"label":"More Info","type":"link","url":"https://adversaryvillage.org/adversary-wars-ctf/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249426"}],"end":"2024-08-11T19:00:00.000-0000","id":56067,"tag_ids":[46367,46427,46439,46751],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-05","hotel":"","short_name":"HW4-03-05","id":46372},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-03T19:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This event was born out of the fires of DEF CON. Through years of analyzing network traffic for the Wall of Sheep and teaching others how to do the same, we built this system as a way to help the growing numbers in our community learn (fast). Then it quickly turned into the first defensive based CTF at DEF CON and is one of the longer running competitions at con with a twist... Each year we practically re-invent ourselves, bringing the latest tools & techniques along with never seen before content across 17 categories to unleash hell on the mostly-unsuspecting attendees. For ’24 we have added tons of new content, and new types of challenges never seen before.\r\n\r\nCome compete in the world's most challenging cyber defense competition based on the Aries Security Cyber Range. Tear through the challenges, traverse a hostile enterprise class network, and diligently analyze what is found in order to make it out unscathed. Not only glory, but prizes await those that emerge victorious from this upgraded labyrinth, so only the best prepared and battle hardened will escape the crucible.\n\n\n","media":[{"hash_sha256":"39238a01b06f0ddf4e2a678a63b07a1fb93094a3716dee47fac88ff443b09b2f","filetype":"image/png","hash_md5":"bb82eeecc603d6d9d05f319875161b0f","name":"ct_ctp.png","is_logo":"Y","hash_crc32c":"a13f862e","filesize":72882,"asset_id":631,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_ctp.png"}],"title":"Capture the Packet","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"This event was born out of the fires of DEF CON. Through years of analyzing network traffic for the Wall of Sheep and teaching others how to do the same, we built this system as a way to help the growing numbers in our community learn (fast). Then it quickly turned into the first defensive based CTF at DEF CON and is one of the longer running competitions at con with a twist... Each year we practically re-invent ourselves, bringing the latest tools & techniques along with never seen before content across 17 categories to unleash hell on the mostly-unsuspecting attendees. For ’24 we have added tons of new content, and new types of challenges never seen before.\r\n\r\nCome compete in the world's most challenging cyber defense competition based on the Aries Security Cyber Range. Tear through the challenges, traverse a hostile enterprise class network, and diligently analyze what is found in order to make it out unscathed. Not only glory, but prizes await those that emerge victorious from this upgraded labyrinth, so only the best prepared and battle hardened will escape the crucible.","updated_timestamp":{"seconds":1722476750,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T01:45:50Z","links":[{"label":"More Info","type":"link","url":"https://www.capturethepacket.com"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249401"},{"label":"Twitter (@capturetp)","type":"link","url":"https://twitter.com/capturetp"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249402"}],"end":"2024-08-11T19:00:00.000-0000","id":56054,"tag_ids":[46385,46427,46439,46757],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T01:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The inception of this distinctive event occurred at DEF CON 31, initiated by a fortuitous encounter with CookieT while participating in LineCon for merch. Our shared passions fostered an immediate bond, and it was amidst this camaraderie that the idea for a future challenge germinated. Having previously engaged participants with puzzle-embedded challenge coins, I (Chasse) was inspired to expand the concept beyond a mere cipher. The aim was to design a contest that would appeal across a broad spectrum of skill levels by integrating a variety of puzzles, both modern and traditional, to attract a wider audience from a complete beginner new to the hackerspace to the more seasoned and advanced hacker. Observing the collective enthusiasm as participants unraveled the first simple coin puzzle was exhilarating, yet the quick resolution of the puzzle occasionally detracted from the overall experience for more advanced puzzle solvers. Throughout DEF CON 31, CookieT and I explored the feasibility of a web-based challenge CTF, laying the foundation for what would evolve into a pioneering contest and experience. Later Raven emerged from the shadows of cyberspace to help us chisel out the contest from Zeroes and Ones\r\n\r\nWith the announcement of DEF CON 32's theme, our concept was honed, ready to blend our creative talents into this year's challenge. We crafted an innovative combination of a narrative-driven journey game, scavenger hunt, and web-based Capture The Flag (CTF) challenges, all meticulously aligned with the DEC CON 32 \"Engage\" theme. This contest emerges as a holistic platform, introducing DEF CON newcomers to core security principles through an engaging narrative. Spanning a variety of fields including OSINT, cryptography, radio, telephony, password, and web security. It promises a rich, diverse experience! Participants, automatically divided into teams, are propelled on a quest to decode puzzles and unearth flags, with challenges designed to suit everyone from novices to veterans seeking sophisticated, intricate challenges. This contest transcends the conventional competition framework, evolving into an artful endeavor that illustrates the symbiosis of storytelling and technical puzzles to create a deeply immersive learning adventure. Imagined as an interactive storybook, it invites attendees to navigate their own routes, making their own choices that lead them through a story-rich exploration of security concepts and engagement even with each other.\r\n\r\nThe technical infrastructure of this experience is built on varied technologies. The main website, https://www.chassepartie.com, is developed with Ruby on Rails 7.1 and hosted on Heroku, with CloudFlare acting as our Web Application Firewall (WAF). This site functions as the scoreboard and narrative hub of the contest. Additionally, we have set up an XCP-NG hypervisor to host approximately 10 to 15 virtual machines as targets for participant engagement. Augmented reality markers are also in place, intended for deployment in communal areas like sticker boards, to enhance the experience. These elements are interwoven with the storyline, guiding attendees through what we believe is an unprecedented adventure-style CTF challenge named Chasse Partie Systems – Dystopian Apocalypse Resistance Terminal.\r\n\r\nSo come and join us on our deviant journey, what are you waiting for?\n\n\n","media":[{"hash_sha256":"95a6fc9488a5c31ed3edb2848eb2a24498095a0de6f93552e7bc6ffe48c215cf","filetype":"image/png","hash_md5":"5ed77e41c595c690f459fe08cc26c28a","name":"ct_chasse-partie-ctf-v2.png","is_logo":"Y","hash_crc32c":"292aa419","filesize":303387,"asset_id":668,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_chasse-partie-ctf-v2.png"}],"title":"Chasse Partie Systems CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The inception of this distinctive event occurred at DEF CON 31, initiated by a fortuitous encounter with CookieT while participating in LineCon for merch. Our shared passions fostered an immediate bond, and it was amidst this camaraderie that the idea for a future challenge germinated. Having previously engaged participants with puzzle-embedded challenge coins, I (Chasse) was inspired to expand the concept beyond a mere cipher. The aim was to design a contest that would appeal across a broad spectrum of skill levels by integrating a variety of puzzles, both modern and traditional, to attract a wider audience from a complete beginner new to the hackerspace to the more seasoned and advanced hacker. Observing the collective enthusiasm as participants unraveled the first simple coin puzzle was exhilarating, yet the quick resolution of the puzzle occasionally detracted from the overall experience for more advanced puzzle solvers. Throughout DEF CON 31, CookieT and I explored the feasibility of a web-based challenge CTF, laying the foundation for what would evolve into a pioneering contest and experience. Later Raven emerged from the shadows of cyberspace to help us chisel out the contest from Zeroes and Ones\r\n\r\nWith the announcement of DEF CON 32's theme, our concept was honed, ready to blend our creative talents into this year's challenge. We crafted an innovative combination of a narrative-driven journey game, scavenger hunt, and web-based Capture The Flag (CTF) challenges, all meticulously aligned with the DEC CON 32 \"Engage\" theme. This contest emerges as a holistic platform, introducing DEF CON newcomers to core security principles through an engaging narrative. Spanning a variety of fields including OSINT, cryptography, radio, telephony, password, and web security. It promises a rich, diverse experience! Participants, automatically divided into teams, are propelled on a quest to decode puzzles and unearth flags, with challenges designed to suit everyone from novices to veterans seeking sophisticated, intricate challenges. This contest transcends the conventional competition framework, evolving into an artful endeavor that illustrates the symbiosis of storytelling and technical puzzles to create a deeply immersive learning adventure. Imagined as an interactive storybook, it invites attendees to navigate their own routes, making their own choices that lead them through a story-rich exploration of security concepts and engagement even with each other.\r\n\r\nThe technical infrastructure of this experience is built on varied technologies. The main website, https://www.chassepartie.com, is developed with Ruby on Rails 7.1 and hosted on Heroku, with CloudFlare acting as our Web Application Firewall (WAF). This site functions as the scoreboard and narrative hub of the contest. Additionally, we have set up an XCP-NG hypervisor to host approximately 10 to 15 virtual machines as targets for participant engagement. Augmented reality markers are also in place, intended for deployment in communal areas like sticker boards, to enhance the experience. These elements are interwoven with the storyline, guiding attendees through what we believe is an unprecedented adventure-style CTF challenge named Chasse Partie Systems – Dystopian Apocalypse Resistance Terminal.\r\n\r\nSo come and join us on our deviant journey, what are you waiting for?","updated_timestamp":{"seconds":1722310816,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:40:16Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249395"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249396"}],"end":"2024-08-11T20:00:00.000-0000","id":56051,"tag_ids":[46426,46439,46758],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-E","hotel":"","short_name":"HW4-01-04-E","id":46347},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"CMD+CTRL Web App Hacking Challenge gives you the opportunity to showcase your red team skills by attacking real web applications. The CMD+CTRL platform is a hacking game designed to teach the fundamentals of web application security. Explore vulnerable web applications, discover security flaws, and exploit those flaws to earn points and climb up the scoreboard. After attacking an application for yourself, you'll have a better understanding of the vulnerabilities that put real world systems at risk.\r\n\r\nAt DEF CON 32: We will be replaying some of our Cyber Range Greatest Hits. We will be running 4 different Ranges with over a 150 challenges possible!\n\n\n","media":[{"hash_sha256":"9c8df8b7b1bfaa7f9a6f76d47c2ddafcb15c60bfc6ba40d764dfaf8bc3583cde","filetype":"image/png","hash_md5":"a6d499b0f825c7c532b2eaf562131129","name":"ct_cmdctrl.png","is_logo":"Y","hash_crc32c":"9670e5ce","filesize":4017,"asset_id":630,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_cmdctrl.png"}],"title":"CMD+CTRL at DEF CON 32","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"CMD+CTRL Web App Hacking Challenge gives you the opportunity to showcase your red team skills by attacking real web applications. The CMD+CTRL platform is a hacking game designed to teach the fundamentals of web application security. Explore vulnerable web applications, discover security flaws, and exploit those flaws to earn points and climb up the scoreboard. After attacking an application for yourself, you'll have a better understanding of the vulnerabilities that put real world systems at risk.\r\n\r\nAt DEF CON 32: We will be replaying some of our Cyber Range Greatest Hits. We will be running 4 different Ranges with over a 150 challenges possible!","updated_timestamp":{"seconds":1722310603,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:36:43Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249390"},{"label":"More Info","type":"link","url":"https://defcon32.cmdnctrl.net"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249389"}],"end":"2024-08-11T19:00:00.000-0000","id":56045,"tag_ids":[46427,46439,46760],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-D","hotel":"","short_name":"HW4-03-06-D","id":46377},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Zoogleta has been scheming to corporatize and enshittify the Internet through regulatory capture, squashing indy devs, and commodifying users.\r\n\r\nYou've been contacted by journalists and whistleblowers who need help sifting through some big dumps of encrypted data and password hashes.\r\n\r\nHelp them so they can publish the smoking gun, crash Zoogleta's stock price, and get their leadership and the corrupt politicians they own arrested by exposing their internal dirt, for great justice.\r\n\r\nTime is of the essence! You will have 48 hours to crack as many files and hashes as possible.\r\n\r\nOpen to all; preregistration is recommended. Compete in the Street class for individuals or small teams, or in Pro if you do not want to sleep all weekend. Check out past years' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/\n\n\n","media":[{"hash_sha256":"8c55b933bea038dc88c4628f4a2689a38cb05c0482e20738f947c7c0a6d0bd03","filetype":"image/png","hash_md5":"1747482750537af24b802702bb112b7e","name":"ct_crackmeifyoucan.png","is_logo":"Y","hash_crc32c":"398a67a5","filesize":50685,"asset_id":721,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_crackmeifyoucan.png"}],"title":"CrackMeIfYouCan","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"Zoogleta has been scheming to corporatize and enshittify the Internet through regulatory capture, squashing indy devs, and commodifying users.\r\n\r\nYou've been contacted by journalists and whistleblowers who need help sifting through some big dumps of encrypted data and password hashes.\r\n\r\nHelp them so they can publish the smoking gun, crash Zoogleta's stock price, and get their leadership and the corrupt politicians they own arrested by exposing their internal dirt, for great justice.\r\n\r\nTime is of the essence! You will have 48 hours to crack as many files and hashes as possible.\r\n\r\nOpen to all; preregistration is recommended. Compete in the Street class for individuals or small teams, or in Pro if you do not want to sleep all weekend. Check out past years' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/","updated_timestamp":{"seconds":1722310455,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:34:15Z","links":[{"label":"More Info","type":"link","url":"https://www.crackmeifyoucan.com"},{"label":"Sub-Forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250053"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250054"},{"label":"Mastodon (@CrackMeIfYouCan@infosec.exchange)","type":"link","url":"https://infosec.exchange/@CrackMeIfYouCan"}],"end":"2024-08-11T18:00:00.000-0000","id":56042,"tag_ids":[46428,46439,46761],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-05","hotel":"","short_name":"HW4-01-05","id":46349},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:34:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Various cyber tools and techniques have been utilized based on information from past attacks. Game players will learn about different cyber security frameworks, cyber-attack processes, and how they can use utilised in a fun way. The game is built to teach key cyber terms, theory and apply techniques based on real-world scenarios.\r\n\r\nAs a player, you are part of a Global Cyber Protection Team (GCPT) assigned to the mission to prevent various attacks on critical infrastructure. Your task is to use the available information that your team has at your disposal to stop the adversary from achieving their objective.\r\n\r\nPlayers will find themselves in a variety of future scenarios based on a specific industry/sector focus e.g. manufacturing, utilities, defense, finance. The task will be to defend each individual network/system to govern, identify, detect, respond and recover against abnormal/suspicious activities on the network. You will be working against a global hacker network who are threatening to disrupt the overall operations of global critical infrastructure sites for their own nefarious means.\r\n\r\nYour team must protect various networks/systems as part of a global environment. If 5 or more systems are compromised and deactivated, the hacker network successfully disabled the global environment and can assume control of the entire environment. It is your mission to protect the environment and ensure the availability of the global system.\n\n\n","media":[{"hash_sha256":"590434b852585a01a647426db34529416f6624082c827bbd32d1ef45e5ef4651","filetype":"image/png","hash_md5":"1e73edab68d1da1d66c84a992554e685","name":"ct_cyberdefender.png","is_logo":"Y","hash_crc32c":"5a341827","filesize":92175,"asset_id":632,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_cyberdefender.png"}],"title":"Cyber Defender - The Game","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Various cyber tools and techniques have been utilized based on information from past attacks. Game players will learn about different cyber security frameworks, cyber-attack processes, and how they can use utilised in a fun way. The game is built to teach key cyber terms, theory and apply techniques based on real-world scenarios.\r\n\r\nAs a player, you are part of a Global Cyber Protection Team (GCPT) assigned to the mission to prevent various attacks on critical infrastructure. Your task is to use the available information that your team has at your disposal to stop the adversary from achieving their objective.\r\n\r\nPlayers will find themselves in a variety of future scenarios based on a specific industry/sector focus e.g. manufacturing, utilities, defense, finance. The task will be to defend each individual network/system to govern, identify, detect, respond and recover against abnormal/suspicious activities on the network. You will be working against a global hacker network who are threatening to disrupt the overall operations of global critical infrastructure sites for their own nefarious means.\r\n\r\nYour team must protect various networks/systems as part of a global environment. If 5 or more systems are compromised and deactivated, the hacker network successfully disabled the global environment and can assume control of the entire environment. It is your mission to protect the environment and ensure the availability of the global system.","updated_timestamp":{"seconds":1722310334,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:32:14Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249384"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249385"}],"end":"2024-08-11T19:00:00.000-0000","id":56038,"tag_ids":[46439,46762],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-C","hotel":"","short_name":"HW4-03-06-C","id":46376},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Darknet-NG is an Alternate Reality Game (ARG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The \"Learning Quests\" help the agent gather knowledge from all across the other villages at the conference, while the \"Challenge Quests\" help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year's final challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site https://darknet-ng.network and join our growing Discord Community!\n\n\n","media":[{"hash_sha256":"1b2e0f8d162af1a6bd8a463fa27176b2afd439a1dc61b7817c2c855763a600ed","filetype":"image/png","hash_md5":"e7442de5c5eb4549170a56163423cd5e","name":"ct_darknet.png","is_logo":"Y","hash_crc32c":"f77e820f","filesize":49081,"asset_id":633,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_darknet.png"}],"title":"Darknet-NG","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Darknet-NG is an Alternate Reality Game (ARG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The \"Learning Quests\" help the agent gather knowledge from all across the other villages at the conference, while the \"Challenge Quests\" help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year's final challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site https://darknet-ng.network and join our growing Discord Community!","updated_timestamp":{"seconds":1722310268,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:31:08Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249382"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249381"},{"label":"More Info","type":"link","url":"https://darknet-ng.network"},{"label":"Twitter (@DarknetNg)","type":"link","url":"https://twitter.com/DarknetNg"}],"end":"2024-08-11T19:00:00.000-0000","id":56035,"tag_ids":[46426,46439,46763],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-D","hotel":"","short_name":"HW4-02-01-D","id":46359},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DARPA and ARPA-H’s Artificial Intelligence Cyber Challenge (AIxCC) will bring together the foremost experts in AI and cybersecurity to safeguard the software critical to all Americans. AIxCC is a two-year competition that asks competitors to design novel AI systems to secure this critical code and will award a cumulative $29.5 million in prizes to Teams with the best systems. In 2024, top teams will be awarded prizes of $2 million each, and will advance to the finals at DEF CON 33. The AIxCC Experience at DEF CON 32 is an immersive and interactive competition environment and educational space to inspire people and organizations to accelerate the development of AI-enabled cyber defenses. Attendees will explore a futuristic city where they can learn all about the competition, the technology, and the power of AI to help secure the software we all depend on.\r\n\r\nRegistration for AIxCC is no longer open to new contestants. AIxCC Preliminary Events were held March – July 2024.\r\n\r\nSemifinalists will be announced here: https://aicyberchallenge.com/\n\n\n","media":[{"hash_sha256":"ff926fdb8070905e8485c17bfc79608b27202a7548f2ddcc058bbb89ea639e83","filetype":"image/png","hash_md5":"cbceb546139e5ed4e4a61a0b7fcaf58a","name":"ct_aixcc.png","is_logo":"Y","hash_crc32c":"661f6649","filesize":94474,"asset_id":625,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_aixcc.png"}],"title":"DARPA's Artificial Intelligence Cyber Challenge (AIxCC)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"DARPA and ARPA-H’s Artificial Intelligence Cyber Challenge (AIxCC) will bring together the foremost experts in AI and cybersecurity to safeguard the software critical to all Americans. AIxCC is a two-year competition that asks competitors to design novel AI systems to secure this critical code and will award a cumulative $29.5 million in prizes to Teams with the best systems. In 2024, top teams will be awarded prizes of $2 million each, and will advance to the finals at DEF CON 33. The AIxCC Experience at DEF CON 32 is an immersive and interactive competition environment and educational space to inspire people and organizations to accelerate the development of AI-enabled cyber defenses. Attendees will explore a futuristic city where they can learn all about the competition, the technology, and the power of AI to help secure the software we all depend on.\r\n\r\nRegistration for AIxCC is no longer open to new contestants. AIxCC Preliminary Events were held March – July 2024.\r\n\r\nSemifinalists will be announced here: https://aicyberchallenge.com/","updated_timestamp":{"seconds":1722310204,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:30:04Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249422"},{"label":"More Info","type":"link","url":"https://aicyberchallenge.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249423"}],"end":"2024-08-11T21:00:00.000-0000","id":56032,"tag_ids":[46427,46439,46764],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-06 (AIxCC)","hotel":"","short_name":"HW3-05-06 (AIxCC)","id":46268},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Whether you're a seasoned DEFCON veteran or a curious newcomer, the DEFCON Scavenger Hunt promises to challenge your skills, tickle your wits, and ignite your hacker spirit. Our list is a portal to mystery, mischief, and mayhem. Assemble your team of up to five members, interpret the items, and submit your findings at the booth to our esteemed judges. Go beyond the basics for bonus points. Legends are born here.\r\n\r\nCasual players will enjoy doing a handful of items, but you will need to devote your entire weekend if you want to win. It's not just about fame, glory, or boxes of swag; the true allure is the camaraderie of fellow hackers, the knowledge that you've etched your mark on DEFCON history, and the ultimate badge of honor: bragging rights. Nothing says \"I'm a hacker\" quite like being triumphant at the DEFCON Scavenger Hunt contest.\r\n\r\nSee you at the booth!\n\n\n","media":[{"hash_sha256":"0bbb61282ddf3bcc0d027a7ffb0cb2f0dc6fcf32814b48e53488203695f478b3","filetype":"image/png","hash_md5":"d8ada9124833199cadf2f291b0178024","name":"ct_scav-hunt.png","is_logo":"Y","hash_crc32c":"fa957778","filesize":20774,"asset_id":639,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_scav-hunt.png"}],"title":"DEF CON Scavenger Hunt","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Whether you're a seasoned DEFCON veteran or a curious newcomer, the DEFCON Scavenger Hunt promises to challenge your skills, tickle your wits, and ignite your hacker spirit. Our list is a portal to mystery, mischief, and mayhem. Assemble your team of up to five members, interpret the items, and submit your findings at the booth to our esteemed judges. Go beyond the basics for bonus points. Legends are born here.\r\n\r\nCasual players will enjoy doing a handful of items, but you will need to devote your entire weekend if you want to win. It's not just about fame, glory, or boxes of swag; the true allure is the camaraderie of fellow hackers, the knowledge that you've etched your mark on DEFCON history, and the ultimate badge of honor: bragging rights. Nothing says \"I'm a hacker\" quite like being triumphant at the DEFCON Scavenger Hunt contest.\r\n\r\nSee you at the booth!","updated_timestamp":{"seconds":1722309542,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:19:02Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249365"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249366"},{"label":"Twitter (@defconscavhunt)","type":"link","url":"https://twitter.com/defconscavhunt"},{"label":"More Info","type":"link","url":"https://www.defconscavhunt.com"}],"end":"2024-08-11T19:00:00.000-0000","id":56025,"tag_ids":[46427,46439,46767],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-02","hotel":"","short_name":"HW4-03-02","id":46369},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle can keep you intrigued and busy throughout DEF CON - and questioning how deep the layers of cryptography go.\r\n\r\nThe Gold Bug is an annual puzzle hunt at DEF CON, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto.\r\n\r\nThe Gold Bug is accessible to all, with some simpler puzzles for warmup or beginners (even kids!), and some that will require you to dig a little deeper. Whether you want to hack on puzzles solo or with a team, join us at https://goldbug.cryptovillage.org to get started!\n\n\n","media":[{"hash_sha256":"13b49952b47182e368d362f08a7e71f8089c9c83059a9c4c8e4808b45d4b4895","filetype":"image/png","hash_md5":"9a544e26f3417e9cf4b4d32be2f147ae","name":"ct_gold-bug.png","is_logo":"Y","hash_crc32c":"c2604e30","filesize":86951,"asset_id":642,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_gold-bug.png"}],"title":"Gold Bug Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle can keep you intrigued and busy throughout DEF CON - and questioning how deep the layers of cryptography go.\r\n\r\nThe Gold Bug is an annual puzzle hunt at DEF CON, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto.\r\n\r\nThe Gold Bug is accessible to all, with some simpler puzzles for warmup or beginners (even kids!), and some that will require you to dig a little deeper. Whether you want to hack on puzzles solo or with a team, join us at https://goldbug.cryptovillage.org to get started!","updated_timestamp":{"seconds":1722309511,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:18:31Z","links":[{"label":"More Info","type":"link","url":"https://goldbug.cryptovillage.org/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249357"},{"label":"Twitter (@CryptoVillage)","type":"link","url":"https://twitter.com/CryptoVillage"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249358"}],"end":"2024-08-11T19:00:00.000-0000","id":56021,"tag_ids":[46377,46426,46439,46768],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-F","hotel":"","short_name":"HW4-01-04-F","id":46348},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle can keep you intrigued and busy throughout DEF CON - and questioning how deep the layers of cryptography go.\r\n\r\nThe Gold Bug is an annual puzzle hunt at DEF CON, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto.\r\n\r\nThe Gold Bug is accessible to all, with some simpler puzzles for warmup or beginners (even kids!), and some that will require you to dig a little deeper. Whether you want to hack on puzzles solo or with a team, join us at https://goldbug.cryptovillage.org to get started!\n\n\n","media":[{"hash_sha256":"13b49952b47182e368d362f08a7e71f8089c9c83059a9c4c8e4808b45d4b4895","filetype":"image/png","hash_md5":"9a544e26f3417e9cf4b4d32be2f147ae","name":"ct_gold-bug.png","is_logo":"Y","hash_crc32c":"c2604e30","filesize":86951,"asset_id":642,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_gold-bug.png"}],"title":"Gold Bug Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-12T01:00:00Z","end_timestamp":{"seconds":1723424400,"nanoseconds":0},"android_description":"Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle can keep you intrigued and busy throughout DEF CON - and questioning how deep the layers of cryptography go.\r\n\r\nThe Gold Bug is an annual puzzle hunt at DEF CON, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto.\r\n\r\nThe Gold Bug is accessible to all, with some simpler puzzles for warmup or beginners (even kids!), and some that will require you to dig a little deeper. Whether you want to hack on puzzles solo or with a team, join us at https://goldbug.cryptovillage.org to get started!","updated_timestamp":{"seconds":1722309511,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:18:31Z","links":[{"label":"More Info","type":"link","url":"https://goldbug.cryptovillage.org/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249357"},{"label":"Twitter (@CryptoVillage)","type":"link","url":"https://twitter.com/CryptoVillage"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249358"}],"end":"2024-08-12T01:00:00.000-0000","id":56020,"tag_ids":[46377,46426,46439,46768],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-F","hotel":"","short_name":"HW4-01-04-F","id":46348},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hybrid Contest\r\nOn-site Hours: Friday and Saturday 10:00-18:00; Sunday: 10:00-12:00\r\nBecomes available online Thursday 12:00\r\nOnline and In-Person platforms will close Sunday 12:00\r\nPlayers will only be able to turn in scavenger hunt items during On-site Hours.\r\n\r\nThis Pac-Man themed set of challenges takes Players on a journey through learning and demonstrating hacker and information security skills to earn points. With multiple subject-matter specific challenge groups and tracks, this hacker challenge game has something for everyone. You, dear Player, are Hac-Man (or Ms. Hac-Man, or Hac-Person), making your way through various dark mazes eating pellets, fruit, and ghosts. Each ghost represents a hacker puzzle or skills challenge. Upon completing each challenge, you’ll be awarded points and can continue on to attempt further challenges. Many challenges have unlockable hints and location information, which you can unlock by spending your collected fruit.\r\n\r\nThere is a leaderboard! As you collect points, you’ll show up on this leaderboard. The top 10 Players at the end of the game will be awarded various prizes from a prize pool.\n\n\n","media":[{"hash_sha256":"cc6847194df5b5f393d21dbe7eae61dd116d6ba9425fa3ecf526ffe8e72fcd79","filetype":"image/png","hash_md5":"a8e899829eca14ba61dacae2a6508d0a","name":"ct_hac-man_v2.png","is_logo":"Y","hash_crc32c":"e972f1c8","filesize":99075,"asset_id":782,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hac-man_v2.png"}],"title":"Hac-Man","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Hybrid Contest\r\nOn-site Hours: Friday and Saturday 10:00-18:00; Sunday: 10:00-12:00\r\nBecomes available online Thursday 12:00\r\nOnline and In-Person platforms will close Sunday 12:00\r\nPlayers will only be able to turn in scavenger hunt items during On-site Hours.\r\n\r\nThis Pac-Man themed set of challenges takes Players on a journey through learning and demonstrating hacker and information security skills to earn points. With multiple subject-matter specific challenge groups and tracks, this hacker challenge game has something for everyone. You, dear Player, are Hac-Man (or Ms. Hac-Man, or Hac-Person), making your way through various dark mazes eating pellets, fruit, and ghosts. Each ghost represents a hacker puzzle or skills challenge. Upon completing each challenge, you’ll be awarded points and can continue on to attempt further challenges. Many challenges have unlockable hints and location information, which you can unlock by spending your collected fruit.\r\n\r\nThere is a leaderboard! As you collect points, you’ll show up on this leaderboard. The top 10 Players at the end of the game will be awarded various prizes from a prize pool.","updated_timestamp":{"seconds":1722309229,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:13:49Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249354"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249355"},{"label":"More Info","type":"link","url":"https://scramble.roguesignal.io/GM_HACM24"}],"end":"2024-08-11T20:00:00.000-0000","id":56017,"tag_ids":[46426,46439,46769],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-C","hotel":"","short_name":"HW4-02-01-C","id":46358},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We would like to see cancer become a thing of the past, and you can help. How? Join the Hacker Cooling Contraption Challenge, brought to you by the TeleChallenge. Here's how it works:\r\n\r\n1. Accept our Challenge. If you accept the Challenge, you're also committing to nominate three people to join you.\r\n2. Take a video of yourself dumping a bucket of ice water over your head in combination with a Contraption of your construction to lower your temperature and raise awareness of cancer. Trust us, it's way easier to do this during the summer in Vegas than at Halifax Analytica headquarters in the winter.\r\n3. Post the audio to the TeleChallenge voice BBS challenging up to three others using their phone number, or post a video to https://defcon.social or your social media of choice using the hashtag #HackerCoolingContraption and the following:\r\n - Your handle\r\n - Who challenged you\r\n - A statement of acceptance (\"I agree that I am responsible for my own hacker cooling actions, I understand that water is wet, and I promise not to sue the TeleChallenge or DEF CON\" or something to that effect)\r\n - The handles of 3 people you are nominating\r\n - A link to a nonprofit cancer research project or charity of your choice that you have chosen to support\r\n - A mention of your contribution (including cash, cryptocurrency, volunteer hours, or computing resources), if any\r\n\r\nSuggested: Make a contribution of your choice to support cancer research. You may want to check nonprofit and charity quality here: https://www.charitynavigator.org/\r\n\r\nRULES\r\n\r\n1. You can use up to 4 items obtained either from the TeleChallenge booth or at a dollar store costing no more than $5 plus tax, plus duct tape, along with a single one-gallon bucket or container full of conventional ice and water (solely H2O!) to build your Contraption.\r\n2. Only hand tools may be used.\r\n3. No hackers may be harmed in the execution of the Challenge. Contraption may cool to no colder than -3 degrees Celcius.\r\n4. You may wear no less than a bathing suit (due to dress code requirements at pools).\r\n5. Contraptions will be judged only for full participants of the Challenge, meaning you have made three nominations and at least two nominees have also participated.\r\n6. Judging criteria: Efficacy, creativity, flair, hax.\n\n\n","media":[{"hash_sha256":"1162bb14d1418b4cae3817411de665ed741ed2268a0dcc68a84b299605b611cb","filetype":"image/png","hash_md5":"a28c768a3e779e17ac17c6310bf89f1e","name":"ct_telechallenge.png","is_logo":"Y","hash_crc32c":"a0fffafe","filesize":8220,"asset_id":660,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_telechallenge.png"}],"title":"Hacker Cooling Contraption Challenge, brought to you by the TeleChallenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"We would like to see cancer become a thing of the past, and you can help. How? Join the Hacker Cooling Contraption Challenge, brought to you by the TeleChallenge. Here's how it works:\r\n\r\n1. Accept our Challenge. If you accept the Challenge, you're also committing to nominate three people to join you.\r\n2. Take a video of yourself dumping a bucket of ice water over your head in combination with a Contraption of your construction to lower your temperature and raise awareness of cancer. Trust us, it's way easier to do this during the summer in Vegas than at Halifax Analytica headquarters in the winter.\r\n3. Post the audio to the TeleChallenge voice BBS challenging up to three others using their phone number, or post a video to https://defcon.social or your social media of choice using the hashtag #HackerCoolingContraption and the following:\r\n - Your handle\r\n - Who challenged you\r\n - A statement of acceptance (\"I agree that I am responsible for my own hacker cooling actions, I understand that water is wet, and I promise not to sue the TeleChallenge or DEF CON\" or something to that effect)\r\n - The handles of 3 people you are nominating\r\n - A link to a nonprofit cancer research project or charity of your choice that you have chosen to support\r\n - A mention of your contribution (including cash, cryptocurrency, volunteer hours, or computing resources), if any\r\n\r\nSuggested: Make a contribution of your choice to support cancer research. You may want to check nonprofit and charity quality here: https://www.charitynavigator.org/\r\n\r\nRULES\r\n\r\n1. You can use up to 4 items obtained either from the TeleChallenge booth or at a dollar store costing no more than $5 plus tax, plus duct tape, along with a single one-gallon bucket or container full of conventional ice and water (solely H2O!) to build your Contraption.\r\n2. Only hand tools may be used.\r\n3. No hackers may be harmed in the execution of the Challenge. Contraption may cool to no colder than -3 degrees Celcius.\r\n4. You may wear no less than a bathing suit (due to dress code requirements at pools).\r\n5. Contraptions will be judged only for full participants of the Challenge, meaning you have made three nominations and at least two nominees have also participated.\r\n6. Judging criteria: Efficacy, creativity, flair, hax.","updated_timestamp":{"seconds":1722309155,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T03:12:35Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249290"},{"label":"More Info","type":"link","url":"https://www.telechallenge.org"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249289"}],"end":"2024-08-11T20:00:00.000-0000","id":56014,"tag_ids":[46426,46439,46770],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-B","hotel":"","short_name":"HW4-02-02-B","id":46363},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T03:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This event was born out of the desire to teach an often-overlooked hardware and networking skill, and to provide the opportunity for experienced people to mentor others as they learn. DEF CON provides the perfect environment for people with no prior training to learn something useful and new. Hardwired networks are often overlooked in today’s world of cellular connection and Wi-Fi, but they still play an important part in the backbone of information sharing. We believe that while cutting-edge technologies are thrilling, traditional skills-building still has its place, and we want to provide that opportunity to the DEF CON community.\r\n\r\nDon't know how to make a network cable and want to learn? Has it been years? Or do you think you're a pro? Come see if you can... make the best cable at con by cut/wire/crimp.\n\n\n","media":[],"title":"HardWired","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"This event was born out of the desire to teach an often-overlooked hardware and networking skill, and to provide the opportunity for experienced people to mentor others as they learn. DEF CON provides the perfect environment for people with no prior training to learn something useful and new. Hardwired networks are often overlooked in today’s world of cellular connection and Wi-Fi, but they still play an important part in the backbone of information sharing. We believe that while cutting-edge technologies are thrilling, traditional skills-building still has its place, and we want to provide that opportunity to the DEF CON community.\r\n\r\nDon't know how to make a network cable and want to learn? Has it been years? Or do you think you're a pro? Come see if you can... make the best cable at con by cut/wire/crimp.","updated_timestamp":{"seconds":1722476715,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-01T01:45:15Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249337"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249336"}],"end":"2024-08-11T20:00:00.000-0000","id":56005,"tag_ids":[46385,46427,46439,46774],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-01T01:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A powerful corporation, notorious for its unethical practices, leveraged their extensive data resources gathered from users, and their psychological profiles, to subdue the population into compliance. The immune few, realizing the extent of the corporate conspiracy, band together to expose and dismantle the corporation's grip on society. These individuals must navigate a dangerous world of surveillance and betrayal. Their mission is to ignite a global awakening and reclaim freedom from corporate domination.\r\n\r\nPlayers will have to join the mission and participate in a CTF that would be beneficial for beginners and experienced players alike. The challenge categories will be Web, Cryptography, Forensics, PWN(binary exploitation) and Reverse Engineering. Various difficulty challenges from each category will be featured.\n\n\n","media":[{"hash_sha256":"f55b0da621d4ee7bcd1f6dd77fc6c800e20904a3840e9c4e47aee632f1571436","filetype":"image/png","hash_md5":"a396fd3e8349dccb4058656168c13a48","name":"ct_htbctfdatadystopia.png","is_logo":"Y","hash_crc32c":"bdc31b88","filesize":412581,"asset_id":663,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_htbctfdatadystopia.png"}],"title":"HTB CTF: Data Dystopia","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"A powerful corporation, notorious for its unethical practices, leveraged their extensive data resources gathered from users, and their psychological profiles, to subdue the population into compliance. The immune few, realizing the extent of the corporate conspiracy, band together to expose and dismantle the corporation's grip on society. These individuals must navigate a dangerous world of surveillance and betrayal. Their mission is to ignite a global awakening and reclaim freedom from corporate domination.\r\n\r\nPlayers will have to join the mission and participate in a CTF that would be beneficial for beginners and experienced players alike. The challenge categories will be Web, Cryptography, Forensics, PWN(binary exploitation) and Reverse Engineering. Various difficulty challenges from each category will be featured.","updated_timestamp":{"seconds":1722308173,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:56:13Z","links":[{"label":"Website","type":"link","url":"https://ctf.hackthebox.com/"},{"label":"Twitter (@hackthebox_eu)","type":"link","url":"https://twitter.com/hackthebox_eu"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249333"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249334"}],"end":"2024-08-11T20:00:00.000-0000","id":56002,"tag_ids":[46427,46439,46775],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06","hotel":"","short_name":"HW4-03-06","id":46373},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The ICS Village CTF offers hands-on experiences with industrial control systems, which bridge technology with physics. Attendees engage with industry experts while solving challenges like a red vs blue manufacturing network process coupled with OT-specific jeopardy-stye challenges. This contest highlights vulnerabilities in industrial equipment and OT protocols. By simulating attacks on critical infrastructure, participants develop and practice DEFCON-level skills, enhancing their understanding with critical infrastructure and the world we rely on.\n\n\n","media":[{"hash_sha256":"8f0942a63e6e9852cd8a122722da50a5f820039a33fbf629d8e0bbb0bc3c2a25","filetype":"image/png","hash_md5":"6f799941f98600f913350895408f1f4c","name":"ct_ics.png","is_logo":"Y","hash_crc32c":"765e2955","filesize":196108,"asset_id":648,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_ics.png"}],"title":"ICS CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The ICS Village CTF offers hands-on experiences with industrial control systems, which bridge technology with physics. Attendees engage with industry experts while solving challenges like a red vs blue manufacturing network process coupled with OT-specific jeopardy-stye challenges. This contest highlights vulnerabilities in industrial equipment and OT protocols. By simulating attacks on critical infrastructure, participants develop and practice DEFCON-level skills, enhancing their understanding with critical infrastructure and the world we rely on.","updated_timestamp":{"seconds":1722308131,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:55:31Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249319"},{"label":"Website","type":"link","url":"https://www.icsvillage.com/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249318"}],"end":"2024-08-11T20:00:00.000-0000","id":55999,"tag_ids":[46427,46439,46776],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The IoT village pi eating contest is a challenge where participants put their hardwear hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins.\r\n\r\nIn this brand new challenge, participants put their hardware hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins!\r\n\n\n\n","media":[],"title":"IoT Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The IoT village pi eating contest is a challenge where participants put their hardwear hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins.\r\n\r\nIn this brand new challenge, participants put their hardware hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins!","updated_timestamp":{"seconds":1722622146,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-02T18:09:06Z","links":[{"label":"More Info","type":"link","url":"https://scoreboard.iotvillage.org/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249449"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249448"}],"end":"2024-08-11T20:00:00.000-0000","id":55996,"tag_ids":[46427,46439,46777],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-02T18:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"You have been randomly selected for additional security training. Be on the look out for one of our drives, USBs or surprise devices out here in Vegas, and follow along on @LonelyHardDrive for further clues to start hacking away at the puzzles. This is required for all LonelyCorp employees and Betty Pagefile is counting on you!\n\n\n","media":[{"hash_sha256":"d3413916446363608deee0d63c7e2efb8eee7c303fcaafc76eab10c25b274594","filetype":"image/png","hash_md5":"a8a23a326ef1c818a3403a1ef3e87269","name":"ct_lonelyhd.png","is_logo":"Y","hash_crc32c":"9ea33847","filesize":79993,"asset_id":650,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_lonelyhd.png"}],"title":"Lonely Hard Drive","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"You have been randomly selected for additional security training. Be on the look out for one of our drives, USBs or surprise devices out here in Vegas, and follow along on @LonelyHardDrive for further clues to start hacking away at the puzzles. This is required for all LonelyCorp employees and Betty Pagefile is counting on you!","updated_timestamp":{"seconds":1722307767,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:49:27Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249324"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249325"},{"label":"Discord","type":"link","url":"https://discord.gg/68pRuKdCpW"}],"end":"2024-08-11T20:00:00.000-0000","id":55989,"tag_ids":[46427,46439,46780],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-F","hotel":"","short_name":"HW4-02-02-F","id":46367},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"How far will you go? Or, more accurately, how far was your tag's last reported location? Pre-register your team to receive one of a dozen tags, and check out our socials (@LonelyHardDrive) to watch the tags move across the map!\n\n\n","media":[{"hash_sha256":"98201efca440cba174db564a38cc3207a4c951759d79e47ef2bb817534cbff0e","filetype":"image/png","hash_md5":"8e4dc2835c8f08abfaa5b9162b29447b","name":"ct_lonelytag.png","is_logo":"Y","hash_crc32c":"89bc5644","filesize":82759,"asset_id":651,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_lonelytag.png"}],"title":"Lonely Tag","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"How far will you go? Or, more accurately, how far was your tag's last reported location? Pre-register your team to receive one of a dozen tags, and check out our socials (@LonelyHardDrive) to watch the tags move across the map!","updated_timestamp":{"seconds":1722307717,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:48:37Z","links":[{"label":"Discord","type":"link","url":"https://discord.gg/68pRuKdCpW"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249328"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249327"},{"label":"Twitter (@LonelyHardDrive)","type":"link","url":"https://twitter.com/LonelyHardDrive"}],"end":"2024-08-11T20:00:00.000-0000","id":55986,"tag_ids":[46427,46439,46781],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-F","hotel":"","short_name":"HW4-02-02-F","id":46367},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"MARC I: Malware Analysis Report Competition I\r\n\r\nIn MARC I (Malware Analysis Report Competition I), participants collect and analyze real malware, then write an analysis report like a story, covering the entire scope of who, what, when, where, why, and how they found and analyzed the malware.\r\n\r\nMARC I was created by Lena Yu (aka LambdaMamba) to provide malware enthusiasts with an opportunity to learn and showcase their passion and skills. Mastering malware analysis means mastering language. Essentially, we take a highly technical concept and simplify it into something that many can understand, similar to how a compiler translates high-level language into low-level language that a wide range of systems can understand.\r\n\r\nWhen participants open-source and publish their work, it greatly contributes to improving the field of cyber defense. Let's make malware analysis knowledge go viral!\r\n\r\n\r\nBOMBE: Battle of Malware Bypass and EDR\r\n\r\nTry to capture malware by writing your own EDR, or become the malware to bypass detection! BOMBE (Battle of Malware Bypass and EDR) is a unique match where malware and EDR systems compete against each other inside a single VM boxing ring.\r\n\r\nOur participants can choose if they want to be malware creator or EDR developer. Malware creators aim to exfiltrate credentials and transmit them to our designated server. On the other side, EDR developers will focus on detecting the malware's activities and report its findings. Both the malware and EDR, created by our participants, will battle each other directly inside a single VM. As they face off, they’ll earn points for wins, moving up on the leaderboard. We also encourage them to keep improving their malware or EDR systems, system logs will be released after a few rounds.\r\n\r\nBOMBE was created by Wei-Chieh Chao (aka oalieno) and Tien-Chih Lin (aka Dange). It is not just a competition, it's a learning platform. Participants engage with real-world scenarios, learning the circumstances between malware and EDR, a never-ending bypass and detect game. Showcase your skills! Whether you're a wizard at weaving undetectable malware or a mastermind in sophisticated defenses, this is your stage. Demonstrate your capabilities to a global audience, including potential employers and industry leaders.\n\n\n","media":[{"hash_sha256":"6c6addafa55c0e71b8e6dc3fff0f1a9a32e4399a6b80efaece158e3fdf69dd77","filetype":"image/png","hash_md5":"ddda3a35809fc47bf728f63f829e258d","name":"ct_marcibombe.png","is_logo":"Y","hash_crc32c":"040f1340","filesize":22325,"asset_id":652,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_marcibombe.png"}],"title":"Malware Contests: MARC I & BOMBE","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"MARC I: Malware Analysis Report Competition I\r\n\r\nIn MARC I (Malware Analysis Report Competition I), participants collect and analyze real malware, then write an analysis report like a story, covering the entire scope of who, what, when, where, why, and how they found and analyzed the malware.\r\n\r\nMARC I was created by Lena Yu (aka LambdaMamba) to provide malware enthusiasts with an opportunity to learn and showcase their passion and skills. Mastering malware analysis means mastering language. Essentially, we take a highly technical concept and simplify it into something that many can understand, similar to how a compiler translates high-level language into low-level language that a wide range of systems can understand.\r\n\r\nWhen participants open-source and publish their work, it greatly contributes to improving the field of cyber defense. Let's make malware analysis knowledge go viral!\r\n\r\n\r\nBOMBE: Battle of Malware Bypass and EDR\r\n\r\nTry to capture malware by writing your own EDR, or become the malware to bypass detection! BOMBE (Battle of Malware Bypass and EDR) is a unique match where malware and EDR systems compete against each other inside a single VM boxing ring.\r\n\r\nOur participants can choose if they want to be malware creator or EDR developer. Malware creators aim to exfiltrate credentials and transmit them to our designated server. On the other side, EDR developers will focus on detecting the malware's activities and report its findings. Both the malware and EDR, created by our participants, will battle each other directly inside a single VM. As they face off, they’ll earn points for wins, moving up on the leaderboard. We also encourage them to keep improving their malware or EDR systems, system logs will be released after a few rounds.\r\n\r\nBOMBE was created by Wei-Chieh Chao (aka oalieno) and Tien-Chih Lin (aka Dange). It is not just a competition, it's a learning platform. Participants engage with real-world scenarios, learning the circumstances between malware and EDR, a never-ending bypass and detect game. Showcase your skills! Whether you're a wizard at weaving undetectable malware or a mastermind in sophisticated defenses, this is your stage. Demonstrate your capabilities to a global audience, including potential employers and industry leaders.","updated_timestamp":{"seconds":1722307667,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:47:47Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249321"},{"label":"More Info","type":"link","url":"https://digitalplaguedoctors.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249322"},{"label":"Twitter (@DigitalPlagueDr)","type":"link","url":"https://twitter.com/DigitalPlagueDr"}],"end":"2024-08-11T20:00:00.000-0000","id":55983,"tag_ids":[46427,46439,46782],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-03","hotel":"","short_name":"HW4-03-03","id":46370},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Get ready to dive into the excitement of the third annual Octopus Game at DEF CON! Octopus Game is your chance to connect with fellow attendees while exploring all the fun and fascinating aspects of DEF CON. Whether you're new to DEF CON, a beginner at code-breaking, or simply seeking a stress-free contest, this is the perfect opportunity for you. Test your skills in clue reading and code-breaking as you join in on the fun!\r\n\r\nYou and your fellow pirates will embark on an exhilarating journey, armed with clues that unveil the path to the lost treasure of a legendary pirate, now guarded by the mighty Kraken. These quests will guide you through the vibrant landscape of the Con, offering a glimpse into the myriad opportunities and experiences awaiting exploration. Designed to welcome newcomers to the hacking world, this contest fosters connections among attendees and contributors alike. Whether you choose to collaborate with a small group or brave the challenge solo, the decision is yours. Yet, amidst the excitement, remember that only one can emerge victorious. With challenges tailored for entry-level participants and a kid-friendly environment, come join us for a thrilling adventure into the depths of the Kraken's Conundrum.\n\n\n","media":[{"hash_sha256":"d965b5442c0a42e3e2532515477829fb650b66f56a09c1dc92ce7ea7b4f49215","filetype":"image/png","hash_md5":"5f9b31f3696397acc630b3f69415c627","name":"ct_octogame.png","is_logo":"Y","hash_crc32c":"a3e9435a","filesize":258126,"asset_id":653,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_octogame.png"}],"title":"Octopus Game","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Get ready to dive into the excitement of the third annual Octopus Game at DEF CON! Octopus Game is your chance to connect with fellow attendees while exploring all the fun and fascinating aspects of DEF CON. Whether you're new to DEF CON, a beginner at code-breaking, or simply seeking a stress-free contest, this is the perfect opportunity for you. Test your skills in clue reading and code-breaking as you join in on the fun!\r\n\r\nYou and your fellow pirates will embark on an exhilarating journey, armed with clues that unveil the path to the lost treasure of a legendary pirate, now guarded by the mighty Kraken. These quests will guide you through the vibrant landscape of the Con, offering a glimpse into the myriad opportunities and experiences awaiting exploration. Designed to welcome newcomers to the hacking world, this contest fosters connections among attendees and contributors alike. Whether you choose to collaborate with a small group or brave the challenge solo, the decision is yours. Yet, amidst the excitement, remember that only one can emerge victorious. With challenges tailored for entry-level participants and a kid-friendly environment, come join us for a thrilling adventure into the depths of the Kraken's Conundrum.","updated_timestamp":{"seconds":1722307468,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:44:28Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249313"},{"label":"More Info","type":"link","url":"https://www.mirolabs.info/octopus-game-dc32"},{"label":"Twitter (@OctopusGameDC)","type":"link","url":"https://twitter.com/OctopusGameDC"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249314"}],"end":"2024-08-11T20:00:00.000-0000","id":55980,"tag_ids":[46427,46439,46783],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-A","hotel":"","short_name":"HW4-03-06-A","id":46374},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:44:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The contest will be hosted on the Publicly Switched Telephone Network and will be live for access 24/7, with real world PSTN phone numbers to dial into.\r\n\r\nThe Hacked Existence team will be hosting a telecom based CTF. The CTF will be hosted on live VoIP lines routed through a modified asterisk PBX. This will allow participants to dial in to the CTF from a real world telephone routable phone number allowing them to hunt the PBX for flags. The flags will be based around utilizing historically accurate tactics, techniques, and procedures to manipulate emulated old school switching systems.\r\n\r\nThe purpose of our contest is to bring awareness around the still existing weaknesses in our telecom infrastructure and Interactive Voice Response Systems. Ideally visitors to our contest area will participate in the CTF allowing them to get a better understanding of telecom hacking in the year 2024 as well as a respect for the art of phreaking from yesteryears.\n\n\n","media":[{"hash_sha256":"a381d77389722eccd24a6d26091b74111ffeb39431dfba6ccc946470f7aa0c06","filetype":"image/png","hash_md5":"abb9c88d83bd9789b6436e200d1beba3","name":"ct_phreak-me.png","is_logo":"Y","hash_crc32c":"bce4e12c","filesize":27257,"asset_id":655,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_phreak-me.png"}],"title":"PhreakMe presented by HackedExistence","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The contest will be hosted on the Publicly Switched Telephone Network and will be live for access 24/7, with real world PSTN phone numbers to dial into.\r\n\r\nThe Hacked Existence team will be hosting a telecom based CTF. The CTF will be hosted on live VoIP lines routed through a modified asterisk PBX. This will allow participants to dial in to the CTF from a real world telephone routable phone number allowing them to hunt the PBX for flags. The flags will be based around utilizing historically accurate tactics, techniques, and procedures to manipulate emulated old school switching systems.\r\n\r\nThe purpose of our contest is to bring awareness around the still existing weaknesses in our telecom infrastructure and Interactive Voice Response Systems. Ideally visitors to our contest area will participate in the CTF allowing them to get a better understanding of telecom hacking in the year 2024 as well as a respect for the art of phreaking from yesteryears.","updated_timestamp":{"seconds":1722307355,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:42:35Z","links":[{"label":"Twitter (@mainframed767)","type":"link","url":"https://twitter.com/mainframed767"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249310"},{"label":"Twitter (@HackedExistence)","type":"link","url":"https://twitter.com/HackedExistence"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249311"}],"end":"2024-08-11T20:00:00.000-0000","id":55977,"tag_ids":[46426,46439,46784],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-C","hotel":"","short_name":"HW4-02-02-C","id":46364},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The inaugural Pinball High Score contest at DEF CON will run Friday and Saturday: 10:00-18:00, Sunday 10:00-13:00 with games available for daily High Score contests, daily challenges and open qualifying for a main tournament. The daily contests will allow any attendee to play pinball games and attempt to record a qualifying high score on each of the unique games. At 18:00 on Saturday main tournament qualifying will end and the top 8 players with the highest combined scores across all eligible machines will qualify for the Sunday finals event where they could become the first DEF CON Pinball Champion!\r\n \r\nAchieving a high score may sound simple but pinball rulesets are very complex and the skill to complete a “Wizard Mode” or achieve a high score requires research, practice, knowledge and execution. Out of the box thinking, analytical skills and pattern recognition are traits that pinball players must exhibit to be successful and some games have rule sets that can be studied and exploited to achieve a high score. Hackers are at an advantage here and while this is just a pinball contest, I expect that the community is ready for this challenge.\r\n \r\nStern Pinball has prepared an exclusive DEF CON 32 digital badge that will be available for any attendee to earn for playing in this event. Additional DEF CON specific Insider Connect badges may be unlocked during game play.\r\n \r\nPinball developers have a long history of including Easter Eggs/COWS in games. Easter eggs “may” also be available for attendees to discover during the conference. Undocumented Easter eggs found by players during the event will be documented, verified and recognized.\n\n\n","media":[{"hash_sha256":"9f1e99841fcfbdb0775e2e05980c102dddd97013cf9cc0bfce930a55d91246ec","filetype":"image/png","hash_md5":"5b36f9ed87f65efbdf841e5c77a6041f","name":"ct_Pinball.png","is_logo":"Y","hash_crc32c":"cbbfc253","filesize":614281,"asset_id":664,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_Pinball.png"}],"title":"Pinball High Score Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The inaugural Pinball High Score contest at DEF CON will run Friday and Saturday: 10:00-18:00, Sunday 10:00-13:00 with games available for daily High Score contests, daily challenges and open qualifying for a main tournament. The daily contests will allow any attendee to play pinball games and attempt to record a qualifying high score on each of the unique games. At 18:00 on Saturday main tournament qualifying will end and the top 8 players with the highest combined scores across all eligible machines will qualify for the Sunday finals event where they could become the first DEF CON Pinball Champion!\r\n \r\nAchieving a high score may sound simple but pinball rulesets are very complex and the skill to complete a “Wizard Mode” or achieve a high score requires research, practice, knowledge and execution. Out of the box thinking, analytical skills and pattern recognition are traits that pinball players must exhibit to be successful and some games have rule sets that can be studied and exploited to achieve a high score. Hackers are at an advantage here and while this is just a pinball contest, I expect that the community is ready for this challenge.\r\n \r\nStern Pinball has prepared an exclusive DEF CON 32 digital badge that will be available for any attendee to earn for playing in this event. Additional DEF CON specific Insider Connect badges may be unlocked during game play.\r\n \r\nPinball developers have a long history of including Easter Eggs/COWS in games. Easter eggs “may” also be available for attendees to discover during the conference. Undocumented Easter eggs found by players during the event will be documented, verified and recognized.","updated_timestamp":{"seconds":1722307304,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:41:44Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249307"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249308"}],"end":"2024-08-11T20:00:00.000-0000","id":55974,"tag_ids":[46427,46439,46785],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-A","hotel":"","short_name":"HW4-02-01-A","id":46356},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:41:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There’s a new emerging tech in town, and it’s name is Quantum! Following the past two years of Quantum CTF events held at the Quantum Village, we are pleased, proud, and excited to announce that our Q-CTF is indeed returning as Codename; QOLOSSUS! Pit your wits against the Atom, and come and see what devilish challenges from our Quantum Quizmasters await. Come and show your quantum prowess, and mastery of superposition and entanglement - design algorithms to break cryptography, hack our simulated quantum communications, and score points in our IRL activities. |Good Luck!〉\n\n\n","media":[{"hash_sha256":"199f4b2ea70f9102e0afb69f5030e3ee8f63e989d287fb95999ae10866455522","filetype":"image/png","hash_md5":"9b669ac9bfd767cb8376444b58c08733","name":"ct_quantum.png","is_logo":"Y","hash_crc32c":"4d94b7ec","filesize":133235,"asset_id":665,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_quantum.png"}],"title":"QOLOSSUS","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"There’s a new emerging tech in town, and it’s name is Quantum! Following the past two years of Quantum CTF events held at the Quantum Village, we are pleased, proud, and excited to announce that our Q-CTF is indeed returning as Codename; QOLOSSUS! Pit your wits against the Atom, and come and see what devilish challenges from our Quantum Quizmasters await. Come and show your quantum prowess, and mastery of superposition and entanglement - design algorithms to break cryptography, hack our simulated quantum communications, and score points in our IRL activities. |Good Luck!〉","updated_timestamp":{"seconds":1722307112,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:38:32Z","links":[{"label":"Website","type":"link","url":"https://quantumvillage.org/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249316"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249303"}],"end":"2024-08-11T20:00:00.000-0000","id":55971,"tag_ids":[46426,46439,46786],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is going to be an interactive live game that is driven by a near future storyline in which deepfakes and forgeries are so difficult to detect that bad actors and foreign governments are fully engaged in a war over people's minds. At the same time, the world is sitting on the brink of the so-called \"singularity,\" as AI advancements have completely blurred the line between artificial and natural cognition, and the Turing test has been rendered decisively moot.\r\n\r\nTeams will join the game and follow the storyline to clues that will give them hints about who they can trust and who they can't. The clues will follow the pattern of deepfakes and forgeries, asking players to figure out what's real and what's not, focusing on hacker and defcon focus areas such as authentication, trust, social engineering, hardware and software manipulation and more. They will be given a rich story that will lead them to research the underlying issues in trust and anonymous trust systems. They will also encounter challenges and tutorials on video and image validation and cryptographically safe messaging.\n\n\n","media":[{"hash_sha256":"5623af21fb9072f5866b3488e326d3582c44c0756e9bbfa94eae7e26318a73eb","filetype":"image/png","hash_md5":"ebb531e8ad802f8d5fb24e19e23f46f4","name":"ct_reali7y-overrun.png","is_logo":"Y","hash_crc32c":"14fd2e42","filesize":577690,"asset_id":701,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_reali7y-overrun.png"}],"title":"REALI7Y OVERRUN","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"This is going to be an interactive live game that is driven by a near future storyline in which deepfakes and forgeries are so difficult to detect that bad actors and foreign governments are fully engaged in a war over people's minds. At the same time, the world is sitting on the brink of the so-called \"singularity,\" as AI advancements have completely blurred the line between artificial and natural cognition, and the Turing test has been rendered decisively moot.\r\n\r\nTeams will join the game and follow the storyline to clues that will give them hints about who they can trust and who they can't. The clues will follow the pattern of deepfakes and forgeries, asking players to figure out what's real and what's not, focusing on hacker and defcon focus areas such as authentication, trust, social engineering, hardware and software manipulation and more. They will be given a rich story that will lead them to research the underlying issues in trust and anonymous trust systems. They will also encounter challenges and tutorials on video and image validation and cryptographically safe messaging.","updated_timestamp":{"seconds":1722306602,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:30:02Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249299"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249298"}],"end":"2024-08-11T20:00:00.000-0000","id":55968,"tag_ids":[46426,46439,46787],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-E","hotel":"","short_name":"HW4-02-02-E","id":46366},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Travel the seven seas to the seven wonders across time to test your skills across both old and new worlds. Every journey's end yields its own reward, but there is only one who can claim to be the first to the summit. Bring your entire tech arsenal or just a phone. Start at the broken compass and push forward into the known to seek the unknown. Wonders, plunder, and glory to those who test the waters and themselves.\n\n\n","media":[{"hash_sha256":"c00793a49e66e3875320bb6aa8a333a128342b9aff35ce0f359a692aa3adfcef","filetype":"image/png","hash_md5":"a764d88ab305ab55ecd270635fc1d6e7","name":"ct_venator-aurum.png","is_logo":"Y","hash_crc32c":"f705c79f","filesize":162235,"asset_id":661,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_venator-aurum.png"}],"title":"venator aurum - A Treasure Hunt","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Travel the seven seas to the seven wonders across time to test your skills across both old and new worlds. Every journey's end yields its own reward, but there is only one who can claim to be the first to the summit. Bring your entire tech arsenal or just a phone. Start at the broken compass and push forward into the known to seek the unknown. Wonders, plunder, and glory to those who test the waters and themselves.","updated_timestamp":{"seconds":1722305020,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:03:40Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249282"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249283"},{"label":"More Info","type":"link","url":"https://venatoraurum.org"}],"end":"2024-08-11T20:00:00.000-0000","id":55957,"tag_ids":[46427,46439,46792],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:03:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Red Team Capture the Flag (CTF) competition is back at DEFCON! It is a challenging and exciting event that tests the skills of participants in offensive security.\r\n\r\nThe Red Team CTF is designed to simulate real-world challenges in which attackers are put to the test. Participants are expected to use a wide range of hacking techniques, tools, and skills to identify and exploit vulnerabilities.\r\n\r\nTeams are typically composed of experienced hackers, penetration testers, and security researchers who have a deep understanding of the latest cybersecurity threats and attack techniques. They must work together to uncover and exploit vulnerabilities and solve challenges.\r\n\r\nThe Red Team CTF at DEFCON is considered one of the most challenging and prestigious CTF competitions in the world, with participants coming from all over the globe to compete. It is a high-pressure, high-stakes event that tests the limits of participants' technical and strategic abilities, and offers a unique opportunity to showcase their skills and knowledge in front of a global audience of Hackers.\n\n\n","media":[{"hash_sha256":"2bf4c805c5199cf58ff7b99c52832fc1bf226ca9687e583667a7725b361d989e","filetype":"image/png","hash_md5":"61c3a856daea14c6fd3d7d213a8048f9","name":"v_redteam2024.png","is_logo":"Y","hash_crc32c":"f14aab22","filesize":209749,"asset_id":719,"sort_order":1,"url":"https://info.defcon.org/blobs/v_redteam2024.png"}],"title":"Red Team Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"The Red Team Capture the Flag (CTF) competition is back at DEFCON! It is a challenging and exciting event that tests the skills of participants in offensive security.\r\n\r\nThe Red Team CTF is designed to simulate real-world challenges in which attackers are put to the test. Participants are expected to use a wide range of hacking techniques, tools, and skills to identify and exploit vulnerabilities.\r\n\r\nTeams are typically composed of experienced hackers, penetration testers, and security researchers who have a deep understanding of the latest cybersecurity threats and attack techniques. They must work together to uncover and exploit vulnerabilities and solve challenges.\r\n\r\nThe Red Team CTF at DEFCON is considered one of the most challenging and prestigious CTF competitions in the world, with participants coming from all over the globe to compete. It is a high-pressure, high-stakes event that tests the limits of participants' technical and strategic abilities, and offers a unique opportunity to showcase their skills and knowledge in front of a global audience of Hackers.","updated_timestamp":{"seconds":1722304921,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T02:02:01Z","links":[{"label":"Sub-Forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250035"}],"end":"2024-08-11T19:00:00.000-0000","id":55954,"tag_ids":[46392,46427,46439,46789],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-05-C","hotel":"","short_name":"HW4-01-05-C","id":46353},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T02:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In-Person Contest\r\nFriday and Saturday: 10:00-18:00; Sunday: 10:00-12:00\r\n\r\nThe Return of ? Cube \r\n\r\n? Cube returns, weaving a tale that transcends the ordinary. This year, engagement is not just a theme—it's a journey through the multidimensional realms of hacking. Progressive Puzzles: Unlock the secrets of each compartment as you journey through progressively harder puzzles. From the Front's gentle introduction to the Top's formidable challenges, the Cube invites you to engage with the spectrum of cybersecurity domains. Physical Entry Unleashed: In a bold evolution, physical entry becomes a key component. Navigate the tangible aspects of physical entry, decoding not only in the digital realm but also as you immerse yourself physically in the enigmatic sides of ? Cube. Cryptic Narratives: As each compartment unfolds, the narrative of engagement takes shape. The puzzles, touching on encryption, penetration testing, and beyond. Silent Intricacies: Engage not only with the puzzles but also with the silent intricacies woven into the physical challenges. Decrypt messages, decipher patterns, and embrace the essence of Defcon as you navigate the unseen and the tangible. Embark on the Engage Journey: ? Cube calls upon the curious and the bold. Embark on a journey where the puzzles transcend the digital divide, demanding both mental acuity and physical prowess. H4QEG5LCMUQEAICEMVTGG33OEAZTEICSMVQWI6JAORXSAZLOM5QWOZJ7\n\n\n","media":[{"hash_sha256":"d0e2dbb822f2d701836ee0e14952d5df4b6d830bfa606ab2b50a5a1edab2dabd","filetype":"image/png","hash_md5":"c33dfe5aaced7041c948e7b2e45ba78f","name":"ct_0x3f-cube.png","is_logo":"Y","hash_crc32c":"6b1ba7fa","filesize":272722,"asset_id":622,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_0x3f-cube.png"}],"title":"? Cube","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"In-Person Contest\r\nFriday and Saturday: 10:00-18:00; Sunday: 10:00-12:00\r\n\r\nThe Return of ? Cube \r\n\r\n? Cube returns, weaving a tale that transcends the ordinary. This year, engagement is not just a theme—it's a journey through the multidimensional realms of hacking. Progressive Puzzles: Unlock the secrets of each compartment as you journey through progressively harder puzzles. From the Front's gentle introduction to the Top's formidable challenges, the Cube invites you to engage with the spectrum of cybersecurity domains. Physical Entry Unleashed: In a bold evolution, physical entry becomes a key component. Navigate the tangible aspects of physical entry, decoding not only in the digital realm but also as you immerse yourself physically in the enigmatic sides of ? Cube. Cryptic Narratives: As each compartment unfolds, the narrative of engagement takes shape. The puzzles, touching on encryption, penetration testing, and beyond. Silent Intricacies: Engage not only with the puzzles but also with the silent intricacies woven into the physical challenges. Decrypt messages, decipher patterns, and embrace the essence of Defcon as you navigate the unseen and the tangible. Embark on the Engage Journey: ? Cube calls upon the curious and the bold. Embark on a journey where the puzzles transcend the digital divide, demanding both mental acuity and physical prowess. H4QEG5LCMUQEAICEMVTGG33OEAZTEICSMVQWI6JAORXSAZLOM5QWOZJ7","updated_timestamp":{"seconds":1722304182,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T01:49:42Z","links":[{"label":"More Info","type":"link","url":"https://0x3fcube.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249434"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249433"}],"end":"2024-08-11T19:00:00.000-0000","id":55951,"tag_ids":[46427,46439,46749],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02","hotel":"","short_name":"HW4-02-02","id":46361},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T01:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AND!XOR creates electronic badges filled with hacker challenges. We love doing this, especially coming up with unique ways for hackers to earn them. Introducing the newest member of our hacker-fam: 5N4CK3Y (Snackey). 5N4CK3Y is a vending machine hardware hacking project from AND!XOR. We retrofitted it into an IoT CTF based badge dispensing machine, bling and all. Find a flag on our web hosted CTF platform, you get a 5N4CK3Y dispense code, punch it in, and a badge is vended to you! There are a variety of challenges to earn a badge as well others to continue working on the badge itself once obtained. These span from hardware hacking, reverse engineering, OSINT, network security, and cryptography to name a few. There's a little bit of everything, so it's a perfect way to learn something at one of the many DEF CON villages and talking with people you meet, then attempt one of the CTF challenges to dispense a badge. Hardware hacking is our passion and we want people to learn on badges, but more importantly that there's a lot to learn at DEF CON so our CTF will hopefully serve a desire to learn something new and meet new friends while trying to earn a badge and hack it further.\n\n\n","media":[{"hash_sha256":"8ac69ab38e4119808de39c34aef0629a1bcfb5eb60ab6d7d351a3e37b5533f13","filetype":"image/png","hash_md5":"689e0fcdb0dd612c191cd25482435f76","name":"ct_5n4ck3y.png","is_logo":"Y","hash_crc32c":"dc7e4cd6","filesize":6283,"asset_id":621,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_5n4ck3y.png"}],"title":"5N4CK3Y Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"AND!XOR creates electronic badges filled with hacker challenges. We love doing this, especially coming up with unique ways for hackers to earn them. Introducing the newest member of our hacker-fam: 5N4CK3Y (Snackey). 5N4CK3Y is a vending machine hardware hacking project from AND!XOR. We retrofitted it into an IoT CTF based badge dispensing machine, bling and all. Find a flag on our web hosted CTF platform, you get a 5N4CK3Y dispense code, punch it in, and a badge is vended to you! There are a variety of challenges to earn a badge as well others to continue working on the badge itself once obtained. These span from hardware hacking, reverse engineering, OSINT, network security, and cryptography to name a few. There's a little bit of everything, so it's a perfect way to learn something at one of the many DEF CON villages and talking with people you meet, then attempt one of the CTF challenges to dispense a badge. Hardware hacking is our passion and we want people to learn on badges, but more importantly that there's a lot to learn at DEF CON so our CTF will hopefully serve a desire to learn something new and meet new friends while trying to earn a badge and hack it further.","updated_timestamp":{"seconds":1722304084,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T01:48:04Z","links":[{"label":"Twitter (@ANDnXOR)","type":"link","url":"https://twitter.com/ANDnXOR"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249432"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249431"}],"end":"2024-08-11T19:00:00.000-0000","id":55948,"tag_ids":[46427,46439,46748],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-B","hotel":"","short_name":"HW4-02-01-B","id":46357},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Car Hacking Village CTF is a fun interactive challenge which gives contestants first hand experience to interact with automotive technologies. We work with multiple automotive OEMs and suppliers to ensure our challenges give a real-world experience to car hacking. We understand hacking cars can be expensive, so please come check out our village and flex your skills in hacking automotive technologies.\r\n\r\nWith the largest collection of hackers in one area, there's no better way to understand the security state of an industry without bringing it to security professionals to break. Over the past 10 years, the Car Hacking Village has been the focal point of interest for new hackers entering the automotive industry to learn, be a part of and actually test out automotive technologies. We plan to use this event to keep drawing attention to the automotive security industry through hands-on challenges.\n\n\n","media":[{"hash_sha256":"e781ae0757165e1901f38152e551557644051f49e9b80b6665d211c8d0436358","filetype":"image/png","hash_md5":"e839c04dbe99f926b0ae9ee3ee703da3","name":"ct_car-hacking.png","is_logo":"Y","hash_crc32c":"fbca36e3","filesize":111066,"asset_id":629,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_car-hacking.png"}],"title":"Car Hacking Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"The Car Hacking Village CTF is a fun interactive challenge which gives contestants first hand experience to interact with automotive technologies. We work with multiple automotive OEMs and suppliers to ensure our challenges give a real-world experience to car hacking. We understand hacking cars can be expensive, so please come check out our village and flex your skills in hacking automotive technologies.\r\n\r\nWith the largest collection of hackers in one area, there's no better way to understand the security state of an industry without bringing it to security professionals to break. Over the past 10 years, the Car Hacking Village has been the focal point of interest for new hackers entering the automotive industry to learn, be a part of and actually test out automotive technologies. We plan to use this event to keep drawing attention to the automotive security industry through hands-on challenges.","updated_timestamp":{"seconds":1722273461,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-29T17:17:41Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249399"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249398"},{"label":"Twitter (@CarHackVillage)","type":"link","url":"https://twitter.com/CarHackVillage"},{"label":"More Info","type":"link","url":"https://www.carhackingvillage.com/"}],"end":"2024-08-11T19:00:00.000-0000","id":55945,"tag_ids":[46375,46427,46439,46747],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-01","hotel":"","short_name":"HW4-01-01","id":46273},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-29T17:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"## CHV 101\r\n\r\nThis booth will have several reverse engineer demonstrations and an automotive threat intelligence review. \r\n\r\n- Reverse Engineering Demonstration(s)\r\n- Live vehicle communications via remote controls\r\n- EV-based Hardware-in-the-Loop (HIL) demonstrations\r\n- Automotive Threat Intelligence\r\n- How to gather threat intelligence related to the automotive industry\r\n- What the current threat landscape looks like today\r\n\r\n## CHV CTF\r\n\r\nThere will be 10-15 automotive security CTF challenges this year ranging from reverse engineering, telemetry, grand theft auto, crypto, vehicle networks, and exploitation. \r\n\r\n1st place prize is a car!\r\n\r\n## CHV Kids\r\n\r\nA fun scavenger hunt designed for DCNextGen kids to participate in and learn about the Car Hacking Village. \r\n\r\nThere will be swag items handed out to the kids as they move through the scavenger hunt. \r\n\r\n## CHV Mechanics\r\n\r\nThere will be 1 Semi-Truck and 2 Electric Vehicles on site for people to plug into. \r\n\r\nDEFCON attendees must follow the rules for each of the vehicles. There will be large ORANGE signs with the rules detailed on them.\n\n\n","media":[{"hash_sha256":"ccde738b12c7c58aff986949ac20eaf7066dfb8d710349a422699273aa0579a1","filetype":"image/png","hash_md5":"fc0eba7a6d691cdd9aa385cd0bb1eece","name":"v_CarHacking.png","is_logo":"Y","hash_crc32c":"d845a1a6","filesize":249973,"asset_id":601,"sort_order":0,"url":"https://info.defcon.org/blobs/v_CarHacking.png"}],"title":"Car Hacking Village Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"## CHV 101\r\n\r\nThis booth will have several reverse engineer demonstrations and an automotive threat intelligence review. \r\n\r\n- Reverse Engineering Demonstration(s)\r\n- Live vehicle communications via remote controls\r\n- EV-based Hardware-in-the-Loop (HIL) demonstrations\r\n- Automotive Threat Intelligence\r\n- How to gather threat intelligence related to the automotive industry\r\n- What the current threat landscape looks like today\r\n\r\n## CHV CTF\r\n\r\nThere will be 10-15 automotive security CTF challenges this year ranging from reverse engineering, telemetry, grand theft auto, crypto, vehicle networks, and exploitation. \r\n\r\n1st place prize is a car!\r\n\r\n## CHV Kids\r\n\r\nA fun scavenger hunt designed for DCNextGen kids to participate in and learn about the Car Hacking Village. \r\n\r\nThere will be swag items handed out to the kids as they move through the scavenger hunt. \r\n\r\n## CHV Mechanics\r\n\r\nThere will be 1 Semi-Truck and 2 Electric Vehicles on site for people to plug into. \r\n\r\nDEFCON attendees must follow the rules for each of the vehicles. There will be large ORANGE signs with the rules detailed on them.","updated_timestamp":{"seconds":1722273345,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-29T17:15:45Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55942,"tag_ids":[46375,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-01","hotel":"","short_name":"HW4-01-01","id":46273},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-29T17:15:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A scenario-driven Capture the Flag contest, pits teams of participants against adversaries and a clock, to protect human life and public safety. Participants compete against each other on both real and simulated medical devices, integrated into the fully immersive Biohacking Village: Device Lab, laid out as a working hospital. \r\n\r\nChallenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with protocols like DICOM, HL7 and FHIR.\r\n\r\n# 2024 Capture the Flag Challenge\r\n\r\nWelcome, elite hackers and cyber sleuths, to a CTF experience like no other - the \"Code D.A.R.K. : Biohacking Village CTF Challenge\".\r\n \r\nMerge the worlds of biology and cybersecurity in an adrenaline-pumping contest that tests your skills in ways you've never imagined. Thrilling and challenging cybersecurity adventure centered around a hospital setting as a scenario where participants engage in a race against time to secure or retrieve critical medical data, navigating through various cybersecurity puzzles and challenges, where participants act as guardians of critical biological data. \r\n\r\nUnravel Biological Mysteries: Dive into a narrative where biotechnology meets cyber-warfare. Decode genetic puzzles, breach virtual lab networks, and outsmart bioinformatics security systems.\r\n\r\nElevate Your Hacking Game: Challenge yourself with unique biocybersecurity scenarios. This isn't your typical CTF - it's a fusion of biotech intrigue and hardcore hacking.\r\n\r\nCompete and Collaborate: Team up with fellow biohackers and cyber warriors. Share knowledge, strategize, and show off your skills in a community where biology and bits intersect.\r\n\r\nGear Up for a Cyber-Biotech Showdown\r\n\r\nImmersive Scenarios: Each challenge is a step into a world where safeguarding biological data is as critical as securing digital assets.\r\n\r\nSkill Diversity: Whether you're a veteran hacker or a biotech enthusiast, Code D.A.R.K. offers a range of puzzles that cater to a wide array of skills and interests.\r\n\r\n - OT/IT\r\n - Medical devices\r\n - Hospital infrastructure\r\n - Regulatory and international affairs\r\n - Robotics\r\n - Data\r\n - **Mark your calendars** and set your alarms because the action kicks off on Friday, August 9th at 1000 PDT.\r\n - **Play from anywhere in the world!** CTF open hours are as follows: \r\n - Friday, August 9th from 10am PST - 6pm PDT\r\n - Saturday, August 10th from 10am PST - 6pm PDT\r\n - Sunday, August 11th from 10am PST - 12pm PDT\r\n\r\n# RULES\r\n\r\n## REGISTRATION\r\n\r\nParticipants may only register once for this challenge. If participants register for this challenge more than once, the whole teams with a participant that registered multiple times will be disqualified.\r\n\r\nBy registering, participants agree that their accounts may be rejected or terminated and all submissions by them and/or their Team may be disqualified if any of the information in their account is incorrect.\r\n\r\nParticipants must agree to and abide by the [Code of Conduct](https://www.villageb.io/code-of-conduct) while participating in the Biohacking Village Capture the Flag. Anyone who will conduct themselves against the CoC will be eliminated from competition and banned forever.\r\n\r\n## TEAMS\r\n\r\nAfter participants register individually, they may work alone (team of one) or on one team with other challenge participants. To work on a team, they may either create a new team or join one that is pre-existing ( if a participant wishes to join a team or offer others to join, they can do so in the #ctf-st-elvis-teambuilding Discord Channel)\r\n\r\nThe maximum number of team members is five (5).\r\n\r\nAll teams must designate a Team Captain. A Team Captain serves as the official contact person for a team: this person should provide accurate and complete contact information to ensure that CTF organizers can reach their team if needed.\r\n\r\nEach member of the team must be a registered participant in the CTF.\r\n\r\nIf participants choose to join a team, then they may not simultaneously participate as an individual or another team. \r\n\r\n## CHALLENGE SUBMISSIONS\r\n\r\nAll submissions must be received during the Challenge period. Submissions posted after the posted time frame will be disqualified.\r\n\r\nParticipants may get an answer but it will forfeit their points for that challenge. Even if the flag they tried before was similar. The decision to get the answer is final for zero points.\r\n\r\n## CHALLENGE SCORING\r\n\r\nEach submission has set value known beforehand in the challenge description\r\n\r\nThe winning teams will be decided based on the number of the accumulated points during the CTF timeframe. In case two teams accumulate the same amount of points, the team that reached the amount of points in question faster will be the winner.\r\n\r\n## CHALLENGE DISQUALIFICATION\r\n\r\nWhole team gets disqualified if any of the following applies:\r\n\r\n - One or multiple team members have registered more than once\r\n - One or multiple team members will not follow [Code of Conduct](https://www.villageb.io/code-of-conduct) (applies to any of the Biohacking village platforms or social media)\r\n - Any offensive behaviour such as attacking the Biohacking Village infrastructure, denial of service, or escaping the boundaries set by the CTF or Device Lab environment\r\n\r\n## PRIVACY\r\n\r\nUnless stated otherwise on the mainsite, we do not share any information about participants with anyone. Some events or conferences might have/require other rules, in that case it will be noted on the CTFd site.\n\n\n","media":[{"hash_sha256":"b29c833000316f6b3af2c5cc50e33ccb1756f89fb27d54aba3d5a961337c91de","filetype":"image/png","hash_md5":"8209d940757db7a341e0db2b17618f70","name":"ct_bhv-ctf.png","is_logo":"Y","hash_crc32c":"2c477ed5","filesize":54217,"asset_id":627,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_bhv-ctf.png"}],"title":"Biohacking Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"A scenario-driven Capture the Flag contest, pits teams of participants against adversaries and a clock, to protect human life and public safety. Participants compete against each other on both real and simulated medical devices, integrated into the fully immersive Biohacking Village: Device Lab, laid out as a working hospital. \r\n\r\nChallenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with protocols like DICOM, HL7 and FHIR.\r\n\r\n# 2024 Capture the Flag Challenge\r\n\r\nWelcome, elite hackers and cyber sleuths, to a CTF experience like no other - the \"Code D.A.R.K. : Biohacking Village CTF Challenge\".\r\n \r\nMerge the worlds of biology and cybersecurity in an adrenaline-pumping contest that tests your skills in ways you've never imagined. Thrilling and challenging cybersecurity adventure centered around a hospital setting as a scenario where participants engage in a race against time to secure or retrieve critical medical data, navigating through various cybersecurity puzzles and challenges, where participants act as guardians of critical biological data. \r\n\r\nUnravel Biological Mysteries: Dive into a narrative where biotechnology meets cyber-warfare. Decode genetic puzzles, breach virtual lab networks, and outsmart bioinformatics security systems.\r\n\r\nElevate Your Hacking Game: Challenge yourself with unique biocybersecurity scenarios. This isn't your typical CTF - it's a fusion of biotech intrigue and hardcore hacking.\r\n\r\nCompete and Collaborate: Team up with fellow biohackers and cyber warriors. Share knowledge, strategize, and show off your skills in a community where biology and bits intersect.\r\n\r\nGear Up for a Cyber-Biotech Showdown\r\n\r\nImmersive Scenarios: Each challenge is a step into a world where safeguarding biological data is as critical as securing digital assets.\r\n\r\nSkill Diversity: Whether you're a veteran hacker or a biotech enthusiast, Code D.A.R.K. offers a range of puzzles that cater to a wide array of skills and interests.\r\n\r\n - OT/IT\r\n - Medical devices\r\n - Hospital infrastructure\r\n - Regulatory and international affairs\r\n - Robotics\r\n - Data\r\n - **Mark your calendars** and set your alarms because the action kicks off on Friday, August 9th at 1000 PDT.\r\n - **Play from anywhere in the world!** CTF open hours are as follows: \r\n - Friday, August 9th from 10am PST - 6pm PDT\r\n - Saturday, August 10th from 10am PST - 6pm PDT\r\n - Sunday, August 11th from 10am PST - 12pm PDT\r\n\r\n# RULES\r\n\r\n## REGISTRATION\r\n\r\nParticipants may only register once for this challenge. If participants register for this challenge more than once, the whole teams with a participant that registered multiple times will be disqualified.\r\n\r\nBy registering, participants agree that their accounts may be rejected or terminated and all submissions by them and/or their Team may be disqualified if any of the information in their account is incorrect.\r\n\r\nParticipants must agree to and abide by the [Code of Conduct](https://www.villageb.io/code-of-conduct) while participating in the Biohacking Village Capture the Flag. Anyone who will conduct themselves against the CoC will be eliminated from competition and banned forever.\r\n\r\n## TEAMS\r\n\r\nAfter participants register individually, they may work alone (team of one) or on one team with other challenge participants. To work on a team, they may either create a new team or join one that is pre-existing ( if a participant wishes to join a team or offer others to join, they can do so in the #ctf-st-elvis-teambuilding Discord Channel)\r\n\r\nThe maximum number of team members is five (5).\r\n\r\nAll teams must designate a Team Captain. A Team Captain serves as the official contact person for a team: this person should provide accurate and complete contact information to ensure that CTF organizers can reach their team if needed.\r\n\r\nEach member of the team must be a registered participant in the CTF.\r\n\r\nIf participants choose to join a team, then they may not simultaneously participate as an individual or another team. \r\n\r\n## CHALLENGE SUBMISSIONS\r\n\r\nAll submissions must be received during the Challenge period. Submissions posted after the posted time frame will be disqualified.\r\n\r\nParticipants may get an answer but it will forfeit their points for that challenge. Even if the flag they tried before was similar. The decision to get the answer is final for zero points.\r\n\r\n## CHALLENGE SCORING\r\n\r\nEach submission has set value known beforehand in the challenge description\r\n\r\nThe winning teams will be decided based on the number of the accumulated points during the CTF timeframe. In case two teams accumulate the same amount of points, the team that reached the amount of points in question faster will be the winner.\r\n\r\n## CHALLENGE DISQUALIFICATION\r\n\r\nWhole team gets disqualified if any of the following applies:\r\n\r\n - One or multiple team members have registered more than once\r\n - One or multiple team members will not follow [Code of Conduct](https://www.villageb.io/code-of-conduct) (applies to any of the Biohacking village platforms or social media)\r\n - Any offensive behaviour such as attacking the Biohacking Village infrastructure, denial of service, or escaping the boundaries set by the CTF or Device Lab environment\r\n\r\n## PRIVACY\r\n\r\nUnless stated otherwise on the mainsite, we do not share any information about participants with anyone. Some events or conferences might have/require other rules, in that case it will be noted on the CTFd site.","updated_timestamp":{"seconds":1722215343,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-29T01:09:03Z","links":[{"label":"More Info","type":"link","url":"https://www.villageb.io/capture-the-flag"}],"end":"2024-08-11T20:00:00.000-0000","id":55939,"tag_ids":[46371,46427,46439,46746],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-07","hotel":"","short_name":"HW3-05-07","id":46269},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-29T01:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Device Lab is highly-collaborative environment where security researchers test medical instruments, applications, and devices in real-time from participating Medical Device Manufacturers. Any potential issues are reported directly to the manufacturer, and coordinated vulnerability disclosures are produced.\r\n\r\nAs part of their product security programs, their proactive initiatives to test their products, and to enhance the cybersecurity of their medical technologies, select medical device makers are teaming up with the Biohacking Village.\r\n\r\nThese manufacturers are inviting security researchers to learn and to test their products in dedicated spaces set aside for them. Their staff will answer questions, educate researchers, and triage any potential security issues. Researchers who perform testing should expect to follow the manufacturers’ published coordinated vulnerability disclosure policy and report any potential issues found so they can be addressed. Security researchers must sign the Hippocratic Oath for Hackers and agree to the framework of boundaries and rules of engagement during and post conference engagement.\r\n\r\nWe have 10 manufacturers with 21 devices. You can find more information about the devices and each manufacturer's Vulnerability Disclosure Policy [here](https://www.villageb.io/device-lab).\n\n\n","media":[{"hash_sha256":"b57047f46800afe2ff021580e4f9e39ea7252a7f51b0f0fb3ba1a9f748a50de9","filetype":"image/png","hash_md5":"aa9ea400be95b7313ae2d044541cb9b4","name":"v_biohacking_village.png","is_logo":"Y","hash_crc32c":"83f838d1","filesize":47901,"asset_id":581,"sort_order":0,"url":"https://info.defcon.org/blobs/v_biohacking_village.png"}],"title":"Biohacking Village: Device Lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"The Device Lab is highly-collaborative environment where security researchers test medical instruments, applications, and devices in real-time from participating Medical Device Manufacturers. Any potential issues are reported directly to the manufacturer, and coordinated vulnerability disclosures are produced.\r\n\r\nAs part of their product security programs, their proactive initiatives to test their products, and to enhance the cybersecurity of their medical technologies, select medical device makers are teaming up with the Biohacking Village.\r\n\r\nThese manufacturers are inviting security researchers to learn and to test their products in dedicated spaces set aside for them. Their staff will answer questions, educate researchers, and triage any potential security issues. Researchers who perform testing should expect to follow the manufacturers’ published coordinated vulnerability disclosure policy and report any potential issues found so they can be addressed. Security researchers must sign the Hippocratic Oath for Hackers and agree to the framework of boundaries and rules of engagement during and post conference engagement.\r\n\r\nWe have 10 manufacturers with 21 devices. You can find more information about the devices and each manufacturer's Vulnerability Disclosure Policy [here](https://www.villageb.io/device-lab).","updated_timestamp":{"seconds":1722214645,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-29T00:57:25Z","links":[{"label":"More Info","type":"link","url":"https://www.villageb.io/device-lab"},{"label":"Hippocractic Oath for Hackers","type":"link","url":"https://www.villageb.io/hippocractic-oath"}],"end":"2024-08-11T20:00:00.000-0000","id":55937,"tag_ids":[46371,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-07","hotel":"","short_name":"HW3-05-07","id":46269},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-29T00:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cloud attacks continue to evolve e.g., AWS enumeration without logging (Fourchette), Azure OAuth tokens used for EoP and persistence (Blizzard), Cloud Shell backdoors, code abuse in GSuite scripting (Bryant), and tool evolution (Rhinolabs pacu), with current defensive approaches of lagging further and further behind.\n\nThis talk covers research and tooling to improve cloud defenses in AWS, Azure, and GCP, using more stealthy measures which complement existing techniques. We call the approach cloud tripwires, which involves stealthy defensive techniques that can provide low-FP detections of malicious actors.\n\nThrough analysis of cloud provider IAM design, published attack techniques and common attack tools, we show multiple stealthy detection techniques such as: restricted admin roles that are not used by valid users; seeding of the restricted admin roles in regular user policies; honey resources (buckets, files) with detections to flag access; seeding of honey resources within user policies; cached honey credentials seeded in CLI installations in external client environments, EC2 instances, and Cloud Shells; unrestricted cross-account roles to restricted accounts; metadata proxy/iptables config on EC2 instances that issue restricted temporary tokens; and full CRUD/reporting/auditing functionality.\n\n\n","media":[],"title":"Cloud Tripwires: fighting stealth with stealth","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T17:35:00Z","end_timestamp":{"seconds":1723397700,"nanoseconds":0},"android_description":"Cloud attacks continue to evolve e.g., AWS enumeration without logging (Fourchette), Azure OAuth tokens used for EoP and persistence (Blizzard), Cloud Shell backdoors, code abuse in GSuite scripting (Bryant), and tool evolution (Rhinolabs pacu), with current defensive approaches of lagging further and further behind.\n\nThis talk covers research and tooling to improve cloud defenses in AWS, Azure, and GCP, using more stealthy measures which complement existing techniques. We call the approach cloud tripwires, which involves stealthy defensive techniques that can provide low-FP detections of malicious actors.\n\nThrough analysis of cloud provider IAM design, published attack techniques and common attack tools, we show multiple stealthy detection techniques such as: restricted admin roles that are not used by valid users; seeding of the restricted admin roles in regular user policies; honey resources (buckets, files) with detections to flag access; seeding of honey resources within user policies; cached honey credentials seeded in CLI installations in external client environments, EC2 instances, and Cloud Shells; unrestricted cross-account roles to restricted accounts; metadata proxy/iptables config on EC2 instances that issue restricted temporary tokens; and full CRUD/reporting/auditing functionality.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55497],"conference_id":133,"event_ids":[55926],"name":"Jenko Hwong","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"jenkohwong","sort_order":0,"url":"https://jenkohwong"}],"media":[],"id":56012}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-11T17:35:00.000-0000","id":55926,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56012}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Chill out space to relax with us in a safe place. Grab a non-alcoholic drink, unleash your creativity and unwind with our art therapy, and connect with women and underrepresented communities working in security and privacy.\n\n\n","media":[],"title":"WISP Community & Inclusion Room","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Chill out space to relax with us in a safe place. Grab a non-alcoholic drink, unleash your creativity and unwind with our art therapy, and connect with women and underrepresented communities working in security and privacy.","updated_timestamp":{"seconds":1722206838,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T22:47:18Z","links":[{"label":"Website","type":"link","url":"https://www.wisporg.com/"}],"end":"2024-08-11T20:00:00.000-0000","id":55900,"tag_ids":[46410,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-04","hotel":"","short_name":"HW3-05-04","id":46266},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-28T22:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This contest is simple, and is designed to teach you the basics of transmitter direction finding and “fox hunting”. We offer multiple levels of difficulty – whether you’ve never done a fox hunt before or are a seasoned pro, you can participate in the hunt! Learning how to locate the source of radio signals is an important tool you can add to your hacker arsenal. Whether you’re hunting for a source of interference, a rogue wireless AP, or tracking down the FCC’s monitoring vans, the real-world skills you will gain from this contest will be invaluable.\r\n\r\nTo participate in the beginner IR foxhunt you will need a device that can receive IR light in the 900nm range – such as many cell phones and digital cameras!\r\n\r\nTo participate in the RF foxhunt(s) you will need a radio or a scanner that can receive signals in the 2m and/or 70cm Amateur Radio Bands (144.000 MHz - 146.000 MHz, 420.000 MHZ - 450.000 MHz)\n\n\n","media":[{"hash_sha256":"eaa2e18ed376870b0b3ebb931ebea74844c1032d6e048968b87b07d86e184b3a","filetype":"image/png","hash_md5":"0f6296e86e5676264624f7692fbe4ca2","name":"ct_ham-fox-hunt.png","is_logo":"Y","hash_crc32c":"c9eab3b2","filesize":83132,"asset_id":646,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_ham-fox-hunt.png"}],"title":"Ham Radio Fox Hunt","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"This contest is simple, and is designed to teach you the basics of transmitter direction finding and “fox hunting”. We offer multiple levels of difficulty – whether you’ve never done a fox hunt before or are a seasoned pro, you can participate in the hunt! Learning how to locate the source of radio signals is an important tool you can add to your hacker arsenal. Whether you’re hunting for a source of interference, a rogue wireless AP, or tracking down the FCC’s monitoring vans, the real-world skills you will gain from this contest will be invaluable.\r\n\r\nTo participate in the beginner IR foxhunt you will need a device that can receive IR light in the 900nm range – such as many cell phones and digital cameras!\r\n\r\nTo participate in the RF foxhunt(s) you will need a radio or a scanner that can receive signals in the 2m and/or 70cm Amateur Radio Bands (144.000 MHz - 146.000 MHz, 420.000 MHZ - 450.000 MHz)","updated_timestamp":{"seconds":1722184768,"nanoseconds":0},"speakers":[{"content_ids":[55432],"conference_id":133,"event_ids":[55855,55856,55857],"name":"Ham Radio Village Staff","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@HamRadioVillage"},{"description":"","title":"Website","sort_order":0,"url":"https://hamvillage.org"}],"media":[],"id":55973}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T16:39:28Z","links":[{"label":"More Info","type":"link","url":"https://hamvillage.org/dc32/"}],"end":"2024-08-11T20:00:00.000-0000","id":55857,"tag_ids":[46380,46427,46439,46743],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":55973}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-A","hotel":"","short_name":"HW4-02-02-A","id":46362},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-28T16:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"All content areas generally open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722141200,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T04:33:20Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55851,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-28T04:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this game capture the flag you will be presented with real configurations of real wireless and radio technologies to attack. Practice your skill and learn new ones from Radio Frequency IDentification (RFID) through Software Defined Radio (SDR) and up to Bluetooth and WiFi. There may even be Infrared, if you have the eye for it.\r\n\r\nRF Hackers Sanctuary is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 32. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\r\n\r\nWe cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\r\n\r\nThis game doesn’t let you sit still either, as there are numerous fox hunts, testing your skill in tracking various signals. If running around the conference looking for WiFi, Bluetooth, or even a Tire Pressure Monitoring System (TPMS) device sounds like fun, we are your source of a higher step count.\r\n\r\nThere will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.\n\n\n","media":[{"hash_sha256":"5f981ba5433d67bf2f8834a45bb258444769b295ae92186f2f68a4af3895f9c6","filetype":"image/png","hash_md5":"72e07d62ad0bbc2e291d84f343f14ae7","name":"ct_rfhs.png","is_logo":"Y","hash_crc32c":"5c2623fd","filesize":55723,"asset_id":657,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_rfhs.png"}],"title":"Radio Frequency Capture the Flag","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"In this game capture the flag you will be presented with real configurations of real wireless and radio technologies to attack. Practice your skill and learn new ones from Radio Frequency IDentification (RFID) through Software Defined Radio (SDR) and up to Bluetooth and WiFi. There may even be Infrared, if you have the eye for it.\r\n\r\nRF Hackers Sanctuary is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 32. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\r\n\r\nWe cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\r\n\r\nThis game doesn’t let you sit still either, as there are numerous fox hunts, testing your skill in tracking various signals. If running around the conference looking for WiFi, Bluetooth, or even a Tire Pressure Monitoring System (TPMS) device sounds like fun, we are your source of a higher step count.\r\n\r\nThere will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.","updated_timestamp":{"seconds":1722114431,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-27T21:07:11Z","links":[{"label":"Website","type":"link","url":"https://rfhackers.com"},{"label":"Scoreboard","type":"link","url":"https://scoreboard.rfhackers.com/"}],"end":"2024-08-11T20:00:00.000-0000","id":55846,"tag_ids":[46390,46439,46742],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-27T21:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"See who won in our village! During this time we’ll present the Youth Challenge winner, the #SECVC 1st and 2nd place winners, as well as the much-coveted Dundies! Then stick around as we have a panel interview with the winners to hear their story about their path to victory!\n\n\n","media":[],"title":"SECVC Awards & Competitor Panel + Youth Challenge Awards","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:30:00Z","end_timestamp":{"seconds":1723401000,"nanoseconds":0},"android_description":"See who won in our village! During this time we’ll present the Youth Challenge winner, the #SECVC 1st and 2nd place winners, as well as the much-coveted Dundies! Then stick around as we have a panel interview with the winners to hear their story about their path to victory!","updated_timestamp":{"seconds":1722103101,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-27T17:58:21Z","links":[],"end":"2024-08-11T18:30:00.000-0000","id":55836,"tag_ids":[46393,46511],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-27T17:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come check out the Social Engineering Community Village!\n\n\n","media":[],"title":"Social Engineering Community Village Hours","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T21:00:00Z","end_timestamp":{"seconds":1723410000,"nanoseconds":0},"android_description":"Come check out the Social Engineering Community Village!","updated_timestamp":{"seconds":1722102714,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-27T17:51:54Z","links":[{"label":"More Info","type":"link","url":"https://www.se.community/schedule/"}],"end":"2024-08-11T21:00:00.000-0000","id":55831,"tag_ids":[46393,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-27T17:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to tinker with locks and tools the likes of which you've only seen in movies featuring secret agents, daring heists, or covert entry teams?\r\n\r\nThen come on by the Lockpick Village, run by The Open Organization Of Lockpickers, where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised.\r\n\r\nThe Lockpick Village is a physical security demonstration and participation area. Visitors can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficultly to try it themselves.\r\n\r\nExperts will be on hand to demonstrate and plenty of trial locks, pick tools, and other devices will be available for you to handle. By exploring the faults and flaws in many popular lock designs, you can not only learn about the fun hobby of sport-picking, but also gain a much stronger knowledge about the best methods and practices for protecting your own property.\r\n\r\nA popular spot for new lock pickers! Highly recommended you stop by. The Lockpick Village is always kid friendly and welcomes folks of all ages. We do require that the parents stay with the kids.\n\n\n","media":[],"title":"Lockpicking Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Want to tinker with locks and tools the likes of which you've only seen in movies featuring secret agents, daring heists, or covert entry teams?\r\n\r\nThen come on by the Lockpick Village, run by The Open Organization Of Lockpickers, where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised.\r\n\r\nThe Lockpick Village is a physical security demonstration and participation area. Visitors can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficultly to try it themselves.\r\n\r\nExperts will be on hand to demonstrate and plenty of trial locks, pick tools, and other devices will be available for you to handle. By exploring the faults and flaws in many popular lock designs, you can not only learn about the fun hobby of sport-picking, but also gain a much stronger knowledge about the best methods and practices for protecting your own property.\r\n\r\nA popular spot for new lock pickers! Highly recommended you stop by. The Lockpick Village is always kid friendly and welcomes folks of all ages. We do require that the parents stay with the kids.","updated_timestamp":{"seconds":1722093520,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-27T15:18:40Z","links":[{"label":"Website","type":"link","url":"https://www.toool.us/"},{"label":"Twitter (@toool)","type":"link","url":"https://twitter.com/toool"}],"end":"2024-08-11T20:00:00.000-0000","id":55821,"tag_ids":[46384,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03-A","hotel":"","short_name":"HW2-07-03-A","id":46383},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-27T15:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you've never popped open an embedded device and tried to get a simple shell, this is the lab for you. This is a first-come first-served workshop where you can walk through the step by step instructions to finding and connecting to a debug interface on an embedded device.\n\n\n","media":[],"title":"101 Labs: Hardware Lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"If you've never popped open an embedded device and tried to get a simple shell, this is the lab for you. This is a first-come first-served workshop where you can walk through the step by step instructions to finding and connecting to a debug interface on an embedded device.","updated_timestamp":{"seconds":1722037214,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-26T23:40:14Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55818,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-26T23:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come and explore embedded communication by sniffing wireless traffic, exploring embedded servers, and finding flags hidden within.\n\n\n","media":[],"title":"Wireless & Networking workshop","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Come and explore embedded communication by sniffing wireless traffic, exploring embedded servers, and finding flags hidden within.","updated_timestamp":{"seconds":1722303624,"nanoseconds":0},"speakers":[{"content_ids":[55408],"conference_id":133,"event_ids":[55802,55809,55817],"name":"Alex Kelly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56029}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T01:40:24Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55817,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56029}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T01:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hack your first embedded system! Sit down at our provided laptops and be guided through exploiting an IP camera, then learn how you can set up the emulated camera (and other devices) at home with Ludus!\n\n\n","media":[],"title":"Emulating (and Hacking) Embedded Devices","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Hack your first embedded system! Sit down at our provided laptops and be guided through exploiting an IP camera, then learn how you can set up the emulated camera (and other devices) at home with Ludus!","updated_timestamp":{"seconds":1722037241,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-26T23:40:41Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55816,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-26T23:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come try a hands-on workshop on embedded computing using the new RP2350 processor from Raspberry Pi.  Lean about the security architecture in modern embedded microprocessors and tinker with it in person! Think you have what it takes to break our stuff? Come learn, say hi and give it a try!\n\n\n","media":[],"title":"Secure Microcontroller Workshop","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Come try a hands-on workshop on embedded computing using the new RP2350 processor from Raspberry Pi.  Lean about the security architecture in modern embedded microprocessors and tinker with it in person! Think you have what it takes to break our stuff? Come learn, say hi and give it a try!","updated_timestamp":{"seconds":1723217513,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-09T15:31:53Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55815,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-08-09T15:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This series of self-guided labs will introduce even the most novice hacker to the world of embedded device firmware and software exploitation. First-come first-served, don't miss a chance try out these labs and get started with embedded device hacking.\n\n\n","media":[],"title":"101 Labs: Firmware and Software exploitation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"This series of self-guided labs will introduce even the most novice hacker to the world of embedded device firmware and software exploitation. First-come first-served, don't miss a chance try out these labs and get started with embedded device hacking.","updated_timestamp":{"seconds":1722037224,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-26T23:40:24Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55814,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-26T23:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Curious about hacking chips using fault-injection? Take your first steps in our (free) glitching workshops! We provide you with hardware & guidance to conduct your first fault-injection attacks, all you need is a laptop running Python & OpenOCD: Reproduce the nRF52 \"AirTag\" glitch or learn how to glitch one of the chips used in crypto-wallets to store millions of dollars.\r\n\r\nWe will also have a secret challenge announced on site!\r\n\r\nLab provided by hextree.io\n\n\n","media":[],"title":"Hardware Hacking: Glitching Lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Curious about hacking chips using fault-injection? Take your first steps in our (free) glitching workshops! We provide you with hardware & guidance to conduct your first fault-injection attacks, all you need is a laptop running Python & OpenOCD: Reproduce the nRF52 \"AirTag\" glitch or learn how to glitch one of the chips used in crypto-wallets to store millions of dollars.\r\n\r\nWe will also have a secret challenge announced on site!\r\n\r\nLab provided by hextree.io","updated_timestamp":{"seconds":1722037194,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-26T23:39:54Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55812,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-26T23:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Embedded systems are everywhere in our daily lives, from the smart devices in our homes to the systems that control critical infrastructure. These systems exist at the intersection of hardware and software, built to accomplish a specific task. However, unlike general-purpose computers, embedded systems are typically designed for a particular case of use and have limited resources. This makes them both challenging and fascinating to work with, especially from a security perspective. Often these disciplines are dealt with individually, but understanding the custom relationships between hardware and software is vital to performing security research on these devices.\r\n\r\nThe embedded device CTF contest is an exciting opportunity to explore the intricacies of these systems and test your skills in a competitive environment. Contestants are challenged to find vulnerabilities in the firmware or hardware and exploit them to gain access or control over the device. The contest offers a unique opportunity to explore embedded devices' inner workings and understand their design's security implications.\r\n\r\nNew devices will be dramatically introduced at set intervals throughout the competition, and point values will decrease over time. This keeps contestants guessing and on their toes, forcing them to adapt and use their skills to tackle new challenges. It also offers a chance to learn about different types of devices and how they function, broadening participants' knowledge and experience.\r\n\r\nBy participating in the contest, contestants can develop a deep understanding of how these systems operate and how to secure them against potential attacks. Additionally, the contest encourages participants to think outside the box and approach problems creatively, honing their problem-solving skills. The competition provides a valuable opportunity to network with like-minded individuals and a chance to learn from others in the field hands-on.\r\n\r\nOverall, the embedded device CTF contest is an exciting and educational experience that showcases the unique challenges and rewards of working with embedded devices. With the rise of the Internet of Things and the increasing integration of technology in our daily lives, embedded devices are becoming more ubiquitous, making this contest relevant and worth checking out. Whether you're a seasoned security professional or just starting in the field, the contest offers a chance to learn, test your skills, and have fun in a dynamic and competitive environment.\r\n\r\nThis is the main event at Embedded Systems Village. Come and show off your skills at hacking our collection of vulnerable embedded devices and find flags to score points! New this year we have a 101 track where each team will have their own set of emulated devices, as well as embedded challenges from the MITRE eCTF and some boss-level embedded challenges from Toyota Tsusho Systems US!\n\n\n","media":[{"hash_sha256":"a696b6f750fbe91d74ff91917f95bfe709d70e794beab35ff900219f1c87bdb9","filetype":"image/png","hash_md5":"173fb1fa87976ebc72de68fcb9171698","name":"ct_embedded.png","is_logo":"Y","hash_crc32c":"85767de7","filesize":121480,"asset_id":641,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_embedded.png"}],"title":"Embedded CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Embedded systems are everywhere in our daily lives, from the smart devices in our homes to the systems that control critical infrastructure. These systems exist at the intersection of hardware and software, built to accomplish a specific task. However, unlike general-purpose computers, embedded systems are typically designed for a particular case of use and have limited resources. This makes them both challenging and fascinating to work with, especially from a security perspective. Often these disciplines are dealt with individually, but understanding the custom relationships between hardware and software is vital to performing security research on these devices.\r\n\r\nThe embedded device CTF contest is an exciting opportunity to explore the intricacies of these systems and test your skills in a competitive environment. Contestants are challenged to find vulnerabilities in the firmware or hardware and exploit them to gain access or control over the device. The contest offers a unique opportunity to explore embedded devices' inner workings and understand their design's security implications.\r\n\r\nNew devices will be dramatically introduced at set intervals throughout the competition, and point values will decrease over time. This keeps contestants guessing and on their toes, forcing them to adapt and use their skills to tackle new challenges. It also offers a chance to learn about different types of devices and how they function, broadening participants' knowledge and experience.\r\n\r\nBy participating in the contest, contestants can develop a deep understanding of how these systems operate and how to secure them against potential attacks. Additionally, the contest encourages participants to think outside the box and approach problems creatively, honing their problem-solving skills. The competition provides a valuable opportunity to network with like-minded individuals and a chance to learn from others in the field hands-on.\r\n\r\nOverall, the embedded device CTF contest is an exciting and educational experience that showcases the unique challenges and rewards of working with embedded devices. With the rise of the Internet of Things and the increasing integration of technology in our daily lives, embedded devices are becoming more ubiquitous, making this contest relevant and worth checking out. Whether you're a seasoned security professional or just starting in the field, the contest offers a chance to learn, test your skills, and have fun in a dynamic and competitive environment.\r\n\r\nThis is the main event at Embedded Systems Village. Come and show off your skills at hacking our collection of vulnerable embedded devices and find flags to score points! New this year we have a 101 track where each team will have their own set of emulated devices, as well as embedded challenges from the MITRE eCTF and some boss-level embedded challenges from Toyota Tsusho Systems US!","updated_timestamp":{"seconds":1722037378,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-26T23:42:58Z","links":[{"label":"Twitter (@EmbeddedVillage)","type":"link","url":"https://twitter.com/EmbeddedVillage"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249361"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249360"},{"label":"More Info","type":"link","url":"https://www.embeddedvillage.org"}],"end":"2024-08-11T20:00:00.000-0000","id":55811,"tag_ids":[46379,46439,46739],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-26T23:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ever see someone walking around DEF CON and wonder “what is up with the hard hats?”\r\n\r\nThe Hard Hat Brigade brings hackers together in the spirit of endless curiosity and tinkering. We use a common platform (hats) to combine art (bling) and hacker functionality (warez) to inspire others to explore outside of their comfort zones in a safe and welcoming community.\r\n\r\nWe encourage everyone to explore their creativity using art, electronics, mechanical design, or any other medium that piques their interest. Hats are inexpensive, widely available, and easy to modify to suit your needs. We started with hard hats but are not limited to any type of hat, so you have the freedom to choose whatever hat suits your fancy.\r\n\r\nDespite everyone using a common platform, every creation is unique and embodies the personality of the creator. Walking around DEF CON, you can display your creation for all to see, and many will stop to ask you about what you have created. This allows you to talk about your experience, as well as inspire others to explore new ideas of their own.\r\n\r\nOne of the challenges at hacker summer camp has been finding people to connect with. By leveraging hard hats as a canvas, HHB has solved this challenge with something that is incredibly accessible while also offering a ton of variety. Gazing upon these creations, they reflect back the uniqueness of all the awesome hackers that we’ve been able to meet. In years past, we’ve had the opportunity to see how so many talented and creative hackers tackle the challenge of using the venerable hard hat as their muse. Just as fun, charming and skilled as so many attendees are, the hard hat has been a great vessel to carry their awesome projects. \r\n\r\nStop by our community space and make your trip memorable by trying on a hat, learning and sharing building techniques, networking with other hat loving hackers, and expressing yourself in your own hacker way. Keep on hacking!\n\n\n","media":[],"title":"Hard Hat Brigade - Community Space Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Ever see someone walking around DEF CON and wonder “what is up with the hard hats?”\r\n\r\nThe Hard Hat Brigade brings hackers together in the spirit of endless curiosity and tinkering. We use a common platform (hats) to combine art (bling) and hacker functionality (warez) to inspire others to explore outside of their comfort zones in a safe and welcoming community.\r\n\r\nWe encourage everyone to explore their creativity using art, electronics, mechanical design, or any other medium that piques their interest. Hats are inexpensive, widely available, and easy to modify to suit your needs. We started with hard hats but are not limited to any type of hat, so you have the freedom to choose whatever hat suits your fancy.\r\n\r\nDespite everyone using a common platform, every creation is unique and embodies the personality of the creator. Walking around DEF CON, you can display your creation for all to see, and many will stop to ask you about what you have created. This allows you to talk about your experience, as well as inspire others to explore new ideas of their own.\r\n\r\nOne of the challenges at hacker summer camp has been finding people to connect with. By leveraging hard hats as a canvas, HHB has solved this challenge with something that is incredibly accessible while also offering a ton of variety. Gazing upon these creations, they reflect back the uniqueness of all the awesome hackers that we’ve been able to meet. In years past, we’ve had the opportunity to see how so many talented and creative hackers tackle the challenge of using the venerable hard hat as their muse. Just as fun, charming and skilled as so many attendees are, the hard hat has been a great vessel to carry their awesome projects. \r\n\r\nStop by our community space and make your trip memorable by trying on a hat, learning and sharing building techniques, networking with other hat loving hackers, and expressing yourself in your own hacker way. Keep on hacking!","updated_timestamp":{"seconds":1721968701,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-26T04:38:21Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55796,"tag_ids":[46403,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-02","hotel":"","short_name":"HW2-08-02","id":46261},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-26T04:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to learn how to stop hackers in their tracks? Come to the Secure From Scratch coding workshop. Learn what you need to know to write secure code from the very first line of code. It's surprisingly easy! Plus, you'll get to try your hand at hacking, discovering how attackers think so you can build defences against them. (Some coding knowledge in Python is recommended. You should know loops, if statements, arrays, and functions.)\n\n\n","media":[],"title":"Secure From Scatch","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"Want to learn how to stop hackers in their tracks? Come to the Secure From Scratch coding workshop. Learn what you need to know to write secure code from the very first line of code. It's surprisingly easy! Plus, you'll get to try your hand at hacking, discovering how attackers think so you can build defences against them. (Some coding knowledge in Python is recommended. You should know loops, if statements, arrays, and functions.)","updated_timestamp":{"seconds":1722361583,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-30T17:46:23Z","links":[],"end":"2024-08-11T18:00:00.000-0000","id":55761,"tag_ids":[46398,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-30T17:46:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"ICS/OT environments are targets. Since the Colonial Pipeline breach in 2021, the ICS/OT threat landscape has changed tremendously. This presentation is not about the Fear, Uncertain and Doubt when an ICS/OT environment goes boom, but what happens when it goes down for ten days. What's the impact to the organization? It's employees? The people it serves?\r\n\r\nMost importantly, what can we do to prevent it from occurring? \r\n\r\nThe remainder of the presentation covers secure network architecture, therapy for IT and OT working together and continually learning/improving.\n\n\n","media":[],"title":"Countdown to Industrial Extinction","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T17:55:00Z","end_timestamp":{"seconds":1723398900,"nanoseconds":0},"android_description":"ICS/OT environments are targets. Since the Colonial Pipeline breach in 2021, the ICS/OT threat landscape has changed tremendously. This presentation is not about the Fear, Uncertain and Doubt when an ICS/OT environment goes boom, but what happens when it goes down for ten days. What's the impact to the organization? It's employees? The people it serves?\r\n\r\nMost importantly, what can we do to prevent it from occurring? \r\n\r\nThe remainder of the presentation covers secure network architecture, therapy for IT and OT working together and continually learning/improving.","updated_timestamp":{"seconds":1721781867,"nanoseconds":0},"speakers":[{"content_ids":[55339,55357],"conference_id":133,"event_ids":[55731,55749],"name":"Mike Holcomb","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Fluor","title":"Fellow of Cybersecurity and ICS/OT Cybersecurity Global Lead"}],"links":[],"pronouns":null,"media":[],"id":55961,"title":"Fellow of Cybersecurity and ICS/OT Cybersecurity Global Lead at Fluor"}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-24T00:44:27Z","links":[],"end":"2024-08-11T17:55:00.000-0000","id":55749,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55961}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-24T00:44:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"DC NextGen / Youth Challenge Area at Red Team Village","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T18:50:00Z","end_timestamp":{"seconds":1723402200,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1721595757,"nanoseconds":0},"speakers":[{"content_ids":[55273],"conference_id":133,"event_ids":[55663,55712,55713],"name":"RTV Staff","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@redteamvillage_)","sort_order":0,"url":"https://twitter.com/redteamvillage_"}],"media":[],"id":55852}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-21T21:02:37Z","links":[],"end":"2024-08-11T18:50:00.000-0000","id":55713,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55852}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W204-W207 (RTV)","hotel":"","short_name":"W204-W207 (RTV)","id":46283},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-21T21:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Bank case : Bank A provides an online banking application where users can access their accounts, perform transactions, and initiate money transfers. Here's a scenario with an IDOR vulnerability: Scenario: User A wants to transfer $1000 to User B. User A initiates a transfer and selects the recipient's account. However, due to an IDOR flaw in the application, the validation process fails, allowing users to select other users' accounts. In this case, User A can actually select User B's account and transfer the money, leading to unauthorized access to accounts.\n\nand other cases :)\n\n\n","media":[],"title":"IDOR in Financial Operations","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T17:50:00Z","end_timestamp":{"seconds":1723398600,"nanoseconds":0},"android_description":"Bank case : Bank A provides an online banking application where users can access their accounts, perform transactions, and initiate money transfers. Here's a scenario with an IDOR vulnerability: Scenario: User A wants to transfer $1000 to User B. User A initiates a transfer and selects the recipient's account. However, due to an IDOR flaw in the application, the validation process fails, allowing users to select other users' accounts. In this case, User A can actually select User B's account and transfer the money, leading to unauthorized access to accounts.\n\nand other cases :)","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55317],"conference_id":133,"event_ids":[55707],"name":"Ilkin Javadov","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55867}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-11T17:50:00.000-0000","id":55707,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55867}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"People often talk about red teaming as hacking people or systems, but no one really talks about hacking processes. Company processes are oftentimes some of the most critical business functions that a threat actor could go after, but there is no framework or attack chain lifecycle equivalent for red teaming processes. In this talk, we’ll be talking about how Fortune 500 red teamers simulate adversaries and attack processes, and how you can use our new framework, the Redteaming Process Framework: RTPF, to do the same.\n\n\n","media":[],"title":"Hacking Processes: Introducing the Redteaming Process Framework: RTPF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T17:50:00Z","end_timestamp":{"seconds":1723398600,"nanoseconds":0},"android_description":"People often talk about red teaming as hacking people or systems, but no one really talks about hacking processes. Company processes are oftentimes some of the most critical business functions that a threat actor could go after, but there is no framework or attack chain lifecycle equivalent for red teaming processes. In this talk, we’ll be talking about how Fortune 500 red teamers simulate adversaries and attack processes, and how you can use our new framework, the Redteaming Process Framework: RTPF, to do the same.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55316],"conference_id":133,"event_ids":[55706],"name":"Bobby R","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@bobbyrsec)","sort_order":0,"url":"https://twitter.com/bobbyrsec"}],"media":[],"id":55869},{"content_ids":[55316],"conference_id":133,"event_ids":[55706],"name":"Alex Gonzalez","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55870}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-11T17:50:00.000-0000","id":55706,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55870},{"tag_id":46167,"sort_order":4,"person_id":55869}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Do you think AWS Admin is the end game? Let's dive deeper into cloud native lateral movement and how Identity Providers has become the biggest C2 that has ever existed.\n\n\n","media":[],"title":"From Runners to IdP Admin","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T17:50:00Z","end_timestamp":{"seconds":1723398600,"nanoseconds":0},"android_description":"Do you think AWS Admin is the end game? Let's dive deeper into cloud native lateral movement and how Identity Providers has become the biggest C2 that has ever existed.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55315],"conference_id":133,"event_ids":[55705],"name":"Sim Cher Boon","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55868}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-11T17:50:00.000-0000","id":55705,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55868}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this workshop, the basic concepts of pivoting will be introduced, and a hands-on experience will be provided in a realistic testing environment. Participants will learn to utilize effective tools and techniques to move from one network to another within an organization's infrastructure. Additionally, attendees will have the opportunity to set up their own Docker laboratory to perform pivoting practices in an emulated environment.\n\n\n","media":[],"title":"From Network to Network: Hands-On Pivoting Techniques in Internal Environments","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T17:50:00Z","end_timestamp":{"seconds":1723398600,"nanoseconds":0},"android_description":"In this workshop, the basic concepts of pivoting will be introduced, and a hands-on experience will be provided in a realistic testing environment. Participants will learn to utilize effective tools and techniques to move from one network to another within an organization's infrastructure. Additionally, attendees will have the opportunity to set up their own Docker laboratory to perform pivoting practices in an emulated environment.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55314],"conference_id":133,"event_ids":[55704],"name":"Francisco Canteli","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@Franc_205)","sort_order":0,"url":"https://twitter.com/Franc_205"}],"media":[],"id":55866}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-11T17:50:00.000-0000","id":55704,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55866}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Lonely Hackers Club Community Room Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1721276328,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-18T04:18:48Z","links":[],"end":"2024-08-11T20:00:00.000-0000","id":55410,"tag_ids":[46406,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-18T04:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Unofficial Sticker Swap is a casual and engaging activity where attendees can trade and collect unique stickers. This event fosters a sense of community and allows participants to showcase their creativity and personal style. \n\n\n","media":[],"title":"LHC's Unofficial Sticker Swap Table","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"The Unofficial Sticker Swap is a casual and engaging activity where attendees can trade and collect unique stickers. This event fosters a sense of community and allows participants to showcase their creativity and personal style.","updated_timestamp":{"seconds":1721487294,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-20T14:54:54Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":55407,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Keyboard Corner hosts typing challenges that test the speed and accuracy of attendees' typing skills on various keyboards. Participants can compete for high scores and bragging rights in a friendly and competitive setting. This activity adds an element of fun and excitement to the conference while highlighting the importance of efficient typing in cybersecurity.\n\n\n","media":[],"title":"Egor's Keyboard Corner","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Keyboard Corner hosts typing challenges that test the speed and accuracy of attendees' typing skills on various keyboards. Participants can compete for high scores and bragging rights in a friendly and competitive setting. This activity adds an element of fun and excitement to the conference while highlighting the importance of efficient typing in cybersecurity.","updated_timestamp":{"seconds":1721487260,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-20T14:54:20Z","links":[],"end":"2024-08-11T19:00:00.000-0000","id":55404,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is your last chance to pickup your drives whether they're finished or not. Get here between 10:00am and 11:00am on Sunday as any drives left behind are considered donations.\n\n\n","media":[],"title":"Last chance to pick up drives at the DDV","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"This is your last chance to pickup your drives whether they're finished or not. Get here between 10:00am and 11:00am on Sunday as any drives left behind are considered donations.","updated_timestamp":{"seconds":1720848200,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-13T05:23:20Z","links":[{"label":"More Info","type":"link","url":"https://dcddv.org"}],"end":"2024-08-11T18:00:00.000-0000","id":55188,"tag_ids":[46378,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W225","hotel":"","short_name":"W225","id":46291},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-13T05:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Advanced attackers are increasingly choosing edge devices as targets, many of which are security appliances such as VPNs and Firewalls. They run closed-source firmware, and defenders and researchers must understand it to assess its security and integrity. We faced this firsthand when a client that used Draytek equipment was compromised. With at least 500k Draytek routers exposed to the Internet globally, no working tools exist to extract their firmware and assist researchers and defenders working with them.\r\n\r\nWe reverse-engineered Draytek's firmware format, developed tools to extract it, and discovered that its RTOS kernel can load code modules dynamically. These stored modules remain active even after firmware upgrades, inadvertently facilitating persistent threats. We crafted and uploaded malicious modules using our tools and newly found vulnerabilities to achieve persistence.\r\n\r\nEnd-users lack straightforward means to detect such compromises. In response to this threat, we developed our own module to assess the integrity of other modules loaded in memory, mitigating its impact. In our pursuit of a more secure internet, we are sharing our knowledge and opening our tools to the community, enabling observability, hardening, transparency, and vulnerability research on Draytek edge devices.\r\n\n\n\n","media":[],"title":"Taking off the blindfold: Detecting persistent threats on Draytek edge devices","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"Advanced attackers are increasingly choosing edge devices as targets, many of which are security appliances such as VPNs and Firewalls. They run closed-source firmware, and defenders and researchers must understand it to assess its security and integrity. We faced this firsthand when a client that used Draytek equipment was compromised. With at least 500k Draytek routers exposed to the Internet globally, no working tools exist to extract their firmware and assist researchers and defenders working with them.\r\n\r\nWe reverse-engineered Draytek's firmware format, developed tools to extract it, and discovered that its RTOS kernel can load code modules dynamically. These stored modules remain active even after firmware upgrades, inadvertently facilitating persistent threats. We crafted and uploaded malicious modules using our tools and newly found vulnerabilities to achieve persistence.\r\n\r\nEnd-users lack straightforward means to detect such compromises. In response to this threat, we developed our own module to assess the integrity of other modules loaded in memory, mitigating its impact. In our pursuit of a more secure internet, we are sharing our knowledge and opening our tools to the community, enabling observability, hardening, transparency, and vulnerability research on Draytek edge devices.","updated_timestamp":{"seconds":1720400599,"nanoseconds":0},"speakers":[{"content_ids":[54642,55974],"conference_id":133,"event_ids":[56590,55015],"name":"Octavio Gianatiempo","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Faraday","title":"Security Researcher"},{"organization":"University of Buenos Aires","title":"Student, Computer Science"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/octavio-gianatiempo"},{"description":"","title":"Twitter (@ogianatiempo)","sort_order":0,"url":"https://twitter.com/ogianatiempo"}],"media":[],"id":54238,"title":"Student, Computer Science at University of Buenos Aires"},{"content_ids":[54642,55974],"conference_id":133,"event_ids":[56590,55015],"name":"Gastón Aznarez","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Faraday","title":"Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/gastonaznarez"},{"description":"","title":"Twitter (@gastonaznarez)","sort_order":0,"url":"https://twitter.com/gastonaznarez"}],"media":[],"id":54239,"title":"Security Researcher at Faraday"}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T01:03:19Z","links":[],"end":"2024-08-11T18:00:00.000-0000","id":55015,"tag_ids":[46169,46381,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54239},{"tag_id":46167,"sort_order":1,"person_id":54238}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-08T01:03:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As our social lives are highly intertwined with our online lives, people share a lot of information and create pictures and content that needs to be secured. In this talk I cover obscenity laws, revenge porn (nonconsensual distribution of intimate images), stalking, catfishing and sextortion and how people can prevent information being leaked as well as how to recover from it.\n\n\n","media":[],"title":"Porn & Privacy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T17:30:00Z","end_timestamp":{"seconds":1723397400,"nanoseconds":0},"android_description":"As our social lives are highly intertwined with our online lives, people share a lot of information and create pictures and content that needs to be secured. In this talk I cover obscenity laws, revenge porn (nonconsensual distribution of intimate images), stalking, catfishing and sextortion and how people can prevent information being leaked as well as how to recover from it.","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54641],"conference_id":133,"event_ids":[55014],"name":"ET","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54264}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-11T17:30:00.000-0000","id":55014,"tag_ids":[46377,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54264}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Villages are a key part of the DEFCON experience - join this panel of staff members of the DEFCON Villages to get an inside scoop on all the intricacies of organizing a village. Topics from finding sponsors to setting up equipment to making sure everyone gets to take a break during the event - there's a whole lot that goes on behind the scenes at DEFCON villages!\n\n\n","media":[],"title":"The Village Peoples' Panel - What Really Goes On in a Village?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"The Villages are a key part of the DEFCON experience - join this panel of staff members of the DEFCON Villages to get an inside scoop on all the intricacies of organizing a village. Topics from finding sponsors to setting up equipment to making sure everyone gets to take a break during the event - there's a whole lot that goes on behind the scenes at DEFCON villages!","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54523,54446,54436,54542,54574],"conference_id":133,"event_ids":[54809,54819,54896,54949,54915],"name":"Jeff \"The Dark Tangent\" Moss","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DEF CON Communications","title":""}],"pronouns":null,"links":[{"description":"","title":"Mastodon (@thedarktangent@defcon.social)","sort_order":0,"url":"https://defcon.social/@thedarktangent"},{"description":"","title":"Twitter (@thedarktangent)","sort_order":0,"url":"https://twitter.com/thedarktangent"}],"media":[{"hash_sha256":"f53ed4086958b3703d597c50fe74eef1800cf474aa3d17c0895bf89d6c05716f","filetype":"image/jpeg","hash_md5":"8104a1f4b82a4241208b7f6b9112ebf2","name":"thedarktangent_avatar.jpeg","hash_crc32c":"4ae7af86","asset_id":689,"filesize":2064,"sort_order":1,"url":"https://info.defcon.org/blobs/thedarktangent_avatar.jpeg","person_id":52629}],"id":52629,"title":"DEF CON Communications"},{"content_ids":[54584,54574],"conference_id":133,"event_ids":[54949,54959],"name":"Tom VanNorman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ICS Village","title":""}],"links":[],"pronouns":null,"media":[],"id":54316,"title":"ICS Village"},{"content_ids":[54574],"conference_id":133,"event_ids":[54949],"name":"Nina Alli","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Biohacking Village","title":""}],"links":[],"pronouns":null,"media":[],"id":54676,"title":"Biohacking Village"},{"content_ids":[54574],"conference_id":133,"event_ids":[54949],"name":"Justin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Car Hacking Village","title":""}],"links":[],"pronouns":null,"media":[],"id":54677,"title":"Car Hacking Village"},{"content_ids":[54574],"conference_id":133,"event_ids":[54949],"name":"muteki","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Blue Team Village","title":"Director"}],"links":[],"pronouns":null,"media":[],"id":54679,"title":"Director at Blue Team Village"},{"content_ids":[55763,54574],"conference_id":133,"event_ids":[56287,54949],"name":"Matt Mayes","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Aerospace Village","title":""}],"links":[],"pronouns":null,"media":[],"id":55971,"title":"Aerospace Village"},{"content_ids":[54574,55265],"conference_id":133,"event_ids":[55655,54949],"name":"Savannah \"lazzslayer\" Lazzara","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56333}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-11T18:00:00.000-0000","id":54949,"tag_ids":[46371,46373,46375,46382,46392,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":54677},{"tag_id":46487,"sort_order":4,"person_id":55971},{"tag_id":46487,"sort_order":6,"person_id":54679},{"tag_id":46487,"sort_order":8,"person_id":54676},{"tag_id":46167,"sort_order":10,"person_id":56333},{"tag_id":46487,"sort_order":14,"person_id":54316},{"tag_id":46488,"sort_order":16,"person_id":52629}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Downgrade attacks force software to revert to an older, vulnerable version. In 2023, BlackLotus emerged, downgrading the boot manager to bypass Secure Boot. Microsoft addressed the threat, but was Secure Boot the only component vulnerable to downgrades?\r\n\r\nBy examining Windows Updates, we found a flaw enabling us to take full control over it and craft downgrading updates, bypassing all verification steps.\r\n\r\nWe then managed to downgrade DLLs, drivers, and even the kernel. Afterwards, the OS reported it’s fully updated, unable to install future updates, with recovery tools unable to detect issues.\r\n\r\nWe aimed higher and found that the virtualization stack is at risk too. We successfully downgraded Hyper-V’s hypervisor, Secure Kernel, and Credential Guard to expose privilege escalations.\r\n\r\nWe also discovered several ways to disable VBS, including its Credential Guard and HVCI features, despite its enforced UEFI locks. This is the first known bypass of VBS's UEFI locks.\r\n\r\nLastly, we found another vulnerability in a Windows Update restoration scenario, making the findings accessible to unprivileged attackers!\r\n\r\nIn this talk, we’ll introduce \"Windows Downdate\", a tool that takes over Windows Updates to craft downgrades and expose dozens of vulnerabilities. It makes the term “fully patched” meaningless across any Windows machine worldwide.\n\n\n","media":[],"title":"Windows Downdate: Downgrade Attacks Using Windows Updates","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T17:45:00Z","end_timestamp":{"seconds":1723398300,"nanoseconds":0},"android_description":"Downgrade attacks force software to revert to an older, vulnerable version. In 2023, BlackLotus emerged, downgrading the boot manager to bypass Secure Boot. Microsoft addressed the threat, but was Secure Boot the only component vulnerable to downgrades?\r\n\r\nBy examining Windows Updates, we found a flaw enabling us to take full control over it and craft downgrading updates, bypassing all verification steps.\r\n\r\nWe then managed to downgrade DLLs, drivers, and even the kernel. Afterwards, the OS reported it’s fully updated, unable to install future updates, with recovery tools unable to detect issues.\r\n\r\nWe aimed higher and found that the virtualization stack is at risk too. We successfully downgraded Hyper-V’s hypervisor, Secure Kernel, and Credential Guard to expose privilege escalations.\r\n\r\nWe also discovered several ways to disable VBS, including its Credential Guard and HVCI features, despite its enforced UEFI locks. This is the first known bypass of VBS's UEFI locks.\r\n\r\nLastly, we found another vulnerability in a Windows Update restoration scenario, making the findings accessible to unprivileged attackers!\r\n\r\nIn this talk, we’ll introduce \"Windows Downdate\", a tool that takes over Windows Updates to craft downgrades and expose dozens of vulnerabilities. It makes the term “fully patched” meaningless across any Windows machine worldwide.","updated_timestamp":{"seconds":1720632727,"nanoseconds":0},"speakers":[{"content_ids":[54522],"conference_id":133,"event_ids":[54895],"name":"Alon Leviev","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://il.linkedin.com/in/alonleviev"},{"description":"","title":"Twitter (@_0xDeku)","sort_order":0,"url":"https://twitter.com/_0xDeku"}],"media":[],"id":54165}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-10T17:32:07Z","links":[],"end":"2024-08-11T17:45:00.000-0000","id":54895,"tag_ids":[46166,46169,46419,46437,46438,46880],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"Tool 🛠, Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54165}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-10T17:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Industrial VPN gateways play a crucial role in operational technology by enabling secure remote access to systems within industrial networks. However, their importance goes hand in hand with increased security risks, as their architecture makes them lucrative targets for threat actors. Over the years, we have seen such devices being used in various industrial environments, which underlines their widespread use in critical infrastructures.\r\n\r\nThis talk is about a security analysis of a widely used industrial remote access solution. We will dive deep into and expose various vulnerabilities. This includes rooting the device, bypassing hardware-based security mechanisms such as the use of a hardware security module, and reverse engineering software and firmware. Ultimately, we will show how various identified vulnerabilities allowed us to hijack remote access sessions, creating significant security risks.\n\n\n","media":[],"title":"Unlocking the Gates: Hacking a secure Industrial Remote Access Solution","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T17:20:00Z","end_timestamp":{"seconds":1723396800,"nanoseconds":0},"android_description":"Industrial VPN gateways play a crucial role in operational technology by enabling secure remote access to systems within industrial networks. However, their importance goes hand in hand with increased security risks, as their architecture makes them lucrative targets for threat actors. Over the years, we have seen such devices being used in various industrial environments, which underlines their widespread use in critical infrastructures.\r\n\r\nThis talk is about a security analysis of a widely used industrial remote access solution. We will dive deep into and expose various vulnerabilities. This includes rooting the device, bypassing hardware-based security mechanisms such as the use of a hardware security module, and reverse engineering software and firmware. Ultimately, we will show how various identified vulnerabilities allowed us to hijack remote access sessions, creating significant security risks.","updated_timestamp":{"seconds":1720660604,"nanoseconds":0},"speakers":[{"content_ids":[54521],"conference_id":133,"event_ids":[54894],"name":"Moritz Abrell","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SySS GmbH","title":"Senior IT Security Consultant and Penetration Tester"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@moritz_abrell)","sort_order":0,"url":"https://twitter.com/moritz_abrell"}],"media":[],"id":54109,"title":"Senior IT Security Consultant and Penetration Tester at SySS GmbH"}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-11T01:16:44Z","links":[],"end":"2024-08-11T17:20:00.000-0000","id":54894,"tag_ids":[46166,46169,46419,46437,46881],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54109}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-11T01:16:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"People who don’t type Chinese might be surprised to learn that popular Chinese Input Method Editor (IME) keyboards can act as keyloggers; they transmit your keystrokes over the Internet to enable “cloud-based” support features to improve character prediction when typing.\r\n\r\n*Everyone* might be surprised to learn that these keyloggers, which were already collecting everything you type into your device, were doing it *insecurely*.\r\n\r\nIn this talk, we will describe how we systematically exploited every single popular Chinese IME keyboard vendor’s home-rolled network encryption protocol. Namely, we show how any network eavesdropper can read the keystrokes of what users of these vendors’ keyboards are typing. The affected keyboards include the three most popular Chinese IME keyboards, Sogou IME, Baidu IME, and iFlytek IME, collectively used by almost 800 million users, as well as default and pre-installed keyboards on basically every popular Android mobile device except for Huawei’s. We also discuss how we got here, re-affirm the age-old adage, “Don’t roll your own crypto!”, and call on hackers around the world to help us move towards HTTPS everywhere in understudied app ecosystems.\r\n\r\n[link](https://citizenlab.ca/2024/04/vulnerabilities-across-keyboard-apps-reveal-keystrokes-to-network-eavesdroppers/)\r\n\r\n[link](https://citizenlab.ca/2023/08/vulnerabilities-in-sogou-keyboard-encryption/)\r\n\n\n\n","media":[],"title":"The not-so-silent type: Breaking network crypto in almost every popular Chinese keyboard app","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T17:45:00Z","end_timestamp":{"seconds":1723398300,"nanoseconds":0},"android_description":"People who don’t type Chinese might be surprised to learn that popular Chinese Input Method Editor (IME) keyboards can act as keyloggers; they transmit your keystrokes over the Internet to enable “cloud-based” support features to improve character prediction when typing.\r\n\r\n*Everyone* might be surprised to learn that these keyloggers, which were already collecting everything you type into your device, were doing it *insecurely*.\r\n\r\nIn this talk, we will describe how we systematically exploited every single popular Chinese IME keyboard vendor’s home-rolled network encryption protocol. Namely, we show how any network eavesdropper can read the keystrokes of what users of these vendors’ keyboards are typing. The affected keyboards include the three most popular Chinese IME keyboards, Sogou IME, Baidu IME, and iFlytek IME, collectively used by almost 800 million users, as well as default and pre-installed keyboards on basically every popular Android mobile device except for Huawei’s. We also discuss how we got here, re-affirm the age-old adage, “Don’t roll your own crypto!”, and call on hackers around the world to help us move towards HTTPS everywhere in understudied app ecosystems.\r\n\r\n[link](https://citizenlab.ca/2024/04/vulnerabilities-across-keyboard-apps-reveal-keystrokes-to-network-eavesdroppers/)\r\n\r\n[link](https://citizenlab.ca/2023/08/vulnerabilities-in-sogou-keyboard-encryption/)","updated_timestamp":{"seconds":1720463902,"nanoseconds":0},"speakers":[{"content_ids":[54520],"conference_id":133,"event_ids":[54893],"name":"Mona Wang","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Princeton University","title":"PhD candidate in Computer Science"}],"pronouns":null,"links":[{"description":"","title":"m0na.net","sort_order":0,"url":"https://m0na.net"}],"media":[],"id":54091,"title":"PhD candidate in Computer Science at Princeton University"},{"content_ids":[54520],"conference_id":133,"event_ids":[54893],"name":"Jeffrey Knockel","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Citizen Lab","title":"Senior Research Associate"}],"pronouns":"he/him","links":[{"description":"","title":"jeffreyknockel.com","sort_order":0,"url":"https://jeffreyknockel.com"}],"media":[],"id":54133,"title":"Senior Research Associate at Citizen Lab"}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T18:38:22Z","links":[],"end":"2024-08-11T17:45:00.000-0000","id":54893,"tag_ids":[46166,46169,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":54133},{"tag_id":46167,"sort_order":4,"person_id":54091}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-08T18:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Websites often parse users' email addresses to identify their organisation. Unfortunately, parsing emails is far from straightforward thanks to a collection of ancient RFCs that everyone knows are crazy. You can probably see where this is going…\r\n\r\nIn this session, I'll introduce techniques for crafting RFC-compliant email addresses that bypass virtually all defences leading to broken assumptions, parser discrepancies and emails being routed to wildly unexpected destinations. I'll show you how to exploit multiple applications and libraries to spoof email domains, access internal systems protected by 'Zero Trust', and bypass employee-only registration barriers.\r\n\r\nThen I'll introduce another class of attack - harmless-looking input transformed into malicious payloads by unwitting libraries, leading to yet more misrouted emails, and blind CSS injection on a well-known target.\r\n\r\nI'll leave you with a full methodology and toolkit to identify and exploit your own targets, plus a CTF to develop your new skillset.\r\n\r\n- Email parsing:\r\n - [link](https://www.jochentopf.com/email/address.html)\r\n - [link](https://nathandavison.com/blog/exploiting-email-address-parsing-with-aws-ses)\r\n - [link](https://medium.com/@fs0c131y/tchap-the-super-not-secure-app-of-the-french-government-84b31517d144)\r\n\r\n- CSS Exfiltration:\r\n - [link](https://vwzq.net/slides/2019-s3_css_injection_attacks.pdf)\r\n - [link](https://d0nut.medium.com/better-exfiltration-via-html-injection-31c72a2dae8b)\r\n\r\n- Unicode:\r\n - [link](https://www.sonarsource.com/blog/10-unknown-security-pitfalls-for-python/#:~:text=8.%20Unicode%20Case%20Collision)\r\n\n\n\n","media":[],"title":"Splitting the email atom: exploiting parsers to bypass access controls","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T17:45:00Z","end_timestamp":{"seconds":1723398300,"nanoseconds":0},"android_description":"Websites often parse users' email addresses to identify their organisation. Unfortunately, parsing emails is far from straightforward thanks to a collection of ancient RFCs that everyone knows are crazy. You can probably see where this is going…\r\n\r\nIn this session, I'll introduce techniques for crafting RFC-compliant email addresses that bypass virtually all defences leading to broken assumptions, parser discrepancies and emails being routed to wildly unexpected destinations. I'll show you how to exploit multiple applications and libraries to spoof email domains, access internal systems protected by 'Zero Trust', and bypass employee-only registration barriers.\r\n\r\nThen I'll introduce another class of attack - harmless-looking input transformed into malicious payloads by unwitting libraries, leading to yet more misrouted emails, and blind CSS injection on a well-known target.\r\n\r\nI'll leave you with a full methodology and toolkit to identify and exploit your own targets, plus a CTF to develop your new skillset.\r\n\r\n- Email parsing:\r\n - [link](https://www.jochentopf.com/email/address.html)\r\n - [link](https://nathandavison.com/blog/exploiting-email-address-parsing-with-aws-ses)\r\n - [link](https://medium.com/@fs0c131y/tchap-the-super-not-secure-app-of-the-french-government-84b31517d144)\r\n\r\n- CSS Exfiltration:\r\n - [link](https://vwzq.net/slides/2019-s3_css_injection_attacks.pdf)\r\n - [link](https://d0nut.medium.com/better-exfiltration-via-html-injection-31c72a2dae8b)\r\n\r\n- Unicode:\r\n - [link](https://www.sonarsource.com/blog/10-unknown-security-pitfalls-for-python/#:~:text=8.%20Unicode%20Case%20Collision)","updated_timestamp":{"seconds":1720463920,"nanoseconds":0},"speakers":[{"content_ids":[54519,55173],"conference_id":133,"event_ids":[55561,54892],"name":"Gareth Heyes","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"PortSwigger","title":"Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@garethheyes)","sort_order":0,"url":"https://twitter.com/garethheyes"},{"description":"","title":"garethheyes.co.uk/","sort_order":0,"url":"https://garethheyes.co.uk/"}],"media":[],"id":54158,"title":"Researcher at PortSwigger"}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T18:38:40Z","links":[],"end":"2024-08-11T17:45:00.000-0000","id":54892,"tag_ids":[46166,46169,46419,46437,46438,46878],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54158}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-08T18:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us as we unravel another story of public resources from AWS, digging in 3.1 million AMIs for secrets. Beyond the findings, we'll delve into the ominous connection between exfiltrated AWS access credentials from these AMIs and the heightened risk of AWS account takeover. This talk will highlight key methodologies, tools, and lessons learned, emphasizing the critical need for robust security measures in the cloud to prevent both data exposure and potential account compromise.\r\n\r\nWe started and developed this research without references of existing work. However, here are two links that can be viewed as related/previous work:\r\n\r\nThis article shows a research on a subset of public AMIs from a single region in AWS\r\n[link](https://blog.lethalbit.com/hunting-for-sensitive-data-in-public-amazon-images-ami/)\r\n\r\nThis research shows a similar issue where public EBS are scanned. However, this technique does not work for most public AMIs\r\n[link](https://www.youtube.com/watch?v=HXM1rBk_wXs)\r\n\n\n\n","media":[],"title":"AWS CloudQuarry: Digging for secrets in public AMIs","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T17:45:00Z","end_timestamp":{"seconds":1723398300,"nanoseconds":0},"android_description":"Join us as we unravel another story of public resources from AWS, digging in 3.1 million AMIs for secrets. Beyond the findings, we'll delve into the ominous connection between exfiltrated AWS access credentials from these AMIs and the heightened risk of AWS account takeover. This talk will highlight key methodologies, tools, and lessons learned, emphasizing the critical need for robust security measures in the cloud to prevent both data exposure and potential account compromise.\r\n\r\nWe started and developed this research without references of existing work. However, here are two links that can be viewed as related/previous work:\r\n\r\nThis article shows a research on a subset of public AMIs from a single region in AWS\r\n[link](https://blog.lethalbit.com/hunting-for-sensitive-data-in-public-amazon-images-ami/)\r\n\r\nThis research shows a similar issue where public EBS are scanned. However, this technique does not work for most public AMIs\r\n[link](https://www.youtube.com/watch?v=HXM1rBk_wXs)","updated_timestamp":{"seconds":1720463930,"nanoseconds":0},"speakers":[{"content_ids":[54518],"conference_id":133,"event_ids":[54891],"name":"Matei Josephs","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Senior Penetration Tester"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/matei-anthony-josephs-325ba5199/"}],"media":[],"id":54114,"title":"Senior Penetration Tester"},{"content_ids":[54518],"conference_id":133,"event_ids":[54891],"name":"Eduard Agavriloae","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"AWS Offensive Expert and Pentester"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/eduard-k-agavriloae/"},{"description":"","title":"Twitter (@saw_your_packet)","sort_order":0,"url":"https://twitter.com/saw_your_packet"}],"media":[],"id":54126,"title":"AWS Offensive Expert and Pentester"}],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-08T18:38:50Z","links":[],"end":"2024-08-11T17:45:00.000-0000","id":54891,"tag_ids":[46166,46169,46419,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54126},{"tag_id":46167,"sort_order":4,"person_id":54114}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-08T18:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DEF CON has made HDA a community, and we now have a community room! This room will be dedicated to the attendees with ADA needs, their friends, helpers, and anyone who wants to hang out and be social! So far we plan on providing charging stations, chill out sessions, an open call for a modular synth jam session, and more to come! Let's all work together to make DEFCON Awesomely Accessible!\r\n\r\n(Please note that on Thursday, we will be open only to provide assistance to those in need. Regular community programming will begin on Friday.)\r\n\r\nHang out, chill out deck out your mobility device and more!\n\n\n","media":[],"title":"HDA Community - Open for Accessibility Questions/Help","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T22:00:00Z","end_timestamp":{"seconds":1723413600,"nanoseconds":0},"android_description":"DEF CON has made HDA a community, and we now have a community room! This room will be dedicated to the attendees with ADA needs, their friends, helpers, and anyone who wants to hang out and be social! So far we plan on providing charging stations, chill out sessions, an open call for a modular synth jam session, and more to come! Let's all work together to make DEFCON Awesomely Accessible!\r\n\r\n(Please note that on Thursday, we will be open only to provide assistance to those in need. Regular community programming will begin on Friday.)\r\n\r\nHang out, chill out deck out your mobility device and more!","updated_timestamp":{"seconds":1722140938,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T17:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T04:28:58Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/242670"},{"label":"Official HDA Policy","type":"link","url":"https://defcon.org/html/links/dc-hda.html"}],"end":"2024-08-11T22:00:00.000-0000","id":54573,"tag_ids":[46362,46404],"village_id":null,"begin_timestamp":{"seconds":1723395600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46251,"name":"LVCC - L1 - W110 (HDA)","hotel":"","short_name":"W110 (HDA)","id":46280},"spans_timebands":"N","begin":"2024-08-11T17:00:00.000-0000","updated":"2024-07-28T04:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you find something that seems to have been lost, please take that item to the nearest NFO Node. The item will enter the DEF CON Lost & Found system. \r\n\r\nIf you've lost something, the only way to check on it (or reclaim it) is by going to the Lost & Found department yourself. The Lost & Found department is in room LVCC - L2 - W238. You may also call Lost & Found at [+1 (725) 377-5045](tel:+17253775045).\r\n\r\nThe Lost & Found department plans to be open Thursday - Saturday, during all hours that the conference operates. On Sunday, the Lost & Found department will open with the venue at 08:00, but will close at the beginning of DEF CON 32 Closing Ceremonies (15:00). Shortly thereafter, all remaining lost items will be transferred to the LVCC West Lobby Security Office. If you need to reach LVCC's West Lobby Security Office, you may call [+1 (702) 943-3532](tel:+17029433532).\n\n\n","media":[],"title":"Lost & Found","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T22:00:00Z","end_timestamp":{"seconds":1723413600,"nanoseconds":0},"android_description":"If you find something that seems to have been lost, please take that item to the nearest NFO Node. The item will enter the DEF CON Lost & Found system. \r\n\r\nIf you've lost something, the only way to check on it (or reclaim it) is by going to the Lost & Found department yourself. The Lost & Found department is in room LVCC - L2 - W238. You may also call Lost & Found at [+1 (725) 377-5045](tel:+17253775045).\r\n\r\nThe Lost & Found department plans to be open Thursday - Saturday, during all hours that the conference operates. On Sunday, the Lost & Found department will open with the venue at 08:00, but will close at the beginning of DEF CON 32 Closing Ceremonies (15:00). Shortly thereafter, all remaining lost items will be transferred to the LVCC West Lobby Security Office. If you need to reach LVCC's West Lobby Security Office, you may call [+1 (702) 943-3532](tel:+17029433532).","updated_timestamp":{"seconds":1722195318,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T15:00:00Z","timeband_id":1149,"updated_tsz":"2024-07-28T19:35:18Z","links":[],"end":"2024-08-11T22:00:00.000-0000","id":55889,"tag_ids":[46362,46744],"village_id":null,"begin_timestamp":{"seconds":1723388400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W238 (Lost & Found)","hotel":"","short_name":"W238 (Lost & Found)","id":46338},"spans_timebands":"N","begin":"2024-08-11T15:00:00.000-0000","updated":"2024-07-28T19:35:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Our human registration process this year will be very similar to previous years. Please be patient. All of the times listed here are **approximate**. \r\n\r\n# Basics\r\n\r\n### Who needs a badge?\r\n\r\nA badge is required for each human age 8 and older.\r\n\r\n### Human?\r\n\r\nYou are a human if you do not know otherwise. People that are not humans include goons, official speaker, village/community/contest/creator staff, press, black badge holders, or similar. If you are not a human, you need to register separately. If you don't know how, see an NFO goon (NFO Node, formerly known as an infobooth, is where you can get help). The remainder of this message applies only to humans.\r\n\r\n### Lines? Linecon?\r\n\r\nLinecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)\r\n\r\nOnline badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales. \r\n\r\nPlease help us make this a great experience for everyone by **following directions given by goons**. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join. \r\n\r\n# Ways to buy a badge\r\n\r\n- $480 [online purchase](https://shop.defcon.org/products/def-con-32-las-vegas-convention-center) until August 1, 2024. Tickets are transferable. Please read the details on the linked page.\r\n- $460 cash purchase on-site.\r\n- As part of a BlackHat registration.\r\n\r\n### Online Purchase\r\n\r\nYou will be emailed a QR code to the email address provided when you bought your badge. Please guard that QR code as though it is cash -- it can only be redeemed once, and anyone can redeem it if they have it (including a photo of it). Badges are picked-up on-site -- they will not be mailed or shipped.\r\n\r\nWe can scan the QR code either from your phone's display or from a printed copy. You **must** have the QR code with you in order to obtain your badge. As you approach the front of the line, if you are going to show your QR code on an electronic device, please ensure that your display is set to maximum brightness. \r\n\r\nIf you pre-registered, but ultimately are unable to attend DEF CON and want to cancel your purchase, the **only** way to get a refund is from the original online source. We are unable to provide any refunds on-site at DEF CON. There is a fee to have your badge canceled: $34 until July 15, and $84 on and after July 15.\r\n\r\nOnline purchases are provided a receipt via email when the purchase is made.\r\n\r\nOnline purchase -- often referred to as pre-registration -- does not allow you to skip any line/queue to pick up your badge. Once you arrive on-site, you will need to join the existing line for human registration. There may or may not be a dedicated line for pre-registration badge pickup, depending on when you arrive, how long the line is, available staff, etc.\r\n\r\n### Cash Purchase\r\n\r\nBadges will be available for purchase on-site at DEF CON. All badge sales are **cash only**. No checks, money orders, credit cards, etc., will be accepted. In order to keep the registration line moving as quickly as possible, please have **exact change** ready as you near the front of the line.\r\n\r\nThere are no refunds given for cash sales. If you have any doubt about your desire to buy a badge, please refrain from doing so.\r\n\r\nWe are unable to provide printed receipts at the time of the sale. A generic receipt for the cash sale of a badge will be made available on media.defcon.org after the conference. You are welcome to print your own copy of the receipt on plain paper.\r\n\r\n### Via BlackHat \r\n\r\nIf you attend BlackHat, it is possible to purchase a DEF CON badge with your BlackHat registration. If you did so, please get your DEF CON badge from BlackHat before they close. \r\n\r\nBlackHat should send you an email with instructions for how to obtain your DEF CON badge. In case you missed it, you can go to the second floor, at the concierge desk, halfway down Black Hat Blvd.\r\n\r\n# Misc\r\n\r\nWant to buy multiple badges? No problem! We're happy to sell you however many badges you want to pay for.\r\n\r\nIf you lose your badge, there is unfortunately no way for us to replace it. You'll have to buy a replacement at full price. Please don't lose your badge. :( \r\n\r\nIf you are being accompanied by a full-time caretaker (such as someone who will push your wheelchair, and will accompany you at all times), please ask to speak to a Registration Goon. Your caretaker will receive a paper badge that will permit them to accompany you everywhere you go.\r\n\r\n# Still need help?\r\n\r\nIf you have questions about anything regarding human registration that are not addressed here, please ask to speak to a Registration Goon.\n\n\n","media":[{"hash_sha256":"8a300e1ae98ec2a54a4a5b4a5378f42ca3196613b8cfeec201265c89f74bada7","filetype":"image/webp","hash_md5":"d5dca56d644276270ebb606349e06742","name":"defcon32preregistrationartc.webp","is_logo":"Y","hash_crc32c":"4ef042a8","filesize":249642,"asset_id":815,"sort_order":1,"url":"https://info.defcon.org/blobs/defcon32preregistrationartc.webp"}],"title":"Human Registration Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T23:00:00Z","end_timestamp":{"seconds":1723417200,"nanoseconds":0},"android_description":"Our human registration process this year will be very similar to previous years. Please be patient. All of the times listed here are **approximate**. \r\n\r\n# Basics\r\n\r\n### Who needs a badge?\r\n\r\nA badge is required for each human age 8 and older.\r\n\r\n### Human?\r\n\r\nYou are a human if you do not know otherwise. People that are not humans include goons, official speaker, village/community/contest/creator staff, press, black badge holders, or similar. If you are not a human, you need to register separately. If you don't know how, see an NFO goon (NFO Node, formerly known as an infobooth, is where you can get help). The remainder of this message applies only to humans.\r\n\r\n### Lines? Linecon?\r\n\r\nLinecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)\r\n\r\nOnline badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales. \r\n\r\nPlease help us make this a great experience for everyone by **following directions given by goons**. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join. \r\n\r\n# Ways to buy a badge\r\n\r\n- $480 [online purchase](https://shop.defcon.org/products/def-con-32-las-vegas-convention-center) until August 1, 2024. Tickets are transferable. Please read the details on the linked page.\r\n- $460 cash purchase on-site.\r\n- As part of a BlackHat registration.\r\n\r\n### Online Purchase\r\n\r\nYou will be emailed a QR code to the email address provided when you bought your badge. Please guard that QR code as though it is cash -- it can only be redeemed once, and anyone can redeem it if they have it (including a photo of it). Badges are picked-up on-site -- they will not be mailed or shipped.\r\n\r\nWe can scan the QR code either from your phone's display or from a printed copy. You **must** have the QR code with you in order to obtain your badge. As you approach the front of the line, if you are going to show your QR code on an electronic device, please ensure that your display is set to maximum brightness. \r\n\r\nIf you pre-registered, but ultimately are unable to attend DEF CON and want to cancel your purchase, the **only** way to get a refund is from the original online source. We are unable to provide any refunds on-site at DEF CON. There is a fee to have your badge canceled: $34 until July 15, and $84 on and after July 15.\r\n\r\nOnline purchases are provided a receipt via email when the purchase is made.\r\n\r\nOnline purchase -- often referred to as pre-registration -- does not allow you to skip any line/queue to pick up your badge. Once you arrive on-site, you will need to join the existing line for human registration. There may or may not be a dedicated line for pre-registration badge pickup, depending on when you arrive, how long the line is, available staff, etc.\r\n\r\n### Cash Purchase\r\n\r\nBadges will be available for purchase on-site at DEF CON. All badge sales are **cash only**. No checks, money orders, credit cards, etc., will be accepted. In order to keep the registration line moving as quickly as possible, please have **exact change** ready as you near the front of the line.\r\n\r\nThere are no refunds given for cash sales. If you have any doubt about your desire to buy a badge, please refrain from doing so.\r\n\r\nWe are unable to provide printed receipts at the time of the sale. A generic receipt for the cash sale of a badge will be made available on media.defcon.org after the conference. You are welcome to print your own copy of the receipt on plain paper.\r\n\r\n### Via BlackHat \r\n\r\nIf you attend BlackHat, it is possible to purchase a DEF CON badge with your BlackHat registration. If you did so, please get your DEF CON badge from BlackHat before they close. \r\n\r\nBlackHat should send you an email with instructions for how to obtain your DEF CON badge. In case you missed it, you can go to the second floor, at the concierge desk, halfway down Black Hat Blvd.\r\n\r\n# Misc\r\n\r\nWant to buy multiple badges? No problem! We're happy to sell you however many badges you want to pay for.\r\n\r\nIf you lose your badge, there is unfortunately no way for us to replace it. You'll have to buy a replacement at full price. Please don't lose your badge. :( \r\n\r\nIf you are being accompanied by a full-time caretaker (such as someone who will push your wheelchair, and will accompany you at all times), please ask to speak to a Registration Goon. Your caretaker will receive a paper badge that will permit them to accompany you everywhere you go.\r\n\r\n# Still need help?\r\n\r\nIf you have questions about anything regarding human registration that are not addressed here, please ask to speak to a Registration Goon.","updated_timestamp":{"seconds":1722991207,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T15:00:00Z","timeband_id":1149,"updated_tsz":"2024-08-07T00:40:07Z","links":[],"end":"2024-08-11T23:00:00.000-0000","id":54481,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723388400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"N","begin":"2024-08-11T15:00:00.000-0000","updated":"2024-08-07T00:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Thursday, Friday, Saturday and Sunday: 05:00 to 08:00, with random pop up meetings throughout the day in the con space.\r\n\r\nDefcon.run is an evolution of the now long running DEF CON 4x5K running event. Due to stupendous growth, we’ve been forced to change up the format. This year's activity will look to match up folks for fun runs, and rucks (!), in small distributed groups around Las Vegas. It’s the same old event but at a distributed scale!\r\n\r\nShow up in the morning, go for a run with folks, have a good time!\r\n\r\nWe’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances. Full Information at https://defcon.run\n\n\n","media":[],"title":"Defcon.run","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-11T15:00:00Z","end_timestamp":{"seconds":1723388400,"nanoseconds":0},"android_description":"Thursday, Friday, Saturday and Sunday: 05:00 to 08:00, with random pop up meetings throughout the day in the con space.\r\n\r\nDefcon.run is an evolution of the now long running DEF CON 4x5K running event. Due to stupendous growth, we’ve been forced to change up the format. This year's activity will look to match up folks for fun runs, and rucks (!), in small distributed groups around Las Vegas. It’s the same old event but at a distributed scale!\r\n\r\nShow up in the morning, go for a run with folks, have a good time!\r\n\r\nWe’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances. Full Information at https://defcon.run","updated_timestamp":{"seconds":1718813049,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T12:00:00Z","timeband_id":1149,"updated_tsz":"2024-06-19T16:04:09Z","links":[{"label":"More Info","type":"link","url":"https://defcon.run"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249585"}],"end":"2024-08-11T15:00:00.000-0000","id":54515,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723377600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-11T12:00:00.000-0000","updated":"2024-06-19T16:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Illuminati Party is excited to open our doors once again to all those who wish to join us at DEF CON for an OPEN party welcoming all of our Hacker Family! Follow us on X (Twitter: @IlluminatiParty)\n\n\n","media":[{"hash_sha256":"526647fe7b7a385b98e5d5aa7e61d3ef5afb96fd5837315b0fc6cf0dc088ff08","filetype":"image/png","hash_md5":"37ae6605775def32e78245abad406a13","name":"pme_illuminati.png","is_logo":"Y","hash_crc32c":"24f75229","filesize":247952,"asset_id":681,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_illuminati.png"}],"title":"The Illuminati Party","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-11T09:00:00Z","end_timestamp":{"seconds":1723366800,"nanoseconds":0},"android_description":"The Illuminati Party is excited to open our doors once again to all those who wish to join us at DEF CON for an OPEN party welcoming all of our Hacker Family! Follow us on X (Twitter: @IlluminatiParty)","updated_timestamp":{"seconds":1718814144,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T04:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T16:22:24Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249538"},{"label":"Website","type":"link","url":"https://illuminatiparty.org"},{"label":"Twitter (@illuminatiparty)","type":"link","url":"https://twitter.com/illuminatiparty"}],"end":"2024-08-11T09:00:00.000-0000","id":54524,"tag_ids":[46363],"village_id":null,"begin_timestamp":{"seconds":1723348800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W303-W304","hotel":"","short_name":"W303-W304","id":46317},"spans_timebands":"Y","begin":"2024-08-11T04:00:00.000-0000","updated":"2024-06-19T16:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"RAA For Workgroups 3.11 is a continuation of the Rent an Assassin series of parties from DC Shenanigans. Based on the World of Assassination from the Hitman video game franchise, RAA has been serving up clandestine client acquisition events in top-secret locations since DC30. This year marks our first-ever official DEF CON event, and we are excited to bring you some of the best DJs (and shenanigans) DEF CON has to offer.\n\n\n","media":[{"hash_sha256":"6da60dea311582544f0de0ed6d955ab2b13d3e7455715cc62d77819dffe444bc","filetype":"image/png","hash_md5":"1dede1c3cb8921e87a5c5ac5b719c269","name":"pme_raa.png","is_logo":"Y","hash_crc32c":"bc81d06b","filesize":44009,"asset_id":684,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_raa.png"}],"title":"RAA for Workgroups 3.11","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-11T09:00:00Z","end_timestamp":{"seconds":1723366800,"nanoseconds":0},"android_description":"RAA For Workgroups 3.11 is a continuation of the Rent an Assassin series of parties from DC Shenanigans. Based on the World of Assassination from the Hitman video game franchise, RAA has been serving up clandestine client acquisition events in top-secret locations since DC30. This year marks our first-ever official DEF CON event, and we are excited to bring you some of the best DJs (and shenanigans) DEF CON has to offer.","updated_timestamp":{"seconds":1718813957,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T04:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T16:19:17Z","links":[{"label":"Twitter (@dcshenanigans)","type":"link","url":"https://twitter.com/dcshenanigans"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249568"},{"label":"Website","type":"link","url":"https://dcshenanigans.com"}],"end":"2024-08-11T09:00:00.000-0000","id":54522,"tag_ids":[46363],"village_id":null,"begin_timestamp":{"seconds":1723348800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W324, W327","hotel":"","short_name":"W322-W324, W327","id":46306},"spans_timebands":"Y","begin":"2024-08-11T04:00:00.000-0000","updated":"2024-06-19T16:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us at the Hack Shack Saturday night from 21:00-02:00 in room 208 for an evening full of exploits and fun! Enjoy some byte-sized bites, groove to our cyber beats, and mingle with the best in the bug bounty biz. Stop by Intigriti's booth in Exhibitors area before the party and grab a scratch card for your chance to win a free drink! Don't miss out on this bug bounty bonanza!\n\n\n","media":[{"hash_sha256":"bf7f7e09674f432b33d4efbd5f64ee3dbaceeb809e5009e2be58090b364f8099","filetype":"image/png","hash_md5":"47a8dcfbf7547f48f39a8b7a7baeaf2b","name":"pme_intigriti.png","is_logo":"Y","hash_crc32c":"dc4ece55","filesize":69990,"asset_id":699,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_intigriti.png"}],"title":"Intigriti Hack Shack","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-11T09:00:00Z","end_timestamp":{"seconds":1723366800,"nanoseconds":0},"android_description":"Join us at the Hack Shack Saturday night from 21:00-02:00 in room 208 for an evening full of exploits and fun! Enjoy some byte-sized bites, groove to our cyber beats, and mingle with the best in the bug bounty biz. Stop by Intigriti's booth in Exhibitors area before the party and grab a scratch card for your chance to win a free drink! Don't miss out on this bug bounty bonanza!","updated_timestamp":{"seconds":1718813366,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T04:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T16:09:26Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249574"}],"end":"2024-08-11T09:00:00.000-0000","id":54520,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723348800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"Y","begin":"2024-08-11T04:00:00.000-0000","updated":"2024-06-19T16:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Welcome to VETCON, the DEFCON Community event and of course, THE VETCON Party where veterans, active duty military, and even civilians looking for a taste of the action come together for a cyber rendezvous. Because let's face it, sometimes you need a little civilian perspective to hack the system!\n\n\n","media":[{"hash_sha256":"63c681684ad6549ac831241dee220076649c0069996e7a01918362399b97298b","filetype":"image/png","hash_md5":"7ec0be52b0f1e42d5a6de220c198214d","name":"pme_vetcon.png","is_logo":"Y","hash_crc32c":"8adc3c61","filesize":159966,"asset_id":688,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_vetcon.png"}],"title":"VETCON","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-11T09:00:00Z","end_timestamp":{"seconds":1723366800,"nanoseconds":0},"android_description":"Welcome to VETCON, the DEFCON Community event and of course, THE VETCON Party where veterans, active duty military, and even civilians looking for a taste of the action come together for a cyber rendezvous. Because let's face it, sometimes you need a little civilian perspective to hack the system!","updated_timestamp":{"seconds":1718775123,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T04:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T05:32:03Z","links":[{"label":"More Info","type":"link","url":"https://vetconactual.com/"},{"label":"Twitter (@vetcon_command)","type":"link","url":"https://twitter.com/vetcon_command"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249546"}],"end":"2024-08-11T09:00:00.000-0000","id":54494,"tag_ids":[46363],"village_id":null,"begin_timestamp":{"seconds":1723348800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46251,"name":"LVCC - L1 - W106-W109 (Chillout 1)","hotel":"","short_name":"W106-W109 (Chillout 1)","id":46309},"spans_timebands":"Y","begin":"2024-08-11T04:00:00.000-0000","updated":"2024-06-19T05:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come party with Jack Rhysider at the Darknet Diaries Masquerade party! You're not going to want to miss this event as there will be free swag, killer music, interactive exhibits, and of course Jack Rhysider.\n\n\n","media":[{"hash_sha256":"9c2ef047ca48b42f7ea1f97b043622c4c14a0aa65786827356bcd1dec4720d46","filetype":"image/png","hash_md5":"c1d76b33963f641c6927799ad26ee73e","name":"pme_jack_rhysider.png","is_logo":"Y","hash_crc32c":"7efa16cd","filesize":227096,"asset_id":695,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_jack_rhysider.png"}],"title":"Jack Rhysider Masquerade Party","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-11T08:00:00Z","end_timestamp":{"seconds":1723363200,"nanoseconds":0},"android_description":"Come party with Jack Rhysider at the Darknet Diaries Masquerade party! You're not going to want to miss this event as there will be free swag, killer music, interactive exhibits, and of course Jack Rhysider.","updated_timestamp":{"seconds":1721321817,"nanoseconds":0},"speakers":[{"content_ids":[54147],"conference_id":133,"event_ids":[54491],"name":"Jack Rhysider","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@jackrhysider)","sort_order":0,"url":"https://twitter.com/jackrhysider"}],"media":[],"id":54675}],"begin_tsz":"2024-08-11T04:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-18T16:56:57Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249485"},{"label":"Twitter (@jackrhysider)","type":"link","url":"https://twitter.com/jackrhysider"},{"label":"Website","type":"link","url":"https://darknetdiaries.com/party"}],"end":"2024-08-11T08:00:00.000-0000","id":54491,"tag_ids":[46363],"village_id":null,"begin_timestamp":{"seconds":1723348800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":54675}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W325 - W326","hotel":"","short_name":"W325 - W326","id":46312},"spans_timebands":"Y","begin":"2024-08-11T04:00:00.000-0000","updated":"2024-07-18T16:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The increased dependency on the digital life to participate in society means, digital life is real life. With that, the consequences of failure in confidentiality, integrity and availability of our digital self, can have dire consequences. So, I threat modelled living in 2024; and it’s more fragile than I thought!\r\n\r\nHow digitally resilient do you think you are?\r\n\r\nLet’s talk about that, and some things we can do about it.\n\n\n","media":[],"title":"What!? Is my life that fragile?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T03:35:00Z","end_timestamp":{"seconds":1723347300,"nanoseconds":0},"android_description":"The increased dependency on the digital life to participate in society means, digital life is real life. With that, the consequences of failure in confidentiality, integrity and availability of our digital self, can have dire consequences. So, I threat modelled living in 2024; and it’s more fragile than I thought!\r\n\r\nHow digitally resilient do you think you are?\r\n\r\nLet’s talk about that, and some things we can do about it.","updated_timestamp":{"seconds":1722445977,"nanoseconds":0},"speakers":[{"content_ids":[55697],"conference_id":133,"event_ids":[56220],"name":"hoodiePony","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":"they/them","media":[],"id":56068}],"begin_tsz":"2024-08-11T03:05:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:12:57Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-11T03:35:00.000-0000","id":56220,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723345500,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56068}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-11T03:05:00.000-0000","updated":"2024-07-31T17:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The AI Village and Blue Team Village Pool Party will feature free tacos, cash bars, sponsor cabanas, with entertainment by DJ R.O.C.K.M.A.N. and \"Dunk A Fed\" benefitting Blacks in Cyber and Women in Security and Privacy. Sahara Azilo Pool, Saturday, August 10, 8pm to midnight. DEF CON badge required for entry. All ages. Visit Blacks In Cyber Village or WISP at DEF CON for your Dunk A Fed raffle ticket.\n\n\n","media":[],"title":"AIV + BTV Pool Party featuring DUNK-A-FED","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-11T06:59:59Z","end_timestamp":{"seconds":1723359599,"nanoseconds":0},"android_description":"The AI Village and Blue Team Village Pool Party will feature free tacos, cash bars, sponsor cabanas, with entertainment by DJ R.O.C.K.M.A.N. and \"Dunk A Fed\" benefitting Blacks in Cyber and Women in Security and Privacy. Sahara Azilo Pool, Saturday, August 10, 8pm to midnight. DEF CON badge required for entry. All ages. Visit Blacks In Cyber Village or WISP at DEF CON for your Dunk A Fed raffle ticket.","updated_timestamp":{"seconds":1723185185,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T03:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T06:33:05Z","links":[],"end":"2024-08-11T06:59:00.000-0000","id":56857,"tag_ids":[46363,46368,46373],"village_id":null,"begin_timestamp":{"seconds":1723345200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-11T03:00:00.000-0000","updated":"2024-08-09T06:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"- 20:00 - 21:00 - Kampf\r\n- 21:00 - 22:00 - mattrix\r\n- 22:00 - 23:00 - Dr. McGrew\r\n- 23:00 - 00:00 - Magik Plan\r\n- 00:00 - 01:00 - Syntax (DJ) + Luna (VJ)\r\n- 01:00 - 02:00 - N8\n\n\n","media":[{"hash_sha256":"a80728936f0af73b04b422b3a85afef988a246a4f3f31c1e863cfb506c6f1cef","filetype":"image/png","hash_md5":"40faa20781592f35d20948c7c608458a","name":"dc32_ae_flyer_saturday_v2.png","is_logo":"Y","hash_crc32c":"a28e08e1","filesize":270408,"asset_id":820,"sort_order":0,"url":"https://info.defcon.org/blobs/dc32_ae_flyer_saturday_v2.png"}],"title":"Music Set / Entertainment (Cyberpunk Bar Saturday, ACK Stage)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#2d40ff","name":"Entertainment","updated_tsz":"2024-08-04T15:14:13Z","id":46737},"end_tsz":"2024-08-11T09:00:00Z","end_timestamp":{"seconds":1723366800,"nanoseconds":0},"android_description":"- 20:00 - 21:00 - Kampf\r\n- 21:00 - 22:00 - mattrix\r\n- 22:00 - 23:00 - Dr. McGrew\r\n- 23:00 - 00:00 - Magik Plan\r\n- 00:00 - 01:00 - Syntax (DJ) + Luna (VJ)\r\n- 01:00 - 02:00 - N8","updated_timestamp":{"seconds":1721791183,"nanoseconds":0},"speakers":[{"content_ids":[55326,54479,54212],"conference_id":133,"event_ids":[55718,54585,54852],"name":"Wesley McGrew","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MartinFederal","title":"Senior Cybersecurity Fellow"}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@mcgrew@defcon.social)","sort_order":0,"url":"https://defcon.social/@mcgrew"},{"description":"","title":"MixCloud","sort_order":0,"url":"https://www.mixcloud.com/wesmcgrew/stream/"},{"description":"","title":"Twitter (@McGrewSecurity)","sort_order":0,"url":"https://twitter.com/McGrewSecurity"}],"media":[],"id":54044,"title":"Senior Cybersecurity Fellow at MartinFederal"},{"content_ids":[55326],"conference_id":133,"event_ids":[55718],"name":"Kampf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55897},{"content_ids":[55326],"conference_id":133,"event_ids":[55718],"name":"Magik Plan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55898},{"content_ids":[55326],"conference_id":133,"event_ids":[55718],"name":"mattrix","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55899},{"content_ids":[55326],"conference_id":133,"event_ids":[55718],"name":"N8","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55902},{"content_ids":[55326],"conference_id":133,"event_ids":[55718],"name":"Syntax (DJ) + Luna (VJ)","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55912}],"begin_tsz":"2024-08-11T03:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T03:19:43Z","links":[{"label":"Instagram","type":"link","url":"https://www.instagram.com/defcon_music/"},{"label":"Twitter (@defcon_music)","type":"link","url":"https://twitter.com/defcon_music"},{"label":"DEF CON Music Website","type":"link","url":"https://defconmusic.org"},{"label":"Mastodon (@Defcon_Music@defcon.social)","type":"link","url":"https://defcon.social/@Defcon_Music"}],"end":"2024-08-11T09:00:00.000-0000","id":55718,"tag_ids":[46737],"village_id":null,"begin_timestamp":{"seconds":1723345200,"nanoseconds":0},"includes":"","people":[{"tag_id":46486,"sort_order":2,"person_id":54044},{"tag_id":46486,"sort_order":4,"person_id":55912},{"tag_id":46486,"sort_order":6,"person_id":55902},{"tag_id":46486,"sort_order":8,"person_id":55899},{"tag_id":46486,"sort_order":10,"person_id":55898},{"tag_id":46486,"sort_order":12,"person_id":55897}],"tags":"","conference_id":133,"location":{"parent_id":46334,"name":"LVCC - L1 - North Lobby Contests/ACK Stage","hotel":"","short_name":"North Lobby Contests/ACK Stage","id":46332},"spans_timebands":"Y","begin":"2024-08-11T03:00:00.000-0000","updated":"2024-07-24T03:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"- 20:00 - 21:00 - DJ Scythe\r\n- 21:00 - 22:00 - Grindhaus Selektor\r\n- 22:00 - 23:00 - Skittish and Bus\r\n- 23:00 - 00:00 - Miss Jackalope\r\n- 00:00 - 01:00 - O'Craven Celtic Pirate Band\r\n- 01:00 - 01:15 - Costume Contest\r\n- 01:15 - 02:00 - Ninjula\n\n\n","media":[{"hash_sha256":"a80728936f0af73b04b422b3a85afef988a246a4f3f31c1e863cfb506c6f1cef","filetype":"image/png","hash_md5":"40faa20781592f35d20948c7c608458a","name":"dc32_ae_flyer_saturday_v2.png","is_logo":"Y","hash_crc32c":"a28e08e1","filesize":270408,"asset_id":820,"sort_order":1,"url":"https://info.defcon.org/blobs/dc32_ae_flyer_saturday_v2.png"}],"title":"Music Set / Entertainment (Pirate's Night For Me! Saturday, SYN Stage)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#2d40ff","name":"Entertainment","updated_tsz":"2024-08-04T15:14:13Z","id":46737},"end_tsz":"2024-08-11T09:00:00Z","end_timestamp":{"seconds":1723366800,"nanoseconds":0},"android_description":"- 20:00 - 21:00 - DJ Scythe\r\n- 21:00 - 22:00 - Grindhaus Selektor\r\n- 22:00 - 23:00 - Skittish and Bus\r\n- 23:00 - 00:00 - Miss Jackalope\r\n- 00:00 - 01:00 - O'Craven Celtic Pirate Band\r\n- 01:00 - 01:15 - Costume Contest\r\n- 01:15 - 02:00 - Ninjula","updated_timestamp":{"seconds":1721791193,"nanoseconds":0},"speakers":[{"content_ids":[55324,55325],"conference_id":133,"event_ids":[55716,55717],"name":"Costume Contest","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55884},{"content_ids":[55325],"conference_id":133,"event_ids":[55717],"name":"DJ Scythe","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55889},{"content_ids":[55325],"conference_id":133,"event_ids":[55717],"name":"Grindhaus Selektor","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55895},{"content_ids":[55325],"conference_id":133,"event_ids":[55717],"name":"Miss Jackalope","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55901},{"content_ids":[55325],"conference_id":133,"event_ids":[55717],"name":"Ninjula","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55903},{"content_ids":[55325],"conference_id":133,"event_ids":[55717],"name":"O'Craven Celtic Pirate Band","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55904},{"content_ids":[55325],"conference_id":133,"event_ids":[55717],"name":"Skittish and Bus","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55910}],"begin_tsz":"2024-08-11T03:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T03:19:53Z","links":[{"label":"Mastodon (@Defcon_Music@defcon.social)","type":"link","url":"https://defcon.social/@Defcon_Music"},{"label":"DEF CON Music Website","type":"link","url":"https://defconmusic.org"},{"label":"Twitter (@defcon_music)","type":"link","url":"https://twitter.com/defcon_music"},{"label":"Instagram","type":"link","url":"https://www.instagram.com/defcon_music/"}],"end":"2024-08-11T09:00:00.000-0000","id":55717,"tag_ids":[46737],"village_id":null,"begin_timestamp":{"seconds":1723345200,"nanoseconds":0},"includes":"","people":[{"tag_id":46486,"sort_order":2,"person_id":55910},{"tag_id":46486,"sort_order":4,"person_id":55904},{"tag_id":46486,"sort_order":6,"person_id":55903},{"tag_id":46486,"sort_order":8,"person_id":55901},{"tag_id":46486,"sort_order":10,"person_id":55895},{"tag_id":46486,"sort_order":12,"person_id":55889},{"tag_id":46486,"sort_order":14,"person_id":55884}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W231-W233 (Chillout 2)","hotel":"","short_name":"W231-W233 (Chillout 2)","id":46316},"spans_timebands":"Y","begin":"2024-08-11T03:00:00.000-0000","updated":"2024-07-24T03:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Hacker Jeopardy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T05:00:00Z","end_timestamp":{"seconds":1723352400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1720319460,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T03:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T02:31:00Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249351"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249350"},{"label":"Twitter (@HackerJeopardy)","type":"link","url":"https://twitter.com/HackerJeopardy"}],"end":"2024-08-11T05:00:00.000-0000","id":54890,"tag_ids":[46427,46439,46509],"village_id":null,"begin_timestamp":{"seconds":1723345200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01:02 (Tracks 1-2)","hotel":"","short_name":"HW1-11-01:02 (Tracks 1-2)","id":46320},"spans_timebands":"N","begin":"2024-08-11T03:00:00.000-0000","updated":"2024-07-07T02:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"DEF CON Movie Night","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-11T06:59:00Z","end_timestamp":{"seconds":1723359540,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1718567253,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T03:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-16T19:47:33Z","links":[],"end":"2024-08-11T06:59:00.000-0000","id":54527,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723345200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W320","hotel":"","short_name":"W320","id":46299},"spans_timebands":"N","begin":"2024-08-11T03:00:00.000-0000","updated":"2024-06-16T19:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We are the event to go to if you want to hang out, enjoy the festivities, sing along, and show ones hidden talent.\n\n\n","media":[{"hash_sha256":"9dc542b73ed2f180e9da92ab6b96c13fdbf77524457592bb5909be0995f48bd8","filetype":"image/png","hash_md5":"9397f4fba28c3ec1eb0298b7768f7f87","name":"pme_hackerkaraoke.png","is_logo":"Y","hash_crc32c":"83073e75","filesize":10913,"asset_id":679,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_hackerkaraoke.png"}],"title":"Hacker Karaoke","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-11T09:00:00Z","end_timestamp":{"seconds":1723366800,"nanoseconds":0},"android_description":"We are the event to go to if you want to hang out, enjoy the festivities, sing along, and show ones hidden talent.","updated_timestamp":{"seconds":1718812577,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T03:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T15:56:17Z","links":[{"label":"Website","type":"link","url":"https://www.hackerkaraoke.org/"},{"label":"Twitter (@hackerkaraoke)","type":"link","url":"https://twitter.com/hackerkaraoke"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249524"}],"end":"2024-08-11T09:00:00.000-0000","id":54506,"tag_ids":[46363,46886],"village_id":null,"begin_timestamp":{"seconds":1723345200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"Y","begin":"2024-08-11T03:00:00.000-0000","updated":"2024-06-19T15:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Shifting left in Reversing apk by converting smali to java","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T02:50:00Z","end_timestamp":{"seconds":1723344600,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722445954,"nanoseconds":0},"speakers":[{"content_ids":[55696],"conference_id":133,"event_ids":[56219],"name":"Just Tulpa","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":"he/him","media":[],"id":56067}],"begin_tsz":"2024-08-11T02:35:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:12:34Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-11T02:50:00.000-0000","id":56219,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723343700,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56067}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-11T02:35:00.000-0000","updated":"2024-07-31T17:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Party with DEF CON NextGen. Enjoy some music, and some good conversation with other young DEF CON attendees!\n\n\n","media":[{"hash_sha256":"1660edaca21c76279b6887ea499fc7cba4a5c1f6878d4155e04a767d8a9c284e","filetype":"image/png","hash_md5":"94aafd208c3ef8ee73253ab95df55e13","name":"pme_dcnextgen.png","is_logo":"Y","hash_crc32c":"cf26ebac","filesize":85383,"asset_id":675,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_dcnextgen.png"}],"title":"DC Next Gen party","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-11T05:00:00Z","end_timestamp":{"seconds":1723352400,"nanoseconds":0},"android_description":"Party with DEF CON NextGen. Enjoy some music, and some good conversation with other young DEF CON attendees!","updated_timestamp":{"seconds":1718775659,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T02:30:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T05:40:59Z","links":[{"label":"Mastodon (@defconnextgen@defcon.social)","type":"link","url":"https://defcon.social/@defconnextgen"},{"label":"Twitter (@DEFCONNextGen)","type":"link","url":"https://twitter.com/DEFCONNextGen"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249532"}],"end":"2024-08-11T05:00:00.000-0000","id":54497,"tag_ids":[46363,46398],"village_id":null,"begin_timestamp":{"seconds":1723343400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W228","hotel":"","short_name":"W228","id":46505},"spans_timebands":"N","begin":"2024-08-11T02:30:00.000-0000","updated":"2024-06-19T05:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Who cashed my check?! Catching (Very Obvious) Fraudsters","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T02:30:00Z","end_timestamp":{"seconds":1723343400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722445941,"nanoseconds":0},"speakers":[{"content_ids":[55695],"conference_id":133,"event_ids":[56218],"name":"Squiddy","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/they","links":[{"description":"","title":"Instagram","sort_order":0,"url":"https://www.instagram.com/0xhegemon1c"},{"description":"","title":"Mastodon (@teuthida@defcon.social)","sort_order":0,"url":"https://defcon.social/@teuthida"}],"media":[],"id":56066}],"begin_tsz":"2024-08-11T02:05:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:12:21Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-11T02:30:00.000-0000","id":56218,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723341900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56066}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-11T02:05:00.000-0000","updated":"2024-07-31T17:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Diana Initiative is hosting a meetup where we’d love to get all the gender non conforming, non-binary and women attendees together to hang out and make friends! DEF CON is better with friends.\n\n\n","media":[{"hash_sha256":"10cdc5214560ac0ed664a5ea16e7bd13a107db631614b1e97ed7e86d7fef629b","filetype":"image/png","hash_md5":"429647f628918052706c0fbc45153055","name":"pme_diana.png","is_logo":"Y","hash_crc32c":"89533925","filesize":46031,"asset_id":677,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_diana.png"}],"title":"Women, gender non-conforming and non-binary meetup with The Diana Initiative","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-11T04:00:00Z","end_timestamp":{"seconds":1723348800,"nanoseconds":0},"android_description":"The Diana Initiative is hosting a meetup where we’d love to get all the gender non conforming, non-binary and women attendees together to hang out and make friends! DEF CON is better with friends.","updated_timestamp":{"seconds":1719245515,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T02:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-24T16:11:55Z","links":[{"label":"Twitter (@dianainitiative)","type":"link","url":"https://twitter.com/dianainitiative"},{"label":"Website","type":"link","url":"https://dianainitiative.org"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249543"}],"end":"2024-08-11T04:00:00.000-0000","id":54495,"tag_ids":[46364],"village_id":null,"begin_timestamp":{"seconds":1723341600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W305-W306","hotel":"","short_name":"W305-W306","id":46308},"spans_timebands":"N","begin":"2024-08-11T02:00:00.000-0000","updated":"2024-06-24T16:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Feet Feud (Hacker Family Feud) is a Cybersecurity-themed Family Feud style game arranged by members of the OnlyFeet CTF team and hosted by Toeb3rius (aka Tib3rius). Both survey questions and their answers are crowd-sourced from the Cybersecurity community. Two teams (Left Foot and Right Foot) captained by members of OnlyFeet and comprised of audience members go head to head, trying to figure out the top answers to the survey questions.\r\n\r\nAttendees can either watch the game or volunteer to play on one of the two teams. Audience participation is also encouraged if either of the two teams fails to get every answer of a survey question.\r\n\r\nUltimately Feet Feud is about having a laugh, watching people in the industry attempt to figure out what randomly surveyed people from the Cybersecurity community put as answers to a number of security / tech related questions.\n\n\n","media":[{"hash_sha256":"9bb80a623a71a30dd319ef669ae771ceb4b4ee0d98fdf1f44a50f4b9fafa5a32","filetype":"image/png","hash_md5":"b1ebaf0ad5603c5f1d981867da53d3df","name":"pme_FeetFeud.png","is_logo":"Y","hash_crc32c":"f2e8a4e2","filesize":297331,"asset_id":703,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_FeetFeud.png"}],"title":"Feet Feud (Hacker Family Feud)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T02:30:00Z","end_timestamp":{"seconds":1723343400,"nanoseconds":0},"android_description":"Feet Feud (Hacker Family Feud) is a Cybersecurity-themed Family Feud style game arranged by members of the OnlyFeet CTF team and hosted by Toeb3rius (aka Tib3rius). Both survey questions and their answers are crowd-sourced from the Cybersecurity community. Two teams (Left Foot and Right Foot) captained by members of OnlyFeet and comprised of audience members go head to head, trying to figure out the top answers to the survey questions.\r\n\r\nAttendees can either watch the game or volunteer to play on one of the two teams. Audience participation is also encouraged if either of the two teams fails to get every answer of a survey question.\r\n\r\nUltimately Feet Feud is about having a laugh, watching people in the industry attempt to figure out what randomly surveyed people from the Cybersecurity community put as answers to a number of security / tech related questions.","updated_timestamp":{"seconds":1718858746,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T01:30:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T04:45:46Z","links":[{"label":"Survey","type":"link","url":"https://forms.gle/Thebx1vksze9fVsbA"}],"end":"2024-08-11T02:30:00.000-0000","id":54532,"tag_ids":[46427,46439,46440],"village_id":null,"begin_timestamp":{"seconds":1723339800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01:02 (Tracks 1-2)","hotel":"","short_name":"HW1-11-01:02 (Tracks 1-2)","id":46320},"spans_timebands":"N","begin":"2024-08-11T01:30:00.000-0000","updated":"2024-06-20T04:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[{"hash_sha256":"42942f2f0d75cd05a694bb9d4031dbbd4d0a6949e073116c271141f3cf5d53e8","filetype":"image/png","hash_md5":"e08c3b9a3211a2fe5a24ef021c1e2210","name":"pme_policy_mixer.png","is_logo":"Y","hash_crc32c":"1e6e3fad","filesize":181661,"asset_id":700,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_policy_mixer.png"}],"title":"Policy Mixer @ DEF CON","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-11T05:30:00Z","end_timestamp":{"seconds":1723354200,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1718567333,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T01:30:00Z","timeband_id":1148,"updated_tsz":"2024-06-16T19:48:53Z","links":[],"end":"2024-08-11T05:30:00.000-0000","id":54531,"tag_ids":[46364,46388],"village_id":null,"begin_timestamp":{"seconds":1723339800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-11T01:30:00.000-0000","updated":"2024-06-16T19:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"EFF's team of technology experts have crafted challenging trivia about the fascinating, obscure, and trivial aspects of digital security, online rights, and Internet culture. Competing teams will plumb the unfathomable depths of their knowledge, but only the champion hive mind will claim the First Place Tech Trivia Trophy and EFF swag pack. The second and third place teams will also win great EFF gear.\n\n\n","media":[{"hash_sha256":"4ef499771df587138102fc48a9d8a2116f266c0cb4657c37983aa6139d7ba5b8","filetype":"image/png","hash_md5":"cec5885ad1fbb77d5777e5c2e1b9165c","name":"pme_EFFTechTrivia.png","is_logo":"Y","hash_crc32c":"2a111d67","filesize":152880,"asset_id":822,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_EFFTechTrivia.png"}],"title":"EFF Tech Trivia","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-11T04:30:00Z","end_timestamp":{"seconds":1723350600,"nanoseconds":0},"android_description":"EFF's team of technology experts have crafted challenging trivia about the fascinating, obscure, and trivial aspects of digital security, online rights, and Internet culture. Competing teams will plumb the unfathomable depths of their knowledge, but only the champion hive mind will claim the First Place Tech Trivia Trophy and EFF swag pack. The second and third place teams will also win great EFF gear.","updated_timestamp":{"seconds":1722303463,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T01:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T01:37:43Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249571"},{"label":"Twitter (@eff)","type":"link","url":"https://twitter.com/eff"},{"label":"More Info","type":"link","url":"http://eff.org/techtrivia"}],"end":"2024-08-11T04:30:00.000-0000","id":54521,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723339800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W307-W308","hotel":"","short_name":"W307-W308","id":46311},"spans_timebands":"N","begin":"2024-08-11T01:30:00.000-0000","updated":"2024-07-30T01:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Something something Meshtastic Pip-Boy Personal Mesh with 150 km reach","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T02:05:00Z","end_timestamp":{"seconds":1723341900,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722445927,"nanoseconds":0},"speakers":[{"content_ids":[55694],"conference_id":133,"event_ids":[56217],"name":"Giglio","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Mastodon (@giglio@defcon.social)","sort_order":0,"url":"https://defcon.social/@giglio"},{"description":"","title":"Mastodon (@larrybiggs@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@larrybiggs"}],"media":[],"id":56065}],"begin_tsz":"2024-08-11T01:05:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:12:07Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-11T02:05:00.000-0000","id":56217,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723338300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56065}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-11T01:05:00.000-0000","updated":"2024-07-31T17:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Its time to ask the question: “Where do we go from here?” Join SEC Village founders, Snow & JC to have a heart to heart about how we shape the future of the SEC. If you’re looking for how to get involved, or have ideas for the village, be here! We need you and want to hear from you!\n\n\n","media":[],"title":"Presentation: It Takes a Village...","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Its time to ask the question: “Where do we go from here?” Join SEC Village founders, Snow & JC to have a heart to heart about how we shape the future of the SEC. If you’re looking for how to get involved, or have ideas for the village, be here! We need you and want to hear from you!","updated_timestamp":{"seconds":1722102958,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T00:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T17:55:58Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55835,"tag_ids":[46393,46511],"village_id":null,"begin_timestamp":{"seconds":1723336200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-11T00:30:00.000-0000","updated":"2024-07-27T17:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Meet the minds behind a decade of acclaimed web security research. Whether you'd like to query our thoughts on technical matters or career decisions, share something cool you've found, flood us with Burp Suite feature requests, or simply say hi, this is your chance! We're also giving three presentations at DEF CON so if you'd like to treat this as an extended Q&A for those, that's cool too. Please note this session may be chaotic.\n\n\n","media":[],"title":"Meet the PortSwigger Research team (Q/A)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Meet the minds behind a decade of acclaimed web security research. Whether you'd like to query our thoughts on technical matters or career decisions, share something cool you've found, flood us with Burp Suite feature requests, or simply say hi, this is your chance! We're also giving three presentations at DEF CON so if you'd like to treat this as an extended Q&A for those, that's cool too. Please note this session may be chaotic.","updated_timestamp":{"seconds":1721437797,"nanoseconds":0},"speakers":[{"content_ids":[54444,55173],"conference_id":133,"event_ids":[55561,54817],"name":"James \"albinowax\" Kettle","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"PortSwigger","title":"Director of Research"}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@albinowax@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@albinowax"},{"description":"","title":"Twitter (@albinowax)","sort_order":0,"url":"https://twitter.com/albinowax"},{"description":"","title":"Website","sort_order":0,"url":"https://jameskettle.com/"}],"media":[],"id":54156,"title":"Director of Research at PortSwigger"},{"content_ids":[54519,55173],"conference_id":133,"event_ids":[55561,54892],"name":"Gareth Heyes","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"PortSwigger","title":"Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@garethheyes)","sort_order":0,"url":"https://twitter.com/garethheyes"},{"description":"","title":"garethheyes.co.uk/","sort_order":0,"url":"https://garethheyes.co.uk/"}],"media":[],"id":54158,"title":"Researcher at PortSwigger"},{"content_ids":[54481,55173],"conference_id":133,"event_ids":[55561,54854],"name":"Martin Doyhenard","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Portswigger","title":"Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@tincho_508)","sort_order":0,"url":"https://twitter.com/tincho_508"}],"media":[],"id":54190,"title":"Security Researcher at Portswigger"}],"begin_tsz":"2024-08-11T00:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T01:09:57Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#meet-the-portswigger-research-team"}],"end":"2024-08-11T01:00:00.000-0000","id":55561,"tag_ids":[46374,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723336200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54190},{"tag_id":46167,"sort_order":4,"person_id":54156},{"tag_id":46167,"sort_order":6,"person_id":54158}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-11T00:30:00.000-0000","updated":"2024-07-20T01:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"I recently googled the meaning of “encryption” and found this definition on Wikipedia: “In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext.” Um…no, encoding produces code, enciphering produces ciphertext, encryption is more than just encoding, and so on. Given the jumbling together of historically very unique and significant terminology I set out to find the actual, historical definitions and try to find a way to teach and/or demonstrate the differences in the foundational forms of cryptography. But I quickly noticed that some of this terminology is so often mis-applied in our digital age that I wondered if maybe there has been an evolution of the meanings of these terms? I might not like it, but I’m open to that possibility. This very quickly led me to the conclusion that my research on this topic would make for an interesting talk and so here we are. I want to share the classical, historical forms of cryptography, discuss the etymology of the terminology, look at how the words apply today – and help the audience decide if the actual meanings even matter (or it’s just me). One important consideration is the tradeoff between keeping the data secret (security) and protecting the identity of individuals associated with the data (privacy). I hope you’ll join me in this journey to victory (or defeat) in the ongoing battle of preserving the classic goals and objectives of data security.\n\n\n","media":[],"title":"GUR RIBYHGVBA BS PELCGBTENCUL","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"I recently googled the meaning of “encryption” and found this definition on Wikipedia: “In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext.” Um…no, encoding produces code, enciphering produces ciphertext, encryption is more than just encoding, and so on. Given the jumbling together of historically very unique and significant terminology I set out to find the actual, historical definitions and try to find a way to teach and/or demonstrate the differences in the foundational forms of cryptography. But I quickly noticed that some of this terminology is so often mis-applied in our digital age that I wondered if maybe there has been an evolution of the meanings of these terms? I might not like it, but I’m open to that possibility. This very quickly led me to the conclusion that my research on this topic would make for an interesting talk and so here we are. I want to share the classical, historical forms of cryptography, discuss the etymology of the terminology, look at how the words apply today – and help the audience decide if the actual meanings even matter (or it’s just me). One important consideration is the tradeoff between keeping the data secret (security) and protecting the identity of individuals associated with the data (privacy). I hope you’ll join me in this journey to victory (or defeat) in the ongoing battle of preserving the classic goals and objectives of data security.","updated_timestamp":{"seconds":1720331871,"nanoseconds":0},"speakers":[{"content_ids":[54639],"conference_id":133,"event_ids":[55013],"name":"Jeff Man","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54247}],"begin_tsz":"2024-08-11T00:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:51Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55013,"tag_ids":[46377,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723336200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54247}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-11T00:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"From protecting Aircraft Software Parts to authenticating aircraft to ground networks, aircraft use PKI in their day-to-day operations. In this talk we will cover the typical use cases, technologies, and regulations in play and touch upon the emerging threat of the Post-Quantum world and what it could mean for the protection of embedded software we find on aircraft.\n\n\n","media":[],"title":"A dive into world of Aircraft PKI","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"From protecting Aircraft Software Parts to authenticating aircraft to ground networks, aircraft use PKI in their day-to-day operations. In this talk we will cover the typical use cases, technologies, and regulations in play and touch upon the emerging threat of the Post-Quantum world and what it could mean for the protection of embedded software we find on aircraft.","updated_timestamp":{"seconds":1720331871,"nanoseconds":0},"speakers":[{"content_ids":[54637],"conference_id":133,"event_ids":[55011],"name":"Matt Gaffney","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"United Airlines","title":"Principal Engineer, Aircraft Cyber Operations"}],"links":[],"pronouns":null,"media":[],"id":54292,"title":"Principal Engineer, Aircraft Cyber Operations at United Airlines"}],"begin_tsz":"2024-08-11T00:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:51Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55011,"tag_ids":[46366,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723336200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54292}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-11T00:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"For years, eFuse-based memories were used to store sensitive information such as encryption keys, passwords, and other potentially confidential pieces of information. This practice was encouraged by several vendors who leverage such memory types for protecting the debugging interfaces using a password or for official way to store encryption keys for external flash memories.\r\n\r\nHowever, with the advances in technology and threat actors’ creativity, eFuse-based memories may take a hard hit on their confidentiality assurance as their physical properties could allow for a relatively easy extraction of the stored information. \r\n\r\nIn this talk we will walk you through the journey of revealing one such data storage from decapsulating the chip itself, delayering it using common household items all the way to using advanced tools such as Scanning Electron Microscope (SEM) to read value of an encryption key and thus break the confidentiality of the encrypted flash memory.\r\n\r\n1. \"Solving Chip Security's Weakest Link.\" Design & Reuse, April 1, 2023, [link](https://www.design-reuse.com/articles/51232/solving-chip-security-s-weakest-link.html)\r\n2. Laurie, Adam. \"Fun with Masked ROMs - Atmel MARC4.\" Adams Blog, rfidiot.org, 1 Jan. 2013, [link](http://adamsblog.rfidiot.org/2013/01/fun-with-masked-roms.html)\r\n3. Hoover, William. \"Looking Inside a 1970s PROM Chip That Could Change Computing.\" RightO, 19 July 2019, [link](http://www.righto.com/2019/07/looking-inside-1970s-prom-chip-that.html)\r\n4. Chen, Nick. \"The Benefits of Antifuse OTP.\" Semiconductor Engineering, 19 Dec. 2016, [link](https://semiengineering.com/the-benefits-of-antifuse-otp/)\r\n\n\n\n","media":[],"title":"Nano-Enigma: Uncovering the Secrets Within eFuse Memories","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T01:15:00Z","end_timestamp":{"seconds":1723338900,"nanoseconds":0},"android_description":"For years, eFuse-based memories were used to store sensitive information such as encryption keys, passwords, and other potentially confidential pieces of information. This practice was encouraged by several vendors who leverage such memory types for protecting the debugging interfaces using a password or for official way to store encryption keys for external flash memories.\r\n\r\nHowever, with the advances in technology and threat actors’ creativity, eFuse-based memories may take a hard hit on their confidentiality assurance as their physical properties could allow for a relatively easy extraction of the stored information. \r\n\r\nIn this talk we will walk you through the journey of revealing one such data storage from decapsulating the chip itself, delayering it using common household items all the way to using advanced tools such as Scanning Electron Microscope (SEM) to read value of an encryption key and thus break the confidentiality of the encrypted flash memory.\r\n\r\n1. \"Solving Chip Security's Weakest Link.\" Design & Reuse, April 1, 2023, [link](https://www.design-reuse.com/articles/51232/solving-chip-security-s-weakest-link.html)\r\n2. Laurie, Adam. \"Fun with Masked ROMs - Atmel MARC4.\" Adams Blog, rfidiot.org, 1 Jan. 2013, [link](http://adamsblog.rfidiot.org/2013/01/fun-with-masked-roms.html)\r\n3. Hoover, William. \"Looking Inside a 1970s PROM Chip That Could Change Computing.\" RightO, 19 July 2019, [link](http://www.righto.com/2019/07/looking-inside-1970s-prom-chip-that.html)\r\n4. Chen, Nick. \"The Benefits of Antifuse OTP.\" Semiconductor Engineering, 19 Dec. 2016, [link](https://semiengineering.com/the-benefits-of-antifuse-otp/)","updated_timestamp":{"seconds":1720463423,"nanoseconds":0},"speakers":[{"content_ids":[54516],"conference_id":133,"event_ids":[54889],"name":"Martin Petran","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Accenture","title":"Embedded Systems Security Engineer"}],"links":[],"pronouns":null,"media":[],"id":54061,"title":"Embedded Systems Security Engineer at Accenture"},{"content_ids":[54516],"conference_id":133,"event_ids":[54889],"name":"Hayyan Ali","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Accenture","title":"Security Delivery Senior Analyst"}],"links":[],"pronouns":null,"media":[],"id":54086,"title":"Security Delivery Senior Analyst at Accenture"},{"content_ids":[54516],"conference_id":133,"event_ids":[54889],"name":"Michal Grygarek","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Accenture","title":"Security Architect"}],"pronouns":"he/him","links":[{"description":"","title":"ok2haz.ok2kld.cz/","sort_order":0,"url":"https://ok2haz.ok2kld.cz/"}],"media":[],"id":54174,"title":"Security Architect at Accenture"}],"begin_tsz":"2024-08-11T00:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:30:23Z","links":[],"end":"2024-08-11T01:15:00.000-0000","id":54889,"tag_ids":[46166,46169,46419,46881],"village_id":null,"begin_timestamp":{"seconds":1723336200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":54174},{"tag_id":46167,"sort_order":4,"person_id":54061},{"tag_id":46167,"sort_order":6,"person_id":54086}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-11T00:30:00.000-0000","updated":"2024-07-08T18:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Upon its discovery, CVE-2024-2961, a very old buffer overflow in the glibc, seemed like a terrible bug. Within the prism of the PHP engine, however, the vulnerability shone, and provided both a new remote code execution vector and a few 0-days.\n\nThis talk will first walk you through the discovery of the bug and its limitations, before describing the conception of remote binary PHP exploits using this bug, and through them offer unique insight in the internal of the engine of the web language, and the difficulties one faces when exploiting it.\n\nAfter this, it will reveal the impact on PHP's ecosystem, from well-known functions to unsuspected sinks, by showcasing the vulnerability on several popular libraries and applications.\n\n\n\n","media":[],"title":"Iconv, set the charset to RCE: exploiting the glibc to hack the PHP engine","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T01:15:00Z","end_timestamp":{"seconds":1723338900,"nanoseconds":0},"android_description":"Upon its discovery, CVE-2024-2961, a very old buffer overflow in the glibc, seemed like a terrible bug. Within the prism of the PHP engine, however, the vulnerability shone, and provided both a new remote code execution vector and a few 0-days.\n\nThis talk will first walk you through the discovery of the bug and its limitations, before describing the conception of remote binary PHP exploits using this bug, and through them offer unique insight in the internal of the engine of the web language, and the difficulties one faces when exploiting it.\n\nAfter this, it will reveal the impact on PHP's ecosystem, from well-known functions to unsuspected sinks, by showcasing the vulnerability on several popular libraries and applications.","updated_timestamp":{"seconds":1720307460,"nanoseconds":0},"speakers":[{"content_ids":[54515],"conference_id":133,"event_ids":[54888],"name":"Charles \"cfreal\" Fol","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"LEXFO / AMBIONICS","title":"Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Technical Blog","sort_order":0,"url":"https://www.ambionics.io/blog/"},{"description":"","title":"Twitter (@cfreal_)","sort_order":0,"url":"https://twitter.com/cfreal_"}],"media":[],"id":54204,"title":"Security Researcher at LEXFO / AMBIONICS"}],"begin_tsz":"2024-08-11T00:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-06T23:11:00Z","links":[],"end":"2024-08-11T01:15:00.000-0000","id":54888,"tag_ids":[46166,46169,46419,46437,46880],"village_id":null,"begin_timestamp":{"seconds":1723336200,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54204}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-11T00:30:00.000-0000","updated":"2024-07-06T23:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Bug bounty is an intricate game between the bug hunter, the clients, and the intermediary. \r\n\r\nLike any game, it can be hacked. Like some games, it can be unfair. \r\n\r\nJoin Jason as he walks you through the darker secrets of bug bounty , tips and tricks to address them, and in some cases, commiserate that there are just bad realities to the game. \r\n\r\nJason will address the problems hardly talked about in the system, from a hacker, program owner, and platform runner. \n\n\n","media":[],"title":"The Dark Side of Bug Bounty","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:50:00Z","end_timestamp":{"seconds":1723337400,"nanoseconds":0},"android_description":"Bug bounty is an intricate game between the bug hunter, the clients, and the intermediary. \r\n\r\nLike any game, it can be hacked. Like some games, it can be unfair. \r\n\r\nJoin Jason as he walks you through the darker secrets of bug bounty , tips and tricks to address them, and in some cases, commiserate that there are just bad realities to the game. \r\n\r\nJason will address the problems hardly talked about in the system, from a hacker, program owner, and platform runner.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55717,55180],"conference_id":133,"event_ids":[55568,56223],"name":"Jason Haddix","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Arcanum Security","title":""}],"pronouns":null,"links":[{"description":"","title":"Twitter (@jhaddx)","sort_order":0,"url":"https://twitter.com/jhaddx"}],"media":[],"id":54822,"title":"Arcanum Security"}],"begin_tsz":"2024-08-11T00:20:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-11T00:50:00.000-0000","id":56223,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723335600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54822}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-11T00:20:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to be anonymous? Learn about protecting your personal information","media":[],"title":"It's CPV, why would we share that with you?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:35:00Z","end_timestamp":{"seconds":1723336500,"nanoseconds":0},"android_description":"Want to be anonymous? Learn about protecting your personal information","updated_timestamp":{"seconds":1723334380,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T00:15:00Z","timeband_id":1148,"updated_tsz":"2024-08-10T23:59:40Z","links":[],"end":"2024-08-11T00:35:00.000-0000","id":56880,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723335300,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-11T00:15:00.000-0000","updated":"2024-08-10T23:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There are few opportunities to learn how code can be transformed into a visualization project. Tune in as Mark Griffin from UnDaunted shares about how his team took the competitor submissions and translated them into the AIxCC competition experience at DEF CON.\n\n\n","media":[],"title":"Visualizing AIxCC: Bringing Your Code to Life","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"There are few opportunities to learn how code can be transformed into a visualization project. Tune in as Mark Griffin from UnDaunted shares about how his team took the competitor submissions and translated them into the AIxCC competition experience at DEF CON.","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[56140],"conference_id":133,"event_ids":[56783],"name":"Mark Griffin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Undaunted","title":""}],"links":[],"pronouns":null,"media":[],"id":56527,"title":"Undaunted"}],"begin_tsz":"2024-08-11T00:15:00Z","timeband_id":1148,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56783,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723335300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56527}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-11T00:15:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Bloch Party & More Debates","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T00:15:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56443,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723335300,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-11T00:15:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Digital forensics and incident responders, as well as other essential emergency workers, often face high stress levels and risk burnout due to their demanding roles. This talk is for professionals, spouses, managers and corporations and will cover the following topics: \r\n\r\nSelf-Care, Hacking Health, maintaining Work-Life Balance, building a Support network, developing Mindfulness and Relaxation Techniques, using technology to Manage Workload, working with management to Create a Positive Work Environment.\r\n\r\nHaving built and lead successful DFIR practices that dealt with some of Canada’s largest data breaches. I wish to impart what I have learnt over the years so others may protect and nurture their most sacred resource, people.\n\n\n","media":[],"title":"Front line first aid: Triaging your DFIR emergency responders","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:50:00Z","end_timestamp":{"seconds":1723337400,"nanoseconds":0},"android_description":"Digital forensics and incident responders, as well as other essential emergency workers, often face high stress levels and risk burnout due to their demanding roles. This talk is for professionals, spouses, managers and corporations and will cover the following topics: \r\n\r\nSelf-Care, Hacking Health, maintaining Work-Life Balance, building a Support network, developing Mindfulness and Relaxation Techniques, using technology to Manage Workload, working with management to Create a Positive Work Environment.\r\n\r\nHaving built and lead successful DFIR practices that dealt with some of Canada’s largest data breaches. I wish to impart what I have learnt over the years so others may protect and nurture their most sacred resource, people.","updated_timestamp":{"seconds":1722445911,"nanoseconds":0},"speakers":[{"content_ids":[55693],"conference_id":133,"event_ids":[56216],"name":"Neumann \"scsideath\" Lim","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Odlum Brown","title":"Manager"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@cybersyrupblog)","sort_order":0,"url":"https://twitter.com/cybersyrupblog"}],"media":[],"id":56064,"title":"Manager at Odlum Brown"}],"begin_tsz":"2024-08-11T00:05:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:11:51Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-11T00:50:00.000-0000","id":56216,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723334700,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56064}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-11T00:05:00.000-0000","updated":"2024-07-31T17:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This panel will cover the misinformation, disinformation, and malinformation that we are seeing across different mediums prior to the upcoming presidential election. Join us for an all star panel of misinformation, disinformation, and malformation experts discuss the threats they are currently observing and what their biggest concerns are for the upcoming election. Audiences will also learn what kind of precautions are being taken and what individuals can do to prepare themselves and increase their media literacy and ability to identify information that actually has information integrity.\n\n\n","media":[],"title":"Misinformation, Disinformation, and Malformation in 2024","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:45:00Z","end_timestamp":{"seconds":1723337100,"nanoseconds":0},"android_description":"This panel will cover the misinformation, disinformation, and malinformation that we are seeing across different mediums prior to the upcoming presidential election. Join us for an all star panel of misinformation, disinformation, and malformation experts discuss the threats they are currently observing and what their biggest concerns are for the upcoming election. Audiences will also learn what kind of precautions are being taken and what individuals can do to prepare themselves and increase their media literacy and ability to identify information that actually has information integrity.","updated_timestamp":{"seconds":1723183539,"nanoseconds":0},"speakers":[{"content_ids":[56202],"conference_id":133,"event_ids":[56856],"name":"Derek DelGaudio","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56565},{"content_ids":[56201,56202],"conference_id":133,"event_ids":[56855,56856],"name":"Jake Braun","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/jake-braun-77372539"},{"description":"","title":"Twitter (@jakehbraun)","sort_order":0,"url":"https://twitter.com/jakehbraun"},{"description":"","title":"Website","sort_order":0,"url":"https://harris.uchicago.edu/directory/jake-braun"}],"media":[],"id":56572},{"content_ids":[56195,56202],"conference_id":133,"event_ids":[56849,56856],"name":"Kendall Spencer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/spenceresq"},{"description":"","title":"Twitter (@kendallspencer)","sort_order":0,"url":"https://twitter.com/kendallspencer"},{"description":"","title":"Website","sort_order":0,"url":"https://nightcommission.org"}],"media":[],"id":56574},{"content_ids":[56196,56202],"conference_id":133,"event_ids":[56850,56856],"name":"Michael Moore","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Website","sort_order":0,"url":"https://azdirect.az.gov/secretary-state"}],"media":[],"id":56578},{"content_ids":[56190,56202],"conference_id":133,"event_ids":[56844,56856],"name":"Nate Young","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/company/maricopa-county/"},{"description":"","title":"Twitter (@recordersoffice)","sort_order":0,"url":"https://twitter.com/recordersoffice"},{"description":"","title":"Website","sort_order":0,"url":"https://recorder.maricopa.gov/"}],"media":[],"id":56579},{"content_ids":[56202],"conference_id":133,"event_ids":[56856],"name":"Nicole Tisdale","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/nicoletisdale"},{"description":"","title":"Twitter (@hinicoletisdale)","sort_order":0,"url":"https://twitter.com/hinicoletisdale"},{"description":"","title":"Website","sort_order":0,"url":"https://nicoletisdale.com"}],"media":[],"id":56580}],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T06:05:39Z","links":[],"end":"2024-08-11T00:45:00.000-0000","id":56856,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":56580},{"tag_id":46487,"sort_order":4,"person_id":56578},{"tag_id":46487,"sort_order":6,"person_id":56579},{"tag_id":46487,"sort_order":8,"person_id":56572},{"tag_id":46488,"sort_order":10,"person_id":56565},{"tag_id":46487,"sort_order":12,"person_id":56574}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"\n\n\n","media":[],"title":"Challenges and Reactions: Cybersecurity and Communications Resilience in Taiwan","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:45:00Z","end_timestamp":{"seconds":1723337100,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722642980,"nanoseconds":0},"speakers":[{"content_ids":[55918],"conference_id":133,"event_ids":[56509],"name":"Herming Chiueh","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Ministry of Digital Affairs, Taiwan","title":"Deputy Minister"}],"links":[],"pronouns":null,"media":[],"id":56286,"title":"Deputy Minister at Ministry of Digital Affairs, Taiwan"}],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T23:56:20Z","links":[],"end":"2024-08-11T00:45:00.000-0000","id":56509,"tag_ids":[46388,46419,46511],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56286}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-08-02T23:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Traditional RFID badge cloning methods require you to be within 3 feet of your target. So how can you conduct a physical penetration test and clone a badge without interacting with a person? Companies have increasingly adopted a hybrid work environment, allowing employees to work remotely, which has decreased the amount of foot traffic in and out of a building at any given time. This session discusses two accessible, entry-level hardware designs you can build in a day and deploy in the field, along with the tried-and-true social engineering techniques that can increase your chances of remotely cloning an RFID badge.\r\n \r\nLangston and Dan discuss their Red Team adventures using implant devices, a Flipper Zero and an iCopy-X. As a bonus the two will explain how to perform a stealthy HID iClass SE/SEOS downgrade and legacy attack! This presentation is supplemented with files and instructions that are available for download in order to build your own standalone gooseneck reader, wall implant and clipboard cloning devices! This is. The Remix.\n\n\n","media":[],"title":"Flipping Locks (The Remix) - Remote Badge Cloning with the Flipper Zero and More","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Traditional RFID badge cloning methods require you to be within 3 feet of your target. So how can you conduct a physical penetration test and clone a badge without interacting with a person? Companies have increasingly adopted a hybrid work environment, allowing employees to work remotely, which has decreased the amount of foot traffic in and out of a building at any given time. This session discusses two accessible, entry-level hardware designs you can build in a day and deploy in the field, along with the tried-and-true social engineering techniques that can increase your chances of remotely cloning an RFID badge.\r\n \r\nLangston and Dan discuss their Red Team adventures using implant devices, a Flipper Zero and an iCopy-X. As a bonus the two will explain how to perform a stealthy HID iClass SE/SEOS downgrade and legacy attack! This presentation is supplemented with files and instructions that are available for download in order to build your own standalone gooseneck reader, wall implant and clipboard cloning devices! This is. The Remix.","updated_timestamp":{"seconds":1722564669,"nanoseconds":0},"speakers":[{"content_ids":[55794,55802],"conference_id":133,"event_ids":[56343,56351],"name":"Dan Goga","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56181},{"content_ids":[55794,55802],"conference_id":133,"event_ids":[56343,56351],"name":"Langston Clement","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56183}],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T02:11:09Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56351,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56183},{"tag_id":46167,"sort_order":4,"person_id":56181}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-08-02T02:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk with dive into:\r\n•\tThe speed of threats coming at us today, and how teams manage burnout and back to back calls.\r\n•\tHow the incident response landscape is changing.\r\n•\tDo AI and ML change incident response?\r\n•\tHow do the recent takedowns performed by LEs affect IR?\n\n\nIn an era where cyber threats evolve at breakneck speed, the ability to respond swiftly and effectively has never been more critical. Join us for \"Under the Hood: Incident Response at High Speed,\" where we'll delve into the high-stakes world of incident response and explore how teams are adapting to the relentless pace of modern threats. Discover the innovative ways AI and machine learning are transforming our defensive strategies and hear expert insights on the shifting landscape of incident management. We'll also examine the recent high-profile takedowns of droppers, C2s, and ransomware leak sites to determine whether these efforts are truly mitigating long-term risks or if we need a new approach to stay ahead. Your pit crew panel consists of leaders and practitioners from across industries and the globe discussing the latest and greatest in the world of Incident Response. Don't miss this opportunity to gain cutting-edge knowledge and strategies for navigating the evolving cyber threat landscape.","media":[],"title":"Under the Hood: Incident Response at High Speed (A BTV Panel)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"This talk with dive into:\r\n•\tThe speed of threats coming at us today, and how teams manage burnout and back to back calls.\r\n•\tHow the incident response landscape is changing.\r\n•\tDo AI and ML change incident response?\r\n•\tHow do the recent takedowns performed by LEs affect IR?\n\n\nIn an era where cyber threats evolve at breakneck speed, the ability to respond swiftly and effectively has never been more critical. Join us for \"Under the Hood: Incident Response at High Speed,\" where we'll delve into the high-stakes world of incident response and explore how teams are adapting to the relentless pace of modern threats. Discover the innovative ways AI and machine learning are transforming our defensive strategies and hear expert insights on the shifting landscape of incident management. We'll also examine the recent high-profile takedowns of droppers, C2s, and ransomware leak sites to determine whether these efforts are truly mitigating long-term risks or if we need a new approach to stay ahead. Your pit crew panel consists of leaders and practitioners from across industries and the globe discussing the latest and greatest in the world of Incident Response. Don't miss this opportunity to gain cutting-edge knowledge and strategies for navigating the evolving cyber threat landscape.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55754],"conference_id":133,"event_ids":[56279],"name":"Nicole Beckwith","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56147},{"content_ids":[55754],"conference_id":133,"event_ids":[56279],"name":"Shelly Giesbrecht","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56159},{"content_ids":[55754],"conference_id":133,"event_ids":[56279],"name":"Angelo Violetti","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SEC Consult","title":"Incident Response and Digital Forensics consultant"}],"links":[],"pronouns":null,"media":[],"id":56163,"title":"Incident Response and Digital Forensics consultant at SEC Consult"},{"content_ids":[55754],"conference_id":133,"event_ids":[56279],"name":"David Zito","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"VF Corp","title":""}],"links":[],"pronouns":null,"media":[],"id":56164,"title":"VF Corp"}],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56279,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56163},{"tag_id":46167,"sort_order":1,"person_id":56164},{"tag_id":46167,"sort_order":1,"person_id":56147},{"tag_id":46167,"sort_order":1,"person_id":56159}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for a journey into the world of quantum computing, where quantum computers can solve problems in seconds that would take regular computers years to solve. We'll explore the principles of quantum mechanics that make this possible, and the implications for cybersecurity. But don't worry, we'll also cover what's being done to keep our online communications safe and how we can stay ahead of the game.\n\n\n","media":[],"title":"Quantum Leap: The future of Computing and the security of your online world","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Join us for a journey into the world of quantum computing, where quantum computers can solve problems in seconds that would take regular computers years to solve. We'll explore the principles of quantum mechanics that make this possible, and the implications for cybersecurity. But don't worry, we'll also cover what's being done to keep our online communications safe and how we can stay ahead of the game.","updated_timestamp":{"seconds":1722361842,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T17:50:42Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56096,"tag_ids":[46398,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-07-30T17:50:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ask any top bug bounty hunter: the best part of a live hacking event is the Show & Tell; the time when the veil is lifted and we collectively revel in the ingenuity of the best finds from the competition. The goal of this talk is to give you that same experience. I will speak to you as the competent hackers that you are, not withholding the nitty-gritty technical details and the Ls along the way. Together, we’ll journey through the highs and the lows of my hunts, both solo and in a Live Hacking Event context. You’ll see everything from RCE to SQL injection, mass PII leakage to spying on people’s homes and workplaces. You’ll find some bugs mind-numbingly simple, and some bugs mind-bogglingly complex. Each bug in this talk was assigned the highest severity possible, and awarded somewhere between $10k-$60k in bounties.\n\n\n","media":[],"title":"Top War Stories from a TryHard Bug Bounty Hunter","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Ask any top bug bounty hunter: the best part of a live hacking event is the Show & Tell; the time when the veil is lifted and we collectively revel in the ingenuity of the best finds from the competition. The goal of this talk is to give you that same experience. I will speak to you as the competent hackers that you are, not withholding the nitty-gritty technical details and the Ls along the way. Together, we’ll journey through the highs and the lows of my hunts, both solo and in a Live Hacking Event context. You’ll see everything from RCE to SQL injection, mass PII leakage to spying on people’s homes and workplaces. You’ll find some bugs mind-numbingly simple, and some bugs mind-bogglingly complex. Each bug in this talk was assigned the highest severity possible, and awarded somewhere between $10k-$60k in bounties.","updated_timestamp":{"seconds":1720332332,"nanoseconds":0},"speakers":[{"content_ids":[54657,55182],"conference_id":133,"event_ids":[55570,55029],"name":"Justin \"Rhynorater\" Gardner","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Bug Bounty Hunter"},{"organization":"Critical Thinking - Bug Bounty Podcast","title":"Host"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@Rhynorater)","sort_order":0,"url":"https://twitter.com/Rhynorater"}],"media":[],"id":54326,"title":"Host at Critical Thinking - Bug Bounty Podcast"}],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T06:05:32Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#top-war-stories-from-a-tryhard-bug-bounty-hunter"}],"end":"2024-08-11T01:00:00.000-0000","id":55029,"tag_ids":[46374,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54326}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-07-07T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Demonstrating the transition from theorized space cyber attacks to practical proof of concepts. The presentation will utilize a simple yet effective attack, a man-in-the-middle attack, on the ground infrastructure to demonstrate how many SPARTA techniques and sub-techniques can be performed against a spacecraft from the ground infrastructure. By illustrating the significant impact of this simplified concept, we aim to emphasize the urgent need for enhanced cybersecurity measures throughout the entire lifecycle of space missions and break the inherit trust between the ground and spacecraft.\n\n\n","media":[],"title":"From Theory to Reality: Demonstrating the Simplicity of SPARTA Techniques","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:30:00Z","end_timestamp":{"seconds":1723336200,"nanoseconds":0},"android_description":"Demonstrating the transition from theorized space cyber attacks to practical proof of concepts. The presentation will utilize a simple yet effective attack, a man-in-the-middle attack, on the ground infrastructure to demonstrate how many SPARTA techniques and sub-techniques can be performed against a spacecraft from the ground infrastructure. By illustrating the significant impact of this simplified concept, we aim to emphasize the urgent need for enhanced cybersecurity measures throughout the entire lifecycle of space missions and break the inherit trust between the ground and spacecraft.","updated_timestamp":{"seconds":1720331871,"nanoseconds":0},"speakers":[{"content_ids":[54635],"conference_id":133,"event_ids":[55009],"name":"Randi Tinney","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"The Aerospace Corporation","title":"Engineering Specialist for the Cyber Assessments and Research Department, Cybersecurity and Advanced Platforms Subdivision (CAPS)"}],"links":[],"pronouns":null,"media":[],"id":54265,"title":"Engineering Specialist for the Cyber Assessments and Research Department, Cybersecurity and Advanced Platforms Subdivision (CAPS) at The Aerospace Corporation"}],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:51Z","links":[],"end":"2024-08-11T00:30:00.000-0000","id":55009,"tag_ids":[46169,46366,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54265}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the complex landscape of modern cybersecurity, identifying coordinated attacks within massive volumes of security data is a formidable challenge. Security professionals often grapple with distinguishing these attacks from numerous false positives and isolated incidents. This talk will illuminate how data science can be harnessed to transform tons of heterogeneous events, logs, and alerts into a bunch of clusters, a few kill chains, and fewer actionable insights, with open-source models, and security knowledge encoding. Join us on a journey to enhance security operations efficacy and efficiency! No data science expertise is required!\n\n\n","media":[],"title":"Exposing Coordinated Attacks Hiding in the Sheer Noise of False Positives and Lone Incidents: A Data Science Correlation and Contextualization Journey of Logs, Events, and Alerts","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"In the complex landscape of modern cybersecurity, identifying coordinated attacks within massive volumes of security data is a formidable challenge. Security professionals often grapple with distinguishing these attacks from numerous false positives and isolated incidents. This talk will illuminate how data science can be harnessed to transform tons of heterogeneous events, logs, and alerts into a bunch of clusters, a few kill chains, and fewer actionable insights, with open-source models, and security knowledge encoding. Join us on a journey to enhance security operations efficacy and efficiency! No data science expertise is required!","updated_timestamp":{"seconds":1720331871,"nanoseconds":0},"speakers":[{"content_ids":[54634,55759,55495,55348,56206,55557],"conference_id":133,"event_ids":[55740,56072,55924,56284,56860,55008],"name":"Ezz Tahoun","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ezzeldinadel/"}],"media":[],"id":54240},{"content_ids":[54634],"conference_id":133,"event_ids":[55008],"name":"Lynn Hamida","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54241}],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:51Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55008,"tag_ids":[46169,46385,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54240},{"tag_id":46167,"sort_order":1,"person_id":54241}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As the adoption of GenAI tools has soared, security has done little to keep up. New classes of data, and especially vector data, is flooding into new and untested data stores. Vector databases are getting copies of health data, financial data, HR data, emails, and everything else, but they have no intrinsic security. What's worse, the vectors themselves can be reversed in embedding inversion attacks that turn those vectors back into faces, sentences, and even pictures. We discuss these new attacks and a new branch of cryptography, vector encryption, which allows for privacy preserving searches to happen over the encrypted vectors. We'll discuss the benefits, trade-offs, and current state of the field and the open source software we've built to meet the new need.\n\n\n","media":[],"title":"Attacks on GenAI data and using vector encryption to stop them","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:30:00Z","end_timestamp":{"seconds":1723336200,"nanoseconds":0},"android_description":"As the adoption of GenAI tools has soared, security has done little to keep up. New classes of data, and especially vector data, is flooding into new and untested data stores. Vector databases are getting copies of health data, financial data, HR data, emails, and everything else, but they have no intrinsic security. What's worse, the vectors themselves can be reversed in embedding inversion attacks that turn those vectors back into faces, sentences, and even pictures. We discuss these new attacks and a new branch of cryptography, vector encryption, which allows for privacy preserving searches to happen over the encrypted vectors. We'll discuss the benefits, trade-offs, and current state of the field and the open source software we've built to meet the new need.","updated_timestamp":{"seconds":1720331871,"nanoseconds":0},"speakers":[{"content_ids":[54633],"conference_id":133,"event_ids":[55007],"name":"Patrick Walsh","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"IronCore Labs","title":""}],"links":[],"pronouns":null,"media":[],"id":54314,"title":"IronCore Labs"},{"content_ids":[54633],"conference_id":133,"event_ids":[55007],"name":"Bob Wall","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54363}],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:51Z","links":[],"end":"2024-08-11T00:30:00.000-0000","id":55007,"tag_ids":[46377,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54363},{"tag_id":46167,"sort_order":1,"person_id":54314}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk showcases techniques for process injection using advanced return-oriented programming (ROP). Process injection via ROP introduces significant hurdles, requiring many WinAPIs to be chained together, each with complex parameters and return values. We give practical details on how to best manage this. One seemingly insurmountable challenge is in identifying the target binary, as string comparison can be extremely difficult in ROP, as needed ROP gadgets may be lacking. We unveil a unique, universal solution, giving a reliable means of string comparison via ROP, which works all the time, allowing a specific process to be pinpointed and injected into via ROP.\r\n\r\nWe created numerous patterns for different WinAPIs, allowing for as many as a dozen ways of preparing a specific WinAPI via ROP, if using an approach centered around the PUSHAD instruction. With some WinAPIs, there are zero patterns for PUSHAD, forcing us to rely upon the much lauded “sniper” approach. We document all such variations of patterns for the WinAPIs in our demonstrated process injection. This research is not intended to demo a one-off example of process injection via ROP, but to provide a methodology that can be used time and time again, providing unique templates for others to use the same WinAPIs when attempting process injection via ROP.\r\n\r\n1. Anonymous.(2019.) Cobalt Strike’s Process Injection: The Details. [link](https://www.cobaltstrike.com/blog/cobalt-strikes-process-injection-the-details-cobalt-strike)\r\n2. Hosseini, Ashkan. (2017). Ten Process Injection Techniques: A Technical Survey of Common and Trending Process Injection Techniques. [link](https://www.elastic.co/blog/ten-process-injection-techniques-technical-survey-common-and-trending-process)\r\n3. Klein, A., & Kotler, I. (2019). Windows process injection in 2019. Black Hat USA, 2019.\r\n4. Landau, Gabriel. (2021). What you need to know about Process Ghosting, a new executable image tampering attack. [link](https://www.elastic.co/blog/process-ghosting-a-new-executable-image-tampering-attack)\r\n5. Mundbrod, N., Grambow, G., Kolb, J., & Reichert, M. (2015). Context-aware process injection: enhancing process flexibility by late extension of process instances. In On the Move to Meaningful Internet Systems: OTM 2015 Conferences: Confederated International Conferences: CoopIS, ODBASE, and C&TC 2015, Rhodes, Greece, October 26-30, 2015. Proceedings (pp. 127-145). Springer International Publishing.\r\n6. Process Injection. MITRE ATT&CK. [link](https://attack.mitre.org/techniques/T1055/)\r\n7. Process Injection. [link](https://redcanary.com/threat-detection-report/techniques/process-injection/)\r\n8. Unal, Ozan. (2020). Process Injection Techniques. [link](https://medium.com/@ozan.unal/process-injection-techniques-bc6396929740)\r\n\n\n\n","media":[],"title":"Techniques for Creating Process Injection Attacks with Advanced Return-Oriented Programming","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T00:20:00Z","end_timestamp":{"seconds":1723335600,"nanoseconds":0},"android_description":"This talk showcases techniques for process injection using advanced return-oriented programming (ROP). Process injection via ROP introduces significant hurdles, requiring many WinAPIs to be chained together, each with complex parameters and return values. We give practical details on how to best manage this. One seemingly insurmountable challenge is in identifying the target binary, as string comparison can be extremely difficult in ROP, as needed ROP gadgets may be lacking. We unveil a unique, universal solution, giving a reliable means of string comparison via ROP, which works all the time, allowing a specific process to be pinpointed and injected into via ROP.\r\n\r\nWe created numerous patterns for different WinAPIs, allowing for as many as a dozen ways of preparing a specific WinAPI via ROP, if using an approach centered around the PUSHAD instruction. With some WinAPIs, there are zero patterns for PUSHAD, forcing us to rely upon the much lauded “sniper” approach. We document all such variations of patterns for the WinAPIs in our demonstrated process injection. This research is not intended to demo a one-off example of process injection via ROP, but to provide a methodology that can be used time and time again, providing unique templates for others to use the same WinAPIs when attempting process injection via ROP.\r\n\r\n1. Anonymous.(2019.) Cobalt Strike’s Process Injection: The Details. [link](https://www.cobaltstrike.com/blog/cobalt-strikes-process-injection-the-details-cobalt-strike)\r\n2. Hosseini, Ashkan. (2017). Ten Process Injection Techniques: A Technical Survey of Common and Trending Process Injection Techniques. [link](https://www.elastic.co/blog/ten-process-injection-techniques-technical-survey-common-and-trending-process)\r\n3. Klein, A., & Kotler, I. (2019). Windows process injection in 2019. Black Hat USA, 2019.\r\n4. Landau, Gabriel. (2021). What you need to know about Process Ghosting, a new executable image tampering attack. [link](https://www.elastic.co/blog/process-ghosting-a-new-executable-image-tampering-attack)\r\n5. Mundbrod, N., Grambow, G., Kolb, J., & Reichert, M. (2015). Context-aware process injection: enhancing process flexibility by late extension of process instances. In On the Move to Meaningful Internet Systems: OTM 2015 Conferences: Confederated International Conferences: CoopIS, ODBASE, and C&TC 2015, Rhodes, Greece, October 26-30, 2015. Proceedings (pp. 127-145). Springer International Publishing.\r\n6. Process Injection. MITRE ATT&CK. [link](https://attack.mitre.org/techniques/T1055/)\r\n7. Process Injection. [link](https://redcanary.com/threat-detection-report/techniques/process-injection/)\r\n8. Unal, Ozan. (2020). Process Injection Techniques. [link](https://medium.com/@ozan.unal/process-injection-techniques-bc6396929740)","updated_timestamp":{"seconds":1720463450,"nanoseconds":0},"speakers":[{"content_ids":[54514],"conference_id":133,"event_ids":[54887],"name":"Bramwell Brizendine","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"University of Alabama in Huntsville","title":"Assistant Professor"}],"links":[],"pronouns":"he/him","media":[],"id":54080,"title":"Assistant Professor at University of Alabama in Huntsville"},{"content_ids":[54514],"conference_id":133,"event_ids":[54887],"name":"Shiva Shashank Kusuma","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"University of Alabama in Huntsville","title":"Computer Science Master's Student"}],"links":[],"pronouns":null,"media":[],"id":54152,"title":"Computer Science Master's Student at University of Alabama in Huntsville"}],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:30:50Z","links":[],"end":"2024-08-11T00:20:00.000-0000","id":54887,"tag_ids":[46166,46169,46419,46881],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54080},{"tag_id":46167,"sort_order":2,"person_id":54152}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-07-08T18:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"What’s the real life equivalent of hacking a Gibson? Probably stealing hundreds of millions of dollars in diamonds, gold, and cash from one of the world's most formidable vaults. In 2003, a team of thieves did just that. Armed with hairspray, double sided tape, and nerves of steel, these thieves defeated layer after layer of security to pull off the haul of a lifetime. \r\n\r\nHowever, as much as this is a story of skilled criminals, it is every bit as much a story of security failures and the parallels between protecting diamonds and data. In this presentation we’ll dive deep into what went right, what went wrong, and how to properly apply defense in depth to make your security program look like a hundred million bucks.\r\n\r\n1. Davis, J. (2009, March 12). The untold story of the World’s biggest Diamond Heist. Wired. [link](https://www.wired.com/2009/03/ff-diamonds-2/ )\r\n2. Selby, S. A., & Campbell, G. (2012). Flawless: Inside the largest diamond heist in history. Sterling. \r\n3. Stegemeyer, P. (2021). Heist: An inside look at the world’s 100 Greatest Heists, cons, and capers: From burglaries to bank jobs and everything in between. Whalen Book Works.\r\n\n\n\n","media":[],"title":"A Treasure Trove of Failures: What History’s Greatest Heist Can Teach Us About Defense In Depth","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T00:45:00Z","end_timestamp":{"seconds":1723337100,"nanoseconds":0},"android_description":"What’s the real life equivalent of hacking a Gibson? Probably stealing hundreds of millions of dollars in diamonds, gold, and cash from one of the world's most formidable vaults. In 2003, a team of thieves did just that. Armed with hairspray, double sided tape, and nerves of steel, these thieves defeated layer after layer of security to pull off the haul of a lifetime. \r\n\r\nHowever, as much as this is a story of skilled criminals, it is every bit as much a story of security failures and the parallels between protecting diamonds and data. In this presentation we’ll dive deep into what went right, what went wrong, and how to properly apply defense in depth to make your security program look like a hundred million bucks.\r\n\r\n1. Davis, J. (2009, March 12). The untold story of the World’s biggest Diamond Heist. Wired. [link](https://www.wired.com/2009/03/ff-diamonds-2/ )\r\n2. Selby, S. A., & Campbell, G. (2012). Flawless: Inside the largest diamond heist in history. Sterling. \r\n3. Stegemeyer, P. (2021). Heist: An inside look at the world’s 100 Greatest Heists, cons, and capers: From burglaries to bank jobs and everything in between. Whalen Book Works.","updated_timestamp":{"seconds":1720463462,"nanoseconds":0},"speakers":[{"content_ids":[54513],"conference_id":133,"event_ids":[54886],"name":"Pete Stegemeyer","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Senior Security Engineer"},{"organization":"“I Can Steal That!” Podcast","title":"Host"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@petestegemeyer)","sort_order":0,"url":"https://twitter.com/petestegemeyer"}],"media":[],"id":54095,"title":"Host at “I Can Steal That!” Podcast"}],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:31:02Z","links":[],"end":"2024-08-11T00:45:00.000-0000","id":54886,"tag_ids":[46166,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54095}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-07-08T18:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We've ran The UnOfficial DEF CON Sticker Swap for 5 years now. Maybe a few other things. This year will be the officially official DC Sticker Swap, come visit for sticker hacker culture and to swap a bit of history.\r\n\n\n\n","media":[{"hash_sha256":"efd01ae06831468241370d5aa762a5a8e7451f860411ed576860ba04ae097633","filetype":"image/png","hash_md5":"0039fea72713f08399ac47af024f5890","name":"pme_stickerswap.png","is_logo":"Y","hash_crc32c":"b988e3be","filesize":196074,"asset_id":685,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_stickerswap.png"}],"title":"Sticker Swap at DEF CON 32","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-11T02:00:00Z","end_timestamp":{"seconds":1723341600,"nanoseconds":0},"android_description":"We've ran The UnOfficial DEF CON Sticker Swap for 5 years now. Maybe a few other things. This year will be the officially official DC Sticker Swap, come visit for sticker hacker culture and to swap a bit of history.","updated_timestamp":{"seconds":1720285643,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-06T17:07:23Z","links":[],"end":"2024-08-11T02:00:00.000-0000","id":54529,"tag_ids":[46364],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"HallwayCon Lounge past W234","hotel":"","short_name":"HallwayCon Lounge past W234","id":46310},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-07-06T17:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00\n\n\n","media":[],"title":"Friends of Bill W","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00","updated_timestamp":{"seconds":1718771079,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-11T00:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T04:24:39Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249486"}],"end":"2024-08-11T01:00:00.000-0000","id":54489,"tag_ids":[46364,46401],"village_id":null,"begin_timestamp":{"seconds":1723334400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W301","hotel":"","short_name":"W301","id":46295},"spans_timebands":"N","begin":"2024-08-11T00:00:00.000-0000","updated":"2024-06-19T04:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Browser-based attacks are not new in the malicious landscape of attack patterns. Browsers remain a popular infiltration method for attackers. \r\n\r\nWhile seemingly local, services running on localhost are accessible to the browser using a flaw we found, exposing the ports on the localhost network interface, and leaving the floodgates ajar to remote network attacks.\r\n\r\nIn this live demo and attack simulation we’ll unveil a zero-day vulnerability (still under responsible disclosure) in Chrome and other browsers, and how we use the 0-day to attack developers behind firewalls. We will demonstrate remote code execution on a wildly popular open-source platform serving millions in the data engineering ecosystem, that seems to run on localhost. \r\n\r\nIn our talk, we will present novel attack techniques, targeting developers and employees within an organization, that are behind firewalls. This will be a first-ever deep dive into this newly discovered zero-day vulnerability.\r\n\n\n\n","media":[],"title":"0.0.0.0 Day: Exploiting Localhost APIs From The Browser","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:10:00Z","end_timestamp":{"seconds":1723335000,"nanoseconds":0},"android_description":"Browser-based attacks are not new in the malicious landscape of attack patterns. Browsers remain a popular infiltration method for attackers. \r\n\r\nWhile seemingly local, services running on localhost are accessible to the browser using a flaw we found, exposing the ports on the localhost network interface, and leaving the floodgates ajar to remote network attacks.\r\n\r\nIn this live demo and attack simulation we’ll unveil a zero-day vulnerability (still under responsible disclosure) in Chrome and other browsers, and how we use the 0-day to attack developers behind firewalls. We will demonstrate remote code execution on a wildly popular open-source platform serving millions in the data engineering ecosystem, that seems to run on localhost. \r\n\r\nIn our talk, we will present novel attack techniques, targeting developers and employees within an organization, that are behind firewalls. This will be a first-ever deep dive into this newly discovered zero-day vulnerability.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55716],"conference_id":133,"event_ids":[56253],"name":"Avi Lumelsky","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56105},{"content_ids":[55716],"conference_id":133,"event_ids":[56253],"name":"Gal Elbaz","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56114}],"begin_tsz":"2024-08-10T23:40:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-11T00:10:00.000-0000","id":56253,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723333200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56105},{"tag_id":46167,"sort_order":1,"person_id":56114}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T23:40:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for our first Bloch Party and find out anything you have wanted to know about Quantum Tech & Hacking and why it's a Bloch Party, not Block Party. At the same time join us for another round of our Oxford Union-style fun debates @ DEF CON!\n\n\n","media":[],"title":"Quantum Village Bloch Party!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Join us for our first Bloch Party and find out anything you have wanted to know about Quantum Tech & Hacking and why it's a Bloch Party, not Block Party. At the same time join us for another round of our Oxford Union-style fun debates @ DEF CON!","updated_timestamp":{"seconds":1723307396,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-10T16:29:56Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56876,"tag_ids":[46389,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-08-10T16:29:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We often hear about long lines at polling places and in particular at voter registration sites. Unfortunately, we rarely get insight into why this is happening and why this happens in such specific geographic locations. Join us to hear the full breakdown of what is happening from one of the Voting Village original founders and former White House Principal Deputy National Cyber Director and premier voting expert.\n\n\n","media":[],"title":"What Do Long Voter Registration Lines Mean?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"We often hear about long lines at polling places and in particular at voter registration sites. Unfortunately, we rarely get insight into why this is happening and why this happens in such specific geographic locations. Join us to hear the full breakdown of what is happening from one of the Voting Village original founders and former White House Principal Deputy National Cyber Director and premier voting expert.","updated_timestamp":{"seconds":1723183539,"nanoseconds":0},"speakers":[{"content_ids":[56201,56202],"conference_id":133,"event_ids":[56855,56856],"name":"Jake Braun","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/jake-braun-77372539"},{"description":"","title":"Twitter (@jakehbraun)","sort_order":0,"url":"https://twitter.com/jakehbraun"},{"description":"","title":"Website","sort_order":0,"url":"https://harris.uchicago.edu/directory/jake-braun"}],"media":[],"id":56572}],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T06:05:39Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":56855,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56572}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Con la presentacion de diferentes expertos en el tema, los cuales en este panel presentado en tres idiomas, vamos a discutir el impacto real que genera la GenIA en nuestro mundo de cibserseguridad\n\n\n","media":[],"title":"How is GenIA Impacting Cybersecurity: The good, The Bad, and The ugly (Trilingual Panel)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Con la presentacion de diferentes expertos en el tema, los cuales en este panel presentado en tres idiomas, vamos a discutir el impacto real que genera la GenIA en nuestro mundo de cibserseguridad","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55975],"conference_id":133,"event_ids":[56591],"name":"Marco Figueroa","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":""}],"links":[],"pronouns":null,"media":[],"id":56309}],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56591,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56309}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come learn about Meshtastic, the long-range, low-power, encrypted off-grid messaging protocol. We'll be setting up our Meshtastic Nuggets, going over the setup options, and exploring the advanced options that make Meshtastic more useful. We'll cover setting encryption, choosing a device role, and connecting over serial, web, and bluetooth. We'll also look at some of the optional modules, like broadcasting sensor telemetry data or adding a GPS.\n\n\n","media":[],"title":"Meshtastic Meetup","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Come learn about Meshtastic, the long-range, low-power, encrypted off-grid messaging protocol. We'll be setting up our Meshtastic Nuggets, going over the setup options, and exploring the advanced options that make Meshtastic more useful. We'll cover setting encryption, choosing a device role, and connecting over serial, web, and bluetooth. We'll also look at some of the optional modules, like broadcasting sensor telemetry data or adding a GPS.","updated_timestamp":{"seconds":1722645221,"nanoseconds":0},"speakers":[{"content_ids":[55930,55931,55932,55933,55934,55935,55936,55937,55938,55939],"conference_id":133,"event_ids":[56521,56522,56523,56524,56525,56526,56527,56528,56529,56530],"name":"Kody K","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56287}],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:41Z","links":[{"label":"Purchase/Pre-Register","type":"link","url":"https://retia.io/products/dc32-meshtastic-meetup-saturday"}],"end":"2024-08-11T01:00:00.000-0000","id":56528,"tag_ids":[46383,46429,46734],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56287}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for another round of our Oxford Union-style debates @ DEF CON! Chaired by Bob Gourley, we’re extremely excited to bring you two debates this year - one on Quantum Ethics, and another on the Quantum Skills gap, feat. some of our most excellent speakers including Bruna Shinohara de Mendonça, Joan Arrow of the Quantum Ethics Project, and more! \n\n\n","media":[],"title":"The Quantum Ethics and Skills Debates","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"Join us for another round of our Oxford Union-style debates @ DEF CON! Chaired by Bob Gourley, we’re extremely excited to bring you two debates this year - one on Quantum Ethics, and another on the Quantum Skills gap, feat. some of our most excellent speakers including Bruna Shinohara de Mendonça, Joan Arrow of the Quantum Ethics Project, and more!","updated_timestamp":{"seconds":1723307279,"nanoseconds":0},"speakers":[{"content_ids":[55844,55855],"conference_id":133,"event_ids":[56431,56442],"name":"Bruna Shinohara de Mendonça","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56221},{"content_ids":[55855],"conference_id":133,"event_ids":[56442],"name":"Bob Gourley","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56618},{"content_ids":[55855],"conference_id":133,"event_ids":[56442],"name":"Joan Arrow","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56619}],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-10T16:27:59Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":56442,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":56618},{"tag_id":46487,"sort_order":4,"person_id":56221},{"tag_id":46487,"sort_order":6,"person_id":56619}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-08-10T16:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Winners of Day Two announced and prizes given out\n\n\n","media":[],"title":"Payment Village CTF Day Two Results","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Winners of Day Two announced and prizes given out","updated_timestamp":{"seconds":1722356409,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T16:20:09Z","links":[{"label":"More Info","type":"link","url":"https://www.paymentvillage.org/challenges"}],"end":"2024-08-11T00:00:00.000-0000","id":56087,"tag_ids":[46386,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-07-30T16:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Some cars are over-engineered, some are too basic, and some check every box except one. I did that research over months when trying to buy a new car, and landed on a 6MT Cadillac ATS-V while only wanting and dealing with Japanese cars, specifically Lexus/Toyota. The one thing it was missing was a digital gauge cluster, and programmers were asking $350, so I set off to figure it out myself. I then dove deep into GM electronics and programming, found a smart dude who initially cracked it all for free to spite all the money-grabbing gatekeepers, then became a hyprocrite, backtracking asking thousands to reveal his learnings. This presentation will go over how I programmed that cluster, posted everything on Github, out of spite.\n\n\n","media":[],"title":"Programming a CTS-V Gauge Cluster into an ATS-V, out of pure spite","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Some cars are over-engineered, some are too basic, and some check every box except one. I did that research over months when trying to buy a new car, and landed on a 6MT Cadillac ATS-V while only wanting and dealing with Japanese cars, specifically Lexus/Toyota. The one thing it was missing was a digital gauge cluster, and programmers were asking $350, so I set off to figure it out myself. I then dove deep into GM electronics and programming, found a smart dude who initially cracked it all for free to spite all the money-grabbing gatekeepers, then became a hyprocrite, backtracking asking thousands to reveal his learnings. This presentation will go over how I programmed that cluster, posted everything on Github, out of spite.","updated_timestamp":{"seconds":1720331871,"nanoseconds":0},"speakers":[{"content_ids":[54632],"conference_id":133,"event_ids":[55006],"name":"Varjitt Jeeva","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Software Engineer"}],"links":[],"pronouns":null,"media":[],"id":54250,"title":"Software Engineer"}],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:51Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":55006,"tag_ids":[46169,46375,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54250}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Every space mission is underpinned by critical software that spacecraft operators utilize to monitor and command their assets. The Mission Control System serves as the primary interface with a spacecraft, marking it as a crucial component of the ground segment. For decades, these systems were operated exclusively within the confines of mission control rooms, accessible only to a select group of individuals through a limited number of computer workstations. This paradigm has recently shifted, with numerous space organizations enabling their personnel to manage space assets remotely, including from the comfort of their homes. This increased accessibility has rendered space-related systems susceptible to the same security vulnerabilities that affect our daily-use software.\n\nDespite the adoption of newer technology stacks in many mission control systems—either through upgrades or complete replacements—the consideration of security requirements has often been deferred to the final stages of development or overlooked entirely. This negligence presents a significant risk, exposing the space sector to potential exploitation by malicious entities. Like in other technology domains, merely expanding strategies to incorporate security measures, instituting security policies, and integrating new security requirements are positive but insufficient. Despite being developed and tested by extensive teams and presumably adhering to best practices, we have observed firsthand how contemporary mission control systems remain prone to elementary security flaws.\n\nThe most effective strategy to equip space systems with a robust defense against malicious actors involves integrating offensive security testing throughout their development lifecycle.\n\nIn this presentation, we share the results of the security research we have recently conducted on the more established, open-source Mission Control Systems: NASA OpenMCT and YaMCS. We present the details of the vulnerabilities we have discovered in those two systems, and their potential impact on a space mission when they are chained together into one exploit. We conclude by presenting with the audience the lessons learned from those security assessments.\n\n\n\n","media":[],"title":"Offensive Security Testing: Safeguarding the Final Frontier","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Every space mission is underpinned by critical software that spacecraft operators utilize to monitor and command their assets. The Mission Control System serves as the primary interface with a spacecraft, marking it as a crucial component of the ground segment. For decades, these systems were operated exclusively within the confines of mission control rooms, accessible only to a select group of individuals through a limited number of computer workstations. This paradigm has recently shifted, with numerous space organizations enabling their personnel to manage space assets remotely, including from the comfort of their homes. This increased accessibility has rendered space-related systems susceptible to the same security vulnerabilities that affect our daily-use software.\n\nDespite the adoption of newer technology stacks in many mission control systems—either through upgrades or complete replacements—the consideration of security requirements has often been deferred to the final stages of development or overlooked entirely. This negligence presents a significant risk, exposing the space sector to potential exploitation by malicious entities. Like in other technology domains, merely expanding strategies to incorporate security measures, instituting security policies, and integrating new security requirements are positive but insufficient. Despite being developed and tested by extensive teams and presumably adhering to best practices, we have observed firsthand how contemporary mission control systems remain prone to elementary security flaws.\n\nThe most effective strategy to equip space systems with a robust defense against malicious actors involves integrating offensive security testing throughout their development lifecycle.\n\nIn this presentation, we share the results of the security research we have recently conducted on the more established, open-source Mission Control Systems: NASA OpenMCT and YaMCS. We present the details of the vulnerabilities we have discovered in those two systems, and their potential impact on a space mission when they are chained together into one exploit. We conclude by presenting with the audience the lessons learned from those security assessments.","updated_timestamp":{"seconds":1720331871,"nanoseconds":0},"speakers":[{"content_ids":[54578,54631],"conference_id":133,"event_ids":[54953,55005],"name":"Andrzej Olchawa","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/andrzejolchawa"},{"description":"","title":"Twitter (@0x4ndy)","sort_order":0,"url":"https://x.com/0x4ndy"},{"description":"","title":"andy.codes","sort_order":0,"url":"https://andy.codes"}],"media":[],"id":54248}],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:51Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":55005,"tag_ids":[46366,46419,46437,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54248}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Honeypots are invaluable tools for monitoring internet-wide scans and understanding attackers' techniques. Traditional low-interaction web honeypots use manual methods to emulate various applications or vulnerabilities. Introducing Galah, an LLM-powered web honeypot that mimics diverse applications with a single prompt. This honeypot dynamically crafts relevant HTTP responses, including headers and body content, to various HTTP requests, effectively simulating multiple web applications. In this talk, I will share lessons learned from building and deploying Galah and address two key questions: How do different large language models perform in generating HTTP messages? Does delivering authentic-looking HTTP responses increase attackers’ engagement with the honeypot?\n\n\n","media":[],"title":"Decoding Galah, an LLM Powered Web Honeypot","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Honeypots are invaluable tools for monitoring internet-wide scans and understanding attackers' techniques. Traditional low-interaction web honeypots use manual methods to emulate various applications or vulnerabilities. Introducing Galah, an LLM-powered web honeypot that mimics diverse applications with a single prompt. This honeypot dynamically crafts relevant HTTP responses, including headers and body content, to various HTTP requests, effectively simulating multiple web applications. In this talk, I will share lessons learned from building and deploying Galah and address two key questions: How do different large language models perform in generating HTTP messages? Does delivering authentic-looking HTTP responses increase attackers’ engagement with the honeypot?","updated_timestamp":{"seconds":1720400840,"nanoseconds":0},"speakers":[{"content_ids":[54630],"conference_id":133,"event_ids":[55004],"name":"Adel Karimi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Niantic","title":"Senior Security Engineer, Detection"}],"links":[],"pronouns":null,"media":[],"id":54252,"title":"Senior Security Engineer, Detection at Niantic"}],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T01:07:20Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":55004,"tag_ids":[46385,46419,46438,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54252}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-07-08T01:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"With the development of artificial intelligence and image processing technology, the video industry such as CCTV is developing greatly. However, CCTV video may infringe on an individual's privacy, and personal information may be leaked due to hacking or illegal video collection. As such, Surveillance System's Security issues are also increasing, the importance of the video surveillance industry is becoming more prominent.\r\n\r\nIn order to prevent hacking or illegal video collection, research on camera security is being conducted. However, there is a lack of awareness of NVR (Network Video Recorder), a device that actually watches videos recorded by cameras, and research on this is also insufficient.\r\n\r\nWe selected Hikvision and Dahua, which have a high NVR market share, as target vendors, and also selected Synology's NVR-related package, Surveillance Station, as targets. Before proceeding with vulnerability analysis, several problems occurred during the file system extraction process, but U-Boot mitigation was successfully bypassed through various methods. Afterwards, various types of vulnerabilities were discovered through analysis, and OEM verification was also conducted to increase impact. We present exploit scenarios for surveillance devices through vulnerability linkage and present supply chain security issues in the Surveillance System.\r\n\r\n1. [link](https://media.defcon.org/DEF%20CON%2024/DEF%20CON%2024%20presentations/DEF%20CON%2024%20-%20Brad-Dixon-Pin2Pwn-How-to-Root-An-Embedded-Linux-Box-With-A-Sewing-Needle-UPDATED.pdf)\r\n2. [link](https://www.mdpi.com/1424-8220/20/17/4806)\r\n3. [link](https://www.sciencedirect.com/science/article/pii/B978032390054600009X)\r\n4. [link](https://arxiv.org/pdf/2202.06597)\r\n5. [link](https://arxiv.org/abs/1904.08653)\r\n6. [link](https://arxiv.org/pdf/1812.02361)\r\n7. [link](https://www.researchgate.net/publication/317714199_Security_Requirements_Analysis_on_IP_Camera_via_Threat_Modeling_and_Common_Criteria)\r\n8. [link](https://www.researchgate.net/profile/Kyounggon-Kim/publication/346494741_Derivation_of_Security_Requirements_of_Smart_TV_Based_on_STRIDE_Threat_Modeling/links/5fc50fc24585152e9be40802/Derivation-of-Security-Requirements-of-Smart-TV-Based-on-STRIDE-Threat-Modeling.pdf)\r\n9. [link](https://scholarworks.bwise.kr/cau/handle/2019.sw.cau/25949)\r\n10. [link](https://dl.acm.org/doi/10.1145/2995289.2995290)\r\n11. [link](https://www.mdpi.com/2076-3417/11/12/5571)\r\n12. [link](https://arxiv.org/abs/2302.04900)\r\n13. [link](https://kth.diva-portal.org/smash/get/diva2:1697718/FULLTEXT01.pdf)\r\n14. [link](https://dl.acm.org/doi/10.1145/3232829.3232832)\r\n15. [link](https://www.sciencedirect.com/science/article/pii/S0045790622004529)\r\n16. [link](https://www.researchgate.net/publication/334396073_Vulnerability_Analysis_of_IP_Cameras_Using_ARP_Poisoning)\r\n\n\n\n","media":[],"title":"Watchers being watched: Exploiting the Surveillance System and its supply chain","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T00:15:00Z","end_timestamp":{"seconds":1723335300,"nanoseconds":0},"android_description":"With the development of artificial intelligence and image processing technology, the video industry such as CCTV is developing greatly. However, CCTV video may infringe on an individual's privacy, and personal information may be leaked due to hacking or illegal video collection. As such, Surveillance System's Security issues are also increasing, the importance of the video surveillance industry is becoming more prominent.\r\n\r\nIn order to prevent hacking or illegal video collection, research on camera security is being conducted. However, there is a lack of awareness of NVR (Network Video Recorder), a device that actually watches videos recorded by cameras, and research on this is also insufficient.\r\n\r\nWe selected Hikvision and Dahua, which have a high NVR market share, as target vendors, and also selected Synology's NVR-related package, Surveillance Station, as targets. Before proceeding with vulnerability analysis, several problems occurred during the file system extraction process, but U-Boot mitigation was successfully bypassed through various methods. Afterwards, various types of vulnerabilities were discovered through analysis, and OEM verification was also conducted to increase impact. We present exploit scenarios for surveillance devices through vulnerability linkage and present supply chain security issues in the Surveillance System.\r\n\r\n1. [link](https://media.defcon.org/DEF%20CON%2024/DEF%20CON%2024%20presentations/DEF%20CON%2024%20-%20Brad-Dixon-Pin2Pwn-How-to-Root-An-Embedded-Linux-Box-With-A-Sewing-Needle-UPDATED.pdf)\r\n2. [link](https://www.mdpi.com/1424-8220/20/17/4806)\r\n3. [link](https://www.sciencedirect.com/science/article/pii/B978032390054600009X)\r\n4. [link](https://arxiv.org/pdf/2202.06597)\r\n5. [link](https://arxiv.org/abs/1904.08653)\r\n6. [link](https://arxiv.org/pdf/1812.02361)\r\n7. [link](https://www.researchgate.net/publication/317714199_Security_Requirements_Analysis_on_IP_Camera_via_Threat_Modeling_and_Common_Criteria)\r\n8. [link](https://www.researchgate.net/profile/Kyounggon-Kim/publication/346494741_Derivation_of_Security_Requirements_of_Smart_TV_Based_on_STRIDE_Threat_Modeling/links/5fc50fc24585152e9be40802/Derivation-of-Security-Requirements-of-Smart-TV-Based-on-STRIDE-Threat-Modeling.pdf)\r\n9. [link](https://scholarworks.bwise.kr/cau/handle/2019.sw.cau/25949)\r\n10. [link](https://dl.acm.org/doi/10.1145/2995289.2995290)\r\n11. [link](https://www.mdpi.com/2076-3417/11/12/5571)\r\n12. [link](https://arxiv.org/abs/2302.04900)\r\n13. [link](https://kth.diva-portal.org/smash/get/diva2:1697718/FULLTEXT01.pdf)\r\n14. [link](https://dl.acm.org/doi/10.1145/3232829.3232832)\r\n15. [link](https://www.sciencedirect.com/science/article/pii/S0045790622004529)\r\n16. [link](https://www.researchgate.net/publication/334396073_Vulnerability_Analysis_of_IP_Cameras_Using_ARP_Poisoning)","updated_timestamp":{"seconds":1720463554,"nanoseconds":0},"speakers":[{"content_ids":[54512],"conference_id":133,"event_ids":[54885],"name":"Myeonghun Pak","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"KITRI","title":"Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@mhun512)","sort_order":0,"url":"https://twitter.com/mhun512"}],"media":[],"id":54045,"title":"Researcher at KITRI"},{"content_ids":[54512],"conference_id":133,"event_ids":[54885],"name":"Chanin Kim","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"S2W Inc","title":"Offensive Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@lourcode)","sort_order":0,"url":"https://twitter.com/lourcode"}],"media":[],"id":54098,"title":"Offensive Researcher at S2W Inc"},{"content_ids":[54512],"conference_id":133,"event_ids":[54885],"name":"Myeongjin Shin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Chonnam National University","title":"Student"}],"pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/magan_2160"}],"media":[],"id":54665,"title":"Student at Chonnam National University"}],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:32:34Z","links":[],"end":"2024-08-11T00:15:00.000-0000","id":54885,"tag_ids":[46166,46169,46419,46437,46878],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":2,"person_id":54098},{"tag_id":46167,"sort_order":4,"person_id":54045},{"tag_id":46167,"sort_order":6,"person_id":54665}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-07-08T18:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DEF CON is a siren song for the hacker mind. Clever people around the world hear it and are pulled, every year, to Las Vegas. They mass by the tens of thousands, streaming through the halls of DEF CON to watch talks given by absolute legends about incredible escapades, to gaze in wonder as true wizards bend bytes to their will in the CTF room, and to dream about one day reaching to those heights themselves.\r\n\r\nSome have the critical combination of grit, perseverance, raw talent, and (let's face it) privilege to push through to those dreams of greatness. But among even the clever and the motivated, it is rare for n00bs to rise to l33tness without support. Some find this support in inspiring classes in college. Others, among friends or mentors. But many don't find it at all, and remain in the hallways, dreaming.\r\n\r\nDo you want to leave the hallways and hack the planet? We are hackers, educators, and learners who are creating DEF CON Academy, a concerted effort to maximize hacker potential by providing open, clear, approachable, and inclusive practical resources for budding hackers to transcend and rule cyberspace. Through extensive DEF CON event presence and year-round hacking resources, we will pro up the noobs of the world and bring the community, at scale, to the next level of skill.\r\n\r\nCome, listen, and learn how we can help!\r\n\r\n1. [link](https://pwn.college)\r\n2. Connor Nelson, Yan Shoshitaishvili. DOJO: Applied Cybersecurity Education In The Browser. ACM SIGCSE 2024. [link](https://yancomm.net/papers/2024%20-%20SIGCSE%20-%20PWN%20the%20Learning%20Curve.pdf)\r\n3. Connor Nelson, Yan Shoshitaishvili. PWN The Learning Curve: Education-First CTF Challenges. ACM SIGCSE 2024. [link](https://yancomm.net/papers/2024%20-%20SIGCSE%20-%20Enter%20the%20DOJO.pdf)\r\n4. [link](https://wargames.ret2.systems/)\r\n5. [link](https://www.hackthebox.com/)\r\n\n\n\n","media":[],"title":"DEF CON Academy: Cultivating M4D SK1LLZ In the DEF CON Community","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T00:15:00Z","end_timestamp":{"seconds":1723335300,"nanoseconds":0},"android_description":"DEF CON is a siren song for the hacker mind. Clever people around the world hear it and are pulled, every year, to Las Vegas. They mass by the tens of thousands, streaming through the halls of DEF CON to watch talks given by absolute legends about incredible escapades, to gaze in wonder as true wizards bend bytes to their will in the CTF room, and to dream about one day reaching to those heights themselves.\r\n\r\nSome have the critical combination of grit, perseverance, raw talent, and (let's face it) privilege to push through to those dreams of greatness. But among even the clever and the motivated, it is rare for n00bs to rise to l33tness without support. Some find this support in inspiring classes in college. Others, among friends or mentors. But many don't find it at all, and remain in the hallways, dreaming.\r\n\r\nDo you want to leave the hallways and hack the planet? We are hackers, educators, and learners who are creating DEF CON Academy, a concerted effort to maximize hacker potential by providing open, clear, approachable, and inclusive practical resources for budding hackers to transcend and rule cyberspace. Through extensive DEF CON event presence and year-round hacking resources, we will pro up the noobs of the world and bring the community, at scale, to the next level of skill.\r\n\r\nCome, listen, and learn how we can help!\r\n\r\n1. [link](https://pwn.college)\r\n2. Connor Nelson, Yan Shoshitaishvili. DOJO: Applied Cybersecurity Education In The Browser. ACM SIGCSE 2024. [link](https://yancomm.net/papers/2024%20-%20SIGCSE%20-%20PWN%20the%20Learning%20Curve.pdf)\r\n3. Connor Nelson, Yan Shoshitaishvili. PWN The Learning Curve: Education-First CTF Challenges. ACM SIGCSE 2024. [link](https://yancomm.net/papers/2024%20-%20SIGCSE%20-%20Enter%20the%20DOJO.pdf)\r\n4. [link](https://wargames.ret2.systems/)\r\n5. [link](https://www.hackthebox.com/)","updated_timestamp":{"seconds":1720463573,"nanoseconds":0},"speakers":[{"content_ids":[54533,54511],"conference_id":133,"event_ids":[54884,54906],"name":"Perri Adams","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Defense Advanced Research Projects Agency (DARPA)","title":"Special Assistant to the Director"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@perribus)","sort_order":0,"url":"https://twitter.com/perribus"}],"media":[],"id":54047,"title":"Special Assistant to the Director at Defense Advanced Research Projects Agency (DARPA)"},{"content_ids":[54511],"conference_id":133,"event_ids":[54884],"name":"Yan \"Zardus\" Shoshitaishvili","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Arizona State University","title":"Associate Professor"}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@Zardus@defcon.social)","sort_order":0,"url":"https://defcon.social/@Zardus"},{"description":"","title":"Twitter (@Zardus)","sort_order":0,"url":"https://twitter.com/Zardus"},{"description":"","title":"yancomm.net","sort_order":0,"url":"https://yancomm.net"}],"media":[],"id":54201,"title":"Associate Professor at Arizona State University"}],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:32:53Z","links":[],"end":"2024-08-11T00:15:00.000-0000","id":54884,"tag_ids":[46166,46169,46419,46879],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":54201},{"tag_id":46167,"sort_order":4,"person_id":54047}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-07-08T18:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"VSAT satellite communication systems are widely used to provide two-way data and voice communications to remote areas, including maritime environments, crisis regions, and other locations where terrestrial communication infrastructure is limited or unavailable. In this presentation, we report on our security findings from our reverse-engineering efforts to exploit VSAT satellite modems from the Earth. We will focus on the Newtec MDM2200 from iDirect as an example. First, we explain how we reverse-engineered the software stack running on the modem device to find 0-day vulnerabilities. Then, we show how we reverse-engineered the network stack to devise attacks that can be launched by injecting wireless signals through the antenna dish of a VSAT terminal. Finally, we demonstrate our software-defined radio end-to-end attacks to inject bogus firmware updates and to gain a remote root shell access on the modem. To the best of knowledge, this represents the first successful demonstration of signal injection attacks on VSAT modems using software-defined radios from the Earth, while previous attacks on VSAT systems such as the ViaSat hack in 2022 were based on exploiting the operator’s network through Internet VPN connections. Our work therefore enlarges significantly the attack surface of VSAT systems.\n\nOur presentation at DEF CON is part of a project that has three parts. \n\nIn the first part, we focus on the inherent security issues in current VSAT system practices. This work will be appear in May at ACM WiSec 2024.\n\nVSAsTer: Uncovering Inherent Security Issues in Current VSAT System Practices, Johannes Willbold, Moritz Schloegel, Robin Bisping, Martin Strohmeier, Thorsten Holz, Vincent Lenders, 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), Seoul, Korea, May 2024. \n\nThe second part deals with the systematic evaluation of wireless signal injection attacks using a software-defined radio. This work will appear in August at Usenix Security 2024:\n\nWireless Signal Injection Attacks on VSAT Satellite Modems, Robin Bisping, Johannes Willbold, Martin Strohmeier, and Vincent Lenders, 33rd USENIX Security Symposium (USENIX Security), Philadelphia PA, USA, August 2024. \n\nThe third part of the project deals with reverse-engineering of the software and network stack of satellite modems and the development of exploits that can be injected over the air through the antenna dish of a VSAT terminal from the ground. This part shall be presented at DEF CON this year.\n\n\n","media":[],"title":"Breaking the Beam: Exploiting VSAT Satellite Modems from the Earth's Surface","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-11T00:15:00Z","end_timestamp":{"seconds":1723335300,"nanoseconds":0},"android_description":"VSAT satellite communication systems are widely used to provide two-way data and voice communications to remote areas, including maritime environments, crisis regions, and other locations where terrestrial communication infrastructure is limited or unavailable. In this presentation, we report on our security findings from our reverse-engineering efforts to exploit VSAT satellite modems from the Earth. We will focus on the Newtec MDM2200 from iDirect as an example. First, we explain how we reverse-engineered the software stack running on the modem device to find 0-day vulnerabilities. Then, we show how we reverse-engineered the network stack to devise attacks that can be launched by injecting wireless signals through the antenna dish of a VSAT terminal. Finally, we demonstrate our software-defined radio end-to-end attacks to inject bogus firmware updates and to gain a remote root shell access on the modem. To the best of knowledge, this represents the first successful demonstration of signal injection attacks on VSAT modems using software-defined radios from the Earth, while previous attacks on VSAT systems such as the ViaSat hack in 2022 were based on exploiting the operator’s network through Internet VPN connections. Our work therefore enlarges significantly the attack surface of VSAT systems.\n\nOur presentation at DEF CON is part of a project that has three parts. \n\nIn the first part, we focus on the inherent security issues in current VSAT system practices. This work will be appear in May at ACM WiSec 2024.\n\nVSAsTer: Uncovering Inherent Security Issues in Current VSAT System Practices, Johannes Willbold, Moritz Schloegel, Robin Bisping, Martin Strohmeier, Thorsten Holz, Vincent Lenders, 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), Seoul, Korea, May 2024. \n\nThe second part deals with the systematic evaluation of wireless signal injection attacks using a software-defined radio. This work will appear in August at Usenix Security 2024:\n\nWireless Signal Injection Attacks on VSAT Satellite Modems, Robin Bisping, Johannes Willbold, Martin Strohmeier, and Vincent Lenders, 33rd USENIX Security Symposium (USENIX Security), Philadelphia PA, USA, August 2024. \n\nThe third part of the project deals with reverse-engineering of the software and network stack of satellite modems and the development of exploits that can be injected over the air through the antenna dish of a VSAT terminal from the ground. This part shall be presented at DEF CON this year.","updated_timestamp":{"seconds":1720307460,"nanoseconds":0},"speakers":[{"content_ids":[54510],"conference_id":133,"event_ids":[54883],"name":"Robin Bisping","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cyber-Defence Campus","title":"Security Engineer"}],"links":[],"pronouns":null,"media":[],"id":54058,"title":"Security Engineer at Cyber-Defence Campus"},{"content_ids":[54510],"conference_id":133,"event_ids":[54883],"name":"Johannes Willbold","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Ruhr University Bochum","title":"PhD Student"}],"links":[],"pronouns":null,"media":[],"id":54076,"title":"PhD Student at Ruhr University Bochum"},{"content_ids":[54618,54510],"conference_id":133,"event_ids":[54883,54992],"name":"Vincent Lenders","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cyber-Defence Campus","title":"Cybersecurity Researcher and Head"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/vincent-lenders-303656"},{"description":"","title":"Twitter (@Vlenders)","sort_order":0,"url":"https://twitter.com/Vlenders"},{"description":"","title":"lenders.ch","sort_order":0,"url":"https://lenders.ch"}],"media":[],"id":54111,"title":"Cybersecurity Researcher and Head at Cyber-Defence Campus"}],"begin_tsz":"2024-08-10T23:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-06T23:11:00Z","links":[],"end":"2024-08-11T00:15:00.000-0000","id":54883,"tag_ids":[46166,46169,46419,46437,46880],"village_id":null,"begin_timestamp":{"seconds":1723332600,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":2,"person_id":54111},{"tag_id":46167,"sort_order":4,"person_id":54076},{"tag_id":46167,"sort_order":6,"person_id":54058}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-10T23:30:00.000-0000","updated":"2024-07-06T23:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Are you ready to embark on a journey that celebrates uniqueness, innovation, and untapped potential? It’s time to shine a light on Neurodiversity and what that means to Information Security.\r\n\r\n1. The Power of Neurodiversity:\r\n\r\nImagine a world where different brains aren’t seen as deficits but as diverse strengths. Neurodiversity embraces the beautiful mosaic of human minds, from ADHD to autism and beyond.\r\nXavier will unravel the superpowers hidden within neurodivergent individuals—like visual hypersensitivity, out-of-the-box thinking, and encyclopedic knowledge. These aren’t just buzzwords; they’re game-changers for the Infosec field.\r\n\r\n2. Success Stories and Real Impact:\r\n\r\nBrace yourself for success stories that defy convention. JPMorgan Chase’s neurodiverse hires outperform their peers by leaps and bounds. Productivity spikes, retention soars, and innovation thrives.\r\nUltra Testing, an IT company with 75% neurodiverse staff, proves that inclusion isn’t charity—it’s smart business. Their mantra? “Staffing fantastically capable talent who just haven’t had a fair shot before.”\r\n\r\n3. Creating an Inclusive Future:\r\n\r\nXavier won’t stop at inspiration; he’ll equip you with actionable steps including: How to Revisit Hiring Processes, Adapting the Environment, Tailored Career Journeys\r\n\r\n4. Be Part of the Movement:\r\n\r\nWhether you’re a hacker, an individual seeking help, or just a cat lover (yes, there’s a slide for that!), this presentation is your invitation to change the narrative.\r\n\r\nSo mark your calendar, grab your virtual seat, and let’s celebrate neurodiversity—one mind at a time. Remember, the rising tide lifts all boats. Join us, learn, and be part of a more inclusive future! Don’t miss out—this isn’t your typical tech talk. It’s a revolution waiting to happen. See you there!\n\n\n","media":[],"title":"Unlocking Hidden Superpowers: Neurodiversity in Infosec","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:05:00Z","end_timestamp":{"seconds":1723334700,"nanoseconds":0},"android_description":"Are you ready to embark on a journey that celebrates uniqueness, innovation, and untapped potential? It’s time to shine a light on Neurodiversity and what that means to Information Security.\r\n\r\n1. The Power of Neurodiversity:\r\n\r\nImagine a world where different brains aren’t seen as deficits but as diverse strengths. Neurodiversity embraces the beautiful mosaic of human minds, from ADHD to autism and beyond.\r\nXavier will unravel the superpowers hidden within neurodivergent individuals—like visual hypersensitivity, out-of-the-box thinking, and encyclopedic knowledge. These aren’t just buzzwords; they’re game-changers for the Infosec field.\r\n\r\n2. Success Stories and Real Impact:\r\n\r\nBrace yourself for success stories that defy convention. JPMorgan Chase’s neurodiverse hires outperform their peers by leaps and bounds. Productivity spikes, retention soars, and innovation thrives.\r\nUltra Testing, an IT company with 75% neurodiverse staff, proves that inclusion isn’t charity—it’s smart business. Their mantra? “Staffing fantastically capable talent who just haven’t had a fair shot before.”\r\n\r\n3. Creating an Inclusive Future:\r\n\r\nXavier won’t stop at inspiration; he’ll equip you with actionable steps including: How to Revisit Hiring Processes, Adapting the Environment, Tailored Career Journeys\r\n\r\n4. Be Part of the Movement:\r\n\r\nWhether you’re a hacker, an individual seeking help, or just a cat lover (yes, there’s a slide for that!), this presentation is your invitation to change the narrative.\r\n\r\nSo mark your calendar, grab your virtual seat, and let’s celebrate neurodiversity—one mind at a time. Remember, the rising tide lifts all boats. Join us, learn, and be part of a more inclusive future! Don’t miss out—this isn’t your typical tech talk. It’s a revolution waiting to happen. See you there!","updated_timestamp":{"seconds":1722445887,"nanoseconds":0},"speakers":[{"content_ids":[55692],"conference_id":133,"event_ids":[56215],"name":"Xavier \"rubix1138\" Ashe","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Truist","title":"Senior Vice President, Cyber Operations and Technology"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/xavierashe/"},{"description":"","title":"Mastodon (@Xavier@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@Xavier"}],"media":[],"id":56063,"title":"Senior Vice President, Cyber Operations and Technology at Truist"}],"begin_tsz":"2024-08-10T23:05:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:11:27Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-11T00:05:00.000-0000","id":56215,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723331100,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56063}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-10T23:05:00.000-0000","updated":"2024-07-31T17:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cybersecurity Policy has transformed red teaming. Cyber and AI are the most emerging domains of the law, with strategies, regulations, and standards constantly emerging, globally. This domain also serves as an amazing opportunity for you explore to new paths, and opportunities, to drive impact at scale, and collaborate with the hacker ecosystem to drive better policies, and better security – that advance all users. This talk invites the audience to explore the latest trend in cyber policy globally, focusing on areas with broad impact on the red teaming community – such as AI red teaming, pen testing policy, secure development, legal limitations to vuln disclosure, and anti-hacking laws. We will cover the latest developments from CIRCIA to the EU Cyber Resilience Act and the AI EO – and introduce the audience to the world of policy hacking, and policy “hacking”. We will cover case studies and\n\n\n","media":[],"title":"Hacking Policy and Policy Hacking - A Red-Teamer Hacker Guide to the Universe of Cyber Policy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T23:50:00Z","end_timestamp":{"seconds":1723333800,"nanoseconds":0},"android_description":"Cybersecurity Policy has transformed red teaming. Cyber and AI are the most emerging domains of the law, with strategies, regulations, and standards constantly emerging, globally. This domain also serves as an amazing opportunity for you explore to new paths, and opportunities, to drive impact at scale, and collaborate with the hacker ecosystem to drive better policies, and better security – that advance all users. This talk invites the audience to explore the latest trend in cyber policy globally, focusing on areas with broad impact on the red teaming community – such as AI red teaming, pen testing policy, secure development, legal limitations to vuln disclosure, and anti-hacking laws. We will cover the latest developments from CIRCIA to the EU Cyber Resilience Act and the AI EO – and introduce the audience to the world of policy hacking, and policy “hacking”. We will cover case studies and","updated_timestamp":{"seconds":1723169081,"nanoseconds":0},"speakers":[{"content_ids":[56179],"conference_id":133,"event_ids":[56833],"name":"Amit Elazari","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56560}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T02:04:41Z","links":[],"end":"2024-08-10T23:50:00.000-0000","id":56833,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56560}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-08-09T02:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The FBI ran an encrypted app called Anom, intercepting all of its messages. The operation ended in the arrest of hundreds of criminals. But what happens now? Are apps that we all use, like Signal, under threat too? This talk will give a blistering dive into what the app was, how it worked, and what it means for all of our privacy now.\n\n\n","media":[],"title":"A Whirlwind Tour of the FBI's Secret Encrypted Chat App","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"The FBI ran an encrypted app called Anom, intercepting all of its messages. The operation ended in the arrest of hundreds of criminals. But what happens now? Are apps that we all use, like Signal, under threat too? This talk will give a blistering dive into what the app was, how it worked, and what it means for all of our privacy now.","updated_timestamp":{"seconds":1722725902,"nanoseconds":0},"speakers":[{"content_ids":[54493,56001],"conference_id":133,"event_ids":[56623,54866],"name":"Joseph Cox","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Investigative Journalist"},{"organization":"404 Media","title":"Co-Founder"}],"pronouns":"he/him","links":[{"description":"","title":"Bsky","sort_order":0,"url":"https://bsky.app/profile/josephcox.bsky.social"},{"description":"","title":"Mastodon (@josephcox@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@josephcox"},{"description":"","title":"Twitter (@josephfcox)","sort_order":0,"url":"https://twitter.com/josephfcox"}],"media":[],"id":54153,"title":"Co-Founder at 404 Media"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T22:58:22Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":56623,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54153}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-08-03T22:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cyberjūtsu is a new way to teach cybersecurity inspired from martial arts trainings. It is an educational way which allows everyone (novice to expert) to practice together and improve themselves in cybersecurity through confrontation. It follows budō (judo, jujitsu, karate...) principles and ethical code. The goal is to reach \"maximum-efficient use of computer\" in a \"mutual benefit\" of a human confrontation. It's a digital martial art fight e-sport using linux shell. No matter your technical background—from 10-year-olds to technical experts like pentesters and red/blue teamers—this workshop is designed for you. The only prerequisite is basic reading, writing, and counting knowledge. Experience real live adversary sparring and see how even those with less knowledge can outmaneuver more experienced participants. Join us for an interactive session with 14 players participating and others welcome to watch. Enhance your cybersecurity skills through collaborative and practical exercises.\n\n\n","media":[],"title":"Cyberjutsu Path to a Digital Martial Art","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Cyberjūtsu is a new way to teach cybersecurity inspired from martial arts trainings. It is an educational way which allows everyone (novice to expert) to practice together and improve themselves in cybersecurity through confrontation. It follows budō (judo, jujitsu, karate...) principles and ethical code. The goal is to reach \"maximum-efficient use of computer\" in a \"mutual benefit\" of a human confrontation. It's a digital martial art fight e-sport using linux shell. No matter your technical background—from 10-year-olds to technical experts like pentesters and red/blue teamers—this workshop is designed for you. The only prerequisite is basic reading, writing, and counting knowledge. Experience real live adversary sparring and see how even those with less knowledge can outmaneuver more experienced participants. Join us for an interactive session with 14 players participating and others welcome to watch. Enhance your cybersecurity skills through collaborative and practical exercises.","updated_timestamp":{"seconds":1722715708,"nanoseconds":0},"speakers":[{"content_ids":[55992],"conference_id":133,"event_ids":[56614],"name":"Alexandre CABROL PERALES","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"President of NPO multi-country WOCSA, Director of Managed Detection & Response at Sopra Steria, Teacher at French University Cyber Master","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/alexandrecabrolperales"}],"media":[],"id":56329,"title":"President of NPO multi-country WOCSA, Director of Managed Detection & Response at Sopra Steria, Teacher at French University Cyber Master"},{"content_ids":[55992],"conference_id":133,"event_ids":[56614],"name":"Quentin Fraty","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Threat Intelligence Analyst and Reverse at Sopra Steria","title":""}],"pronouns":null,"links":[{"description":"","title":"fr.linkedin.com/in/quentin-fraty-7580841b8/fr","sort_order":0,"url":"https://fr.linkedin.com/in/quentin-fraty-7580841b8/fr"}],"media":[],"id":56330,"title":"Threat Intelligence Analyst and Reverse at Sopra Steria"},{"content_ids":[55992],"conference_id":133,"event_ids":[56614],"name":"Alaric Becker","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SOC Analyst and Threat Hunter at Sopra Steria","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/alaric-becker-a183a3139/"}],"media":[],"id":56331,"title":"SOC Analyst and Threat Hunter at Sopra Steria"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T20:08:28Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56614,"tag_ids":[46367,46734],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56329},{"tag_id":46484,"sort_order":4,"person_id":56330},{"tag_id":46484,"sort_order":6,"person_id":56331}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-08-03T20:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The adoption of OT security solutions into the world's most critical infrastructure has increased dramatically. The location in which these appliance reside within control networks poses unique risk as both management interfaces and even more often monitoring interfaces reside within segments that contain critical process automation equipment. This talk will explore essential product security considerations specific to OT security appliances, secure deployment strategies, device and network hardening techniques, and some real-world examples of discovered vulnerabilities in COTS appliances.\n\n\n","media":[],"title":"Product security considerations for OT security appliances","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:50:00Z","end_timestamp":{"seconds":1723333800,"nanoseconds":0},"android_description":"The adoption of OT security solutions into the world's most critical infrastructure has increased dramatically. The location in which these appliance reside within control networks poses unique risk as both management interfaces and even more often monitoring interfaces reside within segments that contain critical process automation equipment. This talk will explore essential product security considerations specific to OT security appliances, secure deployment strategies, device and network hardening techniques, and some real-world examples of discovered vulnerabilities in COTS appliances.","updated_timestamp":{"seconds":1722652169,"nanoseconds":0},"speakers":[{"content_ids":[55940],"conference_id":133,"event_ids":[56553],"name":"Robert Landavazo","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Dragos","title":"Senior Director of Solution Architects"}],"links":[],"pronouns":null,"media":[],"id":56290,"title":"Senior Director of Solution Architects at Dragos"},{"content_ids":[55940],"conference_id":133,"event_ids":[56553],"name":"Brandon Dudley","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Dragos","title":"Field Operations Engineer"}],"links":[],"pronouns":null,"media":[],"id":56291,"title":"Field Operations Engineer at Dragos"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T02:29:29Z","links":[],"end":"2024-08-10T23:50:00.000-0000","id":56553,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56291},{"tag_id":46167,"sort_order":4,"person_id":56290}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-08-03T02:29:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Live Recon Finalist Presentations","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722627655,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T19:40:55Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56478,"tag_ids":[46391,46427,46439,46779],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-08-02T19:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is an audience-participation talk in the style of the 1980s Choose your own Adventure books. We will expose the audience to a quasi real life incident, giving them the choice to choose how they deal with that incident. This will give insight in to the difficult choices that have to be made by operators in real time.\n\n\n","media":[],"title":"Choose your own adventure: Has your fleet been hacked?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"This is an audience-participation talk in the style of the 1980s Choose your own Adventure books. We will expose the audience to a quasi real life incident, giving them the choice to choose how they deal with that incident. This will give insight in to the difficult choices that have to be made by operators in real time.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[54606,55837,56177],"conference_id":133,"event_ids":[56387,56831,54980],"name":"Ken Munro","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Pen Test Partners","title":"Partner and Founder"}],"links":[],"pronouns":null,"media":[],"id":54347,"title":"Partner and Founder at Pen Test Partners"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":56387,"tag_ids":[46366,46734],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":54347}],"tags":"","conference_id":133,"location":{"parent_id":46259,"name":"LVCC - L1 - HW2-07-02 (Aerospace) - Workshops","hotel":"","short_name":"Workshops","id":46476},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"What is this Threat Hunting stuff all about? Isn't \"hunting\" just a cooler-sounding word for Incident Response? Why are so many new jobs opening up with Threat Hunting in the title, and how do you get the experience to land one of those jobs? Should SOC Analysts always be hunting, or is that \"someone else's job?\" How does CTI connect to hunting?\r\nIf you have any of these questions burning in your mind, you have to come to this panel! We've got a fun and mostly sane panel of people who have different perspectives to share, and we want to hear from you, too!\n\n\nOur panel of Threat Hunting practitioners will take spicy topics from our amazing moderator and the audience on topics ranging from how to thrunt to real life stories of the good, the bad and the ugly. Do you have strong opinions about whether you should call it Thrunting or DEATH? We'll ask the audience some questions, too, and you might even win a prize for your spicy take!","media":[],"title":"Thrunting or DEATH! (A BTV Panel)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"What is this Threat Hunting stuff all about? Isn't \"hunting\" just a cooler-sounding word for Incident Response? Why are so many new jobs opening up with Threat Hunting in the title, and how do you get the experience to land one of those jobs? Should SOC Analysts always be hunting, or is that \"someone else's job?\" How does CTI connect to hunting?\r\nIf you have any of these questions burning in your mind, you have to come to this panel! We've got a fun and mostly sane panel of people who have different perspectives to share, and we want to hear from you, too!\n\n\nOur panel of Threat Hunting practitioners will take spicy topics from our amazing moderator and the audience on topics ranging from how to thrunt to real life stories of the good, the bad and the ugly. Do you have strong opinions about whether you should call it Thrunting or DEATH? We'll ask the audience some questions, too, and you might even win a prize for your spicy take!","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[54222,55764],"conference_id":133,"event_ids":[56273,54595],"name":"Ryan Chapman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@rj_chap)","sort_order":0,"url":"https://twitter.com/rj_chap"}],"media":[],"id":53865},{"content_ids":[54569,55764],"conference_id":133,"event_ids":[56273,54944],"name":"Joe Slowik","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54362},{"content_ids":[55764],"conference_id":133,"event_ids":[56273],"name":"th3CyF0x","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56144},{"content_ids":[55764],"conference_id":133,"event_ids":[56273],"name":"Sydney Marrone","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56154},{"content_ids":[55764],"conference_id":133,"event_ids":[56273],"name":"Randy Pargman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56175}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":56273,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54362},{"tag_id":46167,"sort_order":6,"person_id":56175},{"tag_id":46167,"sort_order":8,"person_id":56154},{"tag_id":46167,"sort_order":10,"person_id":56144},{"tag_id":46167,"sort_order":12,"person_id":53865}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There is some debate as to how SBOMs can enhance vulnerability management practices, and some believe that collecting SBOMs from internal teams or suppliers is too difficult and time-consuming. Learn how Schneider Electric has collected thousands of our product SBOMs and how we are leveraging the SBOMs as part of our corporate product CERT to quickly analyze and focus our attention when time is of importance. This presentation describes how we modified our policies and processes to collect, generate, and store thousands of SBOMs. You will hear how we have leveraged SBOMs during the Log4j and OpenSSL vulnerability events. Then we will conclude with key learnings, suggestions, and opportunities for improvement.\n\n\n","media":[],"title":"The Missing Link - How we collect and leverage SBOMs","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"There is some debate as to how SBOMs can enhance vulnerability management practices, and some believe that collecting SBOMs from internal teams or suppliers is too difficult and time-consuming. Learn how Schneider Electric has collected thousands of our product SBOMs and how we are leveraging the SBOMs as part of our corporate product CERT to quickly analyze and focus our attention when time is of importance. This presentation describes how we modified our policies and processes to collect, generate, and store thousands of SBOMs. You will hear how we have leveraged SBOMs during the Log4j and OpenSSL vulnerability events. Then we will conclude with key learnings, suggestions, and opportunities for improvement.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55715,55329],"conference_id":133,"event_ids":[55721,56233],"name":"Cassie Crossley","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Schneider Electric","title":"Vice President, Supply Chain Security, Cybersecurity & Product Security Office"}],"links":[],"pronouns":null,"media":[],"id":56107,"title":"Vice President, Supply Chain Security, Cybersecurity & Product Security Office at Schneider Electric"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":56233,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56107}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Whether you are responsible for attacking or defending cloud environments, you want to know how attackers compromise them and what successful post-exploitation looks like in the cloud.\n\nThis workshop focuses on learning how attackers typically compromise cloud environments, and what post-exploitation looks like. Each workshop attendee will have access to an AWS account deployed with a collection of intentionally vulnerable cloud resources that represent misconfigurations exploited during real cloud penetration tests.\n\nIn most cases, attackers gain initial access to cloud environments in one of three ways: They compromise a vulnerable application or service in the cloud, a misconfigured cloud resource, or a user with access to the cloud. In this workshop we will be attacking an intentionally vulnerable cloud environment with all three types of vulnerabilities.\n\nEach section of the workshop will start with an instructor led introduction followed by hands-on hacking. There is something for everyone, regardless of your offensive skill level. Anyone familiar with Linux commands and the AWS CLI is welcome to attend, and even those who have been in the field for years will find something to challenge them.\n\n\n","media":[],"title":"Exploiting common vulnerabilities in AWS environments","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Whether you are responsible for attacking or defending cloud environments, you want to know how attackers compromise them and what successful post-exploitation looks like in the cloud.\n\nThis workshop focuses on learning how attackers typically compromise cloud environments, and what post-exploitation looks like. Each workshop attendee will have access to an AWS account deployed with a collection of intentionally vulnerable cloud resources that represent misconfigurations exploited during real cloud penetration tests.\n\nIn most cases, attackers gain initial access to cloud environments in one of three ways: They compromise a vulnerable application or service in the cloud, a misconfigured cloud resource, or a user with access to the cloud. In this workshop we will be attacking an intentionally vulnerable cloud environment with all three types of vulnerabilities.\n\nEach section of the workshop will start with an instructor led introduction followed by hands-on hacking. There is something for everyone, regardless of your offensive skill level. Anyone familiar with Linux commands and the AWS CLI is welcome to attend, and even those who have been in the field for years will find something to challenge them.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55496],"conference_id":133,"event_ids":[55925],"name":"Seth Art","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"sethsec","sort_order":0,"url":"https://sethsec"}],"media":[],"id":56017}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55925,"tag_ids":[46376,46734],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56017}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us Women in Security and Privacy to mingle and network with privacy and security professionals. You can also bring some swag, pins, or stickers to exchange as part of the networking activities.\n\n\n","media":[],"title":"Peer-to-Peer Mentoring and Networking with optional Swag, Pin & Sticker Exchange","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Join us Women in Security and Privacy to mingle and network with privacy and security professionals. You can also bring some swag, pins, or stickers to exchange as part of the networking activities.","updated_timestamp":{"seconds":1722207066,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T22:51:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55904,"tag_ids":[46410,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-04","hotel":"","short_name":"HW3-05-04","id":46266},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-28T22:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Tracking of Wifi devices is a common requirement in the cybersecurity world from tracking rogue devices to locating bad actors. This presentation will cover a novel technique of combining passive scanning techniques with active scanning using intended behaviors within the 802.11 protocol. Passive scanning is available through software in suites such as Kali, or in tools like a Pineapple, with the disadvantage of being only as fast as the target is willing to send packets. Active scanning has been traditionally relegated to only devices attached to the same Access Point or other, expensive gadgets while gaining the advantage of eliciting responses on command. Using a technique based on Wifi-Polite packets, cheap ESP32s can be leveraged to gain the advantages of active scanning without the requirement of being connected to the same Access Point. The software code operating this powerful combination of active and passive scanning on an inexpensive platform will be publicly released. Attendees will have a clear understanding of the technology, be given the knowledge and code to implement it themselves, and understand the future implications of using devices like this in a cooperative mesh to track targets in real time.\n\n\n","media":[],"title":"Tracking Real-Time Locations with Rogue WiFi Packets","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:50:00Z","end_timestamp":{"seconds":1723333800,"nanoseconds":0},"android_description":"Tracking of Wifi devices is a common requirement in the cybersecurity world from tracking rogue devices to locating bad actors. This presentation will cover a novel technique of combining passive scanning techniques with active scanning using intended behaviors within the 802.11 protocol. Passive scanning is available through software in suites such as Kali, or in tools like a Pineapple, with the disadvantage of being only as fast as the target is willing to send packets. Active scanning has been traditionally relegated to only devices attached to the same Access Point or other, expensive gadgets while gaining the advantage of eliciting responses on command. Using a technique based on Wifi-Polite packets, cheap ESP32s can be leveraged to gain the advantages of active scanning without the requirement of being connected to the same Access Point. The software code operating this powerful combination of active and passive scanning on an inexpensive platform will be publicly released. Attendees will have a clear understanding of the technology, be given the knowledge and code to implement it themselves, and understand the future implications of using devices like this in a cooperative mesh to track targets in real time.","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55460],"conference_id":133,"event_ids":[55885],"name":"Mikey Awbrey","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55999}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-10T23:50:00.000-0000","id":55885,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55999}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Home Owners Association or HOAs make amateur radio difficult. The good antennas are restricted, requiring a little bit of compromise and creativity to work around. This talk is how I worked around my HOA's covenants, conditions, and restrictions to operate my antenna. \r\n\r\nThis talk will present actual proven techniques to allow you to operate on all the amateur bands. I will talk about my personal horizontal loop deployment, as well as talk about all the bad antenna options I tried first before getting here.\n\n\n","media":[],"title":"Ham Radio in an HOA: Radio in the Face of Your Oppressor","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"Home Owners Association or HOAs make amateur radio difficult. The good antennas are restricted, requiring a little bit of compromise and creativity to work around. This talk is how I worked around my HOA's covenants, conditions, and restrictions to operate my antenna. \r\n\r\nThis talk will present actual proven techniques to allow you to operate on all the amateur bands. I will talk about my personal horizontal loop deployment, as well as talk about all the bad antenna options I tried first before getting here.","updated_timestamp":{"seconds":1722185779,"nanoseconds":0},"speakers":[{"content_ids":[55440],"conference_id":133,"event_ids":[55865],"name":"Danny Quist","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@k1hyl"}],"media":[],"id":55976}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T16:56:19Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":55865,"tag_ids":[46380,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55976}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W321","hotel":"","short_name":"W321","id":46337},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-28T16:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In today's tech landscape, where cloud computing and DevOps practices have converged, managing the integrity of CI/CD pipelines is essential. These intertwined elements should be holistically addressed, particularly regarding security measures. \n\nHowever, with the rise of automation, there comes an increased risk. Join us for \"Pipeline Pandemonium,\" a comprehensive talk about vulnerabilities within CI/CD pipelines and their potential to inadvertently negatively affect organizations that rely on cloud environments. Through real-world examples and case studies, attendees will explore the convergence of rapid software delivery and cloud infrastructure, uncovering the methods used by malicious actors to infiltrate pipelines and compromise cloud security.\n\nSeveral real-world examples will be expounded, including code injection, dependency hijacking, unauthorized access through over-provisioned keys, runner abuse, and artifact poisoning. More specifically, much of the talk will focus on common techniques to abuse privileges and configurations associated with GitHub actions, CircleCI and Jenkins pipelines. The presenter has real world experience exploiting these issues at fortune 500 companies and has made significant contributions to their security organization’s security posture.\n\nAttendees will gain a deep understanding of the vulnerabilities inherent in CI/CD processes and general strategies to defend against common attacks. Although the focus of the presentation is for a broad audience and requires no in-depth knowledge about the specific topics that will be covered.\n\nJoin us for \"Pipeline Pandemonium\" and discover how to navigate the turbulent waters of cloud security with confidence, turning the tide against insecurity and reclaiming control of your CI/CD pipelines.\n\n\n","media":[],"title":"Pipeline Pandemonium: How to Hijack the Cloud and Make it Rain","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T23:50:00Z","end_timestamp":{"seconds":1723333800,"nanoseconds":0},"android_description":"In today's tech landscape, where cloud computing and DevOps practices have converged, managing the integrity of CI/CD pipelines is essential. These intertwined elements should be holistically addressed, particularly regarding security measures. \n\nHowever, with the rise of automation, there comes an increased risk. Join us for \"Pipeline Pandemonium,\" a comprehensive talk about vulnerabilities within CI/CD pipelines and their potential to inadvertently negatively affect organizations that rely on cloud environments. Through real-world examples and case studies, attendees will explore the convergence of rapid software delivery and cloud infrastructure, uncovering the methods used by malicious actors to infiltrate pipelines and compromise cloud security.\n\nSeveral real-world examples will be expounded, including code injection, dependency hijacking, unauthorized access through over-provisioned keys, runner abuse, and artifact poisoning. More specifically, much of the talk will focus on common techniques to abuse privileges and configurations associated with GitHub actions, CircleCI and Jenkins pipelines. The presenter has real world experience exploiting these issues at fortune 500 companies and has made significant contributions to their security organization’s security posture.\n\nAttendees will gain a deep understanding of the vulnerabilities inherent in CI/CD processes and general strategies to defend against common attacks. Although the focus of the presentation is for a broad audience and requires no in-depth knowledge about the specific topics that will be covered.\n\nJoin us for \"Pipeline Pandemonium\" and discover how to navigate the turbulent waters of cloud security with confidence, turning the tide against insecurity and reclaiming control of your CI/CD pipelines.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55312],"conference_id":133,"event_ids":[55702],"name":"Blake Hudson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55864}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T23:50:00.000-0000","id":55702,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55864}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk introduces a method for creating unique command and control (C2) servers for each engagement, utilizing diverse programming languages, obfuscations, and communication protocols. The approach leverages a curated repository of historical C2 and implant data, with feedback to ensure continuous improvement. Want a C2 written in PERL that uses Gopher for comms? I don't know why you would but I can show you how. Rust, nodejs, and more. Want a C2 that runs in UEFI? The best part is once the engagement is done you don't have to worry that your toolset was blown because next engagement you will have a new framework.\n\n\n","media":[],"title":"Bespoke C2s are coming of age.","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T23:50:00Z","end_timestamp":{"seconds":1723333800,"nanoseconds":0},"android_description":"This talk introduces a method for creating unique command and control (C2) servers for each engagement, utilizing diverse programming languages, obfuscations, and communication protocols. The approach leverages a curated repository of historical C2 and implant data, with feedback to ensure continuous improvement. Want a C2 written in PERL that uses Gopher for comms? I don't know why you would but I can show you how. Rust, nodejs, and more. Want a C2 that runs in UEFI? The best part is once the engagement is done you don't have to worry that your toolset was blown because next engagement you will have a new framework.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[54587,55310],"conference_id":133,"event_ids":[55700,54962],"name":"David \"Icer\" Maynor","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ThreatHunter.ai","title":"Secret Keeper"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@Dave_Maynor)","sort_order":0,"url":"https://twitter.com/Dave_Maynor"}],"media":[],"id":54339,"title":"Secret Keeper at ThreatHunter.ai"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T23:50:00.000-0000","id":55700,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":4,"person_id":54339}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Transparency Algorithm (TTA): AI's Answer to Legal Equality is a groundbreaking initiative to dismantle the deep-rooted biases and systemic disparities that have plagued the American legal system for far too long. This revolutionary effort leverages the unparalleled power of artificial intelligence (AI) and machine learning (ML) to shine a glaring light on the injustices that have condemned generations of marginalized communities to a cycle of inequity and despair.Imagine a justice system where your fate is determined not by the content of your character but by the color of your skin, your gender, or your socioeconomic status. This is the grim reality that TTA seeks to eradicate. TTA meticulously analyzes public court case data to expose the hidden biases and discriminatory practices perpetuating injustice. This initiative doesn't just aim to reform; it seeks to revolutionize the very foundation of our legal system, bringing about the transparency and accountability that have long been overdue. At its core, TTA is a powerful tool for democratizing access to justice. Empowering citizens with data-driven insights provides a platform for informed public discourse and advocacy for systemic reform. The time for change is now, and TTA is the catalyst we need to forge a path towards a truly equitable legal landscape.\n\n\n","media":[],"title":"The Transparency Algorithm: AI's Answer to Legal Racial and Social Inequality","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"The Transparency Algorithm (TTA): AI's Answer to Legal Equality is a groundbreaking initiative to dismantle the deep-rooted biases and systemic disparities that have plagued the American legal system for far too long. This revolutionary effort leverages the unparalleled power of artificial intelligence (AI) and machine learning (ML) to shine a glaring light on the injustices that have condemned generations of marginalized communities to a cycle of inequity and despair.Imagine a justice system where your fate is determined not by the content of your character but by the color of your skin, your gender, or your socioeconomic status. This is the grim reality that TTA seeks to eradicate. TTA meticulously analyzes public court case data to expose the hidden biases and discriminatory practices perpetuating injustice. This initiative doesn't just aim to reform; it seeks to revolutionize the very foundation of our legal system, bringing about the transparency and accountability that have long been overdue. At its core, TTA is a powerful tool for democratizing access to justice. Empowering citizens with data-driven insights provides a platform for informed public discourse and advocacy for systemic reform. The time for change is now, and TTA is the catalyst we need to forge a path towards a truly equitable legal landscape.","updated_timestamp":{"seconds":1721495374,"nanoseconds":0},"speakers":[{"content_ids":[55204],"conference_id":133,"event_ids":[55594],"name":"Aquarious Workman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Security Architect & Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/aquariousworkman/"}],"media":[],"id":55792,"title":"Security Architect & Researcher"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T17:09:34Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":55594,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55792}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-20T17:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the rapidly evolving landscape of cybersecurity, effective reconnaissance is the cornerstone of successful bug bounty hunting. This presentation will guide you through identifying, enriching, and prioritizing targets before any scanning occurs, emphasizing the importance of uncovering \"unknown unknowns.\" We will cover the use of tools like subfinder and amass for asset discovery, followed by httpx for extracting relevant data such as titles and ports. Prioritization will be discussed to focus efforts on high-potential targets, including those requiring sign-in. Once prioritized, we'll move to scanning, employing advanced techniques to uncover hidden files and functionalities, targeting both known vulnerabilities and the elusive \"unknown unknowns.\" Finally, we'll focus on exploiting discovered functionalities, equipping you with the skills to uncover and exploit weaknesses. Join us to enhance your bug bounty hunting capabilities with a methodical approach to reconnaissance and exploitation, ensuring no stone is left unturned in your quest for vulnerabilities.\n\n\n","media":[],"title":"Unveiling Vulnerabilities: A Comprehensive Guide to Bug Bounty Recon","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T00:30:00Z","end_timestamp":{"seconds":1723336200,"nanoseconds":0},"android_description":"In the rapidly evolving landscape of cybersecurity, effective reconnaissance is the cornerstone of successful bug bounty hunting. This presentation will guide you through identifying, enriching, and prioritizing targets before any scanning occurs, emphasizing the importance of uncovering \"unknown unknowns.\" We will cover the use of tools like subfinder and amass for asset discovery, followed by httpx for extracting relevant data such as titles and ports. Prioritization will be discussed to focus efforts on high-potential targets, including those requiring sign-in. Once prioritized, we'll move to scanning, employing advanced techniques to uncover hidden files and functionalities, targeting both known vulnerabilities and the elusive \"unknown unknowns.\" Finally, we'll focus on exploiting discovered functionalities, equipping you with the skills to uncover and exploit weaknesses. Join us to enhance your bug bounty hunting capabilities with a methodical approach to reconnaissance and exploitation, ensuring no stone is left unturned in your quest for vulnerabilities.","updated_timestamp":{"seconds":1721438491,"nanoseconds":0},"speakers":[{"content_ids":[55183],"conference_id":133,"event_ids":[55571],"name":"Prince Chaddha","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ProjectDiscovery","title":""}],"pronouns":null,"links":[{"description":"","title":"Twitter (@princechaddha)","sort_order":0,"url":"https://twitter.com/princechaddha"}],"media":[],"id":56069,"title":"ProjectDiscovery"},{"content_ids":[55183],"conference_id":133,"event_ids":[55571],"name":"Tarun Koyalwar","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ProjectDiscovery","title":"Go developer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@KoyalwarTarun)","sort_order":0,"url":"https://twitter.com/KoyalwarTarun"}],"media":[],"id":56070,"title":"Go developer at ProjectDiscovery"},{"content_ids":[55183],"conference_id":133,"event_ids":[55571],"name":"Dhiyaneshwaran Balasubramaniam","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ProjectDiscovery.io","title":"Nuclei Template Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@DhiyaneshDK)","sort_order":0,"url":"https://twitter.com/DhiyaneshDK"}],"media":[],"id":56071,"title":"Nuclei Template Engineer at ProjectDiscovery.io"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T01:21:31Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#unveiling-vulnerabilities-bug-bounty-recon"}],"end":"2024-08-11T00:30:00.000-0000","id":55571,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":4,"person_id":56071},{"tag_id":46167,"sort_order":6,"person_id":56069},{"tag_id":46167,"sort_order":8,"person_id":56070}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-20T01:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Over the past decade, infotainment systems experienced a growth in functionality, broader adoption and central incorporation into the vehicle architecture. Due to the ever-growing role of wireless protocols such as Bluetooth and a known lack of patches alongside the difficulty of patch installation, this poses a new attack surface and a genuine threat to the users. At the same time, the tools and methodologies required for testing are scattered across the Internet, absent and need a rigorous setup.\r\n\r\nIn this talk, we share a comprehensive framework BlueToolkit to test and replay Bluetooth Classic vulnerabilities. We provide practical information and tips. Additionally, we release new exploits and a privilege escalation attack vector.\r\n\r\nWe show how we used the toolkit to find 64 new vulnerabilities in 22 modern cars and the Garmin Flight Stream flight management system used in several aircraft types.\r\n\r\nOur work equips Bluetooth hackers with necessary information on novel implementation-specific vulnerabilities that could be used to steal information from target cars, establish MitM position or escalate privileges to hijack victims’ accounts stealthily.\r\n\r\nWe believe our research will be beneficial in finding new vulnerabilities and making Bluetooth research more accessible and reproducible.\n\n\n","media":[],"title":"Exploiting Bluetooth - from your car to the bank account$$","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"Over the past decade, infotainment systems experienced a growth in functionality, broader adoption and central incorporation into the vehicle architecture. Due to the ever-growing role of wireless protocols such as Bluetooth and a known lack of patches alongside the difficulty of patch installation, this poses a new attack surface and a genuine threat to the users. At the same time, the tools and methodologies required for testing are scattered across the Internet, absent and need a rigorous setup.\r\n\r\nIn this talk, we share a comprehensive framework BlueToolkit to test and replay Bluetooth Classic vulnerabilities. We provide practical information and tips. Additionally, we release new exploits and a privilege escalation attack vector.\r\n\r\nWe show how we used the toolkit to find 64 new vulnerabilities in 22 modern cars and the Garmin Flight Stream flight management system used in several aircraft types.\r\n\r\nOur work equips Bluetooth hackers with necessary information on novel implementation-specific vulnerabilities that could be used to steal information from target cars, establish MitM position or escalate privileges to hijack victims’ accounts stealthily.\r\n\r\nWe believe our research will be beneficial in finding new vulnerabilities and making Bluetooth research more accessible and reproducible.","updated_timestamp":{"seconds":1720394537,"nanoseconds":0},"speakers":[{"content_ids":[54473,54638],"conference_id":133,"event_ids":[54846,55012],"name":"Vladyslav Zubkov","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Bug Bounty Hunter"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@0a_yso)","sort_order":0,"url":"https://twitter.com/0a_yso"}],"media":[],"id":54167,"title":"Bug Bounty Hunter"},{"content_ids":[54581,54473,54638],"conference_id":133,"event_ids":[54846,54956,55012],"name":"Martin Strohmeier","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cyber Defence Campus","title":"Senior Scientist"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@masorx)","sort_order":0,"url":"https://twitter.com/masorx"}],"media":[],"id":54277,"title":"Senior Scientist at Cyber Defence Campus"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T23:22:17Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":55012,"tag_ids":[46375,46419,46438,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54167},{"tag_id":46167,"sort_order":4,"person_id":54277}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-07T23:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"When we consider the conventional approaches to vulnerability discovery, be it in software or websites, we tend to confine ourselves to a specific target or platform. In the case of software, we might reverse engineer an application's attack surfaces for untrusted input, aiming to trigger edge cases. For websites, we might enumerate a domain for related assets and seek out unpatched, less defended, or occasionally abandoned resources.\r\n\r\nThis presentation explores the untapped potential of scaling security research by leveraging unconventional data sources. We'll walk through design flaws that enable two examples: forgotten cloud assets and leaked secrets. Instead of starting with a target and finding vulnerabilities, we'll find vulnerabilities and relate them to our targets. We won't just stop at discovery. We'll also discuss the incentives that create them and how to solve the ecosystem issues as an industry.\r\n\r\nWhile you can't easily scale every issue, this project has led to tens of thousands of highly significant yet seemingly trivial weaknesses in some of the world's largest organizations. Prepare to shift your perspective on vulnerability discovery, learn scalable approaches to address commonly overlooked bugs, and understand how even the simplest misconfiguration can have a devastating impact.\r\n\r\n- Toomey, Patrick. “Behind the Scenes of Github Token Scanning.” The GitHub Blog, 17 Oct. 2018, [link](https://github.blog/2018-10-17-behind-the-scenes-of-github-token-scanning/).\r\n- Meli, Michael, et al. “How Bad Can It Git? Characterizing Secret Leakage in Public Github Repositories.” Proceedings 2019 Network and Distributed System Security Symposium, 19 Feb. 2019, [link](https://doi.org/10.14722/ndss.2019.23418).\r\n- Awslabs. “Awslabs/Git-Secrets: Prevents You from Committing Secrets and Credentials into Git Repositories.” GitHub, 2015, [link](https://github.com/awslabs/git-secrets).\r\n- Rice, Zachary. “Zricethezav/Gitleaks: Scan Git Repos (or Files) for Secrets Using Regex and Entropy.” GitHub, 2018, [link](https://github.com/zricethezav/gitleaks).\r\n- Ballenthin, Willi, and Moritz Raabe. “Mandiant/Flare-Floss: Flare Obfuscated String Solver - Automatically Extract Obfuscated Strings from Malware.” GitHub, 2016, [link](https://github.com/mandiant/flare-floss).\r\n- Squarcina, Marco, et al. “Can I Take Your Subdomain? Exploring Same-Site Attacks in the Modern Web.” USENIX Security Symposium, vol. 30, Aug. 2021, pp. 2917–2934.\r\n- MDN contributors. “Subdomain Takeovers - Web Security | MDN.” Developer.mozilla.org, 14 Oct. 2021, [link](https://developer.mozilla.org/en-US/docs/Web/Security/Subdomain_takeovers).\r\n- “Prevent Subdomain Takeovers with Azure DNS Alias Records and Azure App Service’s Custom Domain Verification.” Learn.microsoft.com, Microsoft, 16 June 2020, [link](https://learn.microsoft.com/en-us/azure/security/fundamentals/subdomain-takeover).\r\n- Shah, Shubham. “Eliminating Dangling Elastic IP Takeovers with Ghostbuster.” Assetnote, 13 Feb. 2022, [link](https://blog.assetnote.io/2022/02/13/dangling-eips/).\r\n- Claudius, Jonathan. “‘Deep Thoughts’ on Subdomain Takeover Vulnerabilities.” Claudijd.github.io, 3 Feb. 2017, [link](https://claudijd.github.io/2017/02/03/deep-thoughts-on-subdomain-takeovers/).\r\n- Victor Le Pochat, Tom Van Goethem, Samaneh Tajalizadehkhoob, Maciej Korczyński, and Wouter Joosen. 2019. \"Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation,\" Proceedings of the 26th Annual Network and Distributed System Security Symposium (NDSS 2019). [link](https://doi.org/10.14722/ndss.2019.23386)\r\n- Hallam-Baker, Phillip, et al. “RFC 8659 - DNS Certification Authority Authorization (CAA) Resource Record.” Datatracker.ietf.org, IETF, Nov. 2019, [link](https://datatracker.ietf.org/doc/html/rfc8659).\r\n\n\n\n","media":[],"title":"Secrets and Shadows: Leveraging Big Data for Vulnerability Discovery at Scale","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T23:45:00Z","end_timestamp":{"seconds":1723333500,"nanoseconds":0},"android_description":"When we consider the conventional approaches to vulnerability discovery, be it in software or websites, we tend to confine ourselves to a specific target or platform. In the case of software, we might reverse engineer an application's attack surfaces for untrusted input, aiming to trigger edge cases. For websites, we might enumerate a domain for related assets and seek out unpatched, less defended, or occasionally abandoned resources.\r\n\r\nThis presentation explores the untapped potential of scaling security research by leveraging unconventional data sources. We'll walk through design flaws that enable two examples: forgotten cloud assets and leaked secrets. Instead of starting with a target and finding vulnerabilities, we'll find vulnerabilities and relate them to our targets. We won't just stop at discovery. We'll also discuss the incentives that create them and how to solve the ecosystem issues as an industry.\r\n\r\nWhile you can't easily scale every issue, this project has led to tens of thousands of highly significant yet seemingly trivial weaknesses in some of the world's largest organizations. Prepare to shift your perspective on vulnerability discovery, learn scalable approaches to address commonly overlooked bugs, and understand how even the simplest misconfiguration can have a devastating impact.\r\n\r\n- Toomey, Patrick. “Behind the Scenes of Github Token Scanning.” The GitHub Blog, 17 Oct. 2018, [link](https://github.blog/2018-10-17-behind-the-scenes-of-github-token-scanning/).\r\n- Meli, Michael, et al. “How Bad Can It Git? Characterizing Secret Leakage in Public Github Repositories.” Proceedings 2019 Network and Distributed System Security Symposium, 19 Feb. 2019, [link](https://doi.org/10.14722/ndss.2019.23418).\r\n- Awslabs. “Awslabs/Git-Secrets: Prevents You from Committing Secrets and Credentials into Git Repositories.” GitHub, 2015, [link](https://github.com/awslabs/git-secrets).\r\n- Rice, Zachary. “Zricethezav/Gitleaks: Scan Git Repos (or Files) for Secrets Using Regex and Entropy.” GitHub, 2018, [link](https://github.com/zricethezav/gitleaks).\r\n- Ballenthin, Willi, and Moritz Raabe. “Mandiant/Flare-Floss: Flare Obfuscated String Solver - Automatically Extract Obfuscated Strings from Malware.” GitHub, 2016, [link](https://github.com/mandiant/flare-floss).\r\n- Squarcina, Marco, et al. “Can I Take Your Subdomain? Exploring Same-Site Attacks in the Modern Web.” USENIX Security Symposium, vol. 30, Aug. 2021, pp. 2917–2934.\r\n- MDN contributors. “Subdomain Takeovers - Web Security | MDN.” Developer.mozilla.org, 14 Oct. 2021, [link](https://developer.mozilla.org/en-US/docs/Web/Security/Subdomain_takeovers).\r\n- “Prevent Subdomain Takeovers with Azure DNS Alias Records and Azure App Service’s Custom Domain Verification.” Learn.microsoft.com, Microsoft, 16 June 2020, [link](https://learn.microsoft.com/en-us/azure/security/fundamentals/subdomain-takeover).\r\n- Shah, Shubham. “Eliminating Dangling Elastic IP Takeovers with Ghostbuster.” Assetnote, 13 Feb. 2022, [link](https://blog.assetnote.io/2022/02/13/dangling-eips/).\r\n- Claudius, Jonathan. “‘Deep Thoughts’ on Subdomain Takeover Vulnerabilities.” Claudijd.github.io, 3 Feb. 2017, [link](https://claudijd.github.io/2017/02/03/deep-thoughts-on-subdomain-takeovers/).\r\n- Victor Le Pochat, Tom Van Goethem, Samaneh Tajalizadehkhoob, Maciej Korczyński, and Wouter Joosen. 2019. \"Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation,\" Proceedings of the 26th Annual Network and Distributed System Security Symposium (NDSS 2019). [link](https://doi.org/10.14722/ndss.2019.23386)\r\n- Hallam-Baker, Phillip, et al. “RFC 8659 - DNS Certification Authority Authorization (CAA) Resource Record.” Datatracker.ietf.org, IETF, Nov. 2019, [link](https://datatracker.ietf.org/doc/html/rfc8659).","updated_timestamp":{"seconds":1720463642,"nanoseconds":0},"speakers":[{"content_ids":[54509],"conference_id":133,"event_ids":[54882],"name":"Bill Demirkapi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Independent Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@BillDemirkapi)","sort_order":0,"url":"https://twitter.com/BillDemirkapi"},{"description":"","title":"billdemirkapi.me","sort_order":0,"url":"https://billdemirkapi.me"}],"media":[],"id":54112,"title":"Independent Security Researcher"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:34:02Z","links":[],"end":"2024-08-10T23:45:00.000-0000","id":54882,"tag_ids":[46166,46169,46419,46881],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54112}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-08T18:34:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Between 1850 and 1855, the London-based newspaper The Times published over 50 encrypted advertisements apparently intended for the same recipient. As we know today, the ads in that series were meant for the sea captain Richard Collinson, who at the time was on a mission in the Canadian Arctic trying to solve a captivating mystery: What happened to the lost John Franklin expedition? While Collinson never reached his goal, he established a secure worldwide communication system, which was unique for its time.\r\n\r\nBefore his departure, Collinson's family was taught how to encrypt brief reports about what was going on at home and to publish these messages as mysterious ads in “The Times” once a month. The cipher used was a modified version of a system based on a signal-book of the Royal Navy. As the circulation of The Times stretched far beyond the UK, Collinson would have the chance to get his hands on a copy even at the remotest of ports.\r\n\r\nOver a century later, the Collinson ads were finally broken in the 1990s. Over the last two years, the lecturers of this talk continued this work, with a goal of decrypting all of the ads and placing them in their appropriate geographic and cultural context.\r\n\r\n- Article in “Mental Floss” (this was written based on one of our earlier talks)\r\n - Ellen Gutoskey: How Victorian Explorers and Pining Lovers Used Coded Newspaper Ads to Communicate. Aug 10, 2022\r\n - [link](https://www.mentalfloss.com/posts/victorian-coded-messages-franklin-expedition)\r\n\r\n- 1992 Research paper in Cryptologia:\r\n - John Rabson: All are Well at Boldon a mid-Victorian Code System. Cryptologia 16(2): 127-135 (1992)\r\n\r\n- Book about encrypted newspaper advertisements:\r\n - Jean Palmer: The Agony Column Codes & Ciphers. New Generation Publishing, London 2006\r\n\r\n- Naval codebooks:\r\n - 10th edition (1847): [link](https://www.google.com/books/edition/A_Code_of_Signals_in_the_Merchant_Servic/J1APe67ngc8C)\r\n - 11th edition (1851): [link](https://books.google.de/books/about/The_universal_code_of_signals_for_the_me.html?id=jGEBAAAAQAAJ)\r\n - 12th edition (1854): [link](https://www.google.com/books/edition/The_universal_code_of_signals_for_the_me/jGEBAAAAQAAJ)\r\n\r\n- Collinson’s logbooks (by his brother):\r\n - Thomas Bernard Collinson: Cypher Notices in the ‘Times’. In: Journal of H.M.S. Enterprise, on the Expedition in Search of Sir John Franklin's Ships by Behring Strait. 1850-55. Sampson Low, Marston, Searle, & Rivington. London: 1889 [link](https://archive.org/details/cu31924083524409/page/2/mode/2up)\r\n\r\n- Article from the 1940s:\r\n - Richard J. Cyriax: The Collinson Cryptograms in \"The Times\". Notes and Queries 26 July, 1947: 322-323\r\n\n\n\n","media":[],"title":"Encrypted newspaper ads in the 19th century - The world's first worldwide secure communication system","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T23:45:00Z","end_timestamp":{"seconds":1723333500,"nanoseconds":0},"android_description":"Between 1850 and 1855, the London-based newspaper The Times published over 50 encrypted advertisements apparently intended for the same recipient. As we know today, the ads in that series were meant for the sea captain Richard Collinson, who at the time was on a mission in the Canadian Arctic trying to solve a captivating mystery: What happened to the lost John Franklin expedition? While Collinson never reached his goal, he established a secure worldwide communication system, which was unique for its time.\r\n\r\nBefore his departure, Collinson's family was taught how to encrypt brief reports about what was going on at home and to publish these messages as mysterious ads in “The Times” once a month. The cipher used was a modified version of a system based on a signal-book of the Royal Navy. As the circulation of The Times stretched far beyond the UK, Collinson would have the chance to get his hands on a copy even at the remotest of ports.\r\n\r\nOver a century later, the Collinson ads were finally broken in the 1990s. Over the last two years, the lecturers of this talk continued this work, with a goal of decrypting all of the ads and placing them in their appropriate geographic and cultural context.\r\n\r\n- Article in “Mental Floss” (this was written based on one of our earlier talks)\r\n - Ellen Gutoskey: How Victorian Explorers and Pining Lovers Used Coded Newspaper Ads to Communicate. Aug 10, 2022\r\n - [link](https://www.mentalfloss.com/posts/victorian-coded-messages-franklin-expedition)\r\n\r\n- 1992 Research paper in Cryptologia:\r\n - John Rabson: All are Well at Boldon a mid-Victorian Code System. Cryptologia 16(2): 127-135 (1992)\r\n\r\n- Book about encrypted newspaper advertisements:\r\n - Jean Palmer: The Agony Column Codes & Ciphers. New Generation Publishing, London 2006\r\n\r\n- Naval codebooks:\r\n - 10th edition (1847): [link](https://www.google.com/books/edition/A_Code_of_Signals_in_the_Merchant_Servic/J1APe67ngc8C)\r\n - 11th edition (1851): [link](https://books.google.de/books/about/The_universal_code_of_signals_for_the_me.html?id=jGEBAAAAQAAJ)\r\n - 12th edition (1854): [link](https://www.google.com/books/edition/The_universal_code_of_signals_for_the_me/jGEBAAAAQAAJ)\r\n\r\n- Collinson’s logbooks (by his brother):\r\n - Thomas Bernard Collinson: Cypher Notices in the ‘Times’. In: Journal of H.M.S. Enterprise, on the Expedition in Search of Sir John Franklin's Ships by Behring Strait. 1850-55. Sampson Low, Marston, Searle, & Rivington. London: 1889 [link](https://archive.org/details/cu31924083524409/page/2/mode/2up)\r\n\r\n- Article from the 1940s:\r\n - Richard J. Cyriax: The Collinson Cryptograms in \"The Times\". Notes and Queries 26 July, 1947: 322-323","updated_timestamp":{"seconds":1720463664,"nanoseconds":0},"speakers":[{"content_ids":[54643,54508],"conference_id":133,"event_ids":[54881,55016],"name":"Elonka Dunin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Crypto Expert"}],"pronouns":"she/her","links":[{"description":"","title":"Facebook","sort_order":0,"url":"https://www.facebook.com/elonka"},{"description":"","title":"Twitter (@ElonkaDunin)","sort_order":0,"url":"https://twitter.com/ElonkaDunin"},{"description":"","title":"cipherbrain.net","sort_order":0,"url":"https://cipherbrain.net"},{"description":"","title":"codebreaking-guide.com","sort_order":0,"url":"https://codebreaking-guide.com"},{"description":"","title":"elonka.com","sort_order":0,"url":"https://elonka.com"}],"media":[],"id":54068,"title":"Crypto Expert"},{"content_ids":[54643,54508],"conference_id":133,"event_ids":[54881,55016],"name":"Klaus Schmeh","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Eviden","title":"Crypto Expert"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@KlausSchmeh)","sort_order":0,"url":"https://twitter.com/KlausSchmeh"}],"media":[],"id":54194,"title":"Crypto Expert at Eviden"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:34:24Z","links":[],"end":"2024-08-10T23:45:00.000-0000","id":54881,"tag_ids":[46166,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54068},{"tag_id":46167,"sort_order":2,"person_id":54194}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-08T18:34:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Presented by Jake Jepson and Rik Chatterjee, two Systems Engineering Master's students at Colorado State University, this talk delves into the critical security implications within the trucking industry, particularly focusing on Electronic Logging Devices (ELDs). These devices, integral to compliance with Hours of Service regulations, present unique cyber-physical threats due to their networked nature and lack of standardized security protocols.\r\n\r\nThe presentation will walk through examining potential remote exploits via wireless ELD compromise, leading to cyber physical control payloads and even wormable scenarios. Key vulnerabilities identified include insecure defaults and poor security practices shown on a commercially available ELD. These vulnerabilities not only expose truck networks to potential unauthorized control but also highlight systemic issues in device certification and security oversight.\r\n\r\nThe talk will cover their journey from acquiring and reverse engineering ELDs, discovering their common architectures and weaknesses, to demonstrating proof of concept attacks that underline the urgent need for industry-wide security reforms. Notably, Jepson will discuss his first CVE, detailing the coordinated disclosure process and subsequent manufacturer response.\r\n\r\nThis session is semi-technical, ideal for cybersecurity professionals and amateurs alike, interested in vehicle network protocols, and embedded systems security. Prior knowledge of network protocols such as CAN and J1939, along with an understanding of firmware reverse engineering, will enhance the learning experience, but is not required. Tools and techniques used include network scanners, reverse engineering platforms like Ghidra, and various wireless communication methods.\r\n\r\nBy attending this presentation, participants will not only understand the specific security flaws affecting heavy vehicles but also appreciate the broader implications for embedded systems security in transportation. This talk is a call to action for improving security practices and regulatory standards in an increasingly interconnected world.\r\n\r\n1. Bureau of Transportation Statistics, United States Department of Transportation. \"National Transportation Statistics (NTS).\" Accessed December 19, 2023. [link](https://tinyurl.com/rosapntlbtsNTS). doi:10.21949/1503663\r\n2. “Economics and Industry Data.” American Trucking Associations. [Online]. Available: [link](https://www.trucking.org/economics-and-industry-data)\r\n3. Technology, Syrma Sgs. “Automotive ECU: The Core Component for Connected Cars.” Electronic Manufacturing Services - Syrma SGS Technology, 15 July 2021, [link](https://www.syrma.com/ecu). Picture: “M156 ECU Upgrade.” DYNE Performance, [link](https://dyneperformance.com.au/product/m156-ecu-upgrade/?currency=AUD). Accessed 22 Apr. 2022.\r\n4. “J1939-13.” SAE International.\r\n5. “Moving Ahead for Progress in the 21st Century Act (MAP-21).” U.S. Department of Transportation. [Online]. Available: Moving Ahead for Progress in the 21st Century Act (MAP-21)\r\n6. “ELD List.” FMCSA. [Online]. Available: [link](https://eld.fmcsa.dot.gov/List)\r\n7. [link](https://us.amazon.com/EZ-ELD-Solution-Electronic-Logging-Device/dp/B071FN5RKN)\r\n8. [link](https://www.overdriveonline.com/electronic-logging-devices/article/14888881/rule-to-require-speed-limiters-could-come-this-week-e-log-rule-expected-soon-too)\r\n9. [link](https://www.garmin.com/en-US/p/592207)\r\n10. [link](https://fccid.io/2ALBDPT30)\r\n\n\n\n","media":[],"title":"Compromising an Electronic Logging Device and Creating a Truck2Truck Worm","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T23:20:00Z","end_timestamp":{"seconds":1723332000,"nanoseconds":0},"android_description":"Presented by Jake Jepson and Rik Chatterjee, two Systems Engineering Master's students at Colorado State University, this talk delves into the critical security implications within the trucking industry, particularly focusing on Electronic Logging Devices (ELDs). These devices, integral to compliance with Hours of Service regulations, present unique cyber-physical threats due to their networked nature and lack of standardized security protocols.\r\n\r\nThe presentation will walk through examining potential remote exploits via wireless ELD compromise, leading to cyber physical control payloads and even wormable scenarios. Key vulnerabilities identified include insecure defaults and poor security practices shown on a commercially available ELD. These vulnerabilities not only expose truck networks to potential unauthorized control but also highlight systemic issues in device certification and security oversight.\r\n\r\nThe talk will cover their journey from acquiring and reverse engineering ELDs, discovering their common architectures and weaknesses, to demonstrating proof of concept attacks that underline the urgent need for industry-wide security reforms. Notably, Jepson will discuss his first CVE, detailing the coordinated disclosure process and subsequent manufacturer response.\r\n\r\nThis session is semi-technical, ideal for cybersecurity professionals and amateurs alike, interested in vehicle network protocols, and embedded systems security. Prior knowledge of network protocols such as CAN and J1939, along with an understanding of firmware reverse engineering, will enhance the learning experience, but is not required. Tools and techniques used include network scanners, reverse engineering platforms like Ghidra, and various wireless communication methods.\r\n\r\nBy attending this presentation, participants will not only understand the specific security flaws affecting heavy vehicles but also appreciate the broader implications for embedded systems security in transportation. This talk is a call to action for improving security practices and regulatory standards in an increasingly interconnected world.\r\n\r\n1. Bureau of Transportation Statistics, United States Department of Transportation. \"National Transportation Statistics (NTS).\" Accessed December 19, 2023. [link](https://tinyurl.com/rosapntlbtsNTS). doi:10.21949/1503663\r\n2. “Economics and Industry Data.” American Trucking Associations. [Online]. Available: [link](https://www.trucking.org/economics-and-industry-data)\r\n3. Technology, Syrma Sgs. “Automotive ECU: The Core Component for Connected Cars.” Electronic Manufacturing Services - Syrma SGS Technology, 15 July 2021, [link](https://www.syrma.com/ecu). Picture: “M156 ECU Upgrade.” DYNE Performance, [link](https://dyneperformance.com.au/product/m156-ecu-upgrade/?currency=AUD). Accessed 22 Apr. 2022.\r\n4. “J1939-13.” SAE International.\r\n5. “Moving Ahead for Progress in the 21st Century Act (MAP-21).” U.S. Department of Transportation. [Online]. Available: Moving Ahead for Progress in the 21st Century Act (MAP-21)\r\n6. “ELD List.” FMCSA. [Online]. Available: [link](https://eld.fmcsa.dot.gov/List)\r\n7. [link](https://us.amazon.com/EZ-ELD-Solution-Electronic-Logging-Device/dp/B071FN5RKN)\r\n8. [link](https://www.overdriveonline.com/electronic-logging-devices/article/14888881/rule-to-require-speed-limiters-could-come-this-week-e-log-rule-expected-soon-too)\r\n9. [link](https://www.garmin.com/en-US/p/592207)\r\n10. [link](https://fccid.io/2ALBDPT30)","updated_timestamp":{"seconds":1720464662,"nanoseconds":0},"speakers":[{"content_ids":[54507],"conference_id":133,"event_ids":[54880],"name":"Rik Chatterjee","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Colorado State University","title":"Graduate Research Assistant, Department of Systems Engineering"}],"links":[],"pronouns":null,"media":[],"id":54064,"title":"Graduate Research Assistant, Department of Systems Engineering at Colorado State University"},{"content_ids":[54507],"conference_id":133,"event_ids":[54880],"name":"Jake Jepson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Colorado State University","title":"Graduate Research Assistant, Department of Systems Engineering"}],"links":[],"pronouns":"he/him","media":[],"id":54188,"title":"Graduate Research Assistant, Department of Systems Engineering at Colorado State University"}],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:51:02Z","links":[],"end":"2024-08-10T23:20:00.000-0000","id":54880,"tag_ids":[46166,46169,46419,46437,46878],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":2,"person_id":54188},{"tag_id":46167,"sort_order":4,"person_id":54064}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-07-08T18:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In-person contest\r\nFriday: 10:00 to 15:00, Qualifications \r\nContest Area\r\nSaturday: 16:00 - 19:00\r\nContest Stage\r\n\r\nWhat happens when you take an ACM style programming contest, smash it head long into a drinking game, throw in a mix of our most distracting helpers, then shove the resulting chaos incarnate onto a stage? You get the contest known as Crash and Compile.\r\n\r\nTeams are given programming challenges and have to solve them with code. If your code fails to compile? Take a drink. Segfault? Take a drink. Did your code fail to produce the correct answer when you ran it? Take a drink. We set you against the clock and the other teams. And because our \"Team Distraction\" think watching people simply code is boring, they have taken it upon themselves to be creative in hindering you from programming, much to the enjoyment of the audience. At the end of the night, one team will have proven their ability, and walk away with the coveted Crash and Compile trophy.\r\n\r\nCrash and Compile is looking for the top programmers to test their skills in our contest. Do you have the problem solving and programming ability to complete our challenges? More importantly can you do so with style that sets your team ahead of the others? We encourage you to try your hand at the Crash and Compile qualifiers. Gather your team and see if you have the coding chops to secure your place as one of the top teams to move on to the main contest event.\r\n\r\nQualifications for Crash and Compile will take place 10:00 to 15:00. Come see us in contest area West Hall 4, or if you are excited to get started, qualifying can be completed from anywhere, as it takes place online at https://crashandcompile.org. You need a two hour block of time to complete the qualifying round. Points are awarded based on time to complete and problem difficulty.\n\n\n","media":[],"title":"Crash and Compile","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T02:00:00Z","end_timestamp":{"seconds":1723341600,"nanoseconds":0},"android_description":"In-person contest\r\nFriday: 10:00 to 15:00, Qualifications \r\nContest Area\r\nSaturday: 16:00 - 19:00\r\nContest Stage\r\n\r\nWhat happens when you take an ACM style programming contest, smash it head long into a drinking game, throw in a mix of our most distracting helpers, then shove the resulting chaos incarnate onto a stage? You get the contest known as Crash and Compile.\r\n\r\nTeams are given programming challenges and have to solve them with code. If your code fails to compile? Take a drink. Segfault? Take a drink. Did your code fail to produce the correct answer when you ran it? Take a drink. We set you against the clock and the other teams. And because our \"Team Distraction\" think watching people simply code is boring, they have taken it upon themselves to be creative in hindering you from programming, much to the enjoyment of the audience. At the end of the night, one team will have proven their ability, and walk away with the coveted Crash and Compile trophy.\r\n\r\nCrash and Compile is looking for the top programmers to test their skills in our contest. Do you have the problem solving and programming ability to complete our challenges? More importantly can you do so with style that sets your team ahead of the others? We encourage you to try your hand at the Crash and Compile qualifiers. Gather your team and see if you have the coding chops to secure your place as one of the top teams to move on to the main contest event.\r\n\r\nQualifications for Crash and Compile will take place 10:00 to 15:00. Come see us in contest area West Hall 4, or if you are excited to get started, qualifying can be completed from anywhere, as it takes place online at https://crashandcompile.org. You need a two hour block of time to complete the qualifying round. Points are awarded based on time to complete and problem difficulty.","updated_timestamp":{"seconds":1719554822,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T06:07:02Z","links":[{"label":"Website","type":"link","url":"https://crashandcompile.org"}],"end":"2024-08-11T02:00:00.000-0000","id":54613,"tag_ids":[46427,46439,46494],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46334,"name":"LVCC - L1 - North Lobby Contests/ACK Stage","hotel":"","short_name":"North Lobby Contests/ACK Stage","id":46332},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-06-28T06:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come by this informal mixer to meet others in the lgbtqia+ community who are a part of this wonderful world that is InfoSec. This is a safe and inclusive space to meet and talk to others with your shared experience and is a nice environment to network and unwind with a drink.\n\n\n","media":[{"hash_sha256":"2656c5ebc25f87c2aace541797f643642da570a63fff5f24da518c3d6d472944","filetype":"image/png","hash_md5":"ed87e0dc24f65f5259a7bdff54921872","name":"pme_queercon-mixer.png","is_logo":"Y","hash_crc32c":"f9440803","filesize":140037,"asset_id":682,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_queercon-mixer.png"}],"title":"QueerCon Mixer","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Come by this informal mixer to meet others in the lgbtqia+ community who are a part of this wonderful world that is InfoSec. This is a safe and inclusive space to meet and talk to others with your shared experience and is a nice environment to network and unwind with a drink.","updated_timestamp":{"seconds":1718813154,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T23:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T16:05:54Z","links":[{"label":"Twitter (@queercon)","type":"link","url":"https://twitter.com/queercon"},{"label":"Discord","type":"link","url":"https://queercon.lgbt/discord"},{"label":"Website","type":"link","url":"https://queercon.org"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249580"}],"end":"2024-08-11T01:00:00.000-0000","id":54518,"tag_ids":[46364],"village_id":null,"begin_timestamp":{"seconds":1723330800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W231-W233 (Chillout 2)","hotel":"","short_name":"W231-W233 (Chillout 2)","id":46316},"spans_timebands":"N","begin":"2024-08-10T23:00:00.000-0000","updated":"2024-06-19T16:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"While the world buzzes about AI-augmented reverse engineering, what about turning the tables and reverse engineering AI itself? As artificial intelligence systems grow increasingly complex and pervasive, decoding their inner workings has become not just a fun challenge, but a critical necessity. This talk introduces the emerging field of mechanistic interpretability to the reverse engineering community, revealing how the frontier of AI research is reinventing wheels long familiar to RE experts. We'll explore how traditional reverse engineering techniques are finding new life in dissecting neural networks, and why the RE community's hard-earned wisdom is more relevant than ever in the age of AI.\n\n\n","media":[],"title":"A Reverse Engineer's Guide to AI Interpretability","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"While the world buzzes about AI-augmented reverse engineering, what about turning the tables and reverse engineering AI itself? As artificial intelligence systems grow increasingly complex and pervasive, decoding their inner workings has become not just a fun challenge, but a critical necessity. This talk introduces the emerging field of mechanistic interpretability to the reverse engineering community, revealing how the frontier of AI research is reinventing wheels long familiar to RE experts. We'll explore how traditional reverse engineering techniques are finding new life in dissecting neural networks, and why the RE community's hard-earned wisdom is more relevant than ever in the age of AI.","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[56139],"conference_id":133,"event_ids":[56782],"name":"Dr. Andrew Fasano","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MIT Lincoln Laboratory","title":"Cyber System Assessments"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/fasano/"},{"description":"","title":"Mastodon (@andrewfasano@mastodon.social)","sort_order":0,"url":"https://mastodon.social/@andrewfasano"},{"description":"","title":"Nation.State.Actor Blog","sort_order":0,"url":"https://nation.state.actor"},{"description":"","title":"Website","sort_order":0,"url":"https://andrewfasano.com"}],"media":[],"id":56530,"title":"Cyber System Assessments at MIT Lincoln Laboratory"}],"begin_tsz":"2024-08-10T22:45:00Z","timeband_id":1148,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":56782,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723329900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56530}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-10T22:45:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Gather with members of the Women in Security and Privacy community for a group picture.\n\n\n","media":[],"title":"WISP Group Photo","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Gather with members of the Women in Security and Privacy community for a group picture.","updated_timestamp":{"seconds":1722207035,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T22:45:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T22:50:35Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":55903,"tag_ids":[46410,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723329900,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-04","hotel":"","short_name":"HW3-05-04","id":46266},"spans_timebands":"N","begin":"2024-08-10T22:45:00.000-0000","updated":"2024-07-28T22:50:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We are living through a time period where not only are wars being fought, on land, sea, air, and cyber, but we have all been drafted into a misinformation, disinformation, and malinformation war that many of us were not given the proper tools or training for. The times we exist in are unprecedented, and the more that people primarily consume their information online, the more susceptible we all are to becoming influenced by operations that are coming foreign adversaries as a means of not only spreading misinformation, disinformation, and malformation, but as means of dividing and polarizing our nation. How can we resist that? What can we look for? Is there a framework the average voter can use? Join us for this fireside chat to learn more and equip yourself for the upcoming election.\n\n\n","media":[],"title":"Cognative Weather Report","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"We are living through a time period where not only are wars being fought, on land, sea, air, and cyber, but we have all been drafted into a misinformation, disinformation, and malinformation war that many of us were not given the proper tools or training for. The times we exist in are unprecedented, and the more that people primarily consume their information online, the more susceptible we all are to becoming influenced by operations that are coming foreign adversaries as a means of not only spreading misinformation, disinformation, and malformation, but as means of dividing and polarizing our nation. How can we resist that? What can we look for? Is there a framework the average voter can use? Join us for this fireside chat to learn more and equip yourself for the upcoming election.","updated_timestamp":{"seconds":1723183539,"nanoseconds":0},"speakers":[{"content_ids":[56200,56182,56192],"conference_id":133,"event_ids":[56836,56846,56854],"name":"Catherine Terranova","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/catherine-terranova-8b209826a"},{"description":"","title":"Twitter (@catlovesvoting)","sort_order":0,"url":"https://twitter.com/catlovesvoting"},{"description":"","title":"Website","sort_order":0,"url":"https://votingvillage.org"}],"media":[],"id":56563},{"content_ids":[56199,56200],"conference_id":133,"event_ids":[56853,56854],"name":"Constantine Nicolaidis","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56564}],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T06:05:39Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":56854,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56564},{"tag_id":46167,"sort_order":4,"person_id":56563}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Nuestra presentación se centra en cómo ganar observabilidad y transparencia a nivel de firmware en dispositivos que se encuentran el perímetro de la red. De esta forma, toca el tema central de DEF CON 32: Arreglar lo que esta roto en internet. Contaremos todo lo que aprendimos haciendo ingenieria inversa del firmware de los routers Draytek, cómo descubrimos vulnerabilidades que permiten ganar persistencia, y cómo aprovechamos esto para detectar posibles ataques de terceros sobre estos dispositivos. Mostraremos nuestro proceso y compartiremos nuestras herramientas para empoderar a los asistentes que deseen analizar estos routers, buscar nuevas vulnerabilidades, hardenearlos o incluso hacer mods que implementen nuevas funcionalidades.\n\n\n","media":[],"title":"Haciendo visible lo invisible: Observabilidad y transparencia en routers Draytek","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"Nuestra presentación se centra en cómo ganar observabilidad y transparencia a nivel de firmware en dispositivos que se encuentran el perímetro de la red. De esta forma, toca el tema central de DEF CON 32: Arreglar lo que esta roto en internet. Contaremos todo lo que aprendimos haciendo ingenieria inversa del firmware de los routers Draytek, cómo descubrimos vulnerabilidades que permiten ganar persistencia, y cómo aprovechamos esto para detectar posibles ataques de terceros sobre estos dispositivos. Mostraremos nuestro proceso y compartiremos nuestras herramientas para empoderar a los asistentes que deseen analizar estos routers, buscar nuevas vulnerabilidades, hardenearlos o incluso hacer mods que implementen nuevas funcionalidades.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[54642,55974],"conference_id":133,"event_ids":[56590,55015],"name":"Octavio Gianatiempo","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Faraday","title":"Security Researcher"},{"organization":"University of Buenos Aires","title":"Student, Computer Science"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/octavio-gianatiempo"},{"description":"","title":"Twitter (@ogianatiempo)","sort_order":0,"url":"https://twitter.com/ogianatiempo"}],"media":[],"id":54238,"title":"Student, Computer Science at University of Buenos Aires"},{"content_ids":[54642,55974],"conference_id":133,"event_ids":[56590,55015],"name":"Gastón Aznarez","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Faraday","title":"Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/gastonaznarez"},{"description":"","title":"Twitter (@gastonaznarez)","sort_order":0,"url":"https://twitter.com/gastonaznarez"}],"media":[],"id":54239,"title":"Security Researcher at Faraday"}],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":56590,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54239},{"tag_id":46167,"sort_order":6,"person_id":54238}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Given access to the start time, duration, method of encoding, and an all-powerful quantum receiver, could you perform the \"simple\" task of detecting whether two or more parties were attempting to communicate? Covert communication, or low probability of detection, demonstrates that it is possible to hide signals within noise so effectively that even an all-powerful quantum adversary would have a vanishing probability of detecting the signal’s presence. In this talk, I'll provide a high-level overview of covert communication and its extension to the quantum regime. I'll discuss the theoretical underpinnings of covert quantum communication, and how we can practically implement such a system. Finally, I'll discuss the ethical considerations of this work and why we should care about it.\n\n\n","media":[],"title":"Covert Quantum Communication","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"Given access to the start time, duration, method of encoding, and an all-powerful quantum receiver, could you perform the \"simple\" task of detecting whether two or more parties were attempting to communicate? Covert communication, or low probability of detection, demonstrates that it is possible to hide signals within noise so effectively that even an all-powerful quantum adversary would have a vanishing probability of detecting the signal’s presence. In this talk, I'll provide a high-level overview of covert communication and its extension to the quantum regime. I'll discuss the theoretical underpinnings of covert quantum communication, and how we can practically implement such a system. Finally, I'll discuss the ethical considerations of this work and why we should care about it.","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[{"content_ids":[55854],"conference_id":133,"event_ids":[56441],"name":"Evan Anderson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56217}],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":56441,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56217}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Physical Red Teams are the most dynamic, exciting, and fast paced engagements we can perform. It requires good decision making under pressure and intimate knowledge of a vast landscape of physical security mechanisms. This talk equips you with the knowledge of over a dozen techniques I use on engagements, delivering the most effective lessons from both lab work and field work. In one action packed hour we'll cover top bypasses for padlocks, doors, RFID systems and more.\n\n\n","media":[],"title":"Intermediate Physical Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"Physical Red Teams are the most dynamic, exciting, and fast paced engagements we can perform. It requires good decision making under pressure and intimate knowledge of a vast landscape of physical security mechanisms. This talk equips you with the knowledge of over a dozen techniques I use on engagements, delivering the most effective lessons from both lab work and field work. In one action packed hour we'll cover top bypasses for padlocks, doors, RFID systems and more.","updated_timestamp":{"seconds":1723044458,"nanoseconds":0},"speakers":[{"content_ids":[55801],"conference_id":133,"event_ids":[56350],"name":"Justin Wynn","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Coalfire","title":"Director of the Red Team"}],"links":[],"pronouns":null,"media":[],"id":56180,"title":"Director of the Red Team at Coalfire"}],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T15:27:38Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":56350,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56180}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-08-07T15:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"\"Synthetic Aperture Radar (SAR) is one of the most useful and interesting techniques in radar, providing high resolution radar satellite images from relatively small satellites. SAR is not limited by the time of day or by atmospheric conditions. It complements satellite photography and other remote sensing techniques, revealing activity on the Earth that would otherwise be hidden. How does the magic happen? This talk will explain the basics of SAR in an accessible and friendly way. That's the good news. \n\nThe bad news? SAR is controlled by ITAR, the International Traffic in Arms Regulations, and is listed in the USML, the United States Munitions List. ITAR regulates the export of defense articles and services and is administered by the US State Department. This includes both products and services as well as technical data. Such as, catalogs of high resolution radar imagery. \n\nRegulation of SAR chills commercial activity, creating costly and time-consuming burdens. But why does any of this matter to signals hackers? Because technology has overtaken the rules, and devices used by enthusiasts, researchers, students, and hackers are increasingly likely to have enough capability to fall into or near export-controlled categories. The penalties are harsh. Fear of running afoul of ITAR is enough to stop a promising open source project in its tracks.\n\nIs there a way forward? Yes. ITAR has a public domain carve out. Information that is published and that is generally accessible or available to the public is excluded from control as ITAR technical data. That's great in theory, but how can we increase our confidence that we are interpreting these rules correctly? How can we use and build upon these rules, so that our community can learn and practice modern radio techniques with reduced fear and risk? Can we contribute towards regulatory relief when it comes to SAR? We will describe the process, report on the progress, and enumerate the challenges and roadblocks.\"\n\n\n","media":[],"title":"Who's Afraid of Synthetic Aperture Radar?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:55:00Z","end_timestamp":{"seconds":1723330500,"nanoseconds":0},"android_description":"\"Synthetic Aperture Radar (SAR) is one of the most useful and interesting techniques in radar, providing high resolution radar satellite images from relatively small satellites. SAR is not limited by the time of day or by atmospheric conditions. It complements satellite photography and other remote sensing techniques, revealing activity on the Earth that would otherwise be hidden. How does the magic happen? This talk will explain the basics of SAR in an accessible and friendly way. That's the good news. \n\nThe bad news? SAR is controlled by ITAR, the International Traffic in Arms Regulations, and is listed in the USML, the United States Munitions List. ITAR regulates the export of defense articles and services and is administered by the US State Department. This includes both products and services as well as technical data. Such as, catalogs of high resolution radar imagery. \n\nRegulation of SAR chills commercial activity, creating costly and time-consuming burdens. But why does any of this matter to signals hackers? Because technology has overtaken the rules, and devices used by enthusiasts, researchers, students, and hackers are increasingly likely to have enough capability to fall into or near export-controlled categories. The penalties are harsh. Fear of running afoul of ITAR is enough to stop a promising open source project in its tracks.\n\nIs there a way forward? Yes. ITAR has a public domain carve out. Information that is published and that is generally accessible or available to the public is excluded from control as ITAR technical data. That's great in theory, but how can we increase our confidence that we are interpreting these rules correctly? How can we use and build upon these rules, so that our community can learn and practice modern radio techniques with reduced fear and risk? Can we contribute towards regulatory relief when it comes to SAR? We will describe the process, report on the progress, and enumerate the challenges and roadblocks.\"","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55459],"conference_id":133,"event_ids":[55884],"name":"Abraxas3d","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Open Research Institute","title":"Founder and CEO"},{"organization":"ARRL","title":"Technical Specialist and Technical Advisor"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@abraxas3d)","sort_order":0,"url":"https://twitter.com/abraxas3d"}],"media":[],"id":55998,"title":"Technical Specialist and Technical Advisor at ARRL"}],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-10T22:55:00.000-0000","id":55884,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55998}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come make a call in front of our soundproof booth. We provide everything, the target company, their phone number, and three objectives to gather (easy, medium, and hard). First come, first serve. \n\n\n","media":[],"title":"Cold Calls","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T00:30:00Z","end_timestamp":{"seconds":1723336200,"nanoseconds":0},"android_description":"Come make a call in front of our soundproof booth. We provide everything, the target company, their phone number, and three objectives to gather (easy, medium, and hard). First come, first serve.","updated_timestamp":{"seconds":1722103160,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T17:59:20Z","links":[{"label":"More Info","type":"link","url":"https://www.se.community/cold-calls/"}],"end":"2024-08-11T00:30:00.000-0000","id":55839,"tag_ids":[46393,46641],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-07-27T17:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Building Zero Trust in ICS","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:55:00Z","end_timestamp":{"seconds":1723330500,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1721781797,"nanoseconds":0},"speakers":[{"content_ids":[55356],"conference_id":133,"event_ids":[55748],"name":"Sting","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55968}],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T00:43:17Z","links":[],"end":"2024-08-10T22:55:00.000-0000","id":55748,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55968}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-07-24T00:43:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"D0N0H4RM: Cyber STEM Storytime","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1721676679,"nanoseconds":0},"speakers":[{"content_ids":[54533,55322,56132],"conference_id":133,"event_ids":[55714,56775,54906],"name":"Andrew Carney","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DARPA AI Cyber Challenge (AIxCC)","title":"Program Manager"},{"organization":"Advanced Research Projects Agency for Health (ARPA-H)","title":"Program Manager"}],"pronouns":null,"links":[{"description":"","title":"ARPA-H Profile","sort_order":0,"url":"https://arpa-h.gov/about/people/andrew-carney"}],"media":[],"id":54106,"title":"Program Manager at Advanced Research Projects Agency for Health (ARPA-H)"},{"content_ids":[55322],"conference_id":133,"event_ids":[55714],"name":"Nitin Natarajan","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cybersecurity and Infrastructure Security Agency (CISA)","title":"Deputy Director"}],"links":[],"pronouns":null,"media":[],"id":54227,"title":"Deputy Director at Cybersecurity and Infrastructure Security Agency (CISA)"},{"content_ids":[55322],"conference_id":133,"event_ids":[55714],"name":"Christian Dameff, MD","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Emergency Physician"}],"links":[],"pronouns":null,"media":[],"id":54458,"title":"Emergency Physician"},{"content_ids":[55322],"conference_id":133,"event_ids":[55714],"name":"Matt Hazelett","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"FDA","title":"Program Director for the Cybersecurity Focal Point Program in the Office of Product Evaluation and Quality (OPEQ)"}],"links":[],"pronouns":null,"media":[],"id":55878,"title":"Program Director for the Cybersecurity Focal Point Program in the Office of Product Evaluation and Quality (OPEQ) at FDA"},{"content_ids":[55322],"conference_id":133,"event_ids":[55714],"name":"Erika Cheung","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Ethics in Entrepreneurship","title":"Executive Director"}],"links":[],"pronouns":null,"media":[],"id":56024,"title":"Executive Director at Ethics in Entrepreneurship"}],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-22T19:31:19Z","links":[],"end":"2024-08-10T23:30:00.000-0000","id":55714,"tag_ids":[46371,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54227},{"tag_id":46167,"sort_order":4,"person_id":54458},{"tag_id":46167,"sort_order":6,"person_id":54106},{"tag_id":46167,"sort_order":8,"person_id":55878},{"tag_id":46167,"sort_order":10,"person_id":56024}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-07-22T19:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Are you looking to install or upgrade a physical access control system? Having installed, repaired and upgraded dozens of large and small access control system installations, I have found that many vendors install a minimum viable product that can leave your new system unreliable and trivial to bypass.\r\n\r\nThis session will give you the tools and knowledge you need to work with your installer to implement your system using best practices in the following areas:\r\n\r\n- Wiring, supervision, encryption and tamper-resistance\r\n- Choosing clone-resistant badges and securely programming badge readers\r\n- Securing controller equipment and managing issued badges\r\n- Maintaining the system for maximum security and uptime\r\n\n\n\n","media":[],"title":"Access Control Done Right the First Time","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Are you looking to install or upgrade a physical access control system? Having installed, repaired and upgraded dozens of large and small access control system installations, I have found that many vendors install a minimum viable product that can leave your new system unreliable and trivial to bypass.\r\n\r\nThis session will give you the tools and knowledge you need to work with your installer to implement your system using best practices in the following areas:\r\n\r\n- Wiring, supervision, encryption and tamper-resistance\r\n- Choosing clone-resistant badges and securely programming badge readers\r\n- Securing controller equipment and managing issued badges\r\n- Maintaining the system for maximum security and uptime","updated_timestamp":{"seconds":1720403318,"nanoseconds":0},"speakers":[{"content_ids":[54625,55797],"conference_id":133,"event_ids":[56346,54999],"name":"Tim Clevenger","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SailPoint","title":"Cybersecurity Network Engineer"}],"links":[],"pronouns":null,"media":[],"id":54335,"title":"Cybersecurity Network Engineer at SailPoint"}],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T01:48:38Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":54999,"tag_ids":[46387,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54335}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-07-08T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Electronic hotel locks have been in use for over three decades, and have become an integral part of the hospitality sector. Las Vegas has over 150.000 hotel rooms, many of which use an RFID based electronic lock for access control. Most hotel guests rely on these locks to safeguard personal belongings and to protect their personal safety. However, some of these long-deployed locks have never been publicly scrutinized by the research community.\r\n\r\nThis presentation covers the discovery of vulnerabilities affecting three million dormakaba Saflok locks. The Saflok system relied on a proprietary key derivation function for its MIFARE Classic cards and a proprietary encryption algorithm for the card contents. Reverse engineering the Saflok system allowed us to forge valid keycards. After reading a single, low privilege, guest card we are able to create a pair of forged key cards that allow us to deactivate the deadbolt and open any room at the property.\r\n\r\nWe reported these vulnerabilities to dormakaba in September of 2022, as part of this presentation we will discuss the responsible disclosure and mitigation processes. Additionally, we will demonstrate how you can determine if your own hotel room has been patched to help ensure your personal safety.\r\n\r\n1. My Arduino can beat up your hotel room lock - Onity locks - Cody Brocious - Blackhat 2012\r\n2. Ghost In The Locks: Owning Electronic Locks Without Leaving A Trace - Vingcard locks - Tomi Tuominen and Timo Hirvonen - HITBGSEC 2018\r\n\n\n\n","media":[],"title":"Unsaflok: Hacking millions of hotel locks","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T23:15:00Z","end_timestamp":{"seconds":1723331700,"nanoseconds":0},"android_description":"Electronic hotel locks have been in use for over three decades, and have become an integral part of the hospitality sector. Las Vegas has over 150.000 hotel rooms, many of which use an RFID based electronic lock for access control. Most hotel guests rely on these locks to safeguard personal belongings and to protect their personal safety. However, some of these long-deployed locks have never been publicly scrutinized by the research community.\r\n\r\nThis presentation covers the discovery of vulnerabilities affecting three million dormakaba Saflok locks. The Saflok system relied on a proprietary key derivation function for its MIFARE Classic cards and a proprietary encryption algorithm for the card contents. Reverse engineering the Saflok system allowed us to forge valid keycards. After reading a single, low privilege, guest card we are able to create a pair of forged key cards that allow us to deactivate the deadbolt and open any room at the property.\r\n\r\nWe reported these vulnerabilities to dormakaba in September of 2022, as part of this presentation we will discuss the responsible disclosure and mitigation processes. Additionally, we will demonstrate how you can determine if your own hotel room has been patched to help ensure your personal safety.\r\n\r\n1. My Arduino can beat up your hotel room lock - Onity locks - Cody Brocious - Blackhat 2012\r\n2. Ghost In The Locks: Owning Electronic Locks Without Leaving A Trace - Vingcard locks - Tomi Tuominen and Timo Hirvonen - HITBGSEC 2018","updated_timestamp":{"seconds":1720384329,"nanoseconds":0},"speakers":[{"content_ids":[54506],"conference_id":133,"event_ids":[54879],"name":"Lennert Wouters","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"KU Leuven University","title":"Security Researcher, Computer Security and Industrial Cryptography (COSIC)"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@LennertWo)","sort_order":0,"url":"https://twitter.com/LennertWo"}],"media":[],"id":54157,"title":"Security Researcher, Computer Security and Industrial Cryptography (COSIC) at KU Leuven University"},{"content_ids":[54506],"conference_id":133,"event_ids":[54879],"name":"Ian Carroll","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Seats.aero","title":"Founder"},{"organization":"","title":"Independent Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@iangcarroll)","sort_order":0,"url":"https://twitter.com/iangcarroll"},{"description":"","title":"seats.aero","sort_order":0,"url":"https://seats.aero"}],"media":[],"id":54178,"title":"Independent Security Researcher"}],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T20:32:09Z","links":[],"end":"2024-08-10T23:15:00.000-0000","id":54879,"tag_ids":[46166,46169,46419,46437,46880],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54157},{"tag_id":46167,"sort_order":2,"person_id":54178}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-07-07T20:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the current digital security ecosystem, where threats evolve rapidly and with complexity, companies developing Endpoint Detection and Response (EDR) solutions are in constant search for innovations that not only keep up but also anticipate emerging attack vectors. In this context, this article introduces the HookChain, a look from another perspective at widely known techniques, which when combined, provide an additional layer of sophisticated evasion against traditional EDR systems.\r\n\r\nThrough a precise combination of IAT Hooking techniques, dynamic SSN resolution, and indirect system calls, HookChain redirects the execution flow of Windows subsystems in a way that remains invisible to the vigilant eyes of EDRs that only act on Ntdll.dll, without requiring changes to the source code of the applications and malwares involved.\r\n\r\nThis work not only challenges current conventions in cybersecurity but also sheds light on a promising path for future protection strategies, leveraging the understanding that continuous evolution is key to the effectiveness of digital security. \r\n\r\nBy developing and exploring the HookChain technique, this study significantly contributes to the body of knowledge in endpoint security, stimulating the development of more robust and adaptive solutions that can effectively address the ever-changing dynamics of digital threats. This work aspires to inspire deep reflection and advancement in the research and development of security technologies that are always several steps ahead of adversaries.\n\n\n","media":[],"title":"HookChain: A new perspective for Bypassing EDR Solutions","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T23:15:00Z","end_timestamp":{"seconds":1723331700,"nanoseconds":0},"android_description":"In the current digital security ecosystem, where threats evolve rapidly and with complexity, companies developing Endpoint Detection and Response (EDR) solutions are in constant search for innovations that not only keep up but also anticipate emerging attack vectors. In this context, this article introduces the HookChain, a look from another perspective at widely known techniques, which when combined, provide an additional layer of sophisticated evasion against traditional EDR systems.\r\n\r\nThrough a precise combination of IAT Hooking techniques, dynamic SSN resolution, and indirect system calls, HookChain redirects the execution flow of Windows subsystems in a way that remains invisible to the vigilant eyes of EDRs that only act on Ntdll.dll, without requiring changes to the source code of the applications and malwares involved.\r\n\r\nThis work not only challenges current conventions in cybersecurity but also sheds light on a promising path for future protection strategies, leveraging the understanding that continuous evolution is key to the effectiveness of digital security. \r\n\r\nBy developing and exploring the HookChain technique, this study significantly contributes to the body of knowledge in endpoint security, stimulating the development of more robust and adaptive solutions that can effectively address the ever-changing dynamics of digital threats. This work aspires to inspire deep reflection and advancement in the research and development of security technologies that are always several steps ahead of adversaries.","updated_timestamp":{"seconds":1720378486,"nanoseconds":0},"speakers":[{"content_ids":[54505],"conference_id":133,"event_ids":[54878],"name":"Helvio Carvalho Junior","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Sec4US","title":"CEO"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/helviojunior/"},{"description":"","title":"sec4us.com.br/","sort_order":0,"url":"https://sec4us.com.br/"},{"description":"","title":"www.helviojunior.com.br/","sort_order":0,"url":"https://www.helviojunior.com.br/"}],"media":[],"id":54134,"title":"CEO at Sec4US"}],"begin_tsz":"2024-08-10T22:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T18:54:46Z","links":[],"end":"2024-08-10T23:15:00.000-0000","id":54878,"tag_ids":[46166,46169,46419,46437,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723329000,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54134}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-10T22:30:00.000-0000","updated":"2024-07-07T18:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Since the first car hit the road, manufacturers have been obsessed with safety. But hey, as AI wisely points out, determining the absolute 'safest' car can be as subjective as trying to decide on the best pizza topping! So, we decided to shift gears… into the world of car manufacturers' (application) security.\r\n\r\nIn this talk, get ready for a wild ride as we unveil the security findings from our research, affecting at least eleven major car manufacturers. Buckle up, folks, because your favorite brand might be on our list—along with your personal info!\r\n\r\nBring popcorn to watch some proof-of-concept videos.\r\n\r\nWith this talk we aim to demonstrate:\r\n\r\n* that modern Web Applications are still affected by old/traditional vulnerabilities,\r\n* how security issues can be chained together to build real attacks/demonstrate impact,\r\n* highlight a common pattern on running unpatched third-party software,\r\n* how organizations benefit from a responsible disclosure policy.\n\n\n","media":[],"title":"Speed Bumps and Speed Hacks: Adventures in Car Manufacturers Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:50:00Z","end_timestamp":{"seconds":1723330200,"nanoseconds":0},"android_description":"Since the first car hit the road, manufacturers have been obsessed with safety. But hey, as AI wisely points out, determining the absolute 'safest' car can be as subjective as trying to decide on the best pizza topping! So, we decided to shift gears… into the world of car manufacturers' (application) security.\r\n\r\nIn this talk, get ready for a wild ride as we unveil the security findings from our research, affecting at least eleven major car manufacturers. Buckle up, folks, because your favorite brand might be on our list—along with your personal info!\r\n\r\nBring popcorn to watch some proof-of-concept videos.\r\n\r\nWith this talk we aim to demonstrate:\r\n\r\n* that modern Web Applications are still affected by old/traditional vulnerabilities,\r\n* how security issues can be chained together to build real attacks/demonstrate impact,\r\n* highlight a common pattern on running unpatched third-party software,\r\n* how organizations benefit from a responsible disclosure policy.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55714],"conference_id":133,"event_ids":[56240],"name":"Paulo A. Silva","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56078},{"content_ids":[55714],"conference_id":133,"event_ids":[56240],"name":"David Sopas","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56110}],"begin_tsz":"2024-08-10T22:20:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T22:50:00.000-0000","id":56240,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723328400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56110},{"tag_id":46167,"sort_order":1,"person_id":56078}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T22:20:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Were you ever wondering why a vacuum robot or a smart air purifier needs multiple cameras and microphones? How secure are these devices? Can the devices be used to potentially spy on you?\n\nFor the past 5 years we have been presenting ways to hack and root vacuum robots at various events like the c3 or the DEFCON. In all these cases it covered vacuum robots by Roborock, Dreame, Xiaomi and some smaller companies. However, did we ever take a look at other vendors and maybe some new interesting device classes? In this talk we do exactly that, and will take a deep dive into Ecovacs robots! Ecovacs is the current market leader for smart home robots and recently expanded in other areas of home robotics.\n\nYou will be surprised how many worrisome things we found: broken crypto, missing TLS certificate verification, honor-system based ACLs, lots of RCEs, broken factory resets and unauthorized live camera access.\n\nWe will discuss our and other researchers experience with reporting bugs to the company and why one cannot trust third party certification agencies. In regard to trust, we will also address why you need to be careful with the choice of your spouse or flatmates.\n\nCome with us on a journey of having fun hacking interesting devices while exploring bad oversights, real problems and the ignorance of the manufacturer. Learn what ways there are to root these devices and to use them in a privacy-preserving way.\n\n\n\n","media":[],"title":"Reverse engineering and hacking Ecovacs robots","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Were you ever wondering why a vacuum robot or a smart air purifier needs multiple cameras and microphones? How secure are these devices? Can the devices be used to potentially spy on you?\n\nFor the past 5 years we have been presenting ways to hack and root vacuum robots at various events like the c3 or the DEFCON. In all these cases it covered vacuum robots by Roborock, Dreame, Xiaomi and some smaller companies. However, did we ever take a look at other vendors and maybe some new interesting device classes? In this talk we do exactly that, and will take a deep dive into Ecovacs robots! Ecovacs is the current market leader for smart home robots and recently expanded in other areas of home robotics.\n\nYou will be surprised how many worrisome things we found: broken crypto, missing TLS certificate verification, honor-system based ACLs, lots of RCEs, broken factory resets and unauthorized live camera access.\n\nWe will discuss our and other researchers experience with reporting bugs to the company and why one cannot trust third party certification agencies. In regard to trust, we will also address why you need to be careful with the choice of your spouse or flatmates.\n\nCome with us on a journey of having fun hacking interesting devices while exploring bad oversights, real problems and the ignorance of the manufacturer. Learn what ways there are to root these devices and to use them in a privacy-preserving way.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54624,54441],"conference_id":133,"event_ids":[54814,54998],"name":"Braelynn","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Leviathan Security Group","title":"Security Consultant"}],"links":[],"pronouns":null,"media":[],"id":54131,"title":"Security Consultant at Leviathan Security Group"},{"content_ids":[54624,54441,54471],"conference_id":133,"event_ids":[54814,54844,54998],"name":"Dennis Giese","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Twitter (@dgi_DE)","sort_order":0,"url":"https://twitter.com/dgi_DE"},{"description":"","title":"Website","sort_order":0,"url":"https://dontvacuum.me"}],"media":[],"id":54142}],"begin_tsz":"2024-08-10T22:15:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":54998,"tag_ids":[46169,46379,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723328100,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":54142},{"tag_id":46167,"sort_order":4,"person_id":54131}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T22:15:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The ethical and secure disclosure of vulnerabilities in AI has emerged as a pivotal challenge, compounded by the need to address biases and misinformation that often cloud the true nature of these vulnerabilities. This talk delves into the intricate dynamics of vulnerability disclosure within AI, balancing transparency with security. We'll dissect the unique challenges AI presents, such as data bias exploitation and model manipulation, which can amplify the impact of vulnerabilities. Through a lens of real-world examples and recent disclosures, we'll navigate the complexities of responsible vulnerability management in AI. Our discussion will not only aim to shed light on these critical issues but also inspire a unified approach to refining disclosure processes. This concerted effort is vital for enhancing the integrity of AI systems and bolstering public trust in their use.\n\n\n\n","media":[],"title":"I've got 99 problems but a prompt injection ain't pineapple","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"The ethical and secure disclosure of vulnerabilities in AI has emerged as a pivotal challenge, compounded by the need to address biases and misinformation that often cloud the true nature of these vulnerabilities. This talk delves into the intricate dynamics of vulnerability disclosure within AI, balancing transparency with security. We'll dissect the unique challenges AI presents, such as data bias exploitation and model manipulation, which can amplify the impact of vulnerabilities. Through a lens of real-world examples and recent disclosures, we'll navigate the complexities of responsible vulnerability management in AI. Our discussion will not only aim to shed light on these critical issues but also inspire a unified approach to refining disclosure processes. This concerted effort is vital for enhancing the integrity of AI systems and bolstering public trust in their use.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54623,55698,55989],"conference_id":133,"event_ids":[56611,56229,54997],"name":"Chloé Messdaghi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"HiddenLayer","title":"Head of Threat Intelligence"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@ChloeMessdaghi)","sort_order":0,"url":"https://twitter.com/ChloeMessdaghi"}],"media":[],"id":54278,"title":"Head of Threat Intelligence at HiddenLayer"},{"content_ids":[54623,55878,55698,55989],"conference_id":133,"event_ids":[56611,56229,56463,54997],"name":"Kasimir Schulz","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"HiddenLayer","title":"Principal Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@abraxus7331)","sort_order":0,"url":"https://twitter.com/abraxus7331"}],"media":[],"id":54282,"title":"Principal Security Researcher at HiddenLayer"}],"begin_tsz":"2024-08-10T22:15:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#ive-got-99-problems-but-a-prompt-injection"}],"end":"2024-08-10T23:00:00.000-0000","id":54997,"tag_ids":[46374,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723328100,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54278},{"tag_id":46167,"sort_order":4,"person_id":54282}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-10T22:15:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"How I Learned to Stop Worrying and Love the Ban","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:05:00Z","end_timestamp":{"seconds":1723331100,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722445839,"nanoseconds":0},"speakers":[{"content_ids":[55691],"conference_id":133,"event_ids":[56214],"name":"Manfred","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@_EBFE)","sort_order":0,"url":"https://x.com/_EBFE"}],"media":[],"id":56062}],"begin_tsz":"2024-08-10T22:05:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:10:39Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-10T23:05:00.000-0000","id":56214,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723327500,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56062}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-10T22:05:00.000-0000","updated":"2024-07-31T17:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Cybersecurity for Veterans: Bridging the Gap from Military to Civilian Careers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723225190,"nanoseconds":0},"speakers":[{"content_ids":[56214],"conference_id":133,"event_ids":[56868],"name":"Matt James","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56605}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T17:39:50Z","links":[],"end":"2024-08-10T22:45:00.000-0000","id":56868,"tag_ids":[46409,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56605}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W213-W214","hotel":"","short_name":"W213-W214","id":46286},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-08-09T17:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Find the reachable one! You’ve got 18x18 inch game board, 5 cards, 5 code weaknesses, and a 5-minute sand timer, ready, set, go! You'll have 5 minutes to place the cards in the correct order and find the true positive(s). The winner? Whoever finds the solution in the shortest amount of time!\n\n\n","media":[],"title":"Activity: Spot the Reachable by Backslash","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Find the reachable one! You’ve got 18x18 inch game board, 5 cards, 5 code weaknesses, and a 5-minute sand timer, ready, set, go! You'll have 5 minutes to place the cards in the correct order and find the true positive(s). The winner? Whoever finds the solution in the shortest amount of time!","updated_timestamp":{"seconds":1723007403,"nanoseconds":0},"speakers":[{"content_ids":[56164],"conference_id":133,"event_ids":[56808,56815,56816],"name":"Czesia Glik","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56548},{"content_ids":[56164],"conference_id":133,"event_ids":[56808,56815,56816],"name":"Yossi Pik","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Backslash Security","title":"CTO & Co-Founder"}],"links":[],"pronouns":null,"media":[],"id":56553,"title":"CTO & Co-Founder at Backslash Security"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T05:10:03Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":56815,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56548},{"tag_id":46167,"sort_order":4,"person_id":56553}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 1","hotel":"","short_name":"ASV Pod 1","id":46466},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-08-07T05:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this activity, participants will see an API Security presentation with examples and engage in a trivia game centered around the topic.\r\n\r\nLearn about the wide range of API vulnerabilities with real-world examples of data breaches and what it means to secure APIs through tests. And then it’s trivia time!\r\n\r\nParticipants will have to answer 10-15 questions on API Security based on their learnings. You will get swags for each answer you get right!\n\n\n","media":[],"title":"Activity: API Security 101: Testing and Trivia by Akto.io","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"In this activity, participants will see an API Security presentation with examples and engage in a trivia game centered around the topic.\r\n\r\nLearn about the wide range of API vulnerabilities with real-world examples of data breaches and what it means to secure APIs through tests. And then it’s trivia time!\r\n\r\nParticipants will have to answer 10-15 questions on API Security based on their learnings. You will get swags for each answer you get right!","updated_timestamp":{"seconds":1723007277,"nanoseconds":0},"speakers":[{"content_ids":[56161],"conference_id":133,"event_ids":[56805,56812],"name":"Ankita Gupta","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56546},{"content_ids":[56161],"conference_id":133,"event_ids":[56805,56812],"name":"Ankush Jain","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Akto","title":"Co-founder & CTO"}],"links":[],"pronouns":null,"media":[],"id":56547,"title":"Co-founder & CTO at Akto"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T05:07:57Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":56812,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56547},{"tag_id":46167,"sort_order":4,"person_id":56546}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 3","hotel":"","short_name":"ASV Pod 3","id":46468},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-08-07T05:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Contextualizing Open Source Software’s Importance to CISA's Mission","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:30:00Z","end_timestamp":{"seconds":1723329000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[55331,56138],"conference_id":133,"event_ids":[55730,56781],"name":"Aeva Black","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DHS Cyber Security and Infrastructure Security Agency","title":""}],"links":[],"pronouns":"they/them","media":[],"id":55918,"title":"DHS Cyber Security and Infrastructure Security Agency"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-10T22:30:00.000-0000","id":56781,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55918}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Este es un triple disco de vinilo. En el Lado A, abordaremos el panorama de los ransomwares, los famosos, por supuesto, y cómo los ransomware indies intentan competir con los ya consagrados. Al igual que en el lado B de un disco, se encuentran las canciones más oscuras y desconocidas que es poco probable que escuches por ahí, trataremos de los ransomwares que nunca han llegado al estrellato. Y por último, en LadoC, echaremos un vistazo a las amenazas emergentes y a las recomendaciones.\n\n\n","media":[],"title":"Ransomware B-Sides: Los ransoms que nunca triunfaron","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:30:00Z","end_timestamp":{"seconds":1723329000,"nanoseconds":0},"android_description":"Este es un triple disco de vinilo. En el Lado A, abordaremos el panorama de los ransomwares, los famosos, por supuesto, y cómo los ransomware indies intentan competir con los ya consagrados. Al igual que en el lado B de un disco, se encuentran las canciones más oscuras y desconocidas que es poco probable que escuches por ahí, trataremos de los ransomwares que nunca han llegado al estrellato. Y por último, en LadoC, echaremos un vistazo a las amenazas emergentes y a las recomendaciones.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[54559,55973,55976],"conference_id":133,"event_ids":[56589,56592,54934],"name":"Mauro Eldritch","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Birmingham Cyber Arms LTD","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/mauroeldritch/"},{"description":"","title":"Twitter (@MauroEldritch)","sort_order":0,"url":"https://twitter.com/MauroEldritch"},{"description":"","title":"Website","sort_order":0,"url":"https://www.birminghamcyberarms.co.uk/"}],"media":[],"id":54249,"title":"Founder at Birmingham Cyber Arms LTD"},{"content_ids":[54559,55973],"conference_id":133,"event_ids":[56589,54934],"name":"Cybelle Oliveira ","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"CTI Malwarelandia","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/cybelleoliveira/"},{"description":"","title":"Twitter (@cyb3113)","sort_order":0,"url":"https://twitter.com/cyb3113"}],"media":[],"id":54350,"title":"CTI Malwarelandia"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-10T22:30:00.000-0000","id":56589,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54249},{"tag_id":46167,"sort_order":4,"person_id":54350}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This panel will explore the critical challenges and opportunities in developing a robust workforce for AI and machine learning (ML) security. As AI systems become increasingly prevalent across industries, the need for skilled professionals who can safeguard these technologies against adversarial attacks and vulnerabilities has never been greater.\n\nA key focus of the discussion will be addressing the significant shortage of practitioners with hands-on experience in securing ML models deployed in real-world adversarial environments. Panelists will examine how this lack of battle-tested expertise impacts the industry’s ability to defend against sophisticated attacks and discuss strategies for cultivating this essential skill set.\n\n\n","media":[],"title":"Bridging the Experience Gap in Machine Learning Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"This panel will explore the critical challenges and opportunities in developing a robust workforce for AI and machine learning (ML) security. As AI systems become increasingly prevalent across industries, the need for skilled professionals who can safeguard these technologies against adversarial attacks and vulnerabilities has never been greater.\n\nA key focus of the discussion will be addressing the significant shortage of practitioners with hands-on experience in securing ML models deployed in real-world adversarial environments. Panelists will examine how this lack of battle-tested expertise impacts the industry’s ability to defend against sophisticated attacks and discuss strategies for cultivating this essential skill set.","updated_timestamp":{"seconds":1722625241,"nanoseconds":0},"speakers":[{"content_ids":[55335,55885],"conference_id":133,"event_ids":[55726,56470],"name":"Christine Lai","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DHS Cyber Security and Infrastructure Security Agency","title":"Cybersecurity Research Specialist"}],"links":[],"pronouns":null,"media":[],"id":55923,"title":"Cybersecurity Research Specialist at DHS Cyber Security and Infrastructure Security Agency"},{"content_ids":[55885],"conference_id":133,"event_ids":[56470],"name":"Kellee Wicker (Moderator)","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"The Wilson Center","title":""}],"links":[],"pronouns":null,"media":[],"id":56252,"title":"The Wilson Center"},{"content_ids":[55885],"conference_id":133,"event_ids":[56470],"name":"David Lo","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SMU","title":""}],"links":[],"pronouns":null,"media":[],"id":56253,"title":"SMU"},{"content_ids":[55885],"conference_id":133,"event_ids":[56470],"name":"Austin Carson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Seed AI","title":""}],"links":[],"pronouns":null,"media":[],"id":56254,"title":"Seed AI"},{"content_ids":[55885],"conference_id":133,"event_ids":[56470],"name":"Nick Landers","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Dreadnode","title":""}],"links":[],"pronouns":null,"media":[],"id":56255,"title":"Dreadnode"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T19:00:41Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56470,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56252},{"tag_id":46167,"sort_order":4,"person_id":55923},{"tag_id":46167,"sort_order":6,"person_id":56253},{"tag_id":46167,"sort_order":8,"person_id":56254},{"tag_id":46167,"sort_order":10,"person_id":56255}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-08-02T19:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This panel is a reprisal of the panel I've done for a couple years now. The first two years we were very successful- packed room, high audience engagement. I'm hoping to come back for a third year.\r\n\r\nThis is not written for public consumption. If you want a longer description that's audience-facing, let me know!\r\n\r\n*** Topic 1- SOCs vs IT infrastructure / Network Ops, the battle continues\r\n•\tStart off by giving some good war stories when we see these groups collide\r\n•\tThen tell some stories where they worked together in success\r\n•\tWhat is the intended design: efficiency, collaboration, oversight, secrecy? \r\n•\tWhat techniques makes these relationships successful?\r\n•\tOperational models\r\n•\tTicketing and tasking\r\n•\tPartnership and interfaces\r\n\r\n*** Topic 2- LLMs/ Generative AI in general\r\n•\tWhat are they actually being used for in practice so far\r\n•\tWhat do we see emerging from the market right now\r\n•\tWhat roles can we replace in the SOC / adjust staffing on\r\n•\tLet’s speculate on 3 years from now, what do we see showing actual value\r\n•\tWhat’s overhyped, so far\r\n•\tIs the SOC going away? (of course it isn’t– why not)\r\n•\tExpand scope… what ML techniques outside LLM do we see SOCs getting value out of? What’s not getting the attention that it should?\r\n•\tHow could we accomplish supervised learning (known / labelled sets) at enough scale? A community driven project might accomplish this.\r\n•\tUnsupervised learning approach - could we accomplish threat intelligence attribution where there’s no right answer, but some pretty good basis, and keep refactoring on old campaigns until we have a pretty reasonable approximation? Which leads us to threat intel…\r\n\r\n*** Topic 3- Threat Intel\r\n•\tEveryone’s got feelings about this one, what do we mean by threat intel beyond simple IOC matching?\r\n•\tHow much refinement is needed in threat intel reporting?\r\n•\tHow are folks separating (and handling) Tactical vs Strategic threat intel?\r\n•\tWho are SOCs getting the most traction with by sharing? Execs? Constituents? Other SOCs?\r\n•\tWork products:\r\n•\tExecutive facing reporting? (are execs understanding/getting the value out of these reports?)\r\n•\tIT briefings? \r\n•\tThreat intel production / extraction from investigations?\r\n•\tAttribution?\r\n\r\n*** Topic 4- Live audience participation\r\n•\tLet’s do some live polls of the audience– this worked well last time, let’s expand on that\r\n•\tTopics we’re considering:\r\n•\tStaffing models\r\n•\tCurrent hiring trends\r\n•\tCurrent detection efforts\r\n\r\n*** Topic 5- Cyber risk quantification\r\n•\tWhat do we mean by CRQ?\r\n•\tWhen incidents happen, what CRQ measurement methods actually work?\r\n•\tHow are folks using CRQ to drive improvements in defensive controls and/or other risk-related initiatives?\r\n•\tWhat is more speculative, low value, hard, or otherwise should the audience stay away from?\n\n\nCome hear 5 SOC veterans discuss some of the most challenging topics in security operations today. Carson Zimmerman is joined by SOC veterans Chris Crowley, Eric Lippart, Enoch Long, and Russ McRee. With a total of over a century of SOC experience, we cut the buzzword bingo and get real. This year, we’ll be discussing topics like: resolving conflict with network and IT ops, what value are people really getting out of LLMs, how to get value with threat intel beyond IOC matching, and more! We will be doing live, real-time polling of the audience. We will also take your spicy questions!","media":[],"title":"Hot SOC Topics for 2024: Feel the Spice!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"This panel is a reprisal of the panel I've done for a couple years now. The first two years we were very successful- packed room, high audience engagement. I'm hoping to come back for a third year.\r\n\r\nThis is not written for public consumption. If you want a longer description that's audience-facing, let me know!\r\n\r\n*** Topic 1- SOCs vs IT infrastructure / Network Ops, the battle continues\r\n•\tStart off by giving some good war stories when we see these groups collide\r\n•\tThen tell some stories where they worked together in success\r\n•\tWhat is the intended design: efficiency, collaboration, oversight, secrecy? \r\n•\tWhat techniques makes these relationships successful?\r\n•\tOperational models\r\n•\tTicketing and tasking\r\n•\tPartnership and interfaces\r\n\r\n*** Topic 2- LLMs/ Generative AI in general\r\n•\tWhat are they actually being used for in practice so far\r\n•\tWhat do we see emerging from the market right now\r\n•\tWhat roles can we replace in the SOC / adjust staffing on\r\n•\tLet’s speculate on 3 years from now, what do we see showing actual value\r\n•\tWhat’s overhyped, so far\r\n•\tIs the SOC going away? (of course it isn’t– why not)\r\n•\tExpand scope… what ML techniques outside LLM do we see SOCs getting value out of? What’s not getting the attention that it should?\r\n•\tHow could we accomplish supervised learning (known / labelled sets) at enough scale? A community driven project might accomplish this.\r\n•\tUnsupervised learning approach - could we accomplish threat intelligence attribution where there’s no right answer, but some pretty good basis, and keep refactoring on old campaigns until we have a pretty reasonable approximation? Which leads us to threat intel…\r\n\r\n*** Topic 3- Threat Intel\r\n•\tEveryone’s got feelings about this one, what do we mean by threat intel beyond simple IOC matching?\r\n•\tHow much refinement is needed in threat intel reporting?\r\n•\tHow are folks separating (and handling) Tactical vs Strategic threat intel?\r\n•\tWho are SOCs getting the most traction with by sharing? Execs? Constituents? Other SOCs?\r\n•\tWork products:\r\n•\tExecutive facing reporting? (are execs understanding/getting the value out of these reports?)\r\n•\tIT briefings? \r\n•\tThreat intel production / extraction from investigations?\r\n•\tAttribution?\r\n\r\n*** Topic 4- Live audience participation\r\n•\tLet’s do some live polls of the audience– this worked well last time, let’s expand on that\r\n•\tTopics we’re considering:\r\n•\tStaffing models\r\n•\tCurrent hiring trends\r\n•\tCurrent detection efforts\r\n\r\n*** Topic 5- Cyber risk quantification\r\n•\tWhat do we mean by CRQ?\r\n•\tWhen incidents happen, what CRQ measurement methods actually work?\r\n•\tHow are folks using CRQ to drive improvements in defensive controls and/or other risk-related initiatives?\r\n•\tWhat is more speculative, low value, hard, or otherwise should the audience stay away from?\n\n\nCome hear 5 SOC veterans discuss some of the most challenging topics in security operations today. Carson Zimmerman is joined by SOC veterans Chris Crowley, Eric Lippart, Enoch Long, and Russ McRee. With a total of over a century of SOC experience, we cut the buzzword bingo and get real. This year, we’ll be discussing topics like: resolving conflict with network and IT ops, what value are people really getting out of LLMs, how to get value with threat intel beyond IOC matching, and more! We will be doing live, real-time polling of the audience. We will also take your spicy questions!","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55747],"conference_id":133,"event_ids":[56271],"name":"Carson Zimmerman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56171},{"content_ids":[55747],"conference_id":133,"event_ids":[56271],"name":"Russ McRee","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56591},{"content_ids":[55747],"conference_id":133,"event_ids":[56271],"name":"Enoch Long","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56594},{"content_ids":[55747],"conference_id":133,"event_ids":[56271],"name":"Eric Lippart","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56595}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56271,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56171},{"tag_id":46167,"sort_order":4,"person_id":56591},{"tag_id":46167,"sort_order":6,"person_id":56595},{"tag_id":46167,"sort_order":8,"person_id":56594}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Immerse yourself in a workshop where we guide participants in creating a covert trojan within code completion models. Learn to inject a backdoor discreetly, then explore detection techniques. Gain hands-on experience crafting and identifying hidden threats, unveiling the underbelly of trusted coding.\n\n\n","media":[],"title":"Injecting and Detecting Backdoors in Code Completion Models","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Immerse yourself in a workshop where we guide participants in creating a covert trojan within code completion models. Learn to inject a backdoor discreetly, then explore detection techniques. Gain hands-on experience crafting and identifying hidden threats, unveiling the underbelly of trusted coding.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55713,56163],"conference_id":133,"event_ids":[56807,56814,56239],"name":"Ori Ron","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56076},{"content_ids":[55713,56163],"conference_id":133,"event_ids":[56807,56814,56239],"name":"Tal Folkman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56087}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":56239,"tag_ids":[46370,46734],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56076},{"tag_id":46167,"sort_order":1,"person_id":56087}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Classroom","hotel":"","short_name":"ASV Classroom","id":46465},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Panel - Hacker stories and career Q and A: Stories and adventures from real life hacking engagements. Ask the panel about different career’s in cyber security and getting paid to be a hacker.\n\n\n","media":[],"title":"Real life hacking stories (that can’t be recorded!)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Panel - Hacker stories and career Q and A: Stories and adventures from real life hacking engagements. Ask the panel about different career’s in cyber security and getting paid to be a hacker.","updated_timestamp":{"seconds":1722361815,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T17:50:15Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56095,"tag_ids":[46398,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-30T17:50:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"\"Learn the basics of how cards are used for payments online, and the risks associated.\r\nWe’ll explore a number of attacks used by malicious actors against online payment systems and the ways to mitigate them\"\n\n\n","media":[],"title":"Online Payments - Attack and Defense","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"\"Learn the basics of how cards are used for payments online, and the risks associated.\r\nWe’ll explore a number of attacks used by malicious actors against online payment systems and the ways to mitigate them\"","updated_timestamp":{"seconds":1722356322,"nanoseconds":0},"speakers":[{"content_ids":[55569],"conference_id":133,"event_ids":[56084],"name":"Vincent Sloan","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GoFundMe","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/vincentsloan/"},{"description":"","title":"Website","sort_order":0,"url":"https://vincentsloan.com"}],"media":[],"id":56042,"title":"GoFundMe"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T16:18:42Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56084,"tag_ids":[46386,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56042}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-30T16:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"\"4G Frenzy: Delving into Advanced Telecom Security\" explores telecom network security with a focus on 4G. It covers the basics of 2G, 3G, and 4G, highlighting key differences and advancements. The workshop examines legacy telecom threats, vulnerabilities, and historical attacks, then delves into 4G's security improvements. Topics include protocols, RAN and core security, authentication, encryption, voice services, roaming, and Diameter protocol weaknesses. Includes hands-on demos of 4G weaknesses, prevention techniques, and open-source 4G network setup\n\n\n","media":[{"hash_sha256":"bb0c0d9f7f52d4708773c50f13ab99ea877c11eac6c33326315f91dfbec1dc80","filetype":"image/webp","hash_md5":"99e7418f9aef29bf25429d7fed59c7d3","name":"content_telecom_4gfrenzy.webp","is_logo":"Y","hash_crc32c":"b23e0fea","filesize":116184,"asset_id":823,"sort_order":1,"url":"https://info.defcon.org/blobs/content_telecom_4gfrenzy.webp"}],"title":"4G Frenzy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"\"4G Frenzy: Delving into Advanced Telecom Security\" explores telecom network security with a focus on 4G. It covers the basics of 2G, 3G, and 4G, highlighting key differences and advancements. The workshop examines legacy telecom threats, vulnerabilities, and historical attacks, then delves into 4G's security improvements. Topics include protocols, RAN and core security, authentication, encryption, voice services, roaming, and Diameter protocol weaknesses. Includes hands-on demos of 4G weaknesses, prevention techniques, and open-source 4G network setup","updated_timestamp":{"seconds":1722352226,"nanoseconds":0},"speakers":[{"content_ids":[55563],"conference_id":133,"event_ids":[56078],"name":"Vinod Shrimali","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/vinodkumarshrimalii/"}],"media":[],"id":56035}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T15:10:26Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":56078,"tag_ids":[46395,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56035}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W201","hotel":"","short_name":"W201","id":46281},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-30T15:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"GPS Jamming and GPS Spoofing.\nVulnerabilities in typical GPS receivers\n Some simple mods that can help\nDirection finding on GPS Jammers.\n Overview of DF techniques\nArtillery Radars\nJam resistance HF Communications.\n (Basically the same thing the Germans did when\n they were in the Ukraine!)\n\n\n","media":[],"title":"Current EW techniques","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:25:00Z","end_timestamp":{"seconds":1723328700,"nanoseconds":0},"android_description":"GPS Jamming and GPS Spoofing.\nVulnerabilities in typical GPS receivers\n Some simple mods that can help\nDirection finding on GPS Jammers.\n Overview of DF techniques\nArtillery Radars\nJam resistance HF Communications.\n (Basically the same thing the Germans did when\n they were in the Ukraine!)","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55458],"conference_id":133,"event_ids":[55883],"name":"Kent Britain","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55997}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-10T22:25:00.000-0000","id":55883,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55997}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Making and deploying double bazooka antenna out of commonly available materials.\n\n\n","media":[],"title":"Clapping cheeks, aka home brew antennas","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:30:00Z","end_timestamp":{"seconds":1723329000,"nanoseconds":0},"android_description":"Making and deploying double bazooka antenna out of commonly available materials.","updated_timestamp":{"seconds":1722185715,"nanoseconds":0},"speakers":[{"content_ids":[55439],"conference_id":133,"event_ids":[55864],"name":"Seth","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55980}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T16:55:15Z","links":[],"end":"2024-08-10T22:30:00.000-0000","id":55864,"tag_ids":[46380,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55980}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W321","hotel":"","short_name":"W321","id":46337},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-28T16:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Time to mingle! Discover who can tell the best dad jokes. We're taking a quick break - be back soon!\n\n\n","media":[],"title":"SECV - Break / Networking","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T22:30:00Z","end_timestamp":{"seconds":1723329000,"nanoseconds":0},"android_description":"Time to mingle! Discover who can tell the best dad jokes. We're taking a quick break - be back soon!","updated_timestamp":{"seconds":1722102841,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T17:54:01Z","links":[],"end":"2024-08-10T22:30:00.000-0000","id":55833,"tag_ids":[46393,46641],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-27T17:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The purpose of this study is to identify commonalities in cybersecurity incidents in the maritime transportation system (MTS). For this exploratory study, the researcher expanded upon their previous research into identifying commonalities in cyberattacks by analyzing documents to identify trends concerning all cybersecurity incidents in the civilian and military MTS components. The MTS can use identified commonalities from the expanded study, including all cybersecurity incidents impacting the civilian and military aspects, to make better informed decisions on cybersecurity threats and appropriate measures. In addition to the Diamond Model of Intrusion Analysis and the information security triad—Confidentiality, Integrity, or Availablity (CIA), this study incorporates additional cybersecurity concepts, such as the Parkerian Hexad and the MITRE ATT&CK framework, to provide more granularity to commonalities identifying in previous research.\n\n\n","media":[],"title":"Underway to Identifying Commonalities of Cybersecurity Incidents in the Maritime Transportation System","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:30:00Z","end_timestamp":{"seconds":1723329000,"nanoseconds":0},"android_description":"The purpose of this study is to identify commonalities in cybersecurity incidents in the maritime transportation system (MTS). For this exploratory study, the researcher expanded upon their previous research into identifying commonalities in cyberattacks by analyzing documents to identify trends concerning all cybersecurity incidents in the civilian and military MTS components. The MTS can use identified commonalities from the expanded study, including all cybersecurity incidents impacting the civilian and military aspects, to make better informed decisions on cybersecurity threats and appropriate measures. In addition to the Diamond Model of Intrusion Analysis and the information security triad—Confidentiality, Integrity, or Availablity (CIA), this study incorporates additional cybersecurity concepts, such as the Parkerian Hexad and the MITRE ATT&CK framework, to provide more granularity to commonalities identifying in previous research.","updated_timestamp":{"seconds":1721781780,"nanoseconds":0},"speakers":[{"content_ids":[55355],"conference_id":133,"event_ids":[55747],"name":"Rebecca J. Rohan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55965}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T00:43:00Z","links":[],"end":"2024-08-10T22:30:00.000-0000","id":55747,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55965}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-24T00:43:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Everyone is trying to leverage AI for many tasks. However, are they doing it effectively? This presentation explores the integration of Retrieval Augmented Generation (RAG), Langchain, and Large Language Models (LLMs) within cybersecurity and offensive security operations. We will begin by exploring the conceptual foundations of these technologies, looking at their unique capabilities for enhancing automation in offensive (and defensive) security operations.\n\nWe will go over different practical demonstrations and case studies. You will gain insights into how these tools can be harnessed to take your red, blue, purple team to the next level. We will discuss the implementation of RAG for dynamic information retrieval, re-ranking, and other techniques and how Langchain is making using these technologies so easy nowadays. We will also explore the use of uncensored models that can be used for cybersecurity and to create exploits.\n\n\n","media":[],"title":"Using Retrieval Augmented Generation (RAG), Langchain, and LLMs for Cybersecurity Operations","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T22:50:00Z","end_timestamp":{"seconds":1723330200,"nanoseconds":0},"android_description":"Everyone is trying to leverage AI for many tasks. However, are they doing it effectively? This presentation explores the integration of Retrieval Augmented Generation (RAG), Langchain, and Large Language Models (LLMs) within cybersecurity and offensive security operations. We will begin by exploring the conceptual foundations of these technologies, looking at their unique capabilities for enhancing automation in offensive (and defensive) security operations.\n\nWe will go over different practical demonstrations and case studies. You will gain insights into how these tools can be harnessed to take your red, blue, purple team to the next level. We will discuss the implementation of RAG for dynamic information retrieval, re-ranking, and other techniques and how Langchain is making using these technologies so easy nowadays. We will also explore the use of uncensored models that can be used for cybersecurity and to create exploits.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55290,55309,55957,55274],"conference_id":133,"event_ids":[55699,56573,55664,55680],"name":"Omar Santos","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@santosomar)","sort_order":0,"url":"https://twitter.com/santosomar"}],"media":[],"id":55860}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T22:50:00.000-0000","id":55699,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55860}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"What would someone know about you if they had all of the credentials saved on your computer? More importantly what would you know about the world if you had 60 million random samples of all of the credentials saved on the' computers of others? Join Eric Clay and Nick Ascoli as they dive into the fascinating world of stealer logs. Nick & Eric have spent more than 6 months examining the world's most comprehensive stealer log data set to understand.... well everything. What can you learn from the credentials on a terrorists computer? What about a U.S. adversaries intelligence service or a ransomware group? And who actually killed JFK? Ok well maybe we haven't figured that one out yet. Nick and Eric will go deep and examine one of the most interesting data sets for intelligence since the advent of writing while maintaining a healthy sense of humor and more than a little fear of Polonium poisoning.\n\n\n","media":[],"title":"The Curious Case of Stealer Logs: Access & Espionage in the World's Most Interesting Dataset","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T22:50:00Z","end_timestamp":{"seconds":1723330200,"nanoseconds":0},"android_description":"What would someone know about you if they had all of the credentials saved on your computer? More importantly what would you know about the world if you had 60 million random samples of all of the credentials saved on the' computers of others? Join Eric Clay and Nick Ascoli as they dive into the fascinating world of stealer logs. Nick & Eric have spent more than 6 months examining the world's most comprehensive stealer log data set to understand.... well everything. What can you learn from the credentials on a terrorists computer? What about a U.S. adversaries intelligence service or a ransomware group? And who actually killed JFK? Ok well maybe we haven't figured that one out yet. Nick and Eric will go deep and examine one of the most interesting data sets for intelligence since the advent of writing while maintaining a healthy sense of humor and more than a little fear of Polonium poisoning.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55752,55308],"conference_id":133,"event_ids":[55698,56277],"name":"Eric Clay","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55813},{"content_ids":[55308,55752],"conference_id":133,"event_ids":[55698,56277],"name":"Nick Ascoli","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@kcin418)","sort_order":0,"url":"https://twitter.com/kcin418"}],"media":[],"id":55861}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T22:50:00.000-0000","id":55698,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55813},{"tag_id":46167,"sort_order":4,"person_id":55861}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The OWASP Amass Project has been developing the new OSINT Collection Engine that is designed around the Open Asset Model data standard released last year. The new engine makes your use of Amass more flexible than ever before, yet does come with some additional configurations to learn. This workshop will take users, both new and seasoned, all the way through the experience of using this new architecture.\n\n\n","media":[],"title":"Learning the New Amass Collection Engine","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"The OWASP Amass Project has been developing the new OSINT Collection Engine that is designed around the Open Asset Model data standard released last year. The new engine makes your use of Amass more flexible than ever before, yet does come with some additional configurations to learn. This workshop will take users, both new and seasoned, all the way through the experience of using this new architecture.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55307,55913],"conference_id":133,"event_ids":[55697,56500],"name":"Jeff Foley","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@jeff_foley)","sort_order":0,"url":"https://twitter.com/jeff_foley"}],"media":[],"id":55859}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":55697,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55859}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Kubernetes is the de facto operating system of the cloud, and more and more organizations are running their workloads on Kubernetes. While Kubernetes offers many benefits, it also introduces new security risks, such as cluster misconfiguration, leaked credentials, cryptojacking, container escapes, and vulnerable clusters.\n\nThis workshop will teach you the fundamentals of Kubernetes security, you'll learn how to exploit workloads running on a Kubernetes environment using Living Off the Land (LotL) techniques like exploiting Insecure APIs, Secrets Theft, Container Escape and Pod Privilege Escalation, similar to the ones used by real-world threat actors.\n\n\n\n","media":[],"title":"Introduction to Kubernetes common attack techniques","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T22:50:00Z","end_timestamp":{"seconds":1723330200,"nanoseconds":0},"android_description":"Kubernetes is the de facto operating system of the cloud, and more and more organizations are running their workloads on Kubernetes. While Kubernetes offers many benefits, it also introduces new security risks, such as cluster misconfiguration, leaked credentials, cryptojacking, container escapes, and vulnerable clusters.\n\nThis workshop will teach you the fundamentals of Kubernetes security, you'll learn how to exploit workloads running on a Kubernetes environment using Living Off the Land (LotL) techniques like exploiting Insecure APIs, Secrets Theft, Container Escape and Pod Privilege Escalation, similar to the ones used by real-world threat actors.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55306,55904,55965,55957],"conference_id":133,"event_ids":[56573,56581,55696,56491],"name":"Lenin Alevski","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Security Engineer"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/alevsk/"},{"description":"","title":"Twitter (@alevsk)","sort_order":0,"url":"https://twitter.com/alevsk"},{"description":"","title":"Website","sort_order":0,"url":"https://www.alevsk.com/"}],"media":[],"id":55862,"title":"Security Engineer at Google"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T22:50:00.000-0000","id":55696,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55862}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Jailbreak vulnerabilities in Large Language Models (LLMs), which exploit meticulously crafted prompts to elicit content that violates service guidelines, have captured the attention of research communities. While model owners can defend against individual jailbreak prompts through safety training strategies, this relatively passive approach struggles to handle the broader category of similar jailbreaks. To tackle this issue, we introduce FuzzLLM, an automated fuzzing framework designed to proactively test and discover jailbreak vulnerabilities in LLMs. We utilize templates to capture the structural integrity of a prompt and isolate key features of a jailbreak class as constraints. By integrating different base classes into powerful combo attacks and varying the elements of constraints and prohibited questions, FuzzLLM enables efficient testing with reduced manual effort. Extensive experiments demonstrate FuzzLLM's effectiveness and comprehensiveness in vulnerability discovery across various LLMs.\n\n\n","media":[],"title":"FuzzLLM: A Fuzzing Framework for Discovering Jailbreak Vulnerabilities in Large Language Models","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Jailbreak vulnerabilities in Large Language Models (LLMs), which exploit meticulously crafted prompts to elicit content that violates service guidelines, have captured the attention of research communities. While model owners can defend against individual jailbreak prompts through safety training strategies, this relatively passive approach struggles to handle the broader category of similar jailbreaks. To tackle this issue, we introduce FuzzLLM, an automated fuzzing framework designed to proactively test and discover jailbreak vulnerabilities in LLMs. We utilize templates to capture the structural integrity of a prompt and isolate key features of a jailbreak class as constraints. By integrating different base classes into powerful combo attacks and varying the elements of constraints and prohibited questions, FuzzLLM enables efficient testing with reduced manual effort. Extensive experiments demonstrate FuzzLLM's effectiveness and comprehensiveness in vulnerability discovery across various LLMs.","updated_timestamp":{"seconds":1721495354,"nanoseconds":0},"speakers":[{"content_ids":[55203],"conference_id":133,"event_ids":[55593],"name":"Ian G. Harris","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"University of California Irvine","title":"Professor of Computer Science"}],"pronouns":"he/him","links":[{"description":"","title":"Website","sort_order":0,"url":"https://ics.uci.edu/~harris/"}],"media":[],"id":55804,"title":"Professor of Computer Science at University of California Irvine"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T17:09:14Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":55593,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55804}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-20T17:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Name the Noob is a fun and interactive session where seasoned hackers create unique handles for new attendees. This activity helps newbies integrate into the hacking community and gives them a memorable start to their cybersecurity journey.\n\n\n","media":[],"title":"Name the Noob","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Name the Noob is a fun and interactive session where seasoned hackers create unique handles for new attendees. This activity helps newbies integrate into the hacking community and gives them a memorable start to their cybersecurity journey.","updated_timestamp":{"seconds":1721487277,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T14:54:37Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55416,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk, Shishir will share some critical insights from performing a decade worth of Red Team (attack simulation) exercises for large-scale industrial operations across the globe.\r\n\r\nThe presentation will also cover real-world examples of attack vectors leveraged by Google's Mandiant Red Team while performing offensive security exercises for operational technology and control system environments. \r\n\r\nThis talk will cover:\r\n\r\n- Insights into common TTPs and attack vectors for large-scale industrial networks\r\n- Network propagation and mission execution across ICS-OT attack life-cycle\r\n- Examples from real-world case studies of penetrating cyber-physical systems\r\n\n\n\n","media":[],"title":"War Games: Red Team for OT (Based on Real World Case Studies)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:30:00Z","end_timestamp":{"seconds":1723329000,"nanoseconds":0},"android_description":"In this talk, Shishir will share some critical insights from performing a decade worth of Red Team (attack simulation) exercises for large-scale industrial operations across the globe.\r\n\r\nThe presentation will also cover real-world examples of attack vectors leveraged by Google's Mandiant Red Team while performing offensive security exercises for operational technology and control system environments. \r\n\r\nThis talk will cover:\r\n\r\n- Insights into common TTPs and attack vectors for large-scale industrial networks\r\n- Network propagation and mission execution across ICS-OT attack life-cycle\r\n- Examples from real-world case studies of penetrating cyber-physical systems","updated_timestamp":{"seconds":1720403449,"nanoseconds":0},"speakers":[{"content_ids":[54622],"conference_id":133,"event_ids":[54996],"name":"Shishir Gupta","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Mandiant","title":"Technical Manager and Function Lead, ICS-OT Red Team"}],"links":[],"pronouns":null,"media":[],"id":54270,"title":"Technical Manager and Function Lead, ICS-OT Red Team at Mandiant"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T01:50:49Z","links":[],"end":"2024-08-10T22:30:00.000-0000","id":54996,"tag_ids":[46382,46419,46456,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54270}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-08T01:50:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Now that you’re familiar with the techniques used to bypass locks in some door installation, come and learn the remediations for these common bypasses. In this talk, you will learn how to protect against or harden against attacks such as the Under the Door attack, latch slipping, and more.\n\n\n","media":[],"title":"Bypass 102","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:30:00Z","end_timestamp":{"seconds":1723329000,"nanoseconds":0},"android_description":"Now that you’re familiar with the techniques used to bypass locks in some door installation, come and learn the remediations for these common bypasses. In this talk, you will learn how to protect against or harden against attacks such as the Under the Door attack, latch slipping, and more.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54621],"conference_id":133,"event_ids":[54995],"name":"Terry Luan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54260},{"content_ids":[54561,54621,55796],"conference_id":133,"event_ids":[56873,56345,54936,54995],"name":"Karen Ng","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GGR Security","title":"Risk Analyst"}],"links":[],"pronouns":null,"media":[],"id":54281,"title":"Risk Analyst at GGR Security"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T22:30:00.000-0000","id":54995,"tag_ids":[46169,46387,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54281},{"tag_id":46167,"sort_order":1,"person_id":54260}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Millions of people around the world use Tor every day to protect themselves from surveillance and censorship. While the Tor Browser and its protocol are widely known, the backbone of the Tor ecosystem, its extensive network of volunteer relays, is often subject to speculation and misinformation. The Tor Project is dedicated to supporting this network and fostering a vibrant, diverse community of relay operators.\r\n\r\nThis talk will focus on our efforts to maintain a healthy network and community, and detect and mitigate attacks -- all with the help of metrics and analysis of usage patterns. By illustrating how we collect safe-enough metrics for an anonymity network, we will offer insights into how we identify unusual activity and other noteworthy events on the network. We will also discuss our ongoing strategies for addressing current and future network health challenges.\r\n\r\nIf you are interested in understanding the inner workings of the Tor network and its relay community and how we keep this vital ecosystem running, this talk is for you.\r\n\r\n1. Network Health Team wiki: [link](https://gitlab.torproject.org/tpo/network-health/team/-/wikis/home)\r\n2. Two blog posts on Tor network health: [link](https://blog.torproject.org/malicious-relays-health-tor-network/) [link](https://blog.torproject.org/tor-network-community-health-update/)\r\n3. Collector (where we archive all network data sets): [link](https://collector.torproject.org/)\r\n4. Paper by Rob Jansen et al. on incentives schemes for relays on the Tor network, \"Recruiting New Tor Relays with BRAIDS\": [link](http://www-users.cs.umn.edu/~hopper/braids_ccs.pdf)\r\n5. Broader blog post about research papers on incentive for Tor relays: [link](https://blog.torproject.org/tor-incentives-research-roundup-goldstar-par-braids-lira-tears-and-torcoin/)\r\n6. Research paper by NRL proposing how to measure relay performance in a way that resists attempts to lie about relay speed: [link](https://www.ohmygodel.com/publications/flashflow-icdcs2021.pdf)\r\n7. Our plan to change how we collect, store and serve Tor network data (discussion from our bug tracker): [link](https://bugs.torproject.org/tpo/network-health/metrics/collector/40012)\r\n8. Performance measurements over the Tor Network: [link](https://metrics.torproject.org/torperf.html)\r\n9. Onionperf is the tool we use to measure performances from different locations across the globe: [link](https://gitlab.torproject.org/tpo/network-health/metrics/onionperf)\r\n10. The number of relays on the network by relay flags: [link](https://metrics.torproject.org/relayflags.html)\r\n11. Documentation about reproducible metrics: [link](https://metrics.torproject.org/reproducible-metrics.html)\r\n\n\n\n","media":[],"title":"Measuring the Tor Network","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"Millions of people around the world use Tor every day to protect themselves from surveillance and censorship. While the Tor Browser and its protocol are widely known, the backbone of the Tor ecosystem, its extensive network of volunteer relays, is often subject to speculation and misinformation. The Tor Project is dedicated to supporting this network and fostering a vibrant, diverse community of relay operators.\r\n\r\nThis talk will focus on our efforts to maintain a healthy network and community, and detect and mitigate attacks -- all with the help of metrics and analysis of usage patterns. By illustrating how we collect safe-enough metrics for an anonymity network, we will offer insights into how we identify unusual activity and other noteworthy events on the network. We will also discuss our ongoing strategies for addressing current and future network health challenges.\r\n\r\nIf you are interested in understanding the inner workings of the Tor network and its relay community and how we keep this vital ecosystem running, this talk is for you.\r\n\r\n1. Network Health Team wiki: [link](https://gitlab.torproject.org/tpo/network-health/team/-/wikis/home)\r\n2. Two blog posts on Tor network health: [link](https://blog.torproject.org/malicious-relays-health-tor-network/) [link](https://blog.torproject.org/tor-network-community-health-update/)\r\n3. Collector (where we archive all network data sets): [link](https://collector.torproject.org/)\r\n4. Paper by Rob Jansen et al. on incentives schemes for relays on the Tor network, \"Recruiting New Tor Relays with BRAIDS\": [link](http://www-users.cs.umn.edu/~hopper/braids_ccs.pdf)\r\n5. Broader blog post about research papers on incentive for Tor relays: [link](https://blog.torproject.org/tor-incentives-research-roundup-goldstar-par-braids-lira-tears-and-torcoin/)\r\n6. Research paper by NRL proposing how to measure relay performance in a way that resists attempts to lie about relay speed: [link](https://www.ohmygodel.com/publications/flashflow-icdcs2021.pdf)\r\n7. Our plan to change how we collect, store and serve Tor network data (discussion from our bug tracker): [link](https://bugs.torproject.org/tpo/network-health/metrics/collector/40012)\r\n8. Performance measurements over the Tor Network: [link](https://metrics.torproject.org/torperf.html)\r\n9. Onionperf is the tool we use to measure performances from different locations across the globe: [link](https://gitlab.torproject.org/tpo/network-health/metrics/onionperf)\r\n10. The number of relays on the network by relay flags: [link](https://metrics.torproject.org/relayflags.html)\r\n11. Documentation about reproducible metrics: [link](https://metrics.torproject.org/reproducible-metrics.html)","updated_timestamp":{"seconds":1720463147,"nanoseconds":0},"speakers":[{"content_ids":[54504],"conference_id":133,"event_ids":[54877],"name":"Silvia Puglisi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Tor Project","title":"Lead, Network Health"}],"pronouns":"she/her","links":[{"description":"","title":"Mastodon (@nopressure@mastodon.social)","sort_order":0,"url":"https://mastodon.social/@nopressure"},{"description":"","title":"Mastodon (@torproject@mastodon.social)","sort_order":0,"url":"https://mastodon.social/@torproject"},{"description":"","title":"Twitter (@torproject)","sort_order":0,"url":"https://twitter.com/torproject"}],"media":[],"id":54071,"title":"Lead, Network Health at Tor Project"},{"content_ids":[54504],"conference_id":133,"event_ids":[54877],"name":"Roger Dingledine","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Tor Project","title":"Co-Founder and Original Developer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@RogerDingledine)","sort_order":0,"url":"https://twitter.com/RogerDingledine"}],"media":[],"id":54155,"title":"Co-Founder and Original Developer at Tor Project"}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:25:47Z","links":[],"end":"2024-08-10T22:45:00.000-0000","id":54877,"tag_ids":[46166,46419,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54071},{"tag_id":46167,"sort_order":2,"person_id":54155}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-08T18:25:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"aWe explore case studies of exploiting vulnerabilities in modern JavaScript and TypeScript applications, drawing on experiences from participating in the Kibana Bug Bounty Program. It's not uncommon to encounter a vulnerability that appears unexploitable at first glance, or to be told by a triage team that the behavior is \"by design.\" So, what options does a security researcher have in such situations? And what primitives can be utilized to construct an exploitation chain with significant impact?\r\n\r\nOur study involves breaking out of properly isolated containers in scenarios where there is RCE-by-design. We will examine several Prototype Pollutions that crash an application in less than one second after exploitation and explore how these vulnerabilities can ultimately lead to critical RCEs. Furthermore, we introduce new primitives and gadgets that enable the achievement of RCE from Prototype Pollutions previously deemed unexploitable beyond DoS attacks.\r\n\r\nBy highlighting these methods, the talk aims to equip attendees with advanced techniques for exploiting complex vulnerability chains in JavaScript applications, as well as recommendations for proper defense and mitigations against them.\r\n\r\n1. Mikhail Shcherbakov, Musard Balliu and Cristian-Alexandru Staicu \"Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js\"\r\n2. \"Collection of Server-Side Prototype Pollution gadgets\" [link](https://github.com/KTH-LangSec/server-side-prototype-pollution)\r\n3. Olivier Arteau \"JavaScript prototype pollution attack in NodeJS\"\r\n4. Nir Chako \"Attacking Kubernetes Clusters Through Your Network Plumbing\" [link](https://www.cyberark.com/resources/threat-research-blog/attacking-kubernetes-clusters-through-your-network-plumbing-part-1)\r\n\n\n\n","media":[],"title":"Exploiting the Unexploitable: Insights from the Kibana Bug Bounty","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"aWe explore case studies of exploiting vulnerabilities in modern JavaScript and TypeScript applications, drawing on experiences from participating in the Kibana Bug Bounty Program. It's not uncommon to encounter a vulnerability that appears unexploitable at first glance, or to be told by a triage team that the behavior is \"by design.\" So, what options does a security researcher have in such situations? And what primitives can be utilized to construct an exploitation chain with significant impact?\r\n\r\nOur study involves breaking out of properly isolated containers in scenarios where there is RCE-by-design. We will examine several Prototype Pollutions that crash an application in less than one second after exploitation and explore how these vulnerabilities can ultimately lead to critical RCEs. Furthermore, we introduce new primitives and gadgets that enable the achievement of RCE from Prototype Pollutions previously deemed unexploitable beyond DoS attacks.\r\n\r\nBy highlighting these methods, the talk aims to equip attendees with advanced techniques for exploiting complex vulnerability chains in JavaScript applications, as well as recommendations for proper defense and mitigations against them.\r\n\r\n1. Mikhail Shcherbakov, Musard Balliu and Cristian-Alexandru Staicu \"Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js\"\r\n2. \"Collection of Server-Side Prototype Pollution gadgets\" [link](https://github.com/KTH-LangSec/server-side-prototype-pollution)\r\n3. Olivier Arteau \"JavaScript prototype pollution attack in NodeJS\"\r\n4. Nir Chako \"Attacking Kubernetes Clusters Through Your Network Plumbing\" [link](https://www.cyberark.com/resources/threat-research-blog/attacking-kubernetes-clusters-through-your-network-plumbing-part-1)","updated_timestamp":{"seconds":1720463160,"nanoseconds":0},"speakers":[{"content_ids":[54503],"conference_id":133,"event_ids":[54876],"name":"Mikhail Shcherbakov","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Twitter (@yu5k3)","sort_order":0,"url":"https://twitter.com/yu5k3"}],"media":[],"id":54171}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:26:00Z","links":[],"end":"2024-08-10T22:45:00.000-0000","id":54876,"tag_ids":[46166,46169,46419,46438,46878],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54171}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-08T18:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The public library is under attack. Calls for book banning are at an all time high. Some states have passed laws that hold librarians legally accountable for offering \"unacceptable\" materials to minors. But before this fire started, another one was already burning. In an era of digital content, from eBooks to streaming movies, public libraries have been forced to accept draconian terms of service at the expense of their patrons and to the benefit of corporations. Grossly inflated eBook prices and licensing, unobtainable materials that went out of print due to artificial scarcity, exorbitant fees for access to academic research; these are just a few of the myriad of ways that libraries have been forced to bow before capitalism, all because of a desire to serve the public. But we can fight back...\r\n\r\nAnd no one says we need to fight fairly.\r\n\r\nI’d like to tell you some real life stories of a public librarian with a quasi-legal, dark grey skillset. And I’d love to share some ideas about what you can do to help others. If I can do this, you can. And anyone can be a shadow librarian.\r\n\r\n1. Bodó, Balázs, Dániel Antal, and Zoltán Puha. “Can Scholarly Pirate Libraries Bridge the Knowledge Access Gap? An Empirical Study on the Structural Conditions of Book Piracy in Global and European Academia.” Edited by Sergi Lozano. PLOS ONE 15, no. 12 (December 3, 2020): e0242509. [link](https://doi.org/10.1371/journal.pone.0242509).\r\n2. Böök, Mikael. “Herding the Wind,” 2020. [link](http://www.kaapeli.fi/book/libpub/Z-Library_en.pdf).\r\n3. Brown, Elizabeth Nolon. “You Can’t Stop Pirate Libraries.” Reason, 2022. [link](https://reason.com/2022/07/24/you-cant-stop-pirate-libraries/).\r\n4. Complutense, Francisco Segado-Bo, Juan Martín-Quevedo, and Juan-José Prieto-Gutiérrez. “Jumping over the Paywall: Strategies and Motivations for Scholarly Piracy and Other Alternatives.” Accessed January 4, 2024. [link](https://doi.org/10.1177/02666669221144429).\r\n5. Gardner, Gabriel J, Stephen R McLaughlin, and Andrew D Asher. “Shadow Libraries and You: Sci-Hub Usage and the Future of ILL.” ACRL 2017, Baltimore, Maryland, March 22 - 25, 2017. [Conference Paper], 2017. [link](http://hdl.handle.net/20.500.12680/cr56n622s).\r\n6. Yesberg, Helen. “Libraries, Piracy and the Grey Area In-Between: Free Digital Media during the COVID-19 Pandemic.” Reinvention: An International Journal of Undergraduate Research 15, no. 1 (April 29, 2022). [link](https://doi.org/10.31273/reinvention.v15i1.799).\r\n\n\n\n","media":[],"title":"A Shadow Librarian in Broad Daylight: Fighting back against ever encroaching capitalism","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"The public library is under attack. Calls for book banning are at an all time high. Some states have passed laws that hold librarians legally accountable for offering \"unacceptable\" materials to minors. But before this fire started, another one was already burning. In an era of digital content, from eBooks to streaming movies, public libraries have been forced to accept draconian terms of service at the expense of their patrons and to the benefit of corporations. Grossly inflated eBook prices and licensing, unobtainable materials that went out of print due to artificial scarcity, exorbitant fees for access to academic research; these are just a few of the myriad of ways that libraries have been forced to bow before capitalism, all because of a desire to serve the public. But we can fight back...\r\n\r\nAnd no one says we need to fight fairly.\r\n\r\nI’d like to tell you some real life stories of a public librarian with a quasi-legal, dark grey skillset. And I’d love to share some ideas about what you can do to help others. If I can do this, you can. And anyone can be a shadow librarian.\r\n\r\n1. Bodó, Balázs, Dániel Antal, and Zoltán Puha. “Can Scholarly Pirate Libraries Bridge the Knowledge Access Gap? An Empirical Study on the Structural Conditions of Book Piracy in Global and European Academia.” Edited by Sergi Lozano. PLOS ONE 15, no. 12 (December 3, 2020): e0242509. [link](https://doi.org/10.1371/journal.pone.0242509).\r\n2. Böök, Mikael. “Herding the Wind,” 2020. [link](http://www.kaapeli.fi/book/libpub/Z-Library_en.pdf).\r\n3. Brown, Elizabeth Nolon. “You Can’t Stop Pirate Libraries.” Reason, 2022. [link](https://reason.com/2022/07/24/you-cant-stop-pirate-libraries/).\r\n4. Complutense, Francisco Segado-Bo, Juan Martín-Quevedo, and Juan-José Prieto-Gutiérrez. “Jumping over the Paywall: Strategies and Motivations for Scholarly Piracy and Other Alternatives.” Accessed January 4, 2024. [link](https://doi.org/10.1177/02666669221144429).\r\n5. Gardner, Gabriel J, Stephen R McLaughlin, and Andrew D Asher. “Shadow Libraries and You: Sci-Hub Usage and the Future of ILL.” ACRL 2017, Baltimore, Maryland, March 22 - 25, 2017. [Conference Paper], 2017. [link](http://hdl.handle.net/20.500.12680/cr56n622s).\r\n6. Yesberg, Helen. “Libraries, Piracy and the Grey Area In-Between: Free Digital Media during the COVID-19 Pandemic.” Reinvention: An International Journal of Undergraduate Research 15, no. 1 (April 29, 2022). [link](https://doi.org/10.31273/reinvention.v15i1.799).","updated_timestamp":{"seconds":1720463184,"nanoseconds":0},"speakers":[{"content_ids":[54502],"conference_id":133,"event_ids":[54875],"name":"Daniel Messer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Mastodon (@cyberpunklibrarian@hackers.town)","sort_order":0,"url":"https://hackers.town/@cyberpunklibrarian"},{"description":"","title":"Website","sort_order":0,"url":"https://cyberpunklibrarian.com"}],"media":[],"id":54199}],"begin_tsz":"2024-08-10T22:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:26:24Z","links":[],"end":"2024-08-10T22:45:00.000-0000","id":54875,"tag_ids":[46166,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723327200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54199}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-10T22:00:00.000-0000","updated":"2024-07-08T18:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We are living through a secular (once in a lifetime) crisis period that presents an existential risk to democracy, both at home and abroad. There are various underlying sociological, geopolitical and economic forces that give rise to a crises of this magnitude. How are authoritarian actors exploiting this to weaken the liberal democratic order? How can these dynamics help us create a frame to better understand the nature of Cognitive Warfare? Our liberal democratic system is under increasing levels of attack. Who are the internal and external threat actors behind this? Are they working together? Our liberal democratic system is under increasing levels of attack. Who are the internal and external threat actors behind this? Are they working together? The terms disinformation and misinformation are often used to describe cognitive warfare influents (instances of influence used in a CW campaign), but these terms can also limit our ability to detect and defend. Let’s explore a model of Cognitive Warfare that helps us understand the broad range of tactics being used as well as who is being targeted and how.We will also explore how Cognitive Warfare can complement other domains of conflict and how CW has even been used as part of kinetic combat operations. What are some of the natural asymmetries when CW is being used in conflicts between authoritative and democratic systems? Join us as we work to grow and model our understanding this new and critical domain of conflict.\n\n\n","media":[],"title":"Understanding Cognitive Warefare in a Geopolitcal Context","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:30:00Z","end_timestamp":{"seconds":1723329000,"nanoseconds":0},"android_description":"We are living through a secular (once in a lifetime) crisis period that presents an existential risk to democracy, both at home and abroad. There are various underlying sociological, geopolitical and economic forces that give rise to a crises of this magnitude. How are authoritarian actors exploiting this to weaken the liberal democratic order? How can these dynamics help us create a frame to better understand the nature of Cognitive Warfare? Our liberal democratic system is under increasing levels of attack. Who are the internal and external threat actors behind this? Are they working together? Our liberal democratic system is under increasing levels of attack. Who are the internal and external threat actors behind this? Are they working together? The terms disinformation and misinformation are often used to describe cognitive warfare influents (instances of influence used in a CW campaign), but these terms can also limit our ability to detect and defend. Let’s explore a model of Cognitive Warfare that helps us understand the broad range of tactics being used as well as who is being targeted and how.We will also explore how Cognitive Warfare can complement other domains of conflict and how CW has even been used as part of kinetic combat operations. What are some of the natural asymmetries when CW is being used in conflicts between authoritative and democratic systems? Join us as we work to grow and model our understanding this new and critical domain of conflict.","updated_timestamp":{"seconds":1723183539,"nanoseconds":0},"speakers":[{"content_ids":[56199,56200],"conference_id":133,"event_ids":[56853,56854],"name":"Constantine Nicolaidis","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56564}],"begin_tsz":"2024-08-10T21:45:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T06:05:39Z","links":[],"end":"2024-08-10T22:30:00.000-0000","id":56853,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723326300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56564}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T21:45:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The global quantum community is searching for future applications of quantum computing and quantum communications. A somewhat uncommon way to think about this problem is through quantum game theory. This field of research looks at how quantum resources can be used in both cooperative and competitive games to achieve what would be impossible with only classical resources. In this talk we’ll look at some of the fundamentals of quantum game theory, including some archetypal examples of quantum strategies and some theoretical results that show how quantum games differ from classical ones.\n\n\n","media":[],"title":"Playing with Quantum: wayfinding with quantum game theory","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:30:00Z","end_timestamp":{"seconds":1723329000,"nanoseconds":0},"android_description":"The global quantum community is searching for future applications of quantum computing and quantum communications. A somewhat uncommon way to think about this problem is through quantum game theory. This field of research looks at how quantum resources can be used in both cooperative and competitive games to achieve what would be impossible with only classical resources. In this talk we’ll look at some of the fundamentals of quantum game theory, including some archetypal examples of quantum strategies and some theoretical results that show how quantum games differ from classical ones.","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[{"content_ids":[55853],"conference_id":133,"event_ids":[56440],"name":"Michael Dascal","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56216}],"begin_tsz":"2024-08-10T21:45:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-10T22:30:00.000-0000","id":56440,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723326300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56216}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T21:45:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Efficient threat modelling is essential for finding and fixing vulnerabilities. Yet empowering threat modelling trainers to communicate in a way that ensures actionable solutions, moving beyond the directive to “fix SQLI.” is a common challenge. This talk presents strategies for training threat modelers, ensuring they can communicate techniques and principles needed to better and address vulnerabilities early on in the SDLC\r\n\r\nIntroducing: \"Engineers & Exploits: The Quest for Security\" a derivative of the Cornucopia card game. While Cornucopia is an excellent introductory threat modelling exercise, we found limitations when training our coworkers to subsequently instruct developers. To bridge this gap, we developed a tabletop game designed to improve the learning experience. In this interactive session, we will show game mechanics and explain benefits, \r\nJoin us to discover how you can transform threat modelling education, making it engaging for trainers and trainees.\n\n\n","media":[],"title":"Engineers & Exploits: The Quest for Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:10:00Z","end_timestamp":{"seconds":1723327800,"nanoseconds":0},"android_description":"Efficient threat modelling is essential for finding and fixing vulnerabilities. Yet empowering threat modelling trainers to communicate in a way that ensures actionable solutions, moving beyond the directive to “fix SQLI.” is a common challenge. This talk presents strategies for training threat modelers, ensuring they can communicate techniques and principles needed to better and address vulnerabilities early on in the SDLC\r\n\r\nIntroducing: \"Engineers & Exploits: The Quest for Security\" a derivative of the Cornucopia card game. While Cornucopia is an excellent introductory threat modelling exercise, we found limitations when training our coworkers to subsequently instruct developers. To bridge this gap, we developed a tabletop game designed to improve the learning experience. In this interactive session, we will show game mechanics and explain benefits, \r\nJoin us to discover how you can transform threat modelling education, making it engaging for trainers and trainees.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55712],"conference_id":133,"event_ids":[56252],"name":"Spyros Gasteratos","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56086},{"content_ids":[55699,55712,55722],"conference_id":133,"event_ids":[56228,56230,56252],"name":"Andra","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56103}],"begin_tsz":"2024-08-10T21:40:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T22:10:00.000-0000","id":56252,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723326000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56103},{"tag_id":46167,"sort_order":1,"person_id":56086}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T21:40:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Open Source Program Offices (OSPOs) are an increasingly adopted approach to establishing and cultivating a culture of contribution. The Digital Service at CMS.gov will share the programs, policies, and projects they’re building to identify and mitigate continuity and security risks in the software supply chain across the Federal Ecosystem.\n\n\n","media":[],"title":"Establishing the first Open Source Program Office at a United States Federal Agency","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Open Source Program Offices (OSPOs) are an increasingly adopted approach to establishing and cultivating a culture of contribution. The Digital Service at CMS.gov will share the programs, policies, and projects they’re building to identify and mitigate continuity and security risks in the software supply chain across the Federal Ecosystem.","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[56137],"conference_id":133,"event_ids":[56780],"name":"Remy DeCausemaker","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Center for Medicare and Medicaid Services","title":"Open Source Lead"}],"pronouns":"he/him","links":[{"description":"","title":"CMS OSPO Website","sort_order":0,"url":"https://cms.gov/digital-service/open-source-program-office"},{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/decause"},{"description":"","title":"Twitter (@remy_d)","sort_order":0,"url":"https://twitter.com/remy_d"}],"media":[],"id":56526,"title":"Open Source Lead at Center for Medicare and Medicaid Services"}],"begin_tsz":"2024-08-10T21:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":56780,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723325400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56526}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-10T21:30:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Embora tragam muita diversão e inovação, brinquedos conectados à Internet (IoToys) também apresentam sérios riscos à segurança e privacidade. Ao entender e mitigar esses riscos, e até mesmo criando seus próprios dispositivos, pais e responsáveis podem garantir que a diversão com brinquedos inteligentes e conectados não se transforme em uma preocupação com vazamentos de informações pessoais.\n\n\n","media":[],"title":"Make all the things - Construa seus próprios \"brinquedos\" Threats","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Embora tragam muita diversão e inovação, brinquedos conectados à Internet (IoToys) também apresentam sérios riscos à segurança e privacidade. Ao entender e mitigar esses riscos, e até mesmo criando seus próprios dispositivos, pais e responsáveis podem garantir que a diversão com brinquedos inteligentes e conectados não se transforme em uma preocupação com vazamentos de informações pessoais.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55972],"conference_id":133,"event_ids":[56588],"name":"Christiane Borges Santos","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Coordenadora do Eixo de Design Factory - Criar IFG"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/christianebs/"},{"description":"","title":"Twitter (@angel_chris)","sort_order":0,"url":"https://x.com/angel_chris"}],"media":[],"id":56308,"title":"Coordenadora do Eixo de Design Factory - Criar IFG"}],"begin_tsz":"2024-08-10T21:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":56588,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723325400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56308}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-10T21:30:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Prompt injections are a class of attacks against LLM-powered applications that exploit the inclusion of untrusted user inputs in LLM prompts. We give an overview of two open source frameworks developed by Meta related to understanding and mitigating prompt injection risks:\r\n\r\n- our CyberSecEval Prompt Injection benchmarks (evaluations of the propensity of popular LLMs to succumb to prompt injection when used without guardrails),\r\n\r\n- as well as PromptGuard (an open-source model for identifying risky inputs to LLM-powered applications, both direct jailbreaks and indirect injections).\r\n\r\nFindings of interest:\r\n\r\n- Evaluating foundation model vulnerability to indirect prompt injection: LLMs can be trained to have contextual awareness of which parts of the input prompt are coming from a trusted user versus an untrusted third party - in particular via inclusion of a system prompt. We share our benchmark for direct and indirect prompt injection susceptibility of foundational LLMs (across a wide variety of attack strategies) introduced as part of CyberSecEval (an open-source suite of benchmarks for measuring the cybersecurity risks of foundational models). We present the results of these evaluations for currently-popular foundational LLMs. We conclude that model conditioning is not enough to defend against indirect prompt injection risks in most contexts, even with the usage of a system prompt.\r\n\r\n- Guardrailing against prompt injection attacks in real applications: We present PromptGuard, a model designed for both the detection of direct jailbreak and indirect injection attacks. We highlight the differences between our models and existing malicious prompt detectors (which largely only address direct prompt injection or jailbreaking risks), and the specific risks that can be prevented by utilizing our guardrail in LLM-powered applications. We also show how the model can be fine-tuned to improve application-specific performance.\n\n\n","media":[],"title":"Evaluations and Guardrails against Prompt Injection attacks on LLM powered-applications","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Prompt injections are a class of attacks against LLM-powered applications that exploit the inclusion of untrusted user inputs in LLM prompts. We give an overview of two open source frameworks developed by Meta related to understanding and mitigating prompt injection risks:\r\n\r\n- our CyberSecEval Prompt Injection benchmarks (evaluations of the propensity of popular LLMs to succumb to prompt injection when used without guardrails),\r\n\r\n- as well as PromptGuard (an open-source model for identifying risky inputs to LLM-powered applications, both direct jailbreaks and indirect injections).\r\n\r\nFindings of interest:\r\n\r\n- Evaluating foundation model vulnerability to indirect prompt injection: LLMs can be trained to have contextual awareness of which parts of the input prompt are coming from a trusted user versus an untrusted third party - in particular via inclusion of a system prompt. We share our benchmark for direct and indirect prompt injection susceptibility of foundational LLMs (across a wide variety of attack strategies) introduced as part of CyberSecEval (an open-source suite of benchmarks for measuring the cybersecurity risks of foundational models). We present the results of these evaluations for currently-popular foundational LLMs. We conclude that model conditioning is not enough to defend against indirect prompt injection risks in most contexts, even with the usage of a system prompt.\r\n\r\n- Guardrailing against prompt injection attacks in real applications: We present PromptGuard, a model designed for both the detection of direct jailbreak and indirect injection attacks. We highlight the differences between our models and existing malicious prompt detectors (which largely only address direct prompt injection or jailbreaking risks), and the specific risks that can be prevented by utilizing our guardrail in LLM-powered applications. We also show how the model can be fine-tuned to improve application-specific performance.","updated_timestamp":{"seconds":1722626362,"nanoseconds":0},"speakers":[{"content_ids":[55884],"conference_id":133,"event_ids":[56469],"name":"Cyrus Nikolaidis","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Meta Platforms, Inc.","title":""}],"links":[],"pronouns":null,"media":[],"id":56256,"title":"Meta Platforms, Inc."},{"content_ids":[55884],"conference_id":133,"event_ids":[56469],"name":"Faizan Ahmad","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Meta Platforms, Inc.","title":""}],"links":[],"pronouns":null,"media":[],"id":56257,"title":"Meta Platforms, Inc."}],"begin_tsz":"2024-08-10T21:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T19:19:22Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":56469,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723325400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56256},{"tag_id":46167,"sort_order":4,"person_id":56257}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-10T21:30:00.000-0000","updated":"2024-08-02T19:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Who isn’t busy nowadays? When you sit down to hack, you want to find a bug, or at least know you’re on the right track to find one. Over the past 5 years of full-time bug bounty, I’ve identified a couple of techniques that will get you some quick wins on most applications. I’ll show you how to apply these techniques, and then, building upon them, direct your longer-term testing to keep finding bugs and getting the best ROI for your time hunting. This workshop is oriented toward equipping you to make the most money with the least time investment. These are not the most technical bugs. These are the bugs that pay the bills and keep you well-fed, dopamine'ed up, and pushing deeper into these apps. In this workshop, we'll target REAL bug bounty targets, and apply the very techniques I've used in the past to find bugs on these targets. We'll cover mega-efficient testing techniques for various types of client-side access controls and IDORs. We'll cover polyglot usage for generic injection testing. We'll cover attack vector ideation, friction minimization, gadget hunting, organization. And much, much more. All of these things will keep you motivated, on track, and efficient as you push through the slog of HTTP requests between you and your next pay day. Leggo.\r\n\r\nWhat skill level is your presentation aimed at?\r\nAll skill levels, but attendees should have a basic understanding of web architecture and web vulnerabilities such as XSS, CSRF, IDOR, and Broken Access Controls.\r\n\r\nPre-Requisites:\r\n- Bring your laptop\r\n- Please come with Caido installed (or Burp, if you must) \r\n- General understanding of HTTP requests and web testing\n\n\n","media":[],"title":"High ROI Manual Bug Hunting Techniques","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Who isn’t busy nowadays? When you sit down to hack, you want to find a bug, or at least know you’re on the right track to find one. Over the past 5 years of full-time bug bounty, I’ve identified a couple of techniques that will get you some quick wins on most applications. I’ll show you how to apply these techniques, and then, building upon them, direct your longer-term testing to keep finding bugs and getting the best ROI for your time hunting. This workshop is oriented toward equipping you to make the most money with the least time investment. These are not the most technical bugs. These are the bugs that pay the bills and keep you well-fed, dopamine'ed up, and pushing deeper into these apps. In this workshop, we'll target REAL bug bounty targets, and apply the very techniques I've used in the past to find bugs on these targets. We'll cover mega-efficient testing techniques for various types of client-side access controls and IDORs. We'll cover polyglot usage for generic injection testing. We'll cover attack vector ideation, friction minimization, gadget hunting, organization. And much, much more. All of these things will keep you motivated, on track, and efficient as you push through the slog of HTTP requests between you and your next pay day. Leggo.\r\n\r\nWhat skill level is your presentation aimed at?\r\nAll skill levels, but attendees should have a basic understanding of web architecture and web vulnerabilities such as XSS, CSRF, IDOR, and Broken Access Controls.\r\n\r\nPre-Requisites:\r\n- Bring your laptop\r\n- Please come with Caido installed (or Burp, if you must) \r\n- General understanding of HTTP requests and web testing","updated_timestamp":{"seconds":1721438447,"nanoseconds":0},"speakers":[{"content_ids":[54657,55182],"conference_id":133,"event_ids":[55570,55029],"name":"Justin \"Rhynorater\" Gardner","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Bug Bounty Hunter"},{"organization":"Critical Thinking - Bug Bounty Podcast","title":"Host"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@Rhynorater)","sort_order":0,"url":"https://twitter.com/Rhynorater"}],"media":[],"id":54326,"title":"Host at Critical Thinking - Bug Bounty Podcast"}],"begin_tsz":"2024-08-10T21:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T01:20:47Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#high-roi-manual-bug-hunting-techniques"}],"end":"2024-08-10T23:00:00.000-0000","id":55570,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723325400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54326}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-10T21:30:00.000-0000","updated":"2024-07-20T01:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Biological warfare is a phenomenon that spans human history, tracing its roots to ancient times rather than being a recent invention. To gain insights into bioweapons' current and future landscape, it is imperative to delve into historical examples of conventional biological warfare and understand how methods were devised and implemented.\r\n\r\nHowever, amidst the exploration of historical precedents, it becomes evident that our optimism for the future hinges significantly on our ability to foster transparency and creativity within the global community. This optimism is intertwined with our comprehension of technological advancements, the rapid pace of innovation, the interconnectedness of various domains, and the imperative task of constructing practical defenses against emerging threats. It is crucial to acknowledge that despite the sophistication of technology, its efficacy remains intricately linked to human ingenuity. As a poignant reminder, our vulnerability lies in technological shortcomings and our collective failure of imagination. Creativity, a distinctly human attribute, stands as the cornerstone in the perpetual endeavor to safeguard against unforeseen adversities.\r\n\r\nFurthermore, the discourse extends to establishing social norms and mores that are pivotal in shaping attitudes toward biological warfare. Addressing the proliferation of disinformation and its potential to fuel the proliferation and utilization of bioweapons becomes imperative. This discussion encompasses an exploration of prospective research endeavors and emerging initiatives leveraging artificial intelligence (AI) in the realm of bioweaponry. Notably, the utility of Generative AI in affecting societal shifts toward the normalization of bioweapon deployment warrants scrutiny. Additionally, the current societal landscape, particularly the desensitization of internet denizens to overt hostile actions, poses profound implications for the future trajectory of biological warfare.\r\n\r\nIn essence, a comprehensive understanding of historical precedents, coupled with a proactive approach towards fostering transparency, creativity, and the cultivation of robust societal norms, is indispensable in navigating the complexities of bioweapon proliferation. As we confront the intricate interplay between technological advancements and human agency, it is imperative to remain vigilant and resolute in our pursuit of a future safeguarded against the malevolent exploitation of biological agents.\n\n\n","media":[],"title":"The Past, Present, and Future of Bioweapons","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:15:00Z","end_timestamp":{"seconds":1723328100,"nanoseconds":0},"android_description":"Biological warfare is a phenomenon that spans human history, tracing its roots to ancient times rather than being a recent invention. To gain insights into bioweapons' current and future landscape, it is imperative to delve into historical examples of conventional biological warfare and understand how methods were devised and implemented.\r\n\r\nHowever, amidst the exploration of historical precedents, it becomes evident that our optimism for the future hinges significantly on our ability to foster transparency and creativity within the global community. This optimism is intertwined with our comprehension of technological advancements, the rapid pace of innovation, the interconnectedness of various domains, and the imperative task of constructing practical defenses against emerging threats. It is crucial to acknowledge that despite the sophistication of technology, its efficacy remains intricately linked to human ingenuity. As a poignant reminder, our vulnerability lies in technological shortcomings and our collective failure of imagination. Creativity, a distinctly human attribute, stands as the cornerstone in the perpetual endeavor to safeguard against unforeseen adversities.\r\n\r\nFurthermore, the discourse extends to establishing social norms and mores that are pivotal in shaping attitudes toward biological warfare. Addressing the proliferation of disinformation and its potential to fuel the proliferation and utilization of bioweapons becomes imperative. This discussion encompasses an exploration of prospective research endeavors and emerging initiatives leveraging artificial intelligence (AI) in the realm of bioweaponry. Notably, the utility of Generative AI in affecting societal shifts toward the normalization of bioweapon deployment warrants scrutiny. Additionally, the current societal landscape, particularly the desensitization of internet denizens to overt hostile actions, poses profound implications for the future trajectory of biological warfare.\r\n\r\nIn essence, a comprehensive understanding of historical precedents, coupled with a proactive approach towards fostering transparency, creativity, and the cultivation of robust societal norms, is indispensable in navigating the complexities of bioweapon proliferation. As we confront the intricate interplay between technological advancements and human agency, it is imperative to remain vigilant and resolute in our pursuit of a future safeguarded against the malevolent exploitation of biological agents.","updated_timestamp":{"seconds":1720403504,"nanoseconds":0},"speakers":[{"content_ids":[54620],"conference_id":133,"event_ids":[54994],"name":"Lucas Potter","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"BiosView","title":"Engineer"}],"links":[],"pronouns":null,"media":[],"id":54223,"title":"Engineer at BiosView"},{"content_ids":[54620],"conference_id":133,"event_ids":[54994],"name":"Xavier Palmer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54232},{"content_ids":[54620],"conference_id":133,"event_ids":[54994],"name":"Meow-Ludo Disco Gamma Meow-Meow ","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54355}],"begin_tsz":"2024-08-10T21:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T01:51:44Z","links":[],"end":"2024-08-10T22:15:00.000-0000","id":54994,"tag_ids":[46371,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723325400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54223},{"tag_id":46167,"sort_order":1,"person_id":54355},{"tag_id":46167,"sort_order":1,"person_id":54232}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T21:30:00.000-0000","updated":"2024-07-08T01:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As security researchers, we constantly attempt to stay ahead of the curve, seeking innovative solutions to enhance our offensive security strategies. In recent years, the advent of artificial intelligence (AI) has introduced a new dimension to our efforts, particularly in the realm of bug bounties and pentesting. While significant attention has been given to understanding and mitigating attacks against AI systems, the potential of AI to assist in the offensive security field remains largely unclear.\n\nThis talk pretends to dig into the research and development process undertaken to create an AI agent designed to augment the bug bounty and pentesting workflow. Our AI agent is not merely a theoretical concept but a practical tool aimed at enhancing the efficiency and effectiveness of security researchers.\n\nWe have conducted extensive research to understand how AI can mimic and enhance human intuition and creativity in identifying vulnerabilities. While this may sound trivial, there is little evidence of this being tested before on generative AI agents. Our work breaks new ground by pushing the boundaries of what AI can achieve in offensive security. \n\nWill AI become an indispensable tool in our arsenal, capable of autonomously identifying and exploiting vulnerabilities? Join us as we explore the possibilities and implications of AI as an offensive assistant in this new era of offensive security.\n\n\n","media":[],"title":"Leveraging AI for Smarter Bug Bounties","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:15:00Z","end_timestamp":{"seconds":1723328100,"nanoseconds":0},"android_description":"As security researchers, we constantly attempt to stay ahead of the curve, seeking innovative solutions to enhance our offensive security strategies. In recent years, the advent of artificial intelligence (AI) has introduced a new dimension to our efforts, particularly in the realm of bug bounties and pentesting. While significant attention has been given to understanding and mitigating attacks against AI systems, the potential of AI to assist in the offensive security field remains largely unclear.\n\nThis talk pretends to dig into the research and development process undertaken to create an AI agent designed to augment the bug bounty and pentesting workflow. Our AI agent is not merely a theoretical concept but a practical tool aimed at enhancing the efficiency and effectiveness of security researchers.\n\nWe have conducted extensive research to understand how AI can mimic and enhance human intuition and creativity in identifying vulnerabilities. While this may sound trivial, there is little evidence of this being tested before on generative AI agents. Our work breaks new ground by pushing the boundaries of what AI can achieve in offensive security. \n\nWill AI become an indispensable tool in our arsenal, capable of autonomously identifying and exploiting vulnerabilities? Join us as we explore the possibilities and implications of AI as an offensive assistant in this new era of offensive security.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54619],"conference_id":133,"event_ids":[54993],"name":"Joel \"Niemand_Sec\" Noguera","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"XBOW","title":"Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@niemand_sec)","sort_order":0,"url":"https://twitter.com/niemand_sec"}],"media":[],"id":54269,"title":"Security Researcher at XBOW"},{"content_ids":[54619],"conference_id":133,"event_ids":[54993],"name":"Diego Jurado","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"XBOW","title":"Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@djurado9)","sort_order":0,"url":"https://twitter.com/djurado9"}],"media":[],"id":54329,"title":"Security Researcher at XBOW"}],"begin_tsz":"2024-08-10T21:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#leveraging-ai-for-smarter-bug-bounties"}],"end":"2024-08-10T22:15:00.000-0000","id":54993,"tag_ids":[46374,46419,46442,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723325400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54329},{"tag_id":46167,"sort_order":4,"person_id":54269}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-10T21:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Trolls cheating in video games by passing Tool-Assisted Speedruns off as human effort break leaderboards and stifle speedrunners. Why do they do it when they could make a cool game hack or TAS to show off their work, and how do you trap these trolls? The answer is to use their own tools against them, often with popcorn bucket worthy results like taking down Guinness World Records. From a TASVideos member taking on 1980's Dragster cheat Todd Rogers, a passing mention of Billy Mitchell, and the TASBot team investigating Super Mario Maker shenanigans, this talk covers several notable cheating incidents and concludes with a systematic takedown of a troll that chilled the Diablo speedrunning community for more than a decade.\r\n\r\nThis talk includes several investigations I have been a part of in some capacity and will ultimately include additional references in the coming months; I've broken the references out by game, presented in Markdown format like the rest of this document:\r\n### Dragster\r\n- [Submission #5517: Omnigamer's A2600 Dragster in 00:08.49](https://tasvideos.org/5517S)\r\n- [A2600 Dragster by Omnigamer in 00:08.49](https://tasvideos.org/3430M)\r\n- [Submission #5876: MrWint & Omnigamer's A2600 Dragster in 00:08.39](https://tasvideos.org/5876S)\r\n- [A2600 Dragster by MrWint, Omnigamer in 00:08.39](https://tasvideos.org/3662M)\r\n- [Omnigamer's Dragster simulator model](https://docs.google.com/spreadsheets/d/1HhaBah7e48lBRA18v8Mgr-fRVZS5DUJb_pnOsBTC34c)\r\n- [Dragster optimal sequence project by esnard](https://github.com/esnard/dragster)\r\n- [Investigation into optimal Dragster play by MrWint](https://github.com/MrWint/dragster/tree/master)\r\n- [TASBot beats Dragster in 5.57 (console verification of Omnigamer's TAS)](https://www.youtube.com/watch?v=oXMxZbPzRzs)\r\n\r\n### Super Mario Maker\r\n- [Inside TASBot’s semi-secret, probably legal effort to control the Nintendo Switch](https://arstechnica.com/gaming/2020/01/inside-tasbots-semi-secret-probably-legal-effort-to-control-the-nintendo-switch/)\r\n- [The _Super Mario Maker_ community faces its final boss](https://arstechnica.com/gaming/2024/03/the-super-mario-maker-community-faces-its-final-boss/)\r\n- [_Super Mario Maker_’s “final boss” was a fraud all along](https://arstechnica.com/gaming/2024/03/super-mario-makers-final-boss-was-a-fraud-all-along/)\r\n- [How to cheat at _Super Mario Maker_ and get away with it for years](https://arstechnica.com/gaming/2024/04/how-to-cheat-at-super-mario-maker-and-get-away-with-it-for-years/)\r\n- [Trimming the Herbs TAS attempts](https://youtu.be/ypoNHp7aWGM)\r\n- [Trimming the Herbs has been Beaten](https://www.youtube.com/watch?v=i7yvVJbji0U)\r\n\r\n# Diablo\r\n- [Speed Demos Archive Diablo page](https://speeddemosarchive.com/Diablo.html)\r\n- [Groobo's 2009 Diablo speedrun submission video](https://speeddemosarchive.com/demo.pl?Diablo_Sorcerer_312)\r\n- [Speed Demos Archive Diablo run review](https://forum.speeddemosarchive.com/post/diablo__february_8th_2009.html)\r\n- [Guinness World Records Diablo entry](https://www.guinnessworldrecords.com/world-records/110580-fastest-completion-of-an-rpg-videogame)\r\n- [Devilution Diablo decompiliation](https://github.com/diasurgical/devilution)\r\n- [DevilutionX Diablo decompiliation](https://github.com/diasurgical/devilutionX/)\r\n- [Diablo MapGen](https://github.com/Matthew-petroff/diablo-mapgen)\r\n\n\n\n","media":[],"title":"Troll Trapping Through TAS Tools - Exposing Speedrunning Cheaters","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T22:15:00Z","end_timestamp":{"seconds":1723328100,"nanoseconds":0},"android_description":"Trolls cheating in video games by passing Tool-Assisted Speedruns off as human effort break leaderboards and stifle speedrunners. Why do they do it when they could make a cool game hack or TAS to show off their work, and how do you trap these trolls? The answer is to use their own tools against them, often with popcorn bucket worthy results like taking down Guinness World Records. From a TASVideos member taking on 1980's Dragster cheat Todd Rogers, a passing mention of Billy Mitchell, and the TASBot team investigating Super Mario Maker shenanigans, this talk covers several notable cheating incidents and concludes with a systematic takedown of a troll that chilled the Diablo speedrunning community for more than a decade.\r\n\r\nThis talk includes several investigations I have been a part of in some capacity and will ultimately include additional references in the coming months; I've broken the references out by game, presented in Markdown format like the rest of this document:\r\n### Dragster\r\n- [Submission #5517: Omnigamer's A2600 Dragster in 00:08.49](https://tasvideos.org/5517S)\r\n- [A2600 Dragster by Omnigamer in 00:08.49](https://tasvideos.org/3430M)\r\n- [Submission #5876: MrWint & Omnigamer's A2600 Dragster in 00:08.39](https://tasvideos.org/5876S)\r\n- [A2600 Dragster by MrWint, Omnigamer in 00:08.39](https://tasvideos.org/3662M)\r\n- [Omnigamer's Dragster simulator model](https://docs.google.com/spreadsheets/d/1HhaBah7e48lBRA18v8Mgr-fRVZS5DUJb_pnOsBTC34c)\r\n- [Dragster optimal sequence project by esnard](https://github.com/esnard/dragster)\r\n- [Investigation into optimal Dragster play by MrWint](https://github.com/MrWint/dragster/tree/master)\r\n- [TASBot beats Dragster in 5.57 (console verification of Omnigamer's TAS)](https://www.youtube.com/watch?v=oXMxZbPzRzs)\r\n\r\n### Super Mario Maker\r\n- [Inside TASBot’s semi-secret, probably legal effort to control the Nintendo Switch](https://arstechnica.com/gaming/2020/01/inside-tasbots-semi-secret-probably-legal-effort-to-control-the-nintendo-switch/)\r\n- [The _Super Mario Maker_ community faces its final boss](https://arstechnica.com/gaming/2024/03/the-super-mario-maker-community-faces-its-final-boss/)\r\n- [_Super Mario Maker_’s “final boss” was a fraud all along](https://arstechnica.com/gaming/2024/03/super-mario-makers-final-boss-was-a-fraud-all-along/)\r\n- [How to cheat at _Super Mario Maker_ and get away with it for years](https://arstechnica.com/gaming/2024/04/how-to-cheat-at-super-mario-maker-and-get-away-with-it-for-years/)\r\n- [Trimming the Herbs TAS attempts](https://youtu.be/ypoNHp7aWGM)\r\n- [Trimming the Herbs has been Beaten](https://www.youtube.com/watch?v=i7yvVJbji0U)\r\n\r\n# Diablo\r\n- [Speed Demos Archive Diablo page](https://speeddemosarchive.com/Diablo.html)\r\n- [Groobo's 2009 Diablo speedrun submission video](https://speeddemosarchive.com/demo.pl?Diablo_Sorcerer_312)\r\n- [Speed Demos Archive Diablo run review](https://forum.speeddemosarchive.com/post/diablo__february_8th_2009.html)\r\n- [Guinness World Records Diablo entry](https://www.guinnessworldrecords.com/world-records/110580-fastest-completion-of-an-rpg-videogame)\r\n- [Devilution Diablo decompiliation](https://github.com/diasurgical/devilution)\r\n- [DevilutionX Diablo decompiliation](https://github.com/diasurgical/devilutionX/)\r\n- [Diablo MapGen](https://github.com/Matthew-petroff/diablo-mapgen)","updated_timestamp":{"seconds":1720463210,"nanoseconds":0},"speakers":[{"content_ids":[54501],"conference_id":133,"event_ids":[54874],"name":"Allan \"dwangoAC\" Cecil","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"TASBot Online Community","title":"Founder and Leader"}],"pronouns":"he/him","links":[{"description":"","title":"Discord.gg/TASBot","sort_order":0,"url":"https://Discord.gg/TASBot"},{"description":"","title":"TAS.Bot","sort_order":0,"url":"https://TAS.Bot"},{"description":"","title":"Twitch","sort_order":0,"url":"https://Twitch.tv/dwangoAC"},{"description":"","title":"YouTube","sort_order":0,"url":"https://YouTube.com/dwangoAC"}],"media":[],"id":54063,"title":"Founder and Leader at TASBot Online Community"}],"begin_tsz":"2024-08-10T21:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:26:50Z","links":[],"end":"2024-08-10T22:15:00.000-0000","id":54874,"tag_ids":[46166,46169,46419,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723325400,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54063}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-10T21:30:00.000-0000","updated":"2024-07-08T18:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"With the iPhone 15 & iPhone 15 Pro Apple switched their iPhone to USB-C - and introduced a new proprietary USB-C controller: The ACE3.\r\n\r\nBut the ACE3 does more than just handle USB power delivery: It's a full microcontroller running a full USB stack connected to some of the internal busses of the device, and we even managed to access JTAG on the iPhone 15 through it. It also provides access to UART, the internal SPMI bus, etc. Previous variants of the ACE, namely the ACE2 found in MacBooks, could easily be dumped and analyzed using SWD - and even be persistently backdoored through a software vulnerability we found.\r\n\r\nOn the ACE3 however, Apple upped their game: Firmware updates are personalized, debug interfaces seem to be disabled, and the external flash is validated and does not contain all the firmware. However using a combination of reverse-engineering, RF side-channel analysis and electro-magnetic fault-injection it was possible to gain code-execution on the ACE3 - allowing dumping of the ROM, and analysis of the functionality.\r\n\r\nThis talk will show how to use a combination of hardware, firmware, reverse-engineering, side-channel analysis and fault-injection to gain code-execution on a completely custom chip, enabling further security research on an under-explored but security relevant part of Apple devices.\r\n\r\n- AsahiLinux USB-PD Documentaiton - [link](https://github.com/AsahiLinux/docs/wiki/HW%3AUSB-PD)\r\n- AsahiLinux macvdmtool - [link](https://github.com/AsahiLinux/macvdmtool)\r\n- ACE Controller Secrets (for ACE/ACE2) - [link](https://blog.rickmark.me/ace-controller-secrets/)\r\n- Marc Zyngier's Central Scrutinizer - [link](https://kernel.googlesource.com/pub/scm/linux/kernel/git/maz/cs-hw/)\r\n\n\n\n","media":[],"title":"ACE up the Sleeve: From getting JTAG on the iPhone 15 to hacking into Apple's new USB-C Controller","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T22:15:00Z","end_timestamp":{"seconds":1723328100,"nanoseconds":0},"android_description":"With the iPhone 15 & iPhone 15 Pro Apple switched their iPhone to USB-C - and introduced a new proprietary USB-C controller: The ACE3.\r\n\r\nBut the ACE3 does more than just handle USB power delivery: It's a full microcontroller running a full USB stack connected to some of the internal busses of the device, and we even managed to access JTAG on the iPhone 15 through it. It also provides access to UART, the internal SPMI bus, etc. Previous variants of the ACE, namely the ACE2 found in MacBooks, could easily be dumped and analyzed using SWD - and even be persistently backdoored through a software vulnerability we found.\r\n\r\nOn the ACE3 however, Apple upped their game: Firmware updates are personalized, debug interfaces seem to be disabled, and the external flash is validated and does not contain all the firmware. However using a combination of reverse-engineering, RF side-channel analysis and electro-magnetic fault-injection it was possible to gain code-execution on the ACE3 - allowing dumping of the ROM, and analysis of the functionality.\r\n\r\nThis talk will show how to use a combination of hardware, firmware, reverse-engineering, side-channel analysis and fault-injection to gain code-execution on a completely custom chip, enabling further security research on an under-explored but security relevant part of Apple devices.\r\n\r\n- AsahiLinux USB-PD Documentaiton - [link](https://github.com/AsahiLinux/docs/wiki/HW%3AUSB-PD)\r\n- AsahiLinux macvdmtool - [link](https://github.com/AsahiLinux/macvdmtool)\r\n- ACE Controller Secrets (for ACE/ACE2) - [link](https://blog.rickmark.me/ace-controller-secrets/)\r\n- Marc Zyngier's Central Scrutinizer - [link](https://kernel.googlesource.com/pub/scm/linux/kernel/git/maz/cs-hw/)","updated_timestamp":{"seconds":1720463233,"nanoseconds":0},"speakers":[{"content_ids":[54500],"conference_id":133,"event_ids":[54873],"name":"Thomas \"stacksmashing\" Roth","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Twitter (@ghidraninja)","sort_order":0,"url":"https://twitter.com/ghidraninja"},{"description":"","title":"YouTube","sort_order":0,"url":"https://youtube.com/stacksmashing"}],"media":[],"id":54065}],"begin_tsz":"2024-08-10T21:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:27:13Z","links":[],"end":"2024-08-10T22:15:00.000-0000","id":54873,"tag_ids":[46166,46169,46419,46438,46880],"village_id":null,"begin_timestamp":{"seconds":1723325400,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54065}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-10T21:30:00.000-0000","updated":"2024-07-08T18:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This workshop offers hands-on instruction using a unique, cat-shaped Wi-Fi hacking microcontroller. Designed to engage participants in practical learning, the workshop will cover essential skills for defending against four common Wi-Fi attacks. Participants will explore topics like detecting Wi-Fi leaks, the risks of QR codes leading to hidden networks, spotting phishing networks, and defending against advanced Wi-Fi karma attacks. The cat-shaped Wi-Fi Nugget is a powerful tool for understanding and fighting back against Wi-Fi hacking. This workshop is suitable for Wi-Fi hacking experts and those just getting started. A computer with a Chrome-based browser is required for this workshop.\n\n\n","media":[],"title":"Wi-Fi Hacking Self Defense: Four Advanced Techniques and How to Stop Them","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T23:15:00Z","end_timestamp":{"seconds":1723331700,"nanoseconds":0},"android_description":"This workshop offers hands-on instruction using a unique, cat-shaped Wi-Fi hacking microcontroller. Designed to engage participants in practical learning, the workshop will cover essential skills for defending against four common Wi-Fi attacks. Participants will explore topics like detecting Wi-Fi leaks, the risks of QR codes leading to hidden networks, spotting phishing networks, and defending against advanced Wi-Fi karma attacks. The cat-shaped Wi-Fi Nugget is a powerful tool for understanding and fighting back against Wi-Fi hacking. This workshop is suitable for Wi-Fi hacking experts and those just getting started. A computer with a Chrome-based browser is required for this workshop.","updated_timestamp":{"seconds":1722645221,"nanoseconds":0},"speakers":[{"content_ids":[55930,55931,55932,55933,55934,55935,55936,55937,55938,55939],"conference_id":133,"event_ids":[56521,56522,56523,56524,56525,56526,56527,56528,56529,56530],"name":"Kody K","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56287}],"begin_tsz":"2024-08-10T21:15:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:41Z","links":[{"label":"Purchase/Pre-Register","type":"link","url":"https://retia.io/products/wi-fi-hacking-self-defense-4-advanced-techniques-and-how-to-stop-them"}],"end":"2024-08-10T23:15:00.000-0000","id":56527,"tag_ids":[46383,46429,46734],"village_id":null,"begin_timestamp":{"seconds":1723324500,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56287}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T21:15:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Aviation's Traffic Collision Avoidance System (TCAS) II has been touted as a foolproof safety net since its introduction in the 1980s. But what if we told you that this supposedly impenetrable system can be compromised? For years, attacks on TCAS have been mere theoretical exercises, foiled by an (accidental) built in security feature. That is, until now. In this presentation, we'll reveal the first working RF attacks on TCAS II, demonstrating how to hijack collision avoidance displays and create fake Traffic Advisories (TAs) and Resolution Advisories (RAs). We'll walk you through the technical challenges of building the necessary tooling using commercial off-the-shelf hardware.\n\nBut that's not all. Our research has also uncovered a second attack capable of remotely disabling an aircraft's TCAS capabilities, rendering it vulnerable to mid-air collisions. The implications are clear: if our findings can be exploited in real-world scenarios, the safety of millions of passengers hangs in the balance. Join us as we lift the lid on this shocking vulnerability and explore the dark side of aviation security.\n\n\n","media":[],"title":" RF Attacks on Aviation's Last Line of Defense Against Mid-Air Collisions (TCAS II)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Aviation's Traffic Collision Avoidance System (TCAS) II has been touted as a foolproof safety net since its introduction in the 1980s. But what if we told you that this supposedly impenetrable system can be compromised? For years, attacks on TCAS have been mere theoretical exercises, foiled by an (accidental) built in security feature. That is, until now. In this presentation, we'll reveal the first working RF attacks on TCAS II, demonstrating how to hijack collision avoidance displays and create fake Traffic Advisories (TAs) and Resolution Advisories (RAs). We'll walk you through the technical challenges of building the necessary tooling using commercial off-the-shelf hardware.\n\nBut that's not all. Our research has also uncovered a second attack capable of remotely disabling an aircraft's TCAS capabilities, rendering it vulnerable to mid-air collisions. The implications are clear: if our findings can be exploited in real-world scenarios, the safety of millions of passengers hangs in the balance. Join us as we lift the lid on this shocking vulnerability and explore the dark side of aviation security.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54618,54510],"conference_id":133,"event_ids":[54883,54992],"name":"Vincent Lenders","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cyber-Defence Campus","title":"Cybersecurity Researcher and Head"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/vincent-lenders-303656"},{"description":"","title":"Twitter (@Vlenders)","sort_order":0,"url":"https://twitter.com/Vlenders"},{"description":"","title":"lenders.ch","sort_order":0,"url":"https://lenders.ch"}],"media":[],"id":54111,"title":"Cybersecurity Researcher and Head at Cyber-Defence Campus"},{"content_ids":[54618],"conference_id":133,"event_ids":[54992],"name":"Giacomo Longo","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54336}],"begin_tsz":"2024-08-10T21:15:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":54992,"tag_ids":[46366,46419,46437,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723324500,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54336},{"tag_id":46167,"sort_order":1,"person_id":54111}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T21:15:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Brief History of GRC","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:50:00Z","end_timestamp":{"seconds":1723326600,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722445826,"nanoseconds":0},"speakers":[{"content_ids":[55690],"conference_id":133,"event_ids":[56213],"name":"Allen Baranov","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56061}],"begin_tsz":"2024-08-10T21:05:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:10:26Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-10T21:50:00.000-0000","id":56213,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723323900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56061}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-10T21:05:00.000-0000","updated":"2024-07-31T17:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk we'll cover just how far you can communicate on less power than your phone uses to charge. How to tx over the horizon and how to power it all.\n\n\n","media":[],"title":"Low Power & Long Range Communications - QRP","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:30:00Z","end_timestamp":{"seconds":1723325400,"nanoseconds":0},"android_description":"In this talk we'll cover just how far you can communicate on less power than your phone uses to charge. How to tx over the horizon and how to power it all.","updated_timestamp":{"seconds":1723309020,"nanoseconds":0},"speakers":[{"content_ids":[56222],"conference_id":133,"event_ids":[56877],"name":"Escobar","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@EricEscobar)","sort_order":0,"url":"https://twitter.com/EricEscobar"}],"media":[],"id":56620}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-10T16:57:00Z","links":[],"end":"2024-08-10T21:30:00.000-0000","id":56877,"tag_ids":[46380,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56620}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W321","hotel":"","short_name":"W321","id":46337},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-10T16:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Navigating Bureaucracy: Strategies for a Post-Military Career Encore","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:45:00Z","end_timestamp":{"seconds":1723326300,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723225179,"nanoseconds":0},"speakers":[{"content_ids":[56213],"conference_id":133,"event_ids":[56867],"name":"Nia Luckey","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56604}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T17:39:39Z","links":[],"end":"2024-08-10T21:45:00.000-0000","id":56867,"tag_ids":[46409,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56604}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W213-W214","hotel":"","short_name":"W213-W214","id":46286},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-09T17:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk will cover the role that Secretaries of State’s offices play in Elections. This talk with also dive into the election processes that the State of NH follow and all the ways they do whatever they can to keep elections secure. It is a rare opportunity to hear directly from a Secretary of State the roll they play in national elections. This talk will allow audiences to have a better understanding of how these processes work and why Secretary of States play such a critical role in elections.\n\n\n","media":[],"title":"Understanding the Role of Secretary of States in Elections","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:45:00Z","end_timestamp":{"seconds":1723326300,"nanoseconds":0},"android_description":"This talk will cover the role that Secretaries of State’s offices play in Elections. This talk with also dive into the election processes that the State of NH follow and all the ways they do whatever they can to keep elections secure. It is a rare opportunity to hear directly from a Secretary of State the roll they play in national elections. This talk will allow audiences to have a better understanding of how these processes work and why Secretary of States play such a critical role in elections.","updated_timestamp":{"seconds":1723183539,"nanoseconds":0},"speakers":[{"content_ids":[56198],"conference_id":133,"event_ids":[56852],"name":"Dave Scanlan","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"New Hampshire","title":"Secretary of State"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@NHSecretary)","sort_order":0,"url":"https://twitter.com/NHSecretary"},{"description":"","title":"Website","sort_order":0,"url":"https://www.sos.nh.gov/elections/information/contact"}],"media":[],"id":56571,"title":"Secretary of State at New Hampshire"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T06:05:39Z","links":[],"end":"2024-08-10T21:45:00.000-0000","id":56852,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56571}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Adversarial AI has come a long way since its resurgence ten years ago. In this talk, we discuss how the landscape of attacks and defenses has shifted in recent years as a result of DARPA’s program on Guaranteeing AI Robustness against Deception (GARD) as well as the rise of LLMs.\n\n\n","media":[],"title":"The Cat-and-Mouse Game of Adversarial Artificial Intelligence","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:20:00Z","end_timestamp":{"seconds":1723324800,"nanoseconds":0},"android_description":"Adversarial AI has come a long way since its resurgence ten years ago. In this talk, we discuss how the landscape of attacks and defenses has shifted in recent years as a result of DARPA’s program on Guaranteeing AI Robustness against Deception (GARD) as well as the rise of LLMs.","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[56136],"conference_id":133,"event_ids":[56779],"name":"Alvaro Velasquez","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DARPA Information Innovation Office","title":"GARD Program Manager"}],"pronouns":null,"links":[{"description":"","title":"DARPA Profile","sort_order":0,"url":"https://www.darpa.mil/staff/dr-alvaro-velasquez"},{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/alvaro-velasquez-b14963246/"}],"media":[],"id":56531,"title":"GARD Program Manager at DARPA Information Innovation Office"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-10T21:20:00.000-0000","id":56779,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56531}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Welcome to Day 2 of the Gold Bug at the 11th annual Crypto & Privacy Village! Join the Gold Bug Team for the latest updates, panel-exclusive hints, and more. This panel compliments the Gold Bug: Welcome on Day 1.\n\n\n","media":[],"title":"Gold Bug: Puzzle Panel","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Welcome to Day 2 of the Gold Bug at the 11th annual Crypto & Privacy Village! Join the Gold Bug Team for the latest updates, panel-exclusive hints, and more. This panel compliments the Gold Bug: Welcome on Day 1.","updated_timestamp":{"seconds":1722726000,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T23:00:00Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":56625,"tag_ids":[46377,46439,46768],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-03T23:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Skills are learned, but application is art. Much like an artist learning the skill to draw, in this workshop, we learn the skill to identify and create byte-sized adversary emulation-based tests. By reading a report with the lens of MITRE ATT&CK, we identify procedures that link back to MITRE ATT&CK techniques or sub-techniques, which allows us to create an atomic red team test based on the reporting. However, like every artist faces when putting pen to paper, the skill of drawing is not the same as the skill of creating. Using art forgery concepts to help us overcome these obstacles, we walk through how to navigate the gaps in reporting and emulate versus simulating the adversary. Participants are encouraged to finish out the atomic tests and contribute to the public Atomic Red Team GitHub. Welcome to the club of legal copycats. Intended audience: International audience with English is a second language. Beginner to intermediate skill. Basic level of programing knowledge and cyber security concepts required. Students are expected to provide their own laptop. Have a GitHub account & understand the clone, git and pull commands.\n\n\n","media":[],"title":"CopyCat: An Artist Guide to Adversary Forgery","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Skills are learned, but application is art. Much like an artist learning the skill to draw, in this workshop, we learn the skill to identify and create byte-sized adversary emulation-based tests. By reading a report with the lens of MITRE ATT&CK, we identify procedures that link back to MITRE ATT&CK techniques or sub-techniques, which allows us to create an atomic red team test based on the reporting. However, like every artist faces when putting pen to paper, the skill of drawing is not the same as the skill of creating. Using art forgery concepts to help us overcome these obstacles, we walk through how to navigate the gaps in reporting and emulate versus simulating the adversary. Participants are encouraged to finish out the atomic tests and contribute to the public Atomic Red Team GitHub. Welcome to the club of legal copycats. Intended audience: International audience with English is a second language. Beginner to intermediate skill. Basic level of programing knowledge and cyber security concepts required. Students are expected to provide their own laptop. Have a GitHub account & understand the clone, git and pull commands.","updated_timestamp":{"seconds":1722715708,"nanoseconds":0},"speakers":[{"content_ids":[55991],"conference_id":133,"event_ids":[56613],"name":"Cat Self","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Principal Adversary Emulation Engineer (MITRE ATT&CK)","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/coolestcatiknow/"},{"description":"","title":"Twitter (@coolestcatiknow)","sort_order":0,"url":"https://x.com/coolestcatiknow"}],"media":[],"id":56328,"title":"Principal Adversary Emulation Engineer (MITRE ATT&CK)"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T20:08:28Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56613,"tag_ids":[46367,46734],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56328}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-03T20:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Unleash your creativity at the Tool Makers Hackathon, where innovation meets functionality. Collaborate with fellow hackers to design and build groundbreaking tools that push the boundaries of cybersecurity. Whether you're a seasoned pro or a budding developer, this is your chance to showcase your skills, learn from the best, and create something truly unique.\n\n\n","media":[],"title":"ToolMakers Hackathon","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Unleash your creativity at the Tool Makers Hackathon, where innovation meets functionality. Collaborate with fellow hackers to design and build groundbreaking tools that push the boundaries of cybersecurity. Whether you're a seasoned pro or a budding developer, this is your chance to showcase your skills, learn from the best, and create something truly unique.","updated_timestamp":{"seconds":1722633249,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T21:14:09Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56502,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for an immersive workshop designed for beginners and professionals looking to enhance their Open Source Intelligence (OSINT) skills. This workshop provides a technical guide to uncovering hidden connections and expanding investigative horizons using advanced OSINT techniques and tools. Participants will gain hands-on experience with leading OSINT tools, learn how to identify pivotal data points, and practice real-world pivoting strategies through interactive exercises and case studies. \n\nThis workshop is ideal for those seeking to refine their investigative methodologies and leverage cutting-edge OSINT practices for more effective and efficient investigations. \n\nTopics:\n- OSINT Introduction and Walkthrough\n- Common tools and platforms\n- Data Sources\n- Understanding Pivoting\n- Identifying Pivot Points\n- Techniques and Tools\n- Data Correlation\n- Automation and Scripting\n- Case Study\n- Integrating OSINT with other Intel\n- Ethical and Legal Considerations\n\n\nSkill Level: Beginner to Intermediate\n\n\n","media":[],"title":"The art of Pivoting in OSINT Investigations","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Join us for an immersive workshop designed for beginners and professionals looking to enhance their Open Source Intelligence (OSINT) skills. This workshop provides a technical guide to uncovering hidden connections and expanding investigative horizons using advanced OSINT techniques and tools. Participants will gain hands-on experience with leading OSINT tools, learn how to identify pivotal data points, and practice real-world pivoting strategies through interactive exercises and case studies. \n\nThis workshop is ideal for those seeking to refine their investigative methodologies and leverage cutting-edge OSINT practices for more effective and efficient investigations. \n\nTopics:\n- OSINT Introduction and Walkthrough\n- Common tools and platforms\n- Data Sources\n- Understanding Pivoting\n- Identifying Pivot Points\n- Techniques and Tools\n- Data Correlation\n- Automation and Scripting\n- Case Study\n- Integrating OSINT with other Intel\n- Ethical and Legal Considerations\n\n\nSkill Level: Beginner to Intermediate","updated_timestamp":{"seconds":1722633249,"nanoseconds":0},"speakers":[{"content_ids":[55914],"conference_id":133,"event_ids":[56501],"name":"Ram Ganesh","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56270}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T21:14:09Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56501,"tag_ids":[46391,46734],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56270}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Quantum machine learning is a relatively new discipline, first appearing around 15 years ago, and uses a combination of machine learning ideas and concepts with quantum computing in order to ask: can we utilize the high-dimensional vector space of quantum computing for machine learning?\r\n\r\nIn this talk, I’ll go through the history of quantum machine learning: the highs, the lows, and the question marks. While we still have a lot to figure out — quantum computers will not just make existing quantum machine learning ‘faster’! — I’ll show you what’s already out there and how to take part.\r\n\n\n\n","media":[],"title":"QML - Quantum Machine Learning: What is it, where did it come from, and how do I start?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:45:00Z","end_timestamp":{"seconds":1723326300,"nanoseconds":0},"android_description":"Quantum machine learning is a relatively new discipline, first appearing around 15 years ago, and uses a combination of machine learning ideas and concepts with quantum computing in order to ask: can we utilize the high-dimensional vector space of quantum computing for machine learning?\r\n\r\nIn this talk, I’ll go through the history of quantum machine learning: the highs, the lows, and the question marks. While we still have a lot to figure out — quantum computers will not just make existing quantum machine learning ‘faster’! — I’ll show you what’s already out there and how to take part.","updated_timestamp":{"seconds":1723307234,"nanoseconds":0},"speakers":[{"content_ids":[55852],"conference_id":133,"event_ids":[56439],"name":"Josh Izaac","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56617}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-10T16:27:14Z","links":[],"end":"2024-08-10T21:45:00.000-0000","id":56439,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56617}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-10T16:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Biometrics applied to PACS (Physical Access Control Systems) has been an hot-topic for a few years now. The spread of fingerprint or face recognition based access control and time attendance systems among corporate, industrial and military environments has surged. And with it, also the number of potential attack vectors has increased. In this talk, after a brief overview of the state of art of available PACS utilizing biometrics to authenticate and authorize users, we will investigate one technology among others (usually perceived less-invasive) that has been widely used in some specific fields (e.g. industrial plants, airports, food industry, etc.): the handpunch access control and time attendance systems. The handpunch PACS are based on the hand-geometry recognition. In this presentation we will have a look how this tech works and, in particular, we will focus our attention on reviewing some of existing handpunch devices: from a physical security POV until reversing the communication protocol. Moreover, during the presentation will be demonstrated how to remotely push a new super-admin user into it (i.e. persistent backdoor), how to dump existing users credentials and will be also released an opensource tool-suite: HandScan & HandPwner. Eventually, thanks the cooperation with Shodan’s creator, it has been confirmed that more than 1800 of these vulnerable devices were found exposed on the Internet. Finally, we will conclude the talk with practical and actionable countermeasures to prevent these attacks and how to harden these devices.\n\n\n","media":[],"title":"HandPwning: “Your Hand is your Passport. Verify me. Now let me in!”","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Biometrics applied to PACS (Physical Access Control Systems) has been an hot-topic for a few years now. The spread of fingerprint or face recognition based access control and time attendance systems among corporate, industrial and military environments has surged. And with it, also the number of potential attack vectors has increased. In this talk, after a brief overview of the state of art of available PACS utilizing biometrics to authenticate and authorize users, we will investigate one technology among others (usually perceived less-invasive) that has been widely used in some specific fields (e.g. industrial plants, airports, food industry, etc.): the handpunch access control and time attendance systems. The handpunch PACS are based on the hand-geometry recognition. In this presentation we will have a look how this tech works and, in particular, we will focus our attention on reviewing some of existing handpunch devices: from a physical security POV until reversing the communication protocol. Moreover, during the presentation will be demonstrated how to remotely push a new super-admin user into it (i.e. persistent backdoor), how to dump existing users credentials and will be also released an opensource tool-suite: HandScan & HandPwner. Eventually, thanks the cooperation with Shodan’s creator, it has been confirmed that more than 1800 of these vulnerable devices were found exposed on the Internet. Finally, we will conclude the talk with practical and actionable countermeasures to prevent these attacks and how to harden these devices.","updated_timestamp":{"seconds":1722564617,"nanoseconds":0},"speakers":[{"content_ids":[55343,55800],"conference_id":133,"event_ids":[55735,56349,56352],"name":"Luca \"CYBERANTANI\" Bongiorni","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"We Hack In Disguise (WHID)","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":55951,"title":"Founder at We Hack In Disguise (WHID)"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T02:10:17Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":56349,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55951}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-02T02:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Arguably one of the many unsexy topics in the space, but a super important consideration for those leading security programs and the ICs working on the individual components. This conversation will include an overview of the pros and cons of building vs buying decisions in a security program. Specific use cases, and maturity stages will be explored to help the audience understand how to work towards getting the balance right. Panelists with a wealth of diverse industry experience will talk through real world examples of what worked and what didn’t, and lessons learned. We reserve the right to pull an Oprah Winfrey and leave jars of mayo under each seat to make this talk extra memorable. \r\n\r\nPanelists’ experience includes both IC and management, from startups to FAANG to giant enterprise.\n\n\nJoin us for this thrilling and dynamic panel as we extend the wisdom of The Barefoot Contessa, Ina Garten, to the security space. Why spend your precious time in the kitchen of your security program making absolutely everything from scratch, when store bought can be just fine sometimes? We’ll discuss the pros and cons and considerations of build vs buy, in a talk that promises to capture the right balance of cynicism, nuance, and practicality. We know it’s tempting to make our own mayo, but we’ve lived it and have to say - sometimes store bought is just fine. Prepare your well ack-shuallys, we’re ready.","media":[],"title":"Store bought is fine, sometimes!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Arguably one of the many unsexy topics in the space, but a super important consideration for those leading security programs and the ICs working on the individual components. This conversation will include an overview of the pros and cons of building vs buying decisions in a security program. Specific use cases, and maturity stages will be explored to help the audience understand how to work towards getting the balance right. Panelists with a wealth of diverse industry experience will talk through real world examples of what worked and what didn’t, and lessons learned. We reserve the right to pull an Oprah Winfrey and leave jars of mayo under each seat to make this talk extra memorable. \r\n\r\nPanelists’ experience includes both IC and management, from startups to FAANG to giant enterprise.\n\n\nJoin us for this thrilling and dynamic panel as we extend the wisdom of The Barefoot Contessa, Ina Garten, to the security space. Why spend your precious time in the kitchen of your security program making absolutely everything from scratch, when store bought can be just fine sometimes? We’ll discuss the pros and cons and considerations of build vs buy, in a talk that promises to capture the right balance of cynicism, nuance, and practicality. We know it’s tempting to make our own mayo, but we’ve lived it and have to say - sometimes store bought is just fine. Prepare your well ack-shuallys, we’re ready.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55765],"conference_id":133,"event_ids":[56288],"name":"Tina Velez","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ClearVector","title":"Growth Lead"}],"links":[],"pronouns":null,"media":[],"id":56138,"title":"Growth Lead at ClearVector"},{"content_ids":[55765],"conference_id":133,"event_ids":[56288],"name":"William Phillips","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56146},{"content_ids":[55765],"conference_id":133,"event_ids":[56288],"name":"Jason Craig","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56151},{"content_ids":[55765],"conference_id":133,"event_ids":[56288],"name":"Lauren Proehl","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56166}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":56288,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56151},{"tag_id":46167,"sort_order":1,"person_id":56166},{"tag_id":46167,"sort_order":1,"person_id":56138},{"tag_id":46167,"sort_order":1,"person_id":56146}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Dapps (decentralized applications) are a type of application in the blockchain space that integrate both Web2 and blockchain components, presenting unique security challenges. Drawing from years of experience hacking Dapps, this session will share real-world examples of Dapp vulnerabilities and attack vectors. Topics covered include an introduction to Dapps, Dapp threat modeling, and Dapp vulnerability case studies, providing valuable insights and resources for newcomers and seasoned Web2 pentesters looking to enhance their Web3 application hacking skills.\n\n\n","media":[],"title":"Web2 Meets Web3: Hacking Decentralized Applications","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:30:00Z","end_timestamp":{"seconds":1723325400,"nanoseconds":0},"android_description":"Dapps (decentralized applications) are a type of application in the blockchain space that integrate both Web2 and blockchain components, presenting unique security challenges. Drawing from years of experience hacking Dapps, this session will share real-world examples of Dapp vulnerabilities and attack vectors. Topics covered include an introduction to Dapps, Dapp threat modeling, and Dapp vulnerability case studies, providing valuable insights and resources for newcomers and seasoned Web2 pentesters looking to enhance their Web3 application hacking skills.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55711],"conference_id":133,"event_ids":[56251],"name":"Peiyu Wang","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56079}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T21:30:00.000-0000","id":56251,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56079}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Make a friendship bracelet with an exclusive WISP charm.\n\n\n","media":[],"title":"Friendship Bracelet Making","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"Make a friendship bracelet with an exclusive WISP charm.","updated_timestamp":{"seconds":1722207088,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T22:51:28Z","links":[{"label":"Website","type":"link","url":"https://www.wisporg.com/"}],"end":"2024-08-10T22:45:00.000-0000","id":55902,"tag_ids":[46410,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-04","hotel":"","short_name":"HW3-05-04","id":46266},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-28T22:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"New updates to FISSURE, the open-source RF framework and toolbox for all things RF, include the addition of deployable remote sensor nodes consisting of general-purpose computers that support many types of radio peripherals. These remote sensor nodes run a small subset of code that can be controlled over a network through the FISSURE Dashboard GUI to perform traditional FISSURE operations and also execute new types of scripted actions that can be run autonomously on startup or semi-autonomously through user interaction. \n\nFlexible hardware options inherent to the computers and the radio peripherals allow the operator to weigh varying price points and upgrade options depending on the task at hand. Multiple types of COTS single-board computers (Raspberry Pi, Orange Pi, etc.), mini-PCs, laptops, and desktop computers can be supported along with various RF-enabled devices like software-defined radios or Wi-Fi/Bluetooth/Zigbee adapters. The new updates also include the ability to trigger electromagnetic effects using different types of RF, visual, acoustic, and environmental sensors connected to the nodes.\n\nThe deployment of multiple sensor nodes on the same network unlocks many geospatial applications for future development of FISSURE. Such applications include direction finding, tracking, intrusion detection, mobile deployment, and perimeter defense. A small form factor and autonomous capabilities grant unique opportunities for stealth deployment and packaging onto existing platforms. These updates can also provide a low-cost mechanism for remote workers to conduct combined RF-cybersecurity testing and access specialized RF environments like international localities of interest, laboratories, and test sites.\n\nThis talk will provide a brief overview of FISSURE and walk through all the new updates relating to the remote sensor node capabilities. To learn more, read about FISSURE on GitHub: https://github.com/ainfosec/FISSURE\n\n\n","media":[],"title":"Remote Sensor Node Updates for FISSURE - The RF Framework","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"New updates to FISSURE, the open-source RF framework and toolbox for all things RF, include the addition of deployable remote sensor nodes consisting of general-purpose computers that support many types of radio peripherals. These remote sensor nodes run a small subset of code that can be controlled over a network through the FISSURE Dashboard GUI to perform traditional FISSURE operations and also execute new types of scripted actions that can be run autonomously on startup or semi-autonomously through user interaction. \n\nFlexible hardware options inherent to the computers and the radio peripherals allow the operator to weigh varying price points and upgrade options depending on the task at hand. Multiple types of COTS single-board computers (Raspberry Pi, Orange Pi, etc.), mini-PCs, laptops, and desktop computers can be supported along with various RF-enabled devices like software-defined radios or Wi-Fi/Bluetooth/Zigbee adapters. The new updates also include the ability to trigger electromagnetic effects using different types of RF, visual, acoustic, and environmental sensors connected to the nodes.\n\nThe deployment of multiple sensor nodes on the same network unlocks many geospatial applications for future development of FISSURE. Such applications include direction finding, tracking, intrusion detection, mobile deployment, and perimeter defense. A small form factor and autonomous capabilities grant unique opportunities for stealth deployment and packaging onto existing platforms. These updates can also provide a low-cost mechanism for remote workers to conduct combined RF-cybersecurity testing and access specialized RF environments like international localities of interest, laboratories, and test sites.\n\nThis talk will provide a brief overview of FISSURE and walk through all the new updates relating to the remote sensor node capabilities. To learn more, read about FISSURE on GitHub: https://github.com/ainfosec/FISSURE","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55457],"conference_id":133,"event_ids":[55882],"name":"Chris Poore","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Assured Information Security","title":"Senior Reverse Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@FissureRF)","sort_order":0,"url":"https://twitter.com/FissureRF"}],"media":[],"id":55996,"title":"Senior Reverse Engineer at Assured Information Security"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":55882,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55996}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Gnarly vulnerabilities in devices and services that typically face the internet are being disclosed every week. You can use GreyNoise's new free community analysis platform to deploy honeypot sensors, collect PCAPs of in-the-wild exploitation of software vulnerabilities, discover the source IPs of mass scanners, botnets, and compromised devices, and compare attacks across networks. In this presentation we're demonstrating GreyNoise' new sensor deployment, SQL explorer, and rules engine.\n\n\n","media":[],"title":"Farming Ndays with GreyNoise","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"Gnarly vulnerabilities in devices and services that typically face the internet are being disclosed every week. You can use GreyNoise's new free community analysis platform to deploy honeypot sensors, collect PCAPs of in-the-wild exploitation of software vulnerabilities, discover the source IPs of mass scanners, botnets, and compromised devices, and compare attacks across networks. In this presentation we're demonstrating GreyNoise' new sensor deployment, SQL explorer, and rules engine.","updated_timestamp":{"seconds":1722131281,"nanoseconds":0},"speakers":[{"content_ids":[55428],"conference_id":133,"event_ids":[55847],"name":"Andrew Morris","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@andrew___morris"}],"media":[],"id":55972}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T01:48:01Z","links":[],"end":"2024-08-10T22:45:00.000-0000","id":55847,"tag_ids":[46441],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55972}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W308","hotel":"","short_name":"W308","id":46321},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-28T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Get all your questions about hard hats answered by the Hard Hat Brigade community organizers.\n\n\n","media":[],"title":"Hard Hat Brigade - Q&A Panel","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Get all your questions about hard hats answered by the Hard Hat Brigade community organizers.","updated_timestamp":{"seconds":1721968619,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-26T04:36:59Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":55793,"tag_ids":[46403,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-02","hotel":"","short_name":"HW2-08-02","id":46261},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-26T04:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The National Renewable Energy Laboratory's Clean Energy Cybersecurity Accelerator (CECA) program focuses on accelerating the deployment of innovative OT security solutions in the electric grid. Sponsored by the Department of Energy and utility partners, CECA collaborates with utility sponsors to prioritize cybersecurity gaps and evaluate emerging solutions focused on those gaps. The second cohort of CECA addressed the challenge of OT asset management, particularly incomplete system visibility in Industrial Control Systems (ICS). This presentation covers CECA's evaluation of runZero, a product that enhances asset visibility through active scanning. The evaluation process involved rigorous, repeatable testing in a controlled environment to assess the product's ability to accurately identify devices and its impact on device operation. We will discuss the results of this testing, demonstrating how active scanning can be safe and effective for improving asset visibility. Additionally, we will delve into CECA’s testing philosophy and approach, providing insights into our evaluation process and how it ensures the reliability and efficacy of new cybersecurity solutions.\n\n\n","media":[],"title":"Seeing the Unseen: An Evaluation of Active Scanning in ICS Environments","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:50:00Z","end_timestamp":{"seconds":1723326600,"nanoseconds":0},"android_description":"The National Renewable Energy Laboratory's Clean Energy Cybersecurity Accelerator (CECA) program focuses on accelerating the deployment of innovative OT security solutions in the electric grid. Sponsored by the Department of Energy and utility partners, CECA collaborates with utility sponsors to prioritize cybersecurity gaps and evaluate emerging solutions focused on those gaps. The second cohort of CECA addressed the challenge of OT asset management, particularly incomplete system visibility in Industrial Control Systems (ICS). This presentation covers CECA's evaluation of runZero, a product that enhances asset visibility through active scanning. The evaluation process involved rigorous, repeatable testing in a controlled environment to assess the product's ability to accurately identify devices and its impact on device operation. We will discuss the results of this testing, demonstrating how active scanning can be safe and effective for improving asset visibility. Additionally, we will delve into CECA’s testing philosophy and approach, providing insights into our evaluation process and how it ensures the reliability and efficacy of new cybersecurity solutions.","updated_timestamp":{"seconds":1721781765,"nanoseconds":0},"speakers":[{"content_ids":[55354],"conference_id":133,"event_ids":[55746],"name":"Jennifer Guerra","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"National Renewable Energy Laboratory (NREL)","title":"Cybersecurity Researcher"}],"links":[],"pronouns":null,"media":[],"id":55956,"title":"Cybersecurity Researcher at National Renewable Energy Laboratory (NREL)"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T00:42:45Z","links":[],"end":"2024-08-10T21:50:00.000-0000","id":55746,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55956}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-24T00:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The marketplace offering commercial proliferation of cyber tools and services (such as end to end CNE capabilities as well as individual components for those capabilities) is lowering the barrier to entry resulting in greater and irresponsible use by threat actors. Across the world, governments, industry, civil society, journalists, and think tanks are responding to this. Through the Pall Mall Process, the UK and French governments are working together to address this challenge, while recognising that these tools and services can provide benefits when used for legitimate purposes and developed responsibly. This session will inform those attending about the Pall Mall Process up to now and look at some of the next steps. It will also give a chance for questions to understand what it could mean for them. There is also a plan to hold an open roundtable at DEF CON for those who wish to provide feedback in a more intimate setting so that this can be considered whilst working through the next steps of the Pall Mall Process.\n\n\n","media":[],"title":"What’s next for the commercial CNE marketplace? A chance for you to influence the policy that will impact the future","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"The marketplace offering commercial proliferation of cyber tools and services (such as end to end CNE capabilities as well as individual components for those capabilities) is lowering the barrier to entry resulting in greater and irresponsible use by threat actors. Across the world, governments, industry, civil society, journalists, and think tanks are responding to this. Through the Pall Mall Process, the UK and French governments are working together to address this challenge, while recognising that these tools and services can provide benefits when used for legitimate purposes and developed responsibly. This session will inform those attending about the Pall Mall Process up to now and look at some of the next steps. It will also give a chance for questions to understand what it could mean for them. There is also a plan to hold an open roundtable at DEF CON for those who wish to provide feedback in a more intimate setting so that this can be considered whilst working through the next steps of the Pall Mall Process.","updated_timestamp":{"seconds":1722730244,"nanoseconds":0},"speakers":[{"content_ids":[55338],"conference_id":133,"event_ids":[55729],"name":"Bill Marczak","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"University of Toronto's Citizen Lab","title":"Senior Researcher"}],"links":[],"pronouns":null,"media":[],"id":55920,"title":"Senior Researcher at University of Toronto's Citizen Lab"},{"content_ids":[55338],"conference_id":133,"event_ids":[55729],"name":"Claudi d’Antoine","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Margin Research","title":"President and CEO"}],"links":[],"pronouns":null,"media":[],"id":55924,"title":"President and CEO at Margin Research"},{"content_ids":[55338],"conference_id":133,"event_ids":[55729],"name":"Océane Thieriot","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Embassy of France in Washington DC","title":"Counselor for Cyber Affairs"}],"links":[],"pronouns":null,"media":[],"id":55938,"title":"Counselor for Cyber Affairs at Embassy of France in Washington DC"},{"content_ids":[55338],"conference_id":133,"event_ids":[55729],"name":"Senior Representative from UK NCSC","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"UK National Cyber Security Centre","title":"CTO for Cyber Policy & Assessment"}],"links":[],"pronouns":null,"media":[],"id":55940,"title":"CTO for Cyber Policy & Assessment at UK National Cyber Security Centre"},{"content_ids":[55338],"conference_id":133,"event_ids":[55729],"name":"UK Repersentative 2","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"UK Foreign Commonwealth & Development Office","title":"Head of Cyber Proliferation Policy"}],"links":[],"pronouns":null,"media":[],"id":55941,"title":"Head of Cyber Proliferation Policy at UK Foreign Commonwealth & Development Office"},{"content_ids":[55897,55338],"conference_id":133,"event_ids":[55729,56484],"name":"Daniel Cuthbert","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56284}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-04T00:10:44Z","links":[],"end":"2024-08-10T22:45:00.000-0000","id":55729,"tag_ids":[46388,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55941},{"tag_id":46167,"sort_order":4,"person_id":55940},{"tag_id":46167,"sort_order":6,"person_id":55938},{"tag_id":46167,"sort_order":8,"person_id":55924},{"tag_id":46167,"sort_order":10,"person_id":55920},{"tag_id":46167,"sort_order":12,"person_id":56284}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-08-04T00:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Tempest is a new command and control framework written in Rust. The main goal of this framework is to prioritize ease of use for the hacker while also achieving elegant effectiveness on operations. Attendees will learn all about how to use the framework, with a focus on operational security and understanding the underlying code.\nThis talk will go beyond just showing how to push buttons and learn steps for using a tool. We'll talk about how the c2 works, how post-ex modules work, how to avoid EDR detection, and how to make the most effective use of this or any c2 framework.\n\n\n","media":[],"title":"Tempest c2: Use and Design","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:50:00Z","end_timestamp":{"seconds":1723326600,"nanoseconds":0},"android_description":"Tempest is a new command and control framework written in Rust. The main goal of this framework is to prioritize ease of use for the hacker while also achieving elegant effectiveness on operations. Attendees will learn all about how to use the framework, with a focus on operational security and understanding the underlying code.\nThis talk will go beyond just showing how to push buttons and learn steps for using a tool. We'll talk about how the c2 works, how post-ex modules work, how to avoid EDR detection, and how to make the most effective use of this or any c2 framework.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55305,54185],"conference_id":133,"event_ids":[55695,54554],"name":"Kirk Trychel","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Box.com","title":"Senior Red Team Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@teach2breach)","sort_order":0,"url":"https://twitter.com/teach2breach"}],"media":[],"id":53748,"title":"Senior Red Team Engineer at Box.com"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T21:50:00.000-0000","id":55695,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":53748}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Uncensored LLMs represent a category of language models free from ethical constraints, thus prone to misuse for various malicious purposes like generating malware. However, their capabilities fall short compared to commercially available LLMs, which are censored and unsuitable for such nefarious activities. Previously, researchers could bypass censorship in LLMs to generate malicious content using Jail Breaks. However, over time and with the introduction of new security measures, such exploits have become increasingly rare. In this research, we propose a novel technique in which we combine censored and uncensored LLMs for the generation of ransomware. The uncensored LLM will generate the initial malware, which will then be refined by the censored LLM to create a final, functional ransomware. We have tested the developed Ransomware in latest version of Windows OS and found it suitable for exploitation purposes. Additionally with minor efforts the rasnowmares can be updated using LLM for code obfuscation and unnecessary functionality addition for bypassing antivirus and antimalware solutions.\n\n\n","media":[],"title":"Combining Uncensored and Censored LLMs for Ransomware Generation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:50:00Z","end_timestamp":{"seconds":1723326600,"nanoseconds":0},"android_description":"Uncensored LLMs represent a category of language models free from ethical constraints, thus prone to misuse for various malicious purposes like generating malware. However, their capabilities fall short compared to commercially available LLMs, which are censored and unsuitable for such nefarious activities. Previously, researchers could bypass censorship in LLMs to generate malicious content using Jail Breaks. However, over time and with the introduction of new security measures, such exploits have become increasingly rare. In this research, we propose a novel technique in which we combine censored and uncensored LLMs for the generation of ransomware. The uncensored LLM will generate the initial malware, which will then be refined by the censored LLM to create a final, functional ransomware. We have tested the developed Ransomware in latest version of Windows OS and found it suitable for exploitation purposes. Additionally with minor efforts the rasnowmares can be updated using LLM for code obfuscation and unnecessary functionality addition for bypassing antivirus and antimalware solutions.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55304],"conference_id":133,"event_ids":[55694],"name":"Muhammad Mudassar Yamin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@Muddasaryamin)","sort_order":0,"url":"https://twitter.com/Muddasaryamin"}],"media":[],"id":55858}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T21:50:00.000-0000","id":55694,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55858}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"During this talk, we will cover the critical importance of permissions management in integrations, especially in cloud environments, and how an inappropriate permissions standard can create significant vulnerabilities for attackers. We will explore how an attacker can leverage legitimate permissions to perform privilege escalation in the cloud, highlighting the fundamental differences between Attack Vector and Attack Path. Additionally, we will examine the most effective and shortest path an attacker can take to achieve success in their goals. We will also discuss strategies to improve security in this context and mitigate these threats.\n\n\n","media":[],"title":"Cloud Offensive Breaches: The Graph-Based Exploitation of Misconfigurations","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:50:00Z","end_timestamp":{"seconds":1723326600,"nanoseconds":0},"android_description":"During this talk, we will cover the critical importance of permissions management in integrations, especially in cloud environments, and how an inappropriate permissions standard can create significant vulnerabilities for attackers. We will explore how an attacker can leverage legitimate permissions to perform privilege escalation in the cloud, highlighting the fundamental differences between Attack Vector and Attack Path. Additionally, we will examine the most effective and shortest path an attacker can take to achieve success in their goals. We will also discuss strategies to improve security in this context and mitigate these threats.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55303,55493,55964],"conference_id":133,"event_ids":[56580,55693,55922],"name":"Filipi Pires","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"senhasegura","title":"Security and Threat Researcher and Cybersecurity Advocate"},{"organization":"Black&White Technology","title":"Founder"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/filipipires/"},{"description":"","title":"Twitter (@FilipiPires)","sort_order":0,"url":"https://twitter.com/FilipiPires"},{"description":"","title":"Website","sort_order":0,"url":"https://filipipires.com"}],"media":[],"id":55857,"title":"Founder at Black&White Technology"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T21:50:00.000-0000","id":55693,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55857}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk delves into the methodologies and strategies for discovering zero-day vulnerabilities in iOS applications. It covers the fundamental principles of iOS security, including code review, reverse engineering, and dynamic analysis techniques. Attendees will gain insights into common weaknesses in iOS app architecture and learn how to exploit these vulnerabilities ethically. By the end of the session, participants will be equipped with practical tools and knowledge to identify and address potential security threats in iOS applications.\n\n\n","media":[],"title":"How to Find a 0day in iOS Apps","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"This talk delves into the methodologies and strategies for discovering zero-day vulnerabilities in iOS applications. It covers the fundamental principles of iOS security, including code review, reverse engineering, and dynamic analysis techniques. Attendees will gain insights into common weaknesses in iOS app architecture and learn how to exploit these vulnerabilities ethically. By the end of the session, participants will be equipped with practical tools and knowledge to identify and address potential security threats in iOS applications.","updated_timestamp":{"seconds":1721495340,"nanoseconds":0},"speakers":[{"content_ids":[55202],"conference_id":133,"event_ids":[55592],"name":"Xavier D. Johnson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/xavierdjohnson/"},{"description":"","title":"Website","sort_order":0,"url":"https://wehelpyousecure.com/"}],"media":[],"id":55812,"title":"Security Researcher"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T17:09:00Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":55592,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55812}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-20T17:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"National Service and Cybersecurity: Bridging the Gap Across Experiences\r\n\r\nIn an increasingly interconnected world, cybersecurity stands at the forefront of national security and defense. This panel brings together a diverse group of veterans, federal civilians, and actively serving soldiers to delve into the critical intersection of national service and cybersecurity. Through their unique perspectives and experiences, the panelists will shed light on how their respective roles play a vital part in protecting national interests and addressing the ever-evolving landscape of cyber threats.\r\n\r\nOur panel aims to underscore each group's indispensable contributions to the cybersecurity field, from veterans' strategic and operational insights to active service members' hands-on expertise and federal civilians' policy and management perspectives. By attending, you will gain valuable insights into the synergies between these roles and the pivotal role of collaboration in fortifying national security.\r\n\r\nJoin us for a compelling discussion on the profound impact of national service on cybersecurity, the challenges encountered by each group, and the vast opportunities for future collaboration to fortify our digital infrastructure.\n\n\n","media":[],"title":"MCPA x BIC x CAPT Virtual National Service Panel 2024","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"National Service and Cybersecurity: Bridging the Gap Across Experiences\r\n\r\nIn an increasingly interconnected world, cybersecurity stands at the forefront of national security and defense. This panel brings together a diverse group of veterans, federal civilians, and actively serving soldiers to delve into the critical intersection of national service and cybersecurity. Through their unique perspectives and experiences, the panelists will shed light on how their respective roles play a vital part in protecting national interests and addressing the ever-evolving landscape of cyber threats.\r\n\r\nOur panel aims to underscore each group's indispensable contributions to the cybersecurity field, from veterans' strategic and operational insights to active service members' hands-on expertise and federal civilians' policy and management perspectives. By attending, you will gain valuable insights into the synergies between these roles and the pivotal role of collaboration in fortifying national security.\r\n\r\nJoin us for a compelling discussion on the profound impact of national service on cybersecurity, the challenges encountered by each group, and the vast opportunities for future collaboration to fortify our digital infrastructure.","updated_timestamp":{"seconds":1721494694,"nanoseconds":0},"speakers":[{"content_ids":[55186],"conference_id":133,"event_ids":[55576],"name":"Manvell Lessane","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Cybersecurity Professional"}],"links":[],"pronouns":null,"media":[],"id":55788,"title":"Cybersecurity Professional"},{"content_ids":[55186],"conference_id":133,"event_ids":[55576],"name":"Dr. Juel Tillman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Service Member & Cybersecurity Professional"}],"links":[],"pronouns":"he/him","media":[],"id":55798,"title":"Service Member & Cybersecurity Professional"},{"content_ids":[55186],"conference_id":133,"event_ids":[55576],"name":"Dr. William (Bill) Butler","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Capitol Technology University","title":"Vice President Cyber Science Outreach and Partnerships"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/dr-william-bill-butler-1aba546/"}],"media":[],"id":55799,"title":"Vice President Cyber Science Outreach and Partnerships at Capitol Technology University"},{"content_ids":[55186,55197],"conference_id":133,"event_ids":[55576,55587],"name":"Nikkia Henderson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Program Operations Lead"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/nikkiahenderson/"}],"media":[],"id":55809,"title":"Program Operations Lead"},{"content_ids":[55206,55186],"conference_id":133,"event_ids":[55576,55596],"name":"Sydney Johns","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Johns Hopkins Human Language Technology Center of Excellence","title":"Phd Student & Artificial Intelligence Researcher"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/sydney-johns/"}],"media":[],"id":55811,"title":"Phd Student & Artificial Intelligence Researcher at Johns Hopkins Human Language Technology Center of Excellence"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T16:58:14Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":55576,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":55811},{"tag_id":46487,"sort_order":4,"person_id":55809},{"tag_id":46487,"sort_order":6,"person_id":55788},{"tag_id":46487,"sort_order":8,"person_id":55799},{"tag_id":46487,"sort_order":10,"person_id":55798}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-20T16:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Resume Reviews offer attendees the opportunity to have their resumes critiqued by industry professionals. This activity provides personalized feedback and tips on how to improve resumes to stand out in the cybersecurity job market. It's a great way for participants to enhance their professional profiles and increase their chances of landing their desired roles.\n\n\n","media":[],"title":"Resume Reviews","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Resume Reviews offer attendees the opportunity to have their resumes critiqued by industry professionals. This activity provides personalized feedback and tips on how to improve resumes to stand out in the cybersecurity job market. It's a great way for participants to enhance their professional profiles and increase their chances of landing their desired roles.","updated_timestamp":{"seconds":1721487270,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T14:54:30Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55414,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Biological warfare is a phenomenon that spans human history, tracing its roots to ancient times rather than being a recent invention. To gain insights into bioweapons' current and future landscape, it is imperative to look into historical examples of conventional biological warfare and understand how methods were devised and implemented. Our future hinges significantly on our ability to foster transparency and creativity within the global community. This optimism is intertwined with our comprehension of technological advancements, the rapid pace of innovation, the interconnectedness of various domains, and the imperative task of constructing practical defenses against emerging threats. As a poignant reminder, our vulnerability lies in technological shortcomings and our collective failure of imagination. This discourse extends to establishing social norms and mores that are pivotal in shaping attitudes toward biological warfare and encompasses an exploration of prospective research endeavors and emerging initiatives leveraging artificial intelligence (AI) in the realm of bioweaponry. As we confront the intricate interplay between technological advancements and human agency, it is imperative to remain vigilant and resolute in our pursuit of a future safeguarded against the malevolent exploitation of biological agents.\n\n\n","media":[],"title":"You got a lighter? I need to do some Electroporation.","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:30:00Z","end_timestamp":{"seconds":1723325400,"nanoseconds":0},"android_description":"Biological warfare is a phenomenon that spans human history, tracing its roots to ancient times rather than being a recent invention. To gain insights into bioweapons' current and future landscape, it is imperative to look into historical examples of conventional biological warfare and understand how methods were devised and implemented. Our future hinges significantly on our ability to foster transparency and creativity within the global community. This optimism is intertwined with our comprehension of technological advancements, the rapid pace of innovation, the interconnectedness of various domains, and the imperative task of constructing practical defenses against emerging threats. As a poignant reminder, our vulnerability lies in technological shortcomings and our collective failure of imagination. This discourse extends to establishing social norms and mores that are pivotal in shaping attitudes toward biological warfare and encompasses an exploration of prospective research endeavors and emerging initiatives leveraging artificial intelligence (AI) in the realm of bioweaponry. As we confront the intricate interplay between technological advancements and human agency, it is imperative to remain vigilant and resolute in our pursuit of a future safeguarded against the malevolent exploitation of biological agents.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54617],"conference_id":133,"event_ids":[54991],"name":"Joshua HIll","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54244},{"content_ids":[54617],"conference_id":133,"event_ids":[54991],"name":"Phil Rhodes","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54259},{"content_ids":[54617],"conference_id":133,"event_ids":[54991],"name":"James Utley","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Auragens","title":"Chief Scientific Officer"}],"links":[],"pronouns":null,"media":[],"id":54279,"title":"Chief Scientific Officer at Auragens"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T21:30:00.000-0000","id":54991,"tag_ids":[46371,46419,46438,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54279},{"tag_id":46167,"sort_order":1,"person_id":54244},{"tag_id":46167,"sort_order":1,"person_id":54259}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you're a bug bounty hunter, time can literally mean money. For this reason, automation can be a vital part of how you hunt. But automation has limits. Whether this is hardware limits, target rate limits, WAFs & bot detection, and the list goes on. Successful automation techniques should EFFICIENTLY enhance your hunting. Whether it is being first to a fresh target, or finding targets other hunters haven't. We will go over some techniques and tools to get ahead of the pack, without wasting all your time and money.\n\n\n","media":[],"title":"Efficient Bug Bounty Automation Techniques","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:30:00Z","end_timestamp":{"seconds":1723325400,"nanoseconds":0},"android_description":"If you're a bug bounty hunter, time can literally mean money. For this reason, automation can be a vital part of how you hunt. But automation has limits. Whether this is hardware limits, target rate limits, WAFs & bot detection, and the list goes on. Successful automation techniques should EFFICIENTLY enhance your hunting. Whether it is being first to a fresh target, or finding targets other hunters haven't. We will go over some techniques and tools to get ahead of the pack, without wasting all your time and money.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54616],"conference_id":133,"event_ids":[54990],"name":"Gunnar Andrews","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@G0LDEN_infosec)","sort_order":0,"url":"https://twitter.com/G0LDEN_infosec"}],"media":[],"id":54341}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#efficient-bug-bounty-automation-techniques"}],"end":"2024-08-10T21:30:00.000-0000","id":54990,"tag_ids":[46374,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54341}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Without plan or intent, three Makers took three paths to achieve colorful badges and none were smart enough to turn back. Join our panel discussion to learn our different approaches, the strengths and weaknesses of each, and ask your probing questions. Perhaps you too will be foolish enough to venture into the technicolor labyrinth.\n\n\n","media":[],"title":"Color Blasted Badge Making: How Hard Could It Be ?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Without plan or intent, three Makers took three paths to achieve colorful badges and none were smart enough to turn back. Join our panel discussion to learn our different approaches, the strengths and weaknesses of each, and ask your probing questions. Perhaps you too will be foolish enough to venture into the technicolor labyrinth.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54615],"conference_id":133,"event_ids":[54989],"name":"Abhinav Panda","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@TweetsFromPanda)","sort_order":0,"url":"https://twitter.com/TweetsFromPanda"}],"media":[],"id":54210},{"content_ids":[54615],"conference_id":133,"event_ids":[54989],"name":"Bradán Lane","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@bradanlane)","sort_order":0,"url":"https://twitter.com/bradanlane"}],"media":[],"id":54213},{"content_ids":[54615,55434],"conference_id":133,"event_ids":[55859,54989],"name":"Hamster","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Github","sort_order":0,"url":"https://github.com/hamster"},{"description":"","title":"Twitter (@hamster)","sort_order":0,"url":"https://twitter.com/hamster"}],"media":[],"id":54217}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":54989,"tag_ids":[46407,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54210},{"tag_id":46167,"sort_order":1,"person_id":54213},{"tag_id":46167,"sort_order":1,"person_id":54217}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"On December 25th, 2021, I discovered that my modem had been hacked after a strange IP address replayed my traffic. I began researching who they were, how it happened, and eventually discovered a vulnerability which allowed me to passively monitor, change configurations, and execute commands on millions of devices. This talk details 3 years of intermittent web research on ISP security and how broadband equipment is becoming scarily centralized.\r\n\r\n1. N. Mavrakis, \"Vulnerabilities of ISPs,\" in IEEE Potentials, vol. 22, no. 4, pp. 9-15, Oct.-Nov. 2003, doi: 10.1109/MP.2003.1238687\r\n2. I Hunt TR-069 Admins: Pwning ISPs Like a Boss (Shahar Tal, August 2014, [link](https://www.youtube.com/watch?v=rz0SNEFZ8h0))\r\n3. TR-069 Wikipedia [link](https://en.wikipedia.org/wiki/TR-069#Security)\r\n4. Cox Communications VDP [link](https://www.cox.com/aboutus/policies/cox-security-responsible-disclosure-policy.html)\r\n\n\n\n","media":[],"title":"Hacking Millions of Modems (and Investigating Who Hacked My Modem)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T21:45:00Z","end_timestamp":{"seconds":1723326300,"nanoseconds":0},"android_description":"On December 25th, 2021, I discovered that my modem had been hacked after a strange IP address replayed my traffic. I began researching who they were, how it happened, and eventually discovered a vulnerability which allowed me to passively monitor, change configurations, and execute commands on millions of devices. This talk details 3 years of intermittent web research on ISP security and how broadband equipment is becoming scarily centralized.\r\n\r\n1. N. Mavrakis, \"Vulnerabilities of ISPs,\" in IEEE Potentials, vol. 22, no. 4, pp. 9-15, Oct.-Nov. 2003, doi: 10.1109/MP.2003.1238687\r\n2. I Hunt TR-069 Admins: Pwning ISPs Like a Boss (Shahar Tal, August 2014, [link](https://www.youtube.com/watch?v=rz0SNEFZ8h0))\r\n3. TR-069 Wikipedia [link](https://en.wikipedia.org/wiki/TR-069#Security)\r\n4. Cox Communications VDP [link](https://www.cox.com/aboutus/policies/cox-security-responsible-disclosure-policy.html)","updated_timestamp":{"seconds":1720463253,"nanoseconds":0},"speakers":[{"content_ids":[54499],"conference_id":133,"event_ids":[54872],"name":"Sam Curry","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Palisade","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@samwcyo)","sort_order":0,"url":"https://twitter.com/samwcyo"}],"media":[],"id":54146,"title":"Founder at Palisade"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:27:33Z","links":[],"end":"2024-08-10T21:45:00.000-0000","id":54872,"tag_ids":[46166,46169,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54146}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-08T18:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Password managers are routinely granted a massive level of trust from users, by nature of managing some of their most sensitive credentials. For any noteworthy password manager, the encryption standards for user data are well understood and highly scrutinized. What is less understood is the attack surface of the software itself. This presentation explores the local security of the 1Password MacOS desktop application and answers the question of “how safe are my passwords if my computer is infected or otherwise compromised?”.\r\n\r\nThis talk will cover the outcome of our research into 1Password, presenting several different attacks to dump local 1Password vaults. This includes describing multiple application vulnerabilities and security weaknesses we identified in the 1Password MacOS desktop application, as well as discussing the inherent limitations in its usage of IPC mechanisms and open source software. Additionally, we will discuss novel vulnerabilities found in Google Chrome that aided our exploitation of the 1Password browser extension.\r\n\r\nDarthNull’s work around decrypting 1Password vaults: [link](https://darthnull.org/1pass-roundtrip/)\r\n\n\n\n","media":[],"title":"Discovering and exploiting local attacks against the 1Password MacOS desktop application","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T21:45:00Z","end_timestamp":{"seconds":1723326300,"nanoseconds":0},"android_description":"Password managers are routinely granted a massive level of trust from users, by nature of managing some of their most sensitive credentials. For any noteworthy password manager, the encryption standards for user data are well understood and highly scrutinized. What is less understood is the attack surface of the software itself. This presentation explores the local security of the 1Password MacOS desktop application and answers the question of “how safe are my passwords if my computer is infected or otherwise compromised?”.\r\n\r\nThis talk will cover the outcome of our research into 1Password, presenting several different attacks to dump local 1Password vaults. This includes describing multiple application vulnerabilities and security weaknesses we identified in the 1Password MacOS desktop application, as well as discussing the inherent limitations in its usage of IPC mechanisms and open source software. Additionally, we will discuss novel vulnerabilities found in Google Chrome that aided our exploitation of the 1Password browser extension.\r\n\r\nDarthNull’s work around decrypting 1Password vaults: [link](https://darthnull.org/1pass-roundtrip/)","updated_timestamp":{"seconds":1720463270,"nanoseconds":0},"speakers":[{"content_ids":[54497],"conference_id":133,"event_ids":[54870],"name":"Colby Morgan","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Robinhood","title":"Leads, Pentest Team"}],"links":[],"pronouns":null,"media":[],"id":54162,"title":"Leads, Pentest Team at Robinhood"},{"content_ids":[54497],"conference_id":133,"event_ids":[54870],"name":"Jeffrey Hofmann","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Senior Offensive Security Engineer"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@jeffssh)","sort_order":0,"url":"https://twitter.com/jeffssh"},{"description":"","title":"Website","sort_order":0,"url":"https://jeffs.sh/"}],"media":[],"id":54163,"title":"Senior Offensive Security Engineer"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:27:50Z","links":[],"end":"2024-08-10T21:45:00.000-0000","id":54870,"tag_ids":[46166,46169,46419,46437,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54163},{"tag_id":46167,"sort_order":4,"person_id":54162}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-08T18:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"SQL injections seem to be a solved problem; databases even have built-in support for prepared statements, leaving no room for injections. In this session, we will go a level deeper: instead of attacking the query syntax, we will explore smuggling attacks against database wire protocols, through which remote, unauthenticated attackers can inject entire (No)SQL statements into an application's database connection.\r\n\r\nUsing vulnerable database driver libraries as case studies, we will bring the concept of HTTP request smuggling to binary protocols. By corrupting the boundaries between protocol messages, we desynchronize an application and its database, allowing the insertion of malicious messages that lead to authentication bypasses, data leakage, and remote code execution.\r\n\r\nTo put our findings into context, we will explore the real-world applicability of this new concept by comparing how robust various languages and frameworks are against these attacks. We will also discuss how smuggling attacks are not specific to database wire protocols but affect all kinds of binary protocols, from databases over message queues to caching. We will end the session with inspirations for future research to explore the topic further.\r\n\r\n- [link](https://www.postgresql.org/docs/current/protocol.html)\r\n- [link](https://dev.mysql.com/doc/dev/mysql-server/latest/PAGE_PROTOCOL.html)\r\n- [link](https://www.mongodb.com/docs/manual/reference/mongodb-wire-protocol/)\r\n- [link](https://redis.io/docs/latest/develop/reference/protocol-spec/)\r\n- [link](https://portswigger.net/research/http-desync-attacks-request-smuggling-reborn)\r\n- [link](https://portswigger.net/research/http2)\r\n- [link](https://portswigger.net/research/browser-powered-desync-attacks)\n\n\n","media":[],"title":"SQL Injection Isn't Dead: Smuggling Queries at the Protocol Level","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T21:45:00Z","end_timestamp":{"seconds":1723326300,"nanoseconds":0},"android_description":"SQL injections seem to be a solved problem; databases even have built-in support for prepared statements, leaving no room for injections. In this session, we will go a level deeper: instead of attacking the query syntax, we will explore smuggling attacks against database wire protocols, through which remote, unauthenticated attackers can inject entire (No)SQL statements into an application's database connection.\r\n\r\nUsing vulnerable database driver libraries as case studies, we will bring the concept of HTTP request smuggling to binary protocols. By corrupting the boundaries between protocol messages, we desynchronize an application and its database, allowing the insertion of malicious messages that lead to authentication bypasses, data leakage, and remote code execution.\r\n\r\nTo put our findings into context, we will explore the real-world applicability of this new concept by comparing how robust various languages and frameworks are against these attacks. We will also discuss how smuggling attacks are not specific to database wire protocols but affect all kinds of binary protocols, from databases over message queues to caching. We will end the session with inspirations for future research to explore the topic further.\r\n\r\n- [link](https://www.postgresql.org/docs/current/protocol.html)\r\n- [link](https://dev.mysql.com/doc/dev/mysql-server/latest/PAGE_PROTOCOL.html)\r\n- [link](https://www.mongodb.com/docs/manual/reference/mongodb-wire-protocol/)\r\n- [link](https://redis.io/docs/latest/develop/reference/protocol-spec/)\r\n- [link](https://portswigger.net/research/http-desync-attacks-request-smuggling-reborn)\r\n- [link](https://portswigger.net/research/http2)\r\n- [link](https://portswigger.net/research/browser-powered-desync-attacks)","updated_timestamp":{"seconds":1720462499,"nanoseconds":0},"speakers":[{"content_ids":[54466],"conference_id":133,"event_ids":[54839],"name":"Paul Gerste","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Sonar","title":"Vulnerability Researcher, R&D team"}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@pspaul@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@pspaul"},{"description":"","title":"Twitter (@pspaul95)","sort_order":0,"url":"https://twitter.com/pspaul95"}],"media":[],"id":54057,"title":"Vulnerability Researcher, R&D team at Sonar"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:14:59Z","links":[],"end":"2024-08-10T21:45:00.000-0000","id":54839,"tag_ids":[46166,46169,46419,46437,46878],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54057}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-07-08T18:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Get ready for everything you always wanted to know about RFID, but were afraid to ask! The workshop will start with a basic introduction to Radio-frequency Identification (RFID) and build to a set of practical hands-on challenges. The workshop delves into the theory behind RFID, including different types and protocols (insecure vs. secure types), and how to perform an assessment. Several hands-on assignments will punctuate the theory portion, preparing participants for challenges (of increasing difficulty) on an RFID simulation device, all while participants obtain points for the CTF contest. The objective is to make this workshop fun and accessible to a wide audience. The RFID protocols discussed and in the challenges will be limited to HID and Mifare Classic Instructions and walkthroughs for three devices will be available in the workshop materials, including:\n * Proxmark3\n * Flipper Zero\n * ACR122U\nACR122U devices will be available from the instructor during the workshop.\n\n\n","media":[],"title":"Playing with RFID","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Get ready for everything you always wanted to know about RFID, but were afraid to ask! The workshop will start with a basic introduction to Radio-frequency Identification (RFID) and build to a set of practical hands-on challenges. The workshop delves into the theory behind RFID, including different types and protocols (insecure vs. secure types), and how to perform an assessment. Several hands-on assignments will punctuate the theory portion, preparing participants for challenges (of increasing difficulty) on an RFID simulation device, all while participants obtain points for the CTF contest. The objective is to make this workshop fun and accessible to a wide audience. The RFID protocols discussed and in the challenges will be limited to HID and Mifare Classic Instructions and walkthroughs for three devices will be available in the workshop materials, including:\n * Proxmark3\n * Flipper Zero\n * ACR122U\nACR122U devices will be available from the instructor during the workshop.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54235],"conference_id":133,"event_ids":[54608],"name":"Vinnie \"kernelpaniek\" Vanhoecke","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Bishop Fox","title":"Senior Security Consultant"}],"links":[],"pronouns":null,"media":[],"id":53873,"title":"Senior Security Consultant at Bishop Fox"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://kernelpaniek_DC32.eventbrite.com"}],"end":"2024-08-11T01:00:00.000-0000","id":54608,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53873}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Frontier","hotel":"","short_name":"Frontier","id":46330},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Malware continues to increase in prevalence and sophistication. VirusTotal reported a daily submission of 2M+ malware samples. Of those 2 million malware daily submissions, over 1 million were unique malware samples. Successfully exploiting networks and systems has become a highly profitable operation for malicious threat actors. Traditional detection mechanisms including antivirus software fail to adequately detect new and varied malware. Artificial Intelligence provides advanced capabilities that can enhance cybersecurity. The purpose of this workshop is to provide an immersive, hands on projects that teach security analysts how to train Machine Learning models to detect thousands and thousands of unique malware samples. This workshop delivers a new framework that uses Machine Learning models to analyze malware, produce uniform datasets for additional analysis, and classify malicious samples into malware families. Additionally, this research presents a new Ensemble Classification Facility we developed that leverages several Machine Learning models to enhance malware classification. To our knowledge, this is the first research that utilizes Machine Learning to provide enhanced classification of an entire 200+ gigabyte-malware family corpus consisting of 80K+ unique malware samples and 70+ unique malware families. New, labeled datasets are released to aid in future classification of malware. It is time we leverage the capabilities of Artificial Intelligence and Machine Learning to enhance detection and classification of malware. Topics taught through hands-on projects include Machine Learning, Natural Language Processing, and Deep Learning models. This workshop provides a pathway to incorporate Artificial Intelligence into the automated malware analysis domain. \n\n\n","media":[],"title":"Master Class: Hands-On Machine Learning to Enhance Malware Analysis, Classification, and Detection","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Malware continues to increase in prevalence and sophistication. VirusTotal reported a daily submission of 2M+ malware samples. Of those 2 million malware daily submissions, over 1 million were unique malware samples. Successfully exploiting networks and systems has become a highly profitable operation for malicious threat actors. Traditional detection mechanisms including antivirus software fail to adequately detect new and varied malware. Artificial Intelligence provides advanced capabilities that can enhance cybersecurity. The purpose of this workshop is to provide an immersive, hands on projects that teach security analysts how to train Machine Learning models to detect thousands and thousands of unique malware samples. This workshop delivers a new framework that uses Machine Learning models to analyze malware, produce uniform datasets for additional analysis, and classify malicious samples into malware families. Additionally, this research presents a new Ensemble Classification Facility we developed that leverages several Machine Learning models to enhance malware classification. To our knowledge, this is the first research that utilizes Machine Learning to provide enhanced classification of an entire 200+ gigabyte-malware family corpus consisting of 80K+ unique malware samples and 70+ unique malware families. New, labeled datasets are released to aid in future classification of malware. It is time we leverage the capabilities of Artificial Intelligence and Machine Learning to enhance detection and classification of malware. Topics taught through hands-on projects include Machine Learning, Natural Language Processing, and Deep Learning models. This workshop provides a pathway to incorporate Artificial Intelligence into the automated malware analysis domain.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54234],"conference_id":133,"event_ids":[54607],"name":"Solomon Sonya","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Purdue University","title":"Computer Science Graduate Student"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@0xSolomonSonya)","sort_order":0,"url":"https://twitter.com/0xSolomonSonya"}],"media":[],"id":53871,"title":"Computer Science Graduate Student at Purdue University"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Sonya_DC32.eventbrite.com"}],"end":"2024-08-11T01:00:00.000-0000","id":54607,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53871}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Sands","hotel":"","short_name":"Sands","id":46331},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Email remains the #1 initial access vector for commodity malware and nation state actors. Historically, tackling email-based threats has been considered the purview of black-box vendor solutions, with defenders having limited scope (or tooling!) to swiftly and effectively respond to emerging attacker activity and novel offensive tradecraft.\nIn this workshop, attendees will be given detailed insight into the latest techniques used to deliver prevalent malware strains, including Pikabot and DarkGate, and will hunt through email data to identify this malicious activity, developing rules to detect and block these attacks.\nInitially attendees will be introduced to the foundational technologies that enable threat hunting, detection engineering, and response in the email domain, before being given access to the email data of a fictitious company seeded with benign and real-world attack data. Throughout the day, participants will learn to hunt common phishing techniques including:\n- QR codes\n- Image-as-content\n- Drive-by delivery via links and HTML smuggling\n- Excel attachments with embedded links to SMB shares\n- ISO attachments\n- PDF attachments with embedded links to malware (PDF -> URL -> ZIP -> WSF)\n- VIP impersonations\n- BEC\nAttendees will be guided through the rule creation process, utilizing free and open detection engines including Sublime and Yara, and will be introduced to the signals and email attributes that can be used to craft high-fidelity rules, including targeted user groups, sentiment analysis, sender domain age, and attachment analysis. Having completed the workshop, attendees will have a strong understanding of the tools and techniques at their disposal to defend their organizations from all manor of email threats.\n\n\n","media":[],"title":"Email Detection Engineering and Threat Hunting","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Email remains the #1 initial access vector for commodity malware and nation state actors. Historically, tackling email-based threats has been considered the purview of black-box vendor solutions, with defenders having limited scope (or tooling!) to swiftly and effectively respond to emerging attacker activity and novel offensive tradecraft.\nIn this workshop, attendees will be given detailed insight into the latest techniques used to deliver prevalent malware strains, including Pikabot and DarkGate, and will hunt through email data to identify this malicious activity, developing rules to detect and block these attacks.\nInitially attendees will be introduced to the foundational technologies that enable threat hunting, detection engineering, and response in the email domain, before being given access to the email data of a fictitious company seeded with benign and real-world attack data. Throughout the day, participants will learn to hunt common phishing techniques including:\n- QR codes\n- Image-as-content\n- Drive-by delivery via links and HTML smuggling\n- Excel attachments with embedded links to SMB shares\n- ISO attachments\n- PDF attachments with embedded links to malware (PDF -> URL -> ZIP -> WSF)\n- VIP impersonations\n- BEC\nAttendees will be guided through the rule creation process, utilizing free and open detection engines including Sublime and Yara, and will be introduced to the signals and email attributes that can be used to craft high-fidelity rules, including targeted user groups, sentiment analysis, sender domain age, and attachment analysis. Having completed the workshop, attendees will have a strong understanding of the tools and techniques at their disposal to defend their organizations from all manor of email threats.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54233],"conference_id":133,"event_ids":[54606],"name":"Alfie Champion","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DelivrTo","title":"Co-founder"}],"links":[],"pronouns":null,"media":[],"id":53832,"title":"Co-founder at DelivrTo"},{"content_ids":[54233],"conference_id":133,"event_ids":[54606],"name":"Josh Kamdjou","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Sublime Security","title":"Founder and CEO"}],"links":[],"pronouns":null,"media":[],"id":53849,"title":"Founder and CEO at Sublime Security"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Kamdjou_DC32.eventbrite.com"}],"end":"2024-08-11T01:00:00.000-0000","id":54606,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53832},{"tag_id":46167,"sort_order":1,"person_id":53849}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Desert Inn","hotel":"","short_name":"Desert Inn","id":46328},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This Physical Access Control Learning Lab will teach attendees about physical access control and the systems involved. Many of the subjects being taught will be related to their cybersecurity counterparts and lots of focus placed on the why of each concept, not only the fun parts.\n\n\n","media":[],"title":"Crash Course in Physical Access Control Systems","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"This Physical Access Control Learning Lab will teach attendees about physical access control and the systems involved. Many of the subjects being taught will be related to their cybersecurity counterparts and lots of focus placed on the why of each concept, not only the fun parts.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54232],"conference_id":133,"event_ids":[54605],"name":"Lorenzo Pedroncelli","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"RSA","title":""}],"links":[],"pronouns":null,"media":[],"id":53854,"title":"RSA"},{"content_ids":[54232],"conference_id":133,"event_ids":[54605],"name":"Randy Belbin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"RSA","title":""}],"links":[],"pronouns":null,"media":[],"id":53862,"title":"RSA"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Pedroncelli_DC32.eventbrite.com"}],"end":"2024-08-11T01:00:00.000-0000","id":54605,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53854},{"tag_id":46167,"sort_order":1,"person_id":53862}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dunes","hotel":"","short_name":"Dunes","id":46329},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Moriarty is a.NET tool designed to identify vulnerabilities for privilege escalation in Windows environments. Building upon Watson and Sherlock, Moriarty extends their capabilities by incorporating advanced scanning techniques for newer vulnerabilities and integrating additional checks. This tool supports a wide range of Windows versions, from Windows 10 to Windows 11 and Server versions 2016, 2019, and 2022. Moriarty differentiates itself by its ability to enumerate missing KBs and detect a variety of vulnerabilities linked to privilege escalation, offering suggestions for potential exploits. The tool's extensive database includes well-known vulnerabilities such as PrintNightmare (CVE-2021-1675), Log4Shell (CVE-2021-44228), and SMBGhost (CVE-2020-0796), among others.\n\n\n","media":[],"title":"Moriarty","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"Moriarty is a.NET tool designed to identify vulnerabilities for privilege escalation in Windows environments. Building upon Watson and Sherlock, Moriarty extends their capabilities by incorporating advanced scanning techniques for newer vulnerabilities and integrating additional checks. This tool supports a wide range of Windows versions, from Windows 10 to Windows 11 and Server versions 2016, 2019, and 2022. Moriarty differentiates itself by its ability to enumerate missing KBs and detect a variety of vulnerabilities linked to privilege escalation, offering suggestions for potential exploits. The tool's extensive database includes well-known vulnerabilities such as PrintNightmare (CVE-2021-1675), Log4Shell (CVE-2021-44228), and SMBGhost (CVE-2020-0796), among others.","updated_timestamp":{"seconds":1718922777,"nanoseconds":0},"speakers":[{"content_ids":[54196],"conference_id":133,"event_ids":[54565],"name":"Anthony “Coin” Rose","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"BC Security","title":"Lead Security Researcher and Chief Operating Officer"}],"pronouns":null,"links":[{"description":"","title":"Blog","sort_order":0,"url":"https://www.bc-security.org/blog/"}],"media":[],"id":53723,"title":"Lead Security Researcher and Chief Operating Officer at BC Security"},{"content_ids":[54216,54196],"conference_id":133,"event_ids":[54565,54589],"name":"Jake “Hubble” Krasnov","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"BC Security","title":"Red Team Operations Lead and Chief Executive Officer"}],"pronouns":null,"links":[{"description":"","title":"Blog","sort_order":0,"url":"https://www.bc-security.org/blog/"}],"media":[],"id":53742,"title":"Red Team Operations Lead and Chief Executive Officer at BC Security"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:32:57Z","links":[{"label":"Project","type":"link","url":"https://github.com/BC-SECURITY/Moriarty"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249637"}],"end":"2024-08-10T22:45:00.000-0000","id":54565,"tag_ids":[46169,46441,46453],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53723},{"tag_id":46167,"sort_order":4,"person_id":53742}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W307","hotel":"","short_name":"W307","id":46322},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-06-20T22:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Drop-Pi is a suite of software developed on a Raspberry Pi to facilitate the automatic bypassing of 802.1x/NAC implementations (pre 802.1x-2010 standards) and establish discrete remote access into target networks. Designed with physical penetration testing in mind, the Drop-Pi can establish remote access inside a target network within a matter of seconds after being plugged in, affording assessors with a quick in and out on an objective. Its built with common and easily sourced hardware which allows for easy and quick provisioning of multiple Drop-Pi devices. When it's not feasible to utilize a target network for egress traffic, the Drop-Pi can easily be configured to employ a wireless connection or mobile hotspot to facilitate access in and out of the network.\n\n\n","media":[],"title":"Drop-Pi","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"The Drop-Pi is a suite of software developed on a Raspberry Pi to facilitate the automatic bypassing of 802.1x/NAC implementations (pre 802.1x-2010 standards) and establish discrete remote access into target networks. Designed with physical penetration testing in mind, the Drop-Pi can establish remote access inside a target network within a matter of seconds after being plugged in, affording assessors with a quick in and out on an objective. Its built with common and easily sourced hardware which allows for easy and quick provisioning of multiple Drop-Pi devices. When it's not feasible to utilize a target network for egress traffic, the Drop-Pi can easily be configured to employ a wireless connection or mobile hotspot to facilitate access in and out of the network.","updated_timestamp":{"seconds":1718922721,"nanoseconds":0},"speakers":[{"content_ids":[54193],"conference_id":133,"event_ids":[54562],"name":"Doug Kent","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"State Farm","title":"Pentesting Team"}],"links":[],"pronouns":null,"media":[],"id":53733,"title":"Pentesting Team at State Farm"},{"content_ids":[54193],"conference_id":133,"event_ids":[54562],"name":"Robert Ditmer","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"State Farm","title":"Red Team"}],"links":[],"pronouns":null,"media":[],"id":53771,"title":"Red Team at State Farm"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:32:01Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249636"},{"label":"Project","type":"link","url":"https://github.com/ditmer/Drop-Pi"}],"end":"2024-08-10T22:45:00.000-0000","id":54562,"tag_ids":[46169,46441,46453],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53733},{"tag_id":46167,"sort_order":4,"person_id":53771}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W306","hotel":"","short_name":"W306","id":46323},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-06-20T22:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"TheAllCommander is an open-source tool which offers red teams and blue teams a framework to rapidly prototype and model malware communications, as well as associated client-side indicators of compromise. The framework provides a structured, documented, and object-oriented API for both the client and server, allowing anyone to quickly implement a novel communications protocol between a simulated malware daemon and its command and control server. For Blue Teamers, this allows rapid modeling of emerging threats and comprehensive testing in a controlled manner to develop reliable detection models. For Red Teamers, this framework allows rapid iteration and development of new protocols and communications schemes with an easy to use Python interface. The framework has many tools or techniques used by red teams built in to allow out-of-the-box modeling, including emulated client browser HTTPS traffic Remote Desktop tunneling, and UAC bypass.\n\n\n","media":[],"title":"TheAllCommander 2.0","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"TheAllCommander is an open-source tool which offers red teams and blue teams a framework to rapidly prototype and model malware communications, as well as associated client-side indicators of compromise. The framework provides a structured, documented, and object-oriented API for both the client and server, allowing anyone to quickly implement a novel communications protocol between a simulated malware daemon and its command and control server. For Blue Teamers, this allows rapid modeling of emerging threats and comprehensive testing in a controlled manner to develop reliable detection models. For Red Teamers, this framework allows rapid iteration and development of new protocols and communications schemes with an easy to use Python interface. The framework has many tools or techniques used by red teams built in to allow out-of-the-box modeling, including emulated client browser HTTPS traffic Remote Desktop tunneling, and UAC bypass.","updated_timestamp":{"seconds":1718922667,"nanoseconds":0},"speakers":[{"content_ids":[54190],"conference_id":133,"event_ids":[54559],"name":"Matthew Handy","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NASA","title":""}],"links":[],"pronouns":null,"media":[],"id":53757,"title":"NASA"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:31:07Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249635"},{"label":"Project","type":"link","url":"https://github.com/matt-handy/TheAllCommander"}],"end":"2024-08-10T22:45:00.000-0000","id":54559,"tag_ids":[46169,46441,46445,46453],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53757}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W305","hotel":"","short_name":"W305","id":46324},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-06-20T22:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Vovk is a toolset that can be used to create YARA rules. The Vovk DEF CON 2024 version will be released at DEF CON.\n\n\n","media":[],"title":"Vovk - Advanced YARA Rule Generator v2.0","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"Vovk is a toolset that can be used to create YARA rules. The Vovk DEF CON 2024 version will be released at DEF CON.","updated_timestamp":{"seconds":1718922607,"nanoseconds":0},"speakers":[{"content_ids":[54187],"conference_id":133,"event_ids":[54556],"name":"Benjamyn Whiteman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"TikTok USDS","title":"Lead Analyst, Global CSOC"}],"links":[],"pronouns":null,"media":[],"id":53724,"title":"Lead Analyst, Global CSOC at TikTok USDS"},{"content_ids":[54187],"conference_id":133,"event_ids":[54556],"name":"Vishal Thakur","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"TikTok USDS","title":"Senior Director, Cyber Fusion Center"}],"links":[],"pronouns":null,"media":[],"id":53775,"title":"Senior Director, Cyber Fusion Center at TikTok USDS"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:30:07Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249634"},{"label":"Project","type":"link","url":"https://github.com/malienist/vovk"}],"end":"2024-08-10T22:45:00.000-0000","id":54556,"tag_ids":[46169,46441,46445,46461,46467,46468],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53724},{"tag_id":46167,"sort_order":4,"person_id":53775}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W304","hotel":"","short_name":"W304","id":46325},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-06-20T22:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Caldera for Operational Technology (C4OT) is an extension to the open-source Caldera adversary emulation platform. Adversary emulation has long helped defenders of information systems exercise and improve their cyber defenses by using real adversary techniques. While Caldera has been out since 2021, C4OT was released September 2023. Specifically, C4OT exposes native OT protocol functions to Caldera. The initial release of C4OT supported three popular OT protocols (Modbus, BACnet, and DNP3). Since then, we have added support for two more protocols (IEC61850 and Profinet). Today, we are actively working on support for the space protocol GEMS. By utilizing Caldera and the C4OT plugins, end-users can emulate threat activity across both Enterprise and Operational networks with ease.\n\n\n","media":[],"title":"MITRE Caldera for OT","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T22:45:00Z","end_timestamp":{"seconds":1723329900,"nanoseconds":0},"android_description":"Caldera for Operational Technology (C4OT) is an extension to the open-source Caldera adversary emulation platform. Adversary emulation has long helped defenders of information systems exercise and improve their cyber defenses by using real adversary techniques. While Caldera has been out since 2021, C4OT was released September 2023. Specifically, C4OT exposes native OT protocol functions to Caldera. The initial release of C4OT supported three popular OT protocols (Modbus, BACnet, and DNP3). Since then, we have added support for two more protocols (IEC61850 and Profinet). Today, we are actively working on support for the space protocol GEMS. By utilizing Caldera and the C4OT plugins, end-users can emulate threat activity across both Enterprise and Operational networks with ease.","updated_timestamp":{"seconds":1718922546,"nanoseconds":0},"speakers":[{"content_ids":[54184],"conference_id":133,"event_ids":[54553],"name":"Blaine Jeffries","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MITRE Corp","title":"Operational Technology Security Engineer"}],"links":[],"pronouns":null,"media":[],"id":53725,"title":"Operational Technology Security Engineer at MITRE Corp"},{"content_ids":[54184],"conference_id":133,"event_ids":[54553],"name":"Devon Colmer","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MITRE Corp","title":"Cybersecurity Engineer, Critical Infrastructure Protection Innovation Center"}],"links":[],"pronouns":null,"media":[],"id":53732,"title":"Cybersecurity Engineer, Critical Infrastructure Protection Innovation Center at MITRE Corp"}],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:29:06Z","links":[{"label":"Project","type":"link","url":"https://github.com/mitre/caldera-ot"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249633"}],"end":"2024-08-10T22:45:00.000-0000","id":54553,"tag_ids":[46169,46441,46445,46453,46454,46455,46456],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53725},{"tag_id":46167,"sort_order":4,"person_id":53732}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W303","hotel":"","short_name":"W303","id":46326},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-06-20T22:29:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A quieter space for those who want to discuss what they are reading, recommend books, and trade books too. We will have a logo themed sticker.\n\n\n","media":[{"hash_sha256":"0525db4bf785c139047a4b26110f4207eb87e01a01f612244d8aacc9d9d5d50d","filetype":"image/png","hash_md5":"2fd6e358ad0144f03f49c63283298b05","name":"pme_BookClub.png","is_logo":"Y","hash_crc32c":"ddc7f34d","filesize":502445,"asset_id":698,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_BookClub.png"}],"title":"DC Book Club Discussion","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"A quieter space for those who want to discuss what they are reading, recommend books, and trade books too. We will have a logo themed sticker.","updated_timestamp":{"seconds":1718776193,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T21:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T05:49:53Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249549"}],"end":"2024-08-10T23:00:00.000-0000","id":54500,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723323600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"HallwayCon Lounge past W234","hotel":"","short_name":"HallwayCon Lounge past W234","id":46310},"spans_timebands":"N","begin":"2024-08-10T21:00:00.000-0000","updated":"2024-06-19T05:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Interpret the vast amount of alerts (from different sources) received with a comprehensive, hands-on autonomous attack correlation & false positive detection workshop designed to enhance your proactive defense in the cloud. The workshop aims to demystify the process of identifying coordinated attacks amidst this noise, empowering attendees to improve their efficacy & utilize the cloud cost-effectiveness.\n\nNo data science expertise is required. Little cloud & secops expertise is required.\n\nIntro:\n- The session begins with a foundational overview of event analysis challenges and state of the art.\n- Participants will learn about the ATT&CK framework, focusing on its Flows, Tactics, & Techniques to standardize threat detection.\n\n\nAI & Data:\n- A deep dive into accessible open-source AI tools will follow, featuring clustering algorithms, natural language processing, & Markov chains.\n- Guidance on importing, cleaning, & normalizing data will ensure accuracy in subsequent analyses.\n- Participants will have access to a demo environment to apply these tools interactively.\n\n\nMapping Alerts:\n- Techniques for automated mapping of alerts to ATT&CK will be demonstrated.\n- Attendees will engage in mapping exercises using AI.\n\n\nClustering Alerts:\n- The workshop will cover clustering methods based on temporal, spatial, & technical attributes.\n- Participants will engage in clustering sample alerts to form contextualized attack steps.\n\n\nCorrelating Alerts:\n- The importance of killchains in cybersecurity will be highlighted, with methods to link attack steps into cohesive killchains.\n- Participants are guided in creating & analyzing killchains to identify coordinated attacks.\n\n\nTickets:\n- Criteria for creating FP Tickets, Incident Tickets, & Attack Story Tickets will be outlined.\n- Participants will engage in generating sample tickets, ensuring each type is comprehensive & actionable.\n\n\nIntegrating & QA:\n- The session will cover integration into existing SOC setups & automation using scripts & tools.\n- Demonstrations will show how to maintain & update the system for continuous improvement, emphasizing cost-effective cloud automation.\n- QA, troubleshooting, & further resources.\n\n\nBy the end of this interactive workshop, participants will have experience with AI tools mapping alerts to Techniques, clustering them into contextualized attack steps, & constructing comprehensive killchains to uncover coordinated attacks. Additionally, they will learn to generate actionable tickets for immediate response & long-term improvements in their security posture, all without needing advanced data science knowledge. This session encourages practical application in participants' environments & further exploration of the vast capabilities of open-source AI in cybersecurity, & showcases the power of cloud cost-effectiveness in big data analytics (sagemaker, s3, lambda, etc.).\n\n\n","media":[],"title":"Connecting the Dots: Mastering Alert Correlation for Proactive Defense in the Cloud","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T22:50:00Z","end_timestamp":{"seconds":1723330200,"nanoseconds":0},"android_description":"Interpret the vast amount of alerts (from different sources) received with a comprehensive, hands-on autonomous attack correlation & false positive detection workshop designed to enhance your proactive defense in the cloud. The workshop aims to demystify the process of identifying coordinated attacks amidst this noise, empowering attendees to improve their efficacy & utilize the cloud cost-effectiveness.\n\nNo data science expertise is required. Little cloud & secops expertise is required.\n\nIntro:\n- The session begins with a foundational overview of event analysis challenges and state of the art.\n- Participants will learn about the ATT&CK framework, focusing on its Flows, Tactics, & Techniques to standardize threat detection.\n\n\nAI & Data:\n- A deep dive into accessible open-source AI tools will follow, featuring clustering algorithms, natural language processing, & Markov chains.\n- Guidance on importing, cleaning, & normalizing data will ensure accuracy in subsequent analyses.\n- Participants will have access to a demo environment to apply these tools interactively.\n\n\nMapping Alerts:\n- Techniques for automated mapping of alerts to ATT&CK will be demonstrated.\n- Attendees will engage in mapping exercises using AI.\n\n\nClustering Alerts:\n- The workshop will cover clustering methods based on temporal, spatial, & technical attributes.\n- Participants will engage in clustering sample alerts to form contextualized attack steps.\n\n\nCorrelating Alerts:\n- The importance of killchains in cybersecurity will be highlighted, with methods to link attack steps into cohesive killchains.\n- Participants are guided in creating & analyzing killchains to identify coordinated attacks.\n\n\nTickets:\n- Criteria for creating FP Tickets, Incident Tickets, & Attack Story Tickets will be outlined.\n- Participants will engage in generating sample tickets, ensuring each type is comprehensive & actionable.\n\n\nIntegrating & QA:\n- The session will cover integration into existing SOC setups & automation using scripts & tools.\n- Demonstrations will show how to maintain & update the system for continuous improvement, emphasizing cost-effective cloud automation.\n- QA, troubleshooting, & further resources.\n\n\nBy the end of this interactive workshop, participants will have experience with AI tools mapping alerts to Techniques, clustering them into contextualized attack steps, & constructing comprehensive killchains to uncover coordinated attacks. Additionally, they will learn to generate actionable tickets for immediate response & long-term improvements in their security posture, all without needing advanced data science knowledge. This session encourages practical application in participants' environments & further exploration of the vast capabilities of open-source AI in cybersecurity, & showcases the power of cloud cost-effectiveness in big data analytics (sagemaker, s3, lambda, etc.).","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[54634,55759,55495,55348,56206,55557],"conference_id":133,"event_ids":[55740,56072,55924,56284,56860,55008],"name":"Ezz Tahoun","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ezzeldinadel/"}],"media":[],"id":54240}],"begin_tsz":"2024-08-10T20:50:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-10T22:50:00.000-0000","id":55924,"tag_ids":[46376,46734],"village_id":null,"begin_timestamp":{"seconds":1723323000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54240}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-10T20:50:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Con el continuo crecimiento de las amenazas en el ciberespacio y la escasez de guías efectivas para analizar, detectar y estar un paso adelante de los adversarios, expondremos durante nuestra plática cómo, a través de la inteligencia de ciber-amenazas y el análisis de malware, podemos desmantelar la infraestructura de los atacantes y anticiparnos a sus objetivos. Utilizaremos técnicas de Threat Hunting para demostrar cómo detectar comportamientos anómalos dentro de una red y proporcionar a los asistentes las herramientas necesarias, incluyendo Indicadores de Compromiso (IoCs), Tácticas, Técnicas y Procedimientos (TTPs), e infraestructura no detectada (Hunting Infrastructure), para enfrentar la actividad maliciosa del malware conocido como DarkGate.\n\n\n","media":[],"title":"DarkGate: Cazando a la amenaza y exponiendo su infraestructura","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:30:00Z","end_timestamp":{"seconds":1723325400,"nanoseconds":0},"android_description":"Con el continuo crecimiento de las amenazas en el ciberespacio y la escasez de guías efectivas para analizar, detectar y estar un paso adelante de los adversarios, expondremos durante nuestra plática cómo, a través de la inteligencia de ciber-amenazas y el análisis de malware, podemos desmantelar la infraestructura de los atacantes y anticiparnos a sus objetivos. Utilizaremos técnicas de Threat Hunting para demostrar cómo detectar comportamientos anómalos dentro de una red y proporcionar a los asistentes las herramientas necesarias, incluyendo Indicadores de Compromiso (IoCs), Tácticas, Técnicas y Procedimientos (TTPs), e infraestructura no detectada (Hunting Infrastructure), para enfrentar la actividad maliciosa del malware conocido como DarkGate.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55971],"conference_id":133,"event_ids":[56587],"name":"Nestor Sánchez","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Cyber Threat Hunter at GNP"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@ponchosansan)","sort_order":0,"url":"https://twitter.com/ponchosansan"},{"description":"","title":"Website","sort_order":0,"url":"https://github.com/sansan-monkey"}],"media":[],"id":56314,"title":"Cyber Threat Hunter at GNP"}],"begin_tsz":"2024-08-10T20:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-10T21:30:00.000-0000","id":56587,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723321800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56314}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-10T20:30:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The hype for integrating artificial intelligence into an enterprise’s daily work has become more prevalent after introducing AI-driven systems that use Retrieval Augmented Generation (RAG), such as Copilot for Microsoft 365. But is the trust in such systems and their control over decision-making processes within enterprises rational? Copilot and other RAG-based systems can be misused to cause dissemination of misinformation that negatively impacts decision-making processes without proper auditing and safeguarding of data available to large language models in RAG-based systems.\n\nThis talk will demonstrate such an attack that we have termed ConfusedPilot because of its ability to turn Copilot into a confused deputy. The attack occurs when a malicious document is introduced to the data pool (documents, presentations, other relevant files, etc.) related to a topic affecting the enterprise’s decision-making process. The malicious document contains a combination of corrupt data and malicious strings that suppress the correct documents related to the topic and respond to the user’s query with only the information present within the malicious document. Furthermore, the talk highlights how this attack can persist after deleting content within the malicious document or the document itself. The talk also points to the larger implications of such attacks, highlighting their cascading effect and existing security measures that can be used to reduce the attack’s effectiveness. Our talk sheds light on the current attacks and potential security measures that can shield enterprises from the adverse effects of such attacks on their AI-driven systems.\n\n\n","media":[],"title":"ConfusedPilot: Data Corruption and Leakage by Misusing Copilot for Microsoft 365","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:30:00Z","end_timestamp":{"seconds":1723325400,"nanoseconds":0},"android_description":"The hype for integrating artificial intelligence into an enterprise’s daily work has become more prevalent after introducing AI-driven systems that use Retrieval Augmented Generation (RAG), such as Copilot for Microsoft 365. But is the trust in such systems and their control over decision-making processes within enterprises rational? Copilot and other RAG-based systems can be misused to cause dissemination of misinformation that negatively impacts decision-making processes without proper auditing and safeguarding of data available to large language models in RAG-based systems.\n\nThis talk will demonstrate such an attack that we have termed ConfusedPilot because of its ability to turn Copilot into a confused deputy. The attack occurs when a malicious document is introduced to the data pool (documents, presentations, other relevant files, etc.) related to a topic affecting the enterprise’s decision-making process. The malicious document contains a combination of corrupt data and malicious strings that suppress the correct documents related to the topic and respond to the user’s query with only the information present within the malicious document. Furthermore, the talk highlights how this attack can persist after deleting content within the malicious document or the document itself. The talk also points to the larger implications of such attacks, highlighting their cascading effect and existing security measures that can be used to reduce the attack’s effectiveness. Our talk sheds light on the current attacks and potential security measures that can shield enterprises from the adverse effects of such attacks on their AI-driven systems.","updated_timestamp":{"seconds":1722625241,"nanoseconds":0},"speakers":[{"content_ids":[55883],"conference_id":133,"event_ids":[56468],"name":"Ayush RoyChowdhury","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"The University of Texas at Austin","title":""}],"links":[],"pronouns":null,"media":[],"id":56249,"title":"The University of Texas at Austin"},{"content_ids":[55883],"conference_id":133,"event_ids":[56468],"name":"Mulong Luo","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"The University of Texas at Austin","title":""}],"links":[],"pronouns":null,"media":[],"id":56250,"title":"The University of Texas at Austin"},{"content_ids":[55883],"conference_id":133,"event_ids":[56468],"name":"Mohit Tiwari","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"The University of Texas at Austin","title":""}],"links":[],"pronouns":null,"media":[],"id":56251,"title":"The University of Texas at Austin"}],"begin_tsz":"2024-08-10T20:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T19:00:41Z","links":[],"end":"2024-08-10T21:30:00.000-0000","id":56468,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723321800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56249},{"tag_id":46167,"sort_order":4,"person_id":56250},{"tag_id":46167,"sort_order":6,"person_id":56251}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-10T20:30:00.000-0000","updated":"2024-08-02T19:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Drone hacking tends to be expensive and sometimes unsafe, but not if you use a simulator!. We have developed a drone hacking simulator called the Damn Vulnerable Drone (https://github.com/nicholasaleks/Damn-Vulnerable-Drone).\n\nThe Damn Vulnerable Drone is a virtually simulated environment designed for offensive security professionals to safely learn and practice drone hacking techniques. It simulates real-world ArduPilot & MAVLink drone architectures and vulnerabilities, offering hands-on experience in exploiting drone systems.\n\n\n","media":[],"title":"Open Source Drone Hacking Simulator","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:30:00Z","end_timestamp":{"seconds":1723325400,"nanoseconds":0},"android_description":"Drone hacking tends to be expensive and sometimes unsafe, but not if you use a simulator!. We have developed a drone hacking simulator called the Damn Vulnerable Drone (https://github.com/nicholasaleks/Damn-Vulnerable-Drone).\n\nThe Damn Vulnerable Drone is a virtually simulated environment designed for offensive security professionals to safely learn and practice drone hacking techniques. It simulates real-world ArduPilot & MAVLink drone architectures and vulnerabilities, offering hands-on experience in exploiting drone systems.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55275,55836],"conference_id":133,"event_ids":[55665,56386],"name":"Nick Aleks","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@exploitpapi)","sort_order":0,"url":"https://twitter.com/exploitpapi"}],"media":[],"id":55824},{"content_ids":[55836],"conference_id":133,"event_ids":[56386],"name":"Rudy Mendoza","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56197}],"begin_tsz":"2024-08-10T20:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T21:30:00.000-0000","id":56386,"tag_ids":[46366,46734],"village_id":null,"begin_timestamp":{"seconds":1723321800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":55824},{"tag_id":46484,"sort_order":4,"person_id":56197}],"tags":"","conference_id":133,"location":{"parent_id":46259,"name":"LVCC - L1 - HW2-07-02 (Aerospace) - Workshops","hotel":"","short_name":"Workshops","id":46476},"spans_timebands":"N","begin":"2024-08-10T20:30:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We’ve been talking about the gap in ICS cybersecurity features and functions for over a decade, but it seems like we’re always confronting the same set of challenges. Despite all the progress in products, systems, regulations and oversight it feels like we’re caught in an endless loop of vulnerabilities. The problem isn’t in a lack of effort on anyone’s behalf: it’s in the fundamental market forces that drive the critical infrastructure investments we depend on. This presentation looks at these forces and shows how to work with them rather than agains them, no matter what your mission might be.\n\n\n","media":[],"title":"The perma-lag: why industrial cybersecurity will never be state-of-the-art","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:55:00Z","end_timestamp":{"seconds":1723323300,"nanoseconds":0},"android_description":"We’ve been talking about the gap in ICS cybersecurity features and functions for over a decade, but it seems like we’re always confronting the same set of challenges. Despite all the progress in products, systems, regulations and oversight it feels like we’re caught in an endless loop of vulnerabilities. The problem isn’t in a lack of effort on anyone’s behalf: it’s in the fundamental market forces that drive the critical infrastructure investments we depend on. This presentation looks at these forces and shows how to work with them rather than agains them, no matter what your mission might be.","updated_timestamp":{"seconds":1721781748,"nanoseconds":0},"speakers":[{"content_ids":[55353],"conference_id":133,"event_ids":[55745],"name":"Kyle McMillan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55960}],"begin_tsz":"2024-08-10T20:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T00:42:28Z","links":[],"end":"2024-08-10T20:55:00.000-0000","id":55745,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723321800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55960}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-10T20:30:00.000-0000","updated":"2024-07-24T00:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The proliferation of ride-share rocket launches and decrease in the overall cost of sending payloads to space due to recent successes in the private space industry has made small satellite systems a cost effective and time-efficient method to put research vehicles in space.\n\nThe University of Alabama in Huntsville’s Center for Cybersecurity Research and Education (CCRE) has been funded by the U.S. Army Space and Missile Defense Command (SMDC) over the last several years to investigate the overall cybersecurity posture of small satellite systems. Numerous iterations of student teams led by CCRE and SMDC staff members have managed to accomplish notable research milestones. \n\nThis talk is meant to inform the next generation in aerospace cybersecurity by discussing our major research milestones, relevant findings, lessons learned, and areas of concern relating to the overall cybersecurity posture of small satellite systems.\n\nRelevant items to be covered in this talk include what it took to build a working small satellite system model as close to real-world as possible (Raspberry Pis vs PyCubed boards vs other contenders), implementation of small satellite functions (payload camera, radio communications, positioning/sensor array, orbital simulation, battery/solar charging, etc.), performing vulnerability analysis against the implemented model, creating different attack scenarios (MitM, DoS, spoofing, hardware attacks), implementing defensive mitigations (hardening scripts, command validation, health checks), and the development of a lightweight software solution named “Small Satellite Defender” (SSD) designed to protect satellites from potential threat vectors.\n\n\n\n","media":[],"title":"Small Satellite Modeling and Defender Software","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"The proliferation of ride-share rocket launches and decrease in the overall cost of sending payloads to space due to recent successes in the private space industry has made small satellite systems a cost effective and time-efficient method to put research vehicles in space.\n\nThe University of Alabama in Huntsville’s Center for Cybersecurity Research and Education (CCRE) has been funded by the U.S. Army Space and Missile Defense Command (SMDC) over the last several years to investigate the overall cybersecurity posture of small satellite systems. Numerous iterations of student teams led by CCRE and SMDC staff members have managed to accomplish notable research milestones. \n\nThis talk is meant to inform the next generation in aerospace cybersecurity by discussing our major research milestones, relevant findings, lessons learned, and areas of concern relating to the overall cybersecurity posture of small satellite systems.\n\nRelevant items to be covered in this talk include what it took to build a working small satellite system model as close to real-world as possible (Raspberry Pis vs PyCubed boards vs other contenders), implementation of small satellite functions (payload camera, radio communications, positioning/sensor array, orbital simulation, battery/solar charging, etc.), performing vulnerability analysis against the implemented model, creating different attack scenarios (MitM, DoS, spoofing, hardware attacks), implementing defensive mitigations (hardening scripts, command validation, health checks), and the development of a lightweight software solution named “Small Satellite Defender” (SSD) designed to protect satellites from potential threat vectors.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54614],"conference_id":133,"event_ids":[54988],"name":"Kyle Murbach","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"University of Alabama in Huntsville","title":"Principal Research Engineer, Center for Cybersecurity Research and Education (UAH/CCRE)"}],"links":[],"pronouns":null,"media":[],"id":54346,"title":"Principal Research Engineer, Center for Cybersecurity Research and Education (UAH/CCRE) at University of Alabama in Huntsville"}],"begin_tsz":"2024-08-10T20:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":54988,"tag_ids":[46366,46419,46438,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723321800,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54346}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T20:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":" See talk title, kids these days dont read more than a sentence anyway. Seriously though, we get asked a lot of random custom electronics, hardware hacking, and badge questions, here's your chance to throw them at us while we drink a beer and pretend to know the right answer\n\n\n","media":[],"title":"How we built our REDACTED THING this year, 5n4ck3y, && AMA Panel on Making Badges","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:15:00Z","end_timestamp":{"seconds":1723324500,"nanoseconds":0},"android_description":"See talk title, kids these days dont read more than a sentence anyway. Seriously though, we get asked a lot of random custom electronics, hardware hacking, and badge questions, here's your chance to throw them at us while we drink a beer and pretend to know the right answer","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54613],"conference_id":133,"event_ids":[54987],"name":"AND!XOR ","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54299}],"begin_tsz":"2024-08-10T20:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T21:15:00.000-0000","id":54987,"tag_ids":[46407,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723321800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54299}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T20:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Microsoft is planning to kill off NTLM (New Technology Lan Manager) authentication in Windows 11 and above. Let's speedrun coercing hashes out of a few more things before it fades into obscurity over the next twenty five years or so. \r\n\r\nThere will be a deep dive on several new bugs we disclosed to Microsoft (including bypassing a fix to an existing CVE), some interesting and useful techniques, combining techniques from multiple bug classes resulting in some unexpected discoveries and some absolutely cooked bugs. We’ll also uncover some defaults that simply shouldn't exist in sensible libraries or applications as well as some glaring gaps in some of the Microsoft NTLM related security controls.\r\n\r\n1. [link](https://blog.yappare.com/2019/01/bug-000114489-ssrf-in-portal-for-arcgis.html)\r\n2. [link](https://blog.ss23.geek.nz/2023/09/21/iracing-electron-rce-exploit.html)\r\n3. [link](https://www.blazeinfosec.com/post/web-app-vulnerabilities-ntlm-hashes/)\r\n4. [link](http://varonis.com/blog/outlook-vulnerability-new-ways-to-leak-ntlm-hashes)\r\n5. Varonis Threat Labs discovered a new Outlook exploit and three new ways to access NTLM v2 hashed passwords. [link](https://varonis.com)\r\n\n\n\n","media":[],"title":"NTLM - The Last Ride","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T21:15:00Z","end_timestamp":{"seconds":1723324500,"nanoseconds":0},"android_description":"Microsoft is planning to kill off NTLM (New Technology Lan Manager) authentication in Windows 11 and above. Let's speedrun coercing hashes out of a few more things before it fades into obscurity over the next twenty five years or so. \r\n\r\nThere will be a deep dive on several new bugs we disclosed to Microsoft (including bypassing a fix to an existing CVE), some interesting and useful techniques, combining techniques from multiple bug classes resulting in some unexpected discoveries and some absolutely cooked bugs. We’ll also uncover some defaults that simply shouldn't exist in sensible libraries or applications as well as some glaring gaps in some of the Microsoft NTLM related security controls.\r\n\r\n1. [link](https://blog.yappare.com/2019/01/bug-000114489-ssrf-in-portal-for-arcgis.html)\r\n2. [link](https://blog.ss23.geek.nz/2023/09/21/iracing-electron-rce-exploit.html)\r\n3. [link](https://www.blazeinfosec.com/post/web-app-vulnerabilities-ntlm-hashes/)\r\n4. [link](http://varonis.com/blog/outlook-vulnerability-new-ways-to-leak-ntlm-hashes)\r\n5. Varonis Threat Labs discovered a new Outlook exploit and three new ways to access NTLM v2 hashed passwords. [link](https://varonis.com)","updated_timestamp":{"seconds":1720463294,"nanoseconds":0},"speakers":[{"content_ids":[54496],"conference_id":133,"event_ids":[54869],"name":"Tomais Williamson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54085},{"content_ids":[54496],"conference_id":133,"event_ids":[54869],"name":"Jim Rush","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/jimsrush/"}],"media":[],"id":54128}],"begin_tsz":"2024-08-10T20:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:28:14Z","links":[],"end":"2024-08-10T21:15:00.000-0000","id":54869,"tag_ids":[46166,46419,46437,46879],"village_id":null,"begin_timestamp":{"seconds":1723321800,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":2,"person_id":54128},{"tag_id":46167,"sort_order":4,"person_id":54085}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-10T20:30:00.000-0000","updated":"2024-07-08T18:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ransomware groups have become notably proficient at wreaking havoc across various sectors , but we can turn the tables. However, a less explored avenue in the fight against these digital adversaries lies in the proactive offense against their web panels. In this presentation, I will delve into the strategies and methodologies for infiltrating and commandeering the web panels used by ransomware groups to manage their malicious operations or the APIs used during their initial exfiltration of data.\r\n\r\nI will demonstrate how to leverage these vulnerabilities to gain unauthorized access to the ransomware groups' web panels. This access not only disrupts their operations but also opens a window to gather intelligence and potentially identify the operators behind those APTs. Let’s explore the frontiers of cyber offense, targeting the very command and control (C2) centers ransomware groups rely on, turning the tables in our ongoing battle against cyber threats,it’s our turn to wreak havoc.\r\n\r\n- [link](https://www.sentinelone.com/blog/mallox-resurrected-ransomware-attacks-exploiting-ms-sql-continue-to-burden-enterprises/)\r\n- [link](https://www.truesec.com/hub/blog/a-victim-of-mallox-ransomware-how-truesec-csirt-fought-back)\r\n- [link](https://unit42.paloaltonetworks.com/medusa-ransomware-escalation-new-leak-site/)\r\n- [link](https://www.provendata.com/blog/medusa-ransomware/)\r\n- [link](https://en.wikipedia.org/wiki/BlackCat_(cyber_gang))\r\n- [link](https://securityscorecard.com/research/deep-dive-into-alphv-blackcat-ransomware/)\r\n\n\n\n","media":[],"title":"Behind Enemy Lines: Engaging and Disrupting Ransomware Web Panels","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T21:15:00Z","end_timestamp":{"seconds":1723324500,"nanoseconds":0},"android_description":"Ransomware groups have become notably proficient at wreaking havoc across various sectors , but we can turn the tables. However, a less explored avenue in the fight against these digital adversaries lies in the proactive offense against their web panels. In this presentation, I will delve into the strategies and methodologies for infiltrating and commandeering the web panels used by ransomware groups to manage their malicious operations or the APIs used during their initial exfiltration of data.\r\n\r\nI will demonstrate how to leverage these vulnerabilities to gain unauthorized access to the ransomware groups' web panels. This access not only disrupts their operations but also opens a window to gather intelligence and potentially identify the operators behind those APTs. Let’s explore the frontiers of cyber offense, targeting the very command and control (C2) centers ransomware groups rely on, turning the tables in our ongoing battle against cyber threats,it’s our turn to wreak havoc.\r\n\r\n- [link](https://www.sentinelone.com/blog/mallox-resurrected-ransomware-attacks-exploiting-ms-sql-continue-to-burden-enterprises/)\r\n- [link](https://www.truesec.com/hub/blog/a-victim-of-mallox-ransomware-how-truesec-csirt-fought-back)\r\n- [link](https://unit42.paloaltonetworks.com/medusa-ransomware-escalation-new-leak-site/)\r\n- [link](https://www.provendata.com/blog/medusa-ransomware/)\r\n- [link](https://en.wikipedia.org/wiki/BlackCat_(cyber_gang))\r\n- [link](https://securityscorecard.com/research/deep-dive-into-alphv-blackcat-ransomware/)","updated_timestamp":{"seconds":1720463317,"nanoseconds":0},"speakers":[{"content_ids":[54495,55721],"conference_id":133,"event_ids":[56227,54868],"name":"Vangelis Stykas","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Atropos","title":"Chief Technology Officer"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/vangelis-stykas/"},{"description":"","title":"Twitter (@evstykas)","sort_order":0,"url":"https://twitter.com/evstykas"},{"description":"","title":"stykas.com","sort_order":0,"url":"https://stykas.com"}],"media":[],"id":54172,"title":"Chief Technology Officer at Atropos"}],"begin_tsz":"2024-08-10T20:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:28:37Z","links":[],"end":"2024-08-10T21:15:00.000-0000","id":54868,"tag_ids":[46166,46419,46437,46880],"village_id":null,"begin_timestamp":{"seconds":1723321800,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54172}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-10T20:30:00.000-0000","updated":"2024-07-08T18:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk with cover the networks that generate and spread misinformation over social media. This talk will dive deep into the challenges a think tank of this type is at risk of facing, and will give us an update on what is currently happening with the program. There will be a general overview of what happened and how the increasing threats came to be as well as an update on where things stand now.\n\n\n","media":[],"title":"Stanford Digital Observatory","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"This talk with cover the networks that generate and spread misinformation over social media. This talk will dive deep into the challenges a think tank of this type is at risk of facing, and will give us an update on what is currently happening with the program. There will be a general overview of what happened and how the increasing threats came to be as well as an update on where things stand now.","updated_timestamp":{"seconds":1723183539,"nanoseconds":0},"speakers":[{"content_ids":[56197],"conference_id":133,"event_ids":[56851],"name":"Renée DiResta","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Website","sort_order":0,"url":"https://reneediresta.com"}],"media":[],"id":56581}],"begin_tsz":"2024-08-10T20:15:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T06:05:39Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":56851,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723320900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56581}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T20:15:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The convergence of Artificial Intelligence (AI) and national security not only fuels international discourse but also inspires narratives within popular culture. Harriet is no stranger to these myths, as an ex-intelligence professional who specialized in applying machine learning to cyber security. In fact, she likes to lean into them. This makes her previous bosses nervous, so she uses pop culture as the lens through which to communicate her insights - and in this talk she utilizes the worlds of Ghost in the Shell, Neuromancer and Mission Impossible. \n\nThrough these stories, as well as her own decade of experience working at the intersection of artificial intelligence and cyber security, Harriet discusses the extent to which fears surrounding AI systems are applicable to real life national security settings. From cyber warfare to AI-driven surveillance, she unravels the interplay between hackers, AI, and government agencies. This session is interactive, with demos of how these AI systems actually work under the hood, as well as discussion time. Blur the lines between human and machine, and understand how you can contribute your skills to prevent our own modern day Puppet Master.\n\n\n","media":[],"title":"Hacker vs AI: perspectives from an ex-spy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"The convergence of Artificial Intelligence (AI) and national security not only fuels international discourse but also inspires narratives within popular culture. Harriet is no stranger to these myths, as an ex-intelligence professional who specialized in applying machine learning to cyber security. In fact, she likes to lean into them. This makes her previous bosses nervous, so she uses pop culture as the lens through which to communicate her insights - and in this talk she utilizes the worlds of Ghost in the Shell, Neuromancer and Mission Impossible. \n\nThrough these stories, as well as her own decade of experience working at the intersection of artificial intelligence and cyber security, Harriet discusses the extent to which fears surrounding AI systems are applicable to real life national security settings. From cyber warfare to AI-driven surveillance, she unravels the interplay between hackers, AI, and government agencies. This session is interactive, with demos of how these AI systems actually work under the hood, as well as discussion time. Blur the lines between human and machine, and understand how you can contribute your skills to prevent our own modern day Puppet Master.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54612,54447,55880],"conference_id":133,"event_ids":[56465,54820,54986],"name":"Harriet Farlow","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Mileva Security Labs","title":"CEO"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/harriet-farlow-654963b7/"},{"description":"","title":"YouTube","sort_order":0,"url":"https://www.youtube.com/@HarrietHacks"},{"description":"","title":"www.harriethacks.com/","sort_order":0,"url":"https://www.harriethacks.com/"},{"description":"","title":"www.mileva.com.au/about-us","sort_order":0,"url":"https://www.mileva.com.au/about-us"}],"media":[],"id":54195,"title":"CEO at Mileva Security Labs"}],"begin_tsz":"2024-08-10T20:15:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":54986,"tag_ids":[46388,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723320900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54195}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-10T20:15:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As security engineers, managing risk means making informed decisions about which vulnerabilities to address first. We are often too time constrained, and the signal-to-noise ratio of current SAST/SCA tooling is too low.\n\nThis talk introduces \"Runtime Reachability,\" a novel approach that leverages Continuous Profiling via eBPF to quantify how often a vulnerable method/codepath is called, in actual production usage. By understanding the runtime behavior of applications, security teams can effectively filter out low-likelihood vulnerabilities, prioritize fixes more effectively, reduce toil & the overall risk to their organization.\n\n\n","media":[],"title":"Runtime Reachability: Prioritizing Vulnerabilities with eBPF & Continuous Profiling","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:50:00Z","end_timestamp":{"seconds":1723323000,"nanoseconds":0},"android_description":"As security engineers, managing risk means making informed decisions about which vulnerabilities to address first. We are often too time constrained, and the signal-to-noise ratio of current SAST/SCA tooling is too low.\n\nThis talk introduces \"Runtime Reachability,\" a novel approach that leverages Continuous Profiling via eBPF to quantify how often a vulnerable method/codepath is called, in actual production usage. By understanding the runtime behavior of applications, security teams can effectively filter out low-likelihood vulnerabilities, prioritize fixes more effectively, reduce toil & the overall risk to their organization.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55494],"conference_id":133,"event_ids":[55923],"name":"Sam \"Frenchie\" Stewart","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"nffrenchie","sort_order":0,"url":"https://nffrenchie"}],"media":[],"id":56011}],"begin_tsz":"2024-08-10T20:10:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-10T20:50:00.000-0000","id":55923,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723320600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56011}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-10T20:10:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"The Sand Castle - The State of the MacOS Sandbox","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:05:00Z","end_timestamp":{"seconds":1723323900,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722445805,"nanoseconds":0},"speakers":[{"content_ids":[55689],"conference_id":133,"event_ids":[56212],"name":"Jonathan \"JBO\" Bar Or","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":"Principal Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@yo_yo_yo_jbo)","sort_order":0,"url":"https://twitter.com/yo_yo_yo_jbo"}],"media":[],"id":56060,"title":"Principal Security Researcher at Microsoft"}],"begin_tsz":"2024-08-10T20:05:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:10:05Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-10T21:05:00.000-0000","id":56212,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723320300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56060}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-10T20:05:00.000-0000","updated":"2024-07-31T17:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Are you getting stuck on solving ciphers in challenges? Not sure who or what Caesar is? What is \"polyalphabetic\" or \"transposition\"? Is this even relevant to modern day cryptography? Come on over for the Intro to Ciphers talk! Talk time: 5-15 minutes\n\n\n","media":[],"title":"CPV: Intro to Cyphers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:15:00Z","end_timestamp":{"seconds":1723320900,"nanoseconds":0},"android_description":"Are you getting stuck on solving ciphers in challenges? Not sure who or what Caesar is? What is \"polyalphabetic\" or \"transposition\"? Is this even relevant to modern day cryptography? Come on over for the Intro to Ciphers talk! Talk time: 5-15 minutes","updated_timestamp":{"seconds":1722725880,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T22:58:00Z","links":[],"end":"2024-08-10T20:15:00.000-0000","id":56879,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-08-03T22:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk covers the systems used to physically restrict the motion of shopping carts by locking one or more of their wheels. Topics cover what they are, how they work, and methods to bypass them.\n\n\n","media":[],"title":"Smart Shopping Cart Wheels - How they Work","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:30:00Z","end_timestamp":{"seconds":1723321800,"nanoseconds":0},"android_description":"This talk covers the systems used to physically restrict the motion of shopping carts by locking one or more of their wheels. Topics cover what they are, how they work, and methods to bypass them.","updated_timestamp":{"seconds":1723298786,"nanoseconds":0},"speakers":[{"content_ids":[56219],"conference_id":133,"event_ids":[56874],"name":"Joseph","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56615}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-10T14:06:26Z","links":[],"end":"2024-08-10T20:30:00.000-0000","id":56874,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56615}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-08-10T14:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Don't go too far… your job is not done!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723225166,"nanoseconds":0},"speakers":[{"content_ids":[56212],"conference_id":133,"event_ids":[56866],"name":"Chris Cleary","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56603}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T17:39:26Z","links":[],"end":"2024-08-10T20:45:00.000-0000","id":56866,"tag_ids":[46409,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56603}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W213-W214","hotel":"","short_name":"W213-W214","id":46286},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-08-09T17:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Before you can deal with secrets sprawl, you first need to understand how deep the issue of plaintext secrets can be. Improperly stored and shared secrets are a problem beyond just the top layer of code you put in production. It affects feature branches, old commits, logs, and communication and collaboration tools.\r\n\r\nIn this exercise, you will be challenged to find all the secrets and then use a special tool to quickly validate the secrets and your work. Walk away from this exercise ready to apply the lessons learned to make your organization safer in no time.\n\n\n","media":[],"title":"Activity: Spot the Secrets: Finding Secrets Throughout Your Environments by GitGuardian","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Before you can deal with secrets sprawl, you first need to understand how deep the issue of plaintext secrets can be. Improperly stored and shared secrets are a problem beyond just the top layer of code you put in production. It affects feature branches, old commits, logs, and communication and collaboration tools.\r\n\r\nIn this exercise, you will be challenged to find all the secrets and then use a special tool to quickly validate the secrets and your work. Walk away from this exercise ready to apply the lessons learned to make your organization safer in no time.","updated_timestamp":{"seconds":1723007453,"nanoseconds":0},"speakers":[{"content_ids":[56165],"conference_id":133,"event_ids":[56809,56817,56818],"name":"mcdwayne","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56551}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T05:10:53Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":56818,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56551}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 3","hotel":"","short_name":"ASV Pod 3","id":46468},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-08-07T05:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Find the reachable one! You’ve got 18x18 inch game board, 5 cards, 5 code weaknesses, and a 5-minute sand timer, ready, set, go! You'll have 5 minutes to place the cards in the correct order and find the true positive(s). The winner? Whoever finds the solution in the shortest amount of time!\n\n\n","media":[],"title":"Activity: Spot the Reachable by Backslash","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Find the reachable one! You’ve got 18x18 inch game board, 5 cards, 5 code weaknesses, and a 5-minute sand timer, ready, set, go! You'll have 5 minutes to place the cards in the correct order and find the true positive(s). The winner? Whoever finds the solution in the shortest amount of time!","updated_timestamp":{"seconds":1723007403,"nanoseconds":0},"speakers":[{"content_ids":[56164],"conference_id":133,"event_ids":[56808,56815,56816],"name":"Czesia Glik","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56548},{"content_ids":[56164],"conference_id":133,"event_ids":[56808,56815,56816],"name":"Yossi Pik","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Backslash Security","title":"CTO & Co-Founder"}],"links":[],"pronouns":null,"media":[],"id":56553,"title":"CTO & Co-Founder at Backslash Security"}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T05:10:03Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":56816,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56548},{"tag_id":46167,"sort_order":4,"person_id":56553}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 1","hotel":"","short_name":"ASV Pod 1","id":46466},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-08-07T05:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Live Recon Finalist Selection Process","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722627642,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T19:40:42Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56477,"tag_ids":[46391,46427,46439,46779],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-08-02T19:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Most hackers have a love-hate relationship with DNS: teleporting a building block of the internet from the 80’s is a recipe for frustration. To give DNS a modern twist, we developed an ultra-fast open-source DNS scanner, SanicDNS, which is two orders of magnitude faster than popular tools.\r\n\r\nThis Arsenal session will give a demonstration of how you can use SanicDNS to superpower your recon workflow using world's fastest DNS scanner.\n\n\n","media":[],"title":"Arsenal: SanicDNS","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:30:00Z","end_timestamp":{"seconds":1723325400,"nanoseconds":0},"android_description":"Most hackers have a love-hate relationship with DNS: teleporting a building block of the internet from the 80’s is a recipe for frustration. To give DNS a modern twist, we developed an ultra-fast open-source DNS scanner, SanicDNS, which is two orders of magnitude faster than popular tools.\r\n\r\nThis Arsenal session will give a demonstration of how you can use SanicDNS to superpower your recon workflow using world's fastest DNS scanner.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55710,55907],"conference_id":133,"event_ids":[56250,56494],"name":"Jasper Insinger","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56123}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T21:30:00.000-0000","id":56250,"tag_ids":[46169,46370,46438,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"Tool 🛠, Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":56123}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Arsenal 2","hotel":"","short_name":"ASV Arsenal 2","id":46470},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The continuous adoption of emerging technological trends like Mobile, IoT, Cloud, Blockchains, and now GenAI has transformed application security from simple threat modeling and SAST/DAST scans to comprehensive proactive prevention and real-time detection of security anomalies. This panel will discuss the dynamic nature of AppSec as the lines between traditional infrastructure and cloud environments blur. We will explore the importance of maintaining a comprehensive security posture within 'everything as code' ecosystems, emphasizing proper configuration and secret management to secure infrastructure effectively.\n\n\n","media":[],"title":"Transforming AppSec: Protecting 'Everything as Code' & Emerging Tech","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"The continuous adoption of emerging technological trends like Mobile, IoT, Cloud, Blockchains, and now GenAI has transformed application security from simple threat modeling and SAST/DAST scans to comprehensive proactive prevention and real-time detection of security anomalies. This panel will discuss the dynamic nature of AppSec as the lines between traditional infrastructure and cloud environments blur. We will explore the importance of maintaining a comprehensive security posture within 'everything as code' ecosystems, emphasizing proper configuration and secret management to secure infrastructure effectively.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55707],"conference_id":133,"event_ids":[56247],"name":"Sara Attarzadeh","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56083},{"content_ids":[55707],"conference_id":133,"event_ids":[56247],"name":"Shahar Man","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56084},{"content_ids":[55707],"conference_id":133,"event_ids":[56247],"name":"Trupti Shiralkar","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56092},{"content_ids":[55707],"conference_id":133,"event_ids":[56247],"name":"Kunal Bhattacharya","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56130}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T20:45:00.000-0000","id":56247,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56130},{"tag_id":46167,"sort_order":1,"person_id":56083},{"tag_id":46167,"sort_order":1,"person_id":56084},{"tag_id":46167,"sort_order":1,"person_id":56092}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Do you have any photos, videos, games or apps privately hosted at home that you’d love to easily and securely share with your friends anywhere in the world, for free? Would you like to learn how to secure your family and school’s Internet access against phishing, ransomware, and other Internet risks? In this hands-on class you will learn how to easily build a secure private network over the Internet with Cloudflare Zero Trust services.\n\n\n","media":[],"title":"Learn Zero Trust Network Security with Cloudflare","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Do you have any photos, videos, games or apps privately hosted at home that you’d love to easily and securely share with your friends anywhere in the world, for free? Would you like to learn how to secure your family and school’s Internet access against phishing, ransomware, and other Internet risks? In this hands-on class you will learn how to easily build a secure private network over the Internet with Cloudflare Zero Trust services.","updated_timestamp":{"seconds":1722361722,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T17:48:42Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":56094,"tag_ids":[46398,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-30T17:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"By the end of the session, attendees will gain a comprehensive understanding of the security mechanisms protecting mobile payment applications, the inherent vulnerabilities, and the sophisticated techniques employed by attackers to exploit these systems. This talk is designed to provide industry insights, maintaining a vendor-neutral perspective while focusing on the broader security landscape.\n\n\n","media":[],"title":"Breaking software protected crypto implementations","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"By the end of the session, attendees will gain a comprehensive understanding of the security mechanisms protecting mobile payment applications, the inherent vulnerabilities, and the sophisticated techniques employed by attackers to exploit these systems. This talk is designed to provide industry insights, maintaining a vendor-neutral perspective while focusing on the broader security landscape.","updated_timestamp":{"seconds":1722356217,"nanoseconds":0},"speakers":[{"content_ids":[55565],"conference_id":133,"event_ids":[56080],"name":"Adrian Garcia","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Adyen","title":"Senior Security Expert"}],"links":[],"pronouns":null,"media":[],"id":56037,"title":"Senior Security Expert at Adyen"}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T16:16:57Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":56080,"tag_ids":[46386,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56037}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-30T16:16:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this MarSec event we will engage convention goers with a number of different tabletop games to help them understand the operational issues surrounding offensive and defensive cyber operations in a port complex. Players will become familiar with the various network components that support port and shipping operations from the underlying infrastructure to the system components at ports and commercial ships. A fictional terminal, Boundary Terminal part of the Port Elizabeth New Jersey complex, and a fictional shipping line, Worldwide Shipping Operations form the basis for all of three of our games. The games are: a short game designed to show the basic target set and linkages, a longer role-playing game where players can engage in detail with port systems, and a card driven game focused on detection, forensics, and counter-forensics. The role-playing game has been conducted as part of the MarSec portion of the ICS Village for the past two years, while the shorter version was added last year. This year we will add the counter-forensics game. All of the games are designed to be entertaining and engaging with prizes provided to the winners and best players (usually everyone gets a prize).\n\n\n","media":[{"hash_sha256":"a43e90beb02db94f81620530a72e3185043ff5f6a8fc15d5b915c4b7414f537a","filetype":"image/png","hash_md5":"381e707c51504a86ffccd678769cfbf7","name":"ct_hacking-boundary.png","is_logo":"Y","hash_crc32c":"81a9d890","filesize":253710,"asset_id":645,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hacking-boundary.png"}],"title":"Hacking Boundary Terminal","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"In this MarSec event we will engage convention goers with a number of different tabletop games to help them understand the operational issues surrounding offensive and defensive cyber operations in a port complex. Players will become familiar with the various network components that support port and shipping operations from the underlying infrastructure to the system components at ports and commercial ships. A fictional terminal, Boundary Terminal part of the Port Elizabeth New Jersey complex, and a fictional shipping line, Worldwide Shipping Operations form the basis for all of three of our games. The games are: a short game designed to show the basic target set and linkages, a longer role-playing game where players can engage in detail with port systems, and a card driven game focused on detection, forensics, and counter-forensics. The role-playing game has been conducted as part of the MarSec portion of the ICS Village for the past two years, while the shorter version was added last year. This year we will add the counter-forensics game. All of the games are designed to be entertaining and engaging with prizes provided to the winners and best players (usually everyone gets a prize).","updated_timestamp":{"seconds":1722308655,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:04:15Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249344"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249345"}],"end":"2024-08-11T01:00:00.000-0000","id":56009,"tag_ids":[46427,46439,46772],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-E","hotel":"","short_name":"HW4-03-06-E","id":46378},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-30T03:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Allen Telescope Array is a radio interferometer array located in Northern California. Each of the 42 antennas is 6 meters in diameter and is distributed randomly over an area of 350 meters. Each dish is sensitive to an ultra-wideband frequency range from 200 MHz to 12 GHz. While in operation, each dish can produce 1.5 GHz of bandwidth for each polarization adding up to 1.3 Tbps of data to be processed in real-time.\n\nAlthough it's scale, the Allen Telescope Array acts like a gigantic Software Defined Radio. The system design gives us the ability to try new concepts not ever tried with great flexibility. This talk will go deep into how the telescope operates from the antenna's cryogenically cooled feeds to the state-of-the-art GPU-accelerated digital signal processing pipeline deployed at our on-site data center. All of this while giving special focus to little details that make it special and hackable.\n\n\n","media":[],"title":"Exploring the Cosmos: Hackable Innovations at the Allen Telescope Array","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"The Allen Telescope Array is a radio interferometer array located in Northern California. Each of the 42 antennas is 6 meters in diameter and is distributed randomly over an area of 350 meters. Each dish is sensitive to an ultra-wideband frequency range from 200 MHz to 12 GHz. While in operation, each dish can produce 1.5 GHz of bandwidth for each polarization adding up to 1.3 Tbps of data to be processed in real-time.\n\nAlthough it's scale, the Allen Telescope Array acts like a gigantic Software Defined Radio. The system design gives us the ability to try new concepts not ever tried with great flexibility. This talk will go deep into how the telescope operates from the antenna's cryogenically cooled feeds to the state-of-the-art GPU-accelerated digital signal processing pipeline deployed at our on-site data center. All of this while giving special focus to little details that make it special and hackable.","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55456],"conference_id":133,"event_ids":[55881],"name":"Luigi Cruz","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@luigifcruz)","sort_order":0,"url":"https://twitter.com/luigifcruz"}],"media":[],"id":55995}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":55881,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55995}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We love our furry friends, but they can't always join us - leaving a pet in a vehicle can be very risky, but may also be a necessity. Commercial solutions exist, however these all require monthly subscriptions and cell coverage in order to work. We are hackers! We can do better.\r\n\r\nUsing the Automatic Packet Reporting System (APRS), a digital communications standard that utilizes the 2 meter amateur radio band, I've built a monitoring platform that can alert on high or low temperatures even when cell service isn't available. By broadcasting a signal that can be picked up with commercial hand-held radios, backcountry monitoring is possible, and when inside coverage areas, an AWS Lambda, combined with the APRS.FI service enables real-time alerts through SMS messages.\r\n\r\nIn this talk, we'll go through the journey of building this off-the-grid temperature monitoring system, including evaluation of off-the-shelf tools commonly used for high-altitude ballooning, discussion of online APIs related to APRS and their limitations, and the risk modelling process related to a system designed for life safety. Attendees will be able to use this knowledge to build their own monitoring systems for use in vehicles, high-altitude balloons, or anywhere else remote monitoring is desired.\n\n\n","media":[],"title":"Staying alive off the grid - using APRS and Lambdas to monitor temperature remotely","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:30:00Z","end_timestamp":{"seconds":1723321800,"nanoseconds":0},"android_description":"We love our furry friends, but they can't always join us - leaving a pet in a vehicle can be very risky, but may also be a necessity. Commercial solutions exist, however these all require monthly subscriptions and cell coverage in order to work. We are hackers! We can do better.\r\n\r\nUsing the Automatic Packet Reporting System (APRS), a digital communications standard that utilizes the 2 meter amateur radio band, I've built a monitoring platform that can alert on high or low temperatures even when cell service isn't available. By broadcasting a signal that can be picked up with commercial hand-held radios, backcountry monitoring is possible, and when inside coverage areas, an AWS Lambda, combined with the APRS.FI service enables real-time alerts through SMS messages.\r\n\r\nIn this talk, we'll go through the journey of building this off-the-grid temperature monitoring system, including evaluation of off-the-shelf tools commonly used for high-altitude ballooning, discussion of online APIs related to APRS and their limitations, and the risk modelling process related to a system designed for life safety. Attendees will be able to use this knowledge to build their own monitoring systems for use in vehicles, high-altitude balloons, or anywhere else remote monitoring is desired.","updated_timestamp":{"seconds":1722185656,"nanoseconds":0},"speakers":[{"content_ids":[55437],"conference_id":133,"event_ids":[55862],"name":"Kamikazi","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/cniggel"}],"media":[],"id":55979}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T16:54:16Z","links":[],"end":"2024-08-10T20:30:00.000-0000","id":55862,"tag_ids":[46169,46380,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":55979}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W321","hotel":"","short_name":"W321","id":46337},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-28T16:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come make a call in front of our soundproof booth. We provide everything, the target company, their phone number, and three objectives to gather (easy, medium, and hard). First come, first serve. \n\n\n","media":[],"title":"Cold Calls","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Come make a call in front of our soundproof booth. We provide everything, the target company, their phone number, and three objectives to gather (easy, medium, and hard). First come, first serve.","updated_timestamp":{"seconds":1722103160,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T17:59:20Z","links":[{"label":"More Info","type":"link","url":"https://www.se.community/cold-calls/"}],"end":"2024-08-10T22:00:00.000-0000","id":55837,"tag_ids":[46393,46641],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-27T17:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In collaboration with the legendary Kess, the presenters will demonstrate a FOSS (gnuradio) based SDR tool for accessing and exploring wireless attack surfaces present on every ship and large maritime vessel. We will demonstrate abuse of the AIS protocol to cause various forms of mischief, including causing marine navigation and telemetry systems to hallucinate other major vessels and obstructions.\n\n\n","media":[],"title":"Don't Ship Your Bridges! Tools to Explore Wireless Attack Surfaces in Every Ship's Marine Navigation Systems","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:25:00Z","end_timestamp":{"seconds":1723321500,"nanoseconds":0},"android_description":"In collaboration with the legendary Kess, the presenters will demonstrate a FOSS (gnuradio) based SDR tool for accessing and exploring wireless attack surfaces present on every ship and large maritime vessel. We will demonstrate abuse of the AIS protocol to cause various forms of mischief, including causing marine navigation and telemetry systems to hallucinate other major vessels and obstructions.","updated_timestamp":{"seconds":1721781729,"nanoseconds":0},"speakers":[{"content_ids":[55352],"conference_id":133,"event_ids":[55744],"name":"Duncan Woodbury","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55954},{"content_ids":[55352],"conference_id":133,"event_ids":[55744],"name":"Nick Halt","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55962}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T00:42:09Z","links":[],"end":"2024-08-10T20:25:00.000-0000","id":55744,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55962},{"tag_id":46167,"sort_order":4,"person_id":55954}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-24T00:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This panel aims to mobilize DEFCON's technical talent towards global good, encouraging application of their skills in a broader, impactful context. Transcending conventional cybersecurity dialogues focused primarily on the US and Europe, this discussion highlights underexplored regions and emphasizes the importance of partnerships and incorporating international developments into cybersecurity strategies. Attendees will learn from Mr. Randy Pestana on how academic institutions contribute to cybersecurity, followed by Ms. Kerry Ann Barrett on the influence of multilateral organizations, Mr. Brett DeWitt on financial sector insights that influence foreign investment, and Mr. Wouter Veenstra on the necessity of global collaboration. This session equips participants to engage more effectively in international cybersecurity efforts, highlighting the value of diverse global perspectives and strategic partnerships.\n\n\n","media":[],"title":"Global Perspectives in Cybersecurity: Challenging Norms and Expanding Horizons","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"This panel aims to mobilize DEFCON's technical talent towards global good, encouraging application of their skills in a broader, impactful context. Transcending conventional cybersecurity dialogues focused primarily on the US and Europe, this discussion highlights underexplored regions and emphasizes the importance of partnerships and incorporating international developments into cybersecurity strategies. Attendees will learn from Mr. Randy Pestana on how academic institutions contribute to cybersecurity, followed by Ms. Kerry Ann Barrett on the influence of multilateral organizations, Mr. Brett DeWitt on financial sector insights that influence foreign investment, and Mr. Wouter Veenstra on the necessity of global collaboration. This session equips participants to engage more effectively in international cybersecurity efforts, highlighting the value of diverse global perspectives and strategic partnerships.","updated_timestamp":{"seconds":1721778855,"nanoseconds":0},"speakers":[{"content_ids":[55337],"conference_id":133,"event_ids":[55728],"name":"Brett DeWitt","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Mastercard","title":""}],"links":[],"pronouns":null,"media":[],"id":55922,"title":"Mastercard"},{"content_ids":[55337],"conference_id":133,"event_ids":[55728],"name":"Kerry-Ann Barrett","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Inter-American Committee Against Terrorism of the Organization of American States","title":"Cybersecurity Program Manager"}],"links":[],"pronouns":null,"media":[],"id":55933,"title":"Cybersecurity Program Manager at Inter-American Committee Against Terrorism of the Organization of American States"},{"content_ids":[55337],"conference_id":133,"event_ids":[55728],"name":"Randy Pestana","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Florida International University’s Jack D. Gordon Institute for Public Policy","title":"Director of Cybersecurity Polic"}],"links":[],"pronouns":null,"media":[],"id":55939,"title":"Director of Cybersecurity Polic at Florida International University’s Jack D. Gordon Institute for Public Policy"},{"content_ids":[55337],"conference_id":133,"event_ids":[55728],"name":"Wouter Veenstra","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GFCE","title":""}],"links":[],"pronouns":null,"media":[],"id":55944,"title":"GFCE"}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-23T23:54:15Z","links":[],"end":"2024-08-10T20:45:00.000-0000","id":55728,"tag_ids":[46388,46419,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":55944},{"tag_id":46487,"sort_order":4,"person_id":55939},{"tag_id":46487,"sort_order":6,"person_id":55933},{"tag_id":46487,"sort_order":8,"person_id":55922}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-23T23:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this research businesses and organizations continue to adopt more advanced security measures to protect against cyber-attacks on your macOS endpoints, attackers are constantly evolving their techniques to bypass these measures. In this presentation, we will demonstrate real-world attack scenarios and reveal common vulnerabilities, as well as provide insights on how to exploit them. \"macOS Red Team on Corporate Scenarios\" is the result of years of research and dedicated work in testing macOS environments. Its main objective is to provide a comprehensive view of the security surrounding Apple's operating system, demonstrating how potential vulnerabilities can be exploited. The adopted approach assumes the perspective of an insider attacker or during a Red Team simulation.\n\nThe research will delve into various security features embedded within macOS, such as SIP (System Integrity Protection), TCC (Transparency, Consent, and Control), FileVault, SSV (System Software Version), Gatekeeper, XProtect, and Secure Boot. These components play crucial roles in safeguarding the integrity, privacy, and overall security posture of the macOS operating system.\n\nThe research will also delve into the tactics, techniques, and procedures (TTPs) recommended by the MITRE ATT&CK framework for macOS systems to assist in conducting red team simulations. This exploration aims to provide insights into the methodologies and strategies employed by attackers, enhancing the effectiveness of defensive strategies and improving overall cybersecurity posture in macOS environments.\n\nAt the conclusion of the presentation, we will demonstrate how to perform a bypass of a vulnerability discovered in the macOS Transparency, Consent, and Control (TCC) framework. This vulnerability has been reported to Apple for investigation and mitigation. We will also discuss the process of how Apple has handled the vulnerability disclosure and the steps taken by the company to address the issue.\n\n\n","media":[],"title":"macOS Red Team on Corporate Scenarios","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T20:50:00Z","end_timestamp":{"seconds":1723323000,"nanoseconds":0},"android_description":"In this research businesses and organizations continue to adopt more advanced security measures to protect against cyber-attacks on your macOS endpoints, attackers are constantly evolving their techniques to bypass these measures. In this presentation, we will demonstrate real-world attack scenarios and reveal common vulnerabilities, as well as provide insights on how to exploit them. \"macOS Red Team on Corporate Scenarios\" is the result of years of research and dedicated work in testing macOS environments. Its main objective is to provide a comprehensive view of the security surrounding Apple's operating system, demonstrating how potential vulnerabilities can be exploited. The adopted approach assumes the perspective of an insider attacker or during a Red Team simulation.\n\nThe research will delve into various security features embedded within macOS, such as SIP (System Integrity Protection), TCC (Transparency, Consent, and Control), FileVault, SSV (System Software Version), Gatekeeper, XProtect, and Secure Boot. These components play crucial roles in safeguarding the integrity, privacy, and overall security posture of the macOS operating system.\n\nThe research will also delve into the tactics, techniques, and procedures (TTPs) recommended by the MITRE ATT&CK framework for macOS systems to assist in conducting red team simulations. This exploration aims to provide insights into the methodologies and strategies employed by attackers, enhancing the effectiveness of defensive strategies and improving overall cybersecurity posture in macOS environments.\n\nAt the conclusion of the presentation, we will demonstrate how to perform a bypass of a vulnerability discovered in the macOS Transparency, Consent, and Control (TCC) framework. This vulnerability has been reported to Apple for investigation and mitigation. We will also discuss the process of how Apple has handled the vulnerability disclosure and the steps taken by the company to address the issue.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55302],"conference_id":133,"event_ids":[55692],"name":"Ricardo L0gan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@l0ganbr)","sort_order":0,"url":"https://twitter.com/l0ganbr"}],"media":[],"id":55854}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T20:50:00.000-0000","id":55692,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55854}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Explore the realm of crafting payloads with precision at DEFCON 32 in our session, \"Mastering APT-Style Implants: 101.\" This deep dive experience goes beyond theory, providing practical insights into the development of payloads inspired by Advanced Persistent Threats (APTs).\r\n\r\nAttendees will gain a holistic mindset by comprehending—an objective-based methodology for offensive cyber operations. Gain insights into real-world APT tactics and historical perspectives. \r\n\r\nThis is followed by practical payload development, AI integration, and comprehending industry-relevant tools, from line-by-line code to compiler settings necessary to ensure payload success. These techniques are then wrapped into stealth and operation security concepts with a scenario-based objective targeting a matured environment representative of today's real-world environments.\r\n\r\nAt the end of the deep dive, attendees will have experienced the payload development cycle from the perspective of a nation-state adversary. Comprehend the mindset necessary to operate in today's most mature environments and the practical knowledge to craft their implants.\r\n\n\n\n","media":[],"title":"Building Surgical Implants: A Comprehensive Guide to APT-style Techniques","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T20:50:00Z","end_timestamp":{"seconds":1723323000,"nanoseconds":0},"android_description":"Explore the realm of crafting payloads with precision at DEFCON 32 in our session, \"Mastering APT-Style Implants: 101.\" This deep dive experience goes beyond theory, providing practical insights into the development of payloads inspired by Advanced Persistent Threats (APTs).\r\n\r\nAttendees will gain a holistic mindset by comprehending—an objective-based methodology for offensive cyber operations. Gain insights into real-world APT tactics and historical perspectives. \r\n\r\nThis is followed by practical payload development, AI integration, and comprehending industry-relevant tools, from line-by-line code to compiler settings necessary to ensure payload success. These techniques are then wrapped into stealth and operation security concepts with a scenario-based objective targeting a matured environment representative of today's real-world environments.\r\n\r\nAt the end of the deep dive, attendees will have experienced the payload development cycle from the perspective of a nation-state adversary. Comprehend the mindset necessary to operate in today's most mature environments and the practical knowledge to craft their implants.","updated_timestamp":{"seconds":1721595490,"nanoseconds":0},"speakers":[{"content_ids":[55300,55927],"conference_id":133,"event_ids":[56518,56535,55690,56536],"name":"John Rodriguez","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55853}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T20:58:10Z","links":[],"end":"2024-08-10T20:50:00.000-0000","id":55690,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55853}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-21T20:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"SCCM abuse has become a popular technique in the offensive security community but can be intimidating to test in production environments due to its complexity. This workshop aims to provide operators not only a safe environment to practice tradecraft but also provide them with the confidence to properly find and assess SCCM during their engagements.\n\n\n","media":[],"title":"An Operator's Guide: Hunting SCCM in the Real World","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:50:00Z","end_timestamp":{"seconds":1723326600,"nanoseconds":0},"android_description":"SCCM abuse has become a popular technique in the offensive security community but can be intimidating to test in production environments due to its complexity. This workshop aims to provide operators not only a safe environment to practice tradecraft but also provide them with the confidence to properly find and assess SCCM during their engagements.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[54209,55299],"conference_id":133,"event_ids":[55689,54582],"name":"Garrett Foster","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SpecterOps","title":"Senior Consultant"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@garrfoster)","sort_order":0,"url":"https://twitter.com/garrfoster"}],"media":[],"id":53878,"title":"Senior Consultant at SpecterOps"},{"content_ids":[55299],"conference_id":133,"event_ids":[55689],"name":"Zachary Stein","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@synzack21)","sort_order":0,"url":"https://twitter.com/synzack21"}],"media":[],"id":55855}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T21:50:00.000-0000","id":55689,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":53878},{"tag_id":46167,"sort_order":4,"person_id":55855}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This presentation dives into the critical role of emotional intelligence in navigating microaggressions and fostering inclusive communication dynamics for Black professionals in the cybersecurity field, particularly focusing on interactions with peers and leadership. It explores how developing emotional intelligence skills can equip Black cybersecurity professionals to effectively address and mitigate the impact of microaggressions while promoting respectful and inclusive communication exchanges within the team and with leadership.\n\n\n","media":[],"title":"Navigating Microaggressions and Fostering Inclusive Communication with Peers and Leadership for Black Professionals","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"This presentation dives into the critical role of emotional intelligence in navigating microaggressions and fostering inclusive communication dynamics for Black professionals in the cybersecurity field, particularly focusing on interactions with peers and leadership. It explores how developing emotional intelligence skills can equip Black cybersecurity professionals to effectively address and mitigate the impact of microaggressions while promoting respectful and inclusive communication exchanges within the team and with leadership.","updated_timestamp":{"seconds":1721495326,"nanoseconds":0},"speakers":[{"content_ids":[55201],"conference_id":133,"event_ids":[55591],"name":"Jessica Hoffman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"DCISO & University Professor"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/jessica-hoffman-cissp/"}],"media":[],"id":55791,"title":"DCISO & University Professor"}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T17:08:46Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":55591,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55791}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-20T17:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"What exactly are SIEM and SOAR and why are they so critical to the cyber securitylandscape? In today's session, I want to explore the ins and outs of SIEM and SOAR platforms and how they can be scaled up and down from smaller businesses all the way to multiple billion-dollar firms and their security organizations. I will also be covering how learning and understanding automation and having soft skills in this space can set you apart from the competition and help you land a role faster. Anyone who is interested in the blue side of cybersecurity doesn't want to miss this.\n\n\n","media":[],"title":"Virtual SIEM/SOAR Workshop","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"What exactly are SIEM and SOAR and why are they so critical to the cyber securitylandscape? In today's session, I want to explore the ins and outs of SIEM and SOAR platforms and how they can be scaled up and down from smaller businesses all the way to multiple billion-dollar firms and their security organizations. I will also be covering how learning and understanding automation and having soft skills in this space can set you apart from the competition and help you land a role faster. Anyone who is interested in the blue side of cybersecurity doesn't want to miss this.","updated_timestamp":{"seconds":1721494784,"nanoseconds":0},"speakers":[{"content_ids":[55187],"conference_id":133,"event_ids":[55577],"name":"Kenneth Ellington","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Senior Cybersecurity Consultant"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/kenneth-ellington"},{"description":"","title":"Twitter (@KennethElling31)","sort_order":0,"url":"https://twitter.com/KennethElling31"},{"description":"","title":"Website","sort_order":0,"url":"https://kenneth-ellington.mykajabi.com/"}],"media":[],"id":55787,"title":"Senior Cybersecurity Consultant"}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T16:59:44Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":55577,"tag_ids":[46372,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55787}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-20T16:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Picking locks is fun, but what if you want more? Ever considered competing against other lock enthusiasts? In this talk we'll discuss the exciting lock-related competitions that take place around the world, how to find them, and what it takes to compete and win. \n\n\n","media":[],"title":"Locksport Competitions: Compete in the Olympics of Locks ","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:30:00Z","end_timestamp":{"seconds":1723321800,"nanoseconds":0},"android_description":"Picking locks is fun, but what if you want more? Ever considered competing against other lock enthusiasts? In this talk we'll discuss the exciting lock-related competitions that take place around the world, how to find them, and what it takes to compete and win.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54611],"conference_id":133,"event_ids":[54985],"name":"Matt Burrough","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54276}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T20:30:00.000-0000","id":54985,"tag_ids":[46384,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54276}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As a pilot and cybersecurity researcher, I am very interested of the nexus between aviation and security. To explore this interest, I developed a device called Fly Catcher - a device that detects for aircraft spoofing by monitoring for malicious ADS-B signals in the 1090MHz frequency. The device consists of a 1090 MHz antenna, a Flight Aware RTL SDR, a custom 3D printed case, a portable battery charger, and a MicroUSB cable.\n\nThe device receives ADS-B information from the antenna and the software-defined radio, which is then passed into a Convolutional Neural Network written with Python to detect whether or not the aircraft is spoofed. I trained the neural network on a dataset of valid ADS-B signals as well as a generated spoofed set of aircraft signals, to teach Fly Catcher how to detect and flag any suspicious ADS-B signals. It does this by checking for discrepancies in the signal's characteristics, such as its location, velocity, and identification.\n\nThe result outputted by the neural network is then displayed onto a radar screen allowing users to detect spoofed aircraft near them. To test the device, I brought it with me for an hour-long flight to scan for a wide variety of aircraft enroute. After the flight, the data was fed into the Neural Network to analyze any spoofed aircraft I might have encountered.\n\n\n\n","media":[],"title":"Fly Catcher - How I Developed a Low-Cost Raspberry Pi Based Device for ADS-B Spoof","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:30:00Z","end_timestamp":{"seconds":1723321800,"nanoseconds":0},"android_description":"As a pilot and cybersecurity researcher, I am very interested of the nexus between aviation and security. To explore this interest, I developed a device called Fly Catcher - a device that detects for aircraft spoofing by monitoring for malicious ADS-B signals in the 1090MHz frequency. The device consists of a 1090 MHz antenna, a Flight Aware RTL SDR, a custom 3D printed case, a portable battery charger, and a MicroUSB cable.\n\nThe device receives ADS-B information from the antenna and the software-defined radio, which is then passed into a Convolutional Neural Network written with Python to detect whether or not the aircraft is spoofed. I trained the neural network on a dataset of valid ADS-B signals as well as a generated spoofed set of aircraft signals, to teach Fly Catcher how to detect and flag any suspicious ADS-B signals. It does this by checking for discrepancies in the signal's characteristics, such as its location, velocity, and identification.\n\nThe result outputted by the neural network is then displayed onto a radar screen allowing users to detect spoofed aircraft near them. To test the device, I brought it with me for an hour-long flight to scan for a wide variety of aircraft enroute. After the flight, the data was fed into the Neural Network to analyze any spoofed aircraft I might have encountered.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54610],"conference_id":133,"event_ids":[54984],"name":"Angelina Tsuboi","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54302}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T20:30:00.000-0000","id":54984,"tag_ids":[46366,46419,46438,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54302}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is a live tutorial of hacking against keyboards of all forms. Attacking the keyboard is the ultimate strategy to hijack a session before it is encrypted, capturing plaintext at the source and (often) in much simpler ways than those required to attack network protocols. \n\nIn this session we explore available attack vectors against traditional keyboards, starting with plain old keyloggers. We then advance to \"Van Eck Phreaking\" style attacks against individual keystroke emanations as well as RF wireless connections, and we finally graduate to the new hotness: acoustic attacks by eavesdropping on the sound of you typing! \n\nUse your newfound knowledge for good, with great power comes great responsibility!\n\nA subset of signal leak attacks focusing on keyboards. This talk is compiled with open sources, no classified material will be discussed. \n\n\n\n","media":[],"title":"All Your Keyboards Are Belong to US!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"This is a live tutorial of hacking against keyboards of all forms. Attacking the keyboard is the ultimate strategy to hijack a session before it is encrypted, capturing plaintext at the source and (often) in much simpler ways than those required to attack network protocols. \n\nIn this session we explore available attack vectors against traditional keyboards, starting with plain old keyloggers. We then advance to \"Van Eck Phreaking\" style attacks against individual keystroke emanations as well as RF wireless connections, and we finally graduate to the new hotness: acoustic attacks by eavesdropping on the sound of you typing! \n\nUse your newfound knowledge for good, with great power comes great responsibility!\n\nA subset of signal leak attacks focusing on keyboards. This talk is compiled with open sources, no classified material will be discussed.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54609],"conference_id":133,"event_ids":[54983],"name":"Federico Lucifredi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"IBM and Red Hat","title":"Product Management Director, Ceph Storage"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@0xF2)","sort_order":0,"url":"https://twitter.com/0xF2"}],"media":[],"id":54296,"title":"Product Management Director, Ceph Storage at IBM and Red Hat"}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":54983,"tag_ids":[46169,46381,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54296}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As DevOps and developers are slowly shifting away from storing long-lived static credentials to the more secure, still kinda-new, OIDC alternative - the underlying logic, mechanisms and implementations tend to feel like complicated magic and are mostly overlooked.\r\n\r\nIn this talk, we'll begin by recapping what OIDC is, who are the interacting entities when OIDC is used, and how OIDC is taking place to securely access one's cloud using CI/CD flows.\r\n\r\nOnce covered, we will be able to alternate our point-of-view between the entities in play and demonstrate potential vulnerabilities in various setups.\r\n\r\nStarting with the user PoV, we will show what \"under-configurations\" look like, and continue by demonstrating how new OIDC configuration options can actually be misconfigurations that can result with a compromise.\r\n\r\nWe will then see another attack vector where leaking an OIDC token from a single repository in an organization can allow an attacker to abuse under-configurations and access private clouds.\r\n\r\nAfter that, we will shift our PoV to be of the Identity Provider (IdP) so that we can look into what happens if an IdP is misconfigured, and disclose a real-world security vulnerability found in one of the most popular CI vendors that allowed us to access any of their customers' cloud environments.\r\n\r\nI'll refer to this talk by the Tinder Security team [link](https://www.youtube.com/watch?v=pTKS99Nfaxw&t=747s) where they show how they could \"claim\" in the name of other identities due to under-configured WIFs.\r\n\n\n\n","media":[],"title":"OH-MY-DC: Abusing OIDC all the way to your cloud","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"As DevOps and developers are slowly shifting away from storing long-lived static credentials to the more secure, still kinda-new, OIDC alternative - the underlying logic, mechanisms and implementations tend to feel like complicated magic and are mostly overlooked.\r\n\r\nIn this talk, we'll begin by recapping what OIDC is, who are the interacting entities when OIDC is used, and how OIDC is taking place to securely access one's cloud using CI/CD flows.\r\n\r\nOnce covered, we will be able to alternate our point-of-view between the entities in play and demonstrate potential vulnerabilities in various setups.\r\n\r\nStarting with the user PoV, we will show what \"under-configurations\" look like, and continue by demonstrating how new OIDC configuration options can actually be misconfigurations that can result with a compromise.\r\n\r\nWe will then see another attack vector where leaking an OIDC token from a single repository in an organization can allow an attacker to abuse under-configurations and access private clouds.\r\n\r\nAfter that, we will shift our PoV to be of the Identity Provider (IdP) so that we can look into what happens if an IdP is misconfigured, and disclose a real-world security vulnerability found in one of the most popular CI vendors that allowed us to access any of their customers' cloud environments.\r\n\r\nI'll refer to this talk by the Tinder Security team [link](https://www.youtube.com/watch?v=pTKS99Nfaxw&t=747s) where they show how they could \"claim\" in the name of other identities due to under-configured WIFs.","updated_timestamp":{"seconds":1720463327,"nanoseconds":0},"speakers":[{"content_ids":[54494],"conference_id":133,"event_ids":[54867],"name":"Aviad Hahami","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Palo Alto Networks","title":""}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@_0xffd)","sort_order":0,"url":"https://twitter.com/_0xffd"}],"media":[],"id":54161,"title":"Palo Alto Networks"}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:28:47Z","links":[],"end":"2024-08-10T20:45:00.000-0000","id":54867,"tag_ids":[46166,46169,46419,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54161}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-08T18:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In 2018, a secure communications app called Anom started to gain popularity among organized criminals. Soon, top tier drug traffickers were using it all over the world. Because they thought their messages were secure, smugglers and hitmen coordinated high stakes crimes across the platform. But Anom had a secret: it was secretly run by the FBI.\r\n\r\nFor years Joseph Cox has investigated the inside story of Anom, speaking to people who coded the app, those who sold it, criminals who chatted across it, and the FBI agents who surreptitiously managed it. This new talk, building on details from his recent book DARK WIRE, will include never-before-published technical details on how the Anom network functioned, how the backdoor itself worked, and how Anom grew to such a size that the FBI started to lose control of its own creation. \r\n\r\nIt will also reflect on how police have entered a new phase of compromising entire encrypted phone networks, with little to no debate from the public, and provide critical insight on what really happens when authorities introduce a backdoor into a telecommunications product.\r\n\r\nDARK WIRE: The Incredible True Story of the Largest Sting Operation Ever, June 4th, 2024: [link](https://www.hachettebookgroup.com/titles/joseph-cox/dark-wire/9781541702691/?lens=publicaffairs)\n\n\n","media":[],"title":"Inside the FBI’s Secret Encrypted Phone Company ‘Anom’","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"In 2018, a secure communications app called Anom started to gain popularity among organized criminals. Soon, top tier drug traffickers were using it all over the world. Because they thought their messages were secure, smugglers and hitmen coordinated high stakes crimes across the platform. But Anom had a secret: it was secretly run by the FBI.\r\n\r\nFor years Joseph Cox has investigated the inside story of Anom, speaking to people who coded the app, those who sold it, criminals who chatted across it, and the FBI agents who surreptitiously managed it. This new talk, building on details from his recent book DARK WIRE, will include never-before-published technical details on how the Anom network functioned, how the backdoor itself worked, and how Anom grew to such a size that the FBI started to lose control of its own creation. \r\n\r\nIt will also reflect on how police have entered a new phase of compromising entire encrypted phone networks, with little to no debate from the public, and provide critical insight on what really happens when authorities introduce a backdoor into a telecommunications product.\r\n\r\nDARK WIRE: The Incredible True Story of the Largest Sting Operation Ever, June 4th, 2024: [link](https://www.hachettebookgroup.com/titles/joseph-cox/dark-wire/9781541702691/?lens=publicaffairs)","updated_timestamp":{"seconds":1720463339,"nanoseconds":0},"speakers":[{"content_ids":[54493,56001],"conference_id":133,"event_ids":[56623,54866],"name":"Joseph Cox","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Investigative Journalist"},{"organization":"404 Media","title":"Co-Founder"}],"pronouns":"he/him","links":[{"description":"","title":"Bsky","sort_order":0,"url":"https://bsky.app/profile/josephcox.bsky.social"},{"description":"","title":"Mastodon (@josephcox@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@josephcox"},{"description":"","title":"Twitter (@josephfcox)","sort_order":0,"url":"https://twitter.com/josephfcox"}],"media":[],"id":54153,"title":"Co-Founder at 404 Media"}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:28:59Z","links":[],"end":"2024-08-10T20:45:00.000-0000","id":54866,"tag_ids":[46166,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54153}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-08T18:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The world increasingly appreciates how much we rely on space systems for our personal, economic, and national security needs. However, the nation-state cyber threat to government and commercial systems continues to grow at a time when the current landscape of cybersecurity policies and frameworks aren’t readily applicable for space systems.\r\n\r\nIn this fireside chat, ONCD will have the opportunity to introduce our 2nd National Cyber Director to the research community and discuss some of his priorities, such as space cybersecurity. We will discuss how the White House has been working to tackle hard problems and challenges. In the instance of space cybersecurity, ONCD has been collaborating with federal space operators and the space industry to develop policy solutions, including by answering a tasking from the Vice President to develop minimum cybersecurity requirements for U.S. space systems. \n\n\n","media":[],"title":"Fireside Chat with Jay Healey and National Cyber Director Harry Coker, Jr.","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"The world increasingly appreciates how much we rely on space systems for our personal, economic, and national security needs. However, the nation-state cyber threat to government and commercial systems continues to grow at a time when the current landscape of cybersecurity policies and frameworks aren’t readily applicable for space systems.\r\n\r\nIn this fireside chat, ONCD will have the opportunity to introduce our 2nd National Cyber Director to the research community and discuss some of his priorities, such as space cybersecurity. We will discuss how the White House has been working to tackle hard problems and challenges. In the instance of space cybersecurity, ONCD has been collaborating with federal space operators and the space industry to develop policy solutions, including by answering a tasking from the Vice President to develop minimum cybersecurity requirements for U.S. space systems.","updated_timestamp":{"seconds":1721261756,"nanoseconds":0},"speakers":[{"content_ids":[54492],"conference_id":133,"event_ids":[54865],"name":"Harry Coker, Jr.","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"White House Office of the National Cyber Director (ONCD)","title":"National Cyber Director"}],"links":[],"pronouns":null,"media":[],"id":54113,"title":"National Cyber Director at White House Office of the National Cyber Director (ONCD)"},{"content_ids":[54492],"conference_id":133,"event_ids":[54865],"name":"Jay Healey","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54674}],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-18T00:15:56Z","links":[],"end":"2024-08-10T20:45:00.000-0000","id":54865,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54113},{"tag_id":46167,"sort_order":4,"person_id":54674}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-07-18T00:15:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Get ready to strut your stuff, hackers! We're thrilled to announce the 6th annual Hack3r Runw@y returning to DEF CON 32, bigger and bolder than ever.\r\n\r\nCalling all glamorous geeks, crafty coders, and fashionably functional folks: Dust off your soldering irons, grab your needles and threads, and unleash your creativity! Hack3r Runw@y challenges you to reimagine fashion through the lens of hacking.\r\n\r\nShow us your wearable tech wonders in the following 4 categories for a chance to win in each category plus one coveted People’s Choice trophy where ANYONE can win, but there will be a twist. Did you see this year's theme (hint).\r\n\r\nSmart wear that wows: Integrate LEDs, microcontrollers, and sensors into your designs for dazzling functionality.\r\n\r\nDigital design that dazzles: light it up with LEDs, bling with lights, but keep it passive.\r\n\r\nFunctional Fashion: masks and shields, hazmat suit, lockpick earrings, and cufflink shims.\r\n\r\nExtraordinary style: Elevate your daily wardrobe with unique fabrics, passive design, 3d textures, optical illusions, cosplay, and security-inspired patterns.\r\n\r\nNo matter your skill level, Hack3r Runw@y has a place for you! Whether you're a seasoned maker or a coding newbie, join us in celebrating the convergence of creativity, technology, and style.\r\n\r\nWinners selected by judges selection based on:\r\n\r\nUniqueness\r\nTrendy\r\nPractical\r\nCouture\r\nCreativity\r\nRelevance\r\nOriginality\r\nPresentation\r\nMastery\n\n\n","media":[{"hash_sha256":"90908ba4a7bf0e11167114397d24e522453fd0810cbee9c9c6e675120cd23e6c","filetype":"image/png","hash_md5":"24d77c529e00d7a297152d4f47229091","name":"ct_hack3rrunway2024-fin.png","is_logo":"Y","hash_crc32c":"04c8e95e","filesize":223387,"asset_id":708,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hack3rrunway2024-fin.png"}],"title":"Hack3r Runw@y","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Get ready to strut your stuff, hackers! We're thrilled to announce the 6th annual Hack3r Runw@y returning to DEF CON 32, bigger and bolder than ever.\r\n\r\nCalling all glamorous geeks, crafty coders, and fashionably functional folks: Dust off your soldering irons, grab your needles and threads, and unleash your creativity! Hack3r Runw@y challenges you to reimagine fashion through the lens of hacking.\r\n\r\nShow us your wearable tech wonders in the following 4 categories for a chance to win in each category plus one coveted People’s Choice trophy where ANYONE can win, but there will be a twist. Did you see this year's theme (hint).\r\n\r\nSmart wear that wows: Integrate LEDs, microcontrollers, and sensors into your designs for dazzling functionality.\r\n\r\nDigital design that dazzles: light it up with LEDs, bling with lights, but keep it passive.\r\n\r\nFunctional Fashion: masks and shields, hazmat suit, lockpick earrings, and cufflink shims.\r\n\r\nExtraordinary style: Elevate your daily wardrobe with unique fabrics, passive design, 3d textures, optical illusions, cosplay, and security-inspired patterns.\r\n\r\nNo matter your skill level, Hack3r Runw@y has a place for you! Whether you're a seasoned maker or a coding newbie, join us in celebrating the convergence of creativity, technology, and style.\r\n\r\nWinners selected by judges selection based on:\r\n\r\nUniqueness\r\nTrendy\r\nPractical\r\nCouture\r\nCreativity\r\nRelevance\r\nOriginality\r\nPresentation\r\nMastery","updated_timestamp":{"seconds":1719554693,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T20:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T06:04:53Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249352"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249353"},{"label":"More Info","type":"link","url":"https://hack3rrunway.github.io/"}],"end":"2024-08-10T22:00:00.000-0000","id":54612,"tag_ids":[46427,46439,46493],"village_id":null,"begin_timestamp":{"seconds":1723320000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46334,"name":"LVCC - L1 - North Lobby Contests/ACK Stage","hotel":"","short_name":"North Lobby Contests/ACK Stage","id":46332},"spans_timebands":"N","begin":"2024-08-10T20:00:00.000-0000","updated":"2024-06-28T06:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"During this presentation, we will address the critical importance of permission management in Cloud Native integrations and how an inadequate permissions model can create significant advantages for attackers. We will demonstrate how an attacker can exploit standard permissions to achieve privilege escalation, explain what Choke Points are, and illustrate Attack Paths in practice, showing how an attacker can progress towards success in their objectives. As the ultimate goal of this talk, we will present practical actions to enhance the security of your environment in this context and mitigate these threats.\n\n\n","media":[],"title":"Revealing Choke Points: Practical Tactics for Boosting Cloud Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:10:00Z","end_timestamp":{"seconds":1723320600,"nanoseconds":0},"android_description":"During this presentation, we will address the critical importance of permission management in Cloud Native integrations and how an inadequate permissions model can create significant advantages for attackers. We will demonstrate how an attacker can exploit standard permissions to achieve privilege escalation, explain what Choke Points are, and illustrate Attack Paths in practice, showing how an attacker can progress towards success in their objectives. As the ultimate goal of this talk, we will present practical actions to enhance the security of your environment in this context and mitigate these threats.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55303,55493,55964],"conference_id":133,"event_ids":[56580,55693,55922],"name":"Filipi Pires","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"senhasegura","title":"Security and Threat Researcher and Cybersecurity Advocate"},{"organization":"Black&White Technology","title":"Founder"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/filipipires/"},{"description":"","title":"Twitter (@FilipiPires)","sort_order":0,"url":"https://twitter.com/FilipiPires"},{"description":"","title":"Website","sort_order":0,"url":"https://filipipires.com"}],"media":[],"id":55857,"title":"Founder at Black&White Technology"}],"begin_tsz":"2024-08-10T19:40:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-10T20:10:00.000-0000","id":55922,"tag_ids":[46169,46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723318800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":55857}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-10T19:40:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Curious about mobile phone privacy? Come on over for this workshop with lots of direct Q&A!\n\n\n","media":[],"title":"Basic Mobile Phone Privacy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Curious about mobile phone privacy? Come on over for this workshop with lots of direct Q&A!","updated_timestamp":{"seconds":1723249495,"nanoseconds":0},"speakers":[{"content_ids":[54553,56218],"conference_id":133,"event_ids":[56872,56878,54928],"name":"Grey Fox","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54320}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-10T00:24:55Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":56878,"tag_ids":[46377,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54320}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-08-10T00:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Internet bandwidth, or transit, the thing that people pay for when they “connect to the Internet,” is largely transnational, and is balanced by substantial transborder flows of capital. As the Internet becomes our primary mode of communication, the international financial impact of trade in Internet bandwidth itself becomes a substantial risk for net-consumer countries like India and the United Arab Emirates, and a substantial opportunity for net-exporter countries like the Netherlands and Brazil. Governments are beginning to recognize these risks and opportunities, and seeking to manage them in an informed and deliberate way, which requires instrumentation of flows of bandwidth which haven’t existed ubiquitously since prior to the 1992 privatization of the Internet and dissolution of the centralized Internet backbone. This talk looks at the mechanisms and efforts underway in intergovernmental treaty organizations to coordinate harmonized and repeatable technical mechanisms of bandwidth measurement.\n\n\n","media":[],"title":"Measuring the international balance of trade in Internet bandwidth: introducing Netflow to Ministries of Finance","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:50:00Z","end_timestamp":{"seconds":1723319400,"nanoseconds":0},"android_description":"Internet bandwidth, or transit, the thing that people pay for when they “connect to the Internet,” is largely transnational, and is balanced by substantial transborder flows of capital. As the Internet becomes our primary mode of communication, the international financial impact of trade in Internet bandwidth itself becomes a substantial risk for net-consumer countries like India and the United Arab Emirates, and a substantial opportunity for net-exporter countries like the Netherlands and Brazil. Governments are beginning to recognize these risks and opportunities, and seeking to manage them in an informed and deliberate way, which requires instrumentation of flows of bandwidth which haven’t existed ubiquitously since prior to the 1992 privatization of the Internet and dissolution of the centralized Internet backbone. This talk looks at the mechanisms and efforts underway in intergovernmental treaty organizations to coordinate harmonized and repeatable technical mechanisms of bandwidth measurement.","updated_timestamp":{"seconds":1723168846,"nanoseconds":0},"speakers":[{"content_ids":[54453,56178,55917],"conference_id":133,"event_ids":[56832,54826,56508],"name":"Bill Woodcock","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Packet Clearing House","title":"Executive Director"}],"links":[],"pronouns":null,"media":[],"id":54077,"title":"Executive Director at Packet Clearing House"}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T02:00:46Z","links":[],"end":"2024-08-10T19:50:00.000-0000","id":56832,"tag_ids":[46388,46419,46511],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54077}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-08-09T02:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this 50-minute session, we will explore the critical role of Global Navigation Satellite Systems (GNSS) and the escalating cyber threats they face. GNSS technologies such as GPS, GLONASS, Galileo, and BeiDou are indispensable for providing precise positioning, navigation, and timing services across various sectors. However, these systems are increasingly vulnerable to cyber attacks. Join us to uncover disruptive techniques that threaten essential services in transportation, utilities, public safety, and finance. Don't miss the fascinating real-life case studies we'll discuss, highlighting strategies to defend against these threats.\n\n\n","media":[],"title":"Threats in Space: The Dangerous Rise of GNSS Attacks","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:30:00Z","end_timestamp":{"seconds":1723321800,"nanoseconds":0},"android_description":"In this 50-minute session, we will explore the critical role of Global Navigation Satellite Systems (GNSS) and the escalating cyber threats they face. GNSS technologies such as GPS, GLONASS, Galileo, and BeiDou are indispensable for providing precise positioning, navigation, and timing services across various sectors. However, these systems are increasingly vulnerable to cyber attacks. Join us to uncover disruptive techniques that threaten essential services in transportation, utilities, public safety, and finance. Don't miss the fascinating real-life case studies we'll discuss, highlighting strategies to defend against these threats.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55960,55970],"conference_id":133,"event_ids":[56576,56586],"name":"Isabel Manjarrez","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Threat Researcher (GReAT)"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@IsMR0a)","sort_order":0,"url":"https://x.com/IsMR0a"}],"media":[],"id":56306,"title":"Threat Researcher (GReAT)"}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-10T20:30:00.000-0000","id":56586,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56306}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The goals of this presentation is to get the participants comfortable with breaking down CTI,\r\nmapping those insights to MITRE, and creating a campaign that will bring value to their work.\r\nEverything is completely focused on post-exploitation TTPs, and their importance. We will not\r\nreview how to integrate IoCs into the mapping of threats. Participants will walk away with a full\r\nexample of the process, resources to explore later, and examples for thinking critically about\r\ntest cases.\r\n\r\nThere is a strong purple style emphasis here, to help bridge knowledge gaps, and show the\r\nimportance for defensive engineers to validate their security controls. This will not bring insight\r\ninto utilizing the results for remediations, threat hunting, or any other engineering strategy.\r\n\r\nEverything in this presentation is free or open-source. Any mentions of vendors (for CTI content) is solely for the purpose of using a research paper resource that is free to the public, and are not meant to advertise.\r\n\r\nWith an interactive session, participants will learn how: (not in this particular order)\r\n* To choose a threat/actor who is relevant to their organization\r\n* I will have a premade scenario and example ready for participants to follow along\r\n* Setting High-Level Goals for their campaign\r\n* Map their threat/actor to MITRE ATT&CK\r\n** Overview of ATT&CK\r\n\r\n* Simulation Vs Emulation\r\n** how this impacts choosing content\r\n** Combining multiple threats to create a campaign\r\n\r\n* The Power of CTI: Explore completely free CTI resources\r\n** will cover at least 4\r\n** explore already published campaign content\r\n** Interactive Questions & Answers: Making content choices\r\n*** Ex: Is X or Y a better test case for this situation?\r\n** Create multiple layers in ATT&CK navigator, to build their campaign\r\n** Add in open-source content, such as Atomic-Red-Team\r\n*** Quick Demo & interactive: how to find the right Atomic Content\r\n\r\n* Finalizing the Campaign\r\n* Overview of manual options and using open-source tools for executing campaigns\r\n\r\nOther High-level topics that will be presented: (not in this particular order)\r\n* Why create your own content if there is none available\r\n** Your org is in the beginning stages of adopting this strategy, and you want to find\r\na good place to start\r\n** Demonstrate Value (KPIs)\r\n** Budget: org cant onboard BAS/Simulator tools\r\n** You have a BAS but the content isn't there for a specific threat OR its not\r\ncomprehensive enough\r\n* Why focus on a threat actor's TTPs\r\n** Remediations are focused on the type of attack, not a specific indicator\r\n* Adopting Threats for your organization\r\n** Following a framework inspired by MITRE\r\n** Accepting specific threats/actors as likely to target\r\n* Avoiding Technical Bias when choosing test cases\r\n** particularly challenging for engineers who create detections, or work with EDR\r\nsolutions.\r\n\r\n* Make zero assumptions of whether or not a test case will get stopped/logged\r\n** Most important to choose the most aligned content to your threat/actor's TTPs\r\n* Convincing Benefits\r\n** Detection Validation Strategies: High Level Overview(SIEM, EDR, DLP, ect)\r\n** SOC/IR gets to see examples of a full attack chain for specific threat\r\n** Detection engineering gets to understand logging/EDR/tool gaps\r\n** Threat Hunting benefits from both of these insights\r\n* List of Free Resources to dive more into these topics\n\n\nPremise:\r\n* Organizations are becoming increasingly aware of the importance of understanding the\r\nTTPs of the threats/actors most likely to target them.\r\n* Many organizations cannot afford outside consultants, or the ability to maintain a\r\ndedicated internal offensive team. Or they want this style of testing, but don't know how\r\nto get started, or show leadership the value.\r\n* This talk is for any engineer or team leader who wants to bring Adversarial\r\nEmulation/Simulation to their organization to understand how they compare against an\r\nattack from a likely threat. It is also valuable for consultants who want to provide this\r\nservice to their clients.\r\n* If someone is new to offensive techniques, this will be a way for them to think about how this strategy applies to their role, and embrace it as a defensive strategy.\r\n\r\nThe goals of this presentation is to get the participants comfortable with breaking down CTI,\r\nmapping those insights to MITRE, and creating a campaign that will bring value to their work.\r\nEverything is completely focused on post-exploitation TTPs, and their importance. We will not\r\nreview how to integrate IoCs into the mapping of threats. Participants will walk away with a full\r\nexample of the process, resources to explore later, and examples for thinking critically about\r\ntest cases.","media":[],"title":"From CTI to Creating Campaigns","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:30:00Z","end_timestamp":{"seconds":1723321800,"nanoseconds":0},"android_description":"The goals of this presentation is to get the participants comfortable with breaking down CTI,\r\nmapping those insights to MITRE, and creating a campaign that will bring value to their work.\r\nEverything is completely focused on post-exploitation TTPs, and their importance. We will not\r\nreview how to integrate IoCs into the mapping of threats. Participants will walk away with a full\r\nexample of the process, resources to explore later, and examples for thinking critically about\r\ntest cases.\r\n\r\nThere is a strong purple style emphasis here, to help bridge knowledge gaps, and show the\r\nimportance for defensive engineers to validate their security controls. This will not bring insight\r\ninto utilizing the results for remediations, threat hunting, or any other engineering strategy.\r\n\r\nEverything in this presentation is free or open-source. Any mentions of vendors (for CTI content) is solely for the purpose of using a research paper resource that is free to the public, and are not meant to advertise.\r\n\r\nWith an interactive session, participants will learn how: (not in this particular order)\r\n* To choose a threat/actor who is relevant to their organization\r\n* I will have a premade scenario and example ready for participants to follow along\r\n* Setting High-Level Goals for their campaign\r\n* Map their threat/actor to MITRE ATT&CK\r\n** Overview of ATT&CK\r\n\r\n* Simulation Vs Emulation\r\n** how this impacts choosing content\r\n** Combining multiple threats to create a campaign\r\n\r\n* The Power of CTI: Explore completely free CTI resources\r\n** will cover at least 4\r\n** explore already published campaign content\r\n** Interactive Questions & Answers: Making content choices\r\n*** Ex: Is X or Y a better test case for this situation?\r\n** Create multiple layers in ATT&CK navigator, to build their campaign\r\n** Add in open-source content, such as Atomic-Red-Team\r\n*** Quick Demo & interactive: how to find the right Atomic Content\r\n\r\n* Finalizing the Campaign\r\n* Overview of manual options and using open-source tools for executing campaigns\r\n\r\nOther High-level topics that will be presented: (not in this particular order)\r\n* Why create your own content if there is none available\r\n** Your org is in the beginning stages of adopting this strategy, and you want to find\r\na good place to start\r\n** Demonstrate Value (KPIs)\r\n** Budget: org cant onboard BAS/Simulator tools\r\n** You have a BAS but the content isn't there for a specific threat OR its not\r\ncomprehensive enough\r\n* Why focus on a threat actor's TTPs\r\n** Remediations are focused on the type of attack, not a specific indicator\r\n* Adopting Threats for your organization\r\n** Following a framework inspired by MITRE\r\n** Accepting specific threats/actors as likely to target\r\n* Avoiding Technical Bias when choosing test cases\r\n** particularly challenging for engineers who create detections, or work with EDR\r\nsolutions.\r\n\r\n* Make zero assumptions of whether or not a test case will get stopped/logged\r\n** Most important to choose the most aligned content to your threat/actor's TTPs\r\n* Convincing Benefits\r\n** Detection Validation Strategies: High Level Overview(SIEM, EDR, DLP, ect)\r\n** SOC/IR gets to see examples of a full attack chain for specific threat\r\n** Detection engineering gets to understand logging/EDR/tool gaps\r\n** Threat Hunting benefits from both of these insights\r\n* List of Free Resources to dive more into these topics\n\n\nPremise:\r\n* Organizations are becoming increasingly aware of the importance of understanding the\r\nTTPs of the threats/actors most likely to target them.\r\n* Many organizations cannot afford outside consultants, or the ability to maintain a\r\ndedicated internal offensive team. Or they want this style of testing, but don't know how\r\nto get started, or show leadership the value.\r\n* This talk is for any engineer or team leader who wants to bring Adversarial\r\nEmulation/Simulation to their organization to understand how they compare against an\r\nattack from a likely threat. It is also valuable for consultants who want to provide this\r\nservice to their clients.\r\n* If someone is new to offensive techniques, this will be a way for them to think about how this strategy applies to their role, and embrace it as a defensive strategy.\r\n\r\nThe goals of this presentation is to get the participants comfortable with breaking down CTI,\r\nmapping those insights to MITRE, and creating a campaign that will bring value to their work.\r\nEverything is completely focused on post-exploitation TTPs, and their importance. We will not\r\nreview how to integrate IoCs into the mapping of threats. Participants will walk away with a full\r\nexample of the process, resources to explore later, and examples for thinking critically about\r\ntest cases.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55758],"conference_id":133,"event_ids":[56283],"name":"Noah Lazzaro","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56170}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-10T20:30:00.000-0000","id":56283,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56170}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This workshop offers a hands-on introduction to developing Osquery extensions for Linux and macOS, aimed at beginners seeking to enhance endpoint security visibility. Through guided instruction, participants will explore Osquery extension architecture, the Thrift API, SQL-based querying, and module integration. Real-world examples and best practices will be emphasized, providing attendees with the skills to create custom extensions tailored to organizational security needs. By the end of the session, participants will have the confidence to leverage Osquery effectively in bolstering endpoint security defenses. Python will be used during the workshop. Basic knowledge of python will be sufficient to follow workshop.\r\n\r\nOutline:\r\n\r\n- Introduction to Osquery and its role in endpoint security\r\n- Overview of Osquery extension architecture\r\n- First extension \r\n- Understanding the basics of Osquery Thrift API \r\n- Real-world examples and use cases\r\n- Hands-on exercises and practical application\r\n- Q&A and interactive discussion\n\n\nJoin us for a comprehensive introduction to developing Osquery extensions tailored for Linux and macOS environments. This hands-on training session, designed for beginners, will demystify the process of extending Osquery functionalities, empowering attendees to bolster their endpoint security strategies. Throughout the workshop, participants will learn the fundamentals of Osquery extension development, gain practical insights through real-world examples, and discover how to leverage Osquery's capabilities to enhance visibility into their endpoint ecosystems. By the end of this session, attendees will have the confidence and knowledge to create custom Osquery extensions, effectively enriching their organization's security posture.","media":[],"title":"Introduction to Creating Osquery Extensions: Enhancing Endpoint Security Visibility","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T20:30:00Z","end_timestamp":{"seconds":1723321800,"nanoseconds":0},"android_description":"This workshop offers a hands-on introduction to developing Osquery extensions for Linux and macOS, aimed at beginners seeking to enhance endpoint security visibility. Through guided instruction, participants will explore Osquery extension architecture, the Thrift API, SQL-based querying, and module integration. Real-world examples and best practices will be emphasized, providing attendees with the skills to create custom extensions tailored to organizational security needs. By the end of the session, participants will have the confidence to leverage Osquery effectively in bolstering endpoint security defenses. Python will be used during the workshop. Basic knowledge of python will be sufficient to follow workshop.\r\n\r\nOutline:\r\n\r\n- Introduction to Osquery and its role in endpoint security\r\n- Overview of Osquery extension architecture\r\n- First extension \r\n- Understanding the basics of Osquery Thrift API \r\n- Real-world examples and use cases\r\n- Hands-on exercises and practical application\r\n- Q&A and interactive discussion\n\n\nJoin us for a comprehensive introduction to developing Osquery extensions tailored for Linux and macOS environments. This hands-on training session, designed for beginners, will demystify the process of extending Osquery functionalities, empowering attendees to bolster their endpoint security strategies. Throughout the workshop, participants will learn the fundamentals of Osquery extension development, gain practical insights through real-world examples, and discover how to leverage Osquery's capabilities to enhance visibility into their endpoint ecosystems. By the end of this session, attendees will have the confidence and knowledge to create custom Osquery extensions, effectively enriching their organization's security posture.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55746],"conference_id":133,"event_ids":[56270],"name":"Kivanc Aydin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56149}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-10T20:30:00.000-0000","id":56270,"tag_ids":[46373,46734],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56149}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W309 (BTV Track 2 Workshops)","hotel":"","short_name":"W309 (BTV Track 2 Workshops)","id":46473},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Earlier this year, I traveled with 2 full suitcases and shipped a 30lbs box to a conference, just to bring along a few readers, a few EACS and mini-doors for a small RFID village. I wanted to make that easier, so this talk will run through the process of planning, designing, and building a better solution, and hopefully make it easier for others to do the same.\n\n\n","media":[],"title":"DoorSim - making my conference travel easier","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:55:00Z","end_timestamp":{"seconds":1723319700,"nanoseconds":0},"android_description":"Earlier this year, I traveled with 2 full suitcases and shipped a 30lbs box to a conference, just to bring along a few readers, a few EACS and mini-doors for a small RFID village. I wanted to make that easier, so this talk will run through the process of planning, designing, and building a better solution, and hopefully make it easier for others to do the same.","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55455],"conference_id":133,"event_ids":[55880],"name":"evildaemond (Adam Foster)","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@evildaemond)","sort_order":0,"url":"https://twitter.com/evildaemond"}],"media":[],"id":55994}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-10T19:55:00.000-0000","id":55880,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55994}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Time to mingle! Discover who can tell the best dad jokes. We're taking a quick break - be back soon!\n\n\n","media":[],"title":"SECV - Break / Networking","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Time to mingle! Discover who can tell the best dad jokes. We're taking a quick break - be back soon!","updated_timestamp":{"seconds":1722102841,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T17:54:01Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":55832,"tag_ids":[46393,46641],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-07-27T17:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is a hands-on workshop with a lab that will help students and attendees learn some of the common and interesting ways to takeover accounts or escalate access while looking for vulnerabilities in a web app. These labs are all based on valid and have been awarded bounties by multiple large organizations such as Amazon, Zoom, PayPal, Yahoo, and more!\r\n\r\nPre-Prerequisites\r\n- Basic understanding of web application hacking\r\n- Knowledge of Web Proxies\r\n- Working laptop\r\n- Working WiFi (Will not be doable without access to a working WiFi)\r\n- Caido (BurpSuite or similar works too!)\n\n\n","media":[],"title":"A Bug Hunter's Guide to Account Takeover","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"This is a hands-on workshop with a lab that will help students and attendees learn some of the common and interesting ways to takeover accounts or escalate access while looking for vulnerabilities in a web app. These labs are all based on valid and have been awarded bounties by multiple large organizations such as Amazon, Zoom, PayPal, Yahoo, and more!\r\n\r\nPre-Prerequisites\r\n- Basic understanding of web application hacking\r\n- Knowledge of Web Proxies\r\n- Working laptop\r\n- Working WiFi (Will not be doable without access to a working WiFi)\r\n- Caido (BurpSuite or similar works too!)","updated_timestamp":{"seconds":1721438395,"nanoseconds":0},"speakers":[{"content_ids":[55175,55181,55265],"conference_id":133,"event_ids":[55563,55569,55655],"name":"Ben \"NahamSec\" Sadeghipour","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Hacking Hub","title":""}],"pronouns":null,"links":[{"description":"","title":"Twitter (@nahamsec)","sort_order":0,"url":"https://twitter.com/nahamsec"}],"media":[],"id":54808,"title":"Hacking Hub"}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T01:19:55Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#a-bug-hunters-guide-to-account-takeover"}],"end":"2024-08-10T21:00:00.000-0000","id":55569,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54808}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-07-20T01:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Clean Energy technology, while essential for the energy transition, often utilizes components sourced from adversarial countries, potentially increasing cyber vulnerabilities, especially in systems managed by smaller utilities with limited cybersecurity expertise. The previous approaches of 'rip and replace' to eliminate foreign components have proved inadequate and if applied to clean energy, may be economically and technically destabilizing.\r\n\r\nThis policy session will also delve into the broader implications of a digitalized supply chain, where simplistic views of cybersecurity do not suffice. Instead, a nuanced understanding of the operational and physical realities of energy systems is essential. By discussing how to balance immediate economic pressures against long-term sustainability and security, the session aims to foster a more informed and effective policy discourse.\r\n\r\nIn summary, as the energy sector evolves to include diverse infrastructure systems—ranging from hospitals to military installations—the need for a robust, informed, and agile policy approach to cybersecurity becomes increasingly critical. This session will provide a platform for critical discourse to ensure that the transition to renewable energy is both secure and sustainable, aligning climate goals with national security imperatives\n\n\n","media":[],"title":"Pick Your Poison: Navigating a secure clean energy transition","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:15:00Z","end_timestamp":{"seconds":1723320900,"nanoseconds":0},"android_description":"Clean Energy technology, while essential for the energy transition, often utilizes components sourced from adversarial countries, potentially increasing cyber vulnerabilities, especially in systems managed by smaller utilities with limited cybersecurity expertise. The previous approaches of 'rip and replace' to eliminate foreign components have proved inadequate and if applied to clean energy, may be economically and technically destabilizing.\r\n\r\nThis policy session will also delve into the broader implications of a digitalized supply chain, where simplistic views of cybersecurity do not suffice. Instead, a nuanced understanding of the operational and physical realities of energy systems is essential. By discussing how to balance immediate economic pressures against long-term sustainability and security, the session aims to foster a more informed and effective policy discourse.\r\n\r\nIn summary, as the energy sector evolves to include diverse infrastructure systems—ranging from hospitals to military installations—the need for a robust, informed, and agile policy approach to cybersecurity becomes increasingly critical. This session will provide a platform for critical discourse to ensure that the transition to renewable energy is both secure and sustainable, aligning climate goals with national security imperatives","updated_timestamp":{"seconds":1720396877,"nanoseconds":0},"speakers":[{"content_ids":[54608],"conference_id":133,"event_ids":[54982],"name":"Emma Stewart","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Center for Securing the Digital Energy Transition","title":"Director"},{"organization":"Idaho National Labs","title":"Chief Power Grid Scientist"}],"links":[],"pronouns":null,"media":[],"id":54334,"title":"Chief Power Grid Scientist at Idaho National Labs"}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T00:01:17Z","links":[],"end":"2024-08-10T20:15:00.000-0000","id":54982,"tag_ids":[46388,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54334}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-07-08T00:01:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Manufacturing continues to be a top targeted sector by cyber threat actors, especially by ransomware. Dragos 2023 Year In Review showed that 70% of all ransomware victims were manufacturers. The Global Resilience Federation Ransomware Report shows very similar figures. There are some specific elements that make manufacturing a particularly attractive target for ransomware such as the lack of network security and segmentation, IT compromise that often leads to operational disruption (even if there is not OT network intrusion), manufacturing having tight margins, a lack of a compliance regime, and organizational size all contributing. Manufacturing continues to be a top targeted sector by cyber threat actors, especially by ransomware. Dragos 2023 Year In Review showed that 70% of all ransomware victims were manufacturers. The Global Resilience Federation Ransomware Report shows very similar figures. There are some specific elements that make manufacturing a particularly attractive target for ransomware such as the lack of network security and segmentation, IT compromise that often leads to operational disruption (even if there is not OT network intrusion), manufacturing having tight margins, a lack of a compliance regime, and organizational size all contributing.\r\n\r\nWhile manufacturing as a whole lags many other critical infrastructure sectors in aspects of cyber security there is a category that manufacturing has consistently led other industry verticals in, automation and device connectivity in the operational technology domain. Manufacturer’s OT network environments increasingly are set up as a network or hyper connected IIoT devices, where all data goes to the cloud and often comes back from the cloud to offer changes, and all participants have access into the OT network domain allowing manufacturing to push the boundaries of what products are technically possible, what production efficiencies are possible, and how OT environments can scale as never before.\r\n\r\nThis has obviously come with downside risks that manufacturers are only now beginning to grapple with and to make meaningful changes to better protect their networks and the gains they have made. Their growing pains can serve as roadmap of what to do and what not to do as many other OT intensive industry verticals are moving very quickly into similar use cases.\n\n\n","media":[],"title":"Manufacturing- Lessons Learned, Lessons Taught","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Manufacturing continues to be a top targeted sector by cyber threat actors, especially by ransomware. Dragos 2023 Year In Review showed that 70% of all ransomware victims were manufacturers. The Global Resilience Federation Ransomware Report shows very similar figures. There are some specific elements that make manufacturing a particularly attractive target for ransomware such as the lack of network security and segmentation, IT compromise that often leads to operational disruption (even if there is not OT network intrusion), manufacturing having tight margins, a lack of a compliance regime, and organizational size all contributing. Manufacturing continues to be a top targeted sector by cyber threat actors, especially by ransomware. Dragos 2023 Year In Review showed that 70% of all ransomware victims were manufacturers. The Global Resilience Federation Ransomware Report shows very similar figures. There are some specific elements that make manufacturing a particularly attractive target for ransomware such as the lack of network security and segmentation, IT compromise that often leads to operational disruption (even if there is not OT network intrusion), manufacturing having tight margins, a lack of a compliance regime, and organizational size all contributing.\r\n\r\nWhile manufacturing as a whole lags many other critical infrastructure sectors in aspects of cyber security there is a category that manufacturing has consistently led other industry verticals in, automation and device connectivity in the operational technology domain. Manufacturer’s OT network environments increasingly are set up as a network or hyper connected IIoT devices, where all data goes to the cloud and often comes back from the cloud to offer changes, and all participants have access into the OT network domain allowing manufacturing to push the boundaries of what products are technically possible, what production efficiencies are possible, and how OT environments can scale as never before.\r\n\r\nThis has obviously come with downside risks that manufacturers are only now beginning to grapple with and to make meaningful changes to better protect their networks and the gains they have made. Their growing pains can serve as roadmap of what to do and what not to do as many other OT intensive industry verticals are moving very quickly into similar use cases.","updated_timestamp":{"seconds":1720396929,"nanoseconds":0},"speakers":[{"content_ids":[54607],"conference_id":133,"event_ids":[54981],"name":"Tim Chase","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Global Resilience Federation (GRF)","title":"Program Director"}],"links":[],"pronouns":null,"media":[],"id":54261,"title":"Program Director at Global Resilience Federation (GRF)"}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T00:02:09Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":54981,"tag_ids":[46382,46419,46463,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54261}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-07-08T00:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Talking to pilots and operators, an important aspect of GPS spoofing and jamming is being missed from the narrative in the media. We know about position spoofing, that's a given. What doesn't appear to be getting much attention is the effect of time spoofing.\n\nThe most significant of these is an incident where time was spoofed a significant period into the future. This caused all digital certificates on board an aircraft to become invalid and caused all electronic communications to fail. As GPS clocks have protection against time being rolled backwards, but not forward, the aircraft was grounded for several weeks for systems to be reflashed and the clocks to be reset,\n\nCoarse time spoofing could therefore ground entire fleets. We'll discuss this and potential mitigations. If time allows, we could touch on conventional RF navaids and their exposure to similar attacks.\n\n\n\n","media":[],"title":"GPS spoofing: it's about time, not just position","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Talking to pilots and operators, an important aspect of GPS spoofing and jamming is being missed from the narrative in the media. We know about position spoofing, that's a given. What doesn't appear to be getting much attention is the effect of time spoofing.\n\nThe most significant of these is an incident where time was spoofed a significant period into the future. This caused all digital certificates on board an aircraft to become invalid and caused all electronic communications to fail. As GPS clocks have protection against time being rolled backwards, but not forward, the aircraft was grounded for several weeks for systems to be reflashed and the clocks to be reset,\n\nCoarse time spoofing could therefore ground entire fleets. We'll discuss this and potential mitigations. If time allows, we could touch on conventional RF navaids and their exposure to similar attacks.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54606,55837,56177],"conference_id":133,"event_ids":[56387,56831,54980],"name":"Ken Munro","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Pen Test Partners","title":"Partner and Founder"}],"links":[],"pronouns":null,"media":[],"id":54347,"title":"Partner and Founder at Pen Test Partners"}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":54980,"tag_ids":[46366,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54347}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"An ex-employee's work laptop, a secret hardware prototype, the company backup server, and classified government computers. What do these things have in common? They should never end up on the public market. Ask any IT department and they'll tell you that \"it happens\", but how serious is the problem and what's really at stake? This talk explores the interesting journey of a research project to learn the surprising answers to these questions.\n\nAlong the way we'll scrape over 150 million images from online listings in Western and Eastern second hand markets, hack together an OCR cluster out of old iPhones, reverse engineer well-obfuscated Chinese apps, and converse with secretive underground groups of collectors.\n\n\n","media":[],"title":"The Secret Life of a Rogue Device - Lost IT Assets on the Public Marketplace","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T20:15:00Z","end_timestamp":{"seconds":1723320900,"nanoseconds":0},"android_description":"An ex-employee's work laptop, a secret hardware prototype, the company backup server, and classified government computers. What do these things have in common? They should never end up on the public market. Ask any IT department and they'll tell you that \"it happens\", but how serious is the problem and what's really at stake? This talk explores the interesting journey of a research project to learn the surprising answers to these questions.\n\nAlong the way we'll scrape over 150 million images from online listings in Western and Eastern second hand markets, hack together an OCR cluster out of old iPhones, reverse engineer well-obfuscated Chinese apps, and converse with secretive underground groups of collectors.","updated_timestamp":{"seconds":1720307459,"nanoseconds":0},"speakers":[{"content_ids":[54491],"conference_id":133,"event_ids":[54864],"name":"Matthew \"mandatory\" Bryant","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Snapchat","title":"Red Team Lead"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@IAmMandatory)","sort_order":0,"url":"https://twitter.com/IAmMandatory"},{"description":"","title":"thehackerblog.com","sort_order":0,"url":"https://thehackerblog.com"}],"media":[],"id":54082,"title":"Red Team Lead at Snapchat"}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-06T23:10:59Z","links":[],"end":"2024-08-10T20:15:00.000-0000","id":54864,"tag_ids":[46166,46419,46879],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54082}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"System Management Mode (SMM) is one of the most powerful execution modes in the x86 architecture and code at this level is invisible to the Hypervisor and OS-level protections, including anti-cheat engines and anti-virus systems. While the BIOS ecosystem's complexity has led to a multitude of vulnerabilities in firmware over time, vendors are now making strides in delivering patches with greater speed and efficiency. Unfortunately, these efforts are not enough in the presence of a CPU vulnerability.\r\n\r\nWhen researching the AMD processor, our team noticed a flaw in one of the critical components required for securing SMM. This silicon-level issue appears to have remained undetected for nearly two decades.\r\n\r\nThis presentation starts by providing an introduction to SMM and the security mechanisms that the AMD processor provides to support it. Subsequently, it delves into the CPU design flaw and the complete methodology and engineering used to create a universal ring -2 privilege escalation exploit.\n\n\n","media":[],"title":"AMD Sinkclose: Universal Ring -2 Privilege Escalation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T20:15:00Z","end_timestamp":{"seconds":1723320900,"nanoseconds":0},"android_description":"System Management Mode (SMM) is one of the most powerful execution modes in the x86 architecture and code at this level is invisible to the Hypervisor and OS-level protections, including anti-cheat engines and anti-virus systems. While the BIOS ecosystem's complexity has led to a multitude of vulnerabilities in firmware over time, vendors are now making strides in delivering patches with greater speed and efficiency. Unfortunately, these efforts are not enough in the presence of a CPU vulnerability.\r\n\r\nWhen researching the AMD processor, our team noticed a flaw in one of the critical components required for securing SMM. This silicon-level issue appears to have remained undetected for nearly two decades.\r\n\r\nThis presentation starts by providing an introduction to SMM and the security mechanisms that the AMD processor provides to support it. Subsequently, it delves into the CPU design flaw and the complete methodology and engineering used to create a universal ring -2 privilege escalation exploit.","updated_timestamp":{"seconds":1721486966,"nanoseconds":0},"speakers":[{"content_ids":[54490],"conference_id":133,"event_ids":[54863],"name":"Enrique Nissim","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"IOActive","title":"Principal Security Consultant"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@kiqueNissim)","sort_order":0,"url":"https://twitter.com/kiqueNissim"}],"media":[],"id":54147,"title":"Principal Security Consultant at IOActive"},{"content_ids":[54490],"conference_id":133,"event_ids":[54863],"name":"Krzysztof Okupski","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"IOActive","title":"Associate Principal Security Consultant"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@exminium)","sort_order":0,"url":"https://twitter.com/exminium"}],"media":[],"id":54154,"title":"Associate Principal Security Consultant at IOActive"}],"begin_tsz":"2024-08-10T19:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T14:49:26Z","links":[],"end":"2024-08-10T20:15:00.000-0000","id":54863,"tag_ids":[46166,46169,46419,46437,46438,46880],"village_id":null,"begin_timestamp":{"seconds":1723318200,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54147},{"tag_id":46167,"sort_order":2,"person_id":54154}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-10T19:30:00.000-0000","updated":"2024-07-20T14:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"After working with over 400 companies on their application security programs the most common question I receive is “what’s next?”. They want to know how to mature their programs, and when they look at the maturity models available, they find them intimidating and so far beyond their current maturity level that they feel impossible. In this talk I will take you through 3 common AppSec program maturity levels I have encountered over the years, with practical and actionable next steps you could take immediately to improve your security posture.\n\n\n","media":[],"title":"Maturing Your Application Security Program","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:50:00Z","end_timestamp":{"seconds":1723319400,"nanoseconds":0},"android_description":"After working with over 400 companies on their application security programs the most common question I receive is “what’s next?”. They want to know how to mature their programs, and when they look at the maturity models available, they find them intimidating and so far beyond their current maturity level that they feel impossible. In this talk I will take you through 3 common AppSec program maturity levels I have encountered over the years, with practical and actionable next steps you could take immediately to improve your security posture.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55706],"conference_id":133,"event_ids":[56222],"name":"SheHacksPurple","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56088}],"begin_tsz":"2024-08-10T19:20:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T19:50:00.000-0000","id":56222,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723317600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56088}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T19:20:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Arizona Secretary of State Adrian Fontes has been educating election officials about the capabilities of current tools to create synthetic content: GenAI used to create text for advanced spear phish targeting election officials, cloned voices of election officials explaining to their real\r\ncounterparts how their voices could be weaponized to confuse staff and poll workers, lastly, high quality deepfakes of Secretary Fontes himself showing how easy it could be to use an elected official’s own likeness against them. This presentation will be a deep dive into how we predict GenAI attacks will be used during the 2024 General Election and will provide a framework for the audience, hardening them against\r\nwhat is coming.\n\n\n","media":[],"title":"Indivisible","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:15:00Z","end_timestamp":{"seconds":1723320900,"nanoseconds":0},"android_description":"Arizona Secretary of State Adrian Fontes has been educating election officials about the capabilities of current tools to create synthetic content: GenAI used to create text for advanced spear phish targeting election officials, cloned voices of election officials explaining to their real\r\ncounterparts how their voices could be weaponized to confuse staff and poll workers, lastly, high quality deepfakes of Secretary Fontes himself showing how easy it could be to use an elected official’s own likeness against them. This presentation will be a deep dive into how we predict GenAI attacks will be used during the 2024 General Election and will provide a framework for the audience, hardening them against\r\nwhat is coming.","updated_timestamp":{"seconds":1723237194,"nanoseconds":0},"speakers":[{"content_ids":[56196,56202],"conference_id":133,"event_ids":[56850,56856],"name":"Michael Moore","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Website","sort_order":0,"url":"https://azdirect.az.gov/secretary-state"}],"media":[],"id":56578}],"begin_tsz":"2024-08-10T19:15:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T20:59:54Z","links":[],"end":"2024-08-10T20:15:00.000-0000","id":56850,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723317300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56578}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T19:15:00.000-0000","updated":"2024-08-09T20:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Microsoft Entra Conditional Access sits at the forefront of organization's security boundaries. The ever-changing climate of conditional access continues to give administrators more and more security controls. The tradeoff of which is increased complexity when attempting to balance security and productivity. The more policies deployed in a tenant, the greater the chance for misconfigurations that create opportunities for exploitation. Whether you're a cloud administrator, security consultant, or adversary, the goal remains the same: to find the holes in conditional access.\n\nThis talk discusses lessons learned from real-life engagements and identifies multiple strategies for evaluating conditional access. Topics and tooling are explored that view conditional access from several different angles. First, understanding PowerShell and Graph API is vital when combing through policies, finding gaps in user, group, role, location, application, or device configuration. Second, simulation of logon criteria and reporting on authentication events helps to understand where policies fall short. Finally, creating a visual representation of each policy is helpful to better see policy details or build executive reports. Each of these provides an important piece of the puzzle when attempting to identify methods to bypass security controls. Audience members should expect to leave with an arsenal of new tools and techniques to continuously monitor conditional access for risk.\n\n\n","media":[],"title":"Finding Holes in Conditional Access Policies","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:40:00Z","end_timestamp":{"seconds":1723318800,"nanoseconds":0},"android_description":"Microsoft Entra Conditional Access sits at the forefront of organization's security boundaries. The ever-changing climate of conditional access continues to give administrators more and more security controls. The tradeoff of which is increased complexity when attempting to balance security and productivity. The more policies deployed in a tenant, the greater the chance for misconfigurations that create opportunities for exploitation. Whether you're a cloud administrator, security consultant, or adversary, the goal remains the same: to find the holes in conditional access.\n\nThis talk discusses lessons learned from real-life engagements and identifies multiple strategies for evaluating conditional access. Topics and tooling are explored that view conditional access from several different angles. First, understanding PowerShell and Graph API is vital when combing through policies, finding gaps in user, group, role, location, application, or device configuration. Second, simulation of logon criteria and reporting on authentication events helps to understand where policies fall short. Finally, creating a visual representation of each policy is helpful to better see policy details or build executive reports. Each of these provides an important piece of the puzzle when attempting to identify methods to bypass security controls. Audience members should expect to leave with an arsenal of new tools and techniques to continuously monitor conditional access for risk.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[54558,55492],"conference_id":133,"event_ids":[55921,54933],"name":"Brandon Colley","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Trimarc","title":"Senior Security Consultant"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@techBrandon)","sort_order":0,"url":"https://twitter.com/techBrandon"}],"media":[],"id":54256,"title":"Senior Security Consultant at Trimarc"}],"begin_tsz":"2024-08-10T19:15:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-10T19:40:00.000-0000","id":55921,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723317300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54256}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-10T19:15:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In an era of remote work and distributed IT environments, remote administration tools (RATs) and remote monitoring and management (RMM) tools have become indispensable for system administrators and managed service providers (MSPs). However, the same features that make these tools efficient also make them attractive targets for malicious actors. Advanced threat actors are increasingly leveraging legitimate RATs and RMMs to gain unauthorized access to networks, bypassing traditional security controls and evading detection.\n\n\n","media":[],"title":"Weaponized Convenience: Inside the Rise of Remote Tool Abuse","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"In an era of remote work and distributed IT environments, remote administration tools (RATs) and remote monitoring and management (RMM) tools have become indispensable for system administrators and managed service providers (MSPs). However, the same features that make these tools efficient also make them attractive targets for malicious actors. Advanced threat actors are increasingly leveraging legitimate RATs and RMMs to gain unauthorized access to networks, bypassing traditional security controls and evading detection.","updated_timestamp":{"seconds":1721495310,"nanoseconds":0},"speakers":[{"content_ids":[55200],"conference_id":133,"event_ids":[55590],"name":"Fernando Tomlinson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Mandiant / Google Cloud","title":"Forensics and Incident Response Technical Manager"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/fernando-tomlinson/"},{"description":"","title":"Twitter (@Wired_Pulse)","sort_order":0,"url":"https://x.com/Wired_Pulse"}],"media":[],"id":55801,"title":"Forensics and Incident Response Technical Manager at Mandiant / Google Cloud"},{"content_ids":[55200],"conference_id":133,"event_ids":[55590],"name":"Nader Zaveri","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Incident Response & Remediation Senior Manager"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/naderzaveri/"},{"description":"","title":"Twitter (@naderzaveri)","sort_order":0,"url":"https://x.com/naderzaveri"}],"media":[],"id":55808,"title":"Incident Response & Remediation Senior Manager"}],"begin_tsz":"2024-08-10T19:15:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T17:08:30Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":55590,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723317300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55808},{"tag_id":46167,"sort_order":4,"person_id":55801}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T19:15:00.000-0000","updated":"2024-07-20T17:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"DEF CON Groups Panel #1","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:05:00Z","end_timestamp":{"seconds":1723320300,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722641228,"nanoseconds":0},"speakers":[{"content_ids":[55688],"conference_id":133,"event_ids":[56211],"name":"xray","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56055},{"content_ids":[55688],"conference_id":133,"event_ids":[56211],"name":"ᗩᒪETᕼE","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56056},{"content_ids":[55688],"conference_id":133,"event_ids":[56211],"name":"overcast","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56057},{"content_ids":[55687,55688],"conference_id":133,"event_ids":[56210,56211],"name":"Abhishek S","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Flipkart","title":"Security Engineer"}],"links":[],"pronouns":null,"media":[],"id":56058,"title":"Security Engineer at Flipkart"},{"content_ids":[55688],"conference_id":133,"event_ids":[56211],"name":"TX","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56059}],"begin_tsz":"2024-08-10T19:05:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T23:27:08Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-10T20:05:00.000-0000","id":56211,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723316700,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56056},{"tag_id":46167,"sort_order":4,"person_id":56055},{"tag_id":46167,"sort_order":6,"person_id":56059},{"tag_id":46167,"sort_order":8,"person_id":56057},{"tag_id":46167,"sort_order":10,"person_id":56058}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-10T19:05:00.000-0000","updated":"2024-08-02T23:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"3D Printing My Way to Sanity: The Self-Funding Hobby That Changed Everything","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:45:00Z","end_timestamp":{"seconds":1723319100,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723225155,"nanoseconds":0},"speakers":[{"content_ids":[56211],"conference_id":133,"event_ids":[56865],"name":"Steve Dossey","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56598}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T17:39:15Z","links":[],"end":"2024-08-10T19:45:00.000-0000","id":56865,"tag_ids":[46409,46511],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56598}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W213-W214","hotel":"","short_name":"W213-W214","id":46286},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-08-09T17:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There’s no two ways about it: Kubernetes is a confusing and complex collection of intertwined systems. Finding attack paths in Kubernetes by hand is a frustrating, slow, and tedious process. Defending Kubernetes against those same attack paths is almost impossible without any third party tooling. In this workshop we will present KubeHound - an opinionated, scalable, offensive-minded Kubernetes attack graph tool used by security teams across Datadog. We will cover the custom KubeHound DSL to demonstrate its power to identify some of the most interesting and common attack primitives living in your Kubernetes cluster. If the DSL is not enough, we will cover the basics of Gremlin, the language used by our graph technology so you can find relevant attack paths that matter to you. As attackers (or defenders), there's nothing better to understand an attack than to exploit it oneself. So in this workshop we will cover some of the usual attack paths and exploit them.\n\n\n","media":[],"title":"Hands-on Kubernetes security with KubeHound (purple teaming)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"There’s no two ways about it: Kubernetes is a confusing and complex collection of intertwined systems. Finding attack paths in Kubernetes by hand is a frustrating, slow, and tedious process. Defending Kubernetes against those same attack paths is almost impossible without any third party tooling. In this workshop we will present KubeHound - an opinionated, scalable, offensive-minded Kubernetes attack graph tool used by security teams across Datadog. We will cover the custom KubeHound DSL to demonstrate its power to identify some of the most interesting and common attack primitives living in your Kubernetes cluster. If the DSL is not enough, we will cover the basics of Gremlin, the language used by our graph technology so you can find relevant attack paths that matter to you. As attackers (or defenders), there's nothing better to understand an attack than to exploit it oneself. So in this workshop we will cover some of the usual attack paths and exploit them.","updated_timestamp":{"seconds":1722715708,"nanoseconds":0},"speakers":[{"content_ids":[55990],"conference_id":133,"event_ids":[56612],"name":"Julien Terriac","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Adversary Simulation Engineering at Datadog","title":""}],"links":[],"pronouns":null,"media":[],"id":56327,"title":"Adversary Simulation Engineering at Datadog"}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T20:08:28Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":56612,"tag_ids":[46367,46734],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56327}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-08-03T20:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"LoRa is an exciting new technology renowned for its low cost and long range, making it popular for hackers and makers. In this workshop, you’ll learn to program a LoRa radio with CircuitPython to create long-range hacking tools and blinky prototypes which can communicate off-grid from over a mile away! The workshop will cover remotely triggered BadUSB devices, LED controllers, sensor monitors, and more! A computer with Google Chrome is required for this workshop.\n\n\n","media":[],"title":"LoRa for Hackers : Long Range Hacking for Beginners With CircuitPython","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"LoRa is an exciting new technology renowned for its low cost and long range, making it popular for hackers and makers. In this workshop, you’ll learn to program a LoRa radio with CircuitPython to create long-range hacking tools and blinky prototypes which can communicate off-grid from over a mile away! The workshop will cover remotely triggered BadUSB devices, LED controllers, sensor monitors, and more! A computer with Google Chrome is required for this workshop.","updated_timestamp":{"seconds":1722645221,"nanoseconds":0},"speakers":[{"content_ids":[55930,55931,55932,55933,55934,55935,55936,55937,55938,55939],"conference_id":133,"event_ids":[56521,56522,56523,56524,56525,56526,56527,56528,56529,56530],"name":"Kody K","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56287}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:41Z","links":[{"label":"Purchase/Pre-Register","type":"link","url":"https://retia.io/products/hackers-guide-to-lora-long-range-hacking-with-lora-and-circuitpython?"}],"end":"2024-08-10T21:00:00.000-0000","id":56526,"tag_ids":[46383,46429,46734],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56287}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us at Recon Village for an in-depth workshop on the OWASP Amass Project, a powerful open-source tool used for network mapping, attack surface analysis, and asset discovery. This workshop will delve into the exciting advancements in data collection capabilities within Amass, demonstrating how these enhancements have taken the project from a humble subdomain enumeration tool to an OSINT collection system. Participants will gain hands-on experience with new features, learn best practices for leveraging Amass, and explore the broader dataset of findings and associated assets. Whether you are a seasoned security professional or new to network reconnaissance, this session will provide valuable insights and practical skills to elevate your reconnaissance game.\n\nWorkshop Outline\n\nIntroduction (15 minutes)\n- Welcome and speaker introductions\n- Overview of OWASP Amass\n - Brief history and evolution\n - Core functionalities and typical use cases\n- Workshop objectives and agenda\n\nUnderstanding Amass's Data Collection Capabilities (15 minutes)\n- Current data sources utilized by Amass\n - Public data sources\n - OSINT (Open Source Intelligence) integration\n - Third-party APIs\n- Introduction to new data collection features\n - Enhanced API integrations\n - Proprietary data sources\n\nHands-On with New Data Collection Features (30 minutes)\n- Setting up Amass for expanded data collection\n - Installation and configuration\n - API key management and integration\n- Practical demonstration\n - Running Amass with new data sources\n - Interpreting results\n - Case study: Real-world scenarios and outcomes\n\nAnalyzing and Utilizing Recon Data (30 minutes)\n- Attack surface mapping is more than internet infrastructure\n- Introduction to the Open Asset Model (OAM)\n- Collecting email addresses with Amass\n- OAM types to be supported by the project\n- The Future of Mapping attack surfaces\n\n\nQ&A Session (20 minutes)\n\nConclusion (10 minutes)\n- Recap of key takeaways\n- Additional resources and further learning\n- Closing remarks and feedback session\n\n---\n\nPreparation Requirements:**\n- Participants are encouraged to bring laptops with pre-installed OWASP Amass.\n- API keys for various data sources (details to be provided prior to the workshop).\n\nTarget Audience:**\n- Security researchers and professionals\n- Penetration testers\n- Network administrators\n- Anyone interested in improving their reconnaissance skills and knowledge\n\nThis workshop promises to be an engaging and educational experience, equipping attendees with the latest techniques and tools to enhance their security reconnaissance capabilities using OWASP Amass.\n\n\n","media":[],"title":"OWASP Amass Expanding Data Horizons: Amassing More Than Subdomains","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"Join us at Recon Village for an in-depth workshop on the OWASP Amass Project, a powerful open-source tool used for network mapping, attack surface analysis, and asset discovery. This workshop will delve into the exciting advancements in data collection capabilities within Amass, demonstrating how these enhancements have taken the project from a humble subdomain enumeration tool to an OSINT collection system. Participants will gain hands-on experience with new features, learn best practices for leveraging Amass, and explore the broader dataset of findings and associated assets. Whether you are a seasoned security professional or new to network reconnaissance, this session will provide valuable insights and practical skills to elevate your reconnaissance game.\n\nWorkshop Outline\n\nIntroduction (15 minutes)\n- Welcome and speaker introductions\n- Overview of OWASP Amass\n - Brief history and evolution\n - Core functionalities and typical use cases\n- Workshop objectives and agenda\n\nUnderstanding Amass's Data Collection Capabilities (15 minutes)\n- Current data sources utilized by Amass\n - Public data sources\n - OSINT (Open Source Intelligence) integration\n - Third-party APIs\n- Introduction to new data collection features\n - Enhanced API integrations\n - Proprietary data sources\n\nHands-On with New Data Collection Features (30 minutes)\n- Setting up Amass for expanded data collection\n - Installation and configuration\n - API key management and integration\n- Practical demonstration\n - Running Amass with new data sources\n - Interpreting results\n - Case study: Real-world scenarios and outcomes\n\nAnalyzing and Utilizing Recon Data (30 minutes)\n- Attack surface mapping is more than internet infrastructure\n- Introduction to the Open Asset Model (OAM)\n- Collecting email addresses with Amass\n- OAM types to be supported by the project\n- The Future of Mapping attack surfaces\n\n\nQ&A Session (20 minutes)\n\nConclusion (10 minutes)\n- Recap of key takeaways\n- Additional resources and further learning\n- Closing remarks and feedback session\n\n---\n\nPreparation Requirements:**\n- Participants are encouraged to bring laptops with pre-installed OWASP Amass.\n- API keys for various data sources (details to be provided prior to the workshop).\n\nTarget Audience:**\n- Security researchers and professionals\n- Penetration testers\n- Network administrators\n- Anyone interested in improving their reconnaissance skills and knowledge\n\nThis workshop promises to be an engaging and educational experience, equipping attendees with the latest techniques and tools to enhance their security reconnaissance capabilities using OWASP Amass.","updated_timestamp":{"seconds":1722633249,"nanoseconds":0},"speakers":[{"content_ids":[55307,55913],"conference_id":133,"event_ids":[55697,56500],"name":"Jeff Foley","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@jeff_foley)","sort_order":0,"url":"https://twitter.com/jeff_foley"}],"media":[],"id":55859}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T21:14:09Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":56500,"tag_ids":[46391,46734],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55859}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is an AMA/Podcast that will be recorded on-site.\n\n\n","media":[],"title":"Interview - Daniel Miessler, Hosted by Ankur","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"This is an AMA/Podcast that will be recorded on-site.","updated_timestamp":{"seconds":1722633249,"nanoseconds":0},"speakers":[{"content_ids":[55912],"conference_id":133,"event_ids":[56499],"name":"Daniel Miessler","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56271},{"content_ids":[55912],"conference_id":133,"event_ids":[56499],"name":"Ankur","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56272}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T21:14:09Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":56499,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56271},{"tag_id":46167,"sort_order":4,"person_id":56272}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Much is said about QKD and its benefits and drawbacks. Even more is said about how it is, and we quote, ‘UNHACKABLE’!! We know that it is definitely susceptible to hacks, and want to invite all hackers to an open session where we will discuss attacks against QKD, both classical and quantum, and as a group start constructing a threat model that describes this technology. We will all benefit when more of us understand the real details and contexts about it! HAQ THE PLANET!\n\n\n","media":[],"title":"Threat Modelling QKD","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Much is said about QKD and its benefits and drawbacks. Even more is said about how it is, and we quote, ‘UNHACKABLE’!! We know that it is definitely susceptible to hacks, and want to invite all hackers to an open session where we will discuss attacks against QKD, both classical and quantum, and as a group start constructing a threat model that describes this technology. We will all benefit when more of us understand the real details and contexts about it! HAQ THE PLANET!","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":56438,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Drones, also known as unmanned aerial vehicles (UAVs), are becoming increasingly popular for various applications, from delivery and surveillance to emergency response and military support. While traditionally controlled by dedicated remote controllers (ground control stations), Android is emerging as a powerful platform for drone development and operation. For example, some drone manufacturers, like DJI, have developed their own custom Android-based operating systems (OS) for their drones. Open-source Android-based flight control software like QGroundControl and Mission Planner are also available, allowing developers to build custom drone control applications. With the growing reliance on Android within the drone market, the necessity to understand the landscape of Android-based vulnerabilities and exposure has become more important than ever before, especially to ensure secure, safe, and reliable drone operations.\n\n\n","media":[],"title":"Secure the Skies: A Modern Android Security Research Framework for Drone Ground Control Stations and Applications","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Drones, also known as unmanned aerial vehicles (UAVs), are becoming increasingly popular for various applications, from delivery and surveillance to emergency response and military support. While traditionally controlled by dedicated remote controllers (ground control stations), Android is emerging as a powerful platform for drone development and operation. For example, some drone manufacturers, like DJI, have developed their own custom Android-based operating systems (OS) for their drones. Open-source Android-based flight control software like QGroundControl and Mission Planner are also available, allowing developers to build custom drone control applications. With the growing reliance on Android within the drone market, the necessity to understand the landscape of Android-based vulnerabilities and exposure has become more important than ever before, especially to ensure secure, safe, and reliable drone operations.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55835],"conference_id":133,"event_ids":[56385],"name":"Jonathan Waterman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56196}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":56385,"tag_ids":[46366,46734],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56196}],"tags":"","conference_id":133,"location":{"parent_id":46259,"name":"LVCC - L1 - HW2-07-02 (Aerospace) - Workshops","hotel":"","short_name":"Workshops","id":46476},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Beverage Chilling Contraption Contest has been un-canceled! After a fantastic afternoon of day drinking celebrating the start of the 20th BCCC we've run out of beer. It's a disaster, a catastrophe! Fortunately, we had the wherewithal to scramble a crack beverage acquisition team to the streets of Las Vegas and found more! Don't ask where. Unfortunately, like the streets of Las Vegas, it's HOT and kinda sticky. We need you to help us fix this and get that beer as cold as the barren wasteland that is our generation's dreams of home ownership!\n\n\n","media":[],"title":"Beverage Chilling Contraption Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The Beverage Chilling Contraption Contest has been un-canceled! After a fantastic afternoon of day drinking celebrating the start of the 20th BCCC we've run out of beer. It's a disaster, a catastrophe! Fortunately, we had the wherewithal to scramble a crack beverage acquisition team to the streets of Las Vegas and found more! Don't ask where. Unfortunately, like the streets of Las Vegas, it's HOT and kinda sticky. We need you to help us fix this and get that beer as cold as the barren wasteland that is our generation's dreams of home ownership!","updated_timestamp":{"seconds":1722311147,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:45:47Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249412"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249413"}],"end":"2024-08-11T01:00:00.000-0000","id":56061,"tag_ids":[46427,46439,46753],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-B","hotel":"","short_name":"HW4-01-04-B","id":46277},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-30T03:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Have you ever wanted to break out of handcuffs, pick open a closed bag and shoot your buddy in the chest with a nerf gun? So have we, that's why TOOOL presents the Dozer Drill. A fast paced skill based game where you have to free yourself from handcuffs, open a closed bag, and retrieve the nerf gun to be the first to hit the target. Join us on Friday for qualifiers, through the con for unofficial games, and on Saturday for an official bracket tournament.\n\n\n","media":[],"title":"Dozier Drill Tournament","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"Have you ever wanted to break out of handcuffs, pick open a closed bag and shoot your buddy in the chest with a nerf gun? So have we, that's why TOOOL presents the Dozer Drill. A fast paced skill based game where you have to free yourself from handcuffs, open a closed bag, and retrieve the nerf gun to be the first to hit the target. Join us on Friday for qualifiers, through the con for unofficial games, and on Saturday for an official bracket tournament.","updated_timestamp":{"seconds":1722209286,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T23:28:06Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":55933,"tag_ids":[46384,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03-A","hotel":"","short_name":"HW2-07-03-A","id":46383},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-28T23:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Bring your instruments, synths, and self for an open jam session\n\n\n","media":[],"title":"HDA Presents the open Synth Jam Session","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Bring your instruments, synths, and self for an open jam session","updated_timestamp":{"seconds":1722102603,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T17:50:03Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":55828,"tag_ids":[46404,46641],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46251,"name":"LVCC - L1 - W110 (HDA)","hotel":"","short_name":"W110 (HDA)","id":46280},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-27T17:50:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Austin School For The Driven","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1721785134,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T01:38:54Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":55760,"tag_ids":[46398,46641],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-24T01:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Defending a vessel's IT and OT systems while underway can be a matter of life and death. Cliff, Brad, and Phil present a framework for developing 24/7 network and security operations for vessels, addressing such technical topics as limited bandwidth/latency, detection and response, pre-planned actions, and an underway readiness dashboard. We will address technical and risk-management strategies for a SOC and NOC, including how we use a lab environment to simulate security operations for vessels underway.\n\n\n","media":[],"title":"Don't Give Up The Ship! Maritime SOC/NOC Afloat","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Defending a vessel's IT and OT systems while underway can be a matter of life and death. Cliff, Brad, and Phil present a framework for developing 24/7 network and security operations for vessels, addressing such technical topics as limited bandwidth/latency, detection and response, pre-planned actions, and an underway readiness dashboard. We will address technical and risk-management strategies for a SOC and NOC, including how we use a lab environment to simulate security operations for vessels underway.","updated_timestamp":{"seconds":1721781706,"nanoseconds":0},"speakers":[{"content_ids":[55351],"conference_id":133,"event_ids":[55743],"name":"Brad Proctor","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55949},{"content_ids":[55351],"conference_id":133,"event_ids":[55743],"name":"Cliff Neve","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MAD Security","title":"Vice President of Maritime Cybersecurity"}],"links":[],"pronouns":null,"media":[],"id":55950,"title":"Vice President of Maritime Cybersecurity at MAD Security"},{"content_ids":[55351],"conference_id":133,"event_ids":[55743],"name":"Philip Acosta","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GuROO LLC","title":"Founder and CEO"}],"links":[],"pronouns":null,"media":[],"id":55963,"title":"Founder and CEO at GuROO LLC"}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T00:41:46Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":55743,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55963},{"tag_id":46167,"sort_order":4,"person_id":55950},{"tag_id":46167,"sort_order":6,"person_id":55949}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-24T00:41:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"DC NextGen / Youth Challenge Area at Red Team Village","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1721595757,"nanoseconds":0},"speakers":[{"content_ids":[55273],"conference_id":133,"event_ids":[55663,55712,55713],"name":"RTV Staff","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@redteamvillage_)","sort_order":0,"url":"https://twitter.com/redteamvillage_"}],"media":[],"id":55852}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T21:02:37Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":55712,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55852}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Ascension","hotel":"","short_name":"Ascension","id":46504},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-21T21:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We all heard this story before - a critical vulnerability is discovered in a VPN server. It's exploited in the wild. Administrators rush to patch. Panic spreads across Twitter. \n\nAttackers have long sought to exploit VPN servers - they are accessible from the internet, expose a rich attack surface, and often lack in security and monitoring. Historically, VPNs were primarily abused to achieve a single objective: gaining entry into internal victim networks. While this is evidently very valuable, control over a VPN server shouldn't solely be seen as a gateway to the network, and can certainly be abused in various other ways.\n\nIn this talk, we will explore VPN post-exploitation - a new approach that consists of different techniques attackers can employ on the compromised VPN server to further progress their intrusion. To demonstrate this concept, we will inspect two of the most common VPN servers on the market - Ivanti Connect Secure and Fortigate, and show how an attacker with control over them can collect user credentials, move laterally, and maintain persistent access to the network.\n\nWe will conclude by detailing best practices and principles that should be followed by security teams when using VPN servers to reduce the risk from post-exploitation techniques.\n\n\n","media":[],"title":"Tunnel Vision: Exploring VPN Post-Exploitation Techniques","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T19:50:00Z","end_timestamp":{"seconds":1723319400,"nanoseconds":0},"android_description":"We all heard this story before - a critical vulnerability is discovered in a VPN server. It's exploited in the wild. Administrators rush to patch. Panic spreads across Twitter. \n\nAttackers have long sought to exploit VPN servers - they are accessible from the internet, expose a rich attack surface, and often lack in security and monitoring. Historically, VPNs were primarily abused to achieve a single objective: gaining entry into internal victim networks. While this is evidently very valuable, control over a VPN server shouldn't solely be seen as a gateway to the network, and can certainly be abused in various other ways.\n\nIn this talk, we will explore VPN post-exploitation - a new approach that consists of different techniques attackers can employ on the compromised VPN server to further progress their intrusion. To demonstrate this concept, we will inspect two of the most common VPN servers on the market - Ivanti Connect Secure and Fortigate, and show how an attacker with control over them can collect user credentials, move laterally, and maintain persistent access to the network.\n\nWe will conclude by detailing best practices and principles that should be followed by security teams when using VPN servers to reduce the risk from post-exploitation techniques.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55298],"conference_id":133,"event_ids":[55688],"name":"Ori David","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@oridavid123)","sort_order":0,"url":"https://twitter.com/oridavid123"}],"media":[],"id":55849}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T19:50:00.000-0000","id":55688,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55849}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Since we were children we wanted to go to the arcade and play for hours and hours for free. How about we do it now? In this talk I’m gonna show you some vulnerabilities that I discovered in the cashless system of one of the biggest companies in the world, with over 2,300 installations across 70 countries, from arcades in Brazil, amusement parks in the United Arab Emirates to a famous roller coaster in Las Vegas. We will talk about API security, access control and NFC among other things.\r\n\r\n## Description\r\n\r\nThe talk is divided into 10(+1) stages. Starting at Stage 0, I will relate the origin of the idea during H2HC Brazil in 2023. Initially, the proposal was an arcade in Brazil with a debit card system.\r\n\r\nIn Stage 1, I will present the company, the NFC card, an application to charge money and check our data, but without exploitable vulnerabilities due to the use of middleware.\r\n\r\nIn the next stage, the focus shifts to the company responsible for the debit card system. This Argentine company dominates the market, with more than 2300 installations in 70 countries, ranging from arcades to a famous roller coaster in Las Vegas. During the investigation, the /api endpoint on the server was identified, filtering out endpoints that did not return 404 or 200. DNS enumeration and the use of Shodan revealed an outdated info.php, as well as other servers with open ports and versions with vulnerabilities. Documentation was also found in /api/v2 without the necessary credentials.\r\n\r\nIn Stage 3, the IDOR and Broken Authentication vulnerabilities will be explained. Then I will present endpoints in the system that allow us to exploit these vulnerabilities and obtain card information and personal customer data.\r\n\r\nThen, it will be revealed that the company provides a mobile application. When decompiling some applications, keys and API endpoints were discovered. All APKs were similar, differing only in keys and endpoints. Now, with these credentials we have the ability to recharge credit to our debit card.\r\n\r\nIn Stage 5, we will explain the Account Takeover attack and how to execute it on the system via API. Also I’ll explain Race Condition found in the API.\r\n\r\nIn the next scenario, a server found in Shodan: The online event booking system. Confidential information was found here, such as all Argentinean invoices, logs and extra company information, obtained by script written by me.\r\n\r\nA reservation management portal was also identified with a Broken Access Control vulnerability, allowing us to view and modify all reservations, including modifying prices. It is important to note that all of these vulnerabilities affect ALL of the company's customers.\r\n\r\nAs we near the end, other servers will be quickly highlighted, such as the company's public Zendesk, allowing user creation and access to useful information. A U.S. case will be presented where a go-karting facility uses this system, allowing access to all monitors. Other examples include an amusement park company in Spain providing links to their park management consoles, and similar findings in Chile, Ecuador and Phoenix.\r\n\r\nThe last scenario will explain the NFC system, focusing on card reading and manipulation due to lack of security. Some attacks, such as changing the ID and referencing another card, will be shown. I’m also going to show the “feature” of emulating the card with the NFC of android phones, thus being able to emulate any card.\r\n\r\nThe idea of the talk is to demonstrate that even in 2024 there are significant systems with many users and with \"basic\" vulnerabilities known for years. Also I would like to encourage new generations to do ethical hacking and help generate a good relationship between hackers and companies. Computer security education and training are crucial to prevent attacks and protect our digital assets.\r\n\r\n## Outline\r\n\r\n- Stage 0\r\n - Introduction\r\n- Stage 1\r\n - About Brazilian arcade and cashless system\r\n - NFC Card\r\n - Website to charge money and view data\r\n- Stage 2\r\n - Company who provide the system\r\n - More than 2300 installations across 70 countries\r\n - Api endpoints\r\n- Stage 3\r\n - IDOR and Broken Authentication\r\n - A lot of user and cards data\r\n - Not just arcades. Roller coaster Vegas. Clients around the world\r\n- Stage 4\r\n - Mobile app for all the customers\r\n - Keys and endpoints in plain text (DEMO)\r\n - Endpoint to recharge credits\r\n- Stage 5\r\n - Account Takeover (DEMO)\r\n - Race Condition (DEMO)\r\n- Stage 6\r\n - Online Party Booking\r\n - A lot of confidential information\r\n - Script to get data (DEMO)\r\n- Stage 7: Booking Management portal\r\n - Broken Access Control\r\n - List and modify all the bookings\r\n- Stage 8: Side servers\r\n - Public zendesk with data\r\n - Go-karting in U.S.\r\n - Amusement park in Spain\r\n - Chile, Ecuador, Phoenix\r\n- Stage 9: NFC\r\n - Brazilian card\r\n - Leak security\r\n - Android NFC\r\n- Stage 10\r\n - A lot of customers in the U.S.\r\n - Conclusions\r\n - QA\r\n\n\n\n","media":[],"title":"Insert coin: Hacking arcades for fun","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T19:50:00Z","end_timestamp":{"seconds":1723319400,"nanoseconds":0},"android_description":"Since we were children we wanted to go to the arcade and play for hours and hours for free. How about we do it now? In this talk I’m gonna show you some vulnerabilities that I discovered in the cashless system of one of the biggest companies in the world, with over 2,300 installations across 70 countries, from arcades in Brazil, amusement parks in the United Arab Emirates to a famous roller coaster in Las Vegas. We will talk about API security, access control and NFC among other things.\r\n\r\n## Description\r\n\r\nThe talk is divided into 10(+1) stages. Starting at Stage 0, I will relate the origin of the idea during H2HC Brazil in 2023. Initially, the proposal was an arcade in Brazil with a debit card system.\r\n\r\nIn Stage 1, I will present the company, the NFC card, an application to charge money and check our data, but without exploitable vulnerabilities due to the use of middleware.\r\n\r\nIn the next stage, the focus shifts to the company responsible for the debit card system. This Argentine company dominates the market, with more than 2300 installations in 70 countries, ranging from arcades to a famous roller coaster in Las Vegas. During the investigation, the /api endpoint on the server was identified, filtering out endpoints that did not return 404 or 200. DNS enumeration and the use of Shodan revealed an outdated info.php, as well as other servers with open ports and versions with vulnerabilities. Documentation was also found in /api/v2 without the necessary credentials.\r\n\r\nIn Stage 3, the IDOR and Broken Authentication vulnerabilities will be explained. Then I will present endpoints in the system that allow us to exploit these vulnerabilities and obtain card information and personal customer data.\r\n\r\nThen, it will be revealed that the company provides a mobile application. When decompiling some applications, keys and API endpoints were discovered. All APKs were similar, differing only in keys and endpoints. Now, with these credentials we have the ability to recharge credit to our debit card.\r\n\r\nIn Stage 5, we will explain the Account Takeover attack and how to execute it on the system via API. Also I’ll explain Race Condition found in the API.\r\n\r\nIn the next scenario, a server found in Shodan: The online event booking system. Confidential information was found here, such as all Argentinean invoices, logs and extra company information, obtained by script written by me.\r\n\r\nA reservation management portal was also identified with a Broken Access Control vulnerability, allowing us to view and modify all reservations, including modifying prices. It is important to note that all of these vulnerabilities affect ALL of the company's customers.\r\n\r\nAs we near the end, other servers will be quickly highlighted, such as the company's public Zendesk, allowing user creation and access to useful information. A U.S. case will be presented where a go-karting facility uses this system, allowing access to all monitors. Other examples include an amusement park company in Spain providing links to their park management consoles, and similar findings in Chile, Ecuador and Phoenix.\r\n\r\nThe last scenario will explain the NFC system, focusing on card reading and manipulation due to lack of security. Some attacks, such as changing the ID and referencing another card, will be shown. I’m also going to show the “feature” of emulating the card with the NFC of android phones, thus being able to emulate any card.\r\n\r\nThe idea of the talk is to demonstrate that even in 2024 there are significant systems with many users and with \"basic\" vulnerabilities known for years. Also I would like to encourage new generations to do ethical hacking and help generate a good relationship between hackers and companies. Computer security education and training are crucial to prevent attacks and protect our digital assets.\r\n\r\n## Outline\r\n\r\n- Stage 0\r\n - Introduction\r\n- Stage 1\r\n - About Brazilian arcade and cashless system\r\n - NFC Card\r\n - Website to charge money and view data\r\n- Stage 2\r\n - Company who provide the system\r\n - More than 2300 installations across 70 countries\r\n - Api endpoints\r\n- Stage 3\r\n - IDOR and Broken Authentication\r\n - A lot of user and cards data\r\n - Not just arcades. Roller coaster Vegas. Clients around the world\r\n- Stage 4\r\n - Mobile app for all the customers\r\n - Keys and endpoints in plain text (DEMO)\r\n - Endpoint to recharge credits\r\n- Stage 5\r\n - Account Takeover (DEMO)\r\n - Race Condition (DEMO)\r\n- Stage 6\r\n - Online Party Booking\r\n - A lot of confidential information\r\n - Script to get data (DEMO)\r\n- Stage 7: Booking Management portal\r\n - Broken Access Control\r\n - List and modify all the bookings\r\n- Stage 8: Side servers\r\n - Public zendesk with data\r\n - Go-karting in U.S.\r\n - Amusement park in Spain\r\n - Chile, Ecuador, Phoenix\r\n- Stage 9: NFC\r\n - Brazilian card\r\n - Leak security\r\n - Android NFC\r\n- Stage 10\r\n - A lot of customers in the U.S.\r\n - Conclusions\r\n - QA","updated_timestamp":{"seconds":1721593585,"nanoseconds":0},"speakers":[{"content_ids":[55297,55959],"conference_id":133,"event_ids":[56575,55687],"name":"Ignacio Daniel Navarro","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Appication security / Ethical hacker"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ignavarro1/?locale=en_US"},{"description":"","title":"Twitter (@IgNavarro1)","sort_order":0,"url":"https://twitter.com/IgNavarro1"}],"media":[],"id":55850,"title":"Appication security / Ethical hacker"}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T20:26:25Z","links":[],"end":"2024-08-10T19:50:00.000-0000","id":55687,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55850}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-21T20:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Everyone else is doing automated testing - why aren't red teamers? Be confident your payload will execute, regardless of the options you picked, by integrating shellidate into your continuous integration pipelines!\n\n\n","media":[],"title":"Developing Better Payloads with Automated Testing","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T19:50:00Z","end_timestamp":{"seconds":1723319400,"nanoseconds":0},"android_description":"Everyone else is doing automated testing - why aren't red teamers? Be confident your payload will execute, regardless of the options you picked, by integrating shellidate into your continuous integration pipelines!","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55296],"conference_id":133,"event_ids":[55686],"name":"Nick McClendon","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@kuilinacs)","sort_order":0,"url":"https://twitter.com/kuilinacs"}],"media":[],"id":55851}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T19:50:00.000-0000","id":55686,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55851}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Extended Reality (XR) technologies offer tremendous new possibilities for socializing, entertainment, training, and more. Unfortunately, many disabled users find themselves excluded from XR entirely or exposed to severe privacy risks for using it. In this talk, Dylan Fox, Director of Operations for the XR Access Initiative at Cornell Tech, will discuss the core challenges disabled people face in using XR, the tensions between privacy and assistive capabilities, and the open-source efforts happening now to ensure XR is accessible to everyone.\n\n\n","media":[],"title":"XR for All: Accessibility and Privacy for Disabled Users","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:30:00Z","end_timestamp":{"seconds":1723318200,"nanoseconds":0},"android_description":"Extended Reality (XR) technologies offer tremendous new possibilities for socializing, entertainment, training, and more. Unfortunately, many disabled users find themselves excluded from XR entirely or exposed to severe privacy risks for using it. In this talk, Dylan Fox, Director of Operations for the XR Access Initiative at Cornell Tech, will discuss the core challenges disabled people face in using XR, the tensions between privacy and assistive capabilities, and the open-source efforts happening now to ensure XR is accessible to everyone.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54605],"conference_id":133,"event_ids":[54979],"name":"Dylan Fox","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cornell Tech","title":"Director of Operations, XR Access Initiative"}],"pronouns":null,"links":[{"description":"","title":"Website","sort_order":0,"url":"http://drfoxdesign.com/"}],"media":[],"id":54352,"title":"Director of Operations, XR Access Initiative at Cornell Tech"}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T19:30:00.000-0000","id":54979,"tag_ids":[46397,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54352}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This presentation will be a combination of history lesson, technical introduction, and some demonstration. The target audience are those who may never had a chance to experience early microcomputers but want to get an introduction to the world of “retro computing.\r\n\r\nToday everyone's laptop or smartphone either run an Intel, AMD, or ARM processor. And most probably can't tell you exactly what they have or know any details of them. It’s all a black box to most. But back in the 70s and 80s, computer hobbyists & hackers knew they had a Z80, 6502, 6809, 68000 or other processor, and often knew the details and could and did program them in assembly. But while the industry has moved past the Apple II, Atari 400/800/XL/XE, Commodore 64 et al, there are still many who continue to use and enjoy these computers. Even to build and create new and exciting items for them as well as brand new systems using this old tech.\r\n\r\nIn this presentation, we will delve into microprocessor history of the 8-bit and early 16-bit systems, with a particular focus on the MOS 6502, one of the most popular microprocessors. We will touch a little on the systems that used the 6502, and take a quick look into how to program the 6502, even showing a couple of 6502-based systems. Importantly for many, we will delve into some of the resources available for those wishing to enter this world also.\n\n\n","media":[],"title":"The wild and wonderful world of early Microprocessors (with a focus on the 6502)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"This presentation will be a combination of history lesson, technical introduction, and some demonstration. The target audience are those who may never had a chance to experience early microcomputers but want to get an introduction to the world of “retro computing.\r\n\r\nToday everyone's laptop or smartphone either run an Intel, AMD, or ARM processor. And most probably can't tell you exactly what they have or know any details of them. It’s all a black box to most. But back in the 70s and 80s, computer hobbyists & hackers knew they had a Z80, 6502, 6809, 68000 or other processor, and often knew the details and could and did program them in assembly. But while the industry has moved past the Apple II, Atari 400/800/XL/XE, Commodore 64 et al, there are still many who continue to use and enjoy these computers. Even to build and create new and exciting items for them as well as brand new systems using this old tech.\r\n\r\nIn this presentation, we will delve into microprocessor history of the 8-bit and early 16-bit systems, with a particular focus on the MOS 6502, one of the most popular microprocessors. We will touch a little on the systems that used the 6502, and take a quick look into how to program the 6502, even showing a couple of 6502-based systems. Importantly for many, we will delve into some of the resources available for those wishing to enter this world also.","updated_timestamp":{"seconds":1721176990,"nanoseconds":0},"speakers":[{"content_ids":[54604],"conference_id":133,"event_ids":[54978],"name":"Michael Brown","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"FRG Systems","title":"Security and Compliance Director"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@emb021)","sort_order":0,"url":"https://twitter.com/emb021"}],"media":[],"id":54303,"title":"Security and Compliance Director at FRG Systems"}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-17T00:43:10Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":54978,"tag_ids":[46169,46381,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54303}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-17T00:43:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Fresh from his DEFCON 31 marsec village talk, 'I am the Captain now', Paul has another year's experience at sea from which to share stories of taking control of vessels.\r\n\r\nAs it's timely, he will look at why the MV Dali incident wasn't a hack, dispelling ill-informed opinions from the wave of armchair experts that suddenly emerged, but more interestingly, ways that it so easily could have been a cyber event.\r\n\r\nFinally, maritime cyber regulation is starting to catch up, but so many operators and technology providers are likely to be caught out by IACS UR E26 & 27\n\n\n","media":[],"title":"I am still the Captain now!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:30:00Z","end_timestamp":{"seconds":1723318200,"nanoseconds":0},"android_description":"Fresh from his DEFCON 31 marsec village talk, 'I am the Captain now', Paul has another year's experience at sea from which to share stories of taking control of vessels.\r\n\r\nAs it's timely, he will look at why the MV Dali incident wasn't a hack, dispelling ill-informed opinions from the wave of armchair experts that suddenly emerged, but more interestingly, ways that it so easily could have been a cyber event.\r\n\r\nFinally, maritime cyber regulation is starting to catch up, but so many operators and technology providers are likely to be caught out by IACS UR E26 & 27","updated_timestamp":{"seconds":1720396209,"nanoseconds":0},"speakers":[{"content_ids":[54603],"conference_id":133,"event_ids":[54977],"name":"Paul Brownridge","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54330}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T23:50:09Z","links":[],"end":"2024-08-10T19:30:00.000-0000","id":54977,"tag_ids":[46169,46382,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54330}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-07T23:50:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"reversing can feel uber powerful... like you hold God's honest truth within your hands... most humans don't understand what you can see and comprehend.\r\n\r\nuntil someone tries to hide the truth from you... limit your knowledge... keep you from your glorious purpose!\r\n\r\nobfuscated code can be a real downer.\r\n\r\nthis talk focuses on the story of how i took on an interesting obfuscated target (an automotive modder's tool with ability to flash firmware and tweak engines), in fun and exciting ways.\r\n\r\nwe'll discuss several problems with obfuscated code, an approach i took (and tooling), playing in the guts of machine code, and customizations to binary analysis tools that came out of the journey...\r\n\r\nthere will be much hex, disassembly, green on black, total carnage.\r\n\r\nyou will walk away with powerful ideas and new tools to help you in your pursuit of truth. you will be entertained, enriched, educated, and hopefully inspired. instead of thinking that \"atlas is smart\" my goal is you feeling, and being, more powerful.\r\n\r\ncome with Vivisect installed to follow along!\r\n\r\n- [link](https://github.com/vivisect/vivisect)\r\n- [link](https://github.com/atlas0fd00m/vivisect)\r\n- [link](https://github.com/atlas0fd00m/VivisectION)\r\n- [link](https://vivisect.readthedocs.io/)\r\n\n\n\n","media":[],"title":"automobiles, alcohol, blood, sweat, and creative reversing of an obfuscated Car-Modding tool","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T19:45:00Z","end_timestamp":{"seconds":1723319100,"nanoseconds":0},"android_description":"reversing can feel uber powerful... like you hold God's honest truth within your hands... most humans don't understand what you can see and comprehend.\r\n\r\nuntil someone tries to hide the truth from you... limit your knowledge... keep you from your glorious purpose!\r\n\r\nobfuscated code can be a real downer.\r\n\r\nthis talk focuses on the story of how i took on an interesting obfuscated target (an automotive modder's tool with ability to flash firmware and tweak engines), in fun and exciting ways.\r\n\r\nwe'll discuss several problems with obfuscated code, an approach i took (and tooling), playing in the guts of machine code, and customizations to binary analysis tools that came out of the journey...\r\n\r\nthere will be much hex, disassembly, green on black, total carnage.\r\n\r\nyou will walk away with powerful ideas and new tools to help you in your pursuit of truth. you will be entertained, enriched, educated, and hopefully inspired. instead of thinking that \"atlas is smart\" my goal is you feeling, and being, more powerful.\r\n\r\ncome with Vivisect installed to follow along!\r\n\r\n- [link](https://github.com/vivisect/vivisect)\r\n- [link](https://github.com/atlas0fd00m/vivisect)\r\n- [link](https://github.com/atlas0fd00m/VivisectION)\r\n- [link](https://vivisect.readthedocs.io/)","updated_timestamp":{"seconds":1720463810,"nanoseconds":0},"speakers":[{"content_ids":[54527],"conference_id":133,"event_ids":[54900],"name":"atlas","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Twitter (@at1as)","sort_order":0,"url":"https://twitter.com/at1as"}],"media":[],"id":54140}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:36:50Z","links":[],"end":"2024-08-10T19:45:00.000-0000","id":54900,"tag_ids":[46166,46169,46419,46438,46882],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54140}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-08T18:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"GitHub Actions is quickly becoming the de facto CI/CD provider for open-source projects, startups, and enterprises. At the same time, GitHub’s security model is full of insecure defaults. This makes it easy for their customers to expose themselves to critical attacks from the public internet. The end result? A systemic vulnerability class that won’t go away.\r\n\r\nDuring our research, we identified GitHub Actions misconfigurations at scale that would allow threat actors to backdoor major open-source projects. An example of this is our attack on PyTorch, a prominent ML framework used by companies and researchers around the world.\r\n\r\nThrough this attack, we could contribute code directly to the main branch of the PyTorch repository, upload malicious releases, backdoor other PyTorch projects, and more. These attacks began by compromising self-hosted runners, which are machines that execute jobs in a GitHub Actions workflow. From there, we leveraged misconfigurations and GitHub “features” to elevate our privileges within GitHub Actions workflows.\r\n\r\nOur research campaign included dozens of reports, over $250,000 in bug bounties, and endless war stories. Tune in for a deep dive into the TTPs that allow turning a trivial runner compromise into a full supply chain attack.\r\n\r\n1. [link](https://adnanthekhan.com/2023/12/20/one-supply-chain-attack-to-rule-them-all/)\r\n2. [link](https://johnstawinski.com/2024/01/11/playing-with-fire-how-we-executed-a-critical-supply-chain-attack-on-pytorch/)\r\n3. [link](https://johnstawinski.com/2024/01/05/worse-than-solarwinds-three-steps-to-hack-blockchains-github-and-ml-through-github-actions/)\r\n\n\n\n","media":[],"title":"Grand Theft Actions: Abusing Self-Hosted GitHub Runners at Scale","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T19:45:00Z","end_timestamp":{"seconds":1723319100,"nanoseconds":0},"android_description":"GitHub Actions is quickly becoming the de facto CI/CD provider for open-source projects, startups, and enterprises. At the same time, GitHub’s security model is full of insecure defaults. This makes it easy for their customers to expose themselves to critical attacks from the public internet. The end result? A systemic vulnerability class that won’t go away.\r\n\r\nDuring our research, we identified GitHub Actions misconfigurations at scale that would allow threat actors to backdoor major open-source projects. An example of this is our attack on PyTorch, a prominent ML framework used by companies and researchers around the world.\r\n\r\nThrough this attack, we could contribute code directly to the main branch of the PyTorch repository, upload malicious releases, backdoor other PyTorch projects, and more. These attacks began by compromising self-hosted runners, which are machines that execute jobs in a GitHub Actions workflow. From there, we leveraged misconfigurations and GitHub “features” to elevate our privileges within GitHub Actions workflows.\r\n\r\nOur research campaign included dozens of reports, over $250,000 in bug bounties, and endless war stories. Tune in for a deep dive into the TTPs that allow turning a trivial runner compromise into a full supply chain attack.\r\n\r\n1. [link](https://adnanthekhan.com/2023/12/20/one-supply-chain-attack-to-rule-them-all/)\r\n2. [link](https://johnstawinski.com/2024/01/11/playing-with-fire-how-we-executed-a-critical-supply-chain-attack-on-pytorch/)\r\n3. [link](https://johnstawinski.com/2024/01/05/worse-than-solarwinds-three-steps-to-hack-blockchains-github-and-ml-through-github-actions/)","updated_timestamp":{"seconds":1720463005,"nanoseconds":0},"speakers":[{"content_ids":[54489],"conference_id":133,"event_ids":[54862],"name":"Adnan Khan","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Red Team Security Engineer"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/adnanekhan"},{"description":"","title":"adnanthekhan.com","sort_order":0,"url":"https://adnanthekhan.com"}],"media":[],"id":54087,"title":"Red Team Security Engineer"},{"content_ids":[54489],"conference_id":133,"event_ids":[54862],"name":"John Stawinski","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/john-stawinski-72ba87191/"},{"description":"","title":"Website","sort_order":0,"url":"https://johnstawinski.com"}],"media":[],"id":54196}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:23:25Z","links":[],"end":"2024-08-10T19:45:00.000-0000","id":54862,"tag_ids":[46166,46169,46419,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54087},{"tag_id":46167,"sort_order":2,"person_id":54196}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-08T18:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The enshittification of the internet wasn't inevitable. The old, good internet gave way to the enshitternet because we let our bosses enshittify it. We took away the constraints of competition, regulation, interop and tech worker power, and so when our bosses yanked on the big enshittification lever in the c-suite, it started to budge further and further, toward total enshittification. A new, good internet is possible - and necessary - and it needs *you*.\n\n\n","media":[],"title":"Disenshittify or die! How hackers can seize the means of computation and build a new, good internet that is hardened against our asshole bosses' insatiable horniness for enshittification.","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T19:45:00Z","end_timestamp":{"seconds":1723319100,"nanoseconds":0},"android_description":"The enshittification of the internet wasn't inevitable. The old, good internet gave way to the enshitternet because we let our bosses enshittify it. We took away the constraints of competition, regulation, interop and tech worker power, and so when our bosses yanked on the big enshittification lever in the c-suite, it started to budge further and further, toward total enshittification. A new, good internet is possible - and necessary - and it needs *you*.","updated_timestamp":{"seconds":1720307459,"nanoseconds":0},"speakers":[{"content_ids":[54488,54471],"conference_id":133,"event_ids":[54844,54861],"name":"Cory Doctorow","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Author"}],"pronouns":null,"links":[{"description":"","title":"Mastodon (@doctorow@mamot.fr)","sort_order":0,"url":"https://mamot.fr/@doctorow"},{"description":"","title":"Medium (@doctorow)","sort_order":0,"url":"https://medium.com/@doctorow"},{"description":"","title":"Tumblr (@mostlysignssomeportents)","sort_order":0,"url":"https://www.tumblr.com/mostlysignssomeportents"},{"description":"","title":"Twitter (@doctorow)","sort_order":0,"url":"https://twitter.com/doctorow"},{"description":"","title":"Website","sort_order":0,"url":"https://craphound.com"}],"media":[],"id":54119,"title":"Author"}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-06T23:10:59Z","links":[],"end":"2024-08-10T19:45:00.000-0000","id":54861,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54119}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"FACTION is an all-encompassing solution for streamlined security assessment workflows and enhancing collaboration within your teams. In addition, It's fully open source and extendable so it can integrate within diverse environments. FACTION's key benefits are that it cuts reporting time down to more than half for manual pen-tests, keeps tabs on all outstanding vulnerabilities with custom alerts based on your SLAs, becomes the hub of shared information for your assessments enabling other teammates to replay attacks you share, facilitates large scale assessment scheduling that typically becomes hard to manage when your teams are doing more than 100 assessments a year, and is fully extendable with REST APIs and FACTION Extensions.\n\n\n","media":[],"title":"FACTION","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"FACTION is an all-encompassing solution for streamlined security assessment workflows and enhancing collaboration within your teams. In addition, It's fully open source and extendable so it can integrate within diverse environments. FACTION's key benefits are that it cuts reporting time down to more than half for manual pen-tests, keeps tabs on all outstanding vulnerabilities with custom alerts based on your SLAs, becomes the hub of shared information for your assessments enabling other teammates to replay attacks you share, facilitates large scale assessment scheduling that typically becomes hard to manage when your teams are doing more than 100 assessments a year, and is fully extendable with REST APIs and FACTION Extensions.","updated_timestamp":{"seconds":1718922813,"nanoseconds":0},"speakers":[{"content_ids":[54198],"conference_id":133,"event_ids":[54567],"name":"Josh Summitt","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Faction Security","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":53745,"title":"Founder at Faction Security"}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:33:33Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249632"},{"label":"Project","type":"link","url":"https://github.com/factionsecurity/faction"}],"end":"2024-08-10T20:45:00.000-0000","id":54567,"tag_ids":[46169,46441,46443,46445,46453,46456,46462],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53745}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W308","hotel":"","short_name":"W308","id":46321},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-06-20T22:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In ever evolving software development world, security is also becoming fast paced. Hence, each product going through the pentest cycle has to be managed effectively and efficiently. Managing multiple pentests and testers is important. A single pane of glass view for managing pentests and testers is what the goal of this tool is.\n\n\n","media":[],"title":"MPT - Pentest in Action","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"In ever evolving software development world, security is also becoming fast paced. Hence, each product going through the pentest cycle has to be managed effectively and efficiently. Managing multiple pentests and testers is important. A single pane of glass view for managing pentests and testers is what the goal of this tool is.","updated_timestamp":{"seconds":1718922758,"nanoseconds":0},"speakers":[{"content_ids":[54195],"conference_id":133,"event_ids":[54564],"name":"Jyoti Raval","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Baker Hughes","title":"Senior Staff Product Security Leader"}],"links":[],"pronouns":null,"media":[],"id":53746,"title":"Senior Staff Product Security Leader at Baker Hughes"}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:32:38Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249631"},{"label":"Project","type":"link","url":"https://github.com/jenyraval/MPT"}],"end":"2024-08-10T20:45:00.000-0000","id":54564,"tag_ids":[46169,46441,46443],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53746}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W307","hotel":"","short_name":"W307","id":46322},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-06-20T22:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"GC2 is the first serverless command and control. This project aims to demonstrate how attackers could take advantage of third-party tools (Google Sheets and Google Drive) to execute commands and exfiltrate information from a compromised system. First released in 2021, became well known in April 2023 after being mentioned in Google's Threat Horizons Report.\n\n\n","media":[],"title":"GC2 - The First Serverless Command & Control","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"GC2 is the first serverless command and control. This project aims to demonstrate how attackers could take advantage of third-party tools (Google Sheets and Google Drive) to execute commands and exfiltrate information from a compromised system. First released in 2021, became well known in April 2023 after being mentioned in Google's Threat Horizons Report.","updated_timestamp":{"seconds":1718922703,"nanoseconds":0},"speakers":[{"content_ids":[54192],"conference_id":133,"event_ids":[54561],"name":"Lorenzo Grazian","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53753}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:31:43Z","links":[{"label":"Project","type":"link","url":"https://github.com/looCiprian/GC2-sheet"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249630"}],"end":"2024-08-10T20:45:00.000-0000","id":54561,"tag_ids":[46169,46441,46445,46446,46453],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53753}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W306","hotel":"","short_name":"W306","id":46323},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-06-20T22:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"CODASM aims to decrease a stageless payload's Shannon entropy, which was found to be a simple but annoying detection vector used by EDRs. It's a Python program that processes arbitrary binary inputs and produces a C program consisting of two parts: a buffer holding generated x86-64 ASM instructions with the original payload encoded into it, and a set of functions that can decode the ASM at runtime. The buffer is designed to be compiled into the final payload's .text section, thus it looks like regular (if not functional) code to AVs, EDRs and analysts. This encoding effectively decreases the payload's Shannon entropy but comes with a significant increase in output size. The demo will cover usage of the tool and dissection/reverse engineering of the resulting payload.\n\n\n","media":[],"title":"CODASM - Hiding Payloads in Plain .text","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"CODASM aims to decrease a stageless payload's Shannon entropy, which was found to be a simple but annoying detection vector used by EDRs. It's a Python program that processes arbitrary binary inputs and produces a C program consisting of two parts: a buffer holding generated x86-64 ASM instructions with the original payload encoded into it, and a set of functions that can decode the ASM at runtime. The buffer is designed to be compiled into the final payload's .text section, thus it looks like regular (if not functional) code to AVs, EDRs and analysts. This encoding effectively decreases the payload's Shannon entropy but comes with a significant increase in output size. The demo will cover usage of the tool and dissection/reverse engineering of the resulting payload.","updated_timestamp":{"seconds":1718922651,"nanoseconds":0},"speakers":[{"content_ids":[54170,54189],"conference_id":133,"event_ids":[54539,54558],"name":"Moritz Laurin Thomas","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NVISO ARES","title":"Senior Red Team Security Consultant"}],"links":[],"pronouns":null,"media":[],"id":53762,"title":"Senior Red Team Security Consultant at NVISO ARES"}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:30:51Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249629"}],"end":"2024-08-10T20:45:00.000-0000","id":54558,"tag_ids":[46169,46441,46445,46451,46453],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53762}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W305","hotel":"","short_name":"W305","id":46324},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-06-20T22:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Metasploit Framework released version 6.4 earlier this year, including multiple improvements to Kerberos-related attack workflows. The latest changes added support for forging diamond and sapphire tickets, as well as dumping tickets from compromised hosts. Metasploit users can now exploit unconstrained delegation in Active Directory environments for privilege escalation as well as use pass-the-ticket authentication for the Windows secrets dump module. These new Kerberos improvements increase the ways in which tickets can be forged, gathered, as well as used. Additionally, Metasploit has added support for new protocol based sessions, allowing users to interact with targets without uploading payloads, thus increasing their evasive capabilities. These new sessions can be established to database, SMB and LDAP servers. Once opened, they enable users to interact and run post modules with them, all without running a payload on the remote host. Finally, version 6.4 includes a complete overhaul of how Metasploit handles its own DNS queries. These improvements ensure that users pivoting their traffic over compromised hosts are not leaking their queries and offer a high degree of control over how queries should be resolved. This demonstration will cover these latest improvements and show how the changes can be combined for new, streamlined attack workflows using the latest Metasploit release.\n\n\n","media":[],"title":"The Metasploit Framework v6.4","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"The Metasploit Framework released version 6.4 earlier this year, including multiple improvements to Kerberos-related attack workflows. The latest changes added support for forging diamond and sapphire tickets, as well as dumping tickets from compromised hosts. Metasploit users can now exploit unconstrained delegation in Active Directory environments for privilege escalation as well as use pass-the-ticket authentication for the Windows secrets dump module. These new Kerberos improvements increase the ways in which tickets can be forged, gathered, as well as used. Additionally, Metasploit has added support for new protocol based sessions, allowing users to interact with targets without uploading payloads, thus increasing their evasive capabilities. These new sessions can be established to database, SMB and LDAP servers. Once opened, they enable users to interact and run post modules with them, all without running a payload on the remote host. Finally, version 6.4 includes a complete overhaul of how Metasploit handles its own DNS queries. These improvements ensure that users pivoting their traffic over compromised hosts are not leaking their queries and offer a high degree of control over how queries should be resolved. This demonstration will cover these latest improvements and show how the changes can be combined for new, streamlined attack workflows using the latest Metasploit release.","updated_timestamp":{"seconds":1718922585,"nanoseconds":0},"speakers":[{"content_ids":[54186],"conference_id":133,"event_ids":[54555],"name":"Jack Heysel","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Rapid7","title":"Senior Security Researcher"}],"links":[],"pronouns":null,"media":[],"id":53741,"title":"Senior Security Researcher at Rapid7"},{"content_ids":[54186],"conference_id":133,"event_ids":[54555],"name":"Spencer McIntyre","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Rapid7","title":"Security Research Manager"}],"links":[],"pronouns":null,"media":[],"id":53773,"title":"Security Research Manager at Rapid7"}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:29:45Z","links":[{"label":"Project","type":"link","url":"https://github.com/rapid7/metasploit-framework"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249628"}],"end":"2024-08-10T20:45:00.000-0000","id":54555,"tag_ids":[46169,46441,46453],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53741},{"tag_id":46167,"sort_order":4,"person_id":53773}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W304","hotel":"","short_name":"W304","id":46325},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-06-20T22:29:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"An open hardware design for BusKill cables that uses 3D printing and easily sourceable components. BusKill cables are hardware Dead Man’s Switches that use USB events to trigger a laptop to lock, shutdown, or self-destruct when the laptop is physically separated from the operator.\n\n\n","media":[],"title":"Open Hardware Design for BusKill Cord","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T20:45:00Z","end_timestamp":{"seconds":1723322700,"nanoseconds":0},"android_description":"An open hardware design for BusKill cables that uses 3D printing and easily sourceable components. BusKill cables are hardware Dead Man’s Switches that use USB events to trigger a laptop to lock, shutdown, or self-destruct when the laptop is physically separated from the operator.","updated_timestamp":{"seconds":1718922526,"nanoseconds":0},"speakers":[{"content_ids":[54183],"conference_id":133,"event_ids":[54552],"name":"Melanie Allen","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53760}],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:28:46Z","links":[{"label":"Project","type":"link","url":"https://github.com/BusKill/usb-a-magnetic-breakaway"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249627"}],"end":"2024-08-10T20:45:00.000-0000","id":54552,"tag_ids":[46169,46441,46445,46449],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53760}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W303","hotel":"","short_name":"W303","id":46326},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-06-20T22:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00\n\n\n","media":[],"title":"Friends of Bill W","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00","updated_timestamp":{"seconds":1718771079,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T19:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T04:24:39Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249486"}],"end":"2024-08-10T20:00:00.000-0000","id":54486,"tag_ids":[46364,46401],"village_id":null,"begin_timestamp":{"seconds":1723316400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W301","hotel":"","short_name":"W301","id":46295},"spans_timebands":"N","begin":"2024-08-10T19:00:00.000-0000","updated":"2024-06-19T04:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cloud providers build their services a little like Jenga towers. They use their core services as the foundation of more popular customer-facing offerings. You may think you’re just creating a GCP cloud function in an empty account. In reality, with one click, you’re creating resources in six different services: a Cloud Build instance, a Storage Bucket, an Artifact Registry or a Container Registry, and possibly a Cloud Run instance and Eventarc triggers. The security of the entire stack is only as strong as the weakest link.\n\nBy looking at the entire stack, we can find privilege escalation techniques and even vulnerabilities that are hidden behind the stack. In my research, I was able to find a novel privilege escalation vulnerability and several privilege escalation techniques in GCP.\n\nThe talk will showcase a key concept, sometimes not discussed enough: cloud services are built on top of each other, and one click in the console can cause many things to happen behind the scenes. More services mean more risks and a larger attack surface.\n\nThe next part will dive deep into the vulnerable GCP cloud functions deployment flow. I will showcase the vulnerability I found in this flow, which enables an attacker to run code as the default Cloud Build service account by exploiting the deployment flow and the flawed trust between services resulting in a large fix and change in GCP IAM and Cloud Functions. This would grant an attacker high privileges to key services such as Storage, Artifact Registry, and Cloud Build.\n\nHowever, this talk is about more than just a vulnerability. By understanding cross-service dependency, we can reveal a broad attack surface for many possible privilege escalation vectors between services. I will demo a simple tool I wrote to find the hidden APIs that are called by the CSP when performing an action.\n\nBy the end of this talk, the audience will learn the dangers of treating cloud services like a black box. The talk explains the hidden deployment flow behind one important stack, and provides the tools to uncover the risks of many more.\n\n\n","media":[],"title":"One Click, Six Services: Abusing The Dangerous Multi-service Orchestration Pattern","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:15:00Z","end_timestamp":{"seconds":1723317300,"nanoseconds":0},"android_description":"Cloud providers build their services a little like Jenga towers. They use their core services as the foundation of more popular customer-facing offerings. You may think you’re just creating a GCP cloud function in an empty account. In reality, with one click, you’re creating resources in six different services: a Cloud Build instance, a Storage Bucket, an Artifact Registry or a Container Registry, and possibly a Cloud Run instance and Eventarc triggers. The security of the entire stack is only as strong as the weakest link.\n\nBy looking at the entire stack, we can find privilege escalation techniques and even vulnerabilities that are hidden behind the stack. In my research, I was able to find a novel privilege escalation vulnerability and several privilege escalation techniques in GCP.\n\nThe talk will showcase a key concept, sometimes not discussed enough: cloud services are built on top of each other, and one click in the console can cause many things to happen behind the scenes. More services mean more risks and a larger attack surface.\n\nThe next part will dive deep into the vulnerable GCP cloud functions deployment flow. I will showcase the vulnerability I found in this flow, which enables an attacker to run code as the default Cloud Build service account by exploiting the deployment flow and the flawed trust between services resulting in a large fix and change in GCP IAM and Cloud Functions. This would grant an attacker high privileges to key services such as Storage, Artifact Registry, and Cloud Build.\n\nHowever, this talk is about more than just a vulnerability. By understanding cross-service dependency, we can reveal a broad attack surface for many possible privilege escalation vectors between services. I will demo a simple tool I wrote to find the hidden APIs that are called by the CSP when performing an action.\n\nBy the end of this talk, the audience will learn the dangers of treating cloud services like a black box. The talk explains the hidden deployment flow behind one important stack, and provides the tools to uncover the risks of many more.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55491],"conference_id":133,"event_ids":[55920],"name":"Liv Matan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"terminatorLM","sort_order":0,"url":"https://terminatorLM"}],"media":[],"id":56022}],"begin_tsz":"2024-08-10T18:50:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-10T19:15:00.000-0000","id":55920,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723315800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56022}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-10T18:50:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"How the Deepfake & Synthetic Media Framework (DSMAF) can be applied to an election\ncontext to more effectively differentiate deceptive from legitimate content and to better\nunderstand the nature of the threats posed by deceptive online content (both deepfakes\nand non-deepfakes). This will include a demonstration of the 2024 U.S. Presidential\nElection Deepfake Threat Tracker and a tutorial for how to effectively use this resource.\n\n\n","media":[],"title":"The Threat of Deepfakes and Synthetic Media to Election Integrity","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:15:00Z","end_timestamp":{"seconds":1723317300,"nanoseconds":0},"android_description":"How the Deepfake & Synthetic Media Framework (DSMAF) can be applied to an election\ncontext to more effectively differentiate deceptive from legitimate content and to better\nunderstand the nature of the threats posed by deceptive online content (both deepfakes\nand non-deepfakes). This will include a demonstration of the 2024 U.S. Presidential\nElection Deepfake Threat Tracker and a tutorial for how to effectively use this resource.","updated_timestamp":{"seconds":1723183538,"nanoseconds":0},"speakers":[{"content_ids":[56188],"conference_id":133,"event_ids":[56842],"name":"Dr. Matthew Canham","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/matthew-c-971855100/"},{"description":"","title":"Website","sort_order":0,"url":"https://deepfakedashboard.com/"}],"media":[],"id":56566}],"begin_tsz":"2024-08-10T18:45:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T06:05:38Z","links":[],"end":"2024-08-10T19:15:00.000-0000","id":56842,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723315500,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56566}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T18:45:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"During the session, I will present an extensive array of over 15 distinct techniques and vulnerabilities that can be exploited for authentication bypass or account takeover. Some of the vulnerabilities I will cover include Session Puzzling, Session Fixation, Rate Limit Bypasses, Broken Brute-Force Protection, 2FA/OTP Misconfigurations, HTTP-Parameter Pollution, PHP Type Juggling, and many more. These insights will provide attendees with a comprehensive understanding of the various methods used by attackers to compromise authentication mechanisms and take control of user accounts.\n\n\n","media":[],"title":"Unlocking the Gates - Understanding Authentication Bypass Vulnerabilities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:10:00Z","end_timestamp":{"seconds":1723317000,"nanoseconds":0},"android_description":"During the session, I will present an extensive array of over 15 distinct techniques and vulnerabilities that can be exploited for authentication bypass or account takeover. Some of the vulnerabilities I will cover include Session Puzzling, Session Fixation, Rate Limit Bypasses, Broken Brute-Force Protection, 2FA/OTP Misconfigurations, HTTP-Parameter Pollution, PHP Type Juggling, and many more. These insights will provide attendees with a comprehensive understanding of the various methods used by attackers to compromise authentication mechanisms and take control of user accounts.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55705],"conference_id":133,"event_ids":[56221],"name":"Vikas Khanna","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56095}],"begin_tsz":"2024-08-10T18:40:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T19:10:00.000-0000","id":56221,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723315200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56095}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T18:40:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"AMA on Proxmark3 with Iceman","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T19:30:00Z","end_timestamp":{"seconds":1723318200,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723307096,"nanoseconds":0},"speakers":[{"content_ids":[56220],"conference_id":133,"event_ids":[56875],"name":"Iceman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56616}],"begin_tsz":"2024-08-10T18:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-10T16:24:56Z","links":[],"end":"2024-08-10T19:30:00.000-0000","id":56875,"tag_ids":[46390,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723314600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56616}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-10T18:30:00.000-0000","updated":"2024-08-10T16:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn about DARPA's approach to developing tools to identify and flag multi-model media assets that have been generated or malicious purposes under the Semantic Forensics (SemaFor) program.\n\n\n","media":[],"title":"Spotting Deepfakes in a World with Generative AI","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:50:00Z","end_timestamp":{"seconds":1723315800,"nanoseconds":0},"android_description":"Learn about DARPA's approach to developing tools to identify and flag multi-model media assets that have been generated or malicious purposes under the Semantic Forensics (SemaFor) program.","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[56134],"conference_id":133,"event_ids":[56777],"name":"Dr. William Corvey","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DARPA Information Innovation Office","title":"SEMAFOR Program Manager"}],"pronouns":"they/them","links":[{"description":"","title":"DARPA Profile","sort_order":0,"url":"https://www.darpa.mil/staff/dr-wil-corvey"},{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/wil-corvey-505a6310"}],"media":[],"id":56525,"title":"SEMAFOR Program Manager at DARPA Information Innovation Office"}],"begin_tsz":"2024-08-10T18:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-10T18:50:00.000-0000","id":56777,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723314600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56525}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-10T18:30:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Cybersecurity for Emerging Tech (panelists would include researchers or industry executives in emerging tech categories, like space, OT, hardware like drones, etc)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:30:00Z","end_timestamp":{"seconds":1723318200,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55969],"conference_id":133,"event_ids":[56585],"name":"Paulino Calderon","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":""}],"links":[],"pronouns":null,"media":[],"id":56305}],"begin_tsz":"2024-08-10T18:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-10T19:30:00.000-0000","id":56585,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723314600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56305}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-10T18:30:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Large Language Model (LLM) deployment and integration comes with a need for scalable evaluation of how these models respond to adversarial attacks. However, LLM security is a moving target: models produce unpredictable output, are constantly updated, and the potential adversary is highly diverse: anyone with access to the internet and a decent command of natural language. Further, what constitutes a weakness in one context may not be an issue in a different context; one-fits-all guardrails remain theoretical. It is time to rethink what constitutes ``LLM security’’, and pursue a holistic approach to LLM security evaluation, where exploration and discovery of issues are central. To this end, this paper introduces garak (Generative AI Red-teaming and Assessment Kit), a framework which can be used to discover and identify vulnerabilities in a target LLM or dialog system. garak probes an LLM in a structured fashion to discover potential vulnerabilities. The outputs of the framework describe a target model’s weaknesses, contribute to an informed discussion of what composes vulnerabilities in unique contexts, and can inform alignment and policy discussions for LLM deployment.\n\n\n","media":[],"title":"garak : A Framework for Large Language Model Red Teaming","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:30:00Z","end_timestamp":{"seconds":1723318200,"nanoseconds":0},"android_description":"Large Language Model (LLM) deployment and integration comes with a need for scalable evaluation of how these models respond to adversarial attacks. However, LLM security is a moving target: models produce unpredictable output, are constantly updated, and the potential adversary is highly diverse: anyone with access to the internet and a decent command of natural language. Further, what constitutes a weakness in one context may not be an issue in a different context; one-fits-all guardrails remain theoretical. It is time to rethink what constitutes ``LLM security’’, and pursue a holistic approach to LLM security evaluation, where exploration and discovery of issues are central. To this end, this paper introduces garak (Generative AI Red-teaming and Assessment Kit), a framework which can be used to discover and identify vulnerabilities in a target LLM or dialog system. garak probes an LLM in a structured fashion to discover potential vulnerabilities. The outputs of the framework describe a target model’s weaknesses, contribute to an informed discussion of what composes vulnerabilities in unique contexts, and can inform alignment and policy discussions for LLM deployment.","updated_timestamp":{"seconds":1722625241,"nanoseconds":0},"speakers":[{"content_ids":[55882,54175],"conference_id":133,"event_ids":[56467,54544],"name":"Erick Galinkin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NVIDIA","title":"Research Scientist"}],"links":[],"pronouns":null,"media":[],"id":53735,"title":"Research Scientist at NVIDIA"},{"content_ids":[55882,54175],"conference_id":133,"event_ids":[56467,54544],"name":"Leon Derczynski","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ITU Copenhagen","title":"Prof, Natural Language Processing"},{"organization":"NVIDIA","title":"Principal Research Scientist, LLM Security"}],"links":[],"pronouns":null,"media":[],"id":53749,"title":"Principal Research Scientist, LLM Security at NVIDIA"},{"content_ids":[55882],"conference_id":133,"event_ids":[56467],"name":"Jeffery Martin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NVIDIA","title":""}],"links":[],"pronouns":null,"media":[],"id":56247,"title":"NVIDIA"},{"content_ids":[55882],"conference_id":133,"event_ids":[56467],"name":"Subho Majumdar","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"vijil","title":""}],"links":[],"pronouns":null,"media":[],"id":56248,"title":"vijil"}],"begin_tsz":"2024-08-10T18:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T19:00:41Z","links":[],"end":"2024-08-10T19:30:00.000-0000","id":56467,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723314600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":53749},{"tag_id":46167,"sort_order":4,"person_id":53735},{"tag_id":46167,"sort_order":6,"person_id":56247},{"tag_id":46167,"sort_order":8,"person_id":56248}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-10T18:30:00.000-0000","updated":"2024-08-02T19:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn how to build a device to emulate magstripe using data intercepted from EMV chip and contactless interfaces\n\n\n","media":[],"title":"Emulating Magstripe with Arduino","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T19:10:00Z","end_timestamp":{"seconds":1723317000,"nanoseconds":0},"android_description":"Learn how to build a device to emulate magstripe using data intercepted from EMV chip and contactless interfaces","updated_timestamp":{"seconds":1722356245,"nanoseconds":0},"speakers":[{"content_ids":[55566,55567,55568],"conference_id":133,"event_ids":[56081,56082,56089,56091,56092],"name":"Leigh-Anne Galloway","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"UNDERLE LTD","title":"Director of Research"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/leighannegalloway/"},{"description":"","title":"Twitter (@L_Agalloway)","sort_order":0,"url":"https://twitter.com/L_Agalloway"}],"media":[],"id":56039,"title":"Director of Research at UNDERLE LTD"}],"begin_tsz":"2024-08-10T18:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T16:17:25Z","links":[],"end":"2024-08-10T19:10:00.000-0000","id":56089,"tag_ids":[46386,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723314600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56039}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-10T18:30:00.000-0000","updated":"2024-07-30T16:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Amid the Gen-AI revolution, notably through the rise of Large Language Models (LLMs), the cybersecurity landscape faces opportunities and challenges. These advanced AI models have successfully analyzed texts at unprecedented speeds, offering profound insights into vast data pools. However, this rapid technological growth has also paved the way for sophisticated Gen-AI-powered cyber threats that exploit these systems' adaptable, polymorphic nature, outpacing traditional defenses.\r\n\r\nThis presentation seeks to empower red teamers by unveiling the potential of open-source Gen-AI as a formidable ally in cybersecurity. Focusing on practical application, we will guide participants through constructing their own Gen-AI-based \"\"co-pilot,\"\" leveraging LLMs to enhance vulnerability identification and defense mechanisms.\r\n\r\nAttendees will be introduced to the fundamentals of Gen-AI, including cost-effective strategies for fine-tuning LLMs using custom datasets drawn from pentest reports, bug bounties, and more. The discussion will extend to innovative, memory-efficient training methods such as LORA (Low-Rank Adaptation) and Quantized Low-Rank Adaptation (QLORA), making training an LLM on a modest single GPU setup feasible.\r\n\r\nDesigned for beginners with no prior AI experience, this talk aims to equip red teamers with powerful, open-source AI tools to accelerate vulnerability detection. By harnessing Gen-AI, cybersecurity professionals can stay one step ahead, identifying and mitigating potential threats at machine speed, ensuring they outpace adversaries in the ongoing cyber battle.\n\n\n","media":[],"title":"My Smart Red Team Copilot","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:15:00Z","end_timestamp":{"seconds":1723317300,"nanoseconds":0},"android_description":"Amid the Gen-AI revolution, notably through the rise of Large Language Models (LLMs), the cybersecurity landscape faces opportunities and challenges. These advanced AI models have successfully analyzed texts at unprecedented speeds, offering profound insights into vast data pools. However, this rapid technological growth has also paved the way for sophisticated Gen-AI-powered cyber threats that exploit these systems' adaptable, polymorphic nature, outpacing traditional defenses.\r\n\r\nThis presentation seeks to empower red teamers by unveiling the potential of open-source Gen-AI as a formidable ally in cybersecurity. Focusing on practical application, we will guide participants through constructing their own Gen-AI-based \"\"co-pilot,\"\" leveraging LLMs to enhance vulnerability identification and defense mechanisms.\r\n\r\nAttendees will be introduced to the fundamentals of Gen-AI, including cost-effective strategies for fine-tuning LLMs using custom datasets drawn from pentest reports, bug bounties, and more. The discussion will extend to innovative, memory-efficient training methods such as LORA (Low-Rank Adaptation) and Quantized Low-Rank Adaptation (QLORA), making training an LLM on a modest single GPU setup feasible.\r\n\r\nDesigned for beginners with no prior AI experience, this talk aims to equip red teamers with powerful, open-source AI tools to accelerate vulnerability detection. By harnessing Gen-AI, cybersecurity professionals can stay one step ahead, identifying and mitigating potential threats at machine speed, ensuring they outpace adversaries in the ongoing cyber battle.","updated_timestamp":{"seconds":1721495283,"nanoseconds":0},"speakers":[{"content_ids":[55282,55199],"conference_id":133,"event_ids":[55589,55672],"name":"Gaspard Baye","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"AI Researcher & Ph.D. Candidate"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/bayegaspard/"},{"description":"","title":"Twitter (@bayegaspard)","sort_order":0,"url":"https://twitter.com/bayegaspard"},{"description":"","title":"Website","sort_order":0,"url":"https://umassd.edu"}],"media":[],"id":55802,"title":"AI Researcher & Ph.D. Candidate"}],"begin_tsz":"2024-08-10T18:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T17:08:03Z","links":[],"end":"2024-08-10T19:15:00.000-0000","id":55589,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723314600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55802}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T18:30:00.000-0000","updated":"2024-07-20T17:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for an insightful panel discussion where we bring together seasoned Bug Bounty Program Managers and adept bug bounty hunters. This panel aims to address pressing questions and share diverse perspectives on the evolving landscape of bug bounties. We will dive into the challenges faced by both hunters and managers, discuss strategies to enhance the impact of submissions, and explore the future of bug bounties in the face of emerging technologies, evolving trends, and threats. We will also highlight the importance of bug bounties in the current cybersecurity landscape and share the top elements that contribute to a successful bug bounty program. Lastly, we will provide recommendations for organizations looking to mature their bug bounty programs but are hesitant about expanding. This panel promises to be a valuable opportunity for learning, sharing, and networking for anyone involved or interested in the world of bug bounties.\n\n\n","media":[],"title":"Hunters and Gatherers: A Deep Dive into the World of Bug Bounties","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:30:00Z","end_timestamp":{"seconds":1723318200,"nanoseconds":0},"android_description":"Join us for an insightful panel discussion where we bring together seasoned Bug Bounty Program Managers and adept bug bounty hunters. This panel aims to address pressing questions and share diverse perspectives on the evolving landscape of bug bounties. We will dive into the challenges faced by both hunters and managers, discuss strategies to enhance the impact of submissions, and explore the future of bug bounties in the face of emerging technologies, evolving trends, and threats. We will also highlight the importance of bug bounties in the current cybersecurity landscape and share the top elements that contribute to a successful bug bounty program. Lastly, we will provide recommendations for organizations looking to mature their bug bounty programs but are hesitant about expanding. This panel promises to be a valuable opportunity for learning, sharing, and networking for anyone involved or interested in the world of bug bounties.","updated_timestamp":{"seconds":1721436315,"nanoseconds":0},"speakers":[{"content_ids":[54601],"conference_id":133,"event_ids":[55031],"name":"Jeff Guerra","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GitHub","title":"Sr. Product Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@s2jeff_gh)","sort_order":0,"url":"https://twitter.com/s2jeff_gh"}],"media":[],"id":54219,"title":"Sr. Product Security Engineer at GitHub"},{"content_ids":[54601],"conference_id":133,"event_ids":[55031],"name":"Johnathan Kuskos","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Chaotic Good Information Security (CGIS)","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":54220,"title":"Founder at Chaotic Good Information Security (CGIS)"},{"content_ids":[54601],"conference_id":133,"event_ids":[55031],"name":"Katie Trimble-Noble","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Director PSIRT & Bounty"}],"links":[],"pronouns":null,"media":[],"id":54221,"title":"Director PSIRT & Bounty"},{"content_ids":[54601],"conference_id":133,"event_ids":[55031],"name":"Sam (erbbysam) Erb","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@erbbysam)","sort_order":0,"url":"https://twitter.com/erbbysam"}],"media":[],"id":54229,"title":"Security Engineer at Google"},{"content_ids":[54601],"conference_id":133,"event_ids":[55031],"name":"Logan MacLaren","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GitHub","title":"Senior Product Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@maclarel_)","sort_order":0,"url":"https://twitter.com/maclarel_"}],"media":[],"id":54289,"title":"Senior Product Security Engineer at GitHub"}],"begin_tsz":"2024-08-10T18:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T00:45:15Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#hunters-and-gatherers"}],"end":"2024-08-10T19:30:00.000-0000","id":55031,"tag_ids":[46374,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723314600,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":54220},{"tag_id":46487,"sort_order":4,"person_id":54221},{"tag_id":46487,"sort_order":6,"person_id":54229},{"tag_id":46488,"sort_order":8,"person_id":54219},{"tag_id":46488,"sort_order":10,"person_id":54289}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-10T18:30:00.000-0000","updated":"2024-07-20T00:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hacking Education for better outcomes / teaching in the metaverse\n\n\n","media":[],"title":"Student Engagement Doesn't Have to Suck","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"Hacking Education for better outcomes / teaching in the metaverse","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54602],"conference_id":133,"event_ids":[54976],"name":"Dr. Muhsinah Morris","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Metaverse United, LLC","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":54283,"title":"Founder at Metaverse United, LLC"}],"begin_tsz":"2024-08-10T18:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":54976,"tag_ids":[46169,46397,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723314600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54283}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T18:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In February 2024, Microsoft announced the release of Sudo for Windows for Windows 11 Insider Preview[1]. Like the Unix sudo utility, it provides a method for users to run commands with elevated permissions. This talk will share the results of an analysis of Sudo for Windows, starting with a summary of the information provided by Microsoft. From there, we will explore the architecture used to coordinate the elevation of the specified process, the ALPC service used to communicate between elevated and non-elevated processes, how Rust interoperates with Windows APIs, and the path resolution process for files and relative paths. As part of that journey, we will discuss a few discovered security issues.\r\n\r\nThis presentation will be valuable to anyone with an interest in Windows reverse engineering or Rust memory safety. A conceptual understanding of Windows Inter-Process Communication (IPC) and heap allocation may make parts of the talk more approachable, but the main ideas will be accessible to anyone with a high-level understanding of process memory layout (stack vs heap).\r\n\r\n1. [link](https://devblogs.microsoft.com/commandline/introducing-sudo-for-windows/)\r\n2. [link](https://learn.microsoft.com/en-us/windows/sudo/)\r\n3. [link](https://github.com/microsoft/sudo)\r\n4. [link](https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html)\r\n5. [link](https://www.powershellgallery.com/packages/NtObjectManager/2.0.1)\r\n6. [link](https://github.com/microsoft/windows-rs)\r\n7. [link](https://github.com/rust-lang/rust)\r\n\n\n\n","media":[],"title":"Sudos and Sudon’ts - Peering inside Sudo for Windows","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T19:15:00Z","end_timestamp":{"seconds":1723317300,"nanoseconds":0},"android_description":"In February 2024, Microsoft announced the release of Sudo for Windows for Windows 11 Insider Preview[1]. Like the Unix sudo utility, it provides a method for users to run commands with elevated permissions. This talk will share the results of an analysis of Sudo for Windows, starting with a summary of the information provided by Microsoft. From there, we will explore the architecture used to coordinate the elevation of the specified process, the ALPC service used to communicate between elevated and non-elevated processes, how Rust interoperates with Windows APIs, and the path resolution process for files and relative paths. As part of that journey, we will discuss a few discovered security issues.\r\n\r\nThis presentation will be valuable to anyone with an interest in Windows reverse engineering or Rust memory safety. A conceptual understanding of Windows Inter-Process Communication (IPC) and heap allocation may make parts of the talk more approachable, but the main ideas will be accessible to anyone with a high-level understanding of process memory layout (stack vs heap).\r\n\r\n1. [link](https://devblogs.microsoft.com/commandline/introducing-sudo-for-windows/)\r\n2. [link](https://learn.microsoft.com/en-us/windows/sudo/)\r\n3. [link](https://github.com/microsoft/sudo)\r\n4. [link](https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html)\r\n5. [link](https://www.powershellgallery.com/packages/NtObjectManager/2.0.1)\r\n6. [link](https://github.com/microsoft/windows-rs)\r\n7. [link](https://github.com/rust-lang/rust)","updated_timestamp":{"seconds":1720463027,"nanoseconds":0},"speakers":[{"content_ids":[54486],"conference_id":133,"event_ids":[54859],"name":"Michael \"mtu\" Torres","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Senior Security Engineer, Network Infrastructure Security"}],"pronouns":"he/him","links":[{"description":"","title":"Github","sort_order":0,"url":"https://github.com/micrictor"},{"description":"","title":"blog.sectorr.dev","sort_order":0,"url":"https://blog.sectorr.dev"}],"media":[],"id":54137,"title":"Senior Security Engineer, Network Infrastructure Security at Google"}],"begin_tsz":"2024-08-10T18:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:23:47Z","links":[],"end":"2024-08-10T19:15:00.000-0000","id":54859,"tag_ids":[46166,46419,46437,46880],"village_id":null,"begin_timestamp":{"seconds":1723314600,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54137}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-10T18:30:00.000-0000","updated":"2024-07-08T18:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Quick Share (formerly Nearby Share) has enabled file sharing on Android for 4 years and expanded to Windows a year ago.\r\n\r\nGoogle's promotion of Quick Share for preinstallation on Windows, alongside the limited recent research, ignited our curiosity about its safety, leading to an investigation that uncovered more than we had imagined.\r\n\r\nWe studied its Protobuf-based protocol using hooks, built tools to communicate with Quick Share devices, and a fuzzer that found non-exploitable crashes in the Windows app. We then diverted to search for logical vulnerabilities, and boy oh boy, we regretted we hadn’t done it sooner.\r\n\r\nWe found 10 vulnerabilities both in Windows & Android allowing us to remotely write files into devices without approval, force the Windows app to crash in additional ways, redirect its traffic to our WiFi AP, traverse paths to the user’s folder, and more. However, we desired the holy grail, an RCE. Thus, we returned to the drawing board, where we realized that the RCE is already in our possession in a form of a complex chain.\r\n\r\nIn this talk, we’ll introduce QuickShell - An RCE attack chain on Windows combining 5 out of 10 vulnerabilities in Quick Share. We’ll provide an overview about Quick Share’s protocol, present our fuzzer, the found vulnerabilities, a new HTTPS MITM technique, and finally the RCE chain.\r\n\r\n[Reference link](https://www.cs.ox.ac.uk/files/10367/ndss19-paper367.pdf)\r\n\n\n\n","media":[],"title":"QuickShell: Sharing is caring about an RCE attack chain on Quick Share","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T19:15:00Z","end_timestamp":{"seconds":1723317300,"nanoseconds":0},"android_description":"Quick Share (formerly Nearby Share) has enabled file sharing on Android for 4 years and expanded to Windows a year ago.\r\n\r\nGoogle's promotion of Quick Share for preinstallation on Windows, alongside the limited recent research, ignited our curiosity about its safety, leading to an investigation that uncovered more than we had imagined.\r\n\r\nWe studied its Protobuf-based protocol using hooks, built tools to communicate with Quick Share devices, and a fuzzer that found non-exploitable crashes in the Windows app. We then diverted to search for logical vulnerabilities, and boy oh boy, we regretted we hadn’t done it sooner.\r\n\r\nWe found 10 vulnerabilities both in Windows & Android allowing us to remotely write files into devices without approval, force the Windows app to crash in additional ways, redirect its traffic to our WiFi AP, traverse paths to the user’s folder, and more. However, we desired the holy grail, an RCE. Thus, we returned to the drawing board, where we realized that the RCE is already in our possession in a form of a complex chain.\r\n\r\nIn this talk, we’ll introduce QuickShell - An RCE attack chain on Windows combining 5 out of 10 vulnerabilities in Quick Share. We’ll provide an overview about Quick Share’s protocol, present our fuzzer, the found vulnerabilities, a new HTTPS MITM technique, and finally the RCE chain.\r\n\r\n[Reference link](https://www.cs.ox.ac.uk/files/10367/ndss19-paper367.pdf)","updated_timestamp":{"seconds":1721090347,"nanoseconds":0},"speakers":[{"content_ids":[54485],"conference_id":133,"event_ids":[54858],"name":"Or Yair","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SafeBreach","title":"Security Research Team Lead"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/or-yair/"},{"description":"","title":"Twitter (@oryair1999)","sort_order":0,"url":"https://twitter.com/oryair1999"},{"description":"","title":"Website","sort_order":0,"url":"https://oryair.com"}],"media":[],"id":54145,"title":"Security Research Team Lead at SafeBreach"},{"content_ids":[54485],"conference_id":133,"event_ids":[54858],"name":"Shmuel Cohen","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SafeBreach","title":"Senior Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/the-shmuel-cohen/"},{"description":"","title":"Twitter (@BinWalker)","sort_order":0,"url":"https://twitter.com/BinWalker"}],"media":[],"id":54185,"title":"Senior Security Researcher at SafeBreach"}],"begin_tsz":"2024-08-10T18:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-16T00:39:07Z","links":[],"end":"2024-08-10T19:15:00.000-0000","id":54858,"tag_ids":[46166,46169,46419,46437,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723314600,"nanoseconds":0},"includes":"Tool 🛠, Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54145},{"tag_id":46167,"sort_order":2,"person_id":54185}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-10T18:30:00.000-0000","updated":"2024-07-16T00:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Introduction:\r\nWe will begin with an overview of event analysis systems and their challenges. Participants will learn about different types of data sources and logs, the prevalence of false positives, and the difficulty in identifying coordinated attacks. We will set the stage for the live, hands-on demonstration environment where participants can interact and apply what they learn in real-time. Importantly, no prior data science knowledge is required; all tasks will be performed using simple, user-friendly interfaces.\r\n\r\nIntroduction to MITRE ATT&CK Framework:\r\nAn essential part of our session is understanding the MITRE ATT&CK framework. We will cover its structure, including Tactics, Techniques, and Procedures (TTPs), and explain why mapping alerts to this framework is crucial for standardizing threat detection and enhancing our capabilities.\r\n\r\nLeveraging Open Source AI Tools:\r\nNext, we will delve into the open-source AI tools that will be used throughout the session. We will introduce families of algorithms including clustering and community detection, natural language processing with large language models (LLMs), and Markov chains. These tools are designed to be accessible and will be operated through straightforward interfaces. Participants will be guided through setting up a demo environment to follow along and interact with the exercises.\r\n\r\nData Preprocessing and Normalization:\r\nParticipants will learn how to import and clean data from various sources, normalize data formats, and handle missing data. We will highlight some methods to get rich test data. This step is crucial for ensuring that the subsequent analysis is accurate and reliable. The hands-on exercise will involve preprocessing a sample dataset in real-time, using easy-to-follow steps and intuitive interfaces.\r\n\r\nMapping Alerts to MITRE ATT&CK Techniques:\r\nWe will demonstrate techniques for mapping SIEM data to MITRE ATT&CK manually and using automated tools. The live demo will include a hands-on exercise where participants will map a sample dataset to MITRE ATT&CK Techniques, using AI to enhance mapping accuracy. All this will be done through simple interfaces that do not require deep technical knowledge.\r\n\r\nClustering Alerts into Contextualized Attack Steps:\r\nThis section focuses on methods such as clustering and community detection. Participants will learn the criteria for clustering alerts based on temporal, spatial, and technical attributes. They will engage in a hands-on exercise to cluster sample alerts and evaluate the quality and relevance of the clusters, again using user-friendly interfaces.\r\n\r\nBuilding Killchains:\r\nParticipants will understand the concept and importance of killchains in cybersecurity. We will demonstrate methods for linking attack steps into a cohesive killchain, with a hands-on exercise to create a killchain from clustered data. Participants will analyze killchains to identify patterns and coordinated attacks, all through accessible interfaces.\r\n\r\nGenerating Actionable Tickets:\r\nWe will outline the criteria for generating three types of tickets: FP Tickets, Incident Tickets, and Attack Story Tickets. Through a hands-on exercise, participants will generate sample tickets and learn how to ensure each ticket type is comprehensive and actionable. This process will be facilitated through simple interfaces that guide the user step-by-step.\r\n\r\nIntegrating and Automating the Workflow:\r\nFinally, we will discuss integrating this workflow into existing SOC setups and automating the process using scripts and tools. Participants will see how to maintain and update the system, ensuring continuous improvement in threat detection and response. The automation will be demonstrated in a way that requires minimal technical skills.\r\n\r\nQ&A and Troubleshooting:\r\nThe session will conclude with an open floor for questions, addressing common issues, and offering troubleshooting tips. Participants will also receive resources for further learning and support to continue enhancing their skills post-session.\r\n\r\nConclusion:\r\nBy the end of this interactive session, participants will have hands-on experience using open-source AI tools to enhance their SOC capabilities. They will be able to map alerts to MITRE ATT&CK Techniques, cluster data into meaningful attack steps, and build comprehensive killchains to uncover coordinated attacks. Additionally, they will learn to generate actionable tickets to facilitate immediate response and long-term improvements in their security posture. All of this will be achieved without needing advanced data science knowledge, thanks to the simple and intuitive interfaces provided.\r\n\r\nParticipants are encouraged to apply these techniques in their own environments and continue exploring the vast capabilities of open-source AI in cybersecurity. The live demo environment setup will provide a practical and engaging way to solidify these concepts and skills.\n\n\nGiven a SIEM loaded with alerts, logs and events from a variety of data sources, your task is to find the coordinated attack in the LOTS of noise of false positives & lone incidents. \r\n\r\nTogether we will use opensource AI tools to map all of the hetrogenous data on the SIEM to MITRE ATT&CK Techniques, and then Cluster based on a variety of attributes to form contetualized Attack Steps. We will then fuse these attack steps based on timeline, causality and assets involved into killchains to reveal coordinated attacks. \r\n\r\nYou are required to output the following tickets: \r\n1. FP Ticket that has clusters of false positives and tuning advisories & suggestions that should be forwarded to detection engineering to tune. \r\n\r\n2. Incident Ticket that has remediation & investigation advisories & action playbooks for the contextualized lone-incidents identified. \r\n\r\n3. Attack Story Ticket that has a correalted set of clusters of alerts & logs revealing a coordinated attack killchain affecting a variety of assets over a stretch of time.","media":[],"title":"Use opensource AI to map alerts & logs into techniques, clusters, and killchains","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:15:00Z","end_timestamp":{"seconds":1723317300,"nanoseconds":0},"android_description":"Introduction:\r\nWe will begin with an overview of event analysis systems and their challenges. Participants will learn about different types of data sources and logs, the prevalence of false positives, and the difficulty in identifying coordinated attacks. We will set the stage for the live, hands-on demonstration environment where participants can interact and apply what they learn in real-time. Importantly, no prior data science knowledge is required; all tasks will be performed using simple, user-friendly interfaces.\r\n\r\nIntroduction to MITRE ATT&CK Framework:\r\nAn essential part of our session is understanding the MITRE ATT&CK framework. We will cover its structure, including Tactics, Techniques, and Procedures (TTPs), and explain why mapping alerts to this framework is crucial for standardizing threat detection and enhancing our capabilities.\r\n\r\nLeveraging Open Source AI Tools:\r\nNext, we will delve into the open-source AI tools that will be used throughout the session. We will introduce families of algorithms including clustering and community detection, natural language processing with large language models (LLMs), and Markov chains. These tools are designed to be accessible and will be operated through straightforward interfaces. Participants will be guided through setting up a demo environment to follow along and interact with the exercises.\r\n\r\nData Preprocessing and Normalization:\r\nParticipants will learn how to import and clean data from various sources, normalize data formats, and handle missing data. We will highlight some methods to get rich test data. This step is crucial for ensuring that the subsequent analysis is accurate and reliable. The hands-on exercise will involve preprocessing a sample dataset in real-time, using easy-to-follow steps and intuitive interfaces.\r\n\r\nMapping Alerts to MITRE ATT&CK Techniques:\r\nWe will demonstrate techniques for mapping SIEM data to MITRE ATT&CK manually and using automated tools. The live demo will include a hands-on exercise where participants will map a sample dataset to MITRE ATT&CK Techniques, using AI to enhance mapping accuracy. All this will be done through simple interfaces that do not require deep technical knowledge.\r\n\r\nClustering Alerts into Contextualized Attack Steps:\r\nThis section focuses on methods such as clustering and community detection. Participants will learn the criteria for clustering alerts based on temporal, spatial, and technical attributes. They will engage in a hands-on exercise to cluster sample alerts and evaluate the quality and relevance of the clusters, again using user-friendly interfaces.\r\n\r\nBuilding Killchains:\r\nParticipants will understand the concept and importance of killchains in cybersecurity. We will demonstrate methods for linking attack steps into a cohesive killchain, with a hands-on exercise to create a killchain from clustered data. Participants will analyze killchains to identify patterns and coordinated attacks, all through accessible interfaces.\r\n\r\nGenerating Actionable Tickets:\r\nWe will outline the criteria for generating three types of tickets: FP Tickets, Incident Tickets, and Attack Story Tickets. Through a hands-on exercise, participants will generate sample tickets and learn how to ensure each ticket type is comprehensive and actionable. This process will be facilitated through simple interfaces that guide the user step-by-step.\r\n\r\nIntegrating and Automating the Workflow:\r\nFinally, we will discuss integrating this workflow into existing SOC setups and automating the process using scripts and tools. Participants will see how to maintain and update the system, ensuring continuous improvement in threat detection and response. The automation will be demonstrated in a way that requires minimal technical skills.\r\n\r\nQ&A and Troubleshooting:\r\nThe session will conclude with an open floor for questions, addressing common issues, and offering troubleshooting tips. Participants will also receive resources for further learning and support to continue enhancing their skills post-session.\r\n\r\nConclusion:\r\nBy the end of this interactive session, participants will have hands-on experience using open-source AI tools to enhance their SOC capabilities. They will be able to map alerts to MITRE ATT&CK Techniques, cluster data into meaningful attack steps, and build comprehensive killchains to uncover coordinated attacks. Additionally, they will learn to generate actionable tickets to facilitate immediate response and long-term improvements in their security posture. All of this will be achieved without needing advanced data science knowledge, thanks to the simple and intuitive interfaces provided.\r\n\r\nParticipants are encouraged to apply these techniques in their own environments and continue exploring the vast capabilities of open-source AI in cybersecurity. The live demo environment setup will provide a practical and engaging way to solidify these concepts and skills.\n\n\nGiven a SIEM loaded with alerts, logs and events from a variety of data sources, your task is to find the coordinated attack in the LOTS of noise of false positives & lone incidents. \r\n\r\nTogether we will use opensource AI tools to map all of the hetrogenous data on the SIEM to MITRE ATT&CK Techniques, and then Cluster based on a variety of attributes to form contetualized Attack Steps. We will then fuse these attack steps based on timeline, causality and assets involved into killchains to reveal coordinated attacks. \r\n\r\nYou are required to output the following tickets: \r\n1. FP Ticket that has clusters of false positives and tuning advisories & suggestions that should be forwarded to detection engineering to tune. \r\n\r\n2. Incident Ticket that has remediation & investigation advisories & action playbooks for the contextualized lone-incidents identified. \r\n\r\n3. Attack Story Ticket that has a correalted set of clusters of alerts & logs revealing a coordinated attack killchain affecting a variety of assets over a stretch of time.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[54634,55759,55495,55348,56206,55557],"conference_id":133,"event_ids":[55740,56072,55924,56284,56860,55008],"name":"Ezz Tahoun","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ezzeldinadel/"}],"media":[],"id":54240}],"begin_tsz":"2024-08-10T18:15:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-10T19:15:00.000-0000","id":56284,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723313700,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":4,"person_id":54240}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-10T18:15:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Home surveillance technology is a modern convenience that has been made accessible to the masses through the rise of IoT devices, namely cloud-connected Wi-Fi cameras. From parents monitoring their infants to homeowners watching their entryways, these cameras provide users with access to instant, high definition video from the convenience of a mobile phone, tablet, or PC. However, the affordability of these devices and relative ease of cloud access generally correlates to flawed security, putting users at risk. We set out to explore the attack surface of various Wi-Fi camera models to gain a deeper understanding of how these devices are being exploited. In the end, we devised methods to gain local root access, uncovered user privacy issues, discovered a zero-day vulnerability within a prominent IoT device management platform that allows attackers to gain remote control of millions of cameras worldwide and access sensitive user data, and revealed how these devices may be vulnerable to remote code execution attacks through completely unauthenticated means thanks to an inherently flawed implementation of their underlying peer to peer networking protocol. Along with demonstrating our exploits against live cameras, we will highlight the methods used to obtain our most significant findings and provide guidance on remediating the issues we encountered so these devices can be used safely in your household. We will also invite audience members to probe and attack a camera during our talk and earn a prize in the process!\n\n\n","media":[],"title":"What To Expect When You’re Exploiting: Attacking and Discovering Zero-Days in Baby Monitors and Wi-Fi Cameras","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"Home surveillance technology is a modern convenience that has been made accessible to the masses through the rise of IoT devices, namely cloud-connected Wi-Fi cameras. From parents monitoring their infants to homeowners watching their entryways, these cameras provide users with access to instant, high definition video from the convenience of a mobile phone, tablet, or PC. However, the affordability of these devices and relative ease of cloud access generally correlates to flawed security, putting users at risk. We set out to explore the attack surface of various Wi-Fi camera models to gain a deeper understanding of how these devices are being exploited. In the end, we devised methods to gain local root access, uncovered user privacy issues, discovered a zero-day vulnerability within a prominent IoT device management platform that allows attackers to gain remote control of millions of cameras worldwide and access sensitive user data, and revealed how these devices may be vulnerable to remote code execution attacks through completely unauthenticated means thanks to an inherently flawed implementation of their underlying peer to peer networking protocol. Along with demonstrating our exploits against live cameras, we will highlight the methods used to obtain our most significant findings and provide guidance on remediating the issues we encountered so these devices can be used safely in your household. We will also invite audience members to probe and attack a camera during our talk and earn a prize in the process!","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54600],"conference_id":133,"event_ids":[54975],"name":"Mark Mager","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Elastic","title":"Lead, Endpoint Protections Team"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@magerbomb)","sort_order":0,"url":"https://twitter.com/magerbomb"}],"media":[],"id":54301,"title":"Lead, Endpoint Protections Team at Elastic"},{"content_ids":[54600],"conference_id":133,"event_ids":[54975],"name":"Eric Forte","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Elastic","title":"Security Research Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@EricF0r73)","sort_order":0,"url":"https://twitter.com/EricF0r73"}],"media":[],"id":54358,"title":"Security Research Engineer at Elastic"}],"begin_tsz":"2024-08-10T18:15:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":54975,"tag_ids":[46383,46419,46437,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723313700,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54358},{"tag_id":46167,"sort_order":1,"person_id":54301}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-10T18:15:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As Azure services continue to expand and evolve, their associated authentication methodologies have also changed. Having mostly moved away from storing credentials in cleartext, most Azure services utilize Managed Identities to offer a more secure approach to access management. However, Managed Identities can bring their own challenges and risks.\nIn this talk, we delve into the nuanced landscape of Managed Identities across multiple Azure services. We explore how attackers exploit access to services with these identities to escalate privileges, move laterally, and establish persistence within Azure tenants. We will also provide helpful tips for defenders trying to identify these attacks. Finally, we will showcase a tool designed to automate attacks against User-Assigned Managed Identities.\n\n\n","media":[],"title":"Identity Theft is not a Joke, Azure!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:50:00Z","end_timestamp":{"seconds":1723315800,"nanoseconds":0},"android_description":"As Azure services continue to expand and evolve, their associated authentication methodologies have also changed. Having mostly moved away from storing credentials in cleartext, most Azure services utilize Managed Identities to offer a more secure approach to access management. However, Managed Identities can bring their own challenges and risks.\nIn this talk, we delve into the nuanced landscape of Managed Identities across multiple Azure services. We explore how attackers exploit access to services with these identities to escalate privileges, move laterally, and establish persistence within Azure tenants. We will also provide helpful tips for defenders trying to identify these attacks. Finally, we will showcase a tool designed to automate attacks against User-Assigned Managed Identities.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55490],"conference_id":133,"event_ids":[55919],"name":"Karl Fosaaen","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"kfosaaen","sort_order":0,"url":"https://kfosaaen"}],"media":[],"id":56010}],"begin_tsz":"2024-08-10T18:10:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-10T18:50:00.000-0000","id":55919,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723313400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56010}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-10T18:10:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Never hacked into anything before? Join us at the Voting Village to learn how to hack into a voting machine yourself! No hacking skills required.\n\n\n","media":[],"title":"First Time TSX Hacking Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"Never hacked into anything before? Join us at the Voting Village to learn how to hack into a voting machine yourself! No hacking skills required.","updated_timestamp":{"seconds":1723183539,"nanoseconds":0},"speakers":[{"content_ids":[56194],"conference_id":133,"event_ids":[56848],"name":"Tailor Tolliver","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/tailortolliver"},{"description":"","title":"Twitter (@digitalempress)","sort_order":0,"url":"https://twitter.com/digitalempress"}],"media":[],"id":56585}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T06:05:39Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":56848,"tag_ids":[46169,46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":56585}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"America is the second largest democracy in the world. India is the largest. Indonesia is the third. Often times democracy is associated with American Values, but democracies around the globe all share a common thread and have an impact on each other. Join us to hear word=d\n\n\n","media":[],"title":"Democracy From Around the World","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"America is the second largest democracy in the world. India is the largest. Indonesia is the third. Often times democracy is associated with American Values, but democracies around the globe all share a common thread and have an impact on each other. Join us to hear word=d","updated_timestamp":{"seconds":1723183539,"nanoseconds":0},"speakers":[{"content_ids":[56182,56193,56192],"conference_id":133,"event_ids":[56836,56846,56847],"name":"Harri Hursti","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/hhursti"},{"description":"","title":"Twitter (@harrihursti)","sort_order":0,"url":"https://twitter.com/harrihursti"},{"description":"","title":"Website","sort_order":0,"url":"https://votingvillage.org"}],"media":[],"id":56570}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T06:05:39Z","links":[],"end":"2024-08-10T18:45:00.000-0000","id":56847,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56570}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for an exhilarating container security CTF where you can go head-to-head with your peers. In this session, we will explore the world of container security, including image analysis, enumeration, and the most up-to-date container escape techniques. Put your skills to the test and compete for the top spot! Participants will gain valuable knowledge in container security and have the chance to win some exciting prizes. Don't miss out on this thrilling opportunity to showcase your expertise!\n\n\n","media":[],"title":"Activity: Capture the Container by Chainguard","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Join us for an exhilarating container security CTF where you can go head-to-head with your peers. In this session, we will explore the world of container security, including image analysis, enumeration, and the most up-to-date container escape techniques. Put your skills to the test and compete for the top spot! Participants will gain valuable knowledge in container security and have the chance to win some exciting prizes. Don't miss out on this thrilling opportunity to showcase your expertise!","updated_timestamp":{"seconds":1723007321,"nanoseconds":0},"speakers":[{"content_ids":[56162],"conference_id":133,"event_ids":[56806,56813],"name":"Jonathan Leitschuh","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56549}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T05:08:41Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":56813,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56549}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 3","hotel":"","short_name":"ASV Pod 3","id":46468},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-07T05:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Put your skills to the test in this challenge and try to find all the vulnerabilities in the code. We have a wide range of challenges, from easy to advanced in various languages. Can you find them all?\n\n\n","media":[],"title":"Activity: Vulnerability Hunt - The Snippets Edition","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Put your skills to the test in this challenge and try to find all the vulnerabilities in the code. We have a wide range of challenges, from easy to advanced in various languages. Can you find them all?","updated_timestamp":{"seconds":1723007517,"nanoseconds":0},"speakers":[{"content_ids":[56163,56167],"conference_id":133,"event_ids":[56807,56811,56814,56823],"name":"Mário Leitão-Teixeira","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56550}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T05:11:57Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":56811,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56550}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 1","hotel":"","short_name":"ASV Pod 1","id":46466},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-07T05:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this activity, participants will see an API Security presentation with examples and engage in a trivia game centered around the topic.\r\n\r\nLearn about the wide range of API vulnerabilities with real-world examples of data breaches and what it means to secure APIs through tests. And then it’s trivia time!\r\n\r\nParticipants will have to answer 10-15 questions on API Security based on their learnings. You will get swags for each answer you get right!\n\n\n","media":[],"title":"Activity: API Security 101: Testing and Trivia by Akto.io","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"In this activity, participants will see an API Security presentation with examples and engage in a trivia game centered around the topic.\r\n\r\nLearn about the wide range of API vulnerabilities with real-world examples of data breaches and what it means to secure APIs through tests. And then it’s trivia time!\r\n\r\nParticipants will have to answer 10-15 questions on API Security based on their learnings. You will get swags for each answer you get right!","updated_timestamp":{"seconds":1723007277,"nanoseconds":0},"speakers":[{"content_ids":[56161],"conference_id":133,"event_ids":[56805,56812],"name":"Ankita Gupta","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56546},{"content_ids":[56161],"conference_id":133,"event_ids":[56805,56812],"name":"Ankush Jain","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Akto","title":"Co-founder & CTO"}],"links":[],"pronouns":null,"media":[],"id":56547,"title":"Co-founder & CTO at Akto"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T05:07:57Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":56805,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56547},{"tag_id":46167,"sort_order":4,"person_id":56546}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 2","hotel":"","short_name":"ASV Pod 2","id":46467},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-07T05:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The modern cybersecurity realm is no longer one where defenders can work in a vacuum and be successful. Conversely, many people are starting to lose faith in the value of penetration testing as a mechanism to measure their organizational security posture. A collaborative milestone driven approach where Red and Blue teams operate in tandem, is necessary to ensure a proactive approach to enhancing the security of our organizations. This is where Purple Teaming comes into play. In this 2-hour hands-on workshop you will be introduced to Purple Team Exercises and play the role of a Cyber Threat Intelligence analyst, Red Team operator, and Blue Team security analyst. We have set up an isolated environment for each attendee to go through a Purple Team Exercise following the Purple Team Exercise Framework (PTEF). This event will give participants a chance to test out new tools, techniques, and procedures learned during the workshop.\n\n\n","media":[],"title":"Power To The Purple","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"The modern cybersecurity realm is no longer one where defenders can work in a vacuum and be successful. Conversely, many people are starting to lose faith in the value of penetration testing as a mechanism to measure their organizational security posture. A collaborative milestone driven approach where Red and Blue teams operate in tandem, is necessary to ensure a proactive approach to enhancing the security of our organizations. This is where Purple Teaming comes into play. In this 2-hour hands-on workshop you will be introduced to Purple Team Exercises and play the role of a Cyber Threat Intelligence analyst, Red Team operator, and Blue Team security analyst. We have set up an isolated environment for each attendee to go through a Purple Team Exercise following the Purple Team Exercise Framework (PTEF). This event will give participants a chance to test out new tools, techniques, and procedures learned during the workshop.","updated_timestamp":{"seconds":1722715708,"nanoseconds":0},"speakers":[{"content_ids":[55281,55993],"conference_id":133,"event_ids":[55671,56615],"name":"Trey Bilbrey","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SCYTHE Labs","title":"Lead"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/georgebilbrey"},{"description":"","title":"Twitter (@TCraf7)","sort_order":0,"url":"https://twitter.com/TCraf7"}],"media":[],"id":55832,"title":"Lead at SCYTHE Labs"},{"content_ids":[55993],"conference_id":133,"event_ids":[56615],"name":"Tyler Casey","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Deputy of SCYTHE Labs","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/tyler-j-casey"},{"description":"","title":"Twitter (@1qazCasey)","sort_order":0,"url":"https://twitter.com/1qazCasey"}],"media":[],"id":56332,"title":"Deputy of SCYTHE Labs"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T20:08:28Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":56615,"tag_ids":[46367,46734],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56332},{"tag_id":46484,"sort_order":4,"person_id":55832}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-03T20:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is an AMA/Podcast that will be recorded on-site.\n\n\n","media":[],"title":"Interview - RedHunt Labs (Kunal), Hosted by Anant Shrivastava","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"This is an AMA/Podcast that will be recorded on-site.","updated_timestamp":{"seconds":1722633249,"nanoseconds":0},"speakers":[{"content_ids":[55911],"conference_id":133,"event_ids":[56498],"name":"RedHunt Labs (Kunal)","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56273},{"content_ids":[55911],"conference_id":133,"event_ids":[56498],"name":"Anant Shrivastava","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56274}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T21:14:09Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":56498,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56273},{"tag_id":46167,"sort_order":4,"person_id":56274}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Quantum cryptography is unbreakable in principle but suffers from implementation vulnerabilities that may compromise the perfect protocol. I show examples of such vulnerabilities and tell about upcoming certification standards that verify the quality of countermeasures.\n\n\n","media":[],"title":"Hacking Quantum Key Distribution (QKD)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"Quantum cryptography is unbreakable in principle but suffers from implementation vulnerabilities that may compromise the perfect protocol. I show examples of such vulnerabilities and tell about upcoming certification standards that verify the quality of countermeasures.","updated_timestamp":{"seconds":1723307164,"nanoseconds":0},"speakers":[{"content_ids":[55850],"conference_id":133,"event_ids":[56437],"name":"Vadim Makarov","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56215}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-10T16:26:04Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":56437,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56215}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-10T16:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Social Engineering is a widely-covered topic. We'll focus on how it can be beneficial specifically during covert entry assessments for talking your way in/out of situations as well as to solicit information that you can apply throughout the assessment.\r\n\r\nIntroductory methods to modern covert entry Tactics, Techniques and Procedures (TTPs) for penetration testers.\r\n\r\nAn introduction to common and uncommon covert entry techniques that are used during physical security assessments. Whether you are a penetration tester, security coordinator, or the decision maker, these techniques will provide an insight into how expensive electronic and physical access controls can sometimes be bypassed by something as simple as a can of air, a piece of plastic, or even a smile. \r\n\r\nTim Roberts and Brent White of WeHackPeople.com and Dark Wolf Solutions, LLC will be sharing their experiences with covert and overt security tests over the years and walking participants through some real-life application of the techniques utilized during these assessments.\n\n\n","media":[],"title":"Social Engineering Improv Acting Techniques","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Social Engineering is a widely-covered topic. We'll focus on how it can be beneficial specifically during covert entry assessments for talking your way in/out of situations as well as to solicit information that you can apply throughout the assessment.\r\n\r\nIntroductory methods to modern covert entry Tactics, Techniques and Procedures (TTPs) for penetration testers.\r\n\r\nAn introduction to common and uncommon covert entry techniques that are used during physical security assessments. Whether you are a penetration tester, security coordinator, or the decision maker, these techniques will provide an insight into how expensive electronic and physical access controls can sometimes be bypassed by something as simple as a can of air, a piece of plastic, or even a smile. \r\n\r\nTim Roberts and Brent White of WeHackPeople.com and Dark Wolf Solutions, LLC will be sharing their experiences with covert and overt security tests over the years and walking participants through some real-life application of the techniques utilized during these assessments.","updated_timestamp":{"seconds":1722564593,"nanoseconds":0},"speakers":[{"content_ids":[55799],"conference_id":133,"event_ids":[56348],"name":"Tim Roberts","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Dark Wolf Solutions","title":"Covert Entry Specialist"}],"links":[],"pronouns":null,"media":[],"id":56186,"title":"Covert Entry Specialist at Dark Wolf Solutions"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T02:09:53Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":56348,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56186}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-02T02:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"SCAGoat is a deliberately written vulnerable application designed for performing and learning Software Composition Analysis (SCA). There are many vulnerable web applications available to learn web app pentesting however there are not much resources to learn SCA, essentially applications built on vulnerable Open Source Software(OSS)\r\n\r\n\n\n\n","media":[],"title":"Arsenal: SCAGoat","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"SCAGoat is a deliberately written vulnerable application designed for performing and learning Software Composition Analysis (SCA). There are many vulnerable web applications available to learn web app pentesting however there are not much resources to learn SCA, essentially applications built on vulnerable Open Source Software(OSS)","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55704],"conference_id":133,"event_ids":[56246],"name":"kvprashant","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56080},{"content_ids":[55704],"conference_id":133,"event_ids":[56246],"name":"Gaurav Joshi","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56115},{"content_ids":[55704],"conference_id":133,"event_ids":[56246],"name":"HK","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56117}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":56246,"tag_ids":[46169,46370,46438,46511],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"Tool 🛠, Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":56115},{"tag_id":46167,"sort_order":1,"person_id":56117},{"tag_id":46167,"sort_order":1,"person_id":56080}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Arsenal 1","hotel":"","short_name":"ASV Arsenal 1","id":46469},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The earlier we perform security interventions, the better. The best time? While we’re designing an application. This workshop will discuss the importance and use of Application Threat Modeling during app design, how to apply it to existing applications during later phases of development, then perform application threat modeling on an example web application using the Trike methodology. \r\n\r\nThe presented methodology is built on the concept that understanding the design of an application is all that is needed to create a threat model - and doing so can remove the uncertainties and brainstorming that other security threat modeling can require. Rather than requiring a deep security knowledge, all we need is to understand the application - something developers are uniquely suited to do. \n\n\n","media":[],"title":"Application Threat Modeling with Trike","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"The earlier we perform security interventions, the better. The best time? While we’re designing an application. This workshop will discuss the importance and use of Application Threat Modeling during app design, how to apply it to existing applications during later phases of development, then perform application threat modeling on an example web application using the Trike methodology. \r\n\r\nThe presented methodology is built on the concept that understanding the design of an application is all that is needed to create a threat model - and doing so can remove the uncertainties and brainstorming that other security threat modeling can require. Rather than requiring a deep security knowledge, all we need is to understand the application - something developers are uniquely suited to do.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55703],"conference_id":133,"event_ids":[56245],"name":"AreTillery","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56090}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":56245,"tag_ids":[46370,46734],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56090}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Classroom","hotel":"","short_name":"ASV Classroom","id":46465},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"BOLA is a prevalent vulnerability in modern APIs and web applications, topping the OWASP API risk chart, and ranking fourth in HackerOne Global Top 10. Its impact ranges from data exposure to total system control loss.\r\n\r\nWhile manually triggering known BOLAs is relatively straightforward, automatic detection is challenging due to the complexities of application logic, the wide range of inputs, and the stateful nature of modern web applications.\r\n\r\nTo tackle this, we leveraged LLMs to automate manual tasks such as understanding application logic, revealing endpoint dependency relationships, generating test cases, and interpreting results. Our AI-backed approach enables automating BOLA detection at scale, named BOLABuster.\r\n\r\nThough in its early stages, BOLABuster identified numerous vulnerabilities in open-source projects. In one case, we submitted 15 CVEs for a project, some leading to critical privilege escalation. Our latest disclosed vulnerability was CVE-2024-1313, a BOLA in Grafana,\n\n\n","media":[],"title":"BOLABuster: Harnessing LLMs for Automating BOLA Detection","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:30:00Z","end_timestamp":{"seconds":1723314600,"nanoseconds":0},"android_description":"BOLA is a prevalent vulnerability in modern APIs and web applications, topping the OWASP API risk chart, and ranking fourth in HackerOne Global Top 10. Its impact ranges from data exposure to total system control loss.\r\n\r\nWhile manually triggering known BOLAs is relatively straightforward, automatic detection is challenging due to the complexities of application logic, the wide range of inputs, and the stateful nature of modern web applications.\r\n\r\nTo tackle this, we leveraged LLMs to automate manual tasks such as understanding application logic, revealing endpoint dependency relationships, generating test cases, and interpreting results. Our AI-backed approach enables automating BOLA detection at scale, named BOLABuster.\r\n\r\nThough in its early stages, BOLABuster identified numerous vulnerabilities in open-source projects. In one case, we submitted 15 CVEs for a project, some leading to critical privilege escalation. Our latest disclosed vulnerability was CVE-2024-1313, a BOLA in Grafana,","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55702,55877],"conference_id":133,"event_ids":[56244,56462],"name":"Ravid Mazon","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56081},{"content_ids":[55702,55877],"conference_id":133,"event_ids":[56244,56462],"name":"Jay Chen","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56125}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T18:30:00.000-0000","id":56244,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56125},{"tag_id":46167,"sort_order":1,"person_id":56081}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Breaking and Defending Cloud Infrastructure: Red Team Evasion Tactics and Access Control Solutions","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:40:00Z","end_timestamp":{"seconds":1723315200,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722445651,"nanoseconds":0},"speakers":[{"content_ids":[55687],"conference_id":133,"event_ids":[56210],"name":"Amal Joy","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Highradius","title":"Security Engineer"}],"links":[],"pronouns":null,"media":[],"id":56054,"title":"Security Engineer at Highradius"},{"content_ids":[55687,55688],"conference_id":133,"event_ids":[56210,56211],"name":"Abhishek S","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Flipkart","title":"Security Engineer"}],"links":[],"pronouns":null,"media":[],"id":56058,"title":"Security Engineer at Flipkart"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:07:31Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-10T18:40:00.000-0000","id":56210,"tag_ids":[46400,46428,46511],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56054},{"tag_id":46167,"sort_order":4,"person_id":56058}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-31T17:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn how in this hands-on lab with resident AR designer, Zaire Moore\n\n\n","media":[],"title":"AR + Art = interactive installations to bring your stories to life","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Learn how in this hands-on lab with resident AR designer, Zaire Moore","updated_timestamp":{"seconds":1722368995,"nanoseconds":0},"speakers":[{"content_ids":[55581],"conference_id":133,"event_ids":[56103],"name":"Zaire Moore","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"BlackTerminus","title":""}],"pronouns":"he/him","links":[{"description":"","title":"Website","sort_order":0,"url":"https://www.blackterminus.com"}],"media":[],"id":56046,"title":"BlackTerminus"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T19:49:55Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":56103,"tag_ids":[46397,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56046}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-06","hotel":"","short_name":"HW4-01-06","id":46354},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-30T19:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us at Telecom Village, DEFCON for an in-depth GPON workshop. We'll explore GPON technology basics, standards, capabilities, and deployment methods, while identifying vulnerabilities and advanced mitigation strategies. The workshop features a live GPON setup and performance test for hands-on experience. Ideal for telecom professionals, network engineers, cybersecurity experts, and tech enthusiasts eager to deepen their understanding of modern telecommunications.\n\n\n","media":[{"hash_sha256":"b6ea6eaaffc91f861291fb1dcdb0a880cc3024d6970d44752e3239102ca5adaa","filetype":"image/webp","hash_md5":"932301b968f0fa788b0dede64d948782","name":"content_telecom_gponunplugged.webp","is_logo":"Y","hash_crc32c":"ad846332","filesize":190896,"asset_id":824,"sort_order":1,"url":"https://info.defcon.org/blobs/content_telecom_gponunplugged.webp"}],"title":"GPON Unplugged","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"Join us at Telecom Village, DEFCON for an in-depth GPON workshop. We'll explore GPON technology basics, standards, capabilities, and deployment methods, while identifying vulnerabilities and advanced mitigation strategies. The workshop features a live GPON setup and performance test for hands-on experience. Ideal for telecom professionals, network engineers, cybersecurity experts, and tech enthusiasts eager to deepen their understanding of modern telecommunications.","updated_timestamp":{"seconds":1722352207,"nanoseconds":0},"speakers":[{"content_ids":[55557,55559,55562],"conference_id":133,"event_ids":[56072,56074,56077],"name":"Akib Sayyed","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Matrix Shell Technologies","title":"Founder and Director"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/akibsayyed/"},{"description":"","title":"Twitter (@akibsayyed)","sort_order":0,"url":"https://twitter.com/@akibsayyed"}],"media":[],"id":56031,"title":"Founder and Director at Matrix Shell Technologies"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T15:10:07Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":56077,"tag_ids":[46395,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56031}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W201","hotel":"","short_name":"W201","id":46281},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-30T15:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Lots of fun things are happening in amateur radio for those who like to hack on hardware and software. This talk is an introduction to some of them.\n\n\n","media":[],"title":"Ham Radio for Hackers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"Lots of fun things are happening in amateur radio for those who like to hack on hardware and software. This talk is an introduction to some of them.","updated_timestamp":{"seconds":1722185626,"nanoseconds":0},"speakers":[{"content_ids":[55433,55436],"conference_id":133,"event_ids":[55858,55861],"name":"Dan \"dan_kb6nu\" Romanchik","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Ham Radio Village","title":""}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@kb6nu@mastodon.radio)","sort_order":0,"url":"https://mastodon.radio/@kb6nu"},{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@kb6nu"},{"description":"","title":"Website","sort_order":0,"url":"https://www.kb6nu.com/"}],"media":[],"id":55974,"title":"Ham Radio Village"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T16:53:46Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":55861,"tag_ids":[46380,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55974}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W321","hotel":"","short_name":"W321","id":46337},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-28T16:53:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"(NOTE: This is an overflow class only if the first session is full)\r\n\r\nLearn how to hack the DCNextGen Badge and take it to another level!\n\n\n","media":[],"title":"Hack the Badge (Badge class level 2) (Overflow if Friday is too full)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"(NOTE: This is an overflow class only if the first session is full)\r\n\r\nLearn how to hack the DCNextGen Badge and take it to another level!","updated_timestamp":{"seconds":1722361438,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T17:43:58Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":55759,"tag_ids":[46398,46641],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-30T17:43:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Raspberry Pi was designed to make computing accessible and affordable for everyone. For this reason, it's especially useful in the domain of OT and ICS Security workforce development. In a domain frequently understaffed, underfunded and struggling to find interested, qualified candidates (heck, sometimes even just warm bodies!), budgets are tight if not non-existent when it comes to developing the skills needed to secure these systems. This talk will discuss the use of low-cost computing solutions to deliver learning objectives to everyone from existing professionals in a full-scale OT Cyber Defense Exercise to demonstrating ICS principles to the up-and-coming workforce of tomorrow. We'll show how such devices can pinch hit for GPS to provide NTP, act as a PLC, function as a sync server, replace packet squirrels, act as MITM devices, and even how to use them to model fully functioning cyber physical systems on a shoestring educator's budget.\r\n\r\n* These statements are the opinions of the researcher/educator presenting and have not been approved by Raspberry Pi Foundation.\n\n\n","media":[],"title":"Where's Waldo? Can you find the Raspberry Pi in the Cyber Defense Exercise?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:50:00Z","end_timestamp":{"seconds":1723315800,"nanoseconds":0},"android_description":"The Raspberry Pi was designed to make computing accessible and affordable for everyone. For this reason, it's especially useful in the domain of OT and ICS Security workforce development. In a domain frequently understaffed, underfunded and struggling to find interested, qualified candidates (heck, sometimes even just warm bodies!), budgets are tight if not non-existent when it comes to developing the skills needed to secure these systems. This talk will discuss the use of low-cost computing solutions to deliver learning objectives to everyone from existing professionals in a full-scale OT Cyber Defense Exercise to demonstrating ICS principles to the up-and-coming workforce of tomorrow. We'll show how such devices can pinch hit for GPS to provide NTP, act as a PLC, function as a sync server, replace packet squirrels, act as MITM devices, and even how to use them to model fully functioning cyber physical systems on a shoestring educator's budget.\r\n\r\n* These statements are the opinions of the researcher/educator presenting and have not been approved by Raspberry Pi Foundation.","updated_timestamp":{"seconds":1722395721,"nanoseconds":0},"speakers":[{"content_ids":[55350],"conference_id":133,"event_ids":[55742],"name":"Shane McFly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55967},{"content_ids":[55350],"conference_id":133,"event_ids":[55742],"name":"Brian Howard","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56053}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T03:15:21Z","links":[],"end":"2024-08-10T18:50:00.000-0000","id":55742,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55967},{"tag_id":46167,"sort_order":4,"person_id":56053}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-31T03:15:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Artificial Intelligence is increasingly being framed in dystopian ways even though the technology has been around for decades and the opportunities it brings are vast. In the past months, more Governments have announced proposals to make AI models and systems more secure. Through a panel session, we want to shine a light on these efforts, particularly those that are most relevant to the DEFCON community, such as recommendations on testing and red teaming as well as the need for vulnerability disclosure processes. This session aims to foster a better understanding of what hackers are seeing on the ground in terms of the vulnerabilities in AI models and to identify how more collaboration could be undertaken. The outcome of this session will be to provide a spotlight on data gaps in this area and to share insights that can positively inform future work, such as the development of international AI standards.\n\n\n","media":[],"title":"How can hackers support efforts to secure AI systems?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:20:00Z","end_timestamp":{"seconds":1723317600,"nanoseconds":0},"android_description":"Artificial Intelligence is increasingly being framed in dystopian ways even though the technology has been around for decades and the opportunities it brings are vast. In the past months, more Governments have announced proposals to make AI models and systems more secure. Through a panel session, we want to shine a light on these efforts, particularly those that are most relevant to the DEFCON community, such as recommendations on testing and red teaming as well as the need for vulnerability disclosure processes. This session aims to foster a better understanding of what hackers are seeing on the ground in terms of the vulnerabilities in AI models and to identify how more collaboration could be undertaken. The outcome of this session will be to provide a spotlight on data gaps in this area and to share insights that can positively inform future work, such as the development of international AI standards.","updated_timestamp":{"seconds":1721778782,"nanoseconds":0},"speakers":[{"content_ids":[55335],"conference_id":133,"event_ids":[55726],"name":"Anjuli Shere","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Directorate of the UK's Department for Science, Innovation and Technology","title":"Head of Cyber Advocacy in the Cyber Security"}],"links":[],"pronouns":null,"media":[],"id":55919,"title":"Head of Cyber Advocacy in the Cyber Security at Directorate of the UK's Department for Science, Innovation and Technology"},{"content_ids":[55335,55885],"conference_id":133,"event_ids":[55726,56470],"name":"Christine Lai","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DHS Cyber Security and Infrastructure Security Agency","title":"Cybersecurity Research Specialist"}],"links":[],"pronouns":null,"media":[],"id":55923,"title":"Cybersecurity Research Specialist at DHS Cyber Security and Infrastructure Security Agency"},{"content_ids":[55335],"conference_id":133,"event_ids":[55726],"name":"Wan Ding Yao","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Singapore GovTech’s Cyber Security Group","title":"AI Security Lead"}],"links":[],"pronouns":null,"media":[],"id":55942,"title":"AI Security Lead at Singapore GovTech’s Cyber Security Group"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-23T23:53:02Z","links":[],"end":"2024-08-10T19:20:00.000-0000","id":55726,"tag_ids":[46388,46419,46511],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":55942},{"tag_id":46487,"sort_order":4,"person_id":55923},{"tag_id":46487,"sort_order":6,"person_id":55919}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-23T23:53:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join me for a hands-on workshop delving into the fundamentals of the Rust programming language and its application in malware development. Designed for both curious beginners and seasoned developers, this session will cover the basics of Rust while also exploring the unique features that make Rust a powerful tool for crafting malware. Through guided exercises and real-world examples, participants will gain practical insights into how Rust can be leveraged to develop sophisticated, stealthy, and malicious software.\n\n\n","media":[],"title":"RustOps","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T18:50:00Z","end_timestamp":{"seconds":1723315800,"nanoseconds":0},"android_description":"Join me for a hands-on workshop delving into the fundamentals of the Rust programming language and its application in malware development. Designed for both curious beginners and seasoned developers, this session will cover the basics of Rust while also exploring the unique features that make Rust a powerful tool for crafting malware. Through guided exercises and real-world examples, participants will gain practical insights into how Rust can be leveraged to develop sophisticated, stealthy, and malicious software.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55294],"conference_id":133,"event_ids":[55684],"name":"Jose Plascencia","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@_GRIM3_)","sort_order":0,"url":"https://twitter.com/_GRIM3_"}],"media":[],"id":55845}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T18:50:00.000-0000","id":55684,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55845}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this Workshop, attendees will learn some of the most impactful techniques and tools to increase the value of OSINT to their organizations. A guided learning experience, instructors will immerse attendees in hands-on exercises.\n\n\n","media":[],"title":"OSINT for Hackers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T18:50:00Z","end_timestamp":{"seconds":1723315800,"nanoseconds":0},"android_description":"In this Workshop, attendees will learn some of the most impactful techniques and tools to increase the value of OSINT to their organizations. A guided learning experience, instructors will immerse attendees in hands-on exercises.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55293],"conference_id":133,"event_ids":[55683],"name":"Lee McWhorter","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55846},{"content_ids":[55293],"conference_id":133,"event_ids":[55683],"name":"Sandra Stibbards","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@Camelotinv)","sort_order":0,"url":"https://twitter.com/Camelotinv"}],"media":[],"id":55847}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T18:50:00.000-0000","id":55683,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55846},{"tag_id":46167,"sort_order":4,"person_id":55847}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Ascension","hotel":"","short_name":"Ascension","id":46504},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"What keeps me up at night? Is it that I can't break in anymore, or is it that we haven't figured out all the ways to break in? Over the years, we have seen moves to place our applications into smaller attacker surface spaces. We have seen those microservice environments abstract our attack surface. Did we eliminate all attacks? At the same time, we have an explosion of endpoints of applications that run interpreted languages and how those constraints can be broken. \n\nWhen organisms evolve in the wild, they do so under extreme pressure. Has the pressure to find new ways to get a foothold in environments allowed us to evolve? Attackers are crafty, and defenders have to keep up. This talk demonstrates a methodology and tools for moving from container-constrained environments. They are limited to shells and interpreters. Have you been stuck like this before? Let's get beyond that. How does this tool move beyond containers and constrained environments into Windows and other generic workloads? Let's not worry about LOLBins. Bring your land and get off the air-gapped island.\n\n\n","media":[],"title":"Island Hoping: Move from LOLBins to Living off Langs","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T18:50:00Z","end_timestamp":{"seconds":1723315800,"nanoseconds":0},"android_description":"What keeps me up at night? Is it that I can't break in anymore, or is it that we haven't figured out all the ways to break in? Over the years, we have seen moves to place our applications into smaller attacker surface spaces. We have seen those microservice environments abstract our attack surface. Did we eliminate all attacks? At the same time, we have an explosion of endpoints of applications that run interpreted languages and how those constraints can be broken. \n\nWhen organisms evolve in the wild, they do so under extreme pressure. Has the pressure to find new ways to get a foothold in environments allowed us to evolve? Attackers are crafty, and defenders have to keep up. This talk demonstrates a methodology and tools for moving from container-constrained environments. They are limited to shells and interpreters. Have you been stuck like this before? Let's get beyond that. How does this tool move beyond containers and constrained environments into Windows and other generic workloads? Let's not worry about LOLBins. Bring your land and get off the air-gapped island.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55292,55270],"conference_id":133,"event_ids":[55682,55660],"name":"Moses Frost","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@mosesrenegade)","sort_order":0,"url":"https://twitter.com/mosesrenegade"}],"media":[],"id":55817}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T18:50:00.000-0000","id":55682,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55817}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"While there are many phishlet templates available on the Internet, but it is rare that they work out-of-the-box for your specific scenario. \n\nThis workshop is designed for those who are new to the Evilginx tool, and may have not had hands-on experience developing custom phishlets on their local machine. This workshop aims to give attendees the tools needed to effectively configure phishlet 'yaml' files for their specific situation. Additionally, the workshop will survey the necessary components of the phishlet 'yaml' file, as well as covering useful features new to Evilginx3. \n\nThis workshop will not focus on the development of phishing emails, bypassing spam filters, or remotely deploying and protecting Evilginx infrastructure. \n\nThis workshop is meant for all levels of experience, but some familiarity with Evilginx prior to attendance will be extremely helpful.\n\n\n","media":[],"title":"Developing Evilginx Phishlets","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T18:50:00Z","end_timestamp":{"seconds":1723315800,"nanoseconds":0},"android_description":"While there are many phishlet templates available on the Internet, but it is rare that they work out-of-the-box for your specific scenario. \n\nThis workshop is designed for those who are new to the Evilginx tool, and may have not had hands-on experience developing custom phishlets on their local machine. This workshop aims to give attendees the tools needed to effectively configure phishlet 'yaml' files for their specific situation. Additionally, the workshop will survey the necessary components of the phishlet 'yaml' file, as well as covering useful features new to Evilginx3. \n\nThis workshop will not focus on the development of phishing emails, bypassing spam filters, or remotely deploying and protecting Evilginx infrastructure. \n\nThis workshop is meant for all levels of experience, but some familiarity with Evilginx prior to attendance will be extremely helpful.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55291],"conference_id":133,"event_ids":[55681],"name":"Michael Donley","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@th3d00rman)","sort_order":0,"url":"https://twitter.com/th3d00rman"}],"media":[],"id":55844}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T18:50:00.000-0000","id":55681,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55844}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join members of the newly launched OASIS Coalition for Secure AI (CoSAI) Open Project (https://www.coalitionforsecureai.org). This is an engaging forum hosted by the Red Team Village in collaboration with the AI Village.\r\n\r\nCoSAI’s members include Amazon, Anthropic, Chainguard, Cisco, Cohere, GenLab, Google, IBM, Intel, Microsoft, NVIDIA, OpenAI, PayPal, and Wiz.\r\n\r\nPanelists will discuss the first three technical workstreams that the group has identified:\r\n\r\n- Software Supply Chain Security for AI Systems: Enhancing composition and provenance tracking to secure AI applications.\r\n- Preparing Defenders for a Changing Cybersecurity Landscape: Addressing investments and integration challenges in AI and classical systems.\r\n- AI Security Governance: Developing best practices and risk assessment frameworks for AI security.\r\n\r\nAlso, learn how the CoSAI goals differ from other AI efforts and plans for collaboration. The panelists will emphasize the importance of diverse community input and will host an interactive segment on how you can contribute. Whether you are red-teaming an AI model or implementing AI-powered tools, don't miss this opportunity to gain insights into this open project and learn how you can contribute to shaping a secure AI future\n\n\n","media":[],"title":"Securing the Future with CoSAI: Identified Technical Workstreams and Call for Contributions","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T18:50:00Z","end_timestamp":{"seconds":1723315800,"nanoseconds":0},"android_description":"Join members of the newly launched OASIS Coalition for Secure AI (CoSAI) Open Project (https://www.coalitionforsecureai.org). This is an engaging forum hosted by the Red Team Village in collaboration with the AI Village.\r\n\r\nCoSAI’s members include Amazon, Anthropic, Chainguard, Cisco, Cohere, GenLab, Google, IBM, Intel, Microsoft, NVIDIA, OpenAI, PayPal, and Wiz.\r\n\r\nPanelists will discuss the first three technical workstreams that the group has identified:\r\n\r\n- Software Supply Chain Security for AI Systems: Enhancing composition and provenance tracking to secure AI applications.\r\n- Preparing Defenders for a Changing Cybersecurity Landscape: Addressing investments and integration challenges in AI and classical systems.\r\n- AI Security Governance: Developing best practices and risk assessment frameworks for AI security.\r\n\r\nAlso, learn how the CoSAI goals differ from other AI efforts and plans for collaboration. The panelists will emphasize the importance of diverse community input and will host an interactive segment on how you can contribute. Whether you are red-teaming an AI model or implementing AI-powered tools, don't miss this opportunity to gain insights into this open project and learn how you can contribute to shaping a secure AI future","updated_timestamp":{"seconds":1723246307,"nanoseconds":0},"speakers":[{"content_ids":[55290,55309,55957,55274],"conference_id":133,"event_ids":[55699,56573,55664,55680],"name":"Omar Santos","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@santosomar)","sort_order":0,"url":"https://twitter.com/santosomar"}],"media":[],"id":55860},{"content_ids":[55290],"conference_id":133,"event_ids":[55680],"name":"Jay White","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56610},{"content_ids":[55290],"conference_id":133,"event_ids":[55680],"name":"Paul Vixie","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56611},{"content_ids":[55290],"conference_id":133,"event_ids":[55680],"name":"Daniel Rohrer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56612},{"content_ids":[55290],"conference_id":133,"event_ids":[55680],"name":"Sarah Novotny","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56613},{"content_ids":[55290],"conference_id":133,"event_ids":[55680],"name":"Dan McInerney","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56614}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T23:31:47Z","links":[],"end":"2024-08-10T18:50:00.000-0000","id":55680,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55860},{"tag_id":46167,"sort_order":4,"person_id":56614},{"tag_id":46167,"sort_order":6,"person_id":56612},{"tag_id":46167,"sort_order":8,"person_id":56610},{"tag_id":46167,"sort_order":10,"person_id":56611},{"tag_id":46167,"sort_order":12,"person_id":56613}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-09T23:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Bug Hunter's Methodology (TBHM) is a series of talks done by Jason exposing new advents in tools, tactics, and procedures used in web pentesting, bug bounty, and red teaming. In this talk, Jason will explore the mindset of approaching a hardened web target and how he breaks up finding vulnerabilities across its' stack. Many talks can teach you how to exploit a certain vulnerability, less can teach you how to find out where they are in complex pieces of software. TBHM also covers Jason's personal tips/tricks in the areas of automation, content discovery, javascript analysis, spidering, parameter analysis, functionality \"\"\"\"heatmapping\"\"\"\", and more. The DEF CON edition will not be recorded and will release some free cutting edge content usually only available in Jasons live courses!\n\n\n","media":[],"title":"The Bug Hunters Methodology Live - DEF CON Edition","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T19:30:00Z","end_timestamp":{"seconds":1723318200,"nanoseconds":0},"android_description":"The Bug Hunter's Methodology (TBHM) is a series of talks done by Jason exposing new advents in tools, tactics, and procedures used in web pentesting, bug bounty, and red teaming. In this talk, Jason will explore the mindset of approaching a hardened web target and how he breaks up finding vulnerabilities across its' stack. Many talks can teach you how to exploit a certain vulnerability, less can teach you how to find out where they are in complex pieces of software. TBHM also covers Jason's personal tips/tricks in the areas of automation, content discovery, javascript analysis, spidering, parameter analysis, functionality \"\"\"\"heatmapping\"\"\"\", and more. The DEF CON edition will not be recorded and will release some free cutting edge content usually only available in Jasons live courses!","updated_timestamp":{"seconds":1721438351,"nanoseconds":0},"speakers":[{"content_ids":[55717,55180],"conference_id":133,"event_ids":[55568,56223],"name":"Jason Haddix","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Arcanum Security","title":""}],"pronouns":null,"links":[{"description":"","title":"Twitter (@jhaddx)","sort_order":0,"url":"https://twitter.com/jhaddx"}],"media":[],"id":54822,"title":"Arcanum Security"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T01:19:11Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#the-bug-hunters-methodology-live---def-con-edition"}],"end":"2024-08-10T19:30:00.000-0000","id":55568,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54822}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-20T01:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Most of the Internet today is running on a legacy version of the Internet Protocol: IPv4. Despite of this, the number of engineers, especially in security, who know how to use IPv6 is relatively low. In this talk we take you through why today’s Internet does not live up to its original vision, take you back to the past to show you what the IPv4 Internet used to look like, and, through this, reveal the secrets that will allow you finally understand IPv6.\n\n\n\n","media":[],"title":"Introduction to IPv6","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:30:00Z","end_timestamp":{"seconds":1723314600,"nanoseconds":0},"android_description":"Most of the Internet today is running on a legacy version of the Internet Protocol: IPv4. Despite of this, the number of engineers, especially in security, who know how to use IPv6 is relatively low. In this talk we take you through why today’s Internet does not live up to its original vision, take you back to the past to show you what the IPv4 Internet used to look like, and, through this, reveal the secrets that will allow you finally understand IPv6.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54599],"conference_id":133,"event_ids":[54974],"name":"Denis Smajlović","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Nova","title":""}],"links":[],"pronouns":null,"media":[],"id":54287,"title":"Nova"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T18:30:00.000-0000","id":54974,"tag_ids":[46169,46385,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54287}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Dive into the art of phishing with QR codes! We'll cover the fundamentals of QR code phishing, revealing how these innocuous-looking images are used to deceive users into a false sense of legitimacy. After touching upon the basics, we'll explore creative tactics for obfuscating and hiding QR codes to ensure they reach their intended targets. As a sidetrack, we'll delve into how emails are rendered within the Outlook Mail Application and showcase some neat tricks that exploit its limitations for hiding QR codes from modern defensive solutions. Overall, the talk is intended to help testers up their QR code phishing game!\n\n\n","media":[],"title":"Evading Modern Defenses When Phishing with Pixels","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:30:00Z","end_timestamp":{"seconds":1723314600,"nanoseconds":0},"android_description":"Dive into the art of phishing with QR codes! We'll cover the fundamentals of QR code phishing, revealing how these innocuous-looking images are used to deceive users into a false sense of legitimacy. After touching upon the basics, we'll explore creative tactics for obfuscating and hiding QR codes to ensure they reach their intended targets. As a sidetrack, we'll delve into how emails are rendered within the Outlook Mail Application and showcase some neat tricks that exploit its limitations for hiding QR codes from modern defensive solutions. Overall, the talk is intended to help testers up their QR code phishing game!","updated_timestamp":{"seconds":1722713220,"nanoseconds":0},"speakers":[{"content_ids":[54598],"conference_id":133,"event_ids":[54973],"name":"Melvin Langvik","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Kovert AS","title":"Offensive Security Team Lead"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/melvinlnor/"},{"description":"","title":"Twitter (@Flangvik)","sort_order":0,"url":"https://twitter.com/Flangvik"}],"media":[],"id":54311,"title":"Offensive Security Team Lead at Kovert AS"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T19:27:00Z","links":[],"end":"2024-08-10T18:30:00.000-0000","id":54973,"tag_ids":[46169,46367,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54311}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-08-03T19:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A quarter million people die from Hepatitis C yearly, and it's getting worse. But for the first time in history there is a cure (not just a treatment) for a virus, and it is for Hepatitis C. Take one 400mg pill of Sofosbuvir every day for twelve weeks, and you will be free of the virus. The catch? Those pills are $1,000 USD apiece because the molecule is the so-called \"Intellectual Property\" of Gilead Pharmaceuticals, and they refuse to share. If you have $84,000 USD, Hep C is not your problem. We have developed a way to make the entire course of treatment for $300 USD. This methodology also applies to other diseases. Like any science, the method of manufacture of drugs can be replicated, and we are going to give you all the necessary tools and show you the process top-to-bottom. Watch it happen live, participate, and learn to do it yourself: Use our digital research assistant to help you navigate the scientific literature, get a chemical synthesis pathway, generate code for the the MicroLab to run, and watch the medicine form in the reaction chamber. Finally, press some tablets. The feds say saving a life this way is BioTerrorism. We say: So Be It.\n\n\n","media":[],"title":"Eradicating Hepatitis C With BioTerrorism","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"A quarter million people die from Hepatitis C yearly, and it's getting worse. But for the first time in history there is a cure (not just a treatment) for a virus, and it is for Hepatitis C. Take one 400mg pill of Sofosbuvir every day for twelve weeks, and you will be free of the virus. The catch? Those pills are $1,000 USD apiece because the molecule is the so-called \"Intellectual Property\" of Gilead Pharmaceuticals, and they refuse to share. If you have $84,000 USD, Hep C is not your problem. We have developed a way to make the entire course of treatment for $300 USD. This methodology also applies to other diseases. Like any science, the method of manufacture of drugs can be replicated, and we are going to give you all the necessary tools and show you the process top-to-bottom. Watch it happen live, participate, and learn to do it yourself: Use our digital research assistant to help you navigate the scientific literature, get a chemical synthesis pathway, generate code for the the MicroLab to run, and watch the medicine form in the reaction chamber. Finally, press some tablets. The feds say saving a life this way is BioTerrorism. We say: So Be It.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54498,54597],"conference_id":133,"event_ids":[54871,54972],"name":"Mixæl Swan Laufer","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Four Thieves Vinegar Collective","title":"Chief Spokesperson"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@MichaelSLaufer)","sort_order":0,"url":"https://twitter.com/MichaelSLaufer"},{"description":"","title":"fourthievesvinegar.org","sort_order":0,"url":"https://fourthievesvinegar.org"}],"media":[],"id":54090,"title":"Chief Spokesperson at Four Thieves Vinegar Collective"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":54972,"tag_ids":[46371,46419,46438,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":4,"person_id":54090}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"For the past 20+ years binary exploitation has been seen as the ultimate challenge and prize, when exploiting large applications and operating systems. During this period, the question of \"How much longer will we be able to do this?\" has been asked countless times, and with good reason. Memory safety and corruption issues with low-level languages have been an enormous challenge for OS and application developers. There are certainly efforts to move to \"safer\" languages such as Rust, but those languages need to mature a bit longer before they're able to stand up to the capabilities of a language like C++. \r\n\r\nThanks to exploit mitigations and memory protections, a large number of these vulnerabilities are not exploitable. There are the mature mitigations, such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR), and then newer ones such as Control-flow Enforcement Technology (CET) and Virtualization Based Security (VBS). A large number of these mitigations are not enabled by default on the Windows OS, due to the fact that many need to be tested to ensure they do not break production applications. In this presentation, we will take a technical dive into the state of binary exploitation and the effectiveness of the many available mitigations, by looking at the way they're enforced.\n\n\n","media":[],"title":"The Rise and Fall of Binary Exploitation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"For the past 20+ years binary exploitation has been seen as the ultimate challenge and prize, when exploiting large applications and operating systems. During this period, the question of \"How much longer will we be able to do this?\" has been asked countless times, and with good reason. Memory safety and corruption issues with low-level languages have been an enormous challenge for OS and application developers. There are certainly efforts to move to \"safer\" languages such as Rust, but those languages need to mature a bit longer before they're able to stand up to the capabilities of a language like C++. \r\n\r\nThanks to exploit mitigations and memory protections, a large number of these vulnerabilities are not exploitable. There are the mature mitigations, such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR), and then newer ones such as Control-flow Enforcement Technology (CET) and Virtualization Based Security (VBS). A large number of these mitigations are not enabled by default on the Windows OS, due to the fact that many need to be tested to ensure they do not break production applications. In this presentation, we will take a technical dive into the state of binary exploitation and the effectiveness of the many available mitigations, by looking at the way they're enforced.","updated_timestamp":{"seconds":1720377465,"nanoseconds":0},"speakers":[{"content_ids":[54484],"conference_id":133,"event_ids":[54857],"name":"Stephen Sims","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SANS Institute","title":"Fellow Instructor"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@Steph3nSims)","sort_order":0,"url":"https://twitter.com/Steph3nSims"},{"description":"","title":"YouTube","sort_order":0,"url":"https://www.youtube.com/offbyonesecurity"}],"media":[],"id":54053,"title":"Fellow Instructor at SANS Institute"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T18:37:45Z","links":[],"end":"2024-08-10T18:45:00.000-0000","id":54857,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54053}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-07T18:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk brings back from the dead an attack surface that security vendors believed they had addressed a long time ago. \r\n\r\nWe will introduce a novel and stealthy technique to apply malicious shims on a process that does not require registry modification or SDB files and leaves no traces on the disk. \r\n\r\nThe reverse engineering of the shim infrastructure will be shown while focusing on undocumented API and the kernel driver of the infrastructure. \r\n\r\nThe various operations offered by the infrastructure will be analyzed from an offensive point of view, and the course we took to achieve this unique technique will be presented.\r\n\r\nIn addition, we will unveil an attack surface research that resulted in a noteworthy attack that manipulates 2 different OS components into performing DLL injection and privilege escalation. \r\n\r\nResearching the undocumented RPC interfaces of the service OfficeClickToRun.exe uncovered a method that can inject a DLL into another process running as “NT AUTHORITY\\SYSTEM”, which achieves privilege escalation. For this to work, specific conditions had to be met. \r\n\r\nThe conditions we tailored will be displayed as we abuse the Opportunistic Lock and App Compatibility (shim) mechanisms.\r\n\r\n1. [link](https://learn.microsoft.com/en-us/windows/win32/fileio/opportunistic-locks)\r\n2. [link](https://learn.microsoft.com/en-us/windows/win32/devnotes/application-compatibility-database)\r\n3. [link](https://www.blackhat.com/docs/eu-15/materials/eu-15-Pierce-Defending-Against-Malicious-Application-Compatibility-Shims-wp.pdf)\r\n4. [link](https://www.blackhat.com/docs/asia-14/materials/Erickson/WP-Asia-14-Erickson-Persist-It-Using-And-Abusing-Microsofts-Fix-It-Patches.pdf)\r\n\n\n\n","media":[],"title":"SHIM me what you got - Manipulating Shim and Office for Code Injection","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"This talk brings back from the dead an attack surface that security vendors believed they had addressed a long time ago. \r\n\r\nWe will introduce a novel and stealthy technique to apply malicious shims on a process that does not require registry modification or SDB files and leaves no traces on the disk. \r\n\r\nThe reverse engineering of the shim infrastructure will be shown while focusing on undocumented API and the kernel driver of the infrastructure. \r\n\r\nThe various operations offered by the infrastructure will be analyzed from an offensive point of view, and the course we took to achieve this unique technique will be presented.\r\n\r\nIn addition, we will unveil an attack surface research that resulted in a noteworthy attack that manipulates 2 different OS components into performing DLL injection and privilege escalation. \r\n\r\nResearching the undocumented RPC interfaces of the service OfficeClickToRun.exe uncovered a method that can inject a DLL into another process running as “NT AUTHORITY\\SYSTEM”, which achieves privilege escalation. For this to work, specific conditions had to be met. \r\n\r\nThe conditions we tailored will be displayed as we abuse the Opportunistic Lock and App Compatibility (shim) mechanisms.\r\n\r\n1. [link](https://learn.microsoft.com/en-us/windows/win32/fileio/opportunistic-locks)\r\n2. [link](https://learn.microsoft.com/en-us/windows/win32/devnotes/application-compatibility-database)\r\n3. [link](https://www.blackhat.com/docs/eu-15/materials/eu-15-Pierce-Defending-Against-Malicious-Application-Compatibility-Shims-wp.pdf)\r\n4. [link](https://www.blackhat.com/docs/asia-14/materials/Erickson/WP-Asia-14-Erickson-Persist-It-Using-And-Abusing-Microsofts-Fix-It-Patches.pdf)","updated_timestamp":{"seconds":1720463062,"nanoseconds":0},"speakers":[{"content_ids":[54483],"conference_id":133,"event_ids":[54856],"name":"David Shandalov","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Deep Instinct","title":"Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/david-shan"},{"description":"","title":"Twitter (@DavidShandalov)","sort_order":0,"url":"https://x.com/DavidShandalov"}],"media":[],"id":54056,"title":"Security Researcher at Deep Instinct"},{"content_ids":[54483],"conference_id":133,"event_ids":[54856],"name":"Ron Ben-Yizhak","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Deep Instinct","title":"Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ron-by/"},{"description":"","title":"Twitter (@RonB_Y)","sort_order":0,"url":"https://twitter.com/RonB_Y"}],"media":[],"id":54179,"title":"Security Researcher at Deep Instinct"}],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:24:22Z","links":[],"end":"2024-08-10T18:45:00.000-0000","id":54856,"tag_ids":[46166,46169,46419,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54179},{"tag_id":46167,"sort_order":4,"person_id":54056}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-07-08T18:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Held every year since DEF CON 19 in 2011 (R.I.P. Riviera), (Except during that COVID thing - but we are not going to talk about that COVID thing), the DEF CON (unofficial) Beard and Mustache Contest highlights the intersection of facial hair and hacker culture.\r\n\r\nFor 2024 there will be four categories for the competition you may only enter one:\r\n- Full beard: Self-explanatory, for the truly bearded.\r\n- Partial Beard: For those sporting Van Dykes, Goatees, Mutton Chops, and other partial beard styles.\r\n- Mustache only: Judging on the mustache only, even if bearded. Bring your Handlebars, Fu Manchus, or whatever adorns your upper lip.\r\n- Freestyle: Anything goes, including fake and creatively adorned beards. Creative women often do well in the Freestyle category.\n\n\n","media":[{"hash_sha256":"c54a44eced8cd556db211f7e18b77490d4b50b6e1c79ddeb722a89b164b2dce9","filetype":"image/png","hash_md5":"33d6985f3218f5929114392fd8c13f7d","name":"ct_beard.png","is_logo":"Y","hash_crc32c":"345a5418","filesize":5846,"asset_id":626,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_beard.png"}],"title":"DEF CON 32 Beard and Mustache Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Held every year since DEF CON 19 in 2011 (R.I.P. Riviera), (Except during that COVID thing - but we are not going to talk about that COVID thing), the DEF CON (unofficial) Beard and Mustache Contest highlights the intersection of facial hair and hacker culture.\r\n\r\nFor 2024 there will be four categories for the competition you may only enter one:\r\n- Full beard: Self-explanatory, for the truly bearded.\r\n- Partial Beard: For those sporting Van Dykes, Goatees, Mutton Chops, and other partial beard styles.\r\n- Mustache only: Judging on the mustache only, even if bearded. Bring your Handlebars, Fu Manchus, or whatever adorns your upper lip.\r\n- Freestyle: Anything goes, including fake and creatively adorned beards. Creative women often do well in the Freestyle category.","updated_timestamp":{"seconds":1719554480,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T06:01:20Z","links":[{"label":"Twitter (@DCBeardContest)","type":"link","url":"https://twitter.com/DCBeardContest"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249368"},{"label":"More Info","type":"link","url":"https://dcbeard.net/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249369"}],"end":"2024-08-10T20:00:00.000-0000","id":54611,"tag_ids":[46427,46439,46492],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46334,"name":"LVCC - L1 - North Lobby Contests/ACK Stage","hotel":"","short_name":"North Lobby Contests/ACK Stage","id":46332},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-06-28T06:01:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ham radio is the original group of electronic hackers, starting long before computers, circuit chips, or even transistors. Continuing this pioneer spirit, The Ham Radio Village is offering free ham radio exams again at DEF CON! All are welcome to come and take the exam and get their amateur radio license upon passing. All three levels (technician, general, and amateur extra) of exams will be offered during DEF CON at the Ham Radio Village. Examinees are encouraged to study the question pool and take practice exams on ham.study.\r\n\r\nEverything we do today involves wireless communications of some sort, and a basic knowledge of how radio works is crucial. Getting your amateur radio license and entering the world of amateur radio will better equip you with knowledge about what goes on in the radio frequency domain, and this can be applied to other RF topics (like RFID credentials, WiFi, or anything else that communicated wirelessly)\n\n\n","media":[{"hash_sha256":"8121f8bfb8be2b701aea4941904ae7a178b8b90e84dd6cf786636abf65c33a38","filetype":"image/png","hash_md5":"d4129f6c22e4e172784f5759c4bb75d9","name":"pme_hamexams.png","is_logo":"Y","hash_crc32c":"ff2e55b6","filesize":31886,"asset_id":680,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_hamexams.png"}],"title":"Ham Radio Exams","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Ham radio is the original group of electronic hackers, starting long before computers, circuit chips, or even transistors. Continuing this pioneer spirit, The Ham Radio Village is offering free ham radio exams again at DEF CON! All are welcome to come and take the exam and get their amateur radio license upon passing. All three levels (technician, general, and amateur extra) of exams will be offered during DEF CON at the Ham Radio Village. Examinees are encouraged to study the question pool and take practice exams on ham.study.\r\n\r\nEverything we do today involves wireless communications of some sort, and a basic knowledge of how radio works is crucial. Getting your amateur radio license and entering the world of amateur radio will better equip you with knowledge about what goes on in the radio frequency domain, and this can be applied to other RF topics (like RFID credentials, WiFi, or anything else that communicated wirelessly)","updated_timestamp":{"seconds":1718812742,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T18:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T15:59:02Z","links":[{"label":"Website","type":"link","url":"https://hamvillage.org/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249512"},{"label":"Registration (Free)","type":"link","url":"https://ham.study/sessions/669069be6af12f90943be578/1"},{"label":"Twitter (@HamRadioVillage)","type":"link","url":"https://twitter.com/HamRadioVillage"}],"end":"2024-08-11T00:00:00.000-0000","id":54509,"tag_ids":[46365,46380],"village_id":null,"begin_timestamp":{"seconds":1723312800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W320","hotel":"","short_name":"W320","id":46299},"spans_timebands":"N","begin":"2024-08-10T18:00:00.000-0000","updated":"2024-06-19T15:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this workshop you will learn how to assemble and use the village badge, and how it can be used to solve challenges in the CTF\n\n\n","media":[],"title":"Introduction to the Payment Village badge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"In this workshop you will learn how to assemble and use the village badge, and how it can be used to solve challenges in the CTF","updated_timestamp":{"seconds":1722356300,"nanoseconds":0},"speakers":[{"content_ids":[55566,55567,55568],"conference_id":133,"event_ids":[56081,56082,56089,56091,56092],"name":"Leigh-Anne Galloway","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"UNDERLE LTD","title":"Director of Research"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/leighannegalloway/"},{"description":"","title":"Twitter (@L_Agalloway)","sort_order":0,"url":"https://twitter.com/L_Agalloway"}],"media":[],"id":56039,"title":"Director of Research at UNDERLE LTD"}],"begin_tsz":"2024-08-10T17:45:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T16:18:20Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":56091,"tag_ids":[46386,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723311900,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56039}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-10T17:45:00.000-0000","updated":"2024-07-30T16:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the modern world of cybersecurity threats, ransomware groups pose a significant challenge to organizations worldwide. This talk, tailored for cybersecurity students and professionals, delves into practical techniques for tracking and dismantling these elusive adversaries. Attendees will explore methods such as monitoring the latest ransomware attacks, engaging with ransomware blogs on the dark web, and reaching out to victims to gather firsthand insights into the operations of these malicious entities. By combining these strategies, participants will gain a comprehensive understanding of how to unmask and combat ransomware groups, bolstering their defenses against this pervasive threat.\n\n\n","media":[],"title":"Unmasking Shadows: Strategies on Hunting Ransomware Groups","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:30:00Z","end_timestamp":{"seconds":1723314600,"nanoseconds":0},"android_description":"In the modern world of cybersecurity threats, ransomware groups pose a significant challenge to organizations worldwide. This talk, tailored for cybersecurity students and professionals, delves into practical techniques for tracking and dismantling these elusive adversaries. Attendees will explore methods such as monitoring the latest ransomware attacks, engaging with ransomware blogs on the dark web, and reaching out to victims to gather firsthand insights into the operations of these malicious entities. By combining these strategies, participants will gain a comprehensive understanding of how to unmask and combat ransomware groups, bolstering their defenses against this pervasive threat.","updated_timestamp":{"seconds":1721495264,"nanoseconds":0},"speakers":[{"content_ids":[55198],"conference_id":133,"event_ids":[55588],"name":"R.J. McCarley","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Principal Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/rjmp/"}],"media":[],"id":55794,"title":"Principal Security Researcher"}],"begin_tsz":"2024-08-10T17:45:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T17:07:44Z","links":[],"end":"2024-08-10T18:30:00.000-0000","id":55588,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723311900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55794}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T17:45:00.000-0000","updated":"2024-07-20T17:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Are you getting stuck on solving ciphers in challenges? Not sure who or what Caesar is? What is \"polyalphabetic\" or \"transposition\"? Is this even relevant to modern day cryptography? Come on over for the Intro to Ciphers talk! Talk time: 5-15 minutes\n\n\n","media":[],"title":"CPV: Intro to Cyphers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:45:00Z","end_timestamp":{"seconds":1723311900,"nanoseconds":0},"android_description":"Are you getting stuck on solving ciphers in challenges? Not sure who or what Caesar is? What is \"polyalphabetic\" or \"transposition\"? Is this even relevant to modern day cryptography? Come on over for the Intro to Ciphers talk! Talk time: 5-15 minutes","updated_timestamp":{"seconds":1722725880,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T22:58:00Z","links":[],"end":"2024-08-10T17:45:00.000-0000","id":56622,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-08-03T22:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In today's volatile geopolitical landscape, the security of critical infrastructure—such as power grids, water supplies, and transportation systems—has never been more important. As global tensions rise, these vital systems increasingly become targets for cyber threats from state and non-state actors alike. This talk will delve into the evolving landscape of cyber threats targeting these essential services, highlighting notable attacks and their devastating impacts. We will explore the methodologies employed by malicious actors, including advanced persistent threats and ransomware, and examine real-world case studies to understand the stakes involved. The discussion will also cover the latest strategies and technologies for protecting critical infrastructure, emphasizing a defense-in-depth approach.\n\n\n","media":[],"title":"Protecting the Backbone of Our Modern World","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:30:00Z","end_timestamp":{"seconds":1723314600,"nanoseconds":0},"android_description":"In today's volatile geopolitical landscape, the security of critical infrastructure—such as power grids, water supplies, and transportation systems—has never been more important. As global tensions rise, these vital systems increasingly become targets for cyber threats from state and non-state actors alike. This talk will delve into the evolving landscape of cyber threats targeting these essential services, highlighting notable attacks and their devastating impacts. We will explore the methodologies employed by malicious actors, including advanced persistent threats and ransomware, and examine real-world case studies to understand the stakes involved. The discussion will also cover the latest strategies and technologies for protecting critical infrastructure, emphasizing a defense-in-depth approach.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55968],"conference_id":133,"event_ids":[56584],"name":"Soledad Antelada Toledano","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Google -Office of the CISO"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/soledad-antelada-toledano/"},{"description":"","title":"Twitter (@girlscanhack)","sort_order":0,"url":"https://twitter.com/girlscanhack?lang=en"}],"media":[],"id":56304,"title":"Google -Office of the CISO"}],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-10T18:30:00.000-0000","id":56584,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56304}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Recent advancements in drone technology are opening new opportunities and applications in various industries across all domains. Drones are quickly becoming integrated into our everyday lives for commercial and recreational use like many IoT devices; however, these advancements also present new cybersecurity challenges as drones grow in popularity. This talk provides an introduction to drone security covering the core components of drone technology (e.g., hardware, software, firmware, and communication protocols), cybersecurity risks and mitigations, and cybersecurity best practices for drone operations. Attendees will gain an understanding of drone systems and important security measures that help protect these devices (and its operators) from emerging and evolving threats.\n\n\n","media":[],"title":"Introduction to Drone Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T18:30:00Z","end_timestamp":{"seconds":1723314600,"nanoseconds":0},"android_description":"Recent advancements in drone technology are opening new opportunities and applications in various industries across all domains. Drones are quickly becoming integrated into our everyday lives for commercial and recreational use like many IoT devices; however, these advancements also present new cybersecurity challenges as drones grow in popularity. This talk provides an introduction to drone security covering the core components of drone technology (e.g., hardware, software, firmware, and communication protocols), cybersecurity risks and mitigations, and cybersecurity best practices for drone operations. Attendees will gain an understanding of drone systems and important security measures that help protect these devices (and its operators) from emerging and evolving threats.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55834],"conference_id":133,"event_ids":[56384],"name":"Hahna Kane Latonick","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56195}],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T18:30:00.000-0000","id":56384,"tag_ids":[46366,46734],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56195}],"tags":"","conference_id":133,"location":{"parent_id":46259,"name":"LVCC - L1 - HW2-07-02 (Aerospace) - Workshops","hotel":"","short_name":"Workshops","id":46476},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"An introduction to Digital Forensics: Part2\n\n\nThis is Part 2 of the Blue Team Village developed 101 tutorial series. This tutorial, which will be delivered in two parts, covers Digital Forensics basics. If you have ever been interested in Digital Forensics this series is a great place to start learning. The tutorials will cover the basics, and helps answer many of the questions regarding Digital Forensics and it's use in modern day digital investigations.","media":[],"title":"Obsidian: Forensics 101 Part 2","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"An introduction to Digital Forensics: Part2\n\n\nThis is Part 2 of the Blue Team Village developed 101 tutorial series. This tutorial, which will be delivered in two parts, covers Digital Forensics basics. If you have ever been interested in Digital Forensics this series is a great place to start learning. The tutorials will cover the basics, and helps answer many of the questions regarding Digital Forensics and it's use in modern day digital investigations.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55753,55748],"conference_id":133,"event_ids":[56278,56272],"name":"Sarthak Taneja","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56145}],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":56272,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56145}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In-Person Contest\r\nFriday and Saturday: 10:30-18:00\r\nCTF begins Friday 10:30; CTF ends Saturday 18:00\r\n\r\nThe Blue Team Village (BTV) CTF is a cyber defense Capture the Flag inspired by a mix of trending nation-state actor kill chains and at least one custom insider threat story. You are an incident responder tasked to investigate several incidents involving different operating systems and OT devices. You will have access to SIEM and Packet captures; however, just like in real life, these tools have issues you must overcome to uncover what happened.\r\n\r\nExpect indexes to telemetry issues, raw data not extracted properly, and missing fields. Regex may be helpful. In addition, Arkime, the network monitoring tool, will only work partially and correctly. You must find ways to make the best of the telemetry provided, and remember that you can always extract the resulting pcaps!\r\n\r\nThe CTF challenges contestants to leverage diverse cyber defense skills, including Incident Response, Forensics, and Threat Hunting. Both host and network telemetry are required to solve all the flags.\r\n\r\nBTV’s Project Obsidian crew developed the CTF to allow anyone, regardless of skill or knowledge, to participate and sharpen their cyber defense skills. We recommend creating or joining a team if you are new to cyber defense. We highly recommend participating in the BTV’s Project Obsidian workshop sessions if you are new to cyber defense. Sessions cover many of the topics on the CTF and will help you along the way.\n\n\n","media":[],"title":"Blue Team Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"In-Person Contest\r\nFriday and Saturday: 10:30-18:00\r\nCTF begins Friday 10:30; CTF ends Saturday 18:00\r\n\r\nThe Blue Team Village (BTV) CTF is a cyber defense Capture the Flag inspired by a mix of trending nation-state actor kill chains and at least one custom insider threat story. You are an incident responder tasked to investigate several incidents involving different operating systems and OT devices. You will have access to SIEM and Packet captures; however, just like in real life, these tools have issues you must overcome to uncover what happened.\r\n\r\nExpect indexes to telemetry issues, raw data not extracted properly, and missing fields. Regex may be helpful. In addition, Arkime, the network monitoring tool, will only work partially and correctly. You must find ways to make the best of the telemetry provided, and remember that you can always extract the resulting pcaps!\r\n\r\nThe CTF challenges contestants to leverage diverse cyber defense skills, including Incident Response, Forensics, and Threat Hunting. Both host and network telemetry are required to solve all the flags.\r\n\r\nBTV’s Project Obsidian crew developed the CTF to allow anyone, regardless of skill or knowledge, to participate and sharpen their cyber defense skills. We recommend creating or joining a team if you are new to cyber defense. We highly recommend participating in the BTV’s Project Obsidian workshop sessions if you are new to cyber defense. Sessions cover many of the topics on the CTF and will help you along the way.","updated_timestamp":{"seconds":1722310974,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:42:54Z","links":[{"label":"More Info","type":"link","url":"https://www.blueteamvillage.org/ctf"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249405"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249404"}],"end":"2024-08-11T01:00:00.000-0000","id":56056,"tag_ids":[46373,46427,46439,46756],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W311-W313 (BTV)","hotel":"","short_name":"W311-W313 (BTV)","id":46296},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-07-30T03:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Terraform is a leading Infrastructure as Code (IaC) solution. It empowers developers to create custom providers for provisioning a wide array of infrastructure resources. Terraform provider functions as binary files on the server and interacts with terraform binary through RPC communication during terraform run. These providers, running as binary files on the Terraform server, enable developers to build custom functions that could be exploited to gain unauthorised access, potentially compromising the Terraform server, and exposing sensitive credentials and data.\n\nIn this talk, we'll explore the inner workings of custom provider modules and how their functions can be leveraged to exploit vulnerabilities in Terraform Enterprise. We will also cover developing a custom provider and utilities the same for gaining access to the terraform server extracting the cloud credentials. We will also present various architectural solutions around TFE and best practices for minimising these attack vectors. Furthermore, the session will provide actionable steps for assessing the security posture of custom providers to ensure a robust defence.\n\n\n","media":[],"title":"Terraform Unleashed: Crafting Custom Provider Exploits for Ultimate Control","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:10:00Z","end_timestamp":{"seconds":1723313400,"nanoseconds":0},"android_description":"Terraform is a leading Infrastructure as Code (IaC) solution. It empowers developers to create custom providers for provisioning a wide array of infrastructure resources. Terraform provider functions as binary files on the server and interacts with terraform binary through RPC communication during terraform run. These providers, running as binary files on the Terraform server, enable developers to build custom functions that could be exploited to gain unauthorised access, potentially compromising the Terraform server, and exposing sensitive credentials and data.\n\nIn this talk, we'll explore the inner workings of custom provider modules and how their functions can be leveraged to exploit vulnerabilities in Terraform Enterprise. We will also cover developing a custom provider and utilities the same for gaining access to the terraform server extracting the cloud credentials. We will also present various architectural solutions around TFE and best practices for minimising these attack vectors. Furthermore, the session will provide actionable steps for assessing the security posture of custom providers to ensure a robust defence.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55489],"conference_id":133,"event_ids":[55918],"name":"Alex Foley","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56008},{"content_ids":[55489],"conference_id":133,"event_ids":[55918],"name":"Rupali","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"rupali0405","sort_order":0,"url":"https://rupali0405"}],"media":[],"id":56009}],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-10T18:10:00.000-0000","id":55918,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56008},{"tag_id":46167,"sort_order":4,"person_id":56009}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"RF CTF Kick Off Day 2","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:25:00Z","end_timestamp":{"seconds":1723314300,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55443,55453,55461],"conference_id":133,"event_ids":[55868,55878,55886],"name":"RF Hackers","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@rfhackers"},{"description":"","title":"Website","sort_order":0,"url":"https://rfhackers.com/"}],"media":[],"id":55982}],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-10T18:25:00.000-0000","id":55878,"tag_ids":[46390,46511,46742],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55982}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"To make RFID access badges vendors in China have created eink badges where instead of printing a badge out you instead program the eink portion of the badge with an smartphone app and then program the RFID portion. At this time the ones that are sold are either black and white or black and white and red. There is no security implemented so all you need to do is download the app to reprogram the front of the badge. This makes anyone able to reprogram both the front and back of the badge.\n\n\n","media":[],"title":"Psychic Paper: Making eink access badges accessible for anyone","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:15:00Z","end_timestamp":{"seconds":1723313700,"nanoseconds":0},"android_description":"To make RFID access badges vendors in China have created eink badges where instead of printing a badge out you instead program the eink portion of the badge with an smartphone app and then program the RFID portion. At this time the ones that are sold are either black and white or black and white and red. There is no security implemented so all you need to do is download the app to reprogram the front of the badge. This makes anyone able to reprogram both the front and back of the badge.","updated_timestamp":{"seconds":1720396471,"nanoseconds":0},"speakers":[{"content_ids":[54596],"conference_id":133,"event_ids":[54971],"name":"Joshua Herman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@zitterbewegung)","sort_order":0,"url":"https://twitter.com/zitterbewegung"}],"media":[],"id":54234}],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T23:54:31Z","links":[],"end":"2024-08-10T18:15:00.000-0000","id":54971,"tag_ids":[46383,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54234}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-07-07T23:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Years ago, when I started working at the NSA, I said to myself, now I can see what’s really happening and what needs to be done to address our adversaries and put an end to cybercrime. Well, I was sure wrong. I worked in a few different offices and participated in hundreds of operations, only to find frustration time and time again. What happened? What was it that we just couldn’t put our finger on? Yes, we were successful in addressing criminal activity. Yes, we could successfully negotiate the contested cyberspace domain. But adversarial activity kept popping up on our radar. It was Whack-A-Mole 2.0. \r\n\r\nWas it the technologies we used? No, we had state-of-the-art capabilities. Was there a lack of technical training amongst operators? No, again, taxpayers coughed up plenty, and they got their money’s worth. I concluded that it was strategy; it was philosophy. Sure, we had all the technical capabilities in the world, but we were using everything wrong. \r\n\r\nI was in the Information Warfare Support Center. We were supposed to know what to do and how to do it! So, I started studying not only traditional but contemporary philosophy as well. I gained access to curricula in China, Russia, and the USA. This presentation informs the attendees of the adversarial philosophy taught in the military academies in China and Russia, which is taken from their curricula and papers published in various journals and practice today.\r\n\n\n\n","media":[],"title":"Tough Adversary? Don’t Blame Sun Tzu","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"Years ago, when I started working at the NSA, I said to myself, now I can see what’s really happening and what needs to be done to address our adversaries and put an end to cybercrime. Well, I was sure wrong. I worked in a few different offices and participated in hundreds of operations, only to find frustration time and time again. What happened? What was it that we just couldn’t put our finger on? Yes, we were successful in addressing criminal activity. Yes, we could successfully negotiate the contested cyberspace domain. But adversarial activity kept popping up on our radar. It was Whack-A-Mole 2.0. \r\n\r\nWas it the technologies we used? No, we had state-of-the-art capabilities. Was there a lack of technical training amongst operators? No, again, taxpayers coughed up plenty, and they got their money’s worth. I concluded that it was strategy; it was philosophy. Sure, we had all the technical capabilities in the world, but we were using everything wrong. \r\n\r\nI was in the Information Warfare Support Center. We were supposed to know what to do and how to do it! So, I started studying not only traditional but contemporary philosophy as well. I gained access to curricula in China, Russia, and the USA. This presentation informs the attendees of the adversarial philosophy taught in the military academies in China and Russia, which is taken from their curricula and papers published in various journals and practice today.","updated_timestamp":{"seconds":1720393845,"nanoseconds":0},"speakers":[{"content_ids":[54557],"conference_id":133,"event_ids":[54932],"name":"Gregory Carpenter","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"KnowledgeBridge International","title":"CSO"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/gcarpenter-cso-kbi/"},{"description":"","title":"Twitter (@gscarp12)","sort_order":0,"url":"https://twitter.com/gscarp12"}],"media":[],"id":54342,"title":"CSO at KnowledgeBridge International"}],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T23:10:45Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":54932,"tag_ids":[46367,46419,46511,46512,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54342}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-07-07T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"It's the holiday season and all through the air,\r\n\r\nMessages arrive, not with joy, but despair.\r\n\r\nA sinister plot unfolds, a digital dance,\r\n\r\nSmishing scammers striking, a threat to enhance.\r\n\r\nThis past holiday season saw a dramatic rise in SMS phishing (smishing) messages, specifically targeting people pretending to be the USPS. Almost everyone in the United States received one of these messages using a kit sold by the ‘Smishing Triad’. While many of us knew these were scams many more did not, including someone close to me.\r\n\r\nI knew I had to do something about it once I started receiving these texts myself. With my focus in web application testing, I immediately took interest in these smishing kits and how I could exploit them. After a thorough review, some collaboration with other researchers, and a little reverse engineering I was able to find two vulnerabilities in the scammer’s kits allowing me to login to the admin panels.\r\n\r\nUsing this I have been able to recover over 390k distinct credit cards that the scammers had gathered using over 40 admin panels and well over 900 unique domains. Along with this was info on the scammers themselves like login IPs, usernames, and some cracked passwords they use.\r\n\r\nThis talk will cover the technical details of how I reverse engineered this kit, found these vulnerabilities, and collected the victim and admin data for each of these sites.\r\n\r\nMy Blog:\r\n\r\n[link](https://blog.smithsecurity.biz/systematic-destruction-hacking-the-scammers-pt.-2)\r\n[link](https://blog.smithsecurity.biz/hacking-the-scammers)\r\n\n\n\n","media":[],"title":"Smishing Smackdown: Unraveling the Threads of USPS Smishing and Fighting Back","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T18:15:00Z","end_timestamp":{"seconds":1723313700,"nanoseconds":0},"android_description":"It's the holiday season and all through the air,\r\n\r\nMessages arrive, not with joy, but despair.\r\n\r\nA sinister plot unfolds, a digital dance,\r\n\r\nSmishing scammers striking, a threat to enhance.\r\n\r\nThis past holiday season saw a dramatic rise in SMS phishing (smishing) messages, specifically targeting people pretending to be the USPS. Almost everyone in the United States received one of these messages using a kit sold by the ‘Smishing Triad’. While many of us knew these were scams many more did not, including someone close to me.\r\n\r\nI knew I had to do something about it once I started receiving these texts myself. With my focus in web application testing, I immediately took interest in these smishing kits and how I could exploit them. After a thorough review, some collaboration with other researchers, and a little reverse engineering I was able to find two vulnerabilities in the scammer’s kits allowing me to login to the admin panels.\r\n\r\nUsing this I have been able to recover over 390k distinct credit cards that the scammers had gathered using over 40 admin panels and well over 900 unique domains. Along with this was info on the scammers themselves like login IPs, usernames, and some cracked passwords they use.\r\n\r\nThis talk will cover the technical details of how I reverse engineered this kit, found these vulnerabilities, and collected the victim and admin data for each of these sites.\r\n\r\nMy Blog:\r\n\r\n[link](https://blog.smithsecurity.biz/systematic-destruction-hacking-the-scammers-pt.-2)\r\n[link](https://blog.smithsecurity.biz/hacking-the-scammers)","updated_timestamp":{"seconds":1720463073,"nanoseconds":0},"speakers":[{"content_ids":[54482],"conference_id":133,"event_ids":[54855],"name":"S1nn3r","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Twitter (@S1n1st3rSecuri1)","sort_order":0,"url":"https://twitter.com/S1n1st3rSecuri1"},{"description":"","title":"blog.smithsecurity.biz/","sort_order":0,"url":"https://blog.smithsecurity.biz/"}],"media":[],"id":54096}],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:24:33Z","links":[],"end":"2024-08-10T18:15:00.000-0000","id":54855,"tag_ids":[46166,46419,46880],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54096}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-07-08T18:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In recent years, web cache attacks have become a popular way to steal sensitive data, deface websites, and deliver exploits. We've also seen parser inconsistencies causing critical vulnerabilities like HTTP Request Smuggling. This raises the question: what happens if we attack web caches' URL-parsers? \r\n\r\nIn this session, I'll introduce two powerful new techniques that exploit RFC ambiguities to bypass the limitations of web cache deception and poisoning attacks.\r\n\r\nFirst, I'll introduce Static Path Deception, a novel technique to completely compromise the confidentiality of an application. I’ll illustrate this with a case study showing how such a breach can be replicated in environments like Nginx behind Cloudflare.\r\n\r\nNext, I'll present Cache Key Confusion, and show how to exploit URL parsing inconsistencies in major platforms, including Microsoft Azure Cloud. I’ll then show how to achieve arbitrary cache poisoning and full denial of service.\r\n\r\nFinally, I'll reveal how to supercharge these vulnerabilities with a live demo that blends Cache Key Confusion with a “non-exploitable” open redirect to execute arbitrary JS code for complete site takeover.\r\n\r\nAttendees will depart armed with a set of innovative techniques, along with a definitive methodology to find and exploit these and other URL or HTTP discrepancies.\r\n\r\nWeb Cache Deception Attack - Omer Gil\r\n[link](https://www.blackhat.com/docs/us-17/wednesday/us-17-Gil-Web-Cache-Deception-Attack-wp.pdf)\r\n\r\nThis is the first time Web Cache Deception attacks were introduced and worked as a starting point for my research.\r\n\r\nWeb Cache Entanglement: Novel Pathways to Poisoning - James Kettle\r\n[link](https://portswigger.net/research/web-cache-entanglement)\r\n\r\nThis research worked as an inspiration to develop the cache poisoning techniques. I also used this paper to outline the state of the art in web cache exploitation and create a different approach using parser discrepancies.\r\n\r\nCached and confused: Web cache deception in the wild - Seyed Ali Mirheidari, Sajjad Arshad, Kaan Onarlioglu, Bruno Crispo, Engin Kirda and William Robertson.\r\n[link](https://www.usenix.org/system/files/sec20-mirheidari.pdf)\r\n\r\nThe web cache deception techniques using delimiters for path confusion were inspired by the 2020 USENIX presentation “Cached and confused: Web cache deception in the wild”. In that presentation, they briefly describe some variations of path confusion using four encoded characters. Although the objective of their paper was to show a large-scale study of web cache deception vulnerabilities in the wild, it also introduced the use of delimiters for path confusion. In my presentation I'll expand on this concept, providing a methodology to find all the delimiters used by a URL parser and explaining how to use them in new exploitation techniques.\r\n\r\nChatGPT Account Takeover - Wildcard Web Cache Deception - Harel Security Research\r\n[link](https://nokline.github.io/bugbounty/2024/02/04/ChatGPT-ATO.html)\r\n\r\nAlso, during the time this research was being conducted, a vulnerability using a single variation of one of the techniques (Static Path Confusion) was published as a write up.\r\n\n\n\n","media":[],"title":"Gotta Cache ‘em all: bending the rules of web cache exploitation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T18:15:00Z","end_timestamp":{"seconds":1723313700,"nanoseconds":0},"android_description":"In recent years, web cache attacks have become a popular way to steal sensitive data, deface websites, and deliver exploits. We've also seen parser inconsistencies causing critical vulnerabilities like HTTP Request Smuggling. This raises the question: what happens if we attack web caches' URL-parsers? \r\n\r\nIn this session, I'll introduce two powerful new techniques that exploit RFC ambiguities to bypass the limitations of web cache deception and poisoning attacks.\r\n\r\nFirst, I'll introduce Static Path Deception, a novel technique to completely compromise the confidentiality of an application. I’ll illustrate this with a case study showing how such a breach can be replicated in environments like Nginx behind Cloudflare.\r\n\r\nNext, I'll present Cache Key Confusion, and show how to exploit URL parsing inconsistencies in major platforms, including Microsoft Azure Cloud. I’ll then show how to achieve arbitrary cache poisoning and full denial of service.\r\n\r\nFinally, I'll reveal how to supercharge these vulnerabilities with a live demo that blends Cache Key Confusion with a “non-exploitable” open redirect to execute arbitrary JS code for complete site takeover.\r\n\r\nAttendees will depart armed with a set of innovative techniques, along with a definitive methodology to find and exploit these and other URL or HTTP discrepancies.\r\n\r\nWeb Cache Deception Attack - Omer Gil\r\n[link](https://www.blackhat.com/docs/us-17/wednesday/us-17-Gil-Web-Cache-Deception-Attack-wp.pdf)\r\n\r\nThis is the first time Web Cache Deception attacks were introduced and worked as a starting point for my research.\r\n\r\nWeb Cache Entanglement: Novel Pathways to Poisoning - James Kettle\r\n[link](https://portswigger.net/research/web-cache-entanglement)\r\n\r\nThis research worked as an inspiration to develop the cache poisoning techniques. I also used this paper to outline the state of the art in web cache exploitation and create a different approach using parser discrepancies.\r\n\r\nCached and confused: Web cache deception in the wild - Seyed Ali Mirheidari, Sajjad Arshad, Kaan Onarlioglu, Bruno Crispo, Engin Kirda and William Robertson.\r\n[link](https://www.usenix.org/system/files/sec20-mirheidari.pdf)\r\n\r\nThe web cache deception techniques using delimiters for path confusion were inspired by the 2020 USENIX presentation “Cached and confused: Web cache deception in the wild”. In that presentation, they briefly describe some variations of path confusion using four encoded characters. Although the objective of their paper was to show a large-scale study of web cache deception vulnerabilities in the wild, it also introduced the use of delimiters for path confusion. In my presentation I'll expand on this concept, providing a methodology to find all the delimiters used by a URL parser and explaining how to use them in new exploitation techniques.\r\n\r\nChatGPT Account Takeover - Wildcard Web Cache Deception - Harel Security Research\r\n[link](https://nokline.github.io/bugbounty/2024/02/04/ChatGPT-ATO.html)\r\n\r\nAlso, during the time this research was being conducted, a vulnerability using a single variation of one of the techniques (Static Path Confusion) was published as a write up.","updated_timestamp":{"seconds":1720463092,"nanoseconds":0},"speakers":[{"content_ids":[54481,55173],"conference_id":133,"event_ids":[55561,54854],"name":"Martin Doyhenard","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Portswigger","title":"Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@tincho_508)","sort_order":0,"url":"https://twitter.com/tincho_508"}],"media":[],"id":54190,"title":"Security Researcher at Portswigger"}],"begin_tsz":"2024-08-10T17:30:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:24:52Z","links":[],"end":"2024-08-10T18:15:00.000-0000","id":54854,"tag_ids":[46166,46169,46419,46437,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723311000,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54190}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-10T17:30:00.000-0000","updated":"2024-07-08T18:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Welcome to Day 2 of the 11th CPV at DEF CON! A brief overview of the state of the village, talks for the day, plus what's available at the village and what's gone, we might actually run out of friendship bracelet supplies this time around…\n\n\n","media":[],"title":"CPV: Day 2 Welcome","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:30:00Z","end_timestamp":{"seconds":1723311000,"nanoseconds":0},"android_description":"Welcome to Day 2 of the 11th CPV at DEF CON! A brief overview of the state of the village, talks for the day, plus what's available at the village and what's gone, we might actually run out of friendship bracelet supplies this time around…","updated_timestamp":{"seconds":1722725863,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:25:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T22:57:43Z","links":[],"end":"2024-08-10T17:30:00.000-0000","id":56621,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723310700,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-10T17:25:00.000-0000","updated":"2024-08-03T22:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this workshop, you’ll learn to write BadUSB scripts to hack computers using a cute, cat-shaped hacking tool called the USB Nugget. You’ll learn to write scripts to get computers of any operating system to do your bidding in seconds, and also how to automate nearly any desired action remotely. If you want to learn scripting like the USB Rubber Ducky, but with a Wi-Fi interface and more, this workshop is for you! A computer with Google Chrome is required for this workshop.\n\n\n","media":[],"title":"Learn BadUSB Hacking With the USB Nugget","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"In this workshop, you’ll learn to write BadUSB scripts to hack computers using a cute, cat-shaped hacking tool called the USB Nugget. You’ll learn to write scripts to get computers of any operating system to do your bidding in seconds, and also how to automate nearly any desired action remotely. If you want to learn scripting like the USB Rubber Ducky, but with a Wi-Fi interface and more, this workshop is for you! A computer with Google Chrome is required for this workshop.","updated_timestamp":{"seconds":1722645221,"nanoseconds":0},"speakers":[{"content_ids":[55930,55931,55932,55933,55934,55935,55936,55937,55938,55939],"conference_id":133,"event_ids":[56521,56522,56523,56524,56525,56526,56527,56528,56529,56530],"name":"Kody K","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56287}],"begin_tsz":"2024-08-10T17:15:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:41Z","links":[{"label":"Purchase/Pre-Register","type":"link","url":"https://retia.io/products/learn-bad-usb-hacking-with-the-usb-nugget"}],"end":"2024-08-10T18:45:00.000-0000","id":56525,"tag_ids":[46383,46429,46734],"village_id":null,"begin_timestamp":{"seconds":1723310100,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56287}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:15:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Over the last 36 months, the cybersecurity landscape has evolved with unprecedented complexity, marked by ransomware, supply chain attacks, zero-days, remote work challenges, and more. Amid mass layoffs and pervasive mental burnout, organizations face daunting tasks in defending against escalating cyber threats. Layoffs exacerbate the skills gap, leaving teams stretched thin. Mental burnout hampers practitioners' abilities. In this talk, we'll explore the impacts of recent and chart a path forward for application security. As a lone AppSec professional, your choices will shape the future. Will you navigate through complexity or become lost in redundant complications?\n\n\n","media":[],"title":"Navigating the Cyber Security Labyrinth: Choose Your Own Security Adventure?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:55:00Z","end_timestamp":{"seconds":1723312500,"nanoseconds":0},"android_description":"Over the last 36 months, the cybersecurity landscape has evolved with unprecedented complexity, marked by ransomware, supply chain attacks, zero-days, remote work challenges, and more. Amid mass layoffs and pervasive mental burnout, organizations face daunting tasks in defending against escalating cyber threats. Layoffs exacerbate the skills gap, leaving teams stretched thin. Mental burnout hampers practitioners' abilities. In this talk, we'll explore the impacts of recent and chart a path forward for application security. As a lone AppSec professional, your choices will shape the future. Will you navigate through complexity or become lost in redundant complications?","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55701],"conference_id":133,"event_ids":[56232],"name":"punkcoder","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56121}],"begin_tsz":"2024-08-10T17:15:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T17:55:00.000-0000","id":56232,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723310100,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56121}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T17:15:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Find out how to participate in the Payment Village CTF\n\n\n","media":[],"title":"Introduction to Payment Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:20:00Z","end_timestamp":{"seconds":1723310400,"nanoseconds":0},"android_description":"Find out how to participate in the Payment Village CTF","updated_timestamp":{"seconds":1722356274,"nanoseconds":0},"speakers":[{"content_ids":[55566,55567,55568],"conference_id":133,"event_ids":[56081,56082,56089,56091,56092],"name":"Leigh-Anne Galloway","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"UNDERLE LTD","title":"Director of Research"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/leighannegalloway/"},{"description":"","title":"Twitter (@L_Agalloway)","sort_order":0,"url":"https://twitter.com/L_Agalloway"}],"media":[],"id":56039,"title":"Director of Research at UNDERLE LTD"}],"begin_tsz":"2024-08-10T17:15:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T16:17:54Z","links":[],"end":"2024-08-10T17:20:00.000-0000","id":56092,"tag_ids":[46386,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723310100,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56039}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-10T17:15:00.000-0000","updated":"2024-07-30T16:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Voting Village Opening Remarks","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:45:00Z","end_timestamp":{"seconds":1723311900,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723212565,"nanoseconds":0},"speakers":[{"content_ids":[56200,56182,56192],"conference_id":133,"event_ids":[56836,56846,56854],"name":"Catherine Terranova","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/catherine-terranova-8b209826a"},{"description":"","title":"Twitter (@catlovesvoting)","sort_order":0,"url":"https://twitter.com/catlovesvoting"},{"description":"","title":"Website","sort_order":0,"url":"https://votingvillage.org"}],"media":[],"id":56563},{"content_ids":[56182,56193,56192],"conference_id":133,"event_ids":[56836,56846,56847],"name":"Harri Hursti","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/hhursti"},{"description":"","title":"Twitter (@harrihursti)","sort_order":0,"url":"https://twitter.com/harrihursti"},{"description":"","title":"Website","sort_order":0,"url":"https://votingvillage.org"}],"media":[],"id":56570},{"content_ids":[56182,56192],"conference_id":133,"event_ids":[56836,56846],"name":"Matt Blaze","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@mattblaze)","sort_order":0,"url":"https://twitter.com/mattblaze"},{"description":"","title":"Website","sort_order":0,"url":"https://votingvillage.org"}],"media":[],"id":56577}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T14:09:25Z","links":[],"end":"2024-08-10T17:45:00.000-0000","id":56846,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56563},{"tag_id":46167,"sort_order":4,"person_id":56570},{"tag_id":46167,"sort_order":6,"person_id":56577}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-09T14:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Physical Security Village explores the world of hardware bypasses and techniques generally outside of the realm of cyber-security and lockpicking. Come learn some of these bypasses, how to fix them, and have the opportunity to try them out for yourself. \r\n\r\nWe’ll be covering the basics, like the under-the-door-tool and latch slipping attacks, as well as an in depth look at more complicated bypasses. Learn about elevator hacking, attacking alarm systems at the sensor and communication line, and cut-away and display models of common hardware to show how it works on the inside. \r\n\r\nLooking for a challenge? Show us you can use lock bypass to escape from a pair of standard handcuffs in under 30 seconds and receive a prize!\n\n\n","media":[],"title":"Physical Security Village Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The Physical Security Village explores the world of hardware bypasses and techniques generally outside of the realm of cyber-security and lockpicking. Come learn some of these bypasses, how to fix them, and have the opportunity to try them out for yourself. \r\n\r\nWe’ll be covering the basics, like the under-the-door-tool and latch slipping attacks, as well as an in depth look at more complicated bypasses. Learn about elevator hacking, attacking alarm systems at the sensor and communication line, and cut-away and display models of common hardware to show how it works on the inside. \r\n\r\nLooking for a challenge? Show us you can use lock bypass to escape from a pair of standard handcuffs in under 30 seconds and receive a prize!","updated_timestamp":{"seconds":1723044549,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T15:29:09Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56820,"tag_ids":[46387,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-07T15:29:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"ARPA-H accelerates better health outcomes for everyone by supporting the development of high-impact solutions to society's most challenging health problems. Join us in discussing why strong cybersecurity security is a critical piece of healthcare innovation and how ARPA-H is enabling this through the AIxCC, DIGIHEALS, and UPGRADE programs.\n\n\n","media":[],"title":"Securing Health Care: AIxCC, DIGIHEALS, and UPGRADE","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:45:00Z","end_timestamp":{"seconds":1723311900,"nanoseconds":0},"android_description":"ARPA-H accelerates better health outcomes for everyone by supporting the development of high-impact solutions to society's most challenging health problems. Join us in discussing why strong cybersecurity security is a critical piece of healthcare innovation and how ARPA-H is enabling this through the AIxCC, DIGIHEALS, and UPGRADE programs.","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[54533,55322,56132],"conference_id":133,"event_ids":[55714,56775,54906],"name":"Andrew Carney","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DARPA AI Cyber Challenge (AIxCC)","title":"Program Manager"},{"organization":"Advanced Research Projects Agency for Health (ARPA-H)","title":"Program Manager"}],"pronouns":null,"links":[{"description":"","title":"ARPA-H Profile","sort_order":0,"url":"https://arpa-h.gov/about/people/andrew-carney"}],"media":[],"id":54106,"title":"Program Manager at Advanced Research Projects Agency for Health (ARPA-H)"},{"content_ids":[56132],"conference_id":133,"event_ids":[56775],"name":"Dr. Jennifer Roberts, PhD","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ARPA-H","title":"Office Director of Resilient Systems"}],"pronouns":"she/her","links":[{"description":"","title":"ARPA-H Profile","sort_order":0,"url":"https://arpa-h.gov/about/people/jennifer-roberts"}],"media":[],"id":56521,"title":"Office Director of Resilient Systems at ARPA-H"},{"content_ids":[56132],"conference_id":133,"event_ids":[56775],"name":"Dr. Susan Coller Monarez, PhD","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ARPA-H","title":"Deputy Director"}],"pronouns":null,"links":[{"description":"","title":"ARPA-H Profile","sort_order":0,"url":"https://arpa-h.gov/about/people/susan-monarez"}],"media":[],"id":56522,"title":"Deputy Director at ARPA-H"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-10T17:45:00.000-0000","id":56775,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56521},{"tag_id":46167,"sort_order":4,"person_id":56522},{"tag_id":46167,"sort_order":6,"person_id":54106}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In addition to the CTF and talks which are elsewhere on the schedule, the RF Village is also a place to hang out and chat with like minded folks who share your interests.\n\n\n","media":[],"title":"Radio Frequency Village Events","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"In addition to the CTF and talks which are elsewhere on the schedule, the RF Village is also a place to hang out and chat with like minded folks who share your interests.","updated_timestamp":{"seconds":1722874415,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-05T16:13:35Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56767,"tag_ids":[46390,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-05T16:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"To celebrate DEF CON 32, the Hardware Hacking Village (HHV) is hosting a Rube Goldberg Machine (RGM) Event! This idea has been kicking around the HHV volunteer circle in one shape or another since at least DEF CON 20, so it’s about time that it happened! The goal is to create a series of devices that combine to form an end-to-end Rube Goldberg machine for transmitting messages. The hope is that all sorts of creative devices will be connected up to each other to move bits through various complicated and fun analog/digital methods. Ideas have ranged from simply wiring RX to TX — to using radios to bounce the message off the moon!\n\n\n","media":[],"title":"HHV Rube Goldberg Machine","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"To celebrate DEF CON 32, the Hardware Hacking Village (HHV) is hosting a Rube Goldberg Machine (RGM) Event! This idea has been kicking around the HHV volunteer circle in one shape or another since at least DEF CON 20, so it’s about time that it happened! The goal is to create a series of devices that combine to form an end-to-end Rube Goldberg machine for transmitting messages. The hope is that all sorts of creative devices will be connected up to each other to move bits through various complicated and fun analog/digital methods. Ideas have ranged from simply wiring RX to TX — to using radios to bounce the message off the moon!","updated_timestamp":{"seconds":1722821818,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-05T01:36:58Z","links":[{"label":"More Info","type":"link","url":"https://dchhv.org/events/hhv_rgb.html"}],"end":"2024-08-11T01:00:00.000-0000","id":56762,"tag_ids":[46381,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-05T01:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you have never participated in a Robo Sumo event before, welcome to the crowd! There are a number of resources online on this topic. We are lucky enough to have Pololu as a local resource. Their office is a short distance from the strip. They have have robots and parts to make robots. They can ship to your hotel if desired. Put something together and bring it down to show off and shove other bots around.\r\n\r\nPlease follow the \"more info\" link if you would like to know more.\n\n\n","media":[],"title":"Robo Sumo","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"If you have never participated in a Robo Sumo event before, welcome to the crowd! There are a number of resources online on this topic. We are lucky enough to have Pololu as a local resource. Their office is a short distance from the strip. They have have robots and parts to make robots. They can ship to your hotel if desired. Put something together and bring it down to show off and shove other bots around.\r\n\r\nPlease follow the \"more info\" link if you would like to know more.","updated_timestamp":{"seconds":1722821775,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-05T01:36:15Z","links":[{"label":"More Info","type":"link","url":"https://dchhv.org/events/robosumo.html"}],"end":"2024-08-11T01:00:00.000-0000","id":56760,"tag_ids":[46381,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-05T01:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Hardware Hacking and Soldering Skills Village Open (HHV-SSV)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722822007,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-05T01:40:07Z","links":[{"label":"Website","type":"link","url":"https://dchhv.org"}],"end":"2024-08-11T01:00:00.000-0000","id":56758,"tag_ids":[46381,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-05T01:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Welcome to the inaugural GameHacking.GG @ DEF CON 32, where gaming and cybersecurity intersect in exciting and interactive ways. Our mission is to delve into various aspects of game security, fostering an environment of exploration, play, and learning. The DEFCON32 event is constructed to make game security accessible and playable at all skill levels. \r\n\r\nAt the Game Hacking DEF CON 32 event, participants can engage in activities ranging from modding games to exploring the intricacies of memory hacking and multiplayer cheats. In future iterations of the event we hope to expand to learning about game malware and maybe even some hardware hacks. Whether you're a beginner or an experienced hacker, we will have presentations and activities to challenge your skills.\r\n\r\nBe part of the evolution of game security. Dive into our activities, engage with other game hackers, and explore opportunities to contribute to and support the Game Hacking Community. Let’s play, learn, exploit, and perhaps even profit.\n\n\n","media":[],"title":"Game Hacking Community Activities & CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Welcome to the inaugural GameHacking.GG @ DEF CON 32, where gaming and cybersecurity intersect in exciting and interactive ways. Our mission is to delve into various aspects of game security, fostering an environment of exploration, play, and learning. The DEFCON32 event is constructed to make game security accessible and playable at all skill levels. \r\n\r\nAt the Game Hacking DEF CON 32 event, participants can engage in activities ranging from modding games to exploring the intricacies of memory hacking and multiplayer cheats. In future iterations of the event we hope to expand to learning about game malware and maybe even some hardware hacks. Whether you're a beginner or an experienced hacker, we will have presentations and activities to challenge your skills.\r\n\r\nBe part of the evolution of game security. Dive into our activities, engage with other game hackers, and explore opportunities to contribute to and support the Game Hacking Community. Let’s play, learn, exploit, and perhaps even profit.","updated_timestamp":{"seconds":1722815557,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-04T23:52:37Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56753,"tag_ids":[46402,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-03","hotel":"","short_name":"HW4-01-03","id":46275},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-04T23:52:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Lonely Hackers Club is conducting some meshtastic activities during DEF CON 32. \r\n\r\nThe Lonely Hackers Club is hosting a CTF over Meshtastic. To participate you will need a Meshtastic node. There will be additional flags located in or near the LHC room. For more information check out our [Meshtastic page](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Getting Started\r\n\r\nLearn more [here](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Default LongFast Mesh + LHC Channel, Use before DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CgcSAQE6AgggChcSEMSWXxEzf_LVVi5jI8UQhWUaA2xoYxIMCAE4AUADSAFQHmgB)\r\n\r\n## DEFCONnect ShortFast Mesh + LHC Channel, Use during DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CjISIDhLvMAdwCLRgb82uGEh4fuWty5Vv3Qifp1q-0jWTLGhGgpERUZDT05uZWN0OgIIDQoXEhDEll8RM3_y1VYuYyPFEIVlGgNsaGMSEQgBEAY4AUADSAFQHmgBwAYB)\r\n\n\n\n","media":[],"title":"LHC Meshtastic Activities and CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Lonely Hackers Club is conducting some meshtastic activities during DEF CON 32. \r\n\r\nThe Lonely Hackers Club is hosting a CTF over Meshtastic. To participate you will need a Meshtastic node. There will be additional flags located in or near the LHC room. For more information check out our [Meshtastic page](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Getting Started\r\n\r\nLearn more [here](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Default LongFast Mesh + LHC Channel, Use before DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CgcSAQE6AgggChcSEMSWXxEzf_LVVi5jI8UQhWUaA2xoYxIMCAE4AUADSAFQHmgB)\r\n\r\n## DEFCONnect ShortFast Mesh + LHC Channel, Use during DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CjISIDhLvMAdwCLRgb82uGEh4fuWty5Vv3Qifp1q-0jWTLGhGgpERUZDT05uZWN0OgIIDQoXEhDEll8RM3_y1VYuYyPFEIVlGgNsaGMSEQgBEAY4AUADSAFQHmgBwAYB)","updated_timestamp":{"seconds":1722875831,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-05T16:37:11Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56749,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-05T16:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"\"Tamper-evident\" refers to a physical security technology that provides evidence of tampering (access, damage, repair, or replacement) to determine authenticity or integrity of a container or object(s). In practical terms, this can be a piece of tape that closes an envelope, a plastic detainer that secures a hasp, or an ink used to identify a legitimate document. Tamper-evident technologies are often confused with \"tamper resistant\" or \"tamper proof\" technologies which attempt to prevent tampering in the first place. Referred to individually as \"seals,\" many tamper technologies are easy to destroy, but a destroyed (or missing) seal would provide evidence of tampering! The goal of the TEV is to teach attendees how these technologies work and how many can be tampered with without leaving evidence.\r\n\r\nThe Tamper-Evident Village includes the following contests and events:\r\n\r\n- The Box; an electronic tamper challenge. An extremely realistic explosive with traps, alarms, and a timer ticking down. One mistake and BOOM, you're dead. Make every second count! Sign ups on-site when the TEV begins.\r\n- Tamper-Evident King of the Hill; a full-featured tamper challenge. Tamper single items at your leisure and attempt to beat the current best. There can be only ONE! No sign ups required, play on-site when the TEV begins.\r\n- Badge Counterfeiting Contest; submit your best forgery of a DEF CON human badge. Other target badges are also available for those looking for more counterfeit fun!\r\n- For your viewing pleasure, collections of high-security tamper-evident seals from around the world.\r\n- Presentations & demonstrations on various aspects of tamper-evident seals and methods to defeat them.\r\n- Hands-on fun with adhesive seals, mechanical seals, envelopes, and evidence bags.\n\n\n","media":[],"title":"Tamper Evident Village Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"\"Tamper-evident\" refers to a physical security technology that provides evidence of tampering (access, damage, repair, or replacement) to determine authenticity or integrity of a container or object(s). In practical terms, this can be a piece of tape that closes an envelope, a plastic detainer that secures a hasp, or an ink used to identify a legitimate document. Tamper-evident technologies are often confused with \"tamper resistant\" or \"tamper proof\" technologies which attempt to prevent tampering in the first place. Referred to individually as \"seals,\" many tamper technologies are easy to destroy, but a destroyed (or missing) seal would provide evidence of tampering! The goal of the TEV is to teach attendees how these technologies work and how many can be tampered with without leaving evidence.\r\n\r\nThe Tamper-Evident Village includes the following contests and events:\r\n\r\n- The Box; an electronic tamper challenge. An extremely realistic explosive with traps, alarms, and a timer ticking down. One mistake and BOOM, you're dead. Make every second count! Sign ups on-site when the TEV begins.\r\n- Tamper-Evident King of the Hill; a full-featured tamper challenge. Tamper single items at your leisure and attempt to beat the current best. There can be only ONE! No sign ups required, play on-site when the TEV begins.\r\n- Badge Counterfeiting Contest; submit your best forgery of a DEF CON human badge. Other target badges are also available for those looking for more counterfeit fun!\r\n- For your viewing pleasure, collections of high-security tamper-evident seals from around the world.\r\n- Presentations & demonstrations on various aspects of tamper-evident seals and methods to defeat them.\r\n- Hands-on fun with adhesive seals, mechanical seals, envelopes, and evidence bags.","updated_timestamp":{"seconds":1722801725,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-04T20:02:05Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56746,"tag_ids":[46394,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-04T20:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AppSec Village is proud to present our DEF CON Contest in partnership with SecDim.\r\n\r\nUnlike a typical CTF, this contest rewards the players who fix security vulnerabilities. You can choose between secure coding challenges or competing against other players in an Attack & Defence AppSec challenge, where you need to secure your app before being given a chance to hack other players’ apps 😈.\r\n\r\nYou can also develop your own AppSec challenge by following challenge contribution guidelines. All approved challenges will be hosted during AppSec Village @ DEF CON.\r\n\r\nThere are two categories of winners:\r\n- The player with the highest total points by the end of the event (August 11 at 12:00 PM PDT)\r\n- The best-contributed challenge submission\r\n\r\nThe Award Ceremony will be held at 12:45 PM PDT in the AppSec Village on August 11.\n\n\n","media":[],"title":"Fix the Flag Wargame","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T00:30:00Z","end_timestamp":{"seconds":1723336200,"nanoseconds":0},"android_description":"AppSec Village is proud to present our DEF CON Contest in partnership with SecDim.\r\n\r\nUnlike a typical CTF, this contest rewards the players who fix security vulnerabilities. You can choose between secure coding challenges or competing against other players in an Attack & Defence AppSec challenge, where you need to secure your app before being given a chance to hack other players’ apps 😈.\r\n\r\nYou can also develop your own AppSec challenge by following challenge contribution guidelines. All approved challenges will be hosted during AppSec Village @ DEF CON.\r\n\r\nThere are two categories of winners:\r\n- The player with the highest total points by the end of the event (August 11 at 12:00 PM PDT)\r\n- The best-contributed challenge submission\r\n\r\nThe Award Ceremony will be held at 12:45 PM PDT in the AppSec Village on August 11.","updated_timestamp":{"seconds":1722783756,"nanoseconds":0},"speakers":[{"content_ids":[55726],"conference_id":133,"event_ids":[56630,56631,56234],"name":"Harley Wilson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56118}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-04T15:02:36Z","links":[],"end":"2024-08-11T00:30:00.000-0000","id":56630,"tag_ids":[46370,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56118}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV CTF","hotel":"","short_name":"ASV CTF","id":46471},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-04T15:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The S.O.D.A. Machine Experience:\r\n\r\nImagine being at DEF CON, eager to dive into some serious hacking without being tethered to your laptop. The Shell On Demand Appliance is here to enhance your experience by providing access to anonymous virtual machine using cold hard cash. \r\n\r\nWhat is the Shell On Demand Appliance?\r\n\r\nThe S.O.D.A. machine is now located in the contest area at the DEF CON Scavenger Hunt booth, offering virtual machines accessible via the DEF CON network. A blend of hardware, software, art, and hacking, using recycled materials to create a sustainable tech experience. The built-in datacenter connects directly to the DEF CON network. Insert cash or coins into the machine to get started, the system deploys the VM to the network, and a receipt with your login credentials is printed. Users receive login credentials to access their virtual machine via remote shell. You can change the password, install tools and applications, and customize the VM to suit your needs. The updated system now provides secure access from anywhere in the world through a web browser or standard SSH client. Be sure to check out the BBS too!\r\n\r\nSupporting the Cause:\r\n\r\nAll proceeds from the S.O.D.A. Machine benefit the National Upcycled Computing Collective, Inc., a 501(c)(3) nonprofit organization dedicated to advancing research and education in computer science, technology, and engineering. Contributions are welcome at [https://www.paypal.com/paypalme/NUCC](https://www.paypal.com/paypalme/NUCC).\n\n\n","media":[],"title":"Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The S.O.D.A. Machine Experience:\r\n\r\nImagine being at DEF CON, eager to dive into some serious hacking without being tethered to your laptop. The Shell On Demand Appliance is here to enhance your experience by providing access to anonymous virtual machine using cold hard cash. \r\n\r\nWhat is the Shell On Demand Appliance?\r\n\r\nThe S.O.D.A. machine is now located in the contest area at the DEF CON Scavenger Hunt booth, offering virtual machines accessible via the DEF CON network. A blend of hardware, software, art, and hacking, using recycled materials to create a sustainable tech experience. The built-in datacenter connects directly to the DEF CON network. Insert cash or coins into the machine to get started, the system deploys the VM to the network, and a receipt with your login credentials is printed. Users receive login credentials to access their virtual machine via remote shell. You can change the password, install tools and applications, and customize the VM to suit your needs. The updated system now provides secure access from anywhere in the world through a web browser or standard SSH client. Be sure to check out the BBS too!\r\n\r\nSupporting the Cause:\r\n\r\nAll proceeds from the S.O.D.A. Machine benefit the National Upcycled Computing Collective, Inc., a 501(c)(3) nonprofit organization dedicated to advancing research and education in computer science, technology, and engineering. Contributions are welcome at [https://www.paypal.com/paypalme/NUCC](https://www.paypal.com/paypalme/NUCC).","updated_timestamp":{"seconds":1722781910,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-04T14:31:50Z","links":[{"label":"Mastodon (@soda@defcon.social)","type":"link","url":"https://defcon.social/@soda"},{"label":"Twitter (@ShellsOnDemand)","type":"link","url":"https://twitter.com/ShellsOnDemand"}],"end":"2024-08-11T01:00:00.000-0000","id":56628,"tag_ids":[46362,46427],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-02","hotel":"","short_name":"HW4-03-02","id":46369},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-04T14:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Adversarial AI: Disrupting Artificial Intelligence with Style","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722715708,"nanoseconds":0},"speakers":[{"content_ids":[54623,55698,55989],"conference_id":133,"event_ids":[56611,56229,54997],"name":"Chloé Messdaghi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"HiddenLayer","title":"Head of Threat Intelligence"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@ChloeMessdaghi)","sort_order":0,"url":"https://twitter.com/ChloeMessdaghi"}],"media":[],"id":54278,"title":"Head of Threat Intelligence at HiddenLayer"},{"content_ids":[54623,55878,55698,55989],"conference_id":133,"event_ids":[56611,56229,56463,54997],"name":"Kasimir Schulz","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"HiddenLayer","title":"Principal Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@abraxus7331)","sort_order":0,"url":"https://twitter.com/abraxus7331"}],"media":[],"id":54282,"title":"Principal Security Researcher at HiddenLayer"},{"content_ids":[55989],"conference_id":133,"event_ids":[56611],"name":"Sebastian Cesario","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"CTO & Co Founder, BforeAI","title":""}],"links":[],"pronouns":null,"media":[],"id":56326,"title":"CTO & Co Founder, BforeAI"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T20:08:28Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":56611,"tag_ids":[46367,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54278},{"tag_id":46167,"sort_order":4,"person_id":56326},{"tag_id":46167,"sort_order":6,"person_id":54282}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T20:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This area will feature guided breach simulation exercises for participants to engage with. There will be two activities, \"Breach-the-Hospital\" and \"Breach-the-Office,\" based on two LEGO sets. A simulated cyber range will be available for each scenario, providing an exact replica of an enterprise production environment. We will provide a detailed walkthrough of the attack scenarios, including Tools-Techniques-and-Procedures (TTPs) commands and how-to guides, demonstrating how to atatck and breach the hospital's infrastructure or the office environment. This exercise will give participants a clear understanding of how adversaries infiltrate corporate environments.\n\n\n","media":[],"title":"Hands-on Attack and Breach Simulation exercises","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"This area will feature guided breach simulation exercises for participants to engage with. There will be two activities, \"Breach-the-Hospital\" and \"Breach-the-Office,\" based on two LEGO sets. A simulated cyber range will be available for each scenario, providing an exact replica of an enterprise production environment. We will provide a detailed walkthrough of the attack scenarios, including Tools-Techniques-and-Procedures (TTPs) commands and how-to guides, demonstrating how to atatck and breach the hospital's infrastructure or the office environment. This exercise will give participants a clear understanding of how adversaries infiltrate corporate environments.","updated_timestamp":{"seconds":1722714024,"nanoseconds":0},"speakers":[{"content_ids":[55981,55982,55983,55994],"conference_id":133,"event_ids":[56597,56598,56599,56600,56601,56602,56603,56604,56605,56616],"name":"Adversary Village Crew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56320}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T19:40:24Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56604,"tag_ids":[46367,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56320}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV Hands-on Area","hotel":"","short_name":"ADV Hands-on Area","id":46478},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T19:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Adversary Simulator booth is a volunteer assisted activity, which has hands-on adversary emulation plans and exercises specific to a wide variety of threat-actors; these are meant to provide the participants with a better understanding of adversarial attack emulation. The booth will be hosting a simulated environment meant to recreate enterprise infrastructure, operational technology environment, which serves targets for various attack simulations.The hands-on simulator booth also hosts an activity, which would need the participants to generate their own adversary emulation plans to assess the efficacy of the defense systems based on publicly available cyber threat intelligence.\n\n\n","media":[],"title":"Adversary simulator and purple teaming hands-on booth","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Adversary Simulator booth is a volunteer assisted activity, which has hands-on adversary emulation plans and exercises specific to a wide variety of threat-actors; these are meant to provide the participants with a better understanding of adversarial attack emulation. The booth will be hosting a simulated environment meant to recreate enterprise infrastructure, operational technology environment, which serves targets for various attack simulations.The hands-on simulator booth also hosts an activity, which would need the participants to generate their own adversary emulation plans to assess the efficacy of the defense systems based on publicly available cyber threat intelligence.","updated_timestamp":{"seconds":1722713994,"nanoseconds":0},"speakers":[{"content_ids":[55981,55982,55983,55994],"conference_id":133,"event_ids":[56597,56598,56599,56600,56601,56602,56603,56604,56605,56616],"name":"Adversary Village Crew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56320}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T19:39:54Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56602,"tag_ids":[46367,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56320}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV Hands-on Area","hotel":"","short_name":"ADV Hands-on Area","id":46478},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T19:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Adversary Adventure is a Choose-Your-Own-Adventure model interactive table-top exercise game, where everyone can participate and choose various tasks. The participants can choose to play as an attacker who performs adversarial activities against a target, a defender who deals with a potential breach, as a CISO who is managing a ransomware attack, or even as management executives going through a table-top exercise.\n\n\n","media":[],"title":"Adversary-Adventure Table-top Game","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Adversary Adventure is a Choose-Your-Own-Adventure model interactive table-top exercise game, where everyone can participate and choose various tasks. The participants can choose to play as an attacker who performs adversarial activities against a target, a defender who deals with a potential breach, as a CISO who is managing a ransomware attack, or even as management executives going through a table-top exercise.","updated_timestamp":{"seconds":1722714013,"nanoseconds":0},"speakers":[{"content_ids":[55981,55982,55983,55994],"conference_id":133,"event_ids":[56597,56598,56599,56600,56601,56602,56603,56604,56605,56616],"name":"Adversary Village Crew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56320}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T19:40:13Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56600,"tag_ids":[46367,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56320}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV Hands-on Area","hotel":"","short_name":"ADV Hands-on Area","id":46478},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T19:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Caso de estudio sobre como se realizo el pentest de una Chapa inteligente que se pretendía utilizar en la Fascia de cajeros automáticos, al final, se logro encontrar una vulnerabilidad que ponía en riesgo la apertura de cualquier chapa perteneciente a la empresa fabricante, ya que las llaves AES que utiliza se podía extraer por medio de una vulnerabilidad IDOR. Con la información obtenida de llaves, y con información de logs de su app móvil permiten entender como se implementaba el algoritmo de encripcion. Finalmente se creo un BOT en telegram el cual resolviera los challenges que solicitaba la chapa para poder realizar la apertura. La Metodologia utilizada para el análisis no es nueva, se baso en el trabajo de presentaciones DEFCON anteriores, por lo que referencias a esos trabajo estaran incluidos en la presentación, la intención principal de la platica es que sirva como guía para el futuro análisis de este tipo de dispositivos.\n\n\n","media":[],"title":"Case Study: Hacking Smart Lock For Fun and Profit","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:30:00Z","end_timestamp":{"seconds":1723311000,"nanoseconds":0},"android_description":"Caso de estudio sobre como se realizo el pentest de una Chapa inteligente que se pretendía utilizar en la Fascia de cajeros automáticos, al final, se logro encontrar una vulnerabilidad que ponía en riesgo la apertura de cualquier chapa perteneciente a la empresa fabricante, ya que las llaves AES que utiliza se podía extraer por medio de una vulnerabilidad IDOR. Con la información obtenida de llaves, y con información de logs de su app móvil permiten entender como se implementaba el algoritmo de encripcion. Finalmente se creo un BOT en telegram el cual resolviera los challenges que solicitaba la chapa para poder realizar la apertura. La Metodologia utilizada para el análisis no es nueva, se baso en el trabajo de presentaciones DEFCON anteriores, por lo que referencias a esos trabajo estaran incluidos en la presentación, la intención principal de la platica es que sirva como guía para el futuro análisis de este tipo de dispositivos.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55967],"conference_id":133,"event_ids":[56583],"name":"Cesar Ortega Ortega","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Total Cyber-Sec - Cyber Security Consultant"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/cesar-ortega-298243173/"},{"description":"","title":"Twitter (@blackv0x45)","sort_order":0,"url":"https://x.com/blackv0x45"},{"description":"","title":"Website","sort_order":0,"url":"https://www.buymeacoffee.com/blackv0x45"}],"media":[],"id":56303,"title":"Total Cyber-Sec - Cyber Security Consultant"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-10T17:30:00.000-0000","id":56583,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56303}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is when you can go visit our awesome vendors. \r\n\r\nWe don't know which they will be accepting cash vs cards. That's up to each organization, and we do not have a list.\r\n\r\nWe also don't know if/when vendors will sell out of anything they may be selling.\n\n\n","media":[],"title":"Vendors and Exhibitors Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"This is when you can go visit our awesome vendors. \r\n\r\nWe don't know which they will be accepting cash vs cards. That's up to each organization, and we do not have a list.\r\n\r\nWe also don't know if/when vendors will sell out of anything they may be selling.","updated_timestamp":{"seconds":1722692937,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T13:48:57Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56571,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T13:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this interactive exercise, you'll learn how to talk to chips on a board via SPI, extract a firmware image, and analyze it to find vulnerabilities. Take your hardware hacking skills to the next level\n\n\n","media":[],"title":"Firmware Extraction and Analysis","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"In this interactive exercise, you'll learn how to talk to chips on a board via SPI, extract a firmware image, and analyze it to find vulnerabilities. Take your hardware hacking skills to the next level","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56551,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"With Google Cast Miracast or AirPlay smart TVs now have plenty of ways to get your favorite content on screen. But while the latest show is playing there is a complex system running underneath that is ripe for hacking. Bitdefender invites you to solve a few challenges that will get you diving into the inner workings of a smart TV.\n\n\n","media":[],"title":"Hack My TV","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"With Google Cast Miracast or AirPlay smart TVs now have plenty of ways to get your favorite content on screen. But while the latest show is playing there is a complex system running underneath that is ripe for hacking. Bitdefender invites you to solve a few challenges that will get you diving into the inner workings of a smart TV.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56549,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Rapid7 is back with more hands-on hardware hacking exercises. This year we will be guiding attendees through several exercises gaining root access for control and extraction of firmware and file system data. From TFTP kernel images over the network to single user mode access via modification of U-Boot. These exercises will guide you through the process of importing a kernel image over the network and executing it in memory for root access, along with understanding embedded device flash memory layout and how to transfer firmware images over the network for offline testing.  Also, we will walk through placing the IoT device in single user mode for root access and then rebuild the structure and needed drivers to bring the IoT embedded system out of single user mode for full access.\n\n\n","media":[],"title":"Hands-On Hardware Hacking – From Console to Root, Manipulating and Controlling a Protected System","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Rapid7 is back with more hands-on hardware hacking exercises. This year we will be guiding attendees through several exercises gaining root access for control and extraction of firmware and file system data. From TFTP kernel images over the network to single user mode access via modification of U-Boot. These exercises will guide you through the process of importing a kernel image over the network and executing it in memory for root access, along with understanding embedded device flash memory layout and how to transfer firmware images over the network for offline testing.  Also, we will walk through placing the IoT device in single user mode for root access and then rebuild the structure and needed drivers to bring the IoT embedded system out of single user mode for full access.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56547,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"How to get started, two steps\n\n Download the GE Appliances SmartHQ App “SmartHQ” available on the Google Play and iOS Stores to your mobile phone\n Create your GE Appliances Account to commission the appliance, connecting the appliance to your account. The app will walk you through this step.\n\nRouter Name SSID: HackAway\nRouter Name Password: With GEA\n\nIn-Scope: Only communications between the appliance, GE Appliances SmartHQ App, and the cloud connection for the appliance\n\nPlease leave your contact information and we will be in touch! Or you may visit our security webpage by typing “GEAppliances.com/security” into your Internet browser. We have a call center and PSIRT team ready to hear your questions!\n\n\n","media":[],"title":"Hardware Hacking GE Appliances","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"How to get started, two steps\n\n Download the GE Appliances SmartHQ App “SmartHQ” available on the Google Play and iOS Stores to your mobile phone\n Create your GE Appliances Account to commission the appliance, connecting the appliance to your account. The app will walk you through this step.\n\nRouter Name SSID: HackAway\nRouter Name Password: With GEA\n\nIn-Scope: Only communications between the appliance, GE Appliances SmartHQ App, and the cloud connection for the appliance\n\nPlease leave your contact information and we will be in touch! Or you may visit our security webpage by typing “GEAppliances.com/security” into your Internet browser. We have a call center and PSIRT team ready to hear your questions!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56545,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn the trade secrets of elite embedded security researchers and exploit developers. This hands-on workshop equips you with the QEMU and GDB skills needed to emulate and debug embedded system processes.\n\nFriday, August 9th / Saturday, August 10th\n\n 10:00 am - QEMU Primer\n 11:00 am - QEMU Emulation\n 2:00 pm - Debugging with QEMU and GDB\n 3:00 pm - Q&A for Workshops\n\n\n","media":[],"title":"Inside the Toolkit of Elite Embedded Security Experts - Hands-On Workshop: QEMU & GDB for Embedded Systems Analysis","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Learn the trade secrets of elite embedded security researchers and exploit developers. This hands-on workshop equips you with the QEMU and GDB skills needed to emulate and debug embedded system processes.\n\nFriday, August 9th / Saturday, August 10th\n\n 10:00 am - QEMU Primer\n 11:00 am - QEMU Emulation\n 2:00 pm - Debugging with QEMU and GDB\n 3:00 pm - Q&A for Workshops","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56543,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join Finite State live on the Tech Done Different Podcast live at 2:30 on the 9th with host Ted Harrington. Finite State and ISE will be discussing all things DEF CON 32 and the state of IoT security. This will be a live recording!\n\n\n","media":[],"title":"IoT Security at DEF CON 32","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Join Finite State live on the Tech Done Different Podcast live at 2:30 on the 9th with host Ted Harrington. Finite State and ISE will be discussing all things DEF CON 32 and the state of IoT security. This will be a live recording!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56541,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The IoT Village Hacking Playground is a set of hands-on labs developed to teach the tools and techniques for discovering and exploiting some of the common weaknesses found in IoT devices in just a few minutes. Work at your own pace following our IoT Hacking guides and if you get stuck, our instructors are on hand to provide assistance and answer any questions.\n\n\n","media":[],"title":"IoT Village Hacking Playground","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The IoT Village Hacking Playground is a set of hands-on labs developed to teach the tools and techniques for discovering and exploiting some of the common weaknesses found in IoT devices in just a few minutes. Work at your own pace following our IoT Hacking guides and if you get stuck, our instructors are on hand to provide assistance and answer any questions.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56539,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Defeat the Keysight CTF challenge for a chance to win a Riscuberry IoT hacking training kit with Riscure Academy online training. See one of the Keysight staff for details. LIGHT THE BEACONS and show us the flag!\n\n\n","media":[],"title":"Keysight CTF Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Defeat the Keysight CTF challenge for a chance to win a Riscuberry IoT hacking training kit with Riscure Academy online training. See one of the Keysight staff for details. LIGHT THE BEACONS and show us the flag!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56537,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join Drew Green, John Rodriguez, and Ken Pyle for a deep dive into identifying vulnerabilities in network devices. Explore and exploit weaknesses in a wireless mesh network and learn how advanced threats view your infrastructure.\n\n\n","media":[],"title":"Living off the Land inside your WiFi : Exploring and Exploiting Access Points and Routers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Join Drew Green, John Rodriguez, and Ken Pyle for a deep dive into identifying vulnerabilities in network devices. Explore and exploit weaknesses in a wireless mesh network and learn how advanced threats view your infrastructure.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[{"content_ids":[55300,55927],"conference_id":133,"event_ids":[56518,56535,55690,56536],"name":"John Rodriguez","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55853},{"content_ids":[55927],"conference_id":133,"event_ids":[56518,56535,56536],"name":"Drew Green","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56288},{"content_ids":[55927],"conference_id":133,"event_ids":[56518,56535,56536],"name":"Ken Pyle","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56289}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56535,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56288},{"tag_id":46167,"sort_order":4,"person_id":55853},{"tag_id":46167,"sort_order":6,"person_id":56289}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Intuit R3DC0N's Phisherman's Wharf will lead beginners looking to learn how phishing campaigns are managed. This short introductory lab will give you hands on experience creating a phish test campaign from a cached email and web site using GoPhish, leverage email lists, and observe the responses when the victims interact with the phish emails in MailHog.\n\nAccompanied by our expert guide, witness live hacking demonstrations showcasing the alarming simplicity behind breaching and controlling banned xIoT devices. Embrace the excitement. Join us at the Lab and let the hacking games begin!\n\n\n","media":[],"title":"Phisherman's Wharf - Phishing for Beginners","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Intuit R3DC0N's Phisherman's Wharf will lead beginners looking to learn how phishing campaigns are managed. This short introductory lab will give you hands on experience creating a phish test campaign from a cached email and web site using GoPhish, leverage email lists, and observe the responses when the victims interact with the phish emails in MailHog.\n\nAccompanied by our expert guide, witness live hacking demonstrations showcasing the alarming simplicity behind breaching and controlling banned xIoT devices. Embrace the excitement. Join us at the Lab and let the hacking games begin!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56533,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hack a (not-so) smart safe and win prizes from TCM Security! Attendees will be guided through a hands-on lab that demonstrates common tools and techniques to unpack and analyze firmware, hunt for files of interest, and reverse engineer binaries and libraries. In addition, you will learn how to trace functionality in IoT devices to their underlying binaries and libraries and further reverse engineer these to hunt for common vulnerabilities. By using these techniques, you will be able to find the vulnerable section of code in the smart safe and craft an exploit that will allow you to access the safe and win the loot inside.\n\n\n","media":[],"title":"Safe Hacking","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Hack a (not-so) smart safe and win prizes from TCM Security! Attendees will be guided through a hands-on lab that demonstrates common tools and techniques to unpack and analyze firmware, hunt for files of interest, and reverse engineer binaries and libraries. In addition, you will learn how to trace functionality in IoT devices to their underlying binaries and libraries and further reverse engineer these to hunt for common vulnerabilities. By using these techniques, you will be able to find the vulnerable section of code in the smart safe and craft an exploit that will allow you to access the safe and win the loot inside.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56531,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Do you have questions about what DEF CON Groups are? Do you need help finding a group near you? Feel free to come ask. Or, just come up and hang out.\n\n\n","media":[],"title":"DEF CON Groups - Open for questions and hanging out","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Do you have questions about what DEF CON Groups are? Do you need help finding a group near you? Feel free to come ask. Or, just come up and hang out.","updated_timestamp":{"seconds":1722636477,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T22:07:57Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56506,"tag_ids":[46399,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W236","hotel":"","short_name":"W236","id":46293},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T22:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join the Recon Village GEOSINT Challenge, where your geospatial intelligence skills will be put to the ultimate test. Navigate through complex scenarios, uncover hidden clues, and outsmart your competition. Sharpen your analytical prowess and prove your mastery in this thrilling contest of wits and strategy.\n\n\n","media":[],"title":"Recon Village GE(O)SINT Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T21:00:00Z","end_timestamp":{"seconds":1723323600,"nanoseconds":0},"android_description":"Join the Recon Village GEOSINT Challenge, where your geospatial intelligence skills will be put to the ultimate test. Navigate through complex scenarios, uncover hidden clues, and outsmart your competition. Sharpen your analytical prowess and prove your mastery in this thrilling contest of wits and strategy.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-10T21:00:00.000-0000","id":56504,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This workshop aims to describe how to use Maltego CE with the common available transform sets. Additionally we will teach you how to extend the tool by integrating external datasources and OSINT tools thanks to the open-source maltego-trx library.\n\nOutline:\n- Overview\n- Datasources\n- Investigation basics\n- Creating your own entities\n- Building your own transforms\n- Demo\n- Lab:\n- Connecting an OSINT tool (holehe, whatsmyname…) \n- Q&A\n\nPrerequisites\n- Maltego Community Edition (requires Maltego ID registration for activation)\n- Python + pip\n- Maltego-trx library\n- Optional: your favourite IDE (VSCode, Pycharm…)\n\n\n","media":[],"title":"Maltego Community Workshop","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"This workshop aims to describe how to use Maltego CE with the common available transform sets. Additionally we will teach you how to extend the tool by integrating external datasources and OSINT tools thanks to the open-source maltego-trx library.\n\nOutline:\n- Overview\n- Datasources\n- Investigation basics\n- Creating your own entities\n- Building your own transforms\n- Demo\n- Lab:\n- Connecting an OSINT tool (holehe, whatsmyname…) \n- Q&A\n\nPrerequisites\n- Maltego Community Edition (requires Maltego ID registration for activation)\n- Python + pip\n- Maltego-trx library\n- Optional: your favourite IDE (VSCode, Pycharm…)","updated_timestamp":{"seconds":1722633249,"nanoseconds":0},"speakers":[{"content_ids":[55910],"conference_id":133,"event_ids":[56497],"name":"Carlos Fragoso","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56269}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T21:14:09Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":56497,"tag_ids":[46391,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56269}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is an AMA/Podcast that will be recorded on-site.\n\n\n","media":[],"title":"Interview - CATO Networks, Hosted by Dhruv Shah","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"This is an AMA/Podcast that will be recorded on-site.","updated_timestamp":{"seconds":1722633249,"nanoseconds":0},"speakers":[{"content_ids":[55909],"conference_id":133,"event_ids":[56496],"name":"CATO Networks","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56275},{"content_ids":[55909],"conference_id":133,"event_ids":[56496],"name":"Dhruv Shah","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56276}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T21:14:09Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":56496,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56275},{"tag_id":46167,"sort_order":4,"person_id":56276}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us at the AI Village for interactive demonstrations at the intersection of AI and security. Attempt to hijack and manipulate autonomous robots using large language models and generative AI. Fool your friends by creating deep fakes with a state-of-the-art setup from Bishop Fox, complete with DSLR camera, green screen, and props. Finally, put your social engineering awareness to the test with DARPA’s deep fake analysis system, designed to identify and attribute manipulated and synthetic media. Don’t miss this opportunity to engage with adversarial AI technologies and learn about their implications on the future, at DEF CON 32!\n\n\n","media":[],"title":"AI Village Demos","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Join us at the AI Village for interactive demonstrations at the intersection of AI and security. Attempt to hijack and manipulate autonomous robots using large language models and generative AI. Fool your friends by creating deep fakes with a state-of-the-art setup from Bishop Fox, complete with DSLR camera, green screen, and props. Finally, put your social engineering awareness to the test with DARPA’s deep fake analysis system, designed to identify and attribute manipulated and synthetic media. Don’t miss this opportunity to engage with adversarial AI technologies and learn about their implications on the future, at DEF CON 32!","updated_timestamp":{"seconds":1722626313,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T19:18:33Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56475,"tag_ids":[46368,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T19:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As artificial intelligence and machine learning increasingly become the backbone of our cybersecurity infrastructure, we face a new set of ethical challenges that go beyond traditional security concerns. This keynote dives into the critical issues of fairness, transparency, and accountability in AI-driven security systems. We’ll explore the relevance of AI ethics to safety and security testing, especially red teaming efforts. Finally, we’ll discuss the importance of ethical AI development in cybersecurity, emphasizing the need for diverse development teams, rigorous testing for biases, and ongoing audits of AI systems in production. This keynote aims to spark a crucial conversation in the hacker community about our responsibility to ensure that as we push the boundaries of AI in security, we don’t lose sight of the human values and ethical principles that should guide our work.\n\n\n","media":[],"title":"Keynote - AI-Powered Cybersecurity: The Importance of Red Teamers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"As artificial intelligence and machine learning increasingly become the backbone of our cybersecurity infrastructure, we face a new set of ethical challenges that go beyond traditional security concerns. This keynote dives into the critical issues of fairness, transparency, and accountability in AI-driven security systems. We’ll explore the relevance of AI ethics to safety and security testing, especially red teaming efforts. Finally, we’ll discuss the importance of ethical AI development in cybersecurity, emphasizing the need for diverse development teams, rigorous testing for biases, and ongoing audits of AI systems in production. This keynote aims to spark a crucial conversation in the hacker community about our responsibility to ensure that as we push the boundaries of AI in security, we don’t lose sight of the human values and ethical principles that should guide our work.","updated_timestamp":{"seconds":1722625241,"nanoseconds":0},"speakers":[{"content_ids":[55881],"conference_id":133,"event_ids":[56466],"name":"Nikki Pope","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NVIDIA","title":""}],"links":[],"pronouns":null,"media":[],"id":56246,"title":"NVIDIA"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T19:00:41Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":56466,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56246}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T19:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Quantum Key Distribution (QKD) has been heralded as the future of secure communications, but what does it really offer, and how does it work? This talk is a deep dive into the physics that underpins QKD, tailored for the technically curious and sceptical minds at DefCon. We’ll explore the foundational principles of quantum mechanics that make QKD possible, with a focus on the BB84 protocol and Continuous Variable QKD (CV-QKD). Additionally, we’ll compare these quantum methods with classical key exchange techniques, discussing their strengths and limitations in real-world applications—without the hype. Whether you’re a seasoned cryptographer or new to the field, this session will provide a practical and clear-eyed understanding of quantum key exchange.\n\n\n","media":[],"title":"Intro to QKD: Quantum Key Exchange: Beyond the Hype","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"Quantum Key Distribution (QKD) has been heralded as the future of secure communications, but what does it really offer, and how does it work? This talk is a deep dive into the physics that underpins QKD, tailored for the technically curious and sceptical minds at DefCon. We’ll explore the foundational principles of quantum mechanics that make QKD possible, with a focus on the BB84 protocol and Continuous Variable QKD (CV-QKD). Additionally, we’ll compare these quantum methods with classical key exchange techniques, discussing their strengths and limitations in real-world applications—without the hype. Whether you’re a seasoned cryptographer or new to the field, this session will provide a practical and clear-eyed understanding of quantum key exchange.","updated_timestamp":{"seconds":1723307201,"nanoseconds":0},"speakers":[{"content_ids":[55849],"conference_id":133,"event_ids":[56436],"name":"Ben Varcoe","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56214}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-10T16:26:41Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":56436,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56214}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-10T16:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Use spacestudio software to work through multiple challenges and scenarios. For instance:\r\n\r\nChallenge 1: Analysis of the performance of the next GEN of satellites to size the ground segment.\r\n\r\nChallenge 2: Assessment of propulsion system capabilities for initial orbit raising\r\n\r\nChallenges for spacetower flight dynamic software will also be available.\n\n\n","media":[],"title":"spacestudio and spacetower challenges","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Use spacestudio software to work through multiple challenges and scenarios. For instance:\r\n\r\nChallenge 1: Analysis of the performance of the next GEN of satellites to size the ground segment.\r\n\r\nChallenge 2: Assessment of propulsion system capabilities for initial orbit raising\r\n\r\nChallenges for spacetower flight dynamic software will also be available.","updated_timestamp":{"seconds":1722626556,"nanoseconds":0},"speakers":[{"content_ids":[55830],"conference_id":133,"event_ids":[56380,56408,56426],"name":"Exotrail","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56205},{"content_ids":[55824,55825,55830],"conference_id":133,"event_ids":[56374,56375,56380,56402,56403,56408,56420,56421,56426],"name":"Hack-A-Sat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56207}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T19:22:36Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56408,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56205},{"tag_id":46484,"sort_order":4,"person_id":56207}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T19:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Launch into the thrilling world of cybersecurity, specifically designed for space systems! Learn the fundamentals to safeguard ground stations, communication links, and spacecrafts.\n \nEngage in an immersive and fun CTF scenario. Apply your cybersecurity skills in real-time and see the direct impact of your decisions on our Space Systems Demonstrator. In this high-stakes scenario, you'll align with the Aurora Alliance in their critical mission to thwart Count Viktor Thunderclaw and the notorious Nebula Syndicate. The Syndicate threatens to destroy historic monuments around the world with their Space Laser unless their demands are met. Do you have what it takes to dismantle their malevolent plans?\n \nOur beginner-level CTF kicks off as soon as the village opens—no pre-registration necessary. Just bring your laptop to access the CTF platform and your favorite packet decoding software (i.e. Wireshark). Expect the CTF to take you less than 1 hour to complete. Team collaboration is encouraged, and if you encounter obstacles, numerous hints are available to guide you. Excel in the challenge, and you could walk away with a CT Cubed SAO, an exclusive prize while supplies last.\n\n\n","media":[],"title":"Space Systems Security CTF – Platform Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Launch into the thrilling world of cybersecurity, specifically designed for space systems! Learn the fundamentals to safeguard ground stations, communication links, and spacecrafts.\n \nEngage in an immersive and fun CTF scenario. Apply your cybersecurity skills in real-time and see the direct impact of your decisions on our Space Systems Demonstrator. In this high-stakes scenario, you'll align with the Aurora Alliance in their critical mission to thwart Count Viktor Thunderclaw and the notorious Nebula Syndicate. The Syndicate threatens to destroy historic monuments around the world with their Space Laser unless their demands are met. Do you have what it takes to dismantle their malevolent plans?\n \nOur beginner-level CTF kicks off as soon as the village opens—no pre-registration necessary. Just bring your laptop to access the CTF platform and your favorite packet decoding software (i.e. Wireshark). Expect the CTF to take you less than 1 hour to complete. Team collaboration is encouraged, and if you encounter obstacles, numerous hints are available to guide you. Excel in the challenge, and you could walk away with a CT Cubed SAO, an exclusive prize while supplies last.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55829],"conference_id":133,"event_ids":[56379,56407,56425],"name":"CT Cubed","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56204}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56407,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56204}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Space Grand Challenge (SGC) Program is a free virtual game-based cybersecurity/space competition CTF for middle and high school students built by Cal Poly students—Learn by Doing in action. The game is built on the UNITY gaming engine.\n\n\n","media":[],"title":"Space Grand Challenge Luna","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The Space Grand Challenge (SGC) Program is a free virtual game-based cybersecurity/space competition CTF for middle and high school students built by Cal Poly students—Learn by Doing in action. The game is built on the UNITY gaming engine.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55827,55828],"conference_id":133,"event_ids":[56377,56378,56405,56406,56423,56424],"name":"CalPoly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56203}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56406,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56203}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come take a picture with a CubeSat. And while you're there, learn a few things about it.\n\n\n","media":[],"title":"Selfie with a CubeSat","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Come take a picture with a CubeSat. And while you're there, learn a few things about it.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55827,55828],"conference_id":133,"event_ids":[56377,56378,56405,56406,56423,56424],"name":"CalPoly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56203}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56405,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56203}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Role play what would happen (or not happen) should a plane be maliciously targeted, or (like most) try and land a A320.\n\n\n","media":[],"title":"PTP Flight Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Role play what would happen (or not happen) should a plane be maliciously targeted, or (like most) try and land a A320.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55826],"conference_id":133,"event_ids":[56376,56404,56422],"name":"Pen Test Partners","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56188}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56404,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56188}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Enjoy some space math nostalgia with challenges from the past four years of Hack-A-Sat quals! Challenges require skills in astrodynamics, satellite operations, digital signal processing, reverse engineering, exploitation, and more! If you missed the last Hack-A-Sat qualifiers or just want to try again, now is your chance!\n\n10 challenges are available with a mix of difficulty. These will be available throughout all of DEF CON so work on them anywhere (even your hotel room). No team required and no scoreboard...so no pressure!\n\nChallenge developers will be available for hints/clues on the conference floor but may not be able to help with every challenge.\n\n\n","media":[],"title":"Hack-A-Sat Quals Challenges","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Enjoy some space math nostalgia with challenges from the past four years of Hack-A-Sat quals! Challenges require skills in astrodynamics, satellite operations, digital signal processing, reverse engineering, exploitation, and more! If you missed the last Hack-A-Sat qualifiers or just want to try again, now is your chance!\n\n10 challenges are available with a mix of difficulty. These will be available throughout all of DEF CON so work on them anywhere (even your hotel room). No team required and no scoreboard...so no pressure!\n\nChallenge developers will be available for hints/clues on the conference floor but may not be able to help with every challenge.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55824,55825,55830],"conference_id":133,"event_ids":[56374,56375,56380,56402,56403,56408,56420,56421,56426],"name":"Hack-A-Sat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56207},{"content_ids":[55824,55825],"conference_id":133,"event_ids":[56374,56375,56402,56403,56420,56421],"name":"Cromulence","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56213}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56403,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56207},{"tag_id":46484,"sort_order":4,"person_id":56213}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to know what happened to the Hack-A-Sat digital twins? We're bringing back our satellites and ground stations so you can see what it was like to be a team operating during finals!\n\nEstablish uplink using a ground station. Send commands to the satellite, observe effects and telemetry. 3D Cesium visualization of satellite in orbit and ground station locations. Grafana dashboards for sim data, etc. OpenC3 satellite operator interface for C2\n\n\n","media":[],"title":"Hack-A-Sat Digital Twin","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Want to know what happened to the Hack-A-Sat digital twins? We're bringing back our satellites and ground stations so you can see what it was like to be a team operating during finals!\n\nEstablish uplink using a ground station. Send commands to the satellite, observe effects and telemetry. 3D Cesium visualization of satellite in orbit and ground station locations. Grafana dashboards for sim data, etc. OpenC3 satellite operator interface for C2","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55824,55825,55830],"conference_id":133,"event_ids":[56374,56375,56380,56402,56403,56408,56420,56421,56426],"name":"Hack-A-Sat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56207},{"content_ids":[55824,55825],"conference_id":133,"event_ids":[56374,56375,56402,56403,56420,56421],"name":"Cromulence","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56213}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56402,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56207},{"tag_id":46484,"sort_order":4,"person_id":56213}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Dive into our interactive choose-your-own-adventure web interface and learn how to hack a drone in a fun, storyboard-based game. This graphical user interface simulates the process we use when hacking drones for the Air Force, allowing participants to make decisions and see the outcomes. It's a beginner-friendly activity that anyone can enjoy, offering insight into the steps involved in drone penetration testing.\n\n\n","media":[],"title":"Drone Hacking Choose Your Own Adventure","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Dive into our interactive choose-your-own-adventure web interface and learn how to hack a drone in a fun, storyboard-based game. This graphical user interface simulates the process we use when hacking drones for the Air Force, allowing participants to make decisions and see the outcomes. It's a beginner-friendly activity that anyone can enjoy, offering insight into the steps involved in drone penetration testing.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56401,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join our Drone Hacking Activity and get hands-on experience with hacking into drone microcontrollers. This three-step in-depth activity is designed to teach you about the vulnerabilities and security of autonomous systems. Using sample drones, participants will learn techniques used in government pen tests. This workshop is suitable for all skill levels, from beginners to advanced hackers. Come and test your skills in a real-world scenario and understand the intricacies of drone security.\n\n\n","media":[],"title":"Drone Hacking Activity","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Join our Drone Hacking Activity and get hands-on experience with hacking into drone microcontrollers. This three-step in-depth activity is designed to teach you about the vulnerabilities and security of autonomous systems. Using sample drones, participants will learn techniques used in government pen tests. This workshop is suitable for all skill levels, from beginners to advanced hackers. Come and test your skills in a real-world scenario and understand the intricacies of drone security.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56400,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Experience the thrill of flying a drone in our custom-built cage right on the showroom floor. This activity is designed for everyone to enjoy, from kids to adults. Fly mini drones around the cage and see how well you can control these agile little machines. It's a fun, interactive way to learn the basics of drone piloting in a safe environment.\n\n\n","media":[],"title":"Drone Flying Experience","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Experience the thrill of flying a drone in our custom-built cage right on the showroom floor. This activity is designed for everyone to enjoy, from kids to adults. Fly mini drones around the cage and see how well you can control these agile little machines. It's a fun, interactive way to learn the basics of drone piloting in a safe environment.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56399,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Put your drone hacking skills to the test in our Drone CTF. This advanced challenge requires participants to take over a drone mid-flight and develop a payload to hack a DJI drone. This CTF is perfect for those who have some experience in drone hacking or have participated in our Drone Hacking Workshop. It's a great opportunity to showcase your technical prowess and win some cool prizes.\n\n\n","media":[],"title":"Drone Capture the Flag (CTF)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Put your drone hacking skills to the test in our Drone CTF. This advanced challenge requires participants to take over a drone mid-flight and develop a payload to hack a DJI drone. This CTF is perfect for those who have some experience in drone hacking or have participated in our Drone Hacking Workshop. It's a great opportunity to showcase your technical prowess and win some cool prizes.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56398,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Can you spot suspicious items in packages? Try out your skills.\n\n\n","media":[],"title":"Detect a Threat","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Can you spot suspicious items in packages? Try out your skills.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55819],"conference_id":133,"event_ids":[56369,56397,56415],"name":"TSA","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56212}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56397,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56212}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"You are a new to the Airport IT staff at the IG International Airport Network Operations Center, working your first holiday travel weekend. It has been a busy day managing the network with the control tower reporting several small glitches.\n\nNo alerts have been raised in the network, and the glitches appeared to have been easily handled. While taking your last break of the day, you decide to take a short walk around the concourse to watch the sun set. Suddenly, your cell phone rings and the voice on the other end is a panicked Control Tower Operator. A short time earlier, the tower had observed the runway lights turn off, come back on, and are now randomly blinking. They also mentioned the Operator HMI (Human Machine Interface) controlling the Runway Lighting system is non-responsive and they are locked out of the Maintenance HMI to reboot the system. Time is critical – without the lights, the planes circling the airport cannot land. With limited fuel stores, the planes are unable to divert to another airport. You sit down at your terminal to pull up the maintenance manual and troubleshoot the problem only to discover you are locked out of your account. You are suddenly relieved that management would not let you deploy security updates to the network because they feared service interruptions may occur. Once you regain access to the system and have all the reference material available, you bring up the control logic for the runway lighting system on one screen and the HMIs on another and quickly realize this is not a normal system failure. An unknown hacker or hacker group has ceased and taken control of the system. They have manipulated the PLC’s (Programmable Logic Controller) and impacted the HMIs. Time is of the essence to restore operation to the Runway Lighting control system before the planes run out of fuel.\n\n\n","media":[],"title":"Defend the Airport CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"You are a new to the Airport IT staff at the IG International Airport Network Operations Center, working your first holiday travel weekend. It has been a busy day managing the network with the control tower reporting several small glitches.\n\nNo alerts have been raised in the network, and the glitches appeared to have been easily handled. While taking your last break of the day, you decide to take a short walk around the concourse to watch the sun set. Suddenly, your cell phone rings and the voice on the other end is a panicked Control Tower Operator. A short time earlier, the tower had observed the runway lights turn off, come back on, and are now randomly blinking. They also mentioned the Operator HMI (Human Machine Interface) controlling the Runway Lighting system is non-responsive and they are locked out of the Maintenance HMI to reboot the system. Time is critical – without the lights, the planes circling the airport cannot land. With limited fuel stores, the planes are unable to divert to another airport. You sit down at your terminal to pull up the maintenance manual and troubleshoot the problem only to discover you are locked out of your account. You are suddenly relieved that management would not let you deploy security updates to the network because they feared service interruptions may occur. Once you regain access to the system and have all the reference material available, you bring up the control logic for the runway lighting system on one screen and the HMIs on another and quickly realize this is not a normal system failure. An unknown hacker or hacker group has ceased and taken control of the system. They have manipulated the PLC’s (Programmable Logic Controller) and impacted the HMIs. Time is of the essence to restore operation to the Runway Lighting control system before the planes run out of fuel.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55818],"conference_id":133,"event_ids":[56368,56396,56414],"name":"IntelliGenesis and IG Labs","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56190}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56396,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56190}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Collect the clues, solve the puzzles, show off your aerospace knowledge and technical skills to win a limited edition PCB badge.\n\n\n","media":[],"title":"Darkstar Badge Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Collect the clues, solve the puzzles, show off your aerospace knowledge and technical skills to win a limited edition PCB badge.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55817],"conference_id":133,"event_ids":[56367,56395,56413],"name":"Lockheed Martin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56189}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56395,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56189}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The AMSAT Ground Control and CubeSat simulator emulates how satellite communications are used. Ground control communicates via UHF to the cubesat.\n\n\n","media":[],"title":"CubeSat Simulator","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The AMSAT Ground Control and CubeSat simulator emulates how satellite communications are used. Ground control communicates via UHF to the cubesat.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55816],"conference_id":133,"event_ids":[56366,56394,56412],"name":"AMSAT","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56200}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56394,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56200}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Bricks in the Air is a hands-on demo to teach the basics of low level protocols seen in aviation. The demo uses the I2C protocol and does not reveal actual security vulnerabilities in avionics or other systems in aviation.\n\n\n","media":[],"title":"Bricks in the Air","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Bricks in the Air is a hands-on demo to teach the basics of low level protocols seen in aviation. The demo uses the I2C protocol and does not reveal actual security vulnerabilities in avionics or other systems in aviation.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56393,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"ARINC 664 is an extension to IP networking that adds deterministic QoS for Aircraft Systems over Ethernet. Sit down and learn about how the extensions to 802.3 is used on aircraft, how that flight critical data is transferred in a timely matter, and how to manipulate the data on these networks. This progressive difficulty CTF provides a fun and informative way of approaching ARINC 664 networking.\n\n\n","media":[],"title":"ARINC 664 CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"ARINC 664 is an extension to IP networking that adds deterministic QoS for Aircraft Systems over Ethernet. Sit down and learn about how the extensions to 802.3 is used on aircraft, how that flight critical data is transferred in a timely matter, and how to manipulate the data on these networks. This progressive difficulty CTF provides a fun and informative way of approaching ARINC 664 networking.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55814],"conference_id":133,"event_ids":[56364,56392,56410],"name":"Boeing","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56202}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56392,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56202}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A variety of aviation infrastructure has been compromised by hackers. Immerse yourself into challenges where you are tasked as an aviation cyber defense participant to identify attacks/attackers, stop attacks, and restore normal operations. As a participant your first step is to register ahead and read the rules at: https://aisac.cyberskyline.com/events/aisac-defcon and bring your own laptop to the venue. You can participate in the virtual challenges from Friday, but the more critical in-person challenges are only available at certain times during Village open hours!\n\n\n","media":[],"title":"A-ISAC Aviation Cybersecurity Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"A variety of aviation infrastructure has been compromised by hackers. Immerse yourself into challenges where you are tasked as an aviation cyber defense participant to identify attacks/attackers, stop attacks, and restore normal operations. As a participant your first step is to register ahead and read the rules at: https://aisac.cyberskyline.com/events/aisac-defcon and bring your own laptop to the venue. You can participate in the virtual challenges from Friday, but the more critical in-person challenges are only available at certain times during Village open hours!","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55813],"conference_id":133,"event_ids":[56363,56391,56409],"name":"A-ISAC and Embry-Riddle Aeronautical University - Prescott","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56201}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56391,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56201}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Jayson Street - Keynote","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:30:00Z","end_timestamp":{"seconds":1723311000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722445614,"nanoseconds":0},"speakers":[{"content_ids":[55686,54463,56241],"conference_id":133,"event_ids":[56353,56899,56900,56209,54836],"name":"Jayson E. Street","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"HackerAdventures.world","sort_order":0,"url":"https://HackerAdventures.world"},{"description":"","title":"Twitter (@jaysonstreet)","sort_order":0,"url":"https://twitter.com/jaysonstreet"},{"description":"","title":"Website","sort_order":0,"url":"https://JaysonEStreet.com"}],"media":[],"id":54170}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:06:54Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-10T17:30:00.000-0000","id":56353,"tag_ids":[46399,46400,46426,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54170}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W236","hotel":"","short_name":"W236","id":46293},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-31T17:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Small scale LAN party - Use one of our Windows 98 laptops or BYOB and hook it up! Seating will likely be limited depending on interest.\n\n\n","media":[],"title":"Small scale LAN party","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Small scale LAN party - Use one of our Windows 98 laptops or BYOB and hook it up! Seating will likely be limited depending on interest.","updated_timestamp":{"seconds":1722563871,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T01:57:51Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56338,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T01:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Although not scheduled we intend to have people in and out who can do repairs/soldering on older equipment should anything need it. If you have trouble with your vintage tech during con, we will do our best to help!\n\n\n","media":[],"title":"Retro Repair","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Although not scheduled we intend to have people in and out who can do repairs/soldering on older equipment should anything need it. If you have trouble with your vintage tech during con, we will do our best to help!","updated_timestamp":{"seconds":1722563919,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T01:58:39Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56337,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T01:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We will have several dumb terminals available for all sorts of things courtesy of SCAVHUNT!\n\n\n","media":[],"title":"Dumb Terminal fun","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"We will have several dumb terminals available for all sorts of things courtesy of SCAVHUNT!","updated_timestamp":{"seconds":1722563905,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T01:58:25Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56336,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T01:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Bring a retro artifact of your own for people to have fun with and demonstrate! (Note: Any artifact brought in for Show & Tell must also be taken back home with you, and although we will try our best to keep your artifact safe and operational, we suggest that you don't bring anything irreplaceable or that has sentimental value, as things could get destroyed or go missing.)\n\n\n","media":[],"title":"Show & Tell","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"Bring a retro artifact of your own for people to have fun with and demonstrate! (Note: Any artifact brought in for Show & Tell must also be taken back home with you, and although we will try our best to keep your artifact safe and operational, we suggest that you don't bring anything irreplaceable or that has sentimental value, as things could get destroyed or go missing.)","updated_timestamp":{"seconds":1722563887,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T01:58:07Z","links":[],"end":"2024-08-10T23:00:00.000-0000","id":56335,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T01:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The perfect introduction to network analysis, sniffing, and forensics. Do you want to understand the techniques people use to tap into a network, steal passwords and listen to conversations? Packet Inspector is the place to develop these skills! For well over a decade, the Wall of Sheep has shown people how important it is to use end-to-end encryption to keep sensitive information like passwords private. Using a license of the world famous Capture The Packet engine from Aries Security, we have created a unique way to teach hands-on skills in a controlled real-time environment.\n\n\n","media":[],"title":"Packet Inspector","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The perfect introduction to network analysis, sniffing, and forensics. Do you want to understand the techniques people use to tap into a network, steal passwords and listen to conversations? Packet Inspector is the place to develop these skills! For well over a decade, the Wall of Sheep has shown people how important it is to use end-to-end encryption to keep sensitive information like passwords private. Using a license of the world famous Capture The Packet engine from Aries Security, we have created a unique way to teach hands-on skills in a controlled real-time environment.","updated_timestamp":{"seconds":1722476832,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T01:47:12Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56314,"tag_ids":[46385,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T01:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Looking to upgrade your skills or see how you would fare in Capture The Packet? Come check out what Packet Detective has to offer! A step up in difficulty from Packet Inspector, Packet Detective will put your network hunting abilities to the test with real-world scenarios at the intermediate level. Take the next step in your journey towards network mastery in a friendly environment still focused on learning and take another step closer to preparing yourself for the competitive environment of Capture The Packet\n\n\n","media":[],"title":"Packet Detective","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Looking to upgrade your skills or see how you would fare in Capture The Packet? Come check out what Packet Detective has to offer! A step up in difficulty from Packet Inspector, Packet Detective will put your network hunting abilities to the test with real-world scenarios at the intermediate level. Take the next step in your journey towards network mastery in a friendly environment still focused on learning and take another step closer to preparing yourself for the competitive environment of Capture The Packet","updated_timestamp":{"seconds":1722476866,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T01:47:46Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56312,"tag_ids":[46385,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T01:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Knowing how to use the Linux command line is a critical skill for any good security practitioner. This trainer will have 10+ problems covering some of the most fundamental Linux commands. This trainer is for people new to field and for those who want to hone their Linux command line-fu.\n\n\n","media":[],"title":"Linux Trainer","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Knowing how to use the Linux command line is a critical skill for any good security practitioner. This trainer will have 10+ problems covering some of the most fundamental Linux commands. This trainer is for people new to field and for those who want to hone their Linux command line-fu.","updated_timestamp":{"seconds":1722476901,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T01:48:21Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56310,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Network-OS workshop will take you into the mysterious world which underpins modern computing and allows people to talk across the globe. This of course being the network itself. In this workshop you will familiarize yourself with the command line of network devices. Step by step, you will configure devices to talk to each other, share information about the computers connected to them, and relay their network information and traffic between each other. No experience needed, know how to type and copy/paste.\n\n\n","media":[],"title":"Network-OS: Be The Cloud","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The Network-OS workshop will take you into the mysterious world which underpins modern computing and allows people to talk across the globe. This of course being the network itself. In this workshop you will familiarize yourself with the command line of network devices. Step by step, you will configure devices to talk to each other, share information about the computers connected to them, and relay their network information and traffic between each other. No experience needed, know how to type and copy/paste.","updated_timestamp":{"seconds":1722476912,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T01:48:32Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56308,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Regular Expressions or RegEX are used everywhere! If you aspire to be a Pentester, Threat Hunter, Programmer, Network Engineer, DevOps or really anything in technology today, RegEx is a skill all the greats have and the majority of the industry are terrible at. Come learn or brush up on your RegEx skills in on our live trainer.\n\n\n","media":[],"title":"Regular Expressions (RegEx) Trainer","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Regular Expressions or RegEX are used everywhere! If you aspire to be a Pentester, Threat Hunter, Programmer, Network Engineer, DevOps or really anything in technology today, RegEx is a skill all the greats have and the majority of the industry are terrible at. Come learn or brush up on your RegEx skills in on our live trainer.","updated_timestamp":{"seconds":1722476922,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T01:48:42Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56306,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Use machine learning with Python to detect attacks in network packets including DNS tunneling, FTP brute force, and HTTP scanning. We will be using various Python tools such as iPython notebooks, scapy, and scikit-learn. Some Python experience is recommended, but if you don't know Python, come prepared to start with our Python tutorial!\n\n\n","media":[],"title":"Python + Packet Analysis + Machine Learning","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Use machine learning with Python to detect attacks in network packets including DNS tunneling, FTP brute force, and HTTP scanning. We will be using various Python tools such as iPython notebooks, scapy, and scikit-learn. Some Python experience is recommended, but if you don't know Python, come prepared to start with our Python tutorial!","updated_timestamp":{"seconds":1722476946,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T01:49:06Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56304,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T01:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Follow real world password attack steps against a mock target in order to better understand how to protect yourself and improve the security of your passwords!\n\n\n","media":[],"title":"Password lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Follow real world password attack steps against a mock target in order to better understand how to protect yourself and improve the security of your passwords!","updated_timestamp":{"seconds":1722540130,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T19:22:10Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56302,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T19:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"No description provided by creator\n\n\n","media":[],"title":"FleetDm","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"No description provided by creator","updated_timestamp":{"seconds":1722476980,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T01:49:40Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56300,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T01:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for an interactive workshop where we will walk you through the ins and outs of botnet deployment and operation via a command and control web server. Geared towards beginners, this workshop offers a hands-on approach to understanding how botnets function. You'll also learn an effective defense strategy against the botnet you have created. No experience needed we will give you everything you need!\n\n\n","media":[],"title":"Botnets","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Join us for an interactive workshop where we will walk you through the ins and outs of botnet deployment and operation via a command and control web server. Geared towards beginners, this workshop offers a hands-on approach to understanding how botnets function. You'll also learn an effective defense strategy against the botnet you have created. No experience needed we will give you everything you need!","updated_timestamp":{"seconds":1722476888,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T01:48:08Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56298,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"An introduction to Digital Forensics: Part1\n\n\nThis is Part 1 of the Blue Team Village developed 101 tutorial series. This tutorial, which will be delivered in two parts, covers Digital Forensics basics. If you have ever been interested in Digital Forensics this series is a great place to start learning. The tutorials will cover the basics, and helps answer many of the questions regarding Digital Forensics and it's use in modern day digital investigations.","media":[],"title":"Obsidian: Forensics 101 Part 1","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:30:00Z","end_timestamp":{"seconds":1723311000,"nanoseconds":0},"android_description":"An introduction to Digital Forensics: Part1\n\n\nThis is Part 1 of the Blue Team Village developed 101 tutorial series. This tutorial, which will be delivered in two parts, covers Digital Forensics basics. If you have ever been interested in Digital Forensics this series is a great place to start learning. The tutorials will cover the basics, and helps answer many of the questions regarding Digital Forensics and it's use in modern day digital investigations.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55753,55748],"conference_id":133,"event_ids":[56278,56272],"name":"Sarthak Taneja","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56145}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-10T17:30:00.000-0000","id":56278,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56145}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"-Introductions [5 minutes]\r\n-Cloud Threat Intelligence [5 minutes]\r\n-Threat Brief on Cloud Focused Adversaries: SCATTERED SPIDER\r\n-Cloud Security Assessments [5 minutes]\r\n\t-Introduction to Prowler\r\n-SadCloud Introduction [5 minutes]\r\n-Demo of Running Sadcloud [5 minutes]\r\n-Hands-On Exercise [40 minutes]\r\n\t-Participants given the option:\r\n -Create AWS Account\t\r\n\t\t-Use Access Keys \r\n\t -Participants setup AWS CLI\r\n\t-Participants run Sadcloud\r\n-Demo of Running Prowler [10 minutes]\r\n-Hands-On Exercise [30 minutes]\r\n\t-Participants run Prowler\r\n-Summary Review of Prowler output [10 minutes]\t\r\n-Debrief/Q&A [5 minutes]\r\n\r\nPlease download and install terraform and python requirements noted below for this training:\r\nSadcloud Requirements:\r\nTerraform version 0.12 or greater\r\nTerraform download: https://developer.hashicorp.com/terraform/install\r\n\r\nProwler Requirements:\r\nPython version 3.9, 3.10, or 3.11\r\nPython download: https://www.python.org/downloads/\n\n\nAttend this talk to get hands-on experience setting up an AWS environment, running cloud security tools to analyze its security, and mapping its security configuration against TTPs of a cloud conscious adversary. Cloud cyberattacks targeting enterprise environments have nearly tripled this past year, and cloud misconfigurations have become an open door to threat actors. Understanding cloud threat actors and how they are breaching cloud environments will help security professionals defend organizations with a cloud footprint. This workshop will showcase how to defend against the top cloud conscious adversaries and the most popular cyber attacks. During the workshop, participants will set up a demo AWS environment, identify security misconfigurations using Prowler, and map those findings to TTPs of a cloud conscious threat actor, SCATTERED SPIDER. Come to this workshop to gain practical skills that empower you to better secure your organization’s cloud environment against the modern adversary.","media":[],"title":"Securing the Cloud with Cloud Threat Intelligence and Open Source Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T19:00:00Z","end_timestamp":{"seconds":1723316400,"nanoseconds":0},"android_description":"-Introductions [5 minutes]\r\n-Cloud Threat Intelligence [5 minutes]\r\n-Threat Brief on Cloud Focused Adversaries: SCATTERED SPIDER\r\n-Cloud Security Assessments [5 minutes]\r\n\t-Introduction to Prowler\r\n-SadCloud Introduction [5 minutes]\r\n-Demo of Running Sadcloud [5 minutes]\r\n-Hands-On Exercise [40 minutes]\r\n\t-Participants given the option:\r\n -Create AWS Account\t\r\n\t\t-Use Access Keys \r\n\t -Participants setup AWS CLI\r\n\t-Participants run Sadcloud\r\n-Demo of Running Prowler [10 minutes]\r\n-Hands-On Exercise [30 minutes]\r\n\t-Participants run Prowler\r\n-Summary Review of Prowler output [10 minutes]\t\r\n-Debrief/Q&A [5 minutes]\r\n\r\nPlease download and install terraform and python requirements noted below for this training:\r\nSadcloud Requirements:\r\nTerraform version 0.12 or greater\r\nTerraform download: https://developer.hashicorp.com/terraform/install\r\n\r\nProwler Requirements:\r\nPython version 3.9, 3.10, or 3.11\r\nPython download: https://www.python.org/downloads/\n\n\nAttend this talk to get hands-on experience setting up an AWS environment, running cloud security tools to analyze its security, and mapping its security configuration against TTPs of a cloud conscious adversary. Cloud cyberattacks targeting enterprise environments have nearly tripled this past year, and cloud misconfigurations have become an open door to threat actors. Understanding cloud threat actors and how they are breaching cloud environments will help security professionals defend organizations with a cloud footprint. This workshop will showcase how to defend against the top cloud conscious adversaries and the most popular cyber attacks. During the workshop, participants will set up a demo AWS environment, identify security misconfigurations using Prowler, and map those findings to TTPs of a cloud conscious threat actor, SCATTERED SPIDER. Come to this workshop to gain practical skills that empower you to better secure your organization’s cloud environment against the modern adversary.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55749],"conference_id":133,"event_ids":[56274],"name":"Nivedita (Nivu) Jejurikar","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Mandiant","title":"Senior Consultant"}],"links":[],"pronouns":null,"media":[],"id":56155,"title":"Senior Consultant at Mandiant"},{"content_ids":[55749],"conference_id":133,"event_ids":[56274],"name":"Natalie Simpson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56173}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-10T19:00:00.000-0000","id":56274,"tag_ids":[46373,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56173},{"tag_id":46167,"sort_order":1,"person_id":56155}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W309 (BTV Track 2 Workshops)","hotel":"","short_name":"W309 (BTV Track 2 Workshops)","id":46473},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Jayson Street - Keynote","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:30:00Z","end_timestamp":{"seconds":1723311000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722445614,"nanoseconds":0},"speakers":[{"content_ids":[55686,54463,56241],"conference_id":133,"event_ids":[56353,56899,56900,56209,54836],"name":"Jayson E. Street","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"HackerAdventures.world","sort_order":0,"url":"https://HackerAdventures.world"},{"description":"","title":"Twitter (@jaysonstreet)","sort_order":0,"url":"https://twitter.com/jaysonstreet"},{"description":"","title":"Website","sort_order":0,"url":"https://JaysonEStreet.com"}],"media":[],"id":54170}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-31T17:06:54Z","links":[{"label":"FrameVR","type":"link","url":"https://dcgvr.org/join"}],"end":"2024-08-10T17:30:00.000-0000","id":56209,"tag_ids":[46399,46400,46426,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54170}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-31T17:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"BadVR Data Exploration through VR visualization. See RF signals, cellular signals and step into the data with a hands-on VR experience\n\n\n","media":[],"title":"Signals Are Everywhere","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"BadVR Data Exploration through VR visualization. See RF signals, cellular signals and step into the data with a hands-on VR experience","updated_timestamp":{"seconds":1722369079,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T19:51:19Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56108,"tag_ids":[46397,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-06","hotel":"","short_name":"HW4-01-06","id":46354},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T19:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Idaho National Laboratory in collaboration with the Cybersecurity & Infrastructure Security Agency (CISA) will showcase the critical importance of safeguarding Industrial Control Systems (ICS) against cyber threats. Through a mixed reality game, the interactive VR experience illustrates the impacts of a cybersecurity attack on infrastructure, and highlights the intricate engineering processes that power our communities. By emphasizing the interdependencies within our Nation’s infrastructure, the VR challenges underscore the necessity of robust cybersecurity measures to ensure the reliability and security of essential services. Come restore power back to our city, virtually! (NOTE: this gamified interactive VR experience not technical in nature, and does not require cybersecurity or infrastructure knowledge to participate\n\n\n","media":[],"title":"ICS Village + XR Village Turn the lights on!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Idaho National Laboratory in collaboration with the Cybersecurity & Infrastructure Security Agency (CISA) will showcase the critical importance of safeguarding Industrial Control Systems (ICS) against cyber threats. Through a mixed reality game, the interactive VR experience illustrates the impacts of a cybersecurity attack on infrastructure, and highlights the intricate engineering processes that power our communities. By emphasizing the interdependencies within our Nation’s infrastructure, the VR challenges underscore the necessity of robust cybersecurity measures to ensure the reliability and security of essential services. Come restore power back to our city, virtually! (NOTE: this gamified interactive VR experience not technical in nature, and does not require cybersecurity or infrastructure knowledge to participate","updated_timestamp":{"seconds":1722917237,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-06T04:07:17Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56107,"tag_ids":[46397,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-06","hotel":"","short_name":"HW4-01-06","id":46354},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-06T04:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"# Open Events - All Days\r\n\r\n## AIxCC - Artificial Intelligence Cyber Challenge\r\n\r\nExperience a dynamic model city with illuminated buildings and projections that bring to life the Semifinals of the AI Cyber Challenge (AIxCC) - a two-year competition to safeguard the software critical to modern life. You'll experience the thrill of the game events and the critical stakes of cybersecurity in an immersive setting that also offers an inspiring educational journey.\r\n\r\n## Social Engineering Village - SE Youth Challenge\r\n\r\nThe Social Engineering Community needs your help and it’s not exactly a big deal, but without your help, the entire universe is going to implode. Fortunately, some creative beings designed a failsafe just for this specific purpose, the Def Con Social Engineering Youth Challenge at DEF CON 32!\r\n\r\n## Adversary Village - Table top adventure\r\n\r\nTabletop adversary adventure!\r\n\r\n## Biohacking Village - Learn about bio-technology and biohacking! \r\n\r\nHands on medical device hacking and village tour\r\n\r\n## Ham Radio Vilage - Find the Fox, Decode a SSTV broadcast, get your Ham Radio License!\r\n\r\nFox Hunt!: Try to find the fox radio transmitter. SSTV: Send an SSTV broadcast and see it decoded by someone else Ham Radio Exam: Get your ham radio license at DEF CON!\r\n\r\n## Crypto Privacy Village - Gold Bug Puzzle\r\n\r\nAn invitation to a house party at the home of the Mysterious Marquise. What does it mean that it’s for those with “an adventurous spirit and enjoyment of puzzles”? And how can the doorknocker reveal anything? Find out in the Junior Cryptographer’s Corner of the CPV Gold Bug Puzzle.\r\n\r\n## Data Duplication Village - Multiple: HDD Teardown, Decryption Challenge, Error detection and correction\r\n\r\n- **HDD Teardown**: Take apart and see how hard drives work.\r\n- **Decryption Challenge**: Learn how file encryption / decryption works and solve a challenge.\r\n- **Error Detection and Correction**: Use a simple binary code system, errors are introduced in the data string. Teaching basic parity checking or checksum algorithms to identify and correct the errors, demonstrating a fundamental data integrity concept.\r\n\r\n## Hardware Hacking Village - Open Soldering lessons\r\n\r\nThe folks at the Hardware Hacking Village can teach you soldering! Bring your soldering kits and learn this valuable hacker and life skill. \r\n\r\n# Friday, Saturday 13:00 - 16:00\r\n\r\n## Car Hacking Village Scavenger Hunt\r\n\r\nThe Car Hacking Village (CHV) put together a wonderland of fun for kids of all ages to explore. Stop by at our CHV Kids Booth during our hours of operation and dive into the rabbit hole of car hacking with our team. As you explore the CHV Village, you will not only learn about car hacking, but will also get to collect fun swag at every stop. Join us on this adventure through the car hacking wonderland and let your scavenger hunt begin.\n\n\n","media":[],"title":"Open Events for DCNextGen","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"# Open Events - All Days\r\n\r\n## AIxCC - Artificial Intelligence Cyber Challenge\r\n\r\nExperience a dynamic model city with illuminated buildings and projections that bring to life the Semifinals of the AI Cyber Challenge (AIxCC) - a two-year competition to safeguard the software critical to modern life. You'll experience the thrill of the game events and the critical stakes of cybersecurity in an immersive setting that also offers an inspiring educational journey.\r\n\r\n## Social Engineering Village - SE Youth Challenge\r\n\r\nThe Social Engineering Community needs your help and it’s not exactly a big deal, but without your help, the entire universe is going to implode. Fortunately, some creative beings designed a failsafe just for this specific purpose, the Def Con Social Engineering Youth Challenge at DEF CON 32!\r\n\r\n## Adversary Village - Table top adventure\r\n\r\nTabletop adversary adventure!\r\n\r\n## Biohacking Village - Learn about bio-technology and biohacking! \r\n\r\nHands on medical device hacking and village tour\r\n\r\n## Ham Radio Vilage - Find the Fox, Decode a SSTV broadcast, get your Ham Radio License!\r\n\r\nFox Hunt!: Try to find the fox radio transmitter. SSTV: Send an SSTV broadcast and see it decoded by someone else Ham Radio Exam: Get your ham radio license at DEF CON!\r\n\r\n## Crypto Privacy Village - Gold Bug Puzzle\r\n\r\nAn invitation to a house party at the home of the Mysterious Marquise. What does it mean that it’s for those with “an adventurous spirit and enjoyment of puzzles”? And how can the doorknocker reveal anything? Find out in the Junior Cryptographer’s Corner of the CPV Gold Bug Puzzle.\r\n\r\n## Data Duplication Village - Multiple: HDD Teardown, Decryption Challenge, Error detection and correction\r\n\r\n- **HDD Teardown**: Take apart and see how hard drives work.\r\n- **Decryption Challenge**: Learn how file encryption / decryption works and solve a challenge.\r\n- **Error Detection and Correction**: Use a simple binary code system, errors are introduced in the data string. Teaching basic parity checking or checksum algorithms to identify and correct the errors, demonstrating a fundamental data integrity concept.\r\n\r\n## Hardware Hacking Village - Open Soldering lessons\r\n\r\nThe folks at the Hardware Hacking Village can teach you soldering! Bring your soldering kits and learn this valuable hacker and life skill. \r\n\r\n# Friday, Saturday 13:00 - 16:00\r\n\r\n## Car Hacking Village Scavenger Hunt\r\n\r\nThe Car Hacking Village (CHV) put together a wonderland of fun for kids of all ages to explore. Stop by at our CHV Kids Booth during our hours of operation and dive into the rabbit hole of car hacking with our team. As you explore the CHV Village, you will not only learn about car hacking, but will also get to collect fun swag at every stop. Join us on this adventure through the car hacking wonderland and let your scavenger hunt begin.","updated_timestamp":{"seconds":1722363207,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T18:13:27Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":56098,"tag_ids":[46362,46398,46427],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T18:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This year we have more challenges and more prizes!\n\n\n","media":[],"title":"Payment Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T23:30:00Z","end_timestamp":{"seconds":1723332600,"nanoseconds":0},"android_description":"This year we have more challenges and more prizes!","updated_timestamp":{"seconds":1723074146,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T23:42:26Z","links":[{"label":"More Info","type":"link","url":"https://www.paymentvillage.org/challenges"}],"end":"2024-08-10T23:30:00.000-0000","id":56093,"tag_ids":[46386,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-07T23:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This panel discussion will delve into the critical intersection of artificial intelligence and cybersecurity in the context of the rapidly evolving 5G network environment. By bringing together experts in AI, 5G network security, and AI-driven solutions\n\n\n","media":[],"title":"AI-Driven Cyber Resilience: Surviving the 5G Threat Landscape","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"This panel discussion will delve into the critical intersection of artificial intelligence and cybersecurity in the context of the rapidly evolving 5G network environment. By bringing together experts in AI, 5G network security, and AI-driven solutions","updated_timestamp":{"seconds":1722352030,"nanoseconds":0},"speakers":[{"content_ids":[54634,55759,55495,55348,56206,55557],"conference_id":133,"event_ids":[55740,56072,55924,56284,56860,55008],"name":"Ezz Tahoun","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ezzeldinadel/"}],"media":[],"id":54240},{"content_ids":[55557,55559,55562],"conference_id":133,"event_ids":[56072,56074,56077],"name":"Akib Sayyed","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Matrix Shell Technologies","title":"Founder and Director"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/akibsayyed/"},{"description":"","title":"Twitter (@akibsayyed)","sort_order":0,"url":"https://twitter.com/@akibsayyed"}],"media":[],"id":56031,"title":"Founder and Director at Matrix Shell Technologies"},{"content_ids":[55557],"conference_id":133,"event_ids":[56072],"name":"Niklas Lindroos","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Nokia Corporation","title":"Head of PSIRT and Advanced Security Testing lab"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/niklas-lindroos-02745/"}],"media":[],"id":56033,"title":"Head of PSIRT and Advanced Security Testing lab at Nokia Corporation"},{"content_ids":[55557],"conference_id":133,"event_ids":[56072],"name":"Shina Liu","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56034}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T15:07:10Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":56072,"tag_ids":[46395,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":56034},{"tag_id":46487,"sort_order":4,"person_id":56033},{"tag_id":46487,"sort_order":6,"person_id":54240},{"tag_id":46487,"sort_order":8,"person_id":56031}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W201","hotel":"","short_name":"W201","id":46281},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T15:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is a contest about bribery. Bribery is not only allowed, it is required as part of the contest, since it's the only way to move up the leaderboard. Judges will evaluate the value of any given bribe (for example, an unusual sticker, etc.), and award points accordingly. Boring bribes will be rejected (i.e. cash). Players can expect to learn how to make a persuasive argument, and the nature of value in an (often) pay-to-win world that we live in.\n\n\n","media":[{"hash_sha256":"d105c229ff2832a2a53e6bea90a820933908ef621ae9acf81589053a04e47e5d","filetype":"image/png","hash_md5":"6ecf3ddaa155976e729164a6f9138690","name":"ct_wallofbribesjpg.png","is_logo":"Y","hash_crc32c":"3ba9ff1a","filesize":102976,"asset_id":640,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_wallofbribesjpg.png"}],"title":"A Wall of Bribes","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T23:00:00Z","end_timestamp":{"seconds":1723330800,"nanoseconds":0},"android_description":"This is a contest about bribery. Bribery is not only allowed, it is required as part of the contest, since it's the only way to move up the leaderboard. Judges will evaluate the value of any given bribe (for example, an unusual sticker, etc.), and award points accordingly. Boring bribes will be rejected (i.e. cash). Players can expect to learn how to make a persuasive argument, and the nature of value in an (often) pay-to-win world that we live in.","updated_timestamp":{"seconds":1722311882,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:58:02Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249429"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249428"}],"end":"2024-08-10T23:00:00.000-0000","id":56068,"tag_ids":[46427,46439,46750],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-F","hotel":"","short_name":"HW4-02-02-F","id":46367},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Adversary Village proudly presents \"Adversary Wars CTF\", an official contest at DEF CON, where the participants will have to pose as adversaries and replicate adversarial actions against each element of a “target” organization. Adversary Wars would have real world simulation of CTF scenarios and challenges, where the participants can perform various attacks and learn new attack vectors, TTPs, techniques, etc. To visualize the CTF environment, the contest area will feature a miniature model of the city made using interlocking-plastic-bricks. The breached components OR organization buildings will be physically marked in the city model as the CTF progresses.\r\n\r\nWe are excited to be back at DEF CON as an official contest this year. Adversary Wars CTF will be located in the contest area for DEF CON 32.​\n\n\n","media":[{"hash_sha256":"07ddc9c91f6e59f3933f548603872f890309c05b353352836dc4896ef7fce215","filetype":"image/png","hash_md5":"cafd57b9dc99beb382a7e36477b02aad","name":"ct_adversary.png","is_logo":"Y","hash_crc32c":"b7d5aeab","filesize":104609,"asset_id":623,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_adversary.png"}],"title":"Adversary Wars CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Adversary Village proudly presents \"Adversary Wars CTF\", an official contest at DEF CON, where the participants will have to pose as adversaries and replicate adversarial actions against each element of a “target” organization. Adversary Wars would have real world simulation of CTF scenarios and challenges, where the participants can perform various attacks and learn new attack vectors, TTPs, techniques, etc. To visualize the CTF environment, the contest area will feature a miniature model of the city made using interlocking-plastic-bricks. The breached components OR organization buildings will be physically marked in the city model as the CTF progresses.\r\n\r\nWe are excited to be back at DEF CON as an official contest this year. Adversary Wars CTF will be located in the contest area for DEF CON 32.​","updated_timestamp":{"seconds":1722713515,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-03T19:31:55Z","links":[{"label":"Twitter (@AdversaryVillag)","type":"link","url":"https://twitter.com/AdversaryVillag"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249425"},{"label":"More Info","type":"link","url":"https://adversaryvillage.org/adversary-wars-ctf/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249426"}],"end":"2024-08-11T01:00:00.000-0000","id":56066,"tag_ids":[46367,46427,46439,46751],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-05","hotel":"","short_name":"HW4-03-05","id":46372},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-03T19:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The AutoDriving CTF contest focuses on the emerging security challenges in autonomous driving systems. Various levels of self-driving functionalities, such as AI-powered perception, sensor fusion and route planning, are entering the product portfolio of automobile companies. From the security perspective, these AI-powered components not only contain common security problems such as memory safety bugs, but also introduce new threats such as physical adversarial attacks and sensor manipulations. Two popular examples of physical adversarial attacks are camouflage stickers that interfere with vehicle detection systems, and road graffitis that disturb lane keeping systems. The AI-powered navigation and control relies on the fusion of multiple sensor inputs, and many of the sensor inputs can be manipulated by malicious attackers. These manipulations combined with logical bugs in autonomous driving systems pose severe threats to road safety.\r\n\r\nWe design autonomous driving CTF (AutoDriving CTF) contests around the security challenges specific to these self-driving functions and components.\r\n\r\nThe goals of the AutoDriving CTF are the followings:\r\n\r\n- Demonstrate security implications of autonomous driving system design decisions through hands-on challenges, increase the awareness of potential risks in security professionals, and encourage them to propose defense solutions and tools to detect such risks.\r\n- Provide CTF challenges that allow players to learn attack and defense practices related to autonomous driving in a well-controlled, repeatable, and visible environment.\r\n- Build a set of vulnerable autonomous driving components that can be used for security research and defense evaluation.\r\n\r\nThe contest is based on a Jeopardy style of CTF game with a set of independent challenges. A typical contest challenge includes a backend that runs autonomous driving components in simulated or real environments, and a frontend that interacts with the players. This year's contest will follow the style of last year and includes the following types of challenges:\r\n\r\n- “attack”: such as constructing adversarial patches and spoofing fake sensor inputs,\r\n- “forensics”: such as investigating a security incident related to autonomous driving,\r\n- “detection”: such as detecting spoofed sensor inputs and fake obstacles,\r\n- “crashme on road!”: such as creating dangerous traffic scenarios to expose logical errors in autonomous driving systems.\r\n- “smart planner”: such as creating intelligent path planners for dangerous tasks that are difficult for human drivers\r\n\r\nMost of these challenges will be developed using game-engine based autonomous driving simulators, such as CARLA and SVL. The following link contains some challenge videos, summaries from AutoDriving CTF at DEF CON 29 and DEF CON 30\r\nhttps://drive.google.com/drive/folders/1JSVarIaQBmseLC9XqkfrxnRQto4WM225?usp=sharing\r\nhttps://www.youtube.com/channel/UCPPsKbVpxwk-464KIzr8xKw\r\n\r\n# What's new in 2024\r\nThis year, we will unlock new traffic conflict scenarios that are observed from real-world driving logs such as Jaywalk and double parked vehicles. New difficulty levels will be added to challenges in such scenarios by integrating real downstream AI modules such as object tracking from open-source autonomous driving software like Apollo, Autoware and OpenPilot.\r\n\r\nIn order to enable the audience to experience the challenges more directly, we plan to set up a vehicle wheel controller on site and provide a driving game this year. Audiences can drive themselves to compete with the self-driving vehicle in some of the challenges. Driving game demo:\r\nhttps://drive.google.com/drive/folders/1LIzJJ1I3Eqj_e0_ntX5eFu82U9ObiEYB?usp=sharing\r\n\r\n# For players\r\n- What do players need to do to participate AutoDriving CTF?\r\nMost of the challenges do not require domain knowledge of autonomous driving software or adversarial machine learning, although knowledge of those helps. For example, the players can generate images the way they like (e.g., drawing, photoshopping) to fool the AI-components or write a short python script to control the vehicle. Some challenges, such as incident forensics likely would require players to learn domain knowledge such as sensor information format and how fusion works.\r\n\r\n- What do we expect players to learn through the CTF event?\r\nPlayers can (1) gain a deep understanding of real-world autonomous driving systems' design, implementation, and their corresponding security properties and characteristics; and (2) learn the attack and defense practices related to autonomous driving in a well-controlled, repeatable, visible, and engaging environment.\n\n\n","media":[{"hash_sha256":"375569510e5615465450cb3678a63b8069acd85e1636cca316295fc89cf599d6","filetype":"image/png","hash_md5":"06d063cea5818c71eee33a32d18b836d","name":"ct_autodriving.png","is_logo":"Y","hash_crc32c":"db78dfca","filesize":20241,"asset_id":624,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_autodriving.png"}],"title":"[CANCELED] AutoDriving CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The AutoDriving CTF contest focuses on the emerging security challenges in autonomous driving systems. Various levels of self-driving functionalities, such as AI-powered perception, sensor fusion and route planning, are entering the product portfolio of automobile companies. From the security perspective, these AI-powered components not only contain common security problems such as memory safety bugs, but also introduce new threats such as physical adversarial attacks and sensor manipulations. Two popular examples of physical adversarial attacks are camouflage stickers that interfere with vehicle detection systems, and road graffitis that disturb lane keeping systems. The AI-powered navigation and control relies on the fusion of multiple sensor inputs, and many of the sensor inputs can be manipulated by malicious attackers. These manipulations combined with logical bugs in autonomous driving systems pose severe threats to road safety.\r\n\r\nWe design autonomous driving CTF (AutoDriving CTF) contests around the security challenges specific to these self-driving functions and components.\r\n\r\nThe goals of the AutoDriving CTF are the followings:\r\n\r\n- Demonstrate security implications of autonomous driving system design decisions through hands-on challenges, increase the awareness of potential risks in security professionals, and encourage them to propose defense solutions and tools to detect such risks.\r\n- Provide CTF challenges that allow players to learn attack and defense practices related to autonomous driving in a well-controlled, repeatable, and visible environment.\r\n- Build a set of vulnerable autonomous driving components that can be used for security research and defense evaluation.\r\n\r\nThe contest is based on a Jeopardy style of CTF game with a set of independent challenges. A typical contest challenge includes a backend that runs autonomous driving components in simulated or real environments, and a frontend that interacts with the players. This year's contest will follow the style of last year and includes the following types of challenges:\r\n\r\n- “attack”: such as constructing adversarial patches and spoofing fake sensor inputs,\r\n- “forensics”: such as investigating a security incident related to autonomous driving,\r\n- “detection”: such as detecting spoofed sensor inputs and fake obstacles,\r\n- “crashme on road!”: such as creating dangerous traffic scenarios to expose logical errors in autonomous driving systems.\r\n- “smart planner”: such as creating intelligent path planners for dangerous tasks that are difficult for human drivers\r\n\r\nMost of these challenges will be developed using game-engine based autonomous driving simulators, such as CARLA and SVL. The following link contains some challenge videos, summaries from AutoDriving CTF at DEF CON 29 and DEF CON 30\r\nhttps://drive.google.com/drive/folders/1JSVarIaQBmseLC9XqkfrxnRQto4WM225?usp=sharing\r\nhttps://www.youtube.com/channel/UCPPsKbVpxwk-464KIzr8xKw\r\n\r\n# What's new in 2024\r\nThis year, we will unlock new traffic conflict scenarios that are observed from real-world driving logs such as Jaywalk and double parked vehicles. New difficulty levels will be added to challenges in such scenarios by integrating real downstream AI modules such as object tracking from open-source autonomous driving software like Apollo, Autoware and OpenPilot.\r\n\r\nIn order to enable the audience to experience the challenges more directly, we plan to set up a vehicle wheel controller on site and provide a driving game this year. Audiences can drive themselves to compete with the self-driving vehicle in some of the challenges. Driving game demo:\r\nhttps://drive.google.com/drive/folders/1LIzJJ1I3Eqj_e0_ntX5eFu82U9ObiEYB?usp=sharing\r\n\r\n# For players\r\n- What do players need to do to participate AutoDriving CTF?\r\nMost of the challenges do not require domain knowledge of autonomous driving software or adversarial machine learning, although knowledge of those helps. For example, the players can generate images the way they like (e.g., drawing, photoshopping) to fool the AI-components or write a short python script to control the vehicle. Some challenges, such as incident forensics likely would require players to learn domain knowledge such as sensor information format and how fusion works.\r\n\r\n- What do we expect players to learn through the CTF event?\r\nPlayers can (1) gain a deep understanding of real-world autonomous driving systems' design, implementation, and their corresponding security properties and characteristics; and (2) learn the attack and defense practices related to autonomous driving in a well-controlled, repeatable, visible, and engaging environment.","updated_timestamp":{"seconds":1723168346,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T01:52:26Z","links":[{"label":"Twitter (@autodrivingctf)","type":"link","url":"https://twitter.com/autodrivingctf"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249420"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249419"}],"end":"2024-08-11T01:00:00.000-0000","id":56063,"tag_ids":[46426,46439,46752],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-05-B","hotel":"","short_name":"HW4-01-05-B","id":46352},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-09T01:52:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”\n\n\n","media":[{"hash_sha256":"428e14f21b35d7673729fe64d1b505c806155472894b40ffe1ce7324527577b1","filetype":"image/png","hash_md5":"97e55dc0e441e94ee6f15b141155b4f9","name":"ct_bic-ctf.png","is_logo":"Y","hash_crc32c":"4ce34dd1","filesize":257047,"asset_id":628,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_bic-ctf.png"}],"title":"Blacks in Cyber CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"The BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”","updated_timestamp":{"seconds":1722311050,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:44:10Z","links":[{"label":"More Info","type":"link","url":"https://www.blacksincyberconf.com/ctf"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249409"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249410"}],"end":"2024-08-11T00:00:00.000-0000","id":56058,"tag_ids":[46372,46426,46439,46755],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:44:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This event was born out of the fires of DEF CON. Through years of analyzing network traffic for the Wall of Sheep and teaching others how to do the same, we built this system as a way to help the growing numbers in our community learn (fast). Then it quickly turned into the first defensive based CTF at DEF CON and is one of the longer running competitions at con with a twist... Each year we practically re-invent ourselves, bringing the latest tools & techniques along with never seen before content across 17 categories to unleash hell on the mostly-unsuspecting attendees. For ’24 we have added tons of new content, and new types of challenges never seen before.\r\n\r\nCome compete in the world's most challenging cyber defense competition based on the Aries Security Cyber Range. Tear through the challenges, traverse a hostile enterprise class network, and diligently analyze what is found in order to make it out unscathed. Not only glory, but prizes await those that emerge victorious from this upgraded labyrinth, so only the best prepared and battle hardened will escape the crucible.\n\n\n","media":[{"hash_sha256":"39238a01b06f0ddf4e2a678a63b07a1fb93094a3716dee47fac88ff443b09b2f","filetype":"image/png","hash_md5":"bb82eeecc603d6d9d05f319875161b0f","name":"ct_ctp.png","is_logo":"Y","hash_crc32c":"a13f862e","filesize":72882,"asset_id":631,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_ctp.png"}],"title":"Capture the Packet","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"This event was born out of the fires of DEF CON. Through years of analyzing network traffic for the Wall of Sheep and teaching others how to do the same, we built this system as a way to help the growing numbers in our community learn (fast). Then it quickly turned into the first defensive based CTF at DEF CON and is one of the longer running competitions at con with a twist... Each year we practically re-invent ourselves, bringing the latest tools & techniques along with never seen before content across 17 categories to unleash hell on the mostly-unsuspecting attendees. For ’24 we have added tons of new content, and new types of challenges never seen before.\r\n\r\nCome compete in the world's most challenging cyber defense competition based on the Aries Security Cyber Range. Tear through the challenges, traverse a hostile enterprise class network, and diligently analyze what is found in order to make it out unscathed. Not only glory, but prizes await those that emerge victorious from this upgraded labyrinth, so only the best prepared and battle hardened will escape the crucible.","updated_timestamp":{"seconds":1722476750,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T01:45:50Z","links":[{"label":"More Info","type":"link","url":"https://www.capturethepacket.com"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249401"},{"label":"Twitter (@capturetp)","type":"link","url":"https://twitter.com/capturetp"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249402"}],"end":"2024-08-11T01:00:00.000-0000","id":56053,"tag_ids":[46385,46427,46439,46757],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T01:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The inception of this distinctive event occurred at DEF CON 31, initiated by a fortuitous encounter with CookieT while participating in LineCon for merch. Our shared passions fostered an immediate bond, and it was amidst this camaraderie that the idea for a future challenge germinated. Having previously engaged participants with puzzle-embedded challenge coins, I (Chasse) was inspired to expand the concept beyond a mere cipher. The aim was to design a contest that would appeal across a broad spectrum of skill levels by integrating a variety of puzzles, both modern and traditional, to attract a wider audience from a complete beginner new to the hackerspace to the more seasoned and advanced hacker. Observing the collective enthusiasm as participants unraveled the first simple coin puzzle was exhilarating, yet the quick resolution of the puzzle occasionally detracted from the overall experience for more advanced puzzle solvers. Throughout DEF CON 31, CookieT and I explored the feasibility of a web-based challenge CTF, laying the foundation for what would evolve into a pioneering contest and experience. Later Raven emerged from the shadows of cyberspace to help us chisel out the contest from Zeroes and Ones\r\n\r\nWith the announcement of DEF CON 32's theme, our concept was honed, ready to blend our creative talents into this year's challenge. We crafted an innovative combination of a narrative-driven journey game, scavenger hunt, and web-based Capture The Flag (CTF) challenges, all meticulously aligned with the DEC CON 32 \"Engage\" theme. This contest emerges as a holistic platform, introducing DEF CON newcomers to core security principles through an engaging narrative. Spanning a variety of fields including OSINT, cryptography, radio, telephony, password, and web security. It promises a rich, diverse experience! Participants, automatically divided into teams, are propelled on a quest to decode puzzles and unearth flags, with challenges designed to suit everyone from novices to veterans seeking sophisticated, intricate challenges. This contest transcends the conventional competition framework, evolving into an artful endeavor that illustrates the symbiosis of storytelling and technical puzzles to create a deeply immersive learning adventure. Imagined as an interactive storybook, it invites attendees to navigate their own routes, making their own choices that lead them through a story-rich exploration of security concepts and engagement even with each other.\r\n\r\nThe technical infrastructure of this experience is built on varied technologies. The main website, https://www.chassepartie.com, is developed with Ruby on Rails 7.1 and hosted on Heroku, with CloudFlare acting as our Web Application Firewall (WAF). This site functions as the scoreboard and narrative hub of the contest. Additionally, we have set up an XCP-NG hypervisor to host approximately 10 to 15 virtual machines as targets for participant engagement. Augmented reality markers are also in place, intended for deployment in communal areas like sticker boards, to enhance the experience. These elements are interwoven with the storyline, guiding attendees through what we believe is an unprecedented adventure-style CTF challenge named Chasse Partie Systems – Dystopian Apocalypse Resistance Terminal.\r\n\r\nSo come and join us on our deviant journey, what are you waiting for?\n\n\n","media":[{"hash_sha256":"95a6fc9488a5c31ed3edb2848eb2a24498095a0de6f93552e7bc6ffe48c215cf","filetype":"image/png","hash_md5":"5ed77e41c595c690f459fe08cc26c28a","name":"ct_chasse-partie-ctf-v2.png","is_logo":"Y","hash_crc32c":"292aa419","filesize":303387,"asset_id":668,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_chasse-partie-ctf-v2.png"}],"title":"Chasse Partie Systems CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The inception of this distinctive event occurred at DEF CON 31, initiated by a fortuitous encounter with CookieT while participating in LineCon for merch. Our shared passions fostered an immediate bond, and it was amidst this camaraderie that the idea for a future challenge germinated. Having previously engaged participants with puzzle-embedded challenge coins, I (Chasse) was inspired to expand the concept beyond a mere cipher. The aim was to design a contest that would appeal across a broad spectrum of skill levels by integrating a variety of puzzles, both modern and traditional, to attract a wider audience from a complete beginner new to the hackerspace to the more seasoned and advanced hacker. Observing the collective enthusiasm as participants unraveled the first simple coin puzzle was exhilarating, yet the quick resolution of the puzzle occasionally detracted from the overall experience for more advanced puzzle solvers. Throughout DEF CON 31, CookieT and I explored the feasibility of a web-based challenge CTF, laying the foundation for what would evolve into a pioneering contest and experience. Later Raven emerged from the shadows of cyberspace to help us chisel out the contest from Zeroes and Ones\r\n\r\nWith the announcement of DEF CON 32's theme, our concept was honed, ready to blend our creative talents into this year's challenge. We crafted an innovative combination of a narrative-driven journey game, scavenger hunt, and web-based Capture The Flag (CTF) challenges, all meticulously aligned with the DEC CON 32 \"Engage\" theme. This contest emerges as a holistic platform, introducing DEF CON newcomers to core security principles through an engaging narrative. Spanning a variety of fields including OSINT, cryptography, radio, telephony, password, and web security. It promises a rich, diverse experience! Participants, automatically divided into teams, are propelled on a quest to decode puzzles and unearth flags, with challenges designed to suit everyone from novices to veterans seeking sophisticated, intricate challenges. This contest transcends the conventional competition framework, evolving into an artful endeavor that illustrates the symbiosis of storytelling and technical puzzles to create a deeply immersive learning adventure. Imagined as an interactive storybook, it invites attendees to navigate their own routes, making their own choices that lead them through a story-rich exploration of security concepts and engagement even with each other.\r\n\r\nThe technical infrastructure of this experience is built on varied technologies. The main website, https://www.chassepartie.com, is developed with Ruby on Rails 7.1 and hosted on Heroku, with CloudFlare acting as our Web Application Firewall (WAF). This site functions as the scoreboard and narrative hub of the contest. Additionally, we have set up an XCP-NG hypervisor to host approximately 10 to 15 virtual machines as targets for participant engagement. Augmented reality markers are also in place, intended for deployment in communal areas like sticker boards, to enhance the experience. These elements are interwoven with the storyline, guiding attendees through what we believe is an unprecedented adventure-style CTF challenge named Chasse Partie Systems – Dystopian Apocalypse Resistance Terminal.\r\n\r\nSo come and join us on our deviant journey, what are you waiting for?","updated_timestamp":{"seconds":1722310816,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:40:16Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249395"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249396"}],"end":"2024-08-11T01:00:00.000-0000","id":56050,"tag_ids":[46426,46439,46758],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-E","hotel":"","short_name":"HW4-01-04-E","id":46347},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you ever wanted to break stuff on the cloud, or if you like rabbit holes that take you places you did not think you would go to, follow complicated story lines to only find you could have reached to the flag without scratching your head so much - then this CTF is for you!\r\n\r\nOur CTF is a two days jeopardy style contest where we have a bunch of challenges hosted across multiple Cloud providers across multiple categories of difficulty.\r\n\r\nYou can register as teams or go solo, use hints or stay away from them, in the end it will be all for glory or nothing. Plus the prizes. Did we not mention the prizes? :D\n\n\n","media":[{"hash_sha256":"84030b2ecb5f077fa506dcc16c49a685cf98f05b8c10202c417c064233eb4829","filetype":"image/png","hash_md5":"4b19e13df1a3f66b5f8b392d76ca707e","name":"ct_cloud.png","is_logo":"Y","hash_crc32c":"45aa66f3","filesize":58121,"asset_id":669,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_cloud.png"}],"title":"Cloud Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"If you ever wanted to break stuff on the cloud, or if you like rabbit holes that take you places you did not think you would go to, follow complicated story lines to only find you could have reached to the flag without scratching your head so much - then this CTF is for you!\r\n\r\nOur CTF is a two days jeopardy style contest where we have a bunch of challenges hosted across multiple Cloud providers across multiple categories of difficulty.\r\n\r\nYou can register as teams or go solo, use hints or stay away from them, in the end it will be all for glory or nothing. Plus the prizes. Did we not mention the prizes? :D","updated_timestamp":{"seconds":1722310678,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:37:58Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249392"},{"label":"Twitter (@cloudvillage_dc)","type":"link","url":"https://twitter.com/cloudvillage_dc"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249393"}],"end":"2024-08-11T01:00:00.000-0000","id":56047,"tag_ids":[46376,46426,46439,46759],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"CMD+CTRL Web App Hacking Challenge gives you the opportunity to showcase your red team skills by attacking real web applications. The CMD+CTRL platform is a hacking game designed to teach the fundamentals of web application security. Explore vulnerable web applications, discover security flaws, and exploit those flaws to earn points and climb up the scoreboard. After attacking an application for yourself, you'll have a better understanding of the vulnerabilities that put real world systems at risk.\r\n\r\nAt DEF CON 32: We will be replaying some of our Cyber Range Greatest Hits. We will be running 4 different Ranges with over a 150 challenges possible!\n\n\n","media":[{"hash_sha256":"9c8df8b7b1bfaa7f9a6f76d47c2ddafcb15c60bfc6ba40d764dfaf8bc3583cde","filetype":"image/png","hash_md5":"a6d499b0f825c7c532b2eaf562131129","name":"ct_cmdctrl.png","is_logo":"Y","hash_crc32c":"9670e5ce","filesize":4017,"asset_id":630,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_cmdctrl.png"}],"title":"CMD+CTRL at DEF CON 32","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"CMD+CTRL Web App Hacking Challenge gives you the opportunity to showcase your red team skills by attacking real web applications. The CMD+CTRL platform is a hacking game designed to teach the fundamentals of web application security. Explore vulnerable web applications, discover security flaws, and exploit those flaws to earn points and climb up the scoreboard. After attacking an application for yourself, you'll have a better understanding of the vulnerabilities that put real world systems at risk.\r\n\r\nAt DEF CON 32: We will be replaying some of our Cyber Range Greatest Hits. We will be running 4 different Ranges with over a 150 challenges possible!","updated_timestamp":{"seconds":1722310603,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:36:43Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249390"},{"label":"More Info","type":"link","url":"https://defcon32.cmdnctrl.net"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249389"}],"end":"2024-08-11T01:00:00.000-0000","id":56044,"tag_ids":[46427,46439,46760],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-D","hotel":"","short_name":"HW4-03-06-D","id":46377},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Zoogleta has been scheming to corporatize and enshittify the Internet through regulatory capture, squashing indy devs, and commodifying users.\r\n\r\nYou've been contacted by journalists and whistleblowers who need help sifting through some big dumps of encrypted data and password hashes.\r\n\r\nHelp them so they can publish the smoking gun, crash Zoogleta's stock price, and get their leadership and the corrupt politicians they own arrested by exposing their internal dirt, for great justice.\r\n\r\nTime is of the essence! You will have 48 hours to crack as many files and hashes as possible.\r\n\r\nOpen to all; preregistration is recommended. Compete in the Street class for individuals or small teams, or in Pro if you do not want to sleep all weekend. Check out past years' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/\n\n\n","media":[{"hash_sha256":"8c55b933bea038dc88c4628f4a2689a38cb05c0482e20738f947c7c0a6d0bd03","filetype":"image/png","hash_md5":"1747482750537af24b802702bb112b7e","name":"ct_crackmeifyoucan.png","is_logo":"Y","hash_crc32c":"398a67a5","filesize":50685,"asset_id":721,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_crackmeifyoucan.png"}],"title":"CrackMeIfYouCan","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Zoogleta has been scheming to corporatize and enshittify the Internet through regulatory capture, squashing indy devs, and commodifying users.\r\n\r\nYou've been contacted by journalists and whistleblowers who need help sifting through some big dumps of encrypted data and password hashes.\r\n\r\nHelp them so they can publish the smoking gun, crash Zoogleta's stock price, and get their leadership and the corrupt politicians they own arrested by exposing their internal dirt, for great justice.\r\n\r\nTime is of the essence! You will have 48 hours to crack as many files and hashes as possible.\r\n\r\nOpen to all; preregistration is recommended. Compete in the Street class for individuals or small teams, or in Pro if you do not want to sleep all weekend. Check out past years' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/","updated_timestamp":{"seconds":1722310455,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:34:15Z","links":[{"label":"More Info","type":"link","url":"https://www.crackmeifyoucan.com"},{"label":"Sub-Forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250053"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250054"},{"label":"Mastodon (@CrackMeIfYouCan@infosec.exchange)","type":"link","url":"https://infosec.exchange/@CrackMeIfYouCan"}],"end":"2024-08-11T01:00:00.000-0000","id":56041,"tag_ids":[46428,46439,46761],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-05","hotel":"","short_name":"HW4-01-05","id":46349},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:34:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Various cyber tools and techniques have been utilized based on information from past attacks. Game players will learn about different cyber security frameworks, cyber-attack processes, and how they can use utilised in a fun way. The game is built to teach key cyber terms, theory and apply techniques based on real-world scenarios.\r\n\r\nAs a player, you are part of a Global Cyber Protection Team (GCPT) assigned to the mission to prevent various attacks on critical infrastructure. Your task is to use the available information that your team has at your disposal to stop the adversary from achieving their objective.\r\n\r\nPlayers will find themselves in a variety of future scenarios based on a specific industry/sector focus e.g. manufacturing, utilities, defense, finance. The task will be to defend each individual network/system to govern, identify, detect, respond and recover against abnormal/suspicious activities on the network. You will be working against a global hacker network who are threatening to disrupt the overall operations of global critical infrastructure sites for their own nefarious means.\r\n\r\nYour team must protect various networks/systems as part of a global environment. If 5 or more systems are compromised and deactivated, the hacker network successfully disabled the global environment and can assume control of the entire environment. It is your mission to protect the environment and ensure the availability of the global system.\n\n\n","media":[{"hash_sha256":"590434b852585a01a647426db34529416f6624082c827bbd32d1ef45e5ef4651","filetype":"image/png","hash_md5":"1e73edab68d1da1d66c84a992554e685","name":"ct_cyberdefender.png","is_logo":"Y","hash_crc32c":"5a341827","filesize":92175,"asset_id":632,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_cyberdefender.png"}],"title":"Cyber Defender - The Game","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Various cyber tools and techniques have been utilized based on information from past attacks. Game players will learn about different cyber security frameworks, cyber-attack processes, and how they can use utilised in a fun way. The game is built to teach key cyber terms, theory and apply techniques based on real-world scenarios.\r\n\r\nAs a player, you are part of a Global Cyber Protection Team (GCPT) assigned to the mission to prevent various attacks on critical infrastructure. Your task is to use the available information that your team has at your disposal to stop the adversary from achieving their objective.\r\n\r\nPlayers will find themselves in a variety of future scenarios based on a specific industry/sector focus e.g. manufacturing, utilities, defense, finance. The task will be to defend each individual network/system to govern, identify, detect, respond and recover against abnormal/suspicious activities on the network. You will be working against a global hacker network who are threatening to disrupt the overall operations of global critical infrastructure sites for their own nefarious means.\r\n\r\nYour team must protect various networks/systems as part of a global environment. If 5 or more systems are compromised and deactivated, the hacker network successfully disabled the global environment and can assume control of the entire environment. It is your mission to protect the environment and ensure the availability of the global system.","updated_timestamp":{"seconds":1722310334,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:32:14Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249384"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249385"}],"end":"2024-08-11T01:00:00.000-0000","id":56037,"tag_ids":[46439,46762],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-C","hotel":"","short_name":"HW4-03-06-C","id":46376},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Darknet-NG is an Alternate Reality Game (ARG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The \"Learning Quests\" help the agent gather knowledge from all across the other villages at the conference, while the \"Challenge Quests\" help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year's final challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site https://darknet-ng.network and join our growing Discord Community!\n\n\n","media":[{"hash_sha256":"1b2e0f8d162af1a6bd8a463fa27176b2afd439a1dc61b7817c2c855763a600ed","filetype":"image/png","hash_md5":"e7442de5c5eb4549170a56163423cd5e","name":"ct_darknet.png","is_logo":"Y","hash_crc32c":"f77e820f","filesize":49081,"asset_id":633,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_darknet.png"}],"title":"Darknet-NG","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Darknet-NG is an Alternate Reality Game (ARG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The \"Learning Quests\" help the agent gather knowledge from all across the other villages at the conference, while the \"Challenge Quests\" help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year's final challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site https://darknet-ng.network and join our growing Discord Community!","updated_timestamp":{"seconds":1722310268,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:31:08Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249382"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249381"},{"label":"More Info","type":"link","url":"https://darknet-ng.network"},{"label":"Twitter (@DarknetNg)","type":"link","url":"https://twitter.com/DarknetNg"}],"end":"2024-08-11T01:00:00.000-0000","id":56034,"tag_ids":[46426,46439,46763],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-D","hotel":"","short_name":"HW4-02-01-D","id":46359},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DARPA and ARPA-H’s Artificial Intelligence Cyber Challenge (AIxCC) will bring together the foremost experts in AI and cybersecurity to safeguard the software critical to all Americans. AIxCC is a two-year competition that asks competitors to design novel AI systems to secure this critical code and will award a cumulative $29.5 million in prizes to Teams with the best systems. In 2024, top teams will be awarded prizes of $2 million each, and will advance to the finals at DEF CON 33. The AIxCC Experience at DEF CON 32 is an immersive and interactive competition environment and educational space to inspire people and organizations to accelerate the development of AI-enabled cyber defenses. Attendees will explore a futuristic city where they can learn all about the competition, the technology, and the power of AI to help secure the software we all depend on.\r\n\r\nRegistration for AIxCC is no longer open to new contestants. AIxCC Preliminary Events were held March – July 2024.\r\n\r\nSemifinalists will be announced here: https://aicyberchallenge.com/\n\n\n","media":[{"hash_sha256":"ff926fdb8070905e8485c17bfc79608b27202a7548f2ddcc058bbb89ea639e83","filetype":"image/png","hash_md5":"cbceb546139e5ed4e4a61a0b7fcaf58a","name":"ct_aixcc.png","is_logo":"Y","hash_crc32c":"661f6649","filesize":94474,"asset_id":625,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_aixcc.png"}],"title":"DARPA's Artificial Intelligence Cyber Challenge (AIxCC)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"DARPA and ARPA-H’s Artificial Intelligence Cyber Challenge (AIxCC) will bring together the foremost experts in AI and cybersecurity to safeguard the software critical to all Americans. AIxCC is a two-year competition that asks competitors to design novel AI systems to secure this critical code and will award a cumulative $29.5 million in prizes to Teams with the best systems. In 2024, top teams will be awarded prizes of $2 million each, and will advance to the finals at DEF CON 33. The AIxCC Experience at DEF CON 32 is an immersive and interactive competition environment and educational space to inspire people and organizations to accelerate the development of AI-enabled cyber defenses. Attendees will explore a futuristic city where they can learn all about the competition, the technology, and the power of AI to help secure the software we all depend on.\r\n\r\nRegistration for AIxCC is no longer open to new contestants. AIxCC Preliminary Events were held March – July 2024.\r\n\r\nSemifinalists will be announced here: https://aicyberchallenge.com/","updated_timestamp":{"seconds":1722310204,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:30:04Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249422"},{"label":"More Info","type":"link","url":"https://aicyberchallenge.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249423"}],"end":"2024-08-11T01:00:00.000-0000","id":56031,"tag_ids":[46427,46439,46764],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-06 (AIxCC)","hotel":"","short_name":"HW3-05-06 (AIxCC)","id":46268},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The DEF CON Kubernetes Capture the Flag (CTF) contest features a Kubernetes-based CTF challenge, where teams and individuals can build and test their Kubernetes hacking skills. Each team/individual is given access to a single Kubernetes cluster that contains a set of serial challenges, winning flags and points as they progress. Later flags pose more difficulty, but count for more points.\r\n\r\nA scoreboard tracks the teams’ current and final scores. In the event of a tie, the first team to achieve the score wins that tie.\n\n\n","media":[{"hash_sha256":"a5a762ead7376172dae80fa2c3959bd1e4a22190a057721df654c025d0edfd7f","filetype":"image/png","hash_md5":"01005631367ac14ee6f758e7b45997bc","name":"ct_kubernetes-ctf.png","is_logo":"Y","hash_crc32c":"160f25aa","filesize":16051,"asset_id":636,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_kubernetes-ctf.png"}],"title":"DC Kubernetes Capture the Flag (CTF)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"The DEF CON Kubernetes Capture the Flag (CTF) contest features a Kubernetes-based CTF challenge, where teams and individuals can build and test their Kubernetes hacking skills. Each team/individual is given access to a single Kubernetes cluster that contains a set of serial challenges, winning flags and points as they progress. Later flags pose more difficulty, but count for more points.\r\n\r\nA scoreboard tracks the teams’ current and final scores. In the event of a tie, the first team to achieve the score wins that tie.","updated_timestamp":{"seconds":1722310069,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:27:49Z","links":[{"label":"More Info","type":"link","url":"https://containersecurityctf.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249379"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249378"}],"end":"2024-08-11T00:00:00.000-0000","id":56029,"tag_ids":[46428,46439,46765],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-E","hotel":"","short_name":"HW4-02-01-E","id":46360},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Threat Modeling is arguably the single most important activity in an application security program and if performed early can identify a wide range of potential flaws before a single line of code has been written. While being so critically important there is no single correct way to perform Threat Modeling, many techniques, methodologies and/or tools exist.\r\n\r\nAs part of our challenge we will present contestants with the exact same design and compare the outputs they produce against a number of categories in order to identify a winner and crown DEF CON’s Next Top Threat Model(er).\n\n\n","media":[{"hash_sha256":"9f1c45d1825d2b7b5cd93c07c1a6bba41550b5cc76e52275ba0f3d3e33abf1b7","filetype":"image/png","hash_md5":"a4ccc4bb2dc371a268d25b115dd92920","name":"ct_dcnttm.png","is_logo":"Y","hash_crc32c":"a36d8a48","filesize":16951,"asset_id":634,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_dcnttm.png"}],"title":"DC’s Next Top Threat Model (DCNTTM)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Threat Modeling is arguably the single most important activity in an application security program and if performed early can identify a wide range of potential flaws before a single line of code has been written. While being so critically important there is no single correct way to perform Threat Modeling, many techniques, methodologies and/or tools exist.\r\n\r\nAs part of our challenge we will present contestants with the exact same design and compare the outputs they produce against a number of categories in order to identify a winner and crown DEF CON’s Next Top Threat Model(er).","updated_timestamp":{"seconds":1722309815,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:23:35Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249371"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249372"},{"label":"More Info","type":"link","url":"https://threatmodel.us"}],"end":"2024-08-11T01:00:00.000-0000","id":56027,"tag_ids":[46426,46439,46766],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-05-A","hotel":"","short_name":"HW4-01-05-A","id":46351},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Whether you're a seasoned DEFCON veteran or a curious newcomer, the DEFCON Scavenger Hunt promises to challenge your skills, tickle your wits, and ignite your hacker spirit. Our list is a portal to mystery, mischief, and mayhem. Assemble your team of up to five members, interpret the items, and submit your findings at the booth to our esteemed judges. Go beyond the basics for bonus points. Legends are born here.\r\n\r\nCasual players will enjoy doing a handful of items, but you will need to devote your entire weekend if you want to win. It's not just about fame, glory, or boxes of swag; the true allure is the camaraderie of fellow hackers, the knowledge that you've etched your mark on DEFCON history, and the ultimate badge of honor: bragging rights. Nothing says \"I'm a hacker\" quite like being triumphant at the DEFCON Scavenger Hunt contest.\r\n\r\nSee you at the booth!\n\n\n","media":[{"hash_sha256":"0bbb61282ddf3bcc0d027a7ffb0cb2f0dc6fcf32814b48e53488203695f478b3","filetype":"image/png","hash_md5":"d8ada9124833199cadf2f291b0178024","name":"ct_scav-hunt.png","is_logo":"Y","hash_crc32c":"fa957778","filesize":20774,"asset_id":639,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_scav-hunt.png"}],"title":"DEF CON Scavenger Hunt","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Whether you're a seasoned DEFCON veteran or a curious newcomer, the DEFCON Scavenger Hunt promises to challenge your skills, tickle your wits, and ignite your hacker spirit. Our list is a portal to mystery, mischief, and mayhem. Assemble your team of up to five members, interpret the items, and submit your findings at the booth to our esteemed judges. Go beyond the basics for bonus points. Legends are born here.\r\n\r\nCasual players will enjoy doing a handful of items, but you will need to devote your entire weekend if you want to win. It's not just about fame, glory, or boxes of swag; the true allure is the camaraderie of fellow hackers, the knowledge that you've etched your mark on DEFCON history, and the ultimate badge of honor: bragging rights. Nothing says \"I'm a hacker\" quite like being triumphant at the DEFCON Scavenger Hunt contest.\r\n\r\nSee you at the booth!","updated_timestamp":{"seconds":1722309542,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:19:02Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249365"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249366"},{"label":"Twitter (@defconscavhunt)","type":"link","url":"https://twitter.com/defconscavhunt"},{"label":"More Info","type":"link","url":"https://www.defconscavhunt.com"}],"end":"2024-08-11T01:00:00.000-0000","id":56024,"tag_ids":[46427,46439,46767],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-02","hotel":"","short_name":"HW4-03-02","id":46369},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hybrid Contest\r\nOn-site Hours: Friday and Saturday 10:00-18:00; Sunday: 10:00-12:00\r\nBecomes available online Thursday 12:00\r\nOnline and In-Person platforms will close Sunday 12:00\r\nPlayers will only be able to turn in scavenger hunt items during On-site Hours.\r\n\r\nThis Pac-Man themed set of challenges takes Players on a journey through learning and demonstrating hacker and information security skills to earn points. With multiple subject-matter specific challenge groups and tracks, this hacker challenge game has something for everyone. You, dear Player, are Hac-Man (or Ms. Hac-Man, or Hac-Person), making your way through various dark mazes eating pellets, fruit, and ghosts. Each ghost represents a hacker puzzle or skills challenge. Upon completing each challenge, you’ll be awarded points and can continue on to attempt further challenges. Many challenges have unlockable hints and location information, which you can unlock by spending your collected fruit.\r\n\r\nThere is a leaderboard! As you collect points, you’ll show up on this leaderboard. The top 10 Players at the end of the game will be awarded various prizes from a prize pool.\n\n\n","media":[{"hash_sha256":"cc6847194df5b5f393d21dbe7eae61dd116d6ba9425fa3ecf526ffe8e72fcd79","filetype":"image/png","hash_md5":"a8e899829eca14ba61dacae2a6508d0a","name":"ct_hac-man_v2.png","is_logo":"Y","hash_crc32c":"e972f1c8","filesize":99075,"asset_id":782,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hac-man_v2.png"}],"title":"Hac-Man","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Hybrid Contest\r\nOn-site Hours: Friday and Saturday 10:00-18:00; Sunday: 10:00-12:00\r\nBecomes available online Thursday 12:00\r\nOnline and In-Person platforms will close Sunday 12:00\r\nPlayers will only be able to turn in scavenger hunt items during On-site Hours.\r\n\r\nThis Pac-Man themed set of challenges takes Players on a journey through learning and demonstrating hacker and information security skills to earn points. With multiple subject-matter specific challenge groups and tracks, this hacker challenge game has something for everyone. You, dear Player, are Hac-Man (or Ms. Hac-Man, or Hac-Person), making your way through various dark mazes eating pellets, fruit, and ghosts. Each ghost represents a hacker puzzle or skills challenge. Upon completing each challenge, you’ll be awarded points and can continue on to attempt further challenges. Many challenges have unlockable hints and location information, which you can unlock by spending your collected fruit.\r\n\r\nThere is a leaderboard! As you collect points, you’ll show up on this leaderboard. The top 10 Players at the end of the game will be awarded various prizes from a prize pool.","updated_timestamp":{"seconds":1722309229,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:13:49Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249354"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249355"},{"label":"More Info","type":"link","url":"https://scramble.roguesignal.io/GM_HACM24"}],"end":"2024-08-11T01:00:00.000-0000","id":56016,"tag_ids":[46426,46439,46769],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-C","hotel":"","short_name":"HW4-02-01-C","id":46358},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We would like to see cancer become a thing of the past, and you can help. How? Join the Hacker Cooling Contraption Challenge, brought to you by the TeleChallenge. Here's how it works:\r\n\r\n1. Accept our Challenge. If you accept the Challenge, you're also committing to nominate three people to join you.\r\n2. Take a video of yourself dumping a bucket of ice water over your head in combination with a Contraption of your construction to lower your temperature and raise awareness of cancer. Trust us, it's way easier to do this during the summer in Vegas than at Halifax Analytica headquarters in the winter.\r\n3. Post the audio to the TeleChallenge voice BBS challenging up to three others using their phone number, or post a video to https://defcon.social or your social media of choice using the hashtag #HackerCoolingContraption and the following:\r\n - Your handle\r\n - Who challenged you\r\n - A statement of acceptance (\"I agree that I am responsible for my own hacker cooling actions, I understand that water is wet, and I promise not to sue the TeleChallenge or DEF CON\" or something to that effect)\r\n - The handles of 3 people you are nominating\r\n - A link to a nonprofit cancer research project or charity of your choice that you have chosen to support\r\n - A mention of your contribution (including cash, cryptocurrency, volunteer hours, or computing resources), if any\r\n\r\nSuggested: Make a contribution of your choice to support cancer research. You may want to check nonprofit and charity quality here: https://www.charitynavigator.org/\r\n\r\nRULES\r\n\r\n1. You can use up to 4 items obtained either from the TeleChallenge booth or at a dollar store costing no more than $5 plus tax, plus duct tape, along with a single one-gallon bucket or container full of conventional ice and water (solely H2O!) to build your Contraption.\r\n2. Only hand tools may be used.\r\n3. No hackers may be harmed in the execution of the Challenge. Contraption may cool to no colder than -3 degrees Celcius.\r\n4. You may wear no less than a bathing suit (due to dress code requirements at pools).\r\n5. Contraptions will be judged only for full participants of the Challenge, meaning you have made three nominations and at least two nominees have also participated.\r\n6. Judging criteria: Efficacy, creativity, flair, hax.\n\n\n","media":[{"hash_sha256":"1162bb14d1418b4cae3817411de665ed741ed2268a0dcc68a84b299605b611cb","filetype":"image/png","hash_md5":"a28c768a3e779e17ac17c6310bf89f1e","name":"ct_telechallenge.png","is_logo":"Y","hash_crc32c":"a0fffafe","filesize":8220,"asset_id":660,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_telechallenge.png"}],"title":"Hacker Cooling Contraption Challenge, brought to you by the TeleChallenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"We would like to see cancer become a thing of the past, and you can help. How? Join the Hacker Cooling Contraption Challenge, brought to you by the TeleChallenge. Here's how it works:\r\n\r\n1. Accept our Challenge. If you accept the Challenge, you're also committing to nominate three people to join you.\r\n2. Take a video of yourself dumping a bucket of ice water over your head in combination with a Contraption of your construction to lower your temperature and raise awareness of cancer. Trust us, it's way easier to do this during the summer in Vegas than at Halifax Analytica headquarters in the winter.\r\n3. Post the audio to the TeleChallenge voice BBS challenging up to three others using their phone number, or post a video to https://defcon.social or your social media of choice using the hashtag #HackerCoolingContraption and the following:\r\n - Your handle\r\n - Who challenged you\r\n - A statement of acceptance (\"I agree that I am responsible for my own hacker cooling actions, I understand that water is wet, and I promise not to sue the TeleChallenge or DEF CON\" or something to that effect)\r\n - The handles of 3 people you are nominating\r\n - A link to a nonprofit cancer research project or charity of your choice that you have chosen to support\r\n - A mention of your contribution (including cash, cryptocurrency, volunteer hours, or computing resources), if any\r\n\r\nSuggested: Make a contribution of your choice to support cancer research. You may want to check nonprofit and charity quality here: https://www.charitynavigator.org/\r\n\r\nRULES\r\n\r\n1. You can use up to 4 items obtained either from the TeleChallenge booth or at a dollar store costing no more than $5 plus tax, plus duct tape, along with a single one-gallon bucket or container full of conventional ice and water (solely H2O!) to build your Contraption.\r\n2. Only hand tools may be used.\r\n3. No hackers may be harmed in the execution of the Challenge. Contraption may cool to no colder than -3 degrees Celcius.\r\n4. You may wear no less than a bathing suit (due to dress code requirements at pools).\r\n5. Contraptions will be judged only for full participants of the Challenge, meaning you have made three nominations and at least two nominees have also participated.\r\n6. Judging criteria: Efficacy, creativity, flair, hax.","updated_timestamp":{"seconds":1722309155,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:12:35Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249290"},{"label":"More Info","type":"link","url":"https://www.telechallenge.org"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249289"}],"end":"2024-08-11T01:00:00.000-0000","id":56013,"tag_ids":[46426,46439,46770],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-B","hotel":"","short_name":"HW4-02-02-B","id":46363},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Friday: Free play 10:00 - 15:00, \r\nPrelim Round 1: 16:00 - 17:00, \r\nPrelim Round 2: 17:00 - 18:00, \r\nRegistration closes: 18:00\r\n\r\nSaturday: Prelim Round 3: 11:00, \r\nPrelim Round 4: 12:00,\r\nSemi Finals Round 1: 14:00,\r\nSemi Finals Round 2: 15:00,\r\nFinals: 17:00\r\n\r\nHackFortress is a unique blend of Team Fortress 2 and a computer security contest. Teams are made up of 6 TF2 players and 4 hackers. TF2 players duke it out while hackers are busy with challenges like application security, network security, social engineering, or reverse engineering. As teams start scoring they can redeem points in the hack fortress store for bonuses. Bonuses range from crits for the TF2, lighting the opposing team on fire, or preventing the other teams hackers from accessing the store. HackFortress challenges range from beginner to advanced, from serious to absurd.\n\n\n","media":[{"hash_sha256":"ce9475936b2cf60c1c9cfa45f28e7cb875f88b8c5110474733a3a061693cd6df","filetype":"image/png","hash_md5":"4203eed2fd0b606da1243ec118062eb8","name":"ct_hack_fortress2.png","is_logo":"Y","hash_crc32c":"2ee22324","filesize":7500,"asset_id":644,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hack_fortress2.png"}],"title":"HackFortress","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Friday: Free play 10:00 - 15:00, \r\nPrelim Round 1: 16:00 - 17:00, \r\nPrelim Round 2: 17:00 - 18:00, \r\nRegistration closes: 18:00\r\n\r\nSaturday: Prelim Round 3: 11:00, \r\nPrelim Round 4: 12:00,\r\nSemi Finals Round 1: 14:00,\r\nSemi Finals Round 2: 15:00,\r\nFinals: 17:00\r\n\r\nHackFortress is a unique blend of Team Fortress 2 and a computer security contest. Teams are made up of 6 TF2 players and 4 hackers. TF2 players duke it out while hackers are busy with challenges like application security, network security, social engineering, or reverse engineering. As teams start scoring they can redeem points in the hack fortress store for bonuses. Bonuses range from crits for the TF2, lighting the opposing team on fire, or preventing the other teams hackers from accessing the store. HackFortress challenges range from beginner to advanced, from serious to absurd.","updated_timestamp":{"seconds":1722308803,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:06:43Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249347"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249348"},{"label":"More Info","type":"link","url":"https://hackfortress.net"}],"end":"2024-08-11T01:00:00.000-0000","id":56011,"tag_ids":[46427,46439,46771],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-A","hotel":"","short_name":"HW4-01-04-A","id":46276},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Grab some solder and update your JTAGulator! The Hardware Hacking Village (HHV) is back with another DEF CON hardware hacking-focused Capture the Flag (CTF) competition. This is a jeopardy style CTF, designed to challenge participants in various aspects of hardware hacking. Whether you're new to hardware hacking or experienced and just looking for something to do while you wait for your fault injection to trigger, all are welcome and challenges range from beginner to advanced.\n\n\n","media":[{"hash_sha256":"f74360633c6039f39c940ac261531b9070b375ca03df7934820a6e6936b3f328","filetype":"image/png","hash_md5":"6e367f9dca843f023ac7435893d4516f","name":"ct_hhvctf.png","is_logo":"Y","hash_crc32c":"5abd42a5","filesize":24398,"asset_id":647,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hhvctf.png"}],"title":"Hardware Hacking Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Grab some solder and update your JTAGulator! The Hardware Hacking Village (HHV) is back with another DEF CON hardware hacking-focused Capture the Flag (CTF) competition. This is a jeopardy style CTF, designed to challenge participants in various aspects of hardware hacking. Whether you're new to hardware hacking or experienced and just looking for something to do while you wait for your fault injection to trigger, all are welcome and challenges range from beginner to advanced.","updated_timestamp":{"seconds":1722308581,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T03:03:01Z","links":[{"label":"More Info","type":"link","url":"https://dchhv.org/challenges/dc32"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249338"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249339"},{"label":"CTF Announcement / Prereqs","type":"link","url":"https://dchhv.org/announcement/ctf/dc32/2024/08/01/dc32-hhv-challenges.html"}],"end":"2024-08-11T01:00:00.000-0000","id":56007,"tag_ids":[46381,46427,46439,46773],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T03:03:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This event was born out of the desire to teach an often-overlooked hardware and networking skill, and to provide the opportunity for experienced people to mentor others as they learn. DEF CON provides the perfect environment for people with no prior training to learn something useful and new. Hardwired networks are often overlooked in today’s world of cellular connection and Wi-Fi, but they still play an important part in the backbone of information sharing. We believe that while cutting-edge technologies are thrilling, traditional skills-building still has its place, and we want to provide that opportunity to the DEF CON community.\r\n\r\nDon't know how to make a network cable and want to learn? Has it been years? Or do you think you're a pro? Come see if you can... make the best cable at con by cut/wire/crimp.\n\n\n","media":[],"title":"HardWired","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"This event was born out of the desire to teach an often-overlooked hardware and networking skill, and to provide the opportunity for experienced people to mentor others as they learn. DEF CON provides the perfect environment for people with no prior training to learn something useful and new. Hardwired networks are often overlooked in today’s world of cellular connection and Wi-Fi, but they still play an important part in the backbone of information sharing. We believe that while cutting-edge technologies are thrilling, traditional skills-building still has its place, and we want to provide that opportunity to the DEF CON community.\r\n\r\nDon't know how to make a network cable and want to learn? Has it been years? Or do you think you're a pro? Come see if you can... make the best cable at con by cut/wire/crimp.","updated_timestamp":{"seconds":1722476715,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T01:45:15Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249337"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249336"}],"end":"2024-08-11T01:00:00.000-0000","id":56004,"tag_ids":[46385,46427,46439,46774],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T01:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A powerful corporation, notorious for its unethical practices, leveraged their extensive data resources gathered from users, and their psychological profiles, to subdue the population into compliance. The immune few, realizing the extent of the corporate conspiracy, band together to expose and dismantle the corporation's grip on society. These individuals must navigate a dangerous world of surveillance and betrayal. Their mission is to ignite a global awakening and reclaim freedom from corporate domination.\r\n\r\nPlayers will have to join the mission and participate in a CTF that would be beneficial for beginners and experienced players alike. The challenge categories will be Web, Cryptography, Forensics, PWN(binary exploitation) and Reverse Engineering. Various difficulty challenges from each category will be featured.\n\n\n","media":[{"hash_sha256":"f55b0da621d4ee7bcd1f6dd77fc6c800e20904a3840e9c4e47aee632f1571436","filetype":"image/png","hash_md5":"a396fd3e8349dccb4058656168c13a48","name":"ct_htbctfdatadystopia.png","is_logo":"Y","hash_crc32c":"bdc31b88","filesize":412581,"asset_id":663,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_htbctfdatadystopia.png"}],"title":"HTB CTF: Data Dystopia","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"A powerful corporation, notorious for its unethical practices, leveraged their extensive data resources gathered from users, and their psychological profiles, to subdue the population into compliance. The immune few, realizing the extent of the corporate conspiracy, band together to expose and dismantle the corporation's grip on society. These individuals must navigate a dangerous world of surveillance and betrayal. Their mission is to ignite a global awakening and reclaim freedom from corporate domination.\r\n\r\nPlayers will have to join the mission and participate in a CTF that would be beneficial for beginners and experienced players alike. The challenge categories will be Web, Cryptography, Forensics, PWN(binary exploitation) and Reverse Engineering. Various difficulty challenges from each category will be featured.","updated_timestamp":{"seconds":1722308173,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:56:13Z","links":[{"label":"Website","type":"link","url":"https://ctf.hackthebox.com/"},{"label":"Twitter (@hackthebox_eu)","type":"link","url":"https://twitter.com/hackthebox_eu"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249333"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249334"}],"end":"2024-08-11T01:00:00.000-0000","id":56001,"tag_ids":[46427,46439,46775],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06","hotel":"","short_name":"HW4-03-06","id":46373},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The ICS Village CTF offers hands-on experiences with industrial control systems, which bridge technology with physics. Attendees engage with industry experts while solving challenges like a red vs blue manufacturing network process coupled with OT-specific jeopardy-stye challenges. This contest highlights vulnerabilities in industrial equipment and OT protocols. By simulating attacks on critical infrastructure, participants develop and practice DEFCON-level skills, enhancing their understanding with critical infrastructure and the world we rely on.\n\n\n","media":[{"hash_sha256":"8f0942a63e6e9852cd8a122722da50a5f820039a33fbf629d8e0bbb0bc3c2a25","filetype":"image/png","hash_md5":"6f799941f98600f913350895408f1f4c","name":"ct_ics.png","is_logo":"Y","hash_crc32c":"765e2955","filesize":196108,"asset_id":648,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_ics.png"}],"title":"ICS CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The ICS Village CTF offers hands-on experiences with industrial control systems, which bridge technology with physics. Attendees engage with industry experts while solving challenges like a red vs blue manufacturing network process coupled with OT-specific jeopardy-stye challenges. This contest highlights vulnerabilities in industrial equipment and OT protocols. By simulating attacks on critical infrastructure, participants develop and practice DEFCON-level skills, enhancing their understanding with critical infrastructure and the world we rely on.","updated_timestamp":{"seconds":1722308131,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:55:31Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249319"},{"label":"Website","type":"link","url":"https://www.icsvillage.com/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249318"}],"end":"2024-08-11T01:00:00.000-0000","id":55998,"tag_ids":[46427,46439,46776],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The IoT village pi eating contest is a challenge where participants put their hardwear hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins.\r\n\r\nIn this brand new challenge, participants put their hardware hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins!\r\n\n\n\n","media":[],"title":"IoT Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The IoT village pi eating contest is a challenge where participants put their hardwear hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins.\r\n\r\nIn this brand new challenge, participants put their hardware hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins!","updated_timestamp":{"seconds":1722622146,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T18:09:06Z","links":[{"label":"More Info","type":"link","url":"https://scoreboard.iotvillage.org/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249449"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249448"}],"end":"2024-08-11T01:00:00.000-0000","id":55995,"tag_ids":[46427,46439,46777],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T18:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Your friend called. They had their place raided. They swear it's a setup. But now they're in jail and you're the only hope they have. Can you collect the evidence that will let them walk free? Where should you look? The evidence is everywhere, and it could be anywhere. You might be sitting on it. You might be standing near it. It might be stuck to something. It might be lying in plain sight. Find the disks and bring them to us. All they said to you before they hung up was \"It's in that place where I put that thing that time.\" Good luck.\n\n\n","media":[{"hash_sha256":"db1774578686bfa55ffe22e4d5bf679dab09062d63c06832d97909d59778ea4d","filetype":"image/png","hash_md5":"f0232799ba2c7fdc7ee2f1d7b10e849b","name":"ct_place-thing-time.png","is_logo":"Y","hash_crc32c":"657c9823","filesize":110028,"asset_id":649,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_place-thing-time.png"}],"title":"It's In That Place Where I Put That Thing That Time","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Your friend called. They had their place raided. They swear it's a setup. But now they're in jail and you're the only hope they have. Can you collect the evidence that will let them walk free? Where should you look? The evidence is everywhere, and it could be anywhere. You might be sitting on it. You might be standing near it. It might be stuck to something. It might be lying in plain sight. Find the disks and bring them to us. All they said to you before they hung up was \"It's in that place where I put that thing that time.\" Good luck.","updated_timestamp":{"seconds":1722308045,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:54:05Z","links":[{"label":"Twitter (@iitpwiptttt)","type":"link","url":"https://twitter.com/iitpwiptttt"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249330"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249331"}],"end":"2024-08-11T01:00:00.000-0000","id":55993,"tag_ids":[46427,46439,46778],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Do you fancy doing live recon on Real Organizations? Then activate Yourself. And compete in a unique HACKER challenge.\r\n\r\nThis year we are launching a new nail biting Contest, i.e Live Recon where participants will compete with each other to perform a deep osint and recon on the target organization. Here are the details:\r\n\r\nAbout the contest: \r\n\r\nJoin us for an electrifying two-day Live Reconnaissance Event. Whether you're a seasoned security expert, a curious newcomer or a bugbounty pro, this is your chance to test your skills in a high-octane environment.\r\n\r\nYour Mission\r\n\r\nGet ready to perform live reconnaissance on a curated list of companies. Dig deep and unearth critical information that could be game-changing. Use your analytical prowess and sharp instincts to explore, probe, and uncover hidden data.\r\n\r\nWhy Join the Hunt?\r\n\r\nExperience Real-World Challenges: Face off against real-world scenarios.\r\nCompete and Collaborate: Work with the best minds in the field.\r\nLearn from the Masters: Recon on a massive scale.\r\nScore Epic Prizes: Walk away with cool rewards.\r\n\r\nWho's Invited?\r\n\r\nIf you’ve got a passion for cybersecurity and Recon, this event is for you. Whether you’re a university student, a pro pentester, or a hobbyist eager to sharpen your skills, we want you! Teams are encouraged to register and bring a mix of talents to tackle these challenges head-on.\r\n\r\nGet Ready to Recon!\r\n\r\nUnleash your inner hacker and join us for a reconnaissance adventure you won’t forget!\r\n\r\nPlease note that this is an in-person event, and winners need to be at DEFCON to collect their prizes. However, once we have announced the targets, participants can play it from anywhere online (as this is Recon on public and live targets).\n\n\n","media":[{"hash_sha256":"36b1cb39348fc89252495c82a59fed87e9402509b5593fa03e8584b902578e59","filetype":"image/png","hash_md5":"654118f3f087503d0daabf099ea97615","name":"ct_recon_ctf.png","is_logo":"Y","hash_crc32c":"2011d9de","filesize":76906,"asset_id":718,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_recon_ctf.png"}],"title":"Live Recon Contest in Progress","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Do you fancy doing live recon on Real Organizations? Then activate Yourself. And compete in a unique HACKER challenge.\r\n\r\nThis year we are launching a new nail biting Contest, i.e Live Recon where participants will compete with each other to perform a deep osint and recon on the target organization. Here are the details:\r\n\r\nAbout the contest: \r\n\r\nJoin us for an electrifying two-day Live Reconnaissance Event. Whether you're a seasoned security expert, a curious newcomer or a bugbounty pro, this is your chance to test your skills in a high-octane environment.\r\n\r\nYour Mission\r\n\r\nGet ready to perform live reconnaissance on a curated list of companies. Dig deep and unearth critical information that could be game-changing. Use your analytical prowess and sharp instincts to explore, probe, and uncover hidden data.\r\n\r\nWhy Join the Hunt?\r\n\r\nExperience Real-World Challenges: Face off against real-world scenarios.\r\nCompete and Collaborate: Work with the best minds in the field.\r\nLearn from the Masters: Recon on a massive scale.\r\nScore Epic Prizes: Walk away with cool rewards.\r\n\r\nWho's Invited?\r\n\r\nIf you’ve got a passion for cybersecurity and Recon, this event is for you. Whether you’re a university student, a pro pentester, or a hobbyist eager to sharpen your skills, we want you! Teams are encouraged to register and bring a mix of talents to tackle these challenges head-on.\r\n\r\nGet Ready to Recon!\r\n\r\nUnleash your inner hacker and join us for a reconnaissance adventure you won’t forget!\r\n\r\nPlease note that this is an in-person event, and winners need to be at DEFCON to collect their prizes. However, once we have announced the targets, participants can play it from anywhere online (as this is Recon on public and live targets).","updated_timestamp":{"seconds":1722633597,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-02T21:19:57Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250009"},{"label":"More Info","type":"link","url":"https://reconvillage.org/live-recon-contest"},{"label":"Sub-Forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250008"}],"end":"2024-08-10T20:00:00.000-0000","id":55991,"tag_ids":[46391,46427,46439,46779],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-02T21:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"You have been randomly selected for additional security training. Be on the look out for one of our drives, USBs or surprise devices out here in Vegas, and follow along on @LonelyHardDrive for further clues to start hacking away at the puzzles. This is required for all LonelyCorp employees and Betty Pagefile is counting on you!\n\n\n","media":[{"hash_sha256":"d3413916446363608deee0d63c7e2efb8eee7c303fcaafc76eab10c25b274594","filetype":"image/png","hash_md5":"a8a23a326ef1c818a3403a1ef3e87269","name":"ct_lonelyhd.png","is_logo":"Y","hash_crc32c":"9ea33847","filesize":79993,"asset_id":650,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_lonelyhd.png"}],"title":"Lonely Hard Drive","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"You have been randomly selected for additional security training. Be on the look out for one of our drives, USBs or surprise devices out here in Vegas, and follow along on @LonelyHardDrive for further clues to start hacking away at the puzzles. This is required for all LonelyCorp employees and Betty Pagefile is counting on you!","updated_timestamp":{"seconds":1722307767,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:49:27Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249324"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249325"},{"label":"Discord","type":"link","url":"https://discord.gg/68pRuKdCpW"}],"end":"2024-08-11T01:00:00.000-0000","id":55988,"tag_ids":[46427,46439,46780],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-F","hotel":"","short_name":"HW4-02-02-F","id":46367},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"How far will you go? Or, more accurately, how far was your tag's last reported location? Pre-register your team to receive one of a dozen tags, and check out our socials (@LonelyHardDrive) to watch the tags move across the map!\n\n\n","media":[{"hash_sha256":"98201efca440cba174db564a38cc3207a4c951759d79e47ef2bb817534cbff0e","filetype":"image/png","hash_md5":"8e4dc2835c8f08abfaa5b9162b29447b","name":"ct_lonelytag.png","is_logo":"Y","hash_crc32c":"89bc5644","filesize":82759,"asset_id":651,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_lonelytag.png"}],"title":"Lonely Tag","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"How far will you go? Or, more accurately, how far was your tag's last reported location? Pre-register your team to receive one of a dozen tags, and check out our socials (@LonelyHardDrive) to watch the tags move across the map!","updated_timestamp":{"seconds":1722307717,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:48:37Z","links":[{"label":"Discord","type":"link","url":"https://discord.gg/68pRuKdCpW"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249328"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249327"},{"label":"Twitter (@LonelyHardDrive)","type":"link","url":"https://twitter.com/LonelyHardDrive"}],"end":"2024-08-11T01:00:00.000-0000","id":55985,"tag_ids":[46427,46439,46781],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-F","hotel":"","short_name":"HW4-02-02-F","id":46367},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"MARC I: Malware Analysis Report Competition I\r\n\r\nIn MARC I (Malware Analysis Report Competition I), participants collect and analyze real malware, then write an analysis report like a story, covering the entire scope of who, what, when, where, why, and how they found and analyzed the malware.\r\n\r\nMARC I was created by Lena Yu (aka LambdaMamba) to provide malware enthusiasts with an opportunity to learn and showcase their passion and skills. Mastering malware analysis means mastering language. Essentially, we take a highly technical concept and simplify it into something that many can understand, similar to how a compiler translates high-level language into low-level language that a wide range of systems can understand.\r\n\r\nWhen participants open-source and publish their work, it greatly contributes to improving the field of cyber defense. Let's make malware analysis knowledge go viral!\r\n\r\n\r\nBOMBE: Battle of Malware Bypass and EDR\r\n\r\nTry to capture malware by writing your own EDR, or become the malware to bypass detection! BOMBE (Battle of Malware Bypass and EDR) is a unique match where malware and EDR systems compete against each other inside a single VM boxing ring.\r\n\r\nOur participants can choose if they want to be malware creator or EDR developer. Malware creators aim to exfiltrate credentials and transmit them to our designated server. On the other side, EDR developers will focus on detecting the malware's activities and report its findings. Both the malware and EDR, created by our participants, will battle each other directly inside a single VM. As they face off, they’ll earn points for wins, moving up on the leaderboard. We also encourage them to keep improving their malware or EDR systems, system logs will be released after a few rounds.\r\n\r\nBOMBE was created by Wei-Chieh Chao (aka oalieno) and Tien-Chih Lin (aka Dange). It is not just a competition, it's a learning platform. Participants engage with real-world scenarios, learning the circumstances between malware and EDR, a never-ending bypass and detect game. Showcase your skills! Whether you're a wizard at weaving undetectable malware or a mastermind in sophisticated defenses, this is your stage. Demonstrate your capabilities to a global audience, including potential employers and industry leaders.\n\n\n","media":[{"hash_sha256":"6c6addafa55c0e71b8e6dc3fff0f1a9a32e4399a6b80efaece158e3fdf69dd77","filetype":"image/png","hash_md5":"ddda3a35809fc47bf728f63f829e258d","name":"ct_marcibombe.png","is_logo":"Y","hash_crc32c":"040f1340","filesize":22325,"asset_id":652,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_marcibombe.png"}],"title":"Malware Contests: MARC I & BOMBE","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"MARC I: Malware Analysis Report Competition I\r\n\r\nIn MARC I (Malware Analysis Report Competition I), participants collect and analyze real malware, then write an analysis report like a story, covering the entire scope of who, what, when, where, why, and how they found and analyzed the malware.\r\n\r\nMARC I was created by Lena Yu (aka LambdaMamba) to provide malware enthusiasts with an opportunity to learn and showcase their passion and skills. Mastering malware analysis means mastering language. Essentially, we take a highly technical concept and simplify it into something that many can understand, similar to how a compiler translates high-level language into low-level language that a wide range of systems can understand.\r\n\r\nWhen participants open-source and publish their work, it greatly contributes to improving the field of cyber defense. Let's make malware analysis knowledge go viral!\r\n\r\n\r\nBOMBE: Battle of Malware Bypass and EDR\r\n\r\nTry to capture malware by writing your own EDR, or become the malware to bypass detection! BOMBE (Battle of Malware Bypass and EDR) is a unique match where malware and EDR systems compete against each other inside a single VM boxing ring.\r\n\r\nOur participants can choose if they want to be malware creator or EDR developer. Malware creators aim to exfiltrate credentials and transmit them to our designated server. On the other side, EDR developers will focus on detecting the malware's activities and report its findings. Both the malware and EDR, created by our participants, will battle each other directly inside a single VM. As they face off, they’ll earn points for wins, moving up on the leaderboard. We also encourage them to keep improving their malware or EDR systems, system logs will be released after a few rounds.\r\n\r\nBOMBE was created by Wei-Chieh Chao (aka oalieno) and Tien-Chih Lin (aka Dange). It is not just a competition, it's a learning platform. Participants engage with real-world scenarios, learning the circumstances between malware and EDR, a never-ending bypass and detect game. Showcase your skills! Whether you're a wizard at weaving undetectable malware or a mastermind in sophisticated defenses, this is your stage. Demonstrate your capabilities to a global audience, including potential employers and industry leaders.","updated_timestamp":{"seconds":1722307667,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:47:47Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249321"},{"label":"More Info","type":"link","url":"https://digitalplaguedoctors.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249322"},{"label":"Twitter (@DigitalPlagueDr)","type":"link","url":"https://twitter.com/DigitalPlagueDr"}],"end":"2024-08-11T01:00:00.000-0000","id":55982,"tag_ids":[46427,46439,46782],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-03","hotel":"","short_name":"HW4-03-03","id":46370},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Get ready to dive into the excitement of the third annual Octopus Game at DEF CON! Octopus Game is your chance to connect with fellow attendees while exploring all the fun and fascinating aspects of DEF CON. Whether you're new to DEF CON, a beginner at code-breaking, or simply seeking a stress-free contest, this is the perfect opportunity for you. Test your skills in clue reading and code-breaking as you join in on the fun!\r\n\r\nYou and your fellow pirates will embark on an exhilarating journey, armed with clues that unveil the path to the lost treasure of a legendary pirate, now guarded by the mighty Kraken. These quests will guide you through the vibrant landscape of the Con, offering a glimpse into the myriad opportunities and experiences awaiting exploration. Designed to welcome newcomers to the hacking world, this contest fosters connections among attendees and contributors alike. Whether you choose to collaborate with a small group or brave the challenge solo, the decision is yours. Yet, amidst the excitement, remember that only one can emerge victorious. With challenges tailored for entry-level participants and a kid-friendly environment, come join us for a thrilling adventure into the depths of the Kraken's Conundrum.\n\n\n","media":[{"hash_sha256":"d965b5442c0a42e3e2532515477829fb650b66f56a09c1dc92ce7ea7b4f49215","filetype":"image/png","hash_md5":"5f9b31f3696397acc630b3f69415c627","name":"ct_octogame.png","is_logo":"Y","hash_crc32c":"a3e9435a","filesize":258126,"asset_id":653,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_octogame.png"}],"title":"Octopus Game","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Get ready to dive into the excitement of the third annual Octopus Game at DEF CON! Octopus Game is your chance to connect with fellow attendees while exploring all the fun and fascinating aspects of DEF CON. Whether you're new to DEF CON, a beginner at code-breaking, or simply seeking a stress-free contest, this is the perfect opportunity for you. Test your skills in clue reading and code-breaking as you join in on the fun!\r\n\r\nYou and your fellow pirates will embark on an exhilarating journey, armed with clues that unveil the path to the lost treasure of a legendary pirate, now guarded by the mighty Kraken. These quests will guide you through the vibrant landscape of the Con, offering a glimpse into the myriad opportunities and experiences awaiting exploration. Designed to welcome newcomers to the hacking world, this contest fosters connections among attendees and contributors alike. Whether you choose to collaborate with a small group or brave the challenge solo, the decision is yours. Yet, amidst the excitement, remember that only one can emerge victorious. With challenges tailored for entry-level participants and a kid-friendly environment, come join us for a thrilling adventure into the depths of the Kraken's Conundrum.","updated_timestamp":{"seconds":1722307468,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:44:28Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249313"},{"label":"More Info","type":"link","url":"https://www.mirolabs.info/octopus-game-dc32"},{"label":"Twitter (@OctopusGameDC)","type":"link","url":"https://twitter.com/OctopusGameDC"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249314"}],"end":"2024-08-11T01:00:00.000-0000","id":55979,"tag_ids":[46427,46439,46783],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-A","hotel":"","short_name":"HW4-03-06-A","id":46374},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:44:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The contest will be hosted on the Publicly Switched Telephone Network and will be live for access 24/7, with real world PSTN phone numbers to dial into.\r\n\r\nThe Hacked Existence team will be hosting a telecom based CTF. The CTF will be hosted on live VoIP lines routed through a modified asterisk PBX. This will allow participants to dial in to the CTF from a real world telephone routable phone number allowing them to hunt the PBX for flags. The flags will be based around utilizing historically accurate tactics, techniques, and procedures to manipulate emulated old school switching systems.\r\n\r\nThe purpose of our contest is to bring awareness around the still existing weaknesses in our telecom infrastructure and Interactive Voice Response Systems. Ideally visitors to our contest area will participate in the CTF allowing them to get a better understanding of telecom hacking in the year 2024 as well as a respect for the art of phreaking from yesteryears.\n\n\n","media":[{"hash_sha256":"a381d77389722eccd24a6d26091b74111ffeb39431dfba6ccc946470f7aa0c06","filetype":"image/png","hash_md5":"abb9c88d83bd9789b6436e200d1beba3","name":"ct_phreak-me.png","is_logo":"Y","hash_crc32c":"bce4e12c","filesize":27257,"asset_id":655,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_phreak-me.png"}],"title":"PhreakMe presented by HackedExistence","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The contest will be hosted on the Publicly Switched Telephone Network and will be live for access 24/7, with real world PSTN phone numbers to dial into.\r\n\r\nThe Hacked Existence team will be hosting a telecom based CTF. The CTF will be hosted on live VoIP lines routed through a modified asterisk PBX. This will allow participants to dial in to the CTF from a real world telephone routable phone number allowing them to hunt the PBX for flags. The flags will be based around utilizing historically accurate tactics, techniques, and procedures to manipulate emulated old school switching systems.\r\n\r\nThe purpose of our contest is to bring awareness around the still existing weaknesses in our telecom infrastructure and Interactive Voice Response Systems. Ideally visitors to our contest area will participate in the CTF allowing them to get a better understanding of telecom hacking in the year 2024 as well as a respect for the art of phreaking from yesteryears.","updated_timestamp":{"seconds":1722307355,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:42:35Z","links":[{"label":"Twitter (@mainframed767)","type":"link","url":"https://twitter.com/mainframed767"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249310"},{"label":"Twitter (@HackedExistence)","type":"link","url":"https://twitter.com/HackedExistence"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249311"}],"end":"2024-08-11T01:00:00.000-0000","id":55976,"tag_ids":[46426,46439,46784],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-C","hotel":"","short_name":"HW4-02-02-C","id":46364},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The inaugural Pinball High Score contest at DEF CON will run Friday and Saturday: 10:00-18:00, Sunday 10:00-13:00 with games available for daily High Score contests, daily challenges and open qualifying for a main tournament. The daily contests will allow any attendee to play pinball games and attempt to record a qualifying high score on each of the unique games. At 18:00 on Saturday main tournament qualifying will end and the top 8 players with the highest combined scores across all eligible machines will qualify for the Sunday finals event where they could become the first DEF CON Pinball Champion!\r\n \r\nAchieving a high score may sound simple but pinball rulesets are very complex and the skill to complete a “Wizard Mode” or achieve a high score requires research, practice, knowledge and execution. Out of the box thinking, analytical skills and pattern recognition are traits that pinball players must exhibit to be successful and some games have rule sets that can be studied and exploited to achieve a high score. Hackers are at an advantage here and while this is just a pinball contest, I expect that the community is ready for this challenge.\r\n \r\nStern Pinball has prepared an exclusive DEF CON 32 digital badge that will be available for any attendee to earn for playing in this event. Additional DEF CON specific Insider Connect badges may be unlocked during game play.\r\n \r\nPinball developers have a long history of including Easter Eggs/COWS in games. Easter eggs “may” also be available for attendees to discover during the conference. Undocumented Easter eggs found by players during the event will be documented, verified and recognized.\n\n\n","media":[{"hash_sha256":"9f1e99841fcfbdb0775e2e05980c102dddd97013cf9cc0bfce930a55d91246ec","filetype":"image/png","hash_md5":"5b36f9ed87f65efbdf841e5c77a6041f","name":"ct_Pinball.png","is_logo":"Y","hash_crc32c":"cbbfc253","filesize":614281,"asset_id":664,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_Pinball.png"}],"title":"Pinball High Score Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The inaugural Pinball High Score contest at DEF CON will run Friday and Saturday: 10:00-18:00, Sunday 10:00-13:00 with games available for daily High Score contests, daily challenges and open qualifying for a main tournament. The daily contests will allow any attendee to play pinball games and attempt to record a qualifying high score on each of the unique games. At 18:00 on Saturday main tournament qualifying will end and the top 8 players with the highest combined scores across all eligible machines will qualify for the Sunday finals event where they could become the first DEF CON Pinball Champion!\r\n \r\nAchieving a high score may sound simple but pinball rulesets are very complex and the skill to complete a “Wizard Mode” or achieve a high score requires research, practice, knowledge and execution. Out of the box thinking, analytical skills and pattern recognition are traits that pinball players must exhibit to be successful and some games have rule sets that can be studied and exploited to achieve a high score. Hackers are at an advantage here and while this is just a pinball contest, I expect that the community is ready for this challenge.\r\n \r\nStern Pinball has prepared an exclusive DEF CON 32 digital badge that will be available for any attendee to earn for playing in this event. Additional DEF CON specific Insider Connect badges may be unlocked during game play.\r\n \r\nPinball developers have a long history of including Easter Eggs/COWS in games. Easter eggs “may” also be available for attendees to discover during the conference. Undocumented Easter eggs found by players during the event will be documented, verified and recognized.","updated_timestamp":{"seconds":1722307304,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:41:44Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249307"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249308"}],"end":"2024-08-11T01:00:00.000-0000","id":55973,"tag_ids":[46427,46439,46785],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-A","hotel":"","short_name":"HW4-02-01-A","id":46356},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:41:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There’s a new emerging tech in town, and it’s name is Quantum! Following the past two years of Quantum CTF events held at the Quantum Village, we are pleased, proud, and excited to announce that our Q-CTF is indeed returning as Codename; QOLOSSUS! Pit your wits against the Atom, and come and see what devilish challenges from our Quantum Quizmasters await. Come and show your quantum prowess, and mastery of superposition and entanglement - design algorithms to break cryptography, hack our simulated quantum communications, and score points in our IRL activities. |Good Luck!〉\n\n\n","media":[{"hash_sha256":"199f4b2ea70f9102e0afb69f5030e3ee8f63e989d287fb95999ae10866455522","filetype":"image/png","hash_md5":"9b669ac9bfd767cb8376444b58c08733","name":"ct_quantum.png","is_logo":"Y","hash_crc32c":"4d94b7ec","filesize":133235,"asset_id":665,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_quantum.png"}],"title":"QOLOSSUS","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"There’s a new emerging tech in town, and it’s name is Quantum! Following the past two years of Quantum CTF events held at the Quantum Village, we are pleased, proud, and excited to announce that our Q-CTF is indeed returning as Codename; QOLOSSUS! Pit your wits against the Atom, and come and see what devilish challenges from our Quantum Quizmasters await. Come and show your quantum prowess, and mastery of superposition and entanglement - design algorithms to break cryptography, hack our simulated quantum communications, and score points in our IRL activities. |Good Luck!〉","updated_timestamp":{"seconds":1722307112,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:38:32Z","links":[{"label":"Website","type":"link","url":"https://quantumvillage.org/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249316"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249303"}],"end":"2024-08-11T01:00:00.000-0000","id":55970,"tag_ids":[46426,46439,46786],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is going to be an interactive live game that is driven by a near future storyline in which deepfakes and forgeries are so difficult to detect that bad actors and foreign governments are fully engaged in a war over people's minds. At the same time, the world is sitting on the brink of the so-called \"singularity,\" as AI advancements have completely blurred the line between artificial and natural cognition, and the Turing test has been rendered decisively moot.\r\n\r\nTeams will join the game and follow the storyline to clues that will give them hints about who they can trust and who they can't. The clues will follow the pattern of deepfakes and forgeries, asking players to figure out what's real and what's not, focusing on hacker and defcon focus areas such as authentication, trust, social engineering, hardware and software manipulation and more. They will be given a rich story that will lead them to research the underlying issues in trust and anonymous trust systems. They will also encounter challenges and tutorials on video and image validation and cryptographically safe messaging.\n\n\n","media":[{"hash_sha256":"5623af21fb9072f5866b3488e326d3582c44c0756e9bbfa94eae7e26318a73eb","filetype":"image/png","hash_md5":"ebb531e8ad802f8d5fb24e19e23f46f4","name":"ct_reali7y-overrun.png","is_logo":"Y","hash_crc32c":"14fd2e42","filesize":577690,"asset_id":701,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_reali7y-overrun.png"}],"title":"REALI7Y OVERRUN","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"This is going to be an interactive live game that is driven by a near future storyline in which deepfakes and forgeries are so difficult to detect that bad actors and foreign governments are fully engaged in a war over people's minds. At the same time, the world is sitting on the brink of the so-called \"singularity,\" as AI advancements have completely blurred the line between artificial and natural cognition, and the Turing test has been rendered decisively moot.\r\n\r\nTeams will join the game and follow the storyline to clues that will give them hints about who they can trust and who they can't. The clues will follow the pattern of deepfakes and forgeries, asking players to figure out what's real and what's not, focusing on hacker and defcon focus areas such as authentication, trust, social engineering, hardware and software manipulation and more. They will be given a rich story that will lead them to research the underlying issues in trust and anonymous trust systems. They will also encounter challenges and tutorials on video and image validation and cryptographically safe messaging.","updated_timestamp":{"seconds":1722306602,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:30:02Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249299"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249298"}],"end":"2024-08-11T01:00:00.000-0000","id":55967,"tag_ids":[46426,46439,46787],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-E","hotel":"","short_name":"HW4-02-02-E","id":46366},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Red Alert ICS CTF is a competition for Hackers by Hackers, organized by the RedAlert Lab of NSHC Security. The event exclusively focuses on having the participants clear a series of challenges and break through several layers of security in our OT environment and eventually take over complete control of the ICS components.\r\n\r\nRed Alert ICS CTF is back with a ton of fun challenges after successfully running the CTF since DEF CON 26. Red Alert ICS CTF is proud to be among the Black Badge contests at DEF CON 31 and DEF CON 26.\r\n\r\nThe contest would house real world ICS (Industrial Control System) equipment from various vendors on showcasing different sectors of critical infrastructure. The participants would be able to view and engage with the devices in real time and understand how each of them control each of the aspects of the testbed and leverage this to compromise the devices.\r\n\r\nRed Alert ICS CTF at DEF CON 32 would also be offering players the unique opportunity to compromise the latest cyber ranges on Maritime Cyber Security.\n\n\n","media":[{"hash_sha256":"201a70cf75d615a3c181f84f46b40a9beef121ef55f3c3e4998383da2228c638","filetype":"image/png","hash_md5":"ef3ab1513d15d09e91e3dcaf6fb35b22","name":"ct_red-alert.png","is_logo":"Y","hash_crc32c":"f7736a86","filesize":69710,"asset_id":656,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_red-alert.png"}],"title":"Red Alert ICS CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Red Alert ICS CTF is a competition for Hackers by Hackers, organized by the RedAlert Lab of NSHC Security. The event exclusively focuses on having the participants clear a series of challenges and break through several layers of security in our OT environment and eventually take over complete control of the ICS components.\r\n\r\nRed Alert ICS CTF is back with a ton of fun challenges after successfully running the CTF since DEF CON 26. Red Alert ICS CTF is proud to be among the Black Badge contests at DEF CON 31 and DEF CON 26.\r\n\r\nThe contest would house real world ICS (Industrial Control System) equipment from various vendors on showcasing different sectors of critical infrastructure. The participants would be able to view and engage with the devices in real time and understand how each of them control each of the aspects of the testbed and leverage this to compromise the devices.\r\n\r\nRed Alert ICS CTF at DEF CON 32 would also be offering players the unique opportunity to compromise the latest cyber ranges on Maritime Cyber Security.","updated_timestamp":{"seconds":1722306363,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:26:03Z","links":[{"label":"Twitter (@icsctf)","type":"link","url":"https://twitter.com/icsctf"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249300"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249301"}],"end":"2024-08-11T00:00:00.000-0000","id":55965,"tag_ids":[46427,46439,46788],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-07","hotel":"","short_name":"HW4-03-07","id":46379},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Embark on a thrilling espionage adventure with spyVspy! This contest imagines a world of spy games where contestants employ basic hacking, cryptography, and rogue skills to solve puzzles and uncover hidden caches strategically scattered throughout DEF CON (and beyond).\r\n\r\nContestants will engage in a real-world treasure hunt, where the locations of hidden caches are revealed by solving the types of puzzles you'd expect to see at DEF CON. Traditional ciphers, lockpicking, OSINT, and very basic hacking/pentesting skills may be required.\r\n\r\nspyVspy is intended for players of all skill levels. Whether you're a seasoned double-agent or just learning to be a covert operative, you will be able to compete and have fun in this event. Whatever skills you think you're missing can probably be learned on-the-job anyway.\n\n\n","media":[{"hash_sha256":"b4d44cbd1ea93b8d4beb26fc184ef1b07c25bae5cb3591d5eb6ed2201bd9c641","filetype":"image/png","hash_md5":"218e2aaa3cbe5d809d9df6088aee84e6","name":"ct_spy-v-spy.png","is_logo":"Y","hash_crc32c":"d9229745","filesize":66941,"asset_id":659,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_spy-v-spy.png"}],"title":"spyVspy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Embark on a thrilling espionage adventure with spyVspy! This contest imagines a world of spy games where contestants employ basic hacking, cryptography, and rogue skills to solve puzzles and uncover hidden caches strategically scattered throughout DEF CON (and beyond).\r\n\r\nContestants will engage in a real-world treasure hunt, where the locations of hidden caches are revealed by solving the types of puzzles you'd expect to see at DEF CON. Traditional ciphers, lockpicking, OSINT, and very basic hacking/pentesting skills may be required.\r\n\r\nspyVspy is intended for players of all skill levels. Whether you're a seasoned double-agent or just learning to be a covert operative, you will be able to compete and have fun in this event. Whatever skills you think you're missing can probably be learned on-the-job anyway.","updated_timestamp":{"seconds":1722306255,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:24:15Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249293"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249292"},{"label":"More Info","type":"link","url":"https://www.fottr.io"}],"end":"2024-08-11T01:00:00.000-0000","id":55963,"tag_ids":[46427,46439,46790],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-G","hotel":"","short_name":"HW4-02-02-G","id":46368},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to protect your noggin from Taylor Swift's PsyOps plot for global domination? Have you angered our new AI Overlords, and now need to hide? Or do those alien mind control rays just have you feeling down lately? Fear not, for we here at the Tin Foil Hat Contest have your back for all of these! Come find us in the contest area, and we'll have you build a tin foil hat which is guaranteed to provide top quality protection for your cerebellum . How you ask? SCIENCE!\r\n\r\nShow us your skills by building a tin foil hat to shield your subversive thoughts, then test it out for effectiveness.\r\n\r\nThere are 2 categories: stock and unlimited. The hat in each category that causes the most signal attenuation will receive the \"Substance\" award for that category. We all know that hacker culture is all about looking good though, so a single winner will be selected for \"Style\". We provide all contestants a meter of foil, but you're welcome to acquire and use as much as you want from other sources.\n\n\n","media":[{"hash_sha256":"42c96b1d2d57e4404b3a35c61c6906b58924587cd2dbbb939a132aceb42ee2f9","filetype":"image/png","hash_md5":"5a06d9fefa99c82c9e62b9913a487e95","name":"ct_tinfoilhat.png","is_logo":"Y","hash_crc32c":"b23075e1","filesize":167200,"asset_id":693,"sort_order":2,"url":"https://info.defcon.org/blobs/ct_tinfoilhat.png"}],"title":"Tinfoil Hat Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Want to protect your noggin from Taylor Swift's PsyOps plot for global domination? Have you angered our new AI Overlords, and now need to hide? Or do those alien mind control rays just have you feeling down lately? Fear not, for we here at the Tin Foil Hat Contest have your back for all of these! Come find us in the contest area, and we'll have you build a tin foil hat which is guaranteed to provide top quality protection for your cerebellum . How you ask? SCIENCE!\r\n\r\nShow us your skills by building a tin foil hat to shield your subversive thoughts, then test it out for effectiveness.\r\n\r\nThere are 2 categories: stock and unlimited. The hat in each category that causes the most signal attenuation will receive the \"Substance\" award for that category. We all know that hacker culture is all about looking good though, so a single winner will be selected for \"Style\". We provide all contestants a meter of foil, but you're welcome to acquire and use as much as you want from other sources.","updated_timestamp":{"seconds":1722305549,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:12:29Z","links":[{"label":"Twitter (@DC_Tin_Foil_Hat)","type":"link","url":"https://twitter.com/DC_Tin_Foil_Hat"},{"label":"More Info","type":"link","url":"https://www.psychoholics.org/tfh"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249286"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249287"}],"end":"2024-08-11T00:00:00.000-0000","id":55960,"tag_ids":[46427,46439,46791],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-D","hotel":"","short_name":"HW4-01-04-D","id":46279},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Travel the seven seas to the seven wonders across time to test your skills across both old and new worlds. Every journey's end yields its own reward, but there is only one who can claim to be the first to the summit. Bring your entire tech arsenal or just a phone. Start at the broken compass and push forward into the known to seek the unknown. Wonders, plunder, and glory to those who test the waters and themselves.\n\n\n","media":[{"hash_sha256":"c00793a49e66e3875320bb6aa8a333a128342b9aff35ce0f359a692aa3adfcef","filetype":"image/png","hash_md5":"a764d88ab305ab55ecd270635fc1d6e7","name":"ct_venator-aurum.png","is_logo":"Y","hash_crc32c":"f705c79f","filesize":162235,"asset_id":661,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_venator-aurum.png"}],"title":"venator aurum - A Treasure Hunt","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Travel the seven seas to the seven wonders across time to test your skills across both old and new worlds. Every journey's end yields its own reward, but there is only one who can claim to be the first to the summit. Bring your entire tech arsenal or just a phone. Start at the broken compass and push forward into the known to seek the unknown. Wonders, plunder, and glory to those who test the waters and themselves.","updated_timestamp":{"seconds":1722305020,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:03:40Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249282"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249283"},{"label":"More Info","type":"link","url":"https://venatoraurum.org"}],"end":"2024-08-11T01:00:00.000-0000","id":55956,"tag_ids":[46427,46439,46792],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:03:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Red Team Capture the Flag (CTF) competition is back at DEFCON! It is a challenging and exciting event that tests the skills of participants in offensive security.\r\n\r\nThe Red Team CTF is designed to simulate real-world challenges in which attackers are put to the test. Participants are expected to use a wide range of hacking techniques, tools, and skills to identify and exploit vulnerabilities.\r\n\r\nTeams are typically composed of experienced hackers, penetration testers, and security researchers who have a deep understanding of the latest cybersecurity threats and attack techniques. They must work together to uncover and exploit vulnerabilities and solve challenges.\r\n\r\nThe Red Team CTF at DEFCON is considered one of the most challenging and prestigious CTF competitions in the world, with participants coming from all over the globe to compete. It is a high-pressure, high-stakes event that tests the limits of participants' technical and strategic abilities, and offers a unique opportunity to showcase their skills and knowledge in front of a global audience of Hackers.\n\n\n","media":[{"hash_sha256":"2bf4c805c5199cf58ff7b99c52832fc1bf226ca9687e583667a7725b361d989e","filetype":"image/png","hash_md5":"61c3a856daea14c6fd3d7d213a8048f9","name":"v_redteam2024.png","is_logo":"Y","hash_crc32c":"f14aab22","filesize":209749,"asset_id":719,"sort_order":1,"url":"https://info.defcon.org/blobs/v_redteam2024.png"}],"title":"Red Team Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"The Red Team Capture the Flag (CTF) competition is back at DEFCON! It is a challenging and exciting event that tests the skills of participants in offensive security.\r\n\r\nThe Red Team CTF is designed to simulate real-world challenges in which attackers are put to the test. Participants are expected to use a wide range of hacking techniques, tools, and skills to identify and exploit vulnerabilities.\r\n\r\nTeams are typically composed of experienced hackers, penetration testers, and security researchers who have a deep understanding of the latest cybersecurity threats and attack techniques. They must work together to uncover and exploit vulnerabilities and solve challenges.\r\n\r\nThe Red Team CTF at DEFCON is considered one of the most challenging and prestigious CTF competitions in the world, with participants coming from all over the globe to compete. It is a high-pressure, high-stakes event that tests the limits of participants' technical and strategic abilities, and offers a unique opportunity to showcase their skills and knowledge in front of a global audience of Hackers.","updated_timestamp":{"seconds":1722304921,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T02:02:01Z","links":[{"label":"Sub-Forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250035"}],"end":"2024-08-11T00:00:00.000-0000","id":55953,"tag_ids":[46392,46427,46439,46789],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-05-C","hotel":"","short_name":"HW4-01-05-C","id":46353},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T02:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In-Person Contest\r\nFriday and Saturday: 10:00-18:00; Sunday: 10:00-12:00\r\n\r\nThe Return of ? Cube \r\n\r\n? Cube returns, weaving a tale that transcends the ordinary. This year, engagement is not just a theme—it's a journey through the multidimensional realms of hacking. Progressive Puzzles: Unlock the secrets of each compartment as you journey through progressively harder puzzles. From the Front's gentle introduction to the Top's formidable challenges, the Cube invites you to engage with the spectrum of cybersecurity domains. Physical Entry Unleashed: In a bold evolution, physical entry becomes a key component. Navigate the tangible aspects of physical entry, decoding not only in the digital realm but also as you immerse yourself physically in the enigmatic sides of ? Cube. Cryptic Narratives: As each compartment unfolds, the narrative of engagement takes shape. The puzzles, touching on encryption, penetration testing, and beyond. Silent Intricacies: Engage not only with the puzzles but also with the silent intricacies woven into the physical challenges. Decrypt messages, decipher patterns, and embrace the essence of Defcon as you navigate the unseen and the tangible. Embark on the Engage Journey: ? Cube calls upon the curious and the bold. Embark on a journey where the puzzles transcend the digital divide, demanding both mental acuity and physical prowess. H4QEG5LCMUQEAICEMVTGG33OEAZTEICSMVQWI6JAORXSAZLOM5QWOZJ7\n\n\n","media":[{"hash_sha256":"d0e2dbb822f2d701836ee0e14952d5df4b6d830bfa606ab2b50a5a1edab2dabd","filetype":"image/png","hash_md5":"c33dfe5aaced7041c948e7b2e45ba78f","name":"ct_0x3f-cube.png","is_logo":"Y","hash_crc32c":"6b1ba7fa","filesize":272722,"asset_id":622,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_0x3f-cube.png"}],"title":"? Cube","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"In-Person Contest\r\nFriday and Saturday: 10:00-18:00; Sunday: 10:00-12:00\r\n\r\nThe Return of ? Cube \r\n\r\n? Cube returns, weaving a tale that transcends the ordinary. This year, engagement is not just a theme—it's a journey through the multidimensional realms of hacking. Progressive Puzzles: Unlock the secrets of each compartment as you journey through progressively harder puzzles. From the Front's gentle introduction to the Top's formidable challenges, the Cube invites you to engage with the spectrum of cybersecurity domains. Physical Entry Unleashed: In a bold evolution, physical entry becomes a key component. Navigate the tangible aspects of physical entry, decoding not only in the digital realm but also as you immerse yourself physically in the enigmatic sides of ? Cube. Cryptic Narratives: As each compartment unfolds, the narrative of engagement takes shape. The puzzles, touching on encryption, penetration testing, and beyond. Silent Intricacies: Engage not only with the puzzles but also with the silent intricacies woven into the physical challenges. Decrypt messages, decipher patterns, and embrace the essence of Defcon as you navigate the unseen and the tangible. Embark on the Engage Journey: ? Cube calls upon the curious and the bold. Embark on a journey where the puzzles transcend the digital divide, demanding both mental acuity and physical prowess. H4QEG5LCMUQEAICEMVTGG33OEAZTEICSMVQWI6JAORXSAZLOM5QWOZJ7","updated_timestamp":{"seconds":1722304182,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T01:49:42Z","links":[{"label":"More Info","type":"link","url":"https://0x3fcube.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249434"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249433"}],"end":"2024-08-11T01:00:00.000-0000","id":55950,"tag_ids":[46427,46439,46749],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02","hotel":"","short_name":"HW4-02-02","id":46361},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T01:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AND!XOR creates electronic badges filled with hacker challenges. We love doing this, especially coming up with unique ways for hackers to earn them. Introducing the newest member of our hacker-fam: 5N4CK3Y (Snackey). 5N4CK3Y is a vending machine hardware hacking project from AND!XOR. We retrofitted it into an IoT CTF based badge dispensing machine, bling and all. Find a flag on our web hosted CTF platform, you get a 5N4CK3Y dispense code, punch it in, and a badge is vended to you! There are a variety of challenges to earn a badge as well others to continue working on the badge itself once obtained. These span from hardware hacking, reverse engineering, OSINT, network security, and cryptography to name a few. There's a little bit of everything, so it's a perfect way to learn something at one of the many DEF CON villages and talking with people you meet, then attempt one of the CTF challenges to dispense a badge. Hardware hacking is our passion and we want people to learn on badges, but more importantly that there's a lot to learn at DEF CON so our CTF will hopefully serve a desire to learn something new and meet new friends while trying to earn a badge and hack it further.\n\n\n","media":[{"hash_sha256":"8ac69ab38e4119808de39c34aef0629a1bcfb5eb60ab6d7d351a3e37b5533f13","filetype":"image/png","hash_md5":"689e0fcdb0dd612c191cd25482435f76","name":"ct_5n4ck3y.png","is_logo":"Y","hash_crc32c":"dc7e4cd6","filesize":6283,"asset_id":621,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_5n4ck3y.png"}],"title":"5N4CK3Y Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"AND!XOR creates electronic badges filled with hacker challenges. We love doing this, especially coming up with unique ways for hackers to earn them. Introducing the newest member of our hacker-fam: 5N4CK3Y (Snackey). 5N4CK3Y is a vending machine hardware hacking project from AND!XOR. We retrofitted it into an IoT CTF based badge dispensing machine, bling and all. Find a flag on our web hosted CTF platform, you get a 5N4CK3Y dispense code, punch it in, and a badge is vended to you! There are a variety of challenges to earn a badge as well others to continue working on the badge itself once obtained. These span from hardware hacking, reverse engineering, OSINT, network security, and cryptography to name a few. There's a little bit of everything, so it's a perfect way to learn something at one of the many DEF CON villages and talking with people you meet, then attempt one of the CTF challenges to dispense a badge. Hardware hacking is our passion and we want people to learn on badges, but more importantly that there's a lot to learn at DEF CON so our CTF will hopefully serve a desire to learn something new and meet new friends while trying to earn a badge and hack it further.","updated_timestamp":{"seconds":1722304084,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T01:48:04Z","links":[{"label":"Twitter (@ANDnXOR)","type":"link","url":"https://twitter.com/ANDnXOR"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249432"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249431"}],"end":"2024-08-11T01:00:00.000-0000","id":55947,"tag_ids":[46427,46439,46748],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-B","hotel":"","short_name":"HW4-02-01-B","id":46357},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Car Hacking Village CTF is a fun interactive challenge which gives contestants first hand experience to interact with automotive technologies. We work with multiple automotive OEMs and suppliers to ensure our challenges give a real-world experience to car hacking. We understand hacking cars can be expensive, so please come check out our village and flex your skills in hacking automotive technologies.\r\n\r\nWith the largest collection of hackers in one area, there's no better way to understand the security state of an industry without bringing it to security professionals to break. Over the past 10 years, the Car Hacking Village has been the focal point of interest for new hackers entering the automotive industry to learn, be a part of and actually test out automotive technologies. We plan to use this event to keep drawing attention to the automotive security industry through hands-on challenges.\n\n\n","media":[{"hash_sha256":"e781ae0757165e1901f38152e551557644051f49e9b80b6665d211c8d0436358","filetype":"image/png","hash_md5":"e839c04dbe99f926b0ae9ee3ee703da3","name":"ct_car-hacking.png","is_logo":"Y","hash_crc32c":"fbca36e3","filesize":111066,"asset_id":629,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_car-hacking.png"}],"title":"Car Hacking Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The Car Hacking Village CTF is a fun interactive challenge which gives contestants first hand experience to interact with automotive technologies. We work with multiple automotive OEMs and suppliers to ensure our challenges give a real-world experience to car hacking. We understand hacking cars can be expensive, so please come check out our village and flex your skills in hacking automotive technologies.\r\n\r\nWith the largest collection of hackers in one area, there's no better way to understand the security state of an industry without bringing it to security professionals to break. Over the past 10 years, the Car Hacking Village has been the focal point of interest for new hackers entering the automotive industry to learn, be a part of and actually test out automotive technologies. We plan to use this event to keep drawing attention to the automotive security industry through hands-on challenges.","updated_timestamp":{"seconds":1722273461,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-29T17:17:41Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249399"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249398"},{"label":"Twitter (@CarHackVillage)","type":"link","url":"https://twitter.com/CarHackVillage"},{"label":"More Info","type":"link","url":"https://www.carhackingvillage.com/"}],"end":"2024-08-11T01:00:00.000-0000","id":55944,"tag_ids":[46375,46427,46439,46747],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-01","hotel":"","short_name":"HW4-01-01","id":46273},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-29T17:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"## CHV 101\r\n\r\nThis booth will have several reverse engineer demonstrations and an automotive threat intelligence review. \r\n\r\n- Reverse Engineering Demonstration(s)\r\n- Live vehicle communications via remote controls\r\n- EV-based Hardware-in-the-Loop (HIL) demonstrations\r\n- Automotive Threat Intelligence\r\n- How to gather threat intelligence related to the automotive industry\r\n- What the current threat landscape looks like today\r\n\r\n## CHV CTF\r\n\r\nThere will be 10-15 automotive security CTF challenges this year ranging from reverse engineering, telemetry, grand theft auto, crypto, vehicle networks, and exploitation. \r\n\r\n1st place prize is a car!\r\n\r\n## CHV Kids\r\n\r\nA fun scavenger hunt designed for DCNextGen kids to participate in and learn about the Car Hacking Village. \r\n\r\nThere will be swag items handed out to the kids as they move through the scavenger hunt. \r\n\r\n## CHV Mechanics\r\n\r\nThere will be 1 Semi-Truck and 2 Electric Vehicles on site for people to plug into. \r\n\r\nDEFCON attendees must follow the rules for each of the vehicles. There will be large ORANGE signs with the rules detailed on them.\n\n\n","media":[{"hash_sha256":"ccde738b12c7c58aff986949ac20eaf7066dfb8d710349a422699273aa0579a1","filetype":"image/png","hash_md5":"fc0eba7a6d691cdd9aa385cd0bb1eece","name":"v_CarHacking.png","is_logo":"Y","hash_crc32c":"d845a1a6","filesize":249973,"asset_id":601,"sort_order":0,"url":"https://info.defcon.org/blobs/v_CarHacking.png"}],"title":"Car Hacking Village Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"## CHV 101\r\n\r\nThis booth will have several reverse engineer demonstrations and an automotive threat intelligence review. \r\n\r\n- Reverse Engineering Demonstration(s)\r\n- Live vehicle communications via remote controls\r\n- EV-based Hardware-in-the-Loop (HIL) demonstrations\r\n- Automotive Threat Intelligence\r\n- How to gather threat intelligence related to the automotive industry\r\n- What the current threat landscape looks like today\r\n\r\n## CHV CTF\r\n\r\nThere will be 10-15 automotive security CTF challenges this year ranging from reverse engineering, telemetry, grand theft auto, crypto, vehicle networks, and exploitation. \r\n\r\n1st place prize is a car!\r\n\r\n## CHV Kids\r\n\r\nA fun scavenger hunt designed for DCNextGen kids to participate in and learn about the Car Hacking Village. \r\n\r\nThere will be swag items handed out to the kids as they move through the scavenger hunt. \r\n\r\n## CHV Mechanics\r\n\r\nThere will be 1 Semi-Truck and 2 Electric Vehicles on site for people to plug into. \r\n\r\nDEFCON attendees must follow the rules for each of the vehicles. There will be large ORANGE signs with the rules detailed on them.","updated_timestamp":{"seconds":1722273345,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-29T17:15:45Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55941,"tag_ids":[46375,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-01","hotel":"","short_name":"HW4-01-01","id":46273},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-29T17:15:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A scenario-driven Capture the Flag contest, pits teams of participants against adversaries and a clock, to protect human life and public safety. Participants compete against each other on both real and simulated medical devices, integrated into the fully immersive Biohacking Village: Device Lab, laid out as a working hospital. \r\n\r\nChallenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with protocols like DICOM, HL7 and FHIR.\r\n\r\n# 2024 Capture the Flag Challenge\r\n\r\nWelcome, elite hackers and cyber sleuths, to a CTF experience like no other - the \"Code D.A.R.K. : Biohacking Village CTF Challenge\".\r\n \r\nMerge the worlds of biology and cybersecurity in an adrenaline-pumping contest that tests your skills in ways you've never imagined. Thrilling and challenging cybersecurity adventure centered around a hospital setting as a scenario where participants engage in a race against time to secure or retrieve critical medical data, navigating through various cybersecurity puzzles and challenges, where participants act as guardians of critical biological data. \r\n\r\nUnravel Biological Mysteries: Dive into a narrative where biotechnology meets cyber-warfare. Decode genetic puzzles, breach virtual lab networks, and outsmart bioinformatics security systems.\r\n\r\nElevate Your Hacking Game: Challenge yourself with unique biocybersecurity scenarios. This isn't your typical CTF - it's a fusion of biotech intrigue and hardcore hacking.\r\n\r\nCompete and Collaborate: Team up with fellow biohackers and cyber warriors. Share knowledge, strategize, and show off your skills in a community where biology and bits intersect.\r\n\r\nGear Up for a Cyber-Biotech Showdown\r\n\r\nImmersive Scenarios: Each challenge is a step into a world where safeguarding biological data is as critical as securing digital assets.\r\n\r\nSkill Diversity: Whether you're a veteran hacker or a biotech enthusiast, Code D.A.R.K. offers a range of puzzles that cater to a wide array of skills and interests.\r\n\r\n - OT/IT\r\n - Medical devices\r\n - Hospital infrastructure\r\n - Regulatory and international affairs\r\n - Robotics\r\n - Data\r\n - **Mark your calendars** and set your alarms because the action kicks off on Friday, August 9th at 1000 PDT.\r\n - **Play from anywhere in the world!** CTF open hours are as follows: \r\n - Friday, August 9th from 10am PST - 6pm PDT\r\n - Saturday, August 10th from 10am PST - 6pm PDT\r\n - Sunday, August 11th from 10am PST - 12pm PDT\r\n\r\n# RULES\r\n\r\n## REGISTRATION\r\n\r\nParticipants may only register once for this challenge. If participants register for this challenge more than once, the whole teams with a participant that registered multiple times will be disqualified.\r\n\r\nBy registering, participants agree that their accounts may be rejected or terminated and all submissions by them and/or their Team may be disqualified if any of the information in their account is incorrect.\r\n\r\nParticipants must agree to and abide by the [Code of Conduct](https://www.villageb.io/code-of-conduct) while participating in the Biohacking Village Capture the Flag. Anyone who will conduct themselves against the CoC will be eliminated from competition and banned forever.\r\n\r\n## TEAMS\r\n\r\nAfter participants register individually, they may work alone (team of one) or on one team with other challenge participants. To work on a team, they may either create a new team or join one that is pre-existing ( if a participant wishes to join a team or offer others to join, they can do so in the #ctf-st-elvis-teambuilding Discord Channel)\r\n\r\nThe maximum number of team members is five (5).\r\n\r\nAll teams must designate a Team Captain. A Team Captain serves as the official contact person for a team: this person should provide accurate and complete contact information to ensure that CTF organizers can reach their team if needed.\r\n\r\nEach member of the team must be a registered participant in the CTF.\r\n\r\nIf participants choose to join a team, then they may not simultaneously participate as an individual or another team. \r\n\r\n## CHALLENGE SUBMISSIONS\r\n\r\nAll submissions must be received during the Challenge period. Submissions posted after the posted time frame will be disqualified.\r\n\r\nParticipants may get an answer but it will forfeit their points for that challenge. Even if the flag they tried before was similar. The decision to get the answer is final for zero points.\r\n\r\n## CHALLENGE SCORING\r\n\r\nEach submission has set value known beforehand in the challenge description\r\n\r\nThe winning teams will be decided based on the number of the accumulated points during the CTF timeframe. In case two teams accumulate the same amount of points, the team that reached the amount of points in question faster will be the winner.\r\n\r\n## CHALLENGE DISQUALIFICATION\r\n\r\nWhole team gets disqualified if any of the following applies:\r\n\r\n - One or multiple team members have registered more than once\r\n - One or multiple team members will not follow [Code of Conduct](https://www.villageb.io/code-of-conduct) (applies to any of the Biohacking village platforms or social media)\r\n - Any offensive behaviour such as attacking the Biohacking Village infrastructure, denial of service, or escaping the boundaries set by the CTF or Device Lab environment\r\n\r\n## PRIVACY\r\n\r\nUnless stated otherwise on the mainsite, we do not share any information about participants with anyone. Some events or conferences might have/require other rules, in that case it will be noted on the CTFd site.\n\n\n","media":[{"hash_sha256":"b29c833000316f6b3af2c5cc50e33ccb1756f89fb27d54aba3d5a961337c91de","filetype":"image/png","hash_md5":"8209d940757db7a341e0db2b17618f70","name":"ct_bhv-ctf.png","is_logo":"Y","hash_crc32c":"2c477ed5","filesize":54217,"asset_id":627,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_bhv-ctf.png"}],"title":"Biohacking Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"A scenario-driven Capture the Flag contest, pits teams of participants against adversaries and a clock, to protect human life and public safety. Participants compete against each other on both real and simulated medical devices, integrated into the fully immersive Biohacking Village: Device Lab, laid out as a working hospital. \r\n\r\nChallenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with protocols like DICOM, HL7 and FHIR.\r\n\r\n# 2024 Capture the Flag Challenge\r\n\r\nWelcome, elite hackers and cyber sleuths, to a CTF experience like no other - the \"Code D.A.R.K. : Biohacking Village CTF Challenge\".\r\n \r\nMerge the worlds of biology and cybersecurity in an adrenaline-pumping contest that tests your skills in ways you've never imagined. Thrilling and challenging cybersecurity adventure centered around a hospital setting as a scenario where participants engage in a race against time to secure or retrieve critical medical data, navigating through various cybersecurity puzzles and challenges, where participants act as guardians of critical biological data. \r\n\r\nUnravel Biological Mysteries: Dive into a narrative where biotechnology meets cyber-warfare. Decode genetic puzzles, breach virtual lab networks, and outsmart bioinformatics security systems.\r\n\r\nElevate Your Hacking Game: Challenge yourself with unique biocybersecurity scenarios. This isn't your typical CTF - it's a fusion of biotech intrigue and hardcore hacking.\r\n\r\nCompete and Collaborate: Team up with fellow biohackers and cyber warriors. Share knowledge, strategize, and show off your skills in a community where biology and bits intersect.\r\n\r\nGear Up for a Cyber-Biotech Showdown\r\n\r\nImmersive Scenarios: Each challenge is a step into a world where safeguarding biological data is as critical as securing digital assets.\r\n\r\nSkill Diversity: Whether you're a veteran hacker or a biotech enthusiast, Code D.A.R.K. offers a range of puzzles that cater to a wide array of skills and interests.\r\n\r\n - OT/IT\r\n - Medical devices\r\n - Hospital infrastructure\r\n - Regulatory and international affairs\r\n - Robotics\r\n - Data\r\n - **Mark your calendars** and set your alarms because the action kicks off on Friday, August 9th at 1000 PDT.\r\n - **Play from anywhere in the world!** CTF open hours are as follows: \r\n - Friday, August 9th from 10am PST - 6pm PDT\r\n - Saturday, August 10th from 10am PST - 6pm PDT\r\n - Sunday, August 11th from 10am PST - 12pm PDT\r\n\r\n# RULES\r\n\r\n## REGISTRATION\r\n\r\nParticipants may only register once for this challenge. If participants register for this challenge more than once, the whole teams with a participant that registered multiple times will be disqualified.\r\n\r\nBy registering, participants agree that their accounts may be rejected or terminated and all submissions by them and/or their Team may be disqualified if any of the information in their account is incorrect.\r\n\r\nParticipants must agree to and abide by the [Code of Conduct](https://www.villageb.io/code-of-conduct) while participating in the Biohacking Village Capture the Flag. Anyone who will conduct themselves against the CoC will be eliminated from competition and banned forever.\r\n\r\n## TEAMS\r\n\r\nAfter participants register individually, they may work alone (team of one) or on one team with other challenge participants. To work on a team, they may either create a new team or join one that is pre-existing ( if a participant wishes to join a team or offer others to join, they can do so in the #ctf-st-elvis-teambuilding Discord Channel)\r\n\r\nThe maximum number of team members is five (5).\r\n\r\nAll teams must designate a Team Captain. A Team Captain serves as the official contact person for a team: this person should provide accurate and complete contact information to ensure that CTF organizers can reach their team if needed.\r\n\r\nEach member of the team must be a registered participant in the CTF.\r\n\r\nIf participants choose to join a team, then they may not simultaneously participate as an individual or another team. \r\n\r\n## CHALLENGE SUBMISSIONS\r\n\r\nAll submissions must be received during the Challenge period. Submissions posted after the posted time frame will be disqualified.\r\n\r\nParticipants may get an answer but it will forfeit their points for that challenge. Even if the flag they tried before was similar. The decision to get the answer is final for zero points.\r\n\r\n## CHALLENGE SCORING\r\n\r\nEach submission has set value known beforehand in the challenge description\r\n\r\nThe winning teams will be decided based on the number of the accumulated points during the CTF timeframe. In case two teams accumulate the same amount of points, the team that reached the amount of points in question faster will be the winner.\r\n\r\n## CHALLENGE DISQUALIFICATION\r\n\r\nWhole team gets disqualified if any of the following applies:\r\n\r\n - One or multiple team members have registered more than once\r\n - One or multiple team members will not follow [Code of Conduct](https://www.villageb.io/code-of-conduct) (applies to any of the Biohacking village platforms or social media)\r\n - Any offensive behaviour such as attacking the Biohacking Village infrastructure, denial of service, or escaping the boundaries set by the CTF or Device Lab environment\r\n\r\n## PRIVACY\r\n\r\nUnless stated otherwise on the mainsite, we do not share any information about participants with anyone. Some events or conferences might have/require other rules, in that case it will be noted on the CTFd site.","updated_timestamp":{"seconds":1722215343,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-29T01:09:03Z","links":[{"label":"More Info","type":"link","url":"https://www.villageb.io/capture-the-flag"}],"end":"2024-08-11T01:00:00.000-0000","id":55938,"tag_ids":[46371,46427,46439,46746],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-07","hotel":"","short_name":"HW3-05-07","id":46269},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-29T01:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Device Lab is highly-collaborative environment where security researchers test medical instruments, applications, and devices in real-time from participating Medical Device Manufacturers. Any potential issues are reported directly to the manufacturer, and coordinated vulnerability disclosures are produced.\r\n\r\nAs part of their product security programs, their proactive initiatives to test their products, and to enhance the cybersecurity of their medical technologies, select medical device makers are teaming up with the Biohacking Village.\r\n\r\nThese manufacturers are inviting security researchers to learn and to test their products in dedicated spaces set aside for them. Their staff will answer questions, educate researchers, and triage any potential security issues. Researchers who perform testing should expect to follow the manufacturers’ published coordinated vulnerability disclosure policy and report any potential issues found so they can be addressed. Security researchers must sign the Hippocratic Oath for Hackers and agree to the framework of boundaries and rules of engagement during and post conference engagement.\r\n\r\nWe have 10 manufacturers with 21 devices. You can find more information about the devices and each manufacturer's Vulnerability Disclosure Policy [here](https://www.villageb.io/device-lab).\n\n\n","media":[{"hash_sha256":"b57047f46800afe2ff021580e4f9e39ea7252a7f51b0f0fb3ba1a9f748a50de9","filetype":"image/png","hash_md5":"aa9ea400be95b7313ae2d044541cb9b4","name":"v_biohacking_village.png","is_logo":"Y","hash_crc32c":"83f838d1","filesize":47901,"asset_id":581,"sort_order":0,"url":"https://info.defcon.org/blobs/v_biohacking_village.png"}],"title":"Biohacking Village: Device Lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The Device Lab is highly-collaborative environment where security researchers test medical instruments, applications, and devices in real-time from participating Medical Device Manufacturers. Any potential issues are reported directly to the manufacturer, and coordinated vulnerability disclosures are produced.\r\n\r\nAs part of their product security programs, their proactive initiatives to test their products, and to enhance the cybersecurity of their medical technologies, select medical device makers are teaming up with the Biohacking Village.\r\n\r\nThese manufacturers are inviting security researchers to learn and to test their products in dedicated spaces set aside for them. Their staff will answer questions, educate researchers, and triage any potential security issues. Researchers who perform testing should expect to follow the manufacturers’ published coordinated vulnerability disclosure policy and report any potential issues found so they can be addressed. Security researchers must sign the Hippocratic Oath for Hackers and agree to the framework of boundaries and rules of engagement during and post conference engagement.\r\n\r\nWe have 10 manufacturers with 21 devices. You can find more information about the devices and each manufacturer's Vulnerability Disclosure Policy [here](https://www.villageb.io/device-lab).","updated_timestamp":{"seconds":1722214645,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-29T00:57:25Z","links":[{"label":"More Info","type":"link","url":"https://www.villageb.io/device-lab"},{"label":"Hippocractic Oath for Hackers","type":"link","url":"https://www.villageb.io/hippocractic-oath"}],"end":"2024-08-11T01:00:00.000-0000","id":55936,"tag_ids":[46371,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-07","hotel":"","short_name":"HW3-05-07","id":46269},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-29T00:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"When discussing the various cloud providers within the last decade, Google Cloud Platform (GCP) is often seen as the smaller provider following AWS and Azure with regards to market share. While GCP might appear smaller than its rival cloud providers, it still is very much in use today, and with this use comes the opportunities for developing pentesting tools. As I've been learning GCP over the last year, I have been making a framework in python (much like Pacu for AWS) specifically for GCP. This includes enumeration modules for some of the core services (Cloud Storage, Cloud Functions, Cloud Compute, IAM) along with the incorporation of numerous exploit modules, many of them rooted in Rhino Security's currently public GCP exploit repository (https://github.com/RhinoSecurityLabs/GCP-IAM-Privilege-Escalation/tree/master). In addition, the framework is built such that it should be easy for a first-time GCP user or beginner to code and develop modules that focus on purely navigating individual resources and easily drop those into the framework. The overall goal is to make an up-to-date, maintained enumeration and exploit toolset for GCP pentesters/red teams/researchers alike that reduces the barrier of entry for learning GCP by allowing average users to make their own modules that easily incorporate with the overall framework.\n\n\n","media":[],"title":"GCPwn: A Pentester's GCP Tool","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:30:00Z","end_timestamp":{"seconds":1723311000,"nanoseconds":0},"android_description":"When discussing the various cloud providers within the last decade, Google Cloud Platform (GCP) is often seen as the smaller provider following AWS and Azure with regards to market share. While GCP might appear smaller than its rival cloud providers, it still is very much in use today, and with this use comes the opportunities for developing pentesting tools. As I've been learning GCP over the last year, I have been making a framework in python (much like Pacu for AWS) specifically for GCP. This includes enumeration modules for some of the core services (Cloud Storage, Cloud Functions, Cloud Compute, IAM) along with the incorporation of numerous exploit modules, many of them rooted in Rhino Security's currently public GCP exploit repository (https://github.com/RhinoSecurityLabs/GCP-IAM-Privilege-Escalation/tree/master). In addition, the framework is built such that it should be easy for a first-time GCP user or beginner to code and develop modules that focus on purely navigating individual resources and easily drop those into the framework. The overall goal is to make an up-to-date, maintained enumeration and exploit toolset for GCP pentesters/red teams/researchers alike that reduces the barrier of entry for learning GCP by allowing average users to make their own modules that easily incorporate with the overall framework.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55488],"conference_id":133,"event_ids":[55917],"name":"Scott Weston","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"WebbinRoot","sort_order":0,"url":"https://WebbinRoot"}],"media":[],"id":56019}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-10T17:30:00.000-0000","id":55917,"tag_ids":[46169,46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":56019}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Chill out space to relax with us in a safe place. Grab a non-alcoholic drink, unleash your creativity and unwind with our art therapy, and connect with women and underrepresented communities working in security and privacy.\n\n\n","media":[],"title":"WISP Community & Inclusion Room","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Chill out space to relax with us in a safe place. Grab a non-alcoholic drink, unleash your creativity and unwind with our art therapy, and connect with women and underrepresented communities working in security and privacy.","updated_timestamp":{"seconds":1722206838,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T22:47:18Z","links":[{"label":"Website","type":"link","url":"https://www.wisporg.com/"}],"end":"2024-08-11T01:00:00.000-0000","id":55899,"tag_ids":[46410,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-04","hotel":"","short_name":"HW3-05-04","id":46266},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-28T22:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This contest is simple, and is designed to teach you the basics of transmitter direction finding and “fox hunting”. We offer multiple levels of difficulty – whether you’ve never done a fox hunt before or are a seasoned pro, you can participate in the hunt! Learning how to locate the source of radio signals is an important tool you can add to your hacker arsenal. Whether you’re hunting for a source of interference, a rogue wireless AP, or tracking down the FCC’s monitoring vans, the real-world skills you will gain from this contest will be invaluable.\r\n\r\nTo participate in the beginner IR foxhunt you will need a device that can receive IR light in the 900nm range – such as many cell phones and digital cameras!\r\n\r\nTo participate in the RF foxhunt(s) you will need a radio or a scanner that can receive signals in the 2m and/or 70cm Amateur Radio Bands (144.000 MHz - 146.000 MHz, 420.000 MHZ - 450.000 MHz)\n\n\n","media":[{"hash_sha256":"eaa2e18ed376870b0b3ebb931ebea74844c1032d6e048968b87b07d86e184b3a","filetype":"image/png","hash_md5":"0f6296e86e5676264624f7692fbe4ca2","name":"ct_ham-fox-hunt.png","is_logo":"Y","hash_crc32c":"c9eab3b2","filesize":83132,"asset_id":646,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_ham-fox-hunt.png"}],"title":"Ham Radio Fox Hunt","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"This contest is simple, and is designed to teach you the basics of transmitter direction finding and “fox hunting”. We offer multiple levels of difficulty – whether you’ve never done a fox hunt before or are a seasoned pro, you can participate in the hunt! Learning how to locate the source of radio signals is an important tool you can add to your hacker arsenal. Whether you’re hunting for a source of interference, a rogue wireless AP, or tracking down the FCC’s monitoring vans, the real-world skills you will gain from this contest will be invaluable.\r\n\r\nTo participate in the beginner IR foxhunt you will need a device that can receive IR light in the 900nm range – such as many cell phones and digital cameras!\r\n\r\nTo participate in the RF foxhunt(s) you will need a radio or a scanner that can receive signals in the 2m and/or 70cm Amateur Radio Bands (144.000 MHz - 146.000 MHz, 420.000 MHZ - 450.000 MHz)","updated_timestamp":{"seconds":1722184768,"nanoseconds":0},"speakers":[{"content_ids":[55432],"conference_id":133,"event_ids":[55855,55856,55857],"name":"Ham Radio Village Staff","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@HamRadioVillage"},{"description":"","title":"Website","sort_order":0,"url":"https://hamvillage.org"}],"media":[],"id":55973}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T16:39:28Z","links":[{"label":"More Info","type":"link","url":"https://hamvillage.org/dc32/"}],"end":"2024-08-11T01:00:00.000-0000","id":55856,"tag_ids":[46380,46427,46439,46743],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":55973}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-A","hotel":"","short_name":"HW4-02-02-A","id":46362},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-28T16:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"All content areas generally open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722141200,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T04:33:20Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55850,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-28T04:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this game capture the flag you will be presented with real configurations of real wireless and radio technologies to attack. Practice your skill and learn new ones from Radio Frequency IDentification (RFID) through Software Defined Radio (SDR) and up to Bluetooth and WiFi. There may even be Infrared, if you have the eye for it.\r\n\r\nRF Hackers Sanctuary is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 32. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\r\n\r\nWe cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\r\n\r\nThis game doesn’t let you sit still either, as there are numerous fox hunts, testing your skill in tracking various signals. If running around the conference looking for WiFi, Bluetooth, or even a Tire Pressure Monitoring System (TPMS) device sounds like fun, we are your source of a higher step count.\r\n\r\nThere will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.\n\n\n","media":[{"hash_sha256":"5f981ba5433d67bf2f8834a45bb258444769b295ae92186f2f68a4af3895f9c6","filetype":"image/png","hash_md5":"72e07d62ad0bbc2e291d84f343f14ae7","name":"ct_rfhs.png","is_logo":"Y","hash_crc32c":"5c2623fd","filesize":55723,"asset_id":657,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_rfhs.png"}],"title":"Radio Frequency Capture the Flag","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"In this game capture the flag you will be presented with real configurations of real wireless and radio technologies to attack. Practice your skill and learn new ones from Radio Frequency IDentification (RFID) through Software Defined Radio (SDR) and up to Bluetooth and WiFi. There may even be Infrared, if you have the eye for it.\r\n\r\nRF Hackers Sanctuary is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 32. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\r\n\r\nWe cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\r\n\r\nThis game doesn’t let you sit still either, as there are numerous fox hunts, testing your skill in tracking various signals. If running around the conference looking for WiFi, Bluetooth, or even a Tire Pressure Monitoring System (TPMS) device sounds like fun, we are your source of a higher step count.\r\n\r\nThere will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.","updated_timestamp":{"seconds":1722114431,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T21:07:11Z","links":[{"label":"Website","type":"link","url":"https://rfhackers.com"},{"label":"Scoreboard","type":"link","url":"https://scoreboard.rfhackers.com/"}],"end":"2024-08-11T01:00:00.000-0000","id":55845,"tag_ids":[46390,46439,46742],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-27T21:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Don’t Panic! The Social Engineering Community needs your help save the galaxy! We need brave and creative minds for our Youth Challenge to help us solve a series of challenges that will trigger the implosion failsafe.\n\n\n","media":[{"hash_sha256":"644e222049d8075294958387f5d1fe445f0b2475478877de25e0b67fa14294fb","filetype":"image/png","hash_md5":"c853babc9f241a502510097ea15bda71","name":"ct_secv_youth.png","is_logo":"Y","hash_crc32c":"8a3466fb","filesize":167278,"asset_id":690,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_secv_youth.png"}],"title":"Social Engineering Community Youth Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Don’t Panic! The Social Engineering Community needs your help save the galaxy! We need brave and creative minds for our Youth Challenge to help us solve a series of challenges that will trigger the implosion failsafe.","updated_timestamp":{"seconds":1722103348,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T18:02:28Z","links":[{"label":"More Info","type":"link","url":"https://www.se.community/youth-challenge/"}],"end":"2024-08-11T01:00:00.000-0000","id":55842,"tag_ids":[46393,46439,46740],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-27T18:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for the thrilling and BRAND NEW competition where professional social engineers battle a cutting-edge AI team to see who can achieve the most objectives, followed by an insightful panel discussion.\n\n\n","media":[],"title":"John Henry Competition - Human vs. AI & Panel Discussion","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T19:30:00Z","end_timestamp":{"seconds":1723318200,"nanoseconds":0},"android_description":"Join us for the thrilling and BRAND NEW competition where professional social engineers battle a cutting-edge AI team to see who can achieve the most objectives, followed by an insightful panel discussion.","updated_timestamp":{"seconds":1722103199,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T17:59:59Z","links":[{"label":"More Info","type":"link","url":"https://www.se.community/john-henry-competition/"}],"end":"2024-08-10T19:30:00.000-0000","id":55838,"tag_ids":[46393,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-27T17:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come check out the Social Engineering Community Village!\n\n\n","media":[],"title":"Social Engineering Community Village Hours","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Come check out the Social Engineering Community Village!","updated_timestamp":{"seconds":1722102714,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T17:51:54Z","links":[{"label":"More Info","type":"link","url":"https://www.se.community/schedule/"}],"end":"2024-08-11T01:00:00.000-0000","id":55830,"tag_ids":[46393,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-27T17:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to tinker with locks and tools the likes of which you've only seen in movies featuring secret agents, daring heists, or covert entry teams?\r\n\r\nThen come on by the Lockpick Village, run by The Open Organization Of Lockpickers, where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised.\r\n\r\nThe Lockpick Village is a physical security demonstration and participation area. Visitors can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficultly to try it themselves.\r\n\r\nExperts will be on hand to demonstrate and plenty of trial locks, pick tools, and other devices will be available for you to handle. By exploring the faults and flaws in many popular lock designs, you can not only learn about the fun hobby of sport-picking, but also gain a much stronger knowledge about the best methods and practices for protecting your own property.\r\n\r\nA popular spot for new lock pickers! Highly recommended you stop by. The Lockpick Village is always kid friendly and welcomes folks of all ages. We do require that the parents stay with the kids.\n\n\n","media":[],"title":"Lockpicking Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Want to tinker with locks and tools the likes of which you've only seen in movies featuring secret agents, daring heists, or covert entry teams?\r\n\r\nThen come on by the Lockpick Village, run by The Open Organization Of Lockpickers, where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised.\r\n\r\nThe Lockpick Village is a physical security demonstration and participation area. Visitors can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficultly to try it themselves.\r\n\r\nExperts will be on hand to demonstrate and plenty of trial locks, pick tools, and other devices will be available for you to handle. By exploring the faults and flaws in many popular lock designs, you can not only learn about the fun hobby of sport-picking, but also gain a much stronger knowledge about the best methods and practices for protecting your own property.\r\n\r\nA popular spot for new lock pickers! Highly recommended you stop by. The Lockpick Village is always kid friendly and welcomes folks of all ages. We do require that the parents stay with the kids.","updated_timestamp":{"seconds":1722093520,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-27T15:18:40Z","links":[{"label":"Website","type":"link","url":"https://www.toool.us/"},{"label":"Twitter (@toool)","type":"link","url":"https://twitter.com/toool"}],"end":"2024-08-11T01:00:00.000-0000","id":55820,"tag_ids":[46384,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03-A","hotel":"","short_name":"HW2-07-03-A","id":46383},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-27T15:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Embedded systems are everywhere in our daily lives, from the smart devices in our homes to the systems that control critical infrastructure. These systems exist at the intersection of hardware and software, built to accomplish a specific task. However, unlike general-purpose computers, embedded systems are typically designed for a particular case of use and have limited resources. This makes them both challenging and fascinating to work with, especially from a security perspective. Often these disciplines are dealt with individually, but understanding the custom relationships between hardware and software is vital to performing security research on these devices.\r\n\r\nThe embedded device CTF contest is an exciting opportunity to explore the intricacies of these systems and test your skills in a competitive environment. Contestants are challenged to find vulnerabilities in the firmware or hardware and exploit them to gain access or control over the device. The contest offers a unique opportunity to explore embedded devices' inner workings and understand their design's security implications.\r\n\r\nNew devices will be dramatically introduced at set intervals throughout the competition, and point values will decrease over time. This keeps contestants guessing and on their toes, forcing them to adapt and use their skills to tackle new challenges. It also offers a chance to learn about different types of devices and how they function, broadening participants' knowledge and experience.\r\n\r\nBy participating in the contest, contestants can develop a deep understanding of how these systems operate and how to secure them against potential attacks. Additionally, the contest encourages participants to think outside the box and approach problems creatively, honing their problem-solving skills. The competition provides a valuable opportunity to network with like-minded individuals and a chance to learn from others in the field hands-on.\r\n\r\nOverall, the embedded device CTF contest is an exciting and educational experience that showcases the unique challenges and rewards of working with embedded devices. With the rise of the Internet of Things and the increasing integration of technology in our daily lives, embedded devices are becoming more ubiquitous, making this contest relevant and worth checking out. Whether you're a seasoned security professional or just starting in the field, the contest offers a chance to learn, test your skills, and have fun in a dynamic and competitive environment.\r\n\r\nThis is the main event at Embedded Systems Village. Come and show off your skills at hacking our collection of vulnerable embedded devices and find flags to score points! New this year we have a 101 track where each team will have their own set of emulated devices, as well as embedded challenges from the MITRE eCTF and some boss-level embedded challenges from Toyota Tsusho Systems US!\n\n\n","media":[{"hash_sha256":"a696b6f750fbe91d74ff91917f95bfe709d70e794beab35ff900219f1c87bdb9","filetype":"image/png","hash_md5":"173fb1fa87976ebc72de68fcb9171698","name":"ct_embedded.png","is_logo":"Y","hash_crc32c":"85767de7","filesize":121480,"asset_id":641,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_embedded.png"}],"title":"Embedded CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Embedded systems are everywhere in our daily lives, from the smart devices in our homes to the systems that control critical infrastructure. These systems exist at the intersection of hardware and software, built to accomplish a specific task. However, unlike general-purpose computers, embedded systems are typically designed for a particular case of use and have limited resources. This makes them both challenging and fascinating to work with, especially from a security perspective. Often these disciplines are dealt with individually, but understanding the custom relationships between hardware and software is vital to performing security research on these devices.\r\n\r\nThe embedded device CTF contest is an exciting opportunity to explore the intricacies of these systems and test your skills in a competitive environment. Contestants are challenged to find vulnerabilities in the firmware or hardware and exploit them to gain access or control over the device. The contest offers a unique opportunity to explore embedded devices' inner workings and understand their design's security implications.\r\n\r\nNew devices will be dramatically introduced at set intervals throughout the competition, and point values will decrease over time. This keeps contestants guessing and on their toes, forcing them to adapt and use their skills to tackle new challenges. It also offers a chance to learn about different types of devices and how they function, broadening participants' knowledge and experience.\r\n\r\nBy participating in the contest, contestants can develop a deep understanding of how these systems operate and how to secure them against potential attacks. Additionally, the contest encourages participants to think outside the box and approach problems creatively, honing their problem-solving skills. The competition provides a valuable opportunity to network with like-minded individuals and a chance to learn from others in the field hands-on.\r\n\r\nOverall, the embedded device CTF contest is an exciting and educational experience that showcases the unique challenges and rewards of working with embedded devices. With the rise of the Internet of Things and the increasing integration of technology in our daily lives, embedded devices are becoming more ubiquitous, making this contest relevant and worth checking out. Whether you're a seasoned security professional or just starting in the field, the contest offers a chance to learn, test your skills, and have fun in a dynamic and competitive environment.\r\n\r\nThis is the main event at Embedded Systems Village. Come and show off your skills at hacking our collection of vulnerable embedded devices and find flags to score points! New this year we have a 101 track where each team will have their own set of emulated devices, as well as embedded challenges from the MITRE eCTF and some boss-level embedded challenges from Toyota Tsusho Systems US!","updated_timestamp":{"seconds":1722037378,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-26T23:42:58Z","links":[{"label":"Twitter (@EmbeddedVillage)","type":"link","url":"https://twitter.com/EmbeddedVillage"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249361"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249360"},{"label":"More Info","type":"link","url":"https://www.embeddedvillage.org"}],"end":"2024-08-11T01:00:00.000-0000","id":55810,"tag_ids":[46379,46439,46739],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-26T23:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come and explore embedded communication by sniffing wireless traffic, exploring embedded servers, and finding flags hidden within.\n\n\n","media":[],"title":"Wireless & Networking workshop","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Come and explore embedded communication by sniffing wireless traffic, exploring embedded servers, and finding flags hidden within.","updated_timestamp":{"seconds":1722303624,"nanoseconds":0},"speakers":[{"content_ids":[55408],"conference_id":133,"event_ids":[55802,55809,55817],"name":"Alex Kelly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56029}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-30T01:40:24Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55809,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56029}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-30T01:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hack your first embedded system! Sit down at our provided laptops and be guided through exploiting an IP camera, then learn how you can set up the emulated camera (and other devices) at home with Ludus!\n\n\n","media":[],"title":"Emulating (and Hacking) Embedded Devices","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Hack your first embedded system! Sit down at our provided laptops and be guided through exploiting an IP camera, then learn how you can set up the emulated camera (and other devices) at home with Ludus!","updated_timestamp":{"seconds":1722037241,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-26T23:40:41Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55808,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-26T23:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come try a hands-on workshop on embedded computing using the new RP2350 processor from Raspberry Pi.  Lean about the security architecture in modern embedded microprocessors and tinker with it in person! Think you have what it takes to break our stuff? Come learn, say hi and give it a try!\n\n\n","media":[],"title":"Secure Microcontroller Workshop","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Come try a hands-on workshop on embedded computing using the new RP2350 processor from Raspberry Pi.  Lean about the security architecture in modern embedded microprocessors and tinker with it in person! Think you have what it takes to break our stuff? Come learn, say hi and give it a try!","updated_timestamp":{"seconds":1723217513,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-09T15:31:53Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55807,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-09T15:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This series of self-guided labs will introduce even the most novice hacker to the world of embedded device firmware and software exploitation. First-come first-served, don't miss a chance try out these labs and get started with embedded device hacking.\n\n\n","media":[],"title":"101 Labs: Firmware and Software exploitation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"This series of self-guided labs will introduce even the most novice hacker to the world of embedded device firmware and software exploitation. First-come first-served, don't miss a chance try out these labs and get started with embedded device hacking.","updated_timestamp":{"seconds":1722037224,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-26T23:40:24Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55806,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-26T23:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you've never popped open an embedded device and tried to get a simple shell, this is the lab for you. This is a first-come first-served workshop where you can walk through the step by step instructions to finding and connecting to a debug interface on an embedded device.\n\n\n","media":[],"title":"101 Labs: Hardware Lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"If you've never popped open an embedded device and tried to get a simple shell, this is the lab for you. This is a first-come first-served workshop where you can walk through the step by step instructions to finding and connecting to a debug interface on an embedded device.","updated_timestamp":{"seconds":1722037214,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-26T23:40:14Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55805,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-26T23:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Curious about hacking chips using fault-injection? Take your first steps in our (free) glitching workshops! We provide you with hardware & guidance to conduct your first fault-injection attacks, all you need is a laptop running Python & OpenOCD: Reproduce the nRF52 \"AirTag\" glitch or learn how to glitch one of the chips used in crypto-wallets to store millions of dollars.\r\n\r\nWe will also have a secret challenge announced on site!\r\n\r\nLab provided by hextree.io\n\n\n","media":[],"title":"Hardware Hacking: Glitching Lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Curious about hacking chips using fault-injection? Take your first steps in our (free) glitching workshops! We provide you with hardware & guidance to conduct your first fault-injection attacks, all you need is a laptop running Python & OpenOCD: Reproduce the nRF52 \"AirTag\" glitch or learn how to glitch one of the chips used in crypto-wallets to store millions of dollars.\r\n\r\nWe will also have a secret challenge announced on site!\r\n\r\nLab provided by hextree.io","updated_timestamp":{"seconds":1722037194,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-26T23:39:54Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55804,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-26T23:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ever see someone walking around DEF CON and wonder “what is up with the hard hats?”\r\n\r\nThe Hard Hat Brigade brings hackers together in the spirit of endless curiosity and tinkering. We use a common platform (hats) to combine art (bling) and hacker functionality (warez) to inspire others to explore outside of their comfort zones in a safe and welcoming community.\r\n\r\nWe encourage everyone to explore their creativity using art, electronics, mechanical design, or any other medium that piques their interest. Hats are inexpensive, widely available, and easy to modify to suit your needs. We started with hard hats but are not limited to any type of hat, so you have the freedom to choose whatever hat suits your fancy.\r\n\r\nDespite everyone using a common platform, every creation is unique and embodies the personality of the creator. Walking around DEF CON, you can display your creation for all to see, and many will stop to ask you about what you have created. This allows you to talk about your experience, as well as inspire others to explore new ideas of their own.\r\n\r\nOne of the challenges at hacker summer camp has been finding people to connect with. By leveraging hard hats as a canvas, HHB has solved this challenge with something that is incredibly accessible while also offering a ton of variety. Gazing upon these creations, they reflect back the uniqueness of all the awesome hackers that we’ve been able to meet. In years past, we’ve had the opportunity to see how so many talented and creative hackers tackle the challenge of using the venerable hard hat as their muse. Just as fun, charming and skilled as so many attendees are, the hard hat has been a great vessel to carry their awesome projects. \r\n\r\nStop by our community space and make your trip memorable by trying on a hat, learning and sharing building techniques, networking with other hat loving hackers, and expressing yourself in your own hacker way. Keep on hacking!\n\n\n","media":[],"title":"Hard Hat Brigade - Community Space Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Ever see someone walking around DEF CON and wonder “what is up with the hard hats?”\r\n\r\nThe Hard Hat Brigade brings hackers together in the spirit of endless curiosity and tinkering. We use a common platform (hats) to combine art (bling) and hacker functionality (warez) to inspire others to explore outside of their comfort zones in a safe and welcoming community.\r\n\r\nWe encourage everyone to explore their creativity using art, electronics, mechanical design, or any other medium that piques their interest. Hats are inexpensive, widely available, and easy to modify to suit your needs. We started with hard hats but are not limited to any type of hat, so you have the freedom to choose whatever hat suits your fancy.\r\n\r\nDespite everyone using a common platform, every creation is unique and embodies the personality of the creator. Walking around DEF CON, you can display your creation for all to see, and many will stop to ask you about what you have created. This allows you to talk about your experience, as well as inspire others to explore new ideas of their own.\r\n\r\nOne of the challenges at hacker summer camp has been finding people to connect with. By leveraging hard hats as a canvas, HHB has solved this challenge with something that is incredibly accessible while also offering a ton of variety. Gazing upon these creations, they reflect back the uniqueness of all the awesome hackers that we’ve been able to meet. In years past, we’ve had the opportunity to see how so many talented and creative hackers tackle the challenge of using the venerable hard hat as their muse. Just as fun, charming and skilled as so many attendees are, the hard hat has been a great vessel to carry their awesome projects. \r\n\r\nStop by our community space and make your trip memorable by trying on a hat, learning and sharing building techniques, networking with other hat loving hackers, and expressing yourself in your own hacker way. Keep on hacking!","updated_timestamp":{"seconds":1721968701,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-26T04:38:21Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55795,"tag_ids":[46403,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-02","hotel":"","short_name":"HW2-08-02","id":46261},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-26T04:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"(NOTE: This is an overflow class only if the first session is full)\r\n\r\nLearn how to program the DCNextGen Badge\n\n\n","media":[],"title":"Intro to Circuit Python (Badge class level 1) (Overflow if Friday is too full)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"(NOTE: This is an overflow class only if the first session is full)\r\n\r\nLearn how to program the DCNextGen Badge","updated_timestamp":{"seconds":1721785100,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T01:38:20Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":55758,"tag_ids":[46398,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-24T01:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the digital age, the agriculture industry has embraced advanced technologies to enhance productivity and efficiency. Central to this transformation are Industrial Control Systems (ICS), which manage everything from irrigation and fertilization to harvesting and storage. However, the integration of ICS in agriculture has also introduced a new vector of vulnerabilities and cyber threats.\r\n\r\nThis presentation will delve into the critical need to secure ICS in the agriculture sector against an ever-growing array of cyber threats. We will explore the unique challenges that agriculture faces, including the dispersed nature of operations, the integration of legacy systems with modern technologies, and the reliance on remote access and IoT devices.\n\n\n","media":[],"title":"Securing the Harvest: Cyber Defense for Agricultural Control Systems","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:55:00Z","end_timestamp":{"seconds":1723312500,"nanoseconds":0},"android_description":"In the digital age, the agriculture industry has embraced advanced technologies to enhance productivity and efficiency. Central to this transformation are Industrial Control Systems (ICS), which manage everything from irrigation and fertilization to harvesting and storage. However, the integration of ICS in agriculture has also introduced a new vector of vulnerabilities and cyber threats.\r\n\r\nThis presentation will delve into the critical need to secure ICS in the agriculture sector against an ever-growing array of cyber threats. We will explore the unique challenges that agriculture faces, including the dispersed nature of operations, the integration of legacy systems with modern technologies, and the reliance on remote access and IoT devices.","updated_timestamp":{"seconds":1721781676,"nanoseconds":0},"speakers":[{"content_ids":[55340,55349],"conference_id":133,"event_ids":[55732,55741],"name":"Ray Baeza","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Agriculture Defense Group","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":55964,"title":"Founder at Agriculture Defense Group"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-24T00:41:16Z","links":[],"end":"2024-08-10T17:55:00.000-0000","id":55741,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55964}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-24T00:41:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the era of innovation and growth, technology and evolving landscape of cloud services, hybrid environments has become crucial for running smooth business operations. Integration between Cloud and On-Premise environments has helped organizations to build a bridge to fill the gap and increased flexibility, scalability, and agility in these digital world. This presentation delves into the complexities of various Azure offerings, investigating how malicious actors can exploit them to breach on-prem server. \n\nWe initiate our talk with a robust device management solution, demonstrating how attackers can enlist devices and manipulate certain functionalities to execute commands, which give complete access to Employee's Devices. Transitioning to another Azure feature, we dissect a connectivity option that enables PowerShell Remoting, effectively bridging the gap between Azure and on-premises servers.\n\nOur exploration extends to Hybrid Workers which can be utilized to execute commands on on-premises servers, providing attackers with a stealthy pathway and can also be misused for persistence. We then examine Azure Arc and its Custom Script Extension, illustrating how it can be leveraged to execute commands within on-premises environments from the cloud.\n\nThe talk extends to the realm of Azure DevOps, where we shed light on abuse use case associated with custom agents being used for pipeline operations, granting unauthorized entry to on-prem resources. And finally, attention is drawn to the exploitation of web-based vulnerabilities, such as Remote Code Execution (RCE), to establish a foothold in on-prem networks which leverages Azure services for hosting on-prem applications.\n\n\n","media":[],"title":"The Hybrid Horizon: Unleashing the Power of Azure Hybrid Integrations","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T17:50:00Z","end_timestamp":{"seconds":1723312200,"nanoseconds":0},"android_description":"In the era of innovation and growth, technology and evolving landscape of cloud services, hybrid environments has become crucial for running smooth business operations. Integration between Cloud and On-Premise environments has helped organizations to build a bridge to fill the gap and increased flexibility, scalability, and agility in these digital world. This presentation delves into the complexities of various Azure offerings, investigating how malicious actors can exploit them to breach on-prem server. \n\nWe initiate our talk with a robust device management solution, demonstrating how attackers can enlist devices and manipulate certain functionalities to execute commands, which give complete access to Employee's Devices. Transitioning to another Azure feature, we dissect a connectivity option that enables PowerShell Remoting, effectively bridging the gap between Azure and on-premises servers.\n\nOur exploration extends to Hybrid Workers which can be utilized to execute commands on on-premises servers, providing attackers with a stealthy pathway and can also be misused for persistence. We then examine Azure Arc and its Custom Script Extension, illustrating how it can be leveraged to execute commands within on-premises environments from the cloud.\n\nThe talk extends to the realm of Azure DevOps, where we shed light on abuse use case associated with custom agents being used for pipeline operations, granting unauthorized entry to on-prem resources. And finally, attention is drawn to the exploitation of web-based vulnerabilities, such as Remote Code Execution (RCE), to establish a foothold in on-prem networks which leverages Azure services for hosting on-prem applications.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55289],"conference_id":133,"event_ids":[55679],"name":"Chirag Savla","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@chiragsavla94)","sort_order":0,"url":"https://twitter.com/chiragsavla94"}],"media":[],"id":55837},{"content_ids":[55289],"conference_id":133,"event_ids":[55679],"name":"Raunak Parmar","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@trouble1_raunak)","sort_order":0,"url":"https://twitter.com/trouble1_raunak"}],"media":[],"id":55838}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T17:50:00.000-0000","id":55679,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55837},{"tag_id":46167,"sort_order":4,"person_id":55838}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Ascension","hotel":"","short_name":"Ascension","id":46504},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Offensive security is an unfamiliar concept to most physical security practitioners. Yet we still rely on physical security teams to protect our hardware, network, ports, and assets. Physical security professionals are often non-technical, former law enforcement/military, and are focused on protecting people instead of property. This talk will bridge the gap between physical and cyber red teaming, covering the best approaches, common pitfalls, dangers, and benefits of testing physical security programs as part of a red team assessment. From the difficulty of “patching” physical vulnerabilities to examples of red teams gone wrong and how to approach physical security teams without being viewed as an actual adversary - you will walk away with a broader perspective and the ability to be a better partner when conducting physical red team assessments.\n\n\n","media":[],"title":"Physical Red Teaming for Offensive Cyber Teams","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T17:50:00Z","end_timestamp":{"seconds":1723312200,"nanoseconds":0},"android_description":"Offensive security is an unfamiliar concept to most physical security practitioners. Yet we still rely on physical security teams to protect our hardware, network, ports, and assets. Physical security professionals are often non-technical, former law enforcement/military, and are focused on protecting people instead of property. This talk will bridge the gap between physical and cyber red teaming, covering the best approaches, common pitfalls, dangers, and benefits of testing physical security programs as part of a red team assessment. From the difficulty of “patching” physical vulnerabilities to examples of red teams gone wrong and how to approach physical security teams without being viewed as an actual adversary - you will walk away with a broader perspective and the ability to be a better partner when conducting physical red team assessments.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55288],"conference_id":133,"event_ids":[55678],"name":"Shawn Abelson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55840},{"content_ids":[55288],"conference_id":133,"event_ids":[55678],"name":"Ana Aslanishvili","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55841}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T17:50:00.000-0000","id":55678,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55840},{"tag_id":46167,"sort_order":4,"person_id":55841}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Satellites form a critical infrastructure for our modern world, enabling global communications, navigation, weather forecasting, and more. However, the growing reliance on satellites also highlights a troubling concern: their cybersecurity vulnerabilities.\r\n\r\nFirstly, I provide a technical overview of how satellite communications work, covering aspects such as signal transmission, encryption, and decryption. This leads into an examination of vulnerabilities, including insecure communication channels, outdated encryption algorithms, and hardware flaws, which can be exploited by malicious actors.\r\n\r\nThen shift focus to the practical aspects of satellite hacking, outlining key methods such as signal interception, replay attacks, and jamming. We introduce essential tools for these tasks, including GNU Radio, SDR (Software-Defined Radio), that will be used practically.\r\n\r\nCase studies are also discussed, providing insights into high-profile satellite hacking incidents. These real-world examples and personal war stories serve to highlight the various methods used, lessons learned, and challenges faced by red teams in this domain, including signal interference and staying ahead of security updates.\r\nThe paper concludes with guidance for red teams and cybersecurity professionals. I offer advice on setting up a satellite hacking environment, conducting effective penetration testing, and reporting findings. \r\n\r\nIn summary, this talk aims to illuminate the vulnerabilities of satellite systems and provide red teams with the technical, ethical, and practical knowledge necessary to navigate this unique domain responsibly.\n\n\n","media":[],"title":"Hacking the Skies – Satellite Red Teaming","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T17:50:00Z","end_timestamp":{"seconds":1723312200,"nanoseconds":0},"android_description":"Satellites form a critical infrastructure for our modern world, enabling global communications, navigation, weather forecasting, and more. However, the growing reliance on satellites also highlights a troubling concern: their cybersecurity vulnerabilities.\r\n\r\nFirstly, I provide a technical overview of how satellite communications work, covering aspects such as signal transmission, encryption, and decryption. This leads into an examination of vulnerabilities, including insecure communication channels, outdated encryption algorithms, and hardware flaws, which can be exploited by malicious actors.\r\n\r\nThen shift focus to the practical aspects of satellite hacking, outlining key methods such as signal interception, replay attacks, and jamming. We introduce essential tools for these tasks, including GNU Radio, SDR (Software-Defined Radio), that will be used practically.\r\n\r\nCase studies are also discussed, providing insights into high-profile satellite hacking incidents. These real-world examples and personal war stories serve to highlight the various methods used, lessons learned, and challenges faced by red teams in this domain, including signal interference and staying ahead of security updates.\r\nThe paper concludes with guidance for red teams and cybersecurity professionals. I offer advice on setting up a satellite hacking environment, conducting effective penetration testing, and reporting findings. \r\n\r\nIn summary, this talk aims to illuminate the vulnerabilities of satellite systems and provide red teams with the technical, ethical, and practical knowledge necessary to navigate this unique domain responsibly.","updated_timestamp":{"seconds":1721595297,"nanoseconds":0},"speakers":[{"content_ids":[55287],"conference_id":133,"event_ids":[55677],"name":"Agostino Panico","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@Van1sh_BSidesIT)","sort_order":0,"url":"https://twitter.com/Van1sh_BSidesIT"}],"media":[],"id":55842}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T20:54:57Z","links":[],"end":"2024-08-10T17:50:00.000-0000","id":55677,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55842}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-21T20:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This presentation is part of a graduate research project that delves into the vulnerabilities of Machine Learning (ML) models specifically designed to detect DNS Over HTTPS (DoH) tunnels. Previous research has primarily focused on developing models that prioritize accuracy and explainability. However, these studies have often overlooked the potential of adversarial attacks, leaving the models vulnerable to common adversarial attacks like black-box attacks. This presentation will demonstrate that all cutting-edge DoH tunnel detection models are vulnerable to black-box attacks. Our approach leverages real-world input data generated by DoH tunnel tools, which are constrained in the attack algorithm.\r\n\r\nMoreover, we will show specific vulnerable features that model developers should avoid. When this feature type is considered, we successfully evaded all DoH tunnel detection models without using advanced techniques.\r\n\r\nNotably, the audience can use the same methods to evade most Machine Learning-Based Network Intrusion Detection Systems, underlining our findings' immediate and practical implications.\r\n\r\nght Scholarship at the University of Arizona and the University of Florida, focusing on malware analysis. Additionally, Emanuel actively contributes to the OWASP Top 10 for LLM Apps. Committed to advancing cybersecurity technology, he shares his expertise through speaking engagements and research collaborations.\r\n\r\nThis presentation will dive into attacking ML DoH tunnel detection models using adversarial attack techniques for evasion. The key discussion points are as follows:\r\n\r\n1 DNS tunnels\r\nIn this section, we will discuss the evolution of DNS. We will explain why DNS over HTTPS (DoH) was conceived, what motivations drove it, and why vulnerabilities from its predecessor tried to mitigate them. Next, we will demonstrate how attackers can leverage DNS and DoH to create tunnels, which are covert channels for communication that bypass traditional network security measures. These tunnels can be used to exfiltrate information or as C&C (Command and Control) communication channels for malicious activities. Additionally, we will highlight the most popular tools for creating these tunnels using DoH.\r\n\r\n2 DoH Tunnel Detection Models\r\nThis section will discuss the primary datasets the scientific community uses to create ML models for detecting DoH tunnels. We will highlight how to extract features from DoH requests and which are the most used. We will also address the gaps and bad practices in these datasets that lead to developing vulnerable models. Additionally, we will show the best practices for building DoH tunnel detection models, such as choosing the best algorithms, implementing robust feature engineering techniques, and selecting the most relevant features for the model.\r\n\r\n3 Adversarial Attacks\r\nThis section will introduce adversarial attacks, a type of attack that aims to deceive or mislead a machine learning model by providing it with maliciously crafted input data. We will explain how 'white' and 'black' attacks on ML models are executed and how they differ. Furthermore, we will explain how to adapt 'black-box attacks, a type of adversarial attack where the attacker does not know the internal workings of the model, to target DoH tunnel detection models and similar models.\r\n\r\n4 Attacking (DEMOs)\r\nThis section will present demos covering the following scenarios: First, we will demonstrate how basic black-box attacks work for attacking DoH tunnel detection models. Next, we will show a demo using previous attacks, but this time, we will incorporate real-world inputs from DoH tunnel detection tools, constraining the attack algorithm. We will also identify vulnerable features within the dataset that attackers can exploit to bypass the DoH tunnel detection models. Additionally, we will release a patched open-source tool, dnstt, to consider all considered scenarios.\r\nNote: The demonstrations will be conducted live, but we will have pre-recorded videos to ensure continuity in case of any issues.\r\n\r\n5 Defending\r\nThis section will explain how to defend against the attacks presented earlier and demonstrate 'good practices and techniques' for protecting against them. We will also show how to build a robust model trained with adversarial attack samples generated from previous attacks, which can help improve the model's resilience to future attacks.\r\n\r\n6 Next Steps\r\nIn the final section, we will outline the future steps in our research and discuss the remaining gaps. We warmly invite new contributors to join our research efforts, as your insights and expertise can significantly advance our understanding in this field.\r\nLinks:\r\n\r\nExperiments (Attacking DoH tunnel detection models): [link](https://drive.google.com/drive/folders/1XJnemvBNs9wAW1LHWfT2ZVZnzbSyqx-z?usp=sharing)\r\n\r\nBlack Box Attack: Zero Order Optimization Attack, constrained to support real doh tunnel tools inputs: [link](https://drive.google.com/drive/folders/1_1tK9YfqtUVxSaVjsQHMpKhFrgmX_eAT?usp=sharing)\r\n\r\nDnstt patch (ongoing): You can now run it separately (dnstt + patch). The provided code does exactly that: [link](https://drive.google.com/drive/folders/1qkhwAXBCy0wWasGH4RsTs06WcJqiTehE?usp=sharing)\r\n\n\n\n","media":[],"title":"DoH Deception: Evading ML-Based Tunnel Detection with Black-Box Attack Techniques","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T17:50:00Z","end_timestamp":{"seconds":1723312200,"nanoseconds":0},"android_description":"This presentation is part of a graduate research project that delves into the vulnerabilities of Machine Learning (ML) models specifically designed to detect DNS Over HTTPS (DoH) tunnels. Previous research has primarily focused on developing models that prioritize accuracy and explainability. However, these studies have often overlooked the potential of adversarial attacks, leaving the models vulnerable to common adversarial attacks like black-box attacks. This presentation will demonstrate that all cutting-edge DoH tunnel detection models are vulnerable to black-box attacks. Our approach leverages real-world input data generated by DoH tunnel tools, which are constrained in the attack algorithm.\r\n\r\nMoreover, we will show specific vulnerable features that model developers should avoid. When this feature type is considered, we successfully evaded all DoH tunnel detection models without using advanced techniques.\r\n\r\nNotably, the audience can use the same methods to evade most Machine Learning-Based Network Intrusion Detection Systems, underlining our findings' immediate and practical implications.\r\n\r\nght Scholarship at the University of Arizona and the University of Florida, focusing on malware analysis. Additionally, Emanuel actively contributes to the OWASP Top 10 for LLM Apps. Committed to advancing cybersecurity technology, he shares his expertise through speaking engagements and research collaborations.\r\n\r\nThis presentation will dive into attacking ML DoH tunnel detection models using adversarial attack techniques for evasion. The key discussion points are as follows:\r\n\r\n1 DNS tunnels\r\nIn this section, we will discuss the evolution of DNS. We will explain why DNS over HTTPS (DoH) was conceived, what motivations drove it, and why vulnerabilities from its predecessor tried to mitigate them. Next, we will demonstrate how attackers can leverage DNS and DoH to create tunnels, which are covert channels for communication that bypass traditional network security measures. These tunnels can be used to exfiltrate information or as C&C (Command and Control) communication channels for malicious activities. Additionally, we will highlight the most popular tools for creating these tunnels using DoH.\r\n\r\n2 DoH Tunnel Detection Models\r\nThis section will discuss the primary datasets the scientific community uses to create ML models for detecting DoH tunnels. We will highlight how to extract features from DoH requests and which are the most used. We will also address the gaps and bad practices in these datasets that lead to developing vulnerable models. Additionally, we will show the best practices for building DoH tunnel detection models, such as choosing the best algorithms, implementing robust feature engineering techniques, and selecting the most relevant features for the model.\r\n\r\n3 Adversarial Attacks\r\nThis section will introduce adversarial attacks, a type of attack that aims to deceive or mislead a machine learning model by providing it with maliciously crafted input data. We will explain how 'white' and 'black' attacks on ML models are executed and how they differ. Furthermore, we will explain how to adapt 'black-box attacks, a type of adversarial attack where the attacker does not know the internal workings of the model, to target DoH tunnel detection models and similar models.\r\n\r\n4 Attacking (DEMOs)\r\nThis section will present demos covering the following scenarios: First, we will demonstrate how basic black-box attacks work for attacking DoH tunnel detection models. Next, we will show a demo using previous attacks, but this time, we will incorporate real-world inputs from DoH tunnel detection tools, constraining the attack algorithm. We will also identify vulnerable features within the dataset that attackers can exploit to bypass the DoH tunnel detection models. Additionally, we will release a patched open-source tool, dnstt, to consider all considered scenarios.\r\nNote: The demonstrations will be conducted live, but we will have pre-recorded videos to ensure continuity in case of any issues.\r\n\r\n5 Defending\r\nThis section will explain how to defend against the attacks presented earlier and demonstrate 'good practices and techniques' for protecting against them. We will also show how to build a robust model trained with adversarial attack samples generated from previous attacks, which can help improve the model's resilience to future attacks.\r\n\r\n6 Next Steps\r\nIn the final section, we will outline the future steps in our research and discuss the remaining gaps. We warmly invite new contributors to join our research efforts, as your insights and expertise can significantly advance our understanding in this field.\r\nLinks:\r\n\r\nExperiments (Attacking DoH tunnel detection models): [link](https://drive.google.com/drive/folders/1XJnemvBNs9wAW1LHWfT2ZVZnzbSyqx-z?usp=sharing)\r\n\r\nBlack Box Attack: Zero Order Optimization Attack, constrained to support real doh tunnel tools inputs: [link](https://drive.google.com/drive/folders/1_1tK9YfqtUVxSaVjsQHMpKhFrgmX_eAT?usp=sharing)\r\n\r\nDnstt patch (ongoing): You can now run it separately (dnstt + patch). The provided code does exactly that: [link](https://drive.google.com/drive/folders/1qkhwAXBCy0wWasGH4RsTs06WcJqiTehE?usp=sharing)","updated_timestamp":{"seconds":1721595334,"nanoseconds":0},"speakers":[{"content_ids":[55286],"conference_id":133,"event_ids":[55676],"name":"Emanuel Valente","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@emanu_valente)","sort_order":0,"url":"https://twitter.com/emanu_valente"}],"media":[],"id":55843}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T20:55:34Z","links":[],"end":"2024-08-10T17:50:00.000-0000","id":55676,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55843}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-21T20:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Antivirus (AV) solutions, serving as the last line of defense on users’ endpoint devices, have evolved into highly complex entities. Often operated as 'black boxes' from user’s perspective due to proprietary and security reasons, the principle of 'security through obscurity' - though far from ideal - remains prevalent in the cat-and-mouse game between defenders and attackers. This dynamic places researchers and attackers in similar positions; while malware authors can fingerprint AV detection mechanisms through various evasion techniques, researchers can employ similar methods to identify improvement opportunities in security products.\nThis study evaluates the effectiveness and performance of AV solutions against 18 open-source evasion frameworks. Notably, no AV solution could detect all samples from open-source evasion tools, and conversely, no evasion tool could bypass all contemporary AVs. This limitation is primarily attributed to the AVs’ reliance on signature and heuristic engines to balance between performance, security and access (false-positive rates). To delve deeper into AV detection capabilities across signature, heuristic, and behavioral evasions, we built BOAZ - an evasion tool serving both as a research instrument and an evasion framework. Through empirical experimentation, our findings reveal not only the varied performance of AV solutions against different evasion frameworks and techniques but also the potential for strategically combining these techniques to penetrate secured environments without needing commercial tools or zero-day exploits. Effectively, by understanding the building blocks of AV detection and evasion phases, anyone can develop their own evasion tool.\n\n\n","media":[],"title":"BOAZ, Yet Another layered Evasion Tool: Unveiling the Secrets Behind Antivirus Testing","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T17:50:00Z","end_timestamp":{"seconds":1723312200,"nanoseconds":0},"android_description":"Antivirus (AV) solutions, serving as the last line of defense on users’ endpoint devices, have evolved into highly complex entities. Often operated as 'black boxes' from user’s perspective due to proprietary and security reasons, the principle of 'security through obscurity' - though far from ideal - remains prevalent in the cat-and-mouse game between defenders and attackers. This dynamic places researchers and attackers in similar positions; while malware authors can fingerprint AV detection mechanisms through various evasion techniques, researchers can employ similar methods to identify improvement opportunities in security products.\nThis study evaluates the effectiveness and performance of AV solutions against 18 open-source evasion frameworks. Notably, no AV solution could detect all samples from open-source evasion tools, and conversely, no evasion tool could bypass all contemporary AVs. This limitation is primarily attributed to the AVs’ reliance on signature and heuristic engines to balance between performance, security and access (false-positive rates). To delve deeper into AV detection capabilities across signature, heuristic, and behavioral evasions, we built BOAZ - an evasion tool serving both as a research instrument and an evasion framework. Through empirical experimentation, our findings reveal not only the varied performance of AV solutions against different evasion frameworks and techniques but also the potential for strategically combining these techniques to penetrate secured environments without needing commercial tools or zero-day exploits. Effectively, by understanding the building blocks of AV detection and evasion phases, anyone can develop their own evasion tool.","updated_timestamp":{"seconds":1721541572,"nanoseconds":0},"speakers":[{"content_ids":[55285],"conference_id":133,"event_ids":[55675],"name":"Thomas X Meng","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55839}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-21T05:59:32Z","links":[],"end":"2024-08-10T17:50:00.000-0000","id":55675,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55839}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Nikkia Henderson is a 14 year tenured federal government employee. In her current role she is a Senior Advisor at the Cybersecurity Infrastructure Security Agency (CISA). She serves a Cyber Supply Chain Risk Management (C-SCRM) Strategy and Governance Program lead, within CISA’s Cybersecurity Division. Ms. Henderson is also the President of the Women in Cybersecurity Mid Atlantic Affiliate, where she serves as a \"cybHERprenuer\" who is passionate about helping Cybersecurity/IT professionals define their vision, mission, and federal career path. In this session, Ms. Henderson shares her journey into a federal cyber career. She will highlight her challenges as well as milestones that catapulted her to where she is today!\n\n\n","media":[],"title":"Fumbling into FedCyber","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:45:00Z","end_timestamp":{"seconds":1723311900,"nanoseconds":0},"android_description":"Nikkia Henderson is a 14 year tenured federal government employee. In her current role she is a Senior Advisor at the Cybersecurity Infrastructure Security Agency (CISA). She serves a Cyber Supply Chain Risk Management (C-SCRM) Strategy and Governance Program lead, within CISA’s Cybersecurity Division. Ms. Henderson is also the President of the Women in Cybersecurity Mid Atlantic Affiliate, where she serves as a \"cybHERprenuer\" who is passionate about helping Cybersecurity/IT professionals define their vision, mission, and federal career path. In this session, Ms. Henderson shares her journey into a federal cyber career. She will highlight her challenges as well as milestones that catapulted her to where she is today!","updated_timestamp":{"seconds":1721495243,"nanoseconds":0},"speakers":[{"content_ids":[55186,55197],"conference_id":133,"event_ids":[55576,55587],"name":"Nikkia Henderson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Program Operations Lead"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/nikkiahenderson/"}],"media":[],"id":55809,"title":"Program Operations Lead"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T17:07:23Z","links":[],"end":"2024-08-10T17:45:00.000-0000","id":55587,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55809}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-20T17:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hybrid Contest\r\nContest available online Friday 12:00 to Saturday 17:00\r\n\r\nThe BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”\n\n\n","media":[{"hash_sha256":"428e14f21b35d7673729fe64d1b505c806155472894b40ffe1ce7324527577b1","filetype":"image/png","hash_md5":"97e55dc0e441e94ee6f15b141155b4f9","name":"ct_bic-ctf.png","is_logo":"Y","hash_crc32c":"4ce34dd1","filesize":257047,"asset_id":628,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_bic-ctf.png"}],"title":"Blacks in Cyber CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Hybrid Contest\r\nContest available online Friday 12:00 to Saturday 17:00\r\n\r\nThe BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”","updated_timestamp":{"seconds":1721487832,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T15:03:52Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":55575,"tag_ids":[46372,46426,46439],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-20T15:03:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Every bug hunter knows the initial steps: reconnaissance, fuzzing, and asset enumeration, But what if I told you there's a way to get everything you need internally and have it handed to you on a silver platter? Join me as I share my journey as part of different security teams across my career. I'll reveal the methods and tricks I've developed to utilize internal systems to retrieve crucial data, significantly boosting productivity in finding and exploiting flaws in our code. I'll present success stories and real-life examples where researchers uncovered critical vulnerabilities with internal assistance. Additionally, I'll delve into the tactics and techniques I employ to obtain this valuable data, providing program owners with insights to elevate their game—if they dare to expose this information.\n\n\n","media":[],"title":"Leveraging Internal Systems for Enhanced Bug Bounty Success","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"Every bug hunter knows the initial steps: reconnaissance, fuzzing, and asset enumeration, But what if I told you there's a way to get everything you need internally and have it handed to you on a silver platter? Join me as I share my journey as part of different security teams across my career. I'll reveal the methods and tricks I've developed to utilize internal systems to retrieve crucial data, significantly boosting productivity in finding and exploiting flaws in our code. I'll present success stories and real-life examples where researchers uncovered critical vulnerabilities with internal assistance. Additionally, I'll delve into the tactics and techniques I employ to obtain this valuable data, providing program owners with insights to elevate their game—if they dare to expose this information.","updated_timestamp":{"seconds":1721438318,"nanoseconds":0},"speakers":[{"content_ids":[55179],"conference_id":133,"event_ids":[55567],"name":"Rotem Bar","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"@rotembar","sort_order":0,"url":"https://twitter.com/rotembar"}],"media":[],"id":54835}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T01:18:38Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#leveraging-internal-systems-for-enhanced-bug-bounty-success"}],"end":"2024-08-10T18:00:00.000-0000","id":55567,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54835}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-20T01:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Resume Reviews offer attendees the opportunity to have their resumes critiqued by industry professionals. This activity provides personalized feedback and tips on how to improve resumes to stand out in the cybersecurity job market. It's a great way for participants to enhance their professional profiles and increase their chances of landing their desired roles.\n\n\n","media":[],"title":"Resume Reviews","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Resume Reviews offer attendees the opportunity to have their resumes critiqued by industry professionals. This activity provides personalized feedback and tips on how to improve resumes to stand out in the cybersecurity job market. It's a great way for participants to enhance their professional profiles and increase their chances of landing their desired roles.","updated_timestamp":{"seconds":1721487270,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T14:54:30Z","links":[],"end":"2024-08-10T20:00:00.000-0000","id":55413,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Lonely Hackers Club Community Room Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1721276328,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-18T04:18:48Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55409,"tag_ids":[46406,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-18T04:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Unofficial Sticker Swap is a casual and engaging activity where attendees can trade and collect unique stickers. This event fosters a sense of community and allows participants to showcase their creativity and personal style. \n\n\n","media":[],"title":"LHC's Unofficial Sticker Swap Table","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The Unofficial Sticker Swap is a casual and engaging activity where attendees can trade and collect unique stickers. This event fosters a sense of community and allows participants to showcase their creativity and personal style.","updated_timestamp":{"seconds":1721487294,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T14:54:54Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55406,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Keyboard Corner hosts typing challenges that test the speed and accuracy of attendees' typing skills on various keyboards. Participants can compete for high scores and bragging rights in a friendly and competitive setting. This activity adds an element of fun and excitement to the conference while highlighting the importance of efficient typing in cybersecurity.\n\n\n","media":[],"title":"Egor's Keyboard Corner","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"Keyboard Corner hosts typing challenges that test the speed and accuracy of attendees' typing skills on various keyboards. Participants can compete for high scores and bragging rights in a friendly and competitive setting. This activity adds an element of fun and excitement to the conference while highlighting the importance of efficient typing in cybersecurity.","updated_timestamp":{"seconds":1721487260,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-20T14:54:20Z","links":[],"end":"2024-08-11T01:00:00.000-0000","id":55403,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We reopen at 10:00am and accept drives until we reach capacity (usually late Friday or early Saturday).  Then we copy and copy all the things until we just can't copy any more - first come, first served.  Don't forget - some require 8TB drives now. We run around the clock until we run out of time on Sunday morning with the last possible pickup being before 11:00am on Sunday.\r\n\r\n# About Us\r\n\r\nThe Data Duplication Village has all the updated bits and bytes available from infocon.org packed up into nice, neat packages. If you're looking for a copy of all the things, we've got what you need to fill up all your storage including a few nice hash tables and all of the DefCon talks. Add to that just about every other security con talk known to hacker-kind! Our village provides a \"free-to-you\" service of direct access to terabytes of useful data to help build those hacking skills and talk with other storage enthusiasts.\r\n\r\nCheck the schedule and/or dcddv.org for the most up-to-date information.\r\n\r\n## How It Works\r\n\r\nThe DDV provides a core set of drive duplicators and data content options. We accept 8TB and larger drives on a first come, first served basis and duplicate 'till we can no longer see straight. Bring in your blank SATA3 drives - check them in early - to get the data you want. Come back in about 24 hours to pick up your data-packed drive. Space allowing, we'll accept drives all the way through until Saturday morning - but remember, it's FIFO - get those drives in early!\r\n\r\n## What You Get\r\n\r\nWe're working on more content right up until the last minute so keep checking on dcddv.org for the latest. This year, we're adding new data to duplicate! Humans will be able to choose from the following data sources for duplication:\r\n\r\n- A) Infocon.org Archive - 6TB archive of all the past hacking convention videos that DT could find, built on last years collection and always adding more for your data consuming appetite.\r\n- B) Rainbow tables 1 of 3 - 6TB from freerainbowtables.com, the Lanman, MSQLSHA1, and NTLM hash tables plus freerainbowtables.com tools\r\n- C) Rainbow tables 2 of 3 - 6TB from freerainbowtables.com, the A5/1 GSM, and MD5 tables plus freerainbowtables.com tools\r\n- D) Vx Underground Archive - 8TB archive of the latest papers, samples, and code from Vx Underground\r\n- E) Rainbow tables 3 of 3 - 8TB of New NTLM-9 hash tables and a copy of the Infocon.org mirrors\r\n\n\n\n","media":[],"title":"DDV open and accepting drives for duplication","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"We reopen at 10:00am and accept drives until we reach capacity (usually late Friday or early Saturday).  Then we copy and copy all the things until we just can't copy any more - first come, first served.  Don't forget - some require 8TB drives now. We run around the clock until we run out of time on Sunday morning with the last possible pickup being before 11:00am on Sunday.\r\n\r\n# About Us\r\n\r\nThe Data Duplication Village has all the updated bits and bytes available from infocon.org packed up into nice, neat packages. If you're looking for a copy of all the things, we've got what you need to fill up all your storage including a few nice hash tables and all of the DefCon talks. Add to that just about every other security con talk known to hacker-kind! Our village provides a \"free-to-you\" service of direct access to terabytes of useful data to help build those hacking skills and talk with other storage enthusiasts.\r\n\r\nCheck the schedule and/or dcddv.org for the most up-to-date information.\r\n\r\n## How It Works\r\n\r\nThe DDV provides a core set of drive duplicators and data content options. We accept 8TB and larger drives on a first come, first served basis and duplicate 'till we can no longer see straight. Bring in your blank SATA3 drives - check them in early - to get the data you want. Come back in about 24 hours to pick up your data-packed drive. Space allowing, we'll accept drives all the way through until Saturday morning - but remember, it's FIFO - get those drives in early!\r\n\r\n## What You Get\r\n\r\nWe're working on more content right up until the last minute so keep checking on dcddv.org for the latest. This year, we're adding new data to duplicate! Humans will be able to choose from the following data sources for duplication:\r\n\r\n- A) Infocon.org Archive - 6TB archive of all the past hacking convention videos that DT could find, built on last years collection and always adding more for your data consuming appetite.\r\n- B) Rainbow tables 1 of 3 - 6TB from freerainbowtables.com, the Lanman, MSQLSHA1, and NTLM hash tables plus freerainbowtables.com tools\r\n- C) Rainbow tables 2 of 3 - 6TB from freerainbowtables.com, the A5/1 GSM, and MD5 tables plus freerainbowtables.com tools\r\n- D) Vx Underground Archive - 8TB archive of the latest papers, samples, and code from Vx Underground\r\n- E) Rainbow tables 3 of 3 - 8TB of New NTLM-9 hash tables and a copy of the Infocon.org mirrors","updated_timestamp":{"seconds":1722478167,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-01T02:09:27Z","links":[{"label":"More Info","type":"link","url":"https://dcddv.org"}],"end":"2024-08-11T00:00:00.000-0000","id":55189,"tag_ids":[46378,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W225","hotel":"","short_name":"W225","id":46291},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-08-01T02:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"OSINT is a great mechanism for the collection of data, but what do you do with all of it once it’s collected? It can take significant time with the human eye to analyze each image or video. Furthermore, you may miss important artifacts in the foreground or background. Computer vision can churn through the plethora of data to pull out the relevant evidence at lightning speed. For the last 5 years we’ve been exploring the use of Azure and AWS for computer vision to rapidly process large sets of image and video data acquisitions for forensic evidence.Through the use of AI we have analyzed thousands of images and videos to perform object detection, facial recognition, OCR, voice to text analysis, and more. In this session we’ll explore the use of cloud platforms to exponentially increase your analysis of uncovering key artifacts to your case using demos and real world examples. We then apply chronolocation analysis to allow an investigator to paint a true-life narrative, for example an individual with a weapon at a location at a particular time. We’ll provide live demos of common scenarios to reveal benefits to processing your data collections in a rapid, efficient, comprehensive, and accurate manner. We’ll then wrap-up the presentation with additional AI computer vision recommendations and resources.\n\n\n","media":[],"title":"Using AI Computer Vision in Your OSINT Data Analysis","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"OSINT is a great mechanism for the collection of data, but what do you do with all of it once it’s collected? It can take significant time with the human eye to analyze each image or video. Furthermore, you may miss important artifacts in the foreground or background. Computer vision can churn through the plethora of data to pull out the relevant evidence at lightning speed. For the last 5 years we’ve been exploring the use of Azure and AWS for computer vision to rapidly process large sets of image and video data acquisitions for forensic evidence.Through the use of AI we have analyzed thousands of images and videos to perform object detection, facial recognition, OCR, voice to text analysis, and more. In this session we’ll explore the use of cloud platforms to exponentially increase your analysis of uncovering key artifacts to your case using demos and real world examples. We then apply chronolocation analysis to allow an investigator to paint a true-life narrative, for example an individual with a weapon at a location at a particular time. We’ll provide live demos of common scenarios to reveal benefits to processing your data collections in a rapid, efficient, comprehensive, and accurate manner. We’ll then wrap-up the presentation with additional AI computer vision recommendations and resources.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54595],"conference_id":133,"event_ids":[54970],"name":"Mike Raggo","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54318}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":54970,"tag_ids":[46169,46385,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54318}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This presentation delves into the intricate process of generating a Software Bill of Materials (SBOM) for the Bob the Minions WiFi router by Davolink—a device whose firmware isn't publicly available. Traditional SBOM creation methods rely on readily accessible firmware, but Davolink's restricted release policies necessitated an unconventional approach. This talk covers the step-by-step journey of hardware disassembly, firmware extraction via SPI flash and JTAG/SWD interfaces, and the tools and techniques employed. Finally, we'll demonstrate how the recovered firmware is used to generate a comprehensive SBOM, highlighting any security vulnerabilities discovered and reported to the vendor. This session aims to provide attendees with practical insights into overcoming SBOM generation challenges in the IoT domain through hands-on hardware hacking, and leveraging the firmware and SBOMs for vulnerability discovery, as well as security improvement.\n\n\n","media":[],"title":"SBOMs the Hard Way: Hacking Bob the Minion","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:30:00Z","end_timestamp":{"seconds":1723311000,"nanoseconds":0},"android_description":"This presentation delves into the intricate process of generating a Software Bill of Materials (SBOM) for the Bob the Minions WiFi router by Davolink—a device whose firmware isn't publicly available. Traditional SBOM creation methods rely on readily accessible firmware, but Davolink's restricted release policies necessitated an unconventional approach. This talk covers the step-by-step journey of hardware disassembly, firmware extraction via SPI flash and JTAG/SWD interfaces, and the tools and techniques employed. Finally, we'll demonstrate how the recovered firmware is used to generate a comprehensive SBOM, highlighting any security vulnerabilities discovered and reported to the vendor. This session aims to provide attendees with practical insights into overcoming SBOM generation challenges in the IoT domain through hands-on hardware hacking, and leveraging the firmware and SBOMs for vulnerability discovery, as well as security improvement.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54594],"conference_id":133,"event_ids":[54969],"name":"Larry Pesce","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"\"Paul's Security Weekly\" podcast","title":"Co-Founder and Co-Host"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@haxorthematrix)","sort_order":0,"url":"https://twitter.com/haxorthematrix"}],"media":[],"id":54319,"title":"Co-Founder and Co-Host at \"Paul's Security Weekly\" podcast"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T17:30:00.000-0000","id":54969,"tag_ids":[46169,46383,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54319}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the vast expanse of space, holographic teleportation—a futuristic blend of holography and teleportation—has revolutionized astronaut communication. Imagine beaming a lifelike 3D image of yourself across light-years. Now, consider its potential in medicine: remote surgeries, expert consultations, and training—where distance dissolves, and expertise transcends borders. Buckle up; holoconnect is our cosmic ticket to healing!\n\n\n","media":[],"title":"Bridging Space and Medicine","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T18:00:00Z","end_timestamp":{"seconds":1723312800,"nanoseconds":0},"android_description":"In the vast expanse of space, holographic teleportation—a futuristic blend of holography and teleportation—has revolutionized astronaut communication. Imagine beaming a lifelike 3D image of yourself across light-years. Now, consider its potential in medicine: remote surgeries, expert consultations, and training—where distance dissolves, and expertise transcends borders. Buckle up; holoconnect is our cosmic ticket to healing!","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54592],"conference_id":133,"event_ids":[54967],"name":"Fernando De La Peña Llaca","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Aexa Aerospace","title":""}],"links":[],"pronouns":null,"media":[],"id":54288,"title":"Aexa Aerospace"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T18:00:00.000-0000","id":54967,"tag_ids":[46169,46371,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54288}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ever since the pandemic and the rising popularity of work-from-home and hybrid models, there has been an increase in the usage of browsers, particularly video conferencing and collaboration applications. While some extensions enhance the user experience, some can gravely affect users' privacy and security. \r\n\r\nOver the past few years, extensions have gained recognition for nefarious activities, from simple color picker extensions to productivity-first AI extensions. And now more than ever, attackers are leveraging malicious extensions to steal user data, promote ads, affiliate marketing, and more. Realizing the abuse, Google pivoted from the MV2 model to the latest MV3, providing better security and locking down the extension from running rampant. While some security measures have been introduced in MV3, it is far from safe. In this talk, we will be demonstrating a suite of attacks, while requiring the least amount of permissions, which 95% of extensions on the Chrome store have. We will showcase stealth stealing of webcam feed, audio streams, clipboard data, and stealing credentials from other extensions like password managers. \r\n\r\nMV3 also introduced security measures to block the usage of functions like eval and new Function that allowed arbitrary code execution. We’ll showcase how an extension can still do arbitrary code execution effectively bypassing the MV3 restrictions. \r\n\r\nIn this talk, we will also propose changes to the extension security model to prevent the lurking loopholes. We will also be demonstrating how malicious extensions can interfere with other extensions and steal sensitive information such as Credit card, passwords, OTP, etc, from other extensions. \r\n\n\n\n","media":[],"title":"Sneaky Extensions: The MV3 Escape Artists","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T17:30:00Z","end_timestamp":{"seconds":1723311000,"nanoseconds":0},"android_description":"Ever since the pandemic and the rising popularity of work-from-home and hybrid models, there has been an increase in the usage of browsers, particularly video conferencing and collaboration applications. While some extensions enhance the user experience, some can gravely affect users' privacy and security. \r\n\r\nOver the past few years, extensions have gained recognition for nefarious activities, from simple color picker extensions to productivity-first AI extensions. And now more than ever, attackers are leveraging malicious extensions to steal user data, promote ads, affiliate marketing, and more. Realizing the abuse, Google pivoted from the MV2 model to the latest MV3, providing better security and locking down the extension from running rampant. While some security measures have been introduced in MV3, it is far from safe. In this talk, we will be demonstrating a suite of attacks, while requiring the least amount of permissions, which 95% of extensions on the Chrome store have. We will showcase stealth stealing of webcam feed, audio streams, clipboard data, and stealing credentials from other extensions like password managers. \r\n\r\nMV3 also introduced security measures to block the usage of functions like eval and new Function that allowed arbitrary code execution. We’ll showcase how an extension can still do arbitrary code execution effectively bypassing the MV3 restrictions. \r\n\r\nIn this talk, we will also propose changes to the extension security model to prevent the lurking loopholes. We will also be demonstrating how malicious extensions can interfere with other extensions and steal sensitive information such as Credit card, passwords, OTP, etc, from other extensions.","updated_timestamp":{"seconds":1720393807,"nanoseconds":0},"speakers":[{"content_ids":[54555,54470,55984,55899],"conference_id":133,"event_ids":[56606,56486,54843,54930],"name":"Vivek Ramachandran","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SquareX","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/vivekramachandran/"},{"description":"","title":"Twitter (@vivekramac)","sort_order":0,"url":"https://x.com/vivekramac"}],"media":[],"id":54075,"title":"Founder at SquareX"},{"content_ids":[54555],"conference_id":133,"event_ids":[54930],"name":"Shourya Pratap Singh","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SquareX","title":"Principal Software Engineer"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/shouryaps/"},{"description":"","title":"Twitter (@shouryaps)","sort_order":0,"url":"https://x.com/shouryaps"}],"media":[],"id":55879,"title":"Principal Software Engineer at SquareX"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T23:10:07Z","links":[],"end":"2024-08-10T17:30:00.000-0000","id":54930,"tag_ids":[46169,46367,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":54075},{"tag_id":46167,"sort_order":4,"person_id":55879}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-07T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Pwnies are an annual awards ceremony celebrating and making fun of the achievements and failures of security researchers and the wider security community. Every year, members of the infosec community nominate the best research and exploits they’ve seen. The Pwnie Award nominations are judged by a panel of respected security researchers and former pwnie award recipients – the closest to a jury of peers a hacker is likely to ever get. At this event DEF CON attendees will get a first person look at some of the most groundbreaking research and hacks in the cyber security community of the past year, and the winners get some well deserved recognition from the broader community for the great work they’ve done. \n\n\n","media":[],"title":"The Pwnie Awards","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T17:45:00Z","end_timestamp":{"seconds":1723311900,"nanoseconds":0},"android_description":"The Pwnies are an annual awards ceremony celebrating and making fun of the achievements and failures of security researchers and the wider security community. Every year, members of the infosec community nominate the best research and exploits they’ve seen. The Pwnie Award nominations are judged by a panel of respected security researchers and former pwnie award recipients – the closest to a jury of peers a hacker is likely to ever get. At this event DEF CON attendees will get a first person look at some of the most groundbreaking research and hacks in the cyber security community of the past year, and the winners get some well deserved recognition from the broader community for the great work they’ve done.","updated_timestamp":{"seconds":1720307459,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-06T23:10:59Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249529"},{"label":"Website","type":"link","url":"https://pwnies.com/"},{"label":"Twitter (@pwnieawards)","type":"link","url":"https://twitter.com/pwnieawards"}],"end":"2024-08-10T17:45:00.000-0000","id":54853,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"MicroPython is a firmware environment for quickly developing and deploying software onto microcontroller systems. It is used in a variety of industrial and scientific applications, as well as (most importantly) in some DEF CON #badgelife projects. It's easy to learn and use for rapid prototyping.\r\n\r\nFor hackers interested in reverse engineering compiled or obfuscated MicroPython code, there are some obstacles. MicroPython is an implementation of CPython, not a port, so it has its own compiled bytecode language that existing reverse engineering tools aren't designed to parse. Also, modules can be \"frozen\", compiled directly into the microcontroller firmware, and may be difficult to locate and parse when microcontroller firmware is extracted and analyzed.\r\n\r\nIn this talk, Wesley will walk the audience through the process of identifying \"frozen\"/compiled modules in a firmware image without debug symbols using the Ghidra disassembler. The relevant module, string, object, and raw code data structures will be detailed, so that everything required to rebuild a non-frozen module can recovered. Once a compiled module is reconstructed, Wesley will present a detailed example of reading and understanding MicroPython compiled bytecode, for the purpose of reverse engineering the purpose and implementation of the module.\r\n\r\n- Micropython source code\r\n- Official documentation, including:\r\n - .mpy files: [link](https://docs.micropython.org/en/latest/reference/mpyfiles.html)\r\n - Micropython internals: [link](https://docs.micropython.org/en/latest/develop/index.html)\r\n- \"Securing a MicroPython System\" [link](https://github.com/micropython/micropython/wiki/Securing-a-MicroPython-system)\r\n- The collected Raspberry Pi Pico documentation for my test environment [link](https://www.raspberrypi.com/documentation/microcontrollers/raspberry-pi-pico.html#documentation)\r\n- Andrew Leech - \"Profiling Pathogens with (micro) Python\" [link](https://www.youtube.com/watch?v=YovngSLXoxw)\r\n- Kevin McAleer - \"Securing Passwords with MicroPython\" [link](https://www.youtube.com/watch?v=fl3UNaUoYzc)\r\n- C. Spindler - \"MicroPython used in industrial applications\" [link](https://www.youtube.com/watch?v=xDPdvjNxyWs)\r\n- \"MicroPython and the European Space Agency\" [link](https://forum.micropython.org/viewtopic.php?f=8&t=744)\r\n\n\n\n","media":[],"title":"Reverse Engineering MicroPython Frozen Modules: Data Structures, Reconstruction, and Reading Bytecode","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T17:45:00Z","end_timestamp":{"seconds":1723311900,"nanoseconds":0},"android_description":"MicroPython is a firmware environment for quickly developing and deploying software onto microcontroller systems. It is used in a variety of industrial and scientific applications, as well as (most importantly) in some DEF CON #badgelife projects. It's easy to learn and use for rapid prototyping.\r\n\r\nFor hackers interested in reverse engineering compiled or obfuscated MicroPython code, there are some obstacles. MicroPython is an implementation of CPython, not a port, so it has its own compiled bytecode language that existing reverse engineering tools aren't designed to parse. Also, modules can be \"frozen\", compiled directly into the microcontroller firmware, and may be difficult to locate and parse when microcontroller firmware is extracted and analyzed.\r\n\r\nIn this talk, Wesley will walk the audience through the process of identifying \"frozen\"/compiled modules in a firmware image without debug symbols using the Ghidra disassembler. The relevant module, string, object, and raw code data structures will be detailed, so that everything required to rebuild a non-frozen module can recovered. Once a compiled module is reconstructed, Wesley will present a detailed example of reading and understanding MicroPython compiled bytecode, for the purpose of reverse engineering the purpose and implementation of the module.\r\n\r\n- Micropython source code\r\n- Official documentation, including:\r\n - .mpy files: [link](https://docs.micropython.org/en/latest/reference/mpyfiles.html)\r\n - Micropython internals: [link](https://docs.micropython.org/en/latest/develop/index.html)\r\n- \"Securing a MicroPython System\" [link](https://github.com/micropython/micropython/wiki/Securing-a-MicroPython-system)\r\n- The collected Raspberry Pi Pico documentation for my test environment [link](https://www.raspberrypi.com/documentation/microcontrollers/raspberry-pi-pico.html#documentation)\r\n- Andrew Leech - \"Profiling Pathogens with (micro) Python\" [link](https://www.youtube.com/watch?v=YovngSLXoxw)\r\n- Kevin McAleer - \"Securing Passwords with MicroPython\" [link](https://www.youtube.com/watch?v=fl3UNaUoYzc)\r\n- C. Spindler - \"MicroPython used in industrial applications\" [link](https://www.youtube.com/watch?v=xDPdvjNxyWs)\r\n- \"MicroPython and the European Space Agency\" [link](https://forum.micropython.org/viewtopic.php?f=8&t=744)","updated_timestamp":{"seconds":1720462876,"nanoseconds":0},"speakers":[{"content_ids":[55326,54479,54212],"conference_id":133,"event_ids":[55718,54585,54852],"name":"Wesley McGrew","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MartinFederal","title":"Senior Cybersecurity Fellow"}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@mcgrew@defcon.social)","sort_order":0,"url":"https://defcon.social/@mcgrew"},{"description":"","title":"MixCloud","sort_order":0,"url":"https://www.mixcloud.com/wesmcgrew/stream/"},{"description":"","title":"Twitter (@McGrewSecurity)","sort_order":0,"url":"https://twitter.com/McGrewSecurity"}],"media":[],"id":54044,"title":"Senior Cybersecurity Fellow at MartinFederal"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:21:16Z","links":[],"end":"2024-08-10T17:45:00.000-0000","id":54852,"tag_ids":[46166,46169,46419,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54044}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-08T18:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Physical access control systems are often exploited in a number of ways. It could be weaknesses found within the credential itself, the antiquated communication protocol, the hardware itself, or the firmware it is running. But more often than not, it is a combination of factors that allow a variety of attacks from multiple dimensions. Some are extremely trivial and require little to no skill to perform, whereas some attacks require a bit more setup and knowledge of how the underlying technology works. We will go into detail on how these systems work, why verifying mutual authentication is important for physical access control systems and the exploits that can be accomplished, as well as ways to mitigate these exploits to make your facility more secure. This talk will include interactive demos involving official HID readers and hardware, proxmark3, and the flipper zero.\r\n\r\n- [link](https://www.hidglobal.com/doclib/files/resource_files/an0109_a.2_credential_id_markings_application_note.pdf)\r\n- [link](https://gist.github.com/bettse/36f25f9a2fcca74d773587cc8e780766)\r\n- [link](https://ipvm.com/reports/hid-downgrade)\r\n- [link](https://ipvm.com/reports/iclass-se-not-cracked)\r\n- [link](https://github.com/RfidResearchGroup/proxmark3/blob/master/doc/hid_downgrade.md)\r\n\n\n\n","media":[],"title":"Mutual authentication is optional","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T17:20:00Z","end_timestamp":{"seconds":1723310400,"nanoseconds":0},"android_description":"Physical access control systems are often exploited in a number of ways. It could be weaknesses found within the credential itself, the antiquated communication protocol, the hardware itself, or the firmware it is running. But more often than not, it is a combination of factors that allow a variety of attacks from multiple dimensions. Some are extremely trivial and require little to no skill to perform, whereas some attacks require a bit more setup and knowledge of how the underlying technology works. We will go into detail on how these systems work, why verifying mutual authentication is important for physical access control systems and the exploits that can be accomplished, as well as ways to mitigate these exploits to make your facility more secure. This talk will include interactive demos involving official HID readers and hardware, proxmark3, and the flipper zero.\r\n\r\n- [link](https://www.hidglobal.com/doclib/files/resource_files/an0109_a.2_credential_id_markings_application_note.pdf)\r\n- [link](https://gist.github.com/bettse/36f25f9a2fcca74d773587cc8e780766)\r\n- [link](https://ipvm.com/reports/hid-downgrade)\r\n- [link](https://ipvm.com/reports/iclass-se-not-cracked)\r\n- [link](https://github.com/RfidResearchGroup/proxmark3/blob/master/doc/hid_downgrade.md)","updated_timestamp":{"seconds":1720462829,"nanoseconds":0},"speakers":[{"content_ids":[54478],"conference_id":133,"event_ids":[54851],"name":"Xavier Zhang","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":"he/him","media":[],"id":54101}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:20:29Z","links":[],"end":"2024-08-10T17:20:00.000-0000","id":54851,"tag_ids":[46166,46169,46419,46880],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54101}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-08T18:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"CSC ServiceWorks is a large vendor of pay-to-play laundry machines in apartments and condomiums. Most are Speed Queens, but newer CSC-branded machines use an app for payment and have custom circuitry inside. Many however accept quarters as well. We show that, when all else fails, you can always physically bypass the coin slot to run the machines for free.\r\n\r\n00. [link](https://www.cscsw.com/)\r\n01. [link](https://www.getcscgo.com/)\r\n02. [link](https://www.getwashfree.com/)\r\n03. [link](https://www.law.com/delbizcourt/2023/03/16/mobile-payments-company-alleges-laundry-machine-operator-faked-partnership-move-to-develop-competing-system/)\r\n04. [link](https://www.cscadminfeesettlement.com/)\r\n05. [link](https://www.bbb.org/us/ny/melville/profile/laundry-equipment/csc-serviceworks-inc-0121-73322/customer-reviews)\r\n06. [link](https://www.yelp.com/biz/csc-serviceworks-industry)\r\n07. [link](https://goo.gl/maps/5qch79evK6jSyXug6)\r\n08. [link](https://michael.orlitzky.com/documents/csc/sdgx09wf-manual.pdf)\r\n09. [link](https://michael.orlitzky.com/documents/csc/sfnbcasp-manual.pdf)\r\n10. [link](https://michael.orlitzky.com/documents/csc/sfnncasp-manual.pdf)\r\n11. [link](https://covertinstruments.com/products/covert-tubular-lock-pick)\r\n12. [link](https://www.toool.us/lockpicking-laws.php)\r\n13. [link](https://alliancelaundry.com/)\r\n14. [link](https://parts.alliancelaundry.com/i-7549723-alliance-54612-washer-dryer-key-gr-800.html)\r\n15. [link](https://www.amazon.com/dp/B079L6VWCH)\r\n16. [link](https://www.tiktok.com/@depressedinfluencer/video/7127426562961640750)\r\n17. [link](https://www.youtube.com/watch?v=70W5fyZGYvA)\r\n18. [link](https://www.youtube.com/watch?v=3vn-pGqZGp0)\r\n19. [link](https://www.amazon.com/dp/B0973V2W67)\r\n20. [link](https://michael.orlitzky.com/articles/csc_serviceworks_laundry_machine_coin_bypass.xhtml)\r\n\n\n\n","media":[],"title":"Laundering Money","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T17:20:00Z","end_timestamp":{"seconds":1723310400,"nanoseconds":0},"android_description":"CSC ServiceWorks is a large vendor of pay-to-play laundry machines in apartments and condomiums. Most are Speed Queens, but newer CSC-branded machines use an app for payment and have custom circuitry inside. Many however accept quarters as well. We show that, when all else fails, you can always physically bypass the coin slot to run the machines for free.\r\n\r\n00. [link](https://www.cscsw.com/)\r\n01. [link](https://www.getcscgo.com/)\r\n02. [link](https://www.getwashfree.com/)\r\n03. [link](https://www.law.com/delbizcourt/2023/03/16/mobile-payments-company-alleges-laundry-machine-operator-faked-partnership-move-to-develop-competing-system/)\r\n04. [link](https://www.cscadminfeesettlement.com/)\r\n05. [link](https://www.bbb.org/us/ny/melville/profile/laundry-equipment/csc-serviceworks-inc-0121-73322/customer-reviews)\r\n06. [link](https://www.yelp.com/biz/csc-serviceworks-industry)\r\n07. [link](https://goo.gl/maps/5qch79evK6jSyXug6)\r\n08. [link](https://michael.orlitzky.com/documents/csc/sdgx09wf-manual.pdf)\r\n09. [link](https://michael.orlitzky.com/documents/csc/sfnbcasp-manual.pdf)\r\n10. [link](https://michael.orlitzky.com/documents/csc/sfnncasp-manual.pdf)\r\n11. [link](https://covertinstruments.com/products/covert-tubular-lock-pick)\r\n12. [link](https://www.toool.us/lockpicking-laws.php)\r\n13. [link](https://alliancelaundry.com/)\r\n14. [link](https://parts.alliancelaundry.com/i-7549723-alliance-54612-washer-dryer-key-gr-800.html)\r\n15. [link](https://www.amazon.com/dp/B079L6VWCH)\r\n16. [link](https://www.tiktok.com/@depressedinfluencer/video/7127426562961640750)\r\n17. [link](https://www.youtube.com/watch?v=70W5fyZGYvA)\r\n18. [link](https://www.youtube.com/watch?v=3vn-pGqZGp0)\r\n19. [link](https://www.amazon.com/dp/B0973V2W67)\r\n20. [link](https://michael.orlitzky.com/articles/csc_serviceworks_laundry_machine_coin_bypass.xhtml)","updated_timestamp":{"seconds":1720462817,"nanoseconds":0},"speakers":[{"content_ids":[54477],"conference_id":133,"event_ids":[54850],"name":"Michael Orlitzky","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"michael.orlitzky.com/","sort_order":0,"url":"https://michael.orlitzky.com/"}],"media":[],"id":54108}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-08T18:20:17Z","links":[],"end":"2024-08-10T17:20:00.000-0000","id":54850,"tag_ids":[46166,46419,46879],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54108}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-08T18:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The year is 1984… Ronald Reagan is President, it is a “New Mourning in America.” In Texas, a small cabal of malcontents meet in an abandoned slaughterhouse, decorated with heavy metal band posters, satanic iconography, and, most ominously, the skull of a DEAD COW… As pirated copies of speedmetal and punk music play in the background, these erstwhile revolutionaries speak of their disillusion with The Way Things Are, and their obsession with their new computers. All over America, teens were waking to not just the typical dissatisfaction of adolescence, but the awareness that via these new modes of communication and interaction, they could meet like-minded others, have some illicit fun, and maybe, just maybe, change the goddamn world.\r\n\r\n1984 wasn’t the beginning of hacking, but brought perhaps the first real blossoming of the culture. The spread of the personal computer, and the modem, brought the birth of not just cDc, but the Legion of Doom, and 2600 Magazine. 1985 would bring Phrack Magazine, and a true explosion in the written culture, with t-files becoming the currency of the Truly Elite. In this session, members of cDc, 2600, LoD, MoD, and r00t will talk about what made them hackers and phreaks, swap stories, and answer questions posed by Prof. Walter Scheirer of the University of Notre Dame and audience Q&A.\n\n\n","media":[],"title":"CULT OF THE DEAD COW & Friends Present: Prime Cuts from Hacker History - 40 Years of 31337","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"The year is 1984… Ronald Reagan is President, it is a “New Mourning in America.” In Texas, a small cabal of malcontents meet in an abandoned slaughterhouse, decorated with heavy metal band posters, satanic iconography, and, most ominously, the skull of a DEAD COW… As pirated copies of speedmetal and punk music play in the background, these erstwhile revolutionaries speak of their disillusion with The Way Things Are, and their obsession with their new computers. All over America, teens were waking to not just the typical dissatisfaction of adolescence, but the awareness that via these new modes of communication and interaction, they could meet like-minded others, have some illicit fun, and maybe, just maybe, change the goddamn world.\r\n\r\n1984 wasn’t the beginning of hacking, but brought perhaps the first real blossoming of the culture. The spread of the personal computer, and the modem, brought the birth of not just cDc, but the Legion of Doom, and 2600 Magazine. 1985 would bring Phrack Magazine, and a true explosion in the written culture, with t-files becoming the currency of the Truly Elite. In this session, members of cDc, 2600, LoD, MoD, and r00t will talk about what made them hackers and phreaks, swap stories, and answer questions posed by Prof. Walter Scheirer of the University of Notre Dame and audience Q&A.","updated_timestamp":{"seconds":1720377096,"nanoseconds":0},"speakers":[{"content_ids":[54476],"conference_id":133,"event_ids":[54849],"name":"Patrick “Lord Digital” Kroupa","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54094},{"content_ids":[54476],"conference_id":133,"event_ids":[54849],"name":"Emmanuel Goldstein","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54130},{"content_ids":[54476],"conference_id":133,"event_ids":[54849],"name":"John Threat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54166},{"content_ids":[54476],"conference_id":133,"event_ids":[54849],"name":"Walter J. Scheirer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54175},{"content_ids":[54476],"conference_id":133,"event_ids":[54849],"name":"X","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54177},{"content_ids":[54476],"conference_id":133,"event_ids":[54849],"name":"Deth Veggie","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Bsky","sort_order":0,"url":"https://bsky.app/profile/dethveggie.bsky.social"}],"media":[],"id":54189},{"content_ids":[54476],"conference_id":133,"event_ids":[54849],"name":"TommydCat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54192}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-07T18:31:36Z","links":[],"end":"2024-08-10T18:45:00.000-0000","id":54849,"tag_ids":[46166,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54189},{"tag_id":46167,"sort_order":4,"person_id":54175},{"tag_id":46167,"sort_order":6,"person_id":54094},{"tag_id":46167,"sort_order":8,"person_id":54166},{"tag_id":46167,"sort_order":10,"person_id":54130},{"tag_id":46167,"sort_order":12,"person_id":54177},{"tag_id":46167,"sort_order":14,"person_id":54192}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-07T18:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DEF CON has made HDA a community, and we now have a community room! This room will be dedicated to the attendees with ADA needs, their friends, helpers, and anyone who wants to hang out and be social! So far we plan on providing charging stations, chill out sessions, an open call for a modular synth jam session, and more to come! Let's all work together to make DEFCON Awesomely Accessible!\r\n\r\n(Please note that on Thursday, we will be open only to provide assistance to those in need. Regular community programming will begin on Friday.)\r\n\r\nHang out, chill out deck out your mobility device and more!\n\n\n","media":[],"title":"HDA Community - Open for Accessibility Questions/Help","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T07:00:00Z","end_timestamp":{"seconds":1723359600,"nanoseconds":0},"android_description":"DEF CON has made HDA a community, and we now have a community room! This room will be dedicated to the attendees with ADA needs, their friends, helpers, and anyone who wants to hang out and be social! So far we plan on providing charging stations, chill out sessions, an open call for a modular synth jam session, and more to come! Let's all work together to make DEFCON Awesomely Accessible!\r\n\r\n(Please note that on Thursday, we will be open only to provide assistance to those in need. Regular community programming will begin on Friday.)\r\n\r\nHang out, chill out deck out your mobility device and more!","updated_timestamp":{"seconds":1722140938,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T04:28:58Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/242670"},{"label":"Official HDA Policy","type":"link","url":"https://defcon.org/html/links/dc-hda.html"}],"end":"2024-08-11T07:00:00.000-0000","id":54572,"tag_ids":[46362,46404],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46251,"name":"LVCC - L1 - W110 (HDA)","hotel":"","short_name":"W110 (HDA)","id":46280},"spans_timebands":"Y","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-07-28T04:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"MITRE Caldera is a scalable, automated adversary emulation, open-source cybersecurity platform developed by MITRE. It empowers cyber practitioners to save time, money, and energy through automated security assessments. Caldera not only tests and evaluates detection/analytic and response platforms, but it also provides the capability for your red team to perform manual assessments with computer assistance. This is achieved by augmenting existing offensive toolsets. The framework can be extended to integrate with any custom tools you may have. The development team behind the platform is a group of red teamers, software developers, exploit writers, cyber threat analysts, AI researchers, cybersecurity engineers, and computer scientists. They all pursue the common goal of building a premier adversary emulation platform for our security defenders around the world.\n\n\n","media":[],"title":"MITRE Caldera","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"MITRE Caldera is a scalable, automated adversary emulation, open-source cybersecurity platform developed by MITRE. It empowers cyber practitioners to save time, money, and energy through automated security assessments. Caldera not only tests and evaluates detection/analytic and response platforms, but it also provides the capability for your red team to perform manual assessments with computer assistance. This is achieved by augmenting existing offensive toolsets. The framework can be extended to integrate with any custom tools you may have. The development team behind the platform is a group of red teamers, software developers, exploit writers, cyber threat analysts, AI researchers, cybersecurity engineers, and computer scientists. They all pursue the common goal of building a premier adversary emulation platform for our security defenders around the world.","updated_timestamp":{"seconds":1718922800,"nanoseconds":0},"speakers":[{"content_ids":[55986,54197],"conference_id":133,"event_ids":[56608,54566],"name":"Mark Perry","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MITRE Corp","title":"Lead Applied Cyber Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/mark-perry-2a4a8451"}],"media":[],"id":53755,"title":"Lead Applied Cyber Security Engineer at MITRE Corp"},{"content_ids":[55986,54197],"conference_id":133,"event_ids":[56608,54566],"name":"Rachel Murphy","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MITRE Corp","title":"Cyber Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/rachelcmurphy"}],"media":[],"id":53769,"title":"Cyber Security Engineer at MITRE Corp"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:33:20Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249626"},{"label":"Project","type":"link","url":"https://github.com/mitre/caldera "}],"end":"2024-08-10T18:45:00.000-0000","id":54566,"tag_ids":[46169,46441,46445,46455],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53755},{"tag_id":46167,"sort_order":4,"person_id":53769}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W308","hotel":"","short_name":"W308","id":46321},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-06-20T22:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Imagine GCHQ's CyberChef integrated in BurpSuite with live modification of requests at your fingertips. That's exactly what we had in mind when we built the Cyber Security Transformation Chef (CSTC) a few years ago. The CSTC is an extension to the popular BurpSuite Proxy built for experts working with web applications. It enables users to define recipes that are applied to outgoing or incoming HTTP requests/responses automatically. Whatever quirks and specialties an application might challenge you with during an assessment, the CSTC has you covered. Furthermore, it allows to quickly apply custom formatting to a chosen message, if a more detailed analysis is needed. After the initial release the CSTC is finally back! It contains new features and improvements such as many new operations to be used in recipes, inclusion of community requested features and a refactoring of the codebase. Alongside the CTSC we will launch a new public repository with recipes we found useful in our experience as penetration testers and of course open for contribution by the community. This helps the community to solve common challenges and getting started working with the CSTC.\n\n\n","media":[],"title":"Cyber Security Transformation Chef (CSTC)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"Imagine GCHQ's CyberChef integrated in BurpSuite with live modification of requests at your fingertips. That's exactly what we had in mind when we built the Cyber Security Transformation Chef (CSTC) a few years ago. The CSTC is an extension to the popular BurpSuite Proxy built for experts working with web applications. It enables users to define recipes that are applied to outgoing or incoming HTTP requests/responses automatically. Whatever quirks and specialties an application might challenge you with during an assessment, the CSTC has you covered. Furthermore, it allows to quickly apply custom formatting to a chosen message, if a more detailed analysis is needed. After the initial release the CSTC is finally back! It contains new features and improvements such as many new operations to be used in recipes, inclusion of community requested features and a refactoring of the codebase. Alongside the CTSC we will launch a new public repository with recipes we found useful in our experience as penetration testers and of course open for contribution by the community. This helps the community to solve common challenges and getting started working with the CSTC.","updated_timestamp":{"seconds":1718922742,"nanoseconds":0},"speakers":[{"content_ids":[55732,54194],"conference_id":133,"event_ids":[56259,54563],"name":"Florian Haag","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"usd AG","title":"Managing Security Consultant"}],"links":[],"pronouns":null,"media":[],"id":53737,"title":"Managing Security Consultant at usd AG"},{"content_ids":[55732,54194],"conference_id":133,"event_ids":[56259,54563],"name":"Matthias Göhring","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"usd AG","title":"Security Consultant and Penetration Tester"}],"links":[],"pronouns":null,"media":[],"id":53759,"title":"Security Consultant and Penetration Tester at usd AG"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:32:22Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249625"},{"label":"Project","type":"link","url":"https://github.com/usdAG/cstc"}],"end":"2024-08-10T18:45:00.000-0000","id":54563,"tag_ids":[46169,46441,46443,46453],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53737},{"tag_id":46167,"sort_order":4,"person_id":53759}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W307","hotel":"","short_name":"W307","id":46322},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-06-20T22:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As the landscape of industrial control systems (ICS) evolves, the security vulnerabilities inherent in these systems have become increasingly important. In response to this escalating situation, in this paper, we present the development of a virtualized cybersecurity research testbed tailored for these environments. Addressing the challenge of limited access to proprietary OT network data for research purposes, our this talk proposes a comprehensive framework for simulating industrial environments, aiming to facilitate the development and testing of cybersecurity solutions by providing functionalities for network traffic logging, attack impact simulation, generation of labeled multivariate time series sensor datasets, among others, bridging the gap between theoretical research and practical application needs, especially in situations of low data availability and data-driven cybersecurity research.\n\n\n","media":[],"title":"Testbed Virtual Factory","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"As the landscape of industrial control systems (ICS) evolves, the security vulnerabilities inherent in these systems have become increasingly important. In response to this escalating situation, in this paper, we present the development of a virtualized cybersecurity research testbed tailored for these environments. Addressing the challenge of limited access to proprietary OT network data for research purposes, our this talk proposes a comprehensive framework for simulating industrial environments, aiming to facilitate the development and testing of cybersecurity solutions by providing functionalities for network traffic logging, attack impact simulation, generation of labeled multivariate time series sensor datasets, among others, bridging the gap between theoretical research and practical application needs, especially in situations of low data availability and data-driven cybersecurity research.","updated_timestamp":{"seconds":1718922689,"nanoseconds":0},"speakers":[{"content_ids":[54191],"conference_id":133,"event_ids":[54560],"name":"Borja Pintos Castro","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Gradiant","title":"Researcher, Security and Privacy Area"}],"links":[],"pronouns":null,"media":[],"id":53727,"title":"Researcher, Security and Privacy Area at Gradiant"},{"content_ids":[54191],"conference_id":133,"event_ids":[54560],"name":"Camilo Piñón Blanco","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53728}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:31:29Z","links":[{"label":"Project","type":"link","url":"https://github.com/Gradiant/virtual-factory "},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249624"}],"end":"2024-08-10T18:45:00.000-0000","id":54560,"tag_ids":[46169,46441,46445],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53727},{"tag_id":46167,"sort_order":4,"person_id":53728}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W306","hotel":"","short_name":"W306","id":46323},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-06-20T22:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"5Ghoul Fuzzer is an over-the-air security testing tool and fuzzing framework that leverages a rogue 5G NR base station to systematically create test cases targeting 5G-capable smartphones or Qualcomm USB-based modems. Moreover, such framework contains test case scripts to launch attacks exploiting 10 implementation-level vulnerabilities ranging from DoS to Downgrades that affect commercial 5G modems from major chipset vendors such as Qualcomm and MediaTek. The tool is released open sourced, but it is also continuously experimented with newer devices. For example, there are two more 5G implementation vulnerabilities that are under embargo and will be released by the end of this month in the open source repository and website maintained for the project.\n\n\n","media":[],"title":"5Ghoul Framework - 5G NR Attacks & 5G OTA Fuzzing","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"5Ghoul Fuzzer is an over-the-air security testing tool and fuzzing framework that leverages a rogue 5G NR base station to systematically create test cases targeting 5G-capable smartphones or Qualcomm USB-based modems. Moreover, such framework contains test case scripts to launch attacks exploiting 10 implementation-level vulnerabilities ranging from DoS to Downgrades that affect commercial 5G modems from major chipset vendors such as Qualcomm and MediaTek. The tool is released open sourced, but it is also continuously experimented with newer devices. For example, there are two more 5G implementation vulnerabilities that are under embargo and will be released by the end of this month in the open source repository and website maintained for the project.","updated_timestamp":{"seconds":1718922629,"nanoseconds":0},"speakers":[{"content_ids":[54188],"conference_id":133,"event_ids":[54557],"name":"Matheus Eduardo Garbelini","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Singapore University of Technology and Design (SUTD)","title":"Research Fellow"}],"links":[],"pronouns":null,"media":[],"id":53756,"title":"Research Fellow at Singapore University of Technology and Design (SUTD)"},{"content_ids":[54188],"conference_id":133,"event_ids":[54557],"name":"Sudipta Chattopadhyay","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Singapore University of Technology and Design (SUTD)","title":"Associate Professor"}],"links":[],"pronouns":null,"media":[],"id":53774,"title":"Associate Professor at Singapore University of Technology and Design (SUTD)"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:30:29Z","links":[{"label":"Project","type":"link","url":"https://github.com/asset-group/5ghoul-5g-nr-attacks "},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249623"}],"end":"2024-08-10T18:45:00.000-0000","id":54557,"tag_ids":[46169,46441,46452,46453],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53756},{"tag_id":46167,"sort_order":4,"person_id":53774}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W305","hotel":"","short_name":"W305","id":46324},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-06-20T22:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Tempest is a command and control framework written in 100% Rust. It began as a research project and personal challenge, but has grown into a very effective c2 framework. The original concept was to write a simple yet effective c2 framework, and design continues to focus on this simple goal. Because it started out as a research project with a learning goal, the framework is not directly based on any existing c2 frameworks and the vast majority of code will not be found anywhere else.\n\n\n","media":[],"title":"Tempest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"Tempest is a command and control framework written in 100% Rust. It began as a research project and personal challenge, but has grown into a very effective c2 framework. The original concept was to write a simple yet effective c2 framework, and design continues to focus on this simple goal. Because it started out as a research project with a learning goal, the framework is not directly based on any existing c2 frameworks and the vast majority of code will not be found anywhere else.","updated_timestamp":{"seconds":1718922566,"nanoseconds":0},"speakers":[{"content_ids":[55305,54185],"conference_id":133,"event_ids":[55695,54554],"name":"Kirk Trychel","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Box.com","title":"Senior Red Team Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@teach2breach)","sort_order":0,"url":"https://twitter.com/teach2breach"}],"media":[],"id":53748,"title":"Senior Red Team Engineer at Box.com"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:29:26Z","links":[{"label":"Project","type":"link","url":"https://github.com/Teach2Breach/tempest"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249622"}],"end":"2024-08-10T18:45:00.000-0000","id":54554,"tag_ids":[46169,46441,46445,46453],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53748}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W304","hotel":"","short_name":"W304","id":46325},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-06-20T22:29:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Maestro is a post-exploitation tool designed to interact with Intune/EntraID from a C2 agent on a user's workstation without requiring knowledge of the user's password or Azure authentication flows, token manipulation, and web-based administration console. Maestro makes interacting with Intune and EntraID from C2 much easier, as the operator does not need to obtain the user's cleartext password, extract primary refresh token (PRT) cookies from the system, run additional tools or a browser session over a SOCKS proxy, or deal with Azure authentication flows, tokens, or conditional access policies in order to execute actions in Azure on behalf of the logged-in user. Maestro enables attack paths between on-prem and Azure. For example, by running Maestro on an Intune admin's machine, you can execute PowerShell scripts on any enrolled device without ever knowing the admin's credentials!\n\n\n","media":[],"title":"Maestro","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-10T18:45:00Z","end_timestamp":{"seconds":1723315500,"nanoseconds":0},"android_description":"Maestro is a post-exploitation tool designed to interact with Intune/EntraID from a C2 agent on a user's workstation without requiring knowledge of the user's password or Azure authentication flows, token manipulation, and web-based administration console. Maestro makes interacting with Intune and EntraID from C2 much easier, as the operator does not need to obtain the user's cleartext password, extract primary refresh token (PRT) cookies from the system, run additional tools or a browser session over a SOCKS proxy, or deal with Azure authentication flows, tokens, or conditional access policies in order to execute actions in Azure on behalf of the logged-in user. Maestro enables attack paths between on-prem and Azure. For example, by running Maestro on an Intune admin's machine, you can execute PowerShell scripts on any enrolled device without ever knowing the admin's credentials!","updated_timestamp":{"seconds":1718922506,"nanoseconds":0},"speakers":[{"content_ids":[54209,54182],"conference_id":133,"event_ids":[54551,54582],"name":"Chris Thompson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SpecterOps","title":"Principal Consultant"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@_Mayyhem)","sort_order":0,"url":"https://twitter.com/_Mayyhem"}],"media":[],"id":53730,"title":"Principal Consultant at SpecterOps"}],"begin_tsz":"2024-08-10T17:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-20T22:28:26Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249621"},{"label":"Project","type":"link","url":"https://github.com/Mayyhem/Maestro"}],"end":"2024-08-10T18:45:00.000-0000","id":54551,"tag_ids":[46169,46441,46444,46453],"village_id":null,"begin_timestamp":{"seconds":1723309200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53730}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W303","hotel":"","short_name":"W303","id":46326},"spans_timebands":"N","begin":"2024-08-10T17:00:00.000-0000","updated":"2024-06-20T22:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"All merch sales are USD CASH ONLY. No cards will be accepted.\r\n\r\nThe published hours for the merch area are only an approximation: supplies are limited, and when merch is sold out, the merch area will close for the year. (We intend to update this schedule to reflect their true operating status, but this is strictly best-effort.) \r\n\r\nNote that the closing hours here are **when sales must have ended**. For example, if sales must end by 18:00, and we estimate that it will take 2 hours to clear the queue, doors are likely to close around 16:00. Because of this dynamic nature, we can't predict the length of the line or when doors will be closed.\n\n\n","media":[],"title":"Merch (formerly swag) Area Open -- README","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-10T22:00:00Z","end_timestamp":{"seconds":1723327200,"nanoseconds":0},"android_description":"All merch sales are USD CASH ONLY. No cards will be accepted.\r\n\r\nThe published hours for the merch area are only an approximation: supplies are limited, and when merch is sold out, the merch area will close for the year. (We intend to update this schedule to reflect their true operating status, but this is strictly best-effort.) \r\n\r\nNote that the closing hours here are **when sales must have ended**. For example, if sales must end by 18:00, and we estimate that it will take 2 hours to clear the queue, doors are likely to close around 16:00. Because of this dynamic nature, we can't predict the length of the line or when doors will be closed.","updated_timestamp":{"seconds":1722140898,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T16:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T04:28:18Z","links":[],"end":"2024-08-10T22:00:00.000-0000","id":55854,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723305600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W212 (DEF CON Merch)","hotel":"","short_name":"W212 (DEF CON Merch)","id":46285},"spans_timebands":"N","begin":"2024-08-10T16:00:00.000-0000","updated":"2024-07-28T04:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We’ve developed an interactive workshop for all those who want to learn secure coding practices and/or experience attacking with up-to-date technologies.\nWe prefer simplicity:\nAttacks are performed with swagger and C# scripts, and exploit XSS, CSRF, SSRF, and SQLI. We’ll also steal secrets and cookies.\nSecure coding practices are summarized in an easy-to-remember acronym (PREVENT).\nParticipants will transform RecipeRealm, a naive webapi+angular recipes repository, into a secure solution.\nThrough the hands-on real-world coding exercises, we will cover dealing with a vulnerable third party, using the built-in defense mechanism of Angular, implementing antiCSRF mechanisms, coding a secure data layer, and how to protect a web API from being exploited to get information about our internal assets.\n\n\n","media":[],"title":"Sharp Security from All Angles: Mastering Security in .NET Core 8 and Angular 17 Applications","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"We’ve developed an interactive workshop for all those who want to learn secure coding practices and/or experience attacking with up-to-date technologies.\nWe prefer simplicity:\nAttacks are performed with swagger and C# scripts, and exploit XSS, CSRF, SSRF, and SQLI. We’ll also steal secrets and cookies.\nSecure coding practices are summarized in an easy-to-remember acronym (PREVENT).\nParticipants will transform RecipeRealm, a naive webapi+angular recipes repository, into a secure solution.\nThrough the hands-on real-world coding exercises, we will cover dealing with a vulnerable third party, using the built-in defense mechanism of Angular, implementing antiCSRF mechanisms, coding a secure data layer, and how to protect a web API from being exploited to get information about our internal assets.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54231],"conference_id":133,"event_ids":[54604],"name":"Or Sahar","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Secure From Scratch","title":"Co-founder"}],"links":[],"pronouns":null,"media":[],"id":53860,"title":"Co-founder at Secure From Scratch"},{"content_ids":[54231],"conference_id":133,"event_ids":[54604],"name":"Yariv Tal","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53875}],"begin_tsz":"2024-08-10T16:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Sahar_DC32.eventbrite.com"}],"end":"2024-08-10T20:00:00.000-0000","id":54604,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723305600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53860},{"tag_id":46167,"sort_order":1,"person_id":53875}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dean Martin","hotel":"","short_name":"Dean Martin","id":46327},"spans_timebands":"N","begin":"2024-08-10T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"\"Pentesting ICS is too easy and you are looking for a new challenge? Attend this workshop to discover and practice how to secure Industrial Control Systems! This workshop is designed to show some key cybersecurity measures to implement on Industrial Control Systems.\nWe’ll bring a realistic but simple ICS setup and let you secure it step by step. After a short introduction, we’ll deep dive in several hands-on exercises: ICS inventory, backups, network security, system hardening and detection.\n\"\n\n\n","media":[],"title":"Industrial Control Systems: how to secure them in practice!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"\"Pentesting ICS is too easy and you are looking for a new challenge? Attend this workshop to discover and practice how to secure Industrial Control Systems! This workshop is designed to show some key cybersecurity measures to implement on Industrial Control Systems.\nWe’ll bring a realistic but simple ICS setup and let you secure it step by step. After a short introduction, we’ll deep dive in several hands-on exercises: ICS inventory, backups, network security, system hardening and detection.\n\"","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54225,54230],"conference_id":133,"event_ids":[54598,54603],"name":"Alexandrine Torrents","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Wavestone","title":"Cybersecurity Expert"}],"links":[],"pronouns":null,"media":[],"id":53831,"title":"Cybersecurity Expert at Wavestone"}],"begin_tsz":"2024-08-10T16:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Torrents_DC32.eventbrite.com"}],"end":"2024-08-10T20:00:00.000-0000","id":54603,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723305600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53831}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Sands","hotel":"","short_name":"Sands","id":46331},"spans_timebands":"N","begin":"2024-08-10T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We live in a time of unexpected transformation. Machines can hold conversations, compose prose and poetry, and generate very convincing deepfakes. The field of AI where this all happens – deep learning – has a long history, starting with one simple building block: the neural network.\nIn this workshop, we will tour through the evolution of neural networks and discover that much of their evolution occurred in the world of low-level programming. Using C, C++ and a bit of assembly language, we will learn the fundamentals behind neural networks in their various forms, and build a foundation of knowledge that will allow us to understand how we arrived at large language models, the current state of the art. Most importantly, we will discover how far we can stretch everyday hardware to run deep learning models that solve interesting problems.\n\n\n","media":[],"title":"Hacking The Metal: A Spark of Intelligence","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"We live in a time of unexpected transformation. Machines can hold conversations, compose prose and poetry, and generate very convincing deepfakes. The field of AI where this all happens – deep learning – has a long history, starting with one simple building block: the neural network.\nIn this workshop, we will tour through the evolution of neural networks and discover that much of their evolution occurred in the world of low-level programming. Using C, C++ and a bit of assembly language, we will learn the fundamentals behind neural networks in their various forms, and build a foundation of knowledge that will allow us to understand how we arrived at large language models, the current state of the art. Most importantly, we will discover how far we can stretch everyday hardware to run deep learning models that solve interesting problems.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54229],"conference_id":133,"event_ids":[54602],"name":"eigentourist","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53839}],"begin_tsz":"2024-08-10T16:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://eigentourist_DC32.eventbrite.com"}],"end":"2024-08-10T20:00:00.000-0000","id":54602,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723305600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53839}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Desert Inn","hotel":"","short_name":"Desert Inn","id":46328},"spans_timebands":"N","begin":"2024-08-10T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This training will cover how to discover vulnerabilities in custom Salesforce applications hosted on the Salesforce PaaS platform. This is not hacking Salesforce itself, but instead custom applications deployed by customers of Salesforce. You should already know OWASP Top 10 fundamentals such as how XSS or injection attacks work. You will learn how to find vulnerabilities specific to Salesforce apps such as SOQL injection, SOSL, cross-site scripting filter bypasses, and bypassing access controls of hidden functions to exfiltrate data.\nA new open-source tool “PaaS Cloud Goat” will be used to provide a simulated vulnerable Salesforce application for testing. Students will be expected to use a MitM proxy tool (Burp Suite) to craft malicious attacks to exploit the application. This training will provide a lab manual and live walk-through of the attack process and methods. We will also cover source code review and practice how to find vulnerabilities in code and translate them to working exploits of the simulator app.\n\nTakeaways:\n1. Hands-on learning opportunity of pen testing custom Salesforce applications\n2. Detailed training documentation material about the underlying flaws\n3. Consolidated list of common Salesforce application vulnerabilities\n\n\n","media":[],"title":"Hacking Apps on Salesforce","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"This training will cover how to discover vulnerabilities in custom Salesforce applications hosted on the Salesforce PaaS platform. This is not hacking Salesforce itself, but instead custom applications deployed by customers of Salesforce. You should already know OWASP Top 10 fundamentals such as how XSS or injection attacks work. You will learn how to find vulnerabilities specific to Salesforce apps such as SOQL injection, SOSL, cross-site scripting filter bypasses, and bypassing access controls of hidden functions to exfiltrate data.\nA new open-source tool “PaaS Cloud Goat” will be used to provide a simulated vulnerable Salesforce application for testing. Students will be expected to use a MitM proxy tool (Burp Suite) to craft malicious attacks to exploit the application. This training will provide a lab manual and live walk-through of the attack process and methods. We will also cover source code review and practice how to find vulnerabilities in code and translate them to working exploits of the simulator app.\n\nTakeaways:\n1. Hands-on learning opportunity of pen testing custom Salesforce applications\n2. Detailed training documentation material about the underlying flaws\n3. Consolidated list of common Salesforce application vulnerabilities","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54228],"conference_id":133,"event_ids":[54601],"name":"Rodney David Beede","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Principal Consultant"}],"pronouns":null,"links":[{"description":"","title":"Website","sort_order":0,"url":"https://www.rodneybeede.com"}],"media":[],"id":53864,"title":"Principal Consultant"}],"begin_tsz":"2024-08-10T16:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Beede_DC32.eventbrite.com"}],"end":"2024-08-10T20:00:00.000-0000","id":54601,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723305600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53864}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Frontier","hotel":"","short_name":"Frontier","id":46330},"spans_timebands":"N","begin":"2024-08-10T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Capture the Flag (CTF) is a competition where teams and individuals compete to solve security challenges. The one that collects most flags the fastest wins the competition (and typically, prizes).\nCTF-101 is an interactive workshop where we attendees learn about CTF competitions and common security vulnerabilities in a game-like environment. A couple of challenges are presented throughout the session and our hosts walk through how to solve them and provide support as attendees try to solve the challenges during the live hacking part of the workshop. Plus, there’s a leaderboard for attendees to track their progress.\n\n\n","media":[],"title":"Capture the Flag 101","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-10T20:00:00Z","end_timestamp":{"seconds":1723320000,"nanoseconds":0},"android_description":"Capture the Flag (CTF) is a competition where teams and individuals compete to solve security challenges. The one that collects most flags the fastest wins the competition (and typically, prizes).\nCTF-101 is an interactive workshop where we attendees learn about CTF competitions and common security vulnerabilities in a game-like environment. A couple of challenges are presented throughout the session and our hosts walk through how to solve them and provide support as attendees try to solve the challenges during the live hacking part of the workshop. Plus, there’s a leaderboard for attendees to track their progress.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54227],"conference_id":133,"event_ids":[54600],"name":"Micah Silverman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Snyk","title":"Director of Security Relations"}],"links":[],"pronouns":null,"media":[],"id":53857,"title":"Director of Security Relations at Snyk"}],"begin_tsz":"2024-08-10T16:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Silverman_DC32.eventbrite.com"}],"end":"2024-08-10T20:00:00.000-0000","id":54600,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723305600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53857}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dunes","hotel":"","short_name":"Dunes","id":46329},"spans_timebands":"N","begin":"2024-08-10T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you find something that seems to have been lost, please take that item to the nearest NFO Node. The item will enter the DEF CON Lost & Found system. \r\n\r\nIf you've lost something, the only way to check on it (or reclaim it) is by going to the Lost & Found department yourself. The Lost & Found department is in room LVCC - L2 - W238. You may also call Lost & Found at [+1 (725) 377-5045](tel:+17253775045).\r\n\r\nThe Lost & Found department plans to be open Thursday - Saturday, during all hours that the conference operates. On Sunday, the Lost & Found department will open with the venue at 08:00, but will close at the beginning of DEF CON 32 Closing Ceremonies (15:00). Shortly thereafter, all remaining lost items will be transferred to the LVCC West Lobby Security Office. If you need to reach LVCC's West Lobby Security Office, you may call [+1 (702) 943-3532](tel:+17029433532).\n\n\n","media":[],"title":"Lost & Found","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T09:00:00Z","end_timestamp":{"seconds":1723366800,"nanoseconds":0},"android_description":"If you find something that seems to have been lost, please take that item to the nearest NFO Node. The item will enter the DEF CON Lost & Found system. \r\n\r\nIf you've lost something, the only way to check on it (or reclaim it) is by going to the Lost & Found department yourself. The Lost & Found department is in room LVCC - L2 - W238. You may also call Lost & Found at [+1 (725) 377-5045](tel:+17253775045).\r\n\r\nThe Lost & Found department plans to be open Thursday - Saturday, during all hours that the conference operates. On Sunday, the Lost & Found department will open with the venue at 08:00, but will close at the beginning of DEF CON 32 Closing Ceremonies (15:00). Shortly thereafter, all remaining lost items will be transferred to the LVCC West Lobby Security Office. If you need to reach LVCC's West Lobby Security Office, you may call [+1 (702) 943-3532](tel:+17029433532).","updated_timestamp":{"seconds":1722195318,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T15:00:00Z","timeband_id":1148,"updated_tsz":"2024-07-28T19:35:18Z","links":[],"end":"2024-08-11T09:00:00.000-0000","id":55888,"tag_ids":[46362,46744],"village_id":null,"begin_timestamp":{"seconds":1723302000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W238 (Lost & Found)","hotel":"","short_name":"W238 (Lost & Found)","id":46338},"spans_timebands":"Y","begin":"2024-08-10T15:00:00.000-0000","updated":"2024-07-28T19:35:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Our human registration process this year will be very similar to previous years. Please be patient. All of the times listed here are **approximate**. \r\n\r\n# Basics\r\n\r\n### Who needs a badge?\r\n\r\nA badge is required for each human age 8 and older.\r\n\r\n### Human?\r\n\r\nYou are a human if you do not know otherwise. People that are not humans include goons, official speaker, village/community/contest/creator staff, press, black badge holders, or similar. If you are not a human, you need to register separately. If you don't know how, see an NFO goon (NFO Node, formerly known as an infobooth, is where you can get help). The remainder of this message applies only to humans.\r\n\r\n### Lines? Linecon?\r\n\r\nLinecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)\r\n\r\nOnline badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales. \r\n\r\nPlease help us make this a great experience for everyone by **following directions given by goons**. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join. \r\n\r\n# Ways to buy a badge\r\n\r\n- $480 [online purchase](https://shop.defcon.org/products/def-con-32-las-vegas-convention-center) until August 1, 2024. Tickets are transferable. Please read the details on the linked page.\r\n- $460 cash purchase on-site.\r\n- As part of a BlackHat registration.\r\n\r\n### Online Purchase\r\n\r\nYou will be emailed a QR code to the email address provided when you bought your badge. Please guard that QR code as though it is cash -- it can only be redeemed once, and anyone can redeem it if they have it (including a photo of it). Badges are picked-up on-site -- they will not be mailed or shipped.\r\n\r\nWe can scan the QR code either from your phone's display or from a printed copy. You **must** have the QR code with you in order to obtain your badge. As you approach the front of the line, if you are going to show your QR code on an electronic device, please ensure that your display is set to maximum brightness. \r\n\r\nIf you pre-registered, but ultimately are unable to attend DEF CON and want to cancel your purchase, the **only** way to get a refund is from the original online source. We are unable to provide any refunds on-site at DEF CON. There is a fee to have your badge canceled: $34 until July 15, and $84 on and after July 15.\r\n\r\nOnline purchases are provided a receipt via email when the purchase is made.\r\n\r\nOnline purchase -- often referred to as pre-registration -- does not allow you to skip any line/queue to pick up your badge. Once you arrive on-site, you will need to join the existing line for human registration. There may or may not be a dedicated line for pre-registration badge pickup, depending on when you arrive, how long the line is, available staff, etc.\r\n\r\n### Cash Purchase\r\n\r\nBadges will be available for purchase on-site at DEF CON. All badge sales are **cash only**. No checks, money orders, credit cards, etc., will be accepted. In order to keep the registration line moving as quickly as possible, please have **exact change** ready as you near the front of the line.\r\n\r\nThere are no refunds given for cash sales. If you have any doubt about your desire to buy a badge, please refrain from doing so.\r\n\r\nWe are unable to provide printed receipts at the time of the sale. A generic receipt for the cash sale of a badge will be made available on media.defcon.org after the conference. You are welcome to print your own copy of the receipt on plain paper.\r\n\r\n### Via BlackHat \r\n\r\nIf you attend BlackHat, it is possible to purchase a DEF CON badge with your BlackHat registration. If you did so, please get your DEF CON badge from BlackHat before they close. \r\n\r\nBlackHat should send you an email with instructions for how to obtain your DEF CON badge. In case you missed it, you can go to the second floor, at the concierge desk, halfway down Black Hat Blvd.\r\n\r\n# Misc\r\n\r\nWant to buy multiple badges? No problem! We're happy to sell you however many badges you want to pay for.\r\n\r\nIf you lose your badge, there is unfortunately no way for us to replace it. You'll have to buy a replacement at full price. Please don't lose your badge. :( \r\n\r\nIf you are being accompanied by a full-time caretaker (such as someone who will push your wheelchair, and will accompany you at all times), please ask to speak to a Registration Goon. Your caretaker will receive a paper badge that will permit them to accompany you everywhere you go.\r\n\r\n# Still need help?\r\n\r\nIf you have questions about anything regarding human registration that are not addressed here, please ask to speak to a Registration Goon.\n\n\n","media":[{"hash_sha256":"8a300e1ae98ec2a54a4a5b4a5378f42ca3196613b8cfeec201265c89f74bada7","filetype":"image/webp","hash_md5":"d5dca56d644276270ebb606349e06742","name":"defcon32preregistrationartc.webp","is_logo":"Y","hash_crc32c":"4ef042a8","filesize":249642,"asset_id":815,"sort_order":1,"url":"https://info.defcon.org/blobs/defcon32preregistrationartc.webp"}],"title":"Human Registration Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-11T02:00:00Z","end_timestamp":{"seconds":1723341600,"nanoseconds":0},"android_description":"Our human registration process this year will be very similar to previous years. Please be patient. All of the times listed here are **approximate**. \r\n\r\n# Basics\r\n\r\n### Who needs a badge?\r\n\r\nA badge is required for each human age 8 and older.\r\n\r\n### Human?\r\n\r\nYou are a human if you do not know otherwise. People that are not humans include goons, official speaker, village/community/contest/creator staff, press, black badge holders, or similar. If you are not a human, you need to register separately. If you don't know how, see an NFO goon (NFO Node, formerly known as an infobooth, is where you can get help). The remainder of this message applies only to humans.\r\n\r\n### Lines? Linecon?\r\n\r\nLinecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)\r\n\r\nOnline badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales. \r\n\r\nPlease help us make this a great experience for everyone by **following directions given by goons**. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join. \r\n\r\n# Ways to buy a badge\r\n\r\n- $480 [online purchase](https://shop.defcon.org/products/def-con-32-las-vegas-convention-center) until August 1, 2024. Tickets are transferable. Please read the details on the linked page.\r\n- $460 cash purchase on-site.\r\n- As part of a BlackHat registration.\r\n\r\n### Online Purchase\r\n\r\nYou will be emailed a QR code to the email address provided when you bought your badge. Please guard that QR code as though it is cash -- it can only be redeemed once, and anyone can redeem it if they have it (including a photo of it). Badges are picked-up on-site -- they will not be mailed or shipped.\r\n\r\nWe can scan the QR code either from your phone's display or from a printed copy. You **must** have the QR code with you in order to obtain your badge. As you approach the front of the line, if you are going to show your QR code on an electronic device, please ensure that your display is set to maximum brightness. \r\n\r\nIf you pre-registered, but ultimately are unable to attend DEF CON and want to cancel your purchase, the **only** way to get a refund is from the original online source. We are unable to provide any refunds on-site at DEF CON. There is a fee to have your badge canceled: $34 until July 15, and $84 on and after July 15.\r\n\r\nOnline purchases are provided a receipt via email when the purchase is made.\r\n\r\nOnline purchase -- often referred to as pre-registration -- does not allow you to skip any line/queue to pick up your badge. Once you arrive on-site, you will need to join the existing line for human registration. There may or may not be a dedicated line for pre-registration badge pickup, depending on when you arrive, how long the line is, available staff, etc.\r\n\r\n### Cash Purchase\r\n\r\nBadges will be available for purchase on-site at DEF CON. All badge sales are **cash only**. No checks, money orders, credit cards, etc., will be accepted. In order to keep the registration line moving as quickly as possible, please have **exact change** ready as you near the front of the line.\r\n\r\nThere are no refunds given for cash sales. If you have any doubt about your desire to buy a badge, please refrain from doing so.\r\n\r\nWe are unable to provide printed receipts at the time of the sale. A generic receipt for the cash sale of a badge will be made available on media.defcon.org after the conference. You are welcome to print your own copy of the receipt on plain paper.\r\n\r\n### Via BlackHat \r\n\r\nIf you attend BlackHat, it is possible to purchase a DEF CON badge with your BlackHat registration. If you did so, please get your DEF CON badge from BlackHat before they close. \r\n\r\nBlackHat should send you an email with instructions for how to obtain your DEF CON badge. In case you missed it, you can go to the second floor, at the concierge desk, halfway down Black Hat Blvd.\r\n\r\n# Misc\r\n\r\nWant to buy multiple badges? No problem! We're happy to sell you however many badges you want to pay for.\r\n\r\nIf you lose your badge, there is unfortunately no way for us to replace it. You'll have to buy a replacement at full price. Please don't lose your badge. :( \r\n\r\nIf you are being accompanied by a full-time caretaker (such as someone who will push your wheelchair, and will accompany you at all times), please ask to speak to a Registration Goon. Your caretaker will receive a paper badge that will permit them to accompany you everywhere you go.\r\n\r\n# Still need help?\r\n\r\nIf you have questions about anything regarding human registration that are not addressed here, please ask to speak to a Registration Goon.","updated_timestamp":{"seconds":1722991207,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T15:00:00Z","timeband_id":1148,"updated_tsz":"2024-08-07T00:40:07Z","links":[],"end":"2024-08-11T02:00:00.000-0000","id":54480,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723302000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"N","begin":"2024-08-10T15:00:00.000-0000","updated":"2024-08-07T00:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Thursday, Friday, Saturday and Sunday: 05:00 to 08:00, with random pop up meetings throughout the day in the con space.\r\n\r\nDefcon.run is an evolution of the now long running DEF CON 4x5K running event. Due to stupendous growth, we’ve been forced to change up the format. This year's activity will look to match up folks for fun runs, and rucks (!), in small distributed groups around Las Vegas. It’s the same old event but at a distributed scale!\r\n\r\nShow up in the morning, go for a run with folks, have a good time!\r\n\r\nWe’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances. Full Information at https://defcon.run\n\n\n","media":[],"title":"Defcon.run","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-10T15:00:00Z","end_timestamp":{"seconds":1723302000,"nanoseconds":0},"android_description":"Thursday, Friday, Saturday and Sunday: 05:00 to 08:00, with random pop up meetings throughout the day in the con space.\r\n\r\nDefcon.run is an evolution of the now long running DEF CON 4x5K running event. Due to stupendous growth, we’ve been forced to change up the format. This year's activity will look to match up folks for fun runs, and rucks (!), in small distributed groups around Las Vegas. It’s the same old event but at a distributed scale!\r\n\r\nShow up in the morning, go for a run with folks, have a good time!\r\n\r\nWe’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances. Full Information at https://defcon.run","updated_timestamp":{"seconds":1718813049,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T12:00:00Z","timeband_id":1148,"updated_tsz":"2024-06-19T16:04:09Z","links":[{"label":"More Info","type":"link","url":"https://defcon.run"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249585"}],"end":"2024-08-10T15:00:00.000-0000","id":54514,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723291200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-10T12:00:00.000-0000","updated":"2024-06-19T16:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A fun gathering space for the lgbtqia+ community to listen to DJ dance music and party together. An inclusive and vibrant option with others in the community.\n\n\n","media":[{"hash_sha256":"3a6fa4c17091c405658cdeadb9a5fcbe435c2ffb12d53be100f2f3af8f315790","filetype":"image/png","hash_md5":"6d963769b73e2a6193ecd792b1c7a2dd","name":"pme_queercon_party_v3.png","is_logo":"Y","hash_crc32c":"1cbb05b9","filesize":182588,"asset_id":720,"sort_order":3,"url":"https://info.defcon.org/blobs/pme_queercon_party_v3.png"}],"title":"QueerCon","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-10T08:00:00Z","end_timestamp":{"seconds":1723276800,"nanoseconds":0},"android_description":"A fun gathering space for the lgbtqia+ community to listen to DJ dance music and party together. An inclusive and vibrant option with others in the community.","updated_timestamp":{"seconds":1718812377,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T05:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T15:52:57Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249563"},{"label":"Twitter (@queercon)","type":"link","url":"https://twitter.com/queercon"},{"label":"Website","type":"link","url":"https://queercon.org"},{"label":"Discord","type":"link","url":"https://queercon.lgbt/discord"}],"end":"2024-08-10T08:00:00.000-0000","id":54502,"tag_ids":[46363],"village_id":null,"begin_timestamp":{"seconds":1723266000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W325 - W326","hotel":"","short_name":"W325 - W326","id":46312},"spans_timebands":"Y","begin":"2024-08-10T05:00:00.000-0000","updated":"2024-06-19T15:52:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Arcade Party is back! Come play your favorite classic arcade games while jamming out to Keith Myers DJing. Your favorite custom built 16 player LED foosball table will be ready for some competitive games. This epic party, free for DEF CON 32 attendees to enjoy and play, is hosted by the Military Cyber Professionals Association (a tech ed charity) and friends.\n\n\n","media":[{"hash_sha256":"89bcd0031a654a292e0705bf8fd4cdf59ffc350be3885c256a2f49bb5955da9b","filetype":"image/png","hash_md5":"7f18305e5d04016eb7279d679cc1b817","name":"pme_arcade.png","is_logo":"Y","hash_crc32c":"daac354a","filesize":139632,"asset_id":670,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_arcade.png"}],"title":"Arcade Party","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-10T09:00:00Z","end_timestamp":{"seconds":1723280400,"nanoseconds":0},"android_description":"The Arcade Party is back! Come play your favorite classic arcade games while jamming out to Keith Myers DJing. Your favorite custom built 16 player LED foosball table will be ready for some competitive games. This epic party, free for DEF CON 32 attendees to enjoy and play, is hosted by the Military Cyber Professionals Association (a tech ed charity) and friends.","updated_timestamp":{"seconds":1718812537,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T04:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T15:55:37Z","links":[{"label":"Website","type":"link","url":"https://arcadeparty.org"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249555"}],"end":"2024-08-10T09:00:00.000-0000","id":54504,"tag_ids":[46363],"village_id":null,"begin_timestamp":{"seconds":1723262400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46251,"name":"LVCC - L1 - W106-W109 (Chillout 1)","hotel":"","short_name":"W106-W109 (Chillout 1)","id":46309},"spans_timebands":"Y","begin":"2024-08-10T04:00:00.000-0000","updated":"2024-06-19T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Returning for their 7th year, Gothcon invites you to come dance the night away with a line-up of some of the community's best dark dance music DJ's from across the US! Dress however you would like in whatever makes you feel comfortable and happy, and all are welcome (except nazis). Follow @dcgothcon on X for current updates on lineup and other surprises we have in store.\n\n\n","media":[{"hash_sha256":"2ab025f6f007cf790e52d516d01744556a09145e0c5f87af32adc2b9b7308777","filetype":"image/png","hash_md5":"bfe70242ac992e5f98535eae66f74988","name":"pme_gothcon.png","is_logo":"Y","hash_crc32c":"2b4b0174","filesize":50428,"asset_id":678,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_gothcon.png"}],"title":"GOTHCON 2024","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-10T09:00:00Z","end_timestamp":{"seconds":1723280400,"nanoseconds":0},"android_description":"Returning for their 7th year, Gothcon invites you to come dance the night away with a line-up of some of the community's best dark dance music DJ's from across the US! Dress however you would like in whatever makes you feel comfortable and happy, and all are welcome (except nazis). Follow @dcgothcon on X for current updates on lineup and other surprises we have in store.","updated_timestamp":{"seconds":1718812428,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T04:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T15:53:48Z","links":[{"label":"Twitter (@dcgothcon)","type":"link","url":"https://twitter.com/dcgothcon"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249558"}],"end":"2024-08-10T09:00:00.000-0000","id":54503,"tag_ids":[46363],"village_id":null,"begin_timestamp":{"seconds":1723262400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W324, W327","hotel":"","short_name":"W322-W324, W327","id":46306},"spans_timebands":"Y","begin":"2024-08-10T04:00:00.000-0000","updated":"2024-06-19T15:53:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join Capitol Technology University for a night of fun, drinks, and networking amongst like-minded peers! Capitol Tech's industry-expert leadership will be discussing exciting career paths in cybersecurity, as well as the future of cyber higher education.\n\n\n","media":[],"title":"Capitol Technology University (CTU)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-10T09:00:00Z","end_timestamp":{"seconds":1723280400,"nanoseconds":0},"android_description":"Join Capitol Technology University for a night of fun, drinks, and networking amongst like-minded peers! Capitol Tech's industry-expert leadership will be discussing exciting career paths in cybersecurity, as well as the future of cyber higher education.","updated_timestamp":{"seconds":1720286483,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T04:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T17:21:23Z","links":[{"label":"Website","type":"link","url":"https://www.captechu.edu/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249566"},{"label":"Twitter (@captechu)","type":"link","url":"https://twitter.com/captechu"}],"end":"2024-08-10T09:00:00.000-0000","id":54501,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723262400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"Y","begin":"2024-08-10T04:00:00.000-0000","updated":"2024-07-06T17:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"- 20:00 - 21:00 - Call the Cops\r\n- 21:00 - 22:00 - DJ Habbs\r\n- 22:00 - 23:00 - PankleDank\r\n- 23:00 - 00:00 - Scotch & Bubbles\r\n- 00:00 - 01:00- DJ St3rling\r\n- 01:00 - 02:00 - Archwisp\n\n\n","media":[{"hash_sha256":"37c328609dbb27ade483ed096a41ef0d2739c44ebc6da349232eb17330cb547a","filetype":"image/png","hash_md5":"cb6c252c790f17fe52b4764837f12eb5","name":"dc32_ae_flyer_friday.png","is_logo":"Y","hash_crc32c":"9c684eda","filesize":981965,"asset_id":818,"sort_order":0,"url":"https://info.defcon.org/blobs/dc32_ae_flyer_friday.png"}],"title":"Music Set / Entertainment (Cyberpunk Bar Friday, ACK Stage)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#2d40ff","name":"Entertainment","updated_tsz":"2024-08-04T15:14:13Z","id":46737},"end_tsz":"2024-08-10T09:00:00Z","end_timestamp":{"seconds":1723280400,"nanoseconds":0},"android_description":"- 20:00 - 21:00 - Call the Cops\r\n- 21:00 - 22:00 - DJ Habbs\r\n- 22:00 - 23:00 - PankleDank\r\n- 23:00 - 00:00 - Scotch & Bubbles\r\n- 00:00 - 01:00- DJ St3rling\r\n- 01:00 - 02:00 - Archwisp","updated_timestamp":{"seconds":1721791203,"nanoseconds":0},"speakers":[{"content_ids":[55327],"conference_id":133,"event_ids":[55719],"name":"Archwisp","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55881},{"content_ids":[55327],"conference_id":133,"event_ids":[55719],"name":"Call the Cops","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55882},{"content_ids":[55327],"conference_id":133,"event_ids":[55719],"name":"DJ Habbs","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55888},{"content_ids":[55327],"conference_id":133,"event_ids":[55719],"name":"DJ St3rling","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55890},{"content_ids":[55327],"conference_id":133,"event_ids":[55719],"name":"PankleDank","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55906},{"content_ids":[55327],"conference_id":133,"event_ids":[55719],"name":"Scotch & Bubbles","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55909}],"begin_tsz":"2024-08-10T03:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T03:20:03Z","links":[{"label":"Instagram","type":"link","url":"https://www.instagram.com/defcon_music/"},{"label":"Mastodon (@Defcon_Music@defcon.social)","type":"link","url":"https://defcon.social/@Defcon_Music"},{"label":"Twitter (@defcon_music)","type":"link","url":"https://twitter.com/defcon_music"},{"label":"DEF CON Music Website","type":"link","url":"https://defconmusic.org"}],"end":"2024-08-10T09:00:00.000-0000","id":55719,"tag_ids":[46737],"village_id":null,"begin_timestamp":{"seconds":1723258800,"nanoseconds":0},"includes":"","people":[{"tag_id":46486,"sort_order":2,"person_id":55909},{"tag_id":46486,"sort_order":4,"person_id":55906},{"tag_id":46486,"sort_order":6,"person_id":55890},{"tag_id":46486,"sort_order":8,"person_id":55888},{"tag_id":46486,"sort_order":10,"person_id":55882},{"tag_id":46486,"sort_order":12,"person_id":55881}],"tags":"","conference_id":133,"location":{"parent_id":46334,"name":"LVCC - L1 - North Lobby Contests/ACK Stage","hotel":"","short_name":"North Lobby Contests/ACK Stage","id":46332},"spans_timebands":"Y","begin":"2024-08-10T03:00:00.000-0000","updated":"2024-07-24T03:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"- 20:00 - 20:45 - Icetre Normal\r\n- 20:45 - 21:30 - Ohm-I & The NPC Collective\r\n- 21:30 - 22:15 - Dual Core\r\n- 22:15 - 23:00 - YTCracker\r\n- 23:00 - 00:00 - MC Frontalot\r\n- 00:00 - 00:15 - Costume Contest\r\n- 00:15 - 01:15 - ZEE\r\n- 01:15 - 02:00 - TRIODE\n\n\n","media":[{"hash_sha256":"37c328609dbb27ade483ed096a41ef0d2739c44ebc6da349232eb17330cb547a","filetype":"image/png","hash_md5":"cb6c252c790f17fe52b4764837f12eb5","name":"dc32_ae_flyer_friday.png","is_logo":"Y","hash_crc32c":"9c684eda","filesize":981965,"asset_id":818,"sort_order":1,"url":"https://info.defcon.org/blobs/dc32_ae_flyer_friday.png"}],"title":"Music Set / Entertainment (Retro Sci-Fi Friday, SYN Stage)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#2d40ff","name":"Entertainment","updated_tsz":"2024-08-04T15:14:13Z","id":46737},"end_tsz":"2024-08-10T09:00:00Z","end_timestamp":{"seconds":1723280400,"nanoseconds":0},"android_description":"- 20:00 - 20:45 - Icetre Normal\r\n- 20:45 - 21:30 - Ohm-I & The NPC Collective\r\n- 21:30 - 22:15 - Dual Core\r\n- 22:15 - 23:00 - YTCracker\r\n- 23:00 - 00:00 - MC Frontalot\r\n- 00:00 - 00:15 - Costume Contest\r\n- 00:15 - 01:15 - ZEE\r\n- 01:15 - 02:00 - TRIODE","updated_timestamp":{"seconds":1721791215,"nanoseconds":0},"speakers":[{"content_ids":[55324,55325],"conference_id":133,"event_ids":[55716,55717],"name":"Costume Contest","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55884},{"content_ids":[55324],"conference_id":133,"event_ids":[55716],"name":"Dual Core","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55893},{"content_ids":[55324],"conference_id":133,"event_ids":[55716],"name":"Icetre Normal","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55896},{"content_ids":[55324],"conference_id":133,"event_ids":[55716],"name":"MC Frontalot","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55900},{"content_ids":[55324],"conference_id":133,"event_ids":[55716],"name":"Ohm-I & The NPC Collective","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55905},{"content_ids":[55324],"conference_id":133,"event_ids":[55716],"name":"TRIODE","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55914},{"content_ids":[55324,55265],"conference_id":133,"event_ids":[55716,55655],"name":"YTCracker","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55915},{"content_ids":[55324],"conference_id":133,"event_ids":[55716],"name":"ZEE","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55916}],"begin_tsz":"2024-08-10T03:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T03:20:15Z","links":[{"label":"Mastodon (@Defcon_Music@defcon.social)","type":"link","url":"https://defcon.social/@Defcon_Music"},{"label":"DEF CON Music Website","type":"link","url":"https://defconmusic.org"},{"label":"Instagram","type":"link","url":"https://www.instagram.com/defcon_music/"},{"label":"Twitter (@defcon_music)","type":"link","url":"https://twitter.com/defcon_music"}],"end":"2024-08-10T09:00:00.000-0000","id":55716,"tag_ids":[46737],"village_id":null,"begin_timestamp":{"seconds":1723258800,"nanoseconds":0},"includes":"","people":[{"tag_id":46486,"sort_order":2,"person_id":55916},{"tag_id":46486,"sort_order":4,"person_id":55915},{"tag_id":46486,"sort_order":6,"person_id":55914},{"tag_id":46486,"sort_order":8,"person_id":55905},{"tag_id":46486,"sort_order":10,"person_id":55900},{"tag_id":46486,"sort_order":12,"person_id":55896},{"tag_id":46486,"sort_order":14,"person_id":55893},{"tag_id":46486,"sort_order":16,"person_id":55884}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W231-W233 (Chillout 2)","hotel":"","short_name":"W231-W233 (Chillout 2)","id":46316},"spans_timebands":"Y","begin":"2024-08-10T03:00:00.000-0000","updated":"2024-07-24T03:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Hacker Jeopardy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T05:00:00Z","end_timestamp":{"seconds":1723266000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1720319460,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T03:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T02:31:00Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249351"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249350"},{"label":"Twitter (@HackerJeopardy)","type":"link","url":"https://twitter.com/HackerJeopardy"}],"end":"2024-08-10T05:00:00.000-0000","id":54918,"tag_ids":[46427,46439,46509],"village_id":null,"begin_timestamp":{"seconds":1723258800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01:02 (Tracks 1-2)","hotel":"","short_name":"HW1-11-01:02 (Tracks 1-2)","id":46320},"spans_timebands":"N","begin":"2024-08-10T03:00:00.000-0000","updated":"2024-07-07T02:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"DEF CON Movie Night","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-10T06:59:00Z","end_timestamp":{"seconds":1723273140,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1718567253,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T03:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-16T19:47:33Z","links":[],"end":"2024-08-10T06:59:00.000-0000","id":54526,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723258800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W320","hotel":"","short_name":"W320","id":46299},"spans_timebands":"N","begin":"2024-08-10T03:00:00.000-0000","updated":"2024-06-16T19:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We are the event to go to if you want to hang out, enjoy the festivities, sing along, and show ones hidden talent.\n\n\n","media":[{"hash_sha256":"9dc542b73ed2f180e9da92ab6b96c13fdbf77524457592bb5909be0995f48bd8","filetype":"image/png","hash_md5":"9397f4fba28c3ec1eb0298b7768f7f87","name":"pme_hackerkaraoke.png","is_logo":"Y","hash_crc32c":"83073e75","filesize":10913,"asset_id":679,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_hackerkaraoke.png"}],"title":"Hacker Karaoke","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-10T09:00:00Z","end_timestamp":{"seconds":1723280400,"nanoseconds":0},"android_description":"We are the event to go to if you want to hang out, enjoy the festivities, sing along, and show ones hidden talent.","updated_timestamp":{"seconds":1718812577,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T03:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T15:56:17Z","links":[{"label":"Website","type":"link","url":"https://www.hackerkaraoke.org/"},{"label":"Twitter (@hackerkaraoke)","type":"link","url":"https://twitter.com/hackerkaraoke"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249524"}],"end":"2024-08-10T09:00:00.000-0000","id":54505,"tag_ids":[46363,46886],"village_id":null,"begin_timestamp":{"seconds":1723258800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"Y","begin":"2024-08-10T03:00:00.000-0000","updated":"2024-06-19T15:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you’re a lawyer (recently unfrozen or otherwise), a judge or a law student please make a note to join Jeff McNamara for a friendly get-together, drinks, and conversation.\n\n\n","media":[],"title":"Lawyers Meet","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-10T05:00:00Z","end_timestamp":{"seconds":1723266000,"nanoseconds":0},"android_description":"If you’re a lawyer (recently unfrozen or otherwise), a judge or a law student please make a note to join Jeff McNamara for a friendly get-together, drinks, and conversation.","updated_timestamp":{"seconds":1718771901,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T02:30:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T04:38:21Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249498"}],"end":"2024-08-10T05:00:00.000-0000","id":54492,"tag_ids":[46364],"village_id":null,"begin_timestamp":{"seconds":1723257000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W228","hotel":"","short_name":"W228","id":46505},"spans_timebands":"N","begin":"2024-08-10T02:30:00.000-0000","updated":"2024-06-19T04:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"19:00 - 21:00\r\nBIC Village \"Chat & Chew\" Networking Session\r\nLight Music & Food! Network with our sponsors, partners, volunteers, members and visitors!\r\n\r\n21:00 - 02:00\r\nBIC Village Party with DJ Roma\r\nAs the sun sets, gather around for a celebration of Reggae, Soca, Dancehall, Hiphop, Pop, R&B, Regional Hits and Caribbean Dance Style! All Flags Welcome! Rep Your Flag!\r\n\n\n\n","media":[{"hash_sha256":"e759c97b8dd0cee530e6e1c5d7ad3659f96fef07b697cb2bdd0e510da241bf46","filetype":"image/png","hash_md5":"6a0db077e162380c6cd1b4a6ba31db6a","name":"pme_bic_v2.png","is_logo":"Y","hash_crc32c":"0d19ee0d","filesize":70655,"asset_id":694,"sort_order":2,"url":"https://info.defcon.org/blobs/pme_bic_v2.png"}],"title":"Blacks in Cyber Lituation 2.0","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-10T09:00:00Z","end_timestamp":{"seconds":1723280400,"nanoseconds":0},"android_description":"19:00 - 21:00\r\nBIC Village \"Chat & Chew\" Networking Session\r\nLight Music & Food! Network with our sponsors, partners, volunteers, members and visitors!\r\n\r\n21:00 - 02:00\r\nBIC Village Party with DJ Roma\r\nAs the sun sets, gather around for a celebration of Reggae, Soca, Dancehall, Hiphop, Pop, R&B, Regional Hits and Caribbean Dance Style! All Flags Welcome! Rep Your Flag!","updated_timestamp":{"seconds":1721494886,"nanoseconds":0},"speakers":[{"content_ids":[54135],"conference_id":133,"event_ids":[54528],"name":"BIC Village Staff","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55785},{"content_ids":[54135],"conference_id":133,"event_ids":[54528],"name":"DJ Roma","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55786}],"begin_tsz":"2024-08-10T02:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T17:01:26Z","links":[{"label":"Website","type":"link","url":"https://blacksincyberconf.com"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249500"},{"label":"Twitter (@blackincyberco1)","type":"link","url":"https://twitter.com/blackincyberco1"}],"end":"2024-08-10T09:00:00.000-0000","id":54528,"tag_ids":[46363,46372],"village_id":null,"begin_timestamp":{"seconds":1723255200,"nanoseconds":0},"includes":"","people":[{"tag_id":46486,"sort_order":2,"person_id":55785},{"tag_id":46486,"sort_order":4,"person_id":55786}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"Y","begin":"2024-08-10T02:00:00.000-0000","updated":"2024-07-20T17:01:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"BlanketFort Con: Come for the chill vibes and diversity, stay for the Blanket Fort Building, Cool Lights, Music, and Kid Friendly \\ Safe environment. Now with less Gluten and more animal onesies!\n\n\n","media":[{"hash_sha256":"6ea0fc25c2bec0f14879a6700d16eb88d1f7d8c03f0e82b27054ad7cd59cc955","filetype":"image/png","hash_md5":"a17b8af8b903b8faad86c03072cb1772","name":"pme_blanketfort.png","is_logo":"Y","hash_crc32c":"274b05b3","filesize":177003,"asset_id":672,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_blanketfort.png"}],"title":"BlanketFort Con","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#2581c0","name":"Party","updated_tsz":"2024-07-21T19:20:45Z","id":46363},"end_tsz":"2024-08-10T08:00:00Z","end_timestamp":{"seconds":1723276800,"nanoseconds":0},"android_description":"BlanketFort Con: Come for the chill vibes and diversity, stay for the Blanket Fort Building, Cool Lights, Music, and Kid Friendly \\ Safe environment. Now with less Gluten and more animal onesies!","updated_timestamp":{"seconds":1718774986,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T02:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T05:29:46Z","links":[{"label":"Twitter (@blanketfortcon)","type":"link","url":"https://twitter.com/blanketfortcon"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249503"}],"end":"2024-08-10T08:00:00.000-0000","id":54493,"tag_ids":[46363],"village_id":null,"begin_timestamp":{"seconds":1723255200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W305-W306","hotel":"","short_name":"W305-W306","id":46308},"spans_timebands":"Y","begin":"2024-08-10T02:00:00.000-0000","updated":"2024-06-19T05:29:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If someone had told us this silly contest would be in its 8th year there's no way we would have believed it. Even when we thought \"hey, the gag is getting old, maybe it's time to hang it up\" that turned out to be the year we'd gotten the most accolades from con goers during and after the contest. That was enough to recharge us and decide we'll do this until DC no longer exists. Proud isn't a grand enough word to describe how we feel to still be here and still making people laugh/feel better about themselves not being as stupid as us.\r\n\r\nBut to answer Why Us? WSIIA has always been about community. Whether you killed your deck or went down in a spectacular blaze of flames, this game is nothing without the people who play it and the audience who watches it. And if we're not doing it for the community, why the fuck are we even here? We'll remain here as long as you'll have us, riding on a wing, a prayer, and airplane bottles of Malort all the way to Year 10. Now on to the boilerplate pitch:\r\n\r\nWe're an unholy union of improv comedy, hacking and slide deck sado-masochism.\r\n\r\nOur team of slide monkeys will create a stupid amount of short slide decks on whatever nonsense tickles our fancies. Slides are not exclusive to technology, they can and will be about anything. Contestants will take the stage and choose a random number corresponding to a specific slide deck. They will then improvise a minimum 5 minute / maximum 10 minute lightning talk, becoming instant subject matter experts on whatever topic/stream of consciousness appears on the screen.\r\n\r\nWhether you delight in the chaos of watching your fellow hackers squirm or would like to sacrifice yourself to the Contest Gods, it’s a night of schadenfreude for the whole family.\n\n\n","media":[{"hash_sha256":"5e8dfc6e407a3aeca9319841423afb116e262a48359ee4814661bc42b197da59","filetype":"image/png","hash_md5":"e7d376c55b9fabc5c1777f11c4a785d3","name":"ct_whose-slide.png","is_logo":"Y","hash_crc32c":"945f7b1a","filesize":317661,"asset_id":662,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_whose-slide.png"}],"title":"Whose Slide Is It Anyway?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T02:30:00Z","end_timestamp":{"seconds":1723257000,"nanoseconds":0},"android_description":"If someone had told us this silly contest would be in its 8th year there's no way we would have believed it. Even when we thought \"hey, the gag is getting old, maybe it's time to hang it up\" that turned out to be the year we'd gotten the most accolades from con goers during and after the contest. That was enough to recharge us and decide we'll do this until DC no longer exists. Proud isn't a grand enough word to describe how we feel to still be here and still making people laugh/feel better about themselves not being as stupid as us.\r\n\r\nBut to answer Why Us? WSIIA has always been about community. Whether you killed your deck or went down in a spectacular blaze of flames, this game is nothing without the people who play it and the audience who watches it. And if we're not doing it for the community, why the fuck are we even here? We'll remain here as long as you'll have us, riding on a wing, a prayer, and airplane bottles of Malort all the way to Year 10. Now on to the boilerplate pitch:\r\n\r\nWe're an unholy union of improv comedy, hacking and slide deck sado-masochism.\r\n\r\nOur team of slide monkeys will create a stupid amount of short slide decks on whatever nonsense tickles our fancies. Slides are not exclusive to technology, they can and will be about anything. Contestants will take the stage and choose a random number corresponding to a specific slide deck. They will then improvise a minimum 5 minute / maximum 10 minute lightning talk, becoming instant subject matter experts on whatever topic/stream of consciousness appears on the screen.\r\n\r\nWhether you delight in the chaos of watching your fellow hackers squirm or would like to sacrifice yourself to the Contest Gods, it’s a night of schadenfreude for the whole family.","updated_timestamp":{"seconds":1720319807,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T01:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T02:36:47Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249279"},{"label":"Twitter (@WhoseSlide)","type":"link","url":"https://twitter.com/WhoseSlide"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249280"}],"end":"2024-08-10T02:30:00.000-0000","id":54919,"tag_ids":[46427,46439,46510],"village_id":null,"begin_timestamp":{"seconds":1723253400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01:02 (Tracks 1-2)","hotel":"","short_name":"HW1-11-01:02 (Tracks 1-2)","id":46320},"spans_timebands":"N","begin":"2024-08-10T01:30:00.000-0000","updated":"2024-07-07T02:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[{"hash_sha256":"42942f2f0d75cd05a694bb9d4031dbbd4d0a6949e073116c271141f3cf5d53e8","filetype":"image/png","hash_md5":"e08c3b9a3211a2fe5a24ef021c1e2210","name":"pme_policy_mixer.png","is_logo":"Y","hash_crc32c":"1e6e3fad","filesize":181661,"asset_id":700,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_policy_mixer.png"}],"title":"Policy Mixer @ DEF CON","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-10T05:30:00Z","end_timestamp":{"seconds":1723267800,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1718567333,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T01:30:00Z","timeband_id":1147,"updated_tsz":"2024-06-16T19:48:53Z","links":[],"end":"2024-08-10T05:30:00.000-0000","id":54530,"tag_ids":[46364,46388],"village_id":null,"begin_timestamp":{"seconds":1723253400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-10T01:30:00.000-0000","updated":"2024-06-16T19:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DEF CON Franklin will infuse research from the hacker community into national security and foreign policy debates. We aim to lift up groundbreaking work happening across villages and deliver this critical research to key policymakers across the globe. Aside from policy work, Franklin will empower individual members of the community to volunteer directly with under-resourced critical infrastructure that support our world.\n\n\n","media":[],"title":"DEF CON Franklin Project","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T01:20:00Z","end_timestamp":{"seconds":1723252800,"nanoseconds":0},"android_description":"DEF CON Franklin will infuse research from the hacker community into national security and foreign policy debates. We aim to lift up groundbreaking work happening across villages and deliver this critical research to key policymakers across the globe. Aside from policy work, Franklin will empower individual members of the community to volunteer directly with under-resourced critical infrastructure that support our world.","updated_timestamp":{"seconds":1722388692,"nanoseconds":0},"speakers":[{"content_ids":[55332,55685],"conference_id":133,"event_ids":[55723,56208],"name":"Jacob H Braun","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Office of the National Cyber Director (ONCD)","title":"Acting Principal Deputy National Cyber Director"}],"links":[],"pronouns":null,"media":[],"id":55928,"title":"Acting Principal Deputy National Cyber Director at Office of the National Cyber Director (ONCD)"}],"begin_tsz":"2024-08-10T01:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T01:18:12Z","links":[],"end":"2024-08-10T01:20:00.000-0000","id":56208,"tag_ids":[46166,46419,46881],"village_id":null,"begin_timestamp":{"seconds":1723251600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55928}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-10T01:00:00.000-0000","updated":"2024-07-31T01:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Chillout to etherial / downtempo tunes and hang with your community\n\n\n","media":[],"title":"HDA Chillout w/ Dj Delchi","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T07:00:00Z","end_timestamp":{"seconds":1723273200,"nanoseconds":0},"android_description":"Chillout to etherial / downtempo tunes and hang with your community","updated_timestamp":{"seconds":1722102497,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T01:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-27T17:48:17Z","links":[],"end":"2024-08-10T07:00:00.000-0000","id":54574,"tag_ids":[46404,46641],"village_id":null,"begin_timestamp":{"seconds":1723251600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46251,"name":"LVCC - L1 - W110 (HDA)","hotel":"","short_name":"W110 (HDA)","id":46280},"spans_timebands":"Y","begin":"2024-08-10T01:00:00.000-0000","updated":"2024-07-27T17:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Clemson University's Media Forensics Center spearheaded an investigation into the extensive disinformation network orchestrated by John Mark Dougan, an alleged corrupt Sheriff's Deputy now residing in Russia. This presentation will focus on Clemson's employment of OSINT techniques, emphasizing our thorough examination of digital forensic artifacts and metadata analysis.\n\nThrough advanced OSINT techniques, our team analyzed server logs, domain registrations, and internet protocol (IP) addresses, unraveling a sophisticated web of over 160 disinformation websites designed to mimic legitimate news outlets. By dissecting these digital breadcrumbs, we traced the network's infrastructure and operational tactics, uncovering the strategies Dougan employed to disseminate false narratives. During the process we discovered how narratives were laundered, and LLMs were utilized to create inflammatory content.\n\nThe session will provide a detailed look at the methods used to collect and interpret metadata and artifacts, which revealed the hidden connections between the fake sites and Dougan's operations. We will discuss how our forensic analysis uncovered patterns of digital behavior, allowing us to attribute the network's activities to Dougan and understand the broader implications for more transparent public discourse.\n\nJoin us as we share the intricacies of our forensic process, demonstrating how Clemson's expertise in media forensics and metadata analysis played a critical role in exposing a key player in Russia's disinformation efforts. This talk will equip attendees with a deeper appreciation of the vital role OSINT plays in modern intelligence operations and the ongoing battle against digital deception.\n\n\n","media":[],"title":"OSINT at Clemson: Unmasking John Mark Dougan's Disinformation Empire","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:15:00Z","end_timestamp":{"seconds":1723252500,"nanoseconds":0},"android_description":"Clemson University's Media Forensics Center spearheaded an investigation into the extensive disinformation network orchestrated by John Mark Dougan, an alleged corrupt Sheriff's Deputy now residing in Russia. This presentation will focus on Clemson's employment of OSINT techniques, emphasizing our thorough examination of digital forensic artifacts and metadata analysis.\n\nThrough advanced OSINT techniques, our team analyzed server logs, domain registrations, and internet protocol (IP) addresses, unraveling a sophisticated web of over 160 disinformation websites designed to mimic legitimate news outlets. By dissecting these digital breadcrumbs, we traced the network's infrastructure and operational tactics, uncovering the strategies Dougan employed to disseminate false narratives. During the process we discovered how narratives were laundered, and LLMs were utilized to create inflammatory content.\n\nThe session will provide a detailed look at the methods used to collect and interpret metadata and artifacts, which revealed the hidden connections between the fake sites and Dougan's operations. We will discuss how our forensic analysis uncovered patterns of digital behavior, allowing us to attribute the network's activities to Dougan and understand the broader implications for more transparent public discourse.\n\nJoin us as we share the intricacies of our forensic process, demonstrating how Clemson's expertise in media forensics and metadata analysis played a critical role in exposing a key player in Russia's disinformation efforts. This talk will equip attendees with a deeper appreciation of the vital role OSINT plays in modern intelligence operations and the ongoing battle against digital deception.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55908],"conference_id":133,"event_ids":[56495],"name":"Steven Sheffield","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56268}],"begin_tsz":"2024-08-10T00:45:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-10T01:15:00.000-0000","id":56495,"tag_ids":[46391,46511],"village_id":null,"begin_timestamp":{"seconds":1723250700,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56268}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T00:45:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Whether you believe all the talk of Quantum Computing and its threats to classical cryptography, or are more curious for how it’ll definitely stop climate change, fix AI, and give us world peace🌈 - we have identified the need to put a spotlight on the threat to quantum computers. With all the potential advantages, quantum computers will need access to some of the most highly sensitive data to carry out their quantum calculations. However, this makes them an ideal target for attackers, and we want to enumerate this threat model with YOU!\n\n\n","media":[],"title":"Threat Modelling: Quantum Computers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Whether you believe all the talk of Quantum Computing and its threats to classical cryptography, or are more curious for how it’ll definitely stop climate change, fix AI, and give us world peace🌈 - we have identified the need to put a spotlight on the threat to quantum computers. With all the potential advantages, quantum computers will need access to some of the most highly sensitive data to carry out their quantum calculations. However, this makes them an ideal target for attackers, and we want to enumerate this threat model with YOU!","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T00:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56435,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723249800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T00:30:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In recent years, the use of dash cams has surged, making them an essential component of modern vehicles. To enhance user convenience, many dash cams are now equipped with network connectivity. This growth in the dash cam market has heightened the importance of vehicle and personal data security. However, network-connected dash cams pose potential security risks to their availability and key functionalities. In this presentation, we will comprehensively analyze dash cams from various countries, including South Korea, the USA, Germany, and China, as well as built-in dash cams. During our analysis, we discovered numerous zero-day vulnerabilities (such as OS Command Injection, Logical Bugs, and insufficient authentication) that pose significant security threats. Vulnerabilities were primarily found during the dash cam boot process, configuration changes, and communications via custom protocols.\r\n\r\nWe will detail the dash cam analysis process in the following sequence:\r\n- [Analysis Process]\r\n - Acquiring firmware through official websites or apps\r\n - Extracting the file system to analyze the initial boot logic\r\n - Analyzing the boot logic to identify vulnerabilities or debugging ports to gain shell access\r\n - Utilizing the obtained shell for remote debugging of the main system\r\n\r\nInterestingly, our analysis of 10 different dash cams revealed that 4 devices used the same OEM board from a common manufacturer. These 4 devices shared similar vulnerabilities, and exploiting a vulnerability found in one device allowed us to successfully exploit all of them. Our research uncovered common security vulnerabilities across multiple dash cams, and we will discuss measures to prevent these vulnerabilities. We will particularly focus on analyzing the custom protocols used by dash cams and the security risks associated with them. This presentation aims to raise awareness of potential security threats in dash cams and encourage manufacturers to produce more secure products. We hope to drive industry standards and best practices to ensure the safety and security of these increasingly critical devices. By sharing our findings, we aim to highlight the importance of dash cam security and provide insights that can lead to more secure designs and implementations.\n\n\n","media":[],"title":"Inside Dash Cam: Custom Protocols and Discovered 0-days","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"In recent years, the use of dash cams has surged, making them an essential component of modern vehicles. To enhance user convenience, many dash cams are now equipped with network connectivity. This growth in the dash cam market has heightened the importance of vehicle and personal data security. However, network-connected dash cams pose potential security risks to their availability and key functionalities. In this presentation, we will comprehensively analyze dash cams from various countries, including South Korea, the USA, Germany, and China, as well as built-in dash cams. During our analysis, we discovered numerous zero-day vulnerabilities (such as OS Command Injection, Logical Bugs, and insufficient authentication) that pose significant security threats. Vulnerabilities were primarily found during the dash cam boot process, configuration changes, and communications via custom protocols.\r\n\r\nWe will detail the dash cam analysis process in the following sequence:\r\n- [Analysis Process]\r\n - Acquiring firmware through official websites or apps\r\n - Extracting the file system to analyze the initial boot logic\r\n - Analyzing the boot logic to identify vulnerabilities or debugging ports to gain shell access\r\n - Utilizing the obtained shell for remote debugging of the main system\r\n\r\nInterestingly, our analysis of 10 different dash cams revealed that 4 devices used the same OEM board from a common manufacturer. These 4 devices shared similar vulnerabilities, and exploiting a vulnerability found in one device allowed us to successfully exploit all of them. Our research uncovered common security vulnerabilities across multiple dash cams, and we will discuss measures to prevent these vulnerabilities. We will particularly focus on analyzing the custom protocols used by dash cams and the security risks associated with them. This presentation aims to raise awareness of potential security threats in dash cams and encourage manufacturers to produce more secure products. We hope to drive industry standards and best practices to ensure the safety and security of these increasingly critical devices. By sharing our findings, we aim to highlight the importance of dash cam security and provide insights that can lead to more secure designs and implementations.","updated_timestamp":{"seconds":1720395499,"nanoseconds":0},"speakers":[{"content_ids":[54591],"conference_id":133,"event_ids":[54966],"name":"Hyo Jin Lee","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ZIEN","title":"Senior Researcher, R&D Team"}],"links":[],"pronouns":null,"media":[],"id":54253,"title":"Senior Researcher, R&D Team at ZIEN"},{"content_ids":[54591],"conference_id":133,"event_ids":[54966],"name":"Hanryeol Park","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ZIEN Lab","title":"Senior Researcher"}],"links":[],"pronouns":null,"media":[],"id":54667,"title":"Senior Researcher at ZIEN Lab"}],"begin_tsz":"2024-08-10T00:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T23:38:19Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":54966,"tag_ids":[46383,46419,46437,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723249800,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":2,"person_id":54253},{"tag_id":46167,"sort_order":4,"person_id":54667}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T00:30:00.000-0000","updated":"2024-07-07T23:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In 2021 we could get access to all personal bank accounts at the largest bank in Norway by using a single page paper form sent by snailmail. In addition to stealing all their money, we could also see all account transactions for the last 10 years, with details. In 2024 we have done the same thing to another bank. Why didn't the banks learn the first time? In this talk we'll explain what we did, lessons learned and why paper ID still is relevant and important to us all.\n\n\n","media":[],"title":"Fool us Once, fool us twice... Hacking Norwegian Banks","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"In 2021 we could get access to all personal bank accounts at the largest bank in Norway by using a single page paper form sent by snailmail. In addition to stealing all their money, we could also see all account transactions for the last 10 years, with details. In 2024 we have done the same thing to another bank. Why didn't the banks learn the first time? In this talk we'll explain what we did, lessons learned and why paper ID still is relevant and important to us all.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54590],"conference_id":133,"event_ids":[54965],"name":"Cecilie Wian","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54294},{"content_ids":[54590],"conference_id":133,"event_ids":[54965],"name":"Per Thorsheim","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"PasswordsCon","title":"Founder & Organizer"}],"links":[],"pronouns":null,"media":[],"id":54312,"title":"Founder & Organizer at PasswordsCon"}],"begin_tsz":"2024-08-10T00:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":54965,"tag_ids":[46377,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723249800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54294},{"tag_id":46167,"sort_order":1,"person_id":54312}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-10T00:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"What's it like to spend a career as a cyberdefender for the DoD and the nation, but homed inside of an intelligence agency? In this talk, I'll offer a historical and personal perspective based on 35 years at the National Security Agency as a vulnerability analyst for the defense, from junior analyst to executive manager. The common element across my career was the search for vulnerabilities in the name of defense - finding them, making sense of them, leading organizations to find them, and then translating that knowledge into action to prevent or manage them. I'll share lessons learned as cyberdefense evolved from a focus on mathematics and cryptography to systems and software; and from government security to a global internet. And we'll focus on the mission, technical, and cultural interplay of cyberdefense and offense/intelligence as it played out at NSA. War stories, culture clashes, bureaucratic mazes? Of course! But in the end, better security for all.\r\n\r\nCommunications Security, Computer Security, Information Security, Information Assurance, Defensive Information Operations, and several more - I'm very lucky to have ridden the World-Wide Wave we now call cybersecurity.\r\n\r\nAnd I am very proud to have spent 35 years in Federal Service at the National Security Agency as part of the Information Assurance mission. The common element across my career was the search for vulnerabilities in the name of defense - finding vulnerabilities, making sense of them, leading organizations to find them, and then translating that knowledge into action to prevent or manage them.\r\n\r\nThat final challenge consumed the last third of my government career. How can we translate what we learn through product testing, Red Teams, Blue Teams, systems analysis, etc. into operational guidance, best practices, requirements, training, and security improvements? How can we bridge the gap between telling people what they are doing wrong, and helping them do what's right? This led to projects like the release of NSA Security Guides to the public (www.nsa.gov), involvement in open standards for security automation and information sharing, and an activity now known as the Critical Security Controls.\r\n\r\nSince retirement in 2012, I have been able to continue to serve the cause of cyber defense through our work at the non-profit Center for Internet Security, and the Council on CyberSecurity before that. And I am very active in more volunteer cybersecurity causes than I can recall.\n\n\n","media":[],"title":"Stranger in a Changed Land","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T00:50:00Z","end_timestamp":{"seconds":1723251000,"nanoseconds":0},"android_description":"What's it like to spend a career as a cyberdefender for the DoD and the nation, but homed inside of an intelligence agency? In this talk, I'll offer a historical and personal perspective based on 35 years at the National Security Agency as a vulnerability analyst for the defense, from junior analyst to executive manager. The common element across my career was the search for vulnerabilities in the name of defense - finding them, making sense of them, leading organizations to find them, and then translating that knowledge into action to prevent or manage them. I'll share lessons learned as cyberdefense evolved from a focus on mathematics and cryptography to systems and software; and from government security to a global internet. And we'll focus on the mission, technical, and cultural interplay of cyberdefense and offense/intelligence as it played out at NSA. War stories, culture clashes, bureaucratic mazes? Of course! But in the end, better security for all.\r\n\r\nCommunications Security, Computer Security, Information Security, Information Assurance, Defensive Information Operations, and several more - I'm very lucky to have ridden the World-Wide Wave we now call cybersecurity.\r\n\r\nAnd I am very proud to have spent 35 years in Federal Service at the National Security Agency as part of the Information Assurance mission. The common element across my career was the search for vulnerabilities in the name of defense - finding vulnerabilities, making sense of them, leading organizations to find them, and then translating that knowledge into action to prevent or manage them.\r\n\r\nThat final challenge consumed the last third of my government career. How can we translate what we learn through product testing, Red Teams, Blue Teams, systems analysis, etc. into operational guidance, best practices, requirements, training, and security improvements? How can we bridge the gap between telling people what they are doing wrong, and helping them do what's right? This led to projects like the release of NSA Security Guides to the public (www.nsa.gov), involvement in open standards for security automation and information sharing, and an activity now known as the Critical Security Controls.\r\n\r\nSince retirement in 2012, I have been able to continue to serve the cause of cyber defense through our work at the non-profit Center for Internet Security, and the Council on CyberSecurity before that. And I am very active in more volunteer cybersecurity causes than I can recall.","updated_timestamp":{"seconds":1720310096,"nanoseconds":0},"speakers":[{"content_ids":[54474],"conference_id":133,"event_ids":[54847],"name":"Tony Sager","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Center for Internet Security (CIS)","title":"Senior VP & Chief Evangelist"}],"links":[],"pronouns":null,"media":[],"id":54110,"title":"Senior VP & Chief Evangelist at Center for Internet Security (CIS)"}],"begin_tsz":"2024-08-10T00:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:54:56Z","links":[],"end":"2024-08-10T00:50:00.000-0000","id":54847,"tag_ids":[46166,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723249800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54110}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-10T00:30:00.000-0000","updated":"2024-07-06T23:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Over the past decade, infotainment systems have experienced a growth in functionality, broader adoption, and central incorporation into vehicle architecture. Due to the ever-growing role of wireless protocols such as Bluetooth and a known lack of patches alongside the difficulty of patch installation, this poses a new attack surface and a genuine threat to the users. Meanwhile, the tools and methodologies required for testing are scattered across the Internet, absent and need a rigorous setup.\r\n\r\nIn this talk, we share a comprehensive framework BlueToolkit to test and replay Bluetooth Classic vulnerabilities. Additionally, we release new exploits and a privilege escalation attack vector.\r\n\r\nWe show how we used the toolkit to find 64 new vulnerabilities in 22 modern cars and the Garmin Flight Stream flight management system used in several aircraft types. Our work equips hackers with insights and necessary information on novel vulnerabilities that could be used to steal information from target cars, establish MitM position or escalate privileges to hijack victims’ accounts and MFA codes stealthily.\r\n\r\nOverall, we show vulnerabilities in cars, aircraft and smartphones. We believe our research will be beneficial in finding new vulnerabilities and making Bluetooth research more accessible and reproducible.\r\n\r\nReferences:\r\n\r\n- BlueToolkit - Bluetooth Classic vulnerability testing framework link (all exploits will be uploaded after 9th of August)\r\n- MapAccountHijack - Tool that allows hijacking services by exploiting widely used Bluetooth Classic functionality link - [link](https://github.com/sgxgsx/mapAccountHijack) (accessible after 9th of August)\r\n- D. Antonioli and M. Payer. On the insecurity of vehicles against protocol-level bluetooth threats. In 2022 IEEE Security and Privacy Workshops (SPW), pages 353–362, Los Alamitos, CA, USA, May 2022. IEEE Computer Society.\r\n- Cross-Sectional Analysis of the Bluetooth Stack of Modern Cars - (The link will be updated)\r\n- Wenjian Xu. Stealthily Access Your Android Phones: Bypass The Bluetooth Authentication. link, 2020.\r\n- Tyler Tucker, Hunter Searle, Kevin Butler, and Patrick Traynor. Blue’s clues: Practical discovery of non-discoverable bluetooth devices. In 2023 IEEE Symposium on Security and Privacy (SP), pages 3098–3112, 2023.\r\n- Maximilian von Tschirschnitz, Ludwig Peuckert, Fabian Franzen, and Jens Grossklags. Method confusion attack on bluetooth pairing. In 2021 IEEE Symposium on Security and Privacy (SP), pages 1332–1347, 2021.\r\n- Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen. The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation of Bluetooth BR/EDR. In USENIX Security Symposium (SEC), August 2019\r\n\n\n\n","media":[],"title":"Exploiting Bluetooth - from your car to the bank account$$","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T01:15:00Z","end_timestamp":{"seconds":1723252500,"nanoseconds":0},"android_description":"Over the past decade, infotainment systems have experienced a growth in functionality, broader adoption, and central incorporation into vehicle architecture. Due to the ever-growing role of wireless protocols such as Bluetooth and a known lack of patches alongside the difficulty of patch installation, this poses a new attack surface and a genuine threat to the users. Meanwhile, the tools and methodologies required for testing are scattered across the Internet, absent and need a rigorous setup.\r\n\r\nIn this talk, we share a comprehensive framework BlueToolkit to test and replay Bluetooth Classic vulnerabilities. Additionally, we release new exploits and a privilege escalation attack vector.\r\n\r\nWe show how we used the toolkit to find 64 new vulnerabilities in 22 modern cars and the Garmin Flight Stream flight management system used in several aircraft types. Our work equips hackers with insights and necessary information on novel vulnerabilities that could be used to steal information from target cars, establish MitM position or escalate privileges to hijack victims’ accounts and MFA codes stealthily.\r\n\r\nOverall, we show vulnerabilities in cars, aircraft and smartphones. We believe our research will be beneficial in finding new vulnerabilities and making Bluetooth research more accessible and reproducible.\r\n\r\nReferences:\r\n\r\n- BlueToolkit - Bluetooth Classic vulnerability testing framework link (all exploits will be uploaded after 9th of August)\r\n- MapAccountHijack - Tool that allows hijacking services by exploiting widely used Bluetooth Classic functionality link - [link](https://github.com/sgxgsx/mapAccountHijack) (accessible after 9th of August)\r\n- D. Antonioli and M. Payer. On the insecurity of vehicles against protocol-level bluetooth threats. In 2022 IEEE Security and Privacy Workshops (SPW), pages 353–362, Los Alamitos, CA, USA, May 2022. IEEE Computer Society.\r\n- Cross-Sectional Analysis of the Bluetooth Stack of Modern Cars - (The link will be updated)\r\n- Wenjian Xu. Stealthily Access Your Android Phones: Bypass The Bluetooth Authentication. link, 2020.\r\n- Tyler Tucker, Hunter Searle, Kevin Butler, and Patrick Traynor. Blue’s clues: Practical discovery of non-discoverable bluetooth devices. In 2023 IEEE Symposium on Security and Privacy (SP), pages 3098–3112, 2023.\r\n- Maximilian von Tschirschnitz, Ludwig Peuckert, Fabian Franzen, and Jens Grossklags. Method confusion attack on bluetooth pairing. In 2021 IEEE Symposium on Security and Privacy (SP), pages 1332–1347, 2021.\r\n- Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen. The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation of Bluetooth BR/EDR. In USENIX Security Symposium (SEC), August 2019","updated_timestamp":{"seconds":1723043971,"nanoseconds":0},"speakers":[{"content_ids":[54473,54638],"conference_id":133,"event_ids":[54846,55012],"name":"Vladyslav Zubkov","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Bug Bounty Hunter"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@0a_yso)","sort_order":0,"url":"https://twitter.com/0a_yso"}],"media":[],"id":54167,"title":"Bug Bounty Hunter"},{"content_ids":[54581,54473,54638],"conference_id":133,"event_ids":[54846,54956,55012],"name":"Martin Strohmeier","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cyber Defence Campus","title":"Senior Scientist"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@masorx)","sort_order":0,"url":"https://twitter.com/masorx"}],"media":[],"id":54277,"title":"Senior Scientist at Cyber Defence Campus"}],"begin_tsz":"2024-08-10T00:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T15:19:31Z","links":[],"end":"2024-08-10T01:15:00.000-0000","id":54846,"tag_ids":[46166,46419,46437,46438,46880],"village_id":null,"begin_timestamp":{"seconds":1723249800,"nanoseconds":0},"includes":"Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54167},{"tag_id":46167,"sort_order":4,"person_id":54277}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-10T00:30:00.000-0000","updated":"2024-08-07T15:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Electronic Frontier Foundation (EFF) is excited to be back at DEF CON. Our expert panelists will offer brief updates on EFF's work defending your digital rights, before opening the floor for attendees to ask their questions. This dynamic conversation centers challenges DEF CON attendees actually face, and is an opportunity to connect on common causes.\n\n\n","media":[{"hash_sha256":"7b7bd026f71c59052acf693ce976f5e20b58b9edeb4e40890d05877ead510ab4","filetype":"image/png","hash_md5":"44aad98ef90370dbcd750fb166152c04","name":"pme_ask_eff.png","is_logo":"Y","hash_crc32c":"d53db871","filesize":55431,"asset_id":697,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_ask_eff.png"}],"title":"Ask the EFF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-10T04:30:00Z","end_timestamp":{"seconds":1723264200,"nanoseconds":0},"android_description":"Electronic Frontier Foundation (EFF) is excited to be back at DEF CON. Our expert panelists will offer brief updates on EFF's work defending your digital rights, before opening the floor for attendees to ask their questions. This dynamic conversation centers challenges DEF CON attendees actually face, and is an opportunity to connect on common causes.","updated_timestamp":{"seconds":1718775964,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T00:30:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T05:46:04Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249535"}],"end":"2024-08-10T04:30:00.000-0000","id":54498,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723249800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W307-W308","hotel":"","short_name":"W307-W308","id":46311},"spans_timebands":"N","begin":"2024-08-10T00:30:00.000-0000","updated":"2024-06-19T05:46:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Fireside Chat with Past Challenge Participants\n\n\n","media":[],"title":"How Competitions Can Fuel Innovation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Fireside Chat with Past Challenge Participants","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[56131,56133,56129],"conference_id":133,"event_ids":[56772,56774,56776],"name":"Matt Knight","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"OpenAI","title":"Head of Security"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/matthewfknight/"},{"description":"","title":"Twitter (@embeddedsec)","sort_order":0,"url":"https://x.com/embeddedsec"}],"media":[],"id":56517,"title":"Head of Security at OpenAI"},{"content_ids":[56131],"conference_id":133,"event_ids":[56774],"name":"Mike Walker","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft Research","title":"Senior Director"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/stryde"},{"description":"","title":"Microsoft Research Profile","sort_order":0,"url":"https://www.microsoft.com/en-us/research/people/walkerm/?msockid=349c7eef314d698e05206a7b30d4686c"}],"media":[],"id":56520,"title":"Senior Director at Microsoft Research"},{"content_ids":[56131],"conference_id":133,"event_ids":[56774],"name":"Ruoyu \"Fish\" Wang","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"School of Computing and Augmented Intelligence","title":"Assistant Professor"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@LtFish_)","sort_order":0,"url":"https://twitter.com/LtFish_"}],"media":[],"id":56523,"title":"Assistant Professor at School of Computing and Augmented Intelligence"}],"begin_tsz":"2024-08-10T00:20:00Z","timeband_id":1147,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56774,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723249200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56520},{"tag_id":46167,"sort_order":4,"person_id":56517},{"tag_id":46167,"sort_order":6,"person_id":56523}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-10T00:20:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join the Founders of the Social Engineering Community as they break down this year’s Vishing Competition (#SECVC). They’ll talk about how the competition is organized, and some of the big takeaways, trends, and surprises (both good and bad) from the OSINT and Vishing Plan reports. They’ll also recount some of the highlights from this year’s live calls.\n\n\n","media":[],"title":"Presentation: The 2024 #SECVC Debrief","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Join the Founders of the Social Engineering Community as they break down this year’s Vishing Competition (#SECVC). They’ll talk about how the competition is organized, and some of the big takeaways, trends, and surprises (both good and bad) from the OSINT and Vishing Plan reports. They’ll also recount some of the highlights from this year’s live calls.","updated_timestamp":{"seconds":1722102936,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T00:15:00Z","timeband_id":1147,"updated_tsz":"2024-07-27T17:55:36Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55834,"tag_ids":[46393,46511],"village_id":null,"begin_timestamp":{"seconds":1723248900,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-10T00:15:00.000-0000","updated":"2024-07-27T17:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Most hackers have a complicated, love-hate relationship with DNS: teleporting a fundamental building block of the internet from the 80’s without major overhauls is a recipe for some interesting exploits and frustrations.\n\nDNS enumeration is a critical process in penetration testing and essential to security practitioners: the faster we can conduct DNS enumeration, the more potential vulnerabilities we can find.\n\nWe developed an ultra-fast open-source DNS scanner, SanicDNS, using multiple parallelisation techniques. The result is a scanner that is two orders of magnitude faster than other popular tools. I will take attendees under the hood of the code, sharing what techniques yield the best results, the challenges encountered and their workarounds, and my tips for those considering the same endeavour.\n\nThe practical applications of SanicDNS far exceed those of everything that preceded it. With this novel scanner, it is possible to identify DNS misconfigurations and conduct Nameserver takeover scans across the entire internet in realtime. This opens up a world of new possibilities for conducting reconnaissance.\n\nSanicDNS will be released for open-source at Defcon with easy-to-use installation instructions for the community.\n\n\n","media":[],"title":"Pushing the limits of mass DNS scanning","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:45:00Z","end_timestamp":{"seconds":1723250700,"nanoseconds":0},"android_description":"Most hackers have a complicated, love-hate relationship with DNS: teleporting a fundamental building block of the internet from the 80’s without major overhauls is a recipe for some interesting exploits and frustrations.\n\nDNS enumeration is a critical process in penetration testing and essential to security practitioners: the faster we can conduct DNS enumeration, the more potential vulnerabilities we can find.\n\nWe developed an ultra-fast open-source DNS scanner, SanicDNS, using multiple parallelisation techniques. The result is a scanner that is two orders of magnitude faster than other popular tools. I will take attendees under the hood of the code, sharing what techniques yield the best results, the challenges encountered and their workarounds, and my tips for those considering the same endeavour.\n\nThe practical applications of SanicDNS far exceed those of everything that preceded it. With this novel scanner, it is possible to identify DNS misconfigurations and conduct Nameserver takeover scans across the entire internet in realtime. This opens up a world of new possibilities for conducting reconnaissance.\n\nSanicDNS will be released for open-source at Defcon with easy-to-use installation instructions for the community.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55710,55907],"conference_id":133,"event_ids":[56250,56494],"name":"Jasper Insinger","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56123}],"begin_tsz":"2024-08-10T00:05:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-10T00:45:00.000-0000","id":56494,"tag_ids":[46391,46511],"village_id":null,"begin_timestamp":{"seconds":1723248300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56123}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-10T00:05:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"It’s 2007 when the Dutch Ministry of Internal Affairs orders a ban on voting\nmachines. Voting machines that have been in use for over a decade by then. The\nreason? The Dutch Secret Service has declared the TEMPEST radiation emitted by\nthe voting machines makes it possible for someone outside the polling station to\nsee what someone is voting.\nBut that is just the tip of the voting machine-ice berg. What came before is two\nyears of a foundation started by a group off Dutch hackers that fought to prove\nthat voting machines in their current form are unreliable, cannot be checked and\ncan be manipulated to show any result you want, regardless of the votes that are\ngiven as input.\nWhat followed is a lengthy report of a government ordered commission that\ndescribes 8 principles of trustworthy elections. These principles are very difficult to\nadhere to using voting machines, even modern voting machines. The reason for\nthis are some fundamental issues that come with computers: a lack of\ntransparency for those without a technical background as well as the issue of\nvoting secrecy (nobody being able to tell what a specific person voted for).\nIn this presentation; I outline the history of the Dutch voting machines and their\ndemise, what a group of hackers had to do with this, as well as the fundamental\nissues that we still struggle with to this day. Listeners can take this information as\nlessons for their own election processes.\nMind you, we are not saying not to use voting machines. We are not against the\nidea of voting machines. However, the issues we as the Netherlands are struggling\nwith have still not been resolved to this very day.\n\n\n","media":[],"title":"Hacking the Vote: How Hackers Caused the Downfall of the Dutch Voting Machines","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:45:00Z","end_timestamp":{"seconds":1723250700,"nanoseconds":0},"android_description":"It’s 2007 when the Dutch Ministry of Internal Affairs orders a ban on voting\nmachines. Voting machines that have been in use for over a decade by then. The\nreason? The Dutch Secret Service has declared the TEMPEST radiation emitted by\nthe voting machines makes it possible for someone outside the polling station to\nsee what someone is voting.\nBut that is just the tip of the voting machine-ice berg. What came before is two\nyears of a foundation started by a group off Dutch hackers that fought to prove\nthat voting machines in their current form are unreliable, cannot be checked and\ncan be manipulated to show any result you want, regardless of the votes that are\ngiven as input.\nWhat followed is a lengthy report of a government ordered commission that\ndescribes 8 principles of trustworthy elections. These principles are very difficult to\nadhere to using voting machines, even modern voting machines. The reason for\nthis are some fundamental issues that come with computers: a lack of\ntransparency for those without a technical background as well as the issue of\nvoting secrecy (nobody being able to tell what a specific person voted for).\nIn this presentation; I outline the history of the Dutch voting machines and their\ndemise, what a group of hackers had to do with this, as well as the fundamental\nissues that we still struggle with to this day. Listeners can take this information as\nlessons for their own election processes.\nMind you, we are not saying not to use voting machines. We are not against the\nidea of voting machines. However, the issues we as the Netherlands are struggling\nwith have still not been resolved to this very day.","updated_timestamp":{"seconds":1723183539,"nanoseconds":0},"speakers":[{"content_ids":[56191],"conference_id":133,"event_ids":[56845],"name":"Fleur van Leusden","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/fleur-%F0%9F%8E%99%F0%9F%A6%8A-van-leusden-356bb054"}],"media":[],"id":56568}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:05:39Z","links":[],"end":"2024-08-10T00:45:00.000-0000","id":56845,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56568}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Red Teaming is broken; this panel will fix it.","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722715708,"nanoseconds":0},"speakers":[{"content_ids":[55988],"conference_id":133,"event_ids":[56610],"name":"Suneel Sundar","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Director of Research & Development, Center for Threat-Informed Defense","title":""}],"links":[],"pronouns":null,"media":[],"id":56322,"title":"Director of Research & Development, Center for Threat-Informed Defense"},{"content_ids":[55988],"conference_id":133,"event_ids":[56610],"name":"Niru Ragupathy","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Security Engineer - Manager at Google","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/niru-ragupathy-99078233/"},{"description":"","title":"Twitter (@ninjacorgi)","sort_order":0,"url":"https://twitter.com/ninjacorgi"}],"media":[],"id":56323,"title":"Security Engineer - Manager at Google"},{"content_ids":[55988],"conference_id":133,"event_ids":[56610],"name":"Joe Vest","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Author of Red Team Development and Operations","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/joe-vest"},{"description":"","title":"Twitter (@joevest)","sort_order":0,"url":"https://twitter.com/joevest"}],"media":[],"id":56324,"title":"Author of Red Team Development and Operations"},{"content_ids":[55988],"conference_id":133,"event_ids":[56610],"name":"Drinor Selmanaj","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Founder of Sentry Cybersecurity and Defense","title":""}],"links":[],"pronouns":null,"media":[],"id":56325,"title":"Founder of Sentry Cybersecurity and Defense"}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T20:08:28Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56610,"tag_ids":[46367,46511],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56322},{"tag_id":46167,"sort_order":4,"person_id":56323},{"tag_id":46167,"sort_order":6,"person_id":56324},{"tag_id":46167,"sort_order":8,"person_id":56325}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-08-03T20:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"En este panel vamos a revisar desde la perspectiva de diferentes profesionales los desafios de hacer ciberseguridad en LATAM, los conocimientos o falta de ellos que se pueden evidenciar en diferentes sectores y las necesidades de habilidades existentes actuales en la region para mantener un ecosistema protegido de las amenazas que deben ser enfrentadas a diario\n\n\n","media":[],"title":"Cybersecurity Overview over LATAM- Skills, Challenges, Knowledge, Perspectives","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"En este panel vamos a revisar desde la perspectiva de diferentes profesionales los desafios de hacer ciberseguridad en LATAM, los conocimientos o falta de ellos que se pueden evidenciar en diferentes sectores y las necesidades de habilidades existentes actuales en la region para mantener un ecosistema protegido de las amenazas que deben ser enfrentadas a diario","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55966],"conference_id":133,"event_ids":[56582],"name":"Leonardo Pigñer","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"CEO y Co-Founder Ekoparty"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/lpigner"},{"description":"","title":"Twitter (@kfs)","sort_order":0,"url":"https://twitter.com/kfs"}],"media":[],"id":56300,"title":"CEO y Co-Founder Ekoparty"},{"content_ids":[55966],"conference_id":133,"event_ids":[56582],"name":"Katherina Canales","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Directora Ejecutiva de la Corporación de Ciberseguridad Minera"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@kathecanales)","sort_order":0,"url":"https://twitter.com/kathecanales"},{"description":"","title":"cl.linkedin.com/in/katherina-canales","sort_order":0,"url":"https://cl.linkedin.com/in/katherina-canales"}],"media":[],"id":56301,"title":"Directora Ejecutiva de la Corporación de Ciberseguridad Minera"},{"content_ids":[55966],"conference_id":133,"event_ids":[56582],"name":"Victor Santos","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"CEO da Clavis Segurança da Informação"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@victor_batista)","sort_order":0,"url":"https://twitter.com/victor_batista"},{"description":"","title":"br.linkedin.com/in/victor-ssantos","sort_order":0,"url":"https://br.linkedin.com/in/victor-ssantos"}],"media":[],"id":56302,"title":"CEO da Clavis Segurança da Informação"}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56582,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56300},{"tag_id":46167,"sort_order":4,"person_id":56301},{"tag_id":46167,"sort_order":6,"person_id":56302}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Homeland security agencies have been rapidly developing AI-powered solutions to enhance their operational effectiveness. As AI-powered systems become more ubiquitous, a greater emphasis must be placed on Cybersecurity. A career police officer, Yeow Boon understands first-hand the myriad ways AI can augment Homeland Security operations. In his current roles as the Deputy Chief Executive (Development) and Chief Information Officer of Singapore’s Home Team Science and Technology Agency (HTX), Yeow Boon oversees the agency's transformation, and by extension, the AI transformation of Singapore’s Home Team. Concurrently, he has to ensure that any risks involved in the increased attack surface associated with the development of AI-powered technologies are mitigated. In his speech, Yeow Boon will highlight the critical role of Cybersecurity in AI-driven homeland security. From the development stage to organisational best practices, he emphasises the importance of keeping Cybersecurity at the forefront of any agency’s AI transformation. During this session, look forward to gaining insights into the latest Cybersecurity threats in AI-driven Homeland Security and how to combat them.\n\n\n","media":[],"title":"Singapore - Safeguarding the Nation: The Vital Role of Cybersecurity in AI-Driven Homeland Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:45:00Z","end_timestamp":{"seconds":1723250700,"nanoseconds":0},"android_description":"Homeland security agencies have been rapidly developing AI-powered solutions to enhance their operational effectiveness. As AI-powered systems become more ubiquitous, a greater emphasis must be placed on Cybersecurity. A career police officer, Yeow Boon understands first-hand the myriad ways AI can augment Homeland Security operations. In his current roles as the Deputy Chief Executive (Development) and Chief Information Officer of Singapore’s Home Team Science and Technology Agency (HTX), Yeow Boon oversees the agency's transformation, and by extension, the AI transformation of Singapore’s Home Team. Concurrently, he has to ensure that any risks involved in the increased attack surface associated with the development of AI-powered technologies are mitigated. In his speech, Yeow Boon will highlight the critical role of Cybersecurity in AI-driven homeland security. From the development stage to organisational best practices, he emphasises the importance of keeping Cybersecurity at the forefront of any agency’s AI transformation. During this session, look forward to gaining insights into the latest Cybersecurity threats in AI-driven Homeland Security and how to combat them.","updated_timestamp":{"seconds":1722642952,"nanoseconds":0},"speakers":[{"content_ids":[54453,56178,55917],"conference_id":133,"event_ids":[56832,54826,56508],"name":"Bill Woodcock","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Packet Clearing House","title":"Executive Director"}],"links":[],"pronouns":null,"media":[],"id":54077,"title":"Executive Director at Packet Clearing House"},{"content_ids":[55917],"conference_id":133,"event_ids":[56508],"name":"NG Yeow Boon","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Singapore’s Home Team Science and Technology Agency","title":""}],"links":[],"pronouns":null,"media":[],"id":56285,"title":"Singapore’s Home Team Science and Technology Agency"}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T23:55:52Z","links":[],"end":"2024-08-10T00:45:00.000-0000","id":56508,"tag_ids":[46388,46419,46511],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56285},{"tag_id":46167,"sort_order":4,"person_id":54077}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-08-02T23:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"DevSecOps of Quantum Computers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:30:00Z","end_timestamp":{"seconds":1723249800,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-10T00:30:00.000-0000","id":56434,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There are loads of ways to get through a door without actually attacking the lock itself, including using the egress hardware, access control hardware, and countless other techniques to gain entry. Learn how to do these attacks in this talk!\n\n\n","media":[],"title":"Bypass 101","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"There are loads of ways to get through a door without actually attacking the lock itself, including using the egress hardware, access control hardware, and countless other techniques to gain entry. Learn how to do these attacks in this talk!","updated_timestamp":{"seconds":1723044255,"nanoseconds":0},"speakers":[{"content_ids":[54561,54621,55796],"conference_id":133,"event_ids":[56873,56345,54936,54995],"name":"Karen Ng","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GGR Security","title":"Risk Analyst"}],"links":[],"pronouns":null,"media":[],"id":54281,"title":"Risk Analyst at GGR Security"}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T15:24:15Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56345,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54281}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-08-07T15:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"CTI (Cyber Threat Intelligence) is hard, dumb, silly, a co$t center, a chaotic mess, nonsensical magic…dead. Let this panel change your mind that it is more than a threat feed or a too-long-to-read report. Where is the value?!?!?!\n\n\nJoin us while we navigate the squishy love-hate relationship with CTI. Can we deliver on showing there is value to CTI? You be the judge...","media":[],"title":"CTI is Dead, Long Live CTI: Reassessing Blue Team's Squishiest Value Proposition (BTV Panel)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"CTI (Cyber Threat Intelligence) is hard, dumb, silly, a co$t center, a chaotic mess, nonsensical magic…dead. Let this panel change your mind that it is more than a threat feed or a too-long-to-read report. Where is the value?!?!?!\n\n\nJoin us while we navigate the squishy love-hate relationship with CTI. Can we deliver on showing there is value to CTI? You be the judge...","updated_timestamp":{"seconds":1723185796,"nanoseconds":0},"speakers":[{"content_ids":[55757],"conference_id":133,"event_ids":[56282],"name":"Aurora Johnson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SpyCloud Labs","title":""}],"links":[],"pronouns":null,"media":[],"id":56135,"title":"SpyCloud Labs"},{"content_ids":[55757],"conference_id":133,"event_ids":[56282],"name":"Jamie Williams","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Palo Alto Networks Unit 42","title":""}],"links":[],"pronouns":null,"media":[],"id":56143,"title":"Palo Alto Networks Unit 42"},{"content_ids":[55757],"conference_id":133,"event_ids":[56282],"name":"Ch33r10","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56153},{"content_ids":[55757],"conference_id":133,"event_ids":[56282],"name":"Rebecca Ford","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56162},{"content_ids":[55757],"conference_id":133,"event_ids":[56282],"name":"Ben Goerz","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56168}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:43:16Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56282,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56135},{"tag_id":46167,"sort_order":1,"person_id":56168},{"tag_id":46167,"sort_order":1,"person_id":56153},{"tag_id":46167,"sort_order":1,"person_id":56143},{"tag_id":46167,"sort_order":1,"person_id":56162}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-08-09T06:43:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"From theory to practice: dive into the lessons learned from building and defending an LLM application. This talk offers firsthand insights into the challenges and breakthroughs experienced while developing and securing large language models in real-world settings. We'll explore critical vulnerabilities, innovative defense strategies, and practical tips for enhancing the robustness of AI applications. Join us to gain actionable knowledge that can help you navigate the evolving landscape of AI security with confidence. \n\n\n","media":[],"title":"When Chatbots Go Rogue – Lessons Learned from Building and Defending LLM Applications","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:30:00Z","end_timestamp":{"seconds":1723249800,"nanoseconds":0},"android_description":"From theory to practice: dive into the lessons learned from building and defending an LLM application. This talk offers firsthand insights into the challenges and breakthroughs experienced while developing and securing large language models in real-world settings. We'll explore critical vulnerabilities, innovative defense strategies, and practical tips for enhancing the robustness of AI applications. Join us to gain actionable knowledge that can help you navigate the evolving landscape of AI security with confidence.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55699,55712,55722],"conference_id":133,"event_ids":[56228,56230,56252],"name":"Andra","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56103},{"content_ids":[55699],"conference_id":133,"event_ids":[56230],"name":"Javan Rasokat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56124}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T00:30:00.000-0000","id":56230,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56103},{"tag_id":46167,"sort_order":1,"person_id":56124}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us at Telecom Village, DEFCON for the SIM Card Testing Workshop. We'll cover SIM card functionality, communication protocols, reading and writing techniques, and introduce SIM card algorithms and authentication. Explore emerging eSIM technology and its communication methods. This hands-on workshop equips participants with practical skills in testing and manipulating SIM cards, providing a comprehensive understanding of both traditional SIM and eSIM technologies\n\n\n","media":[{"hash_sha256":"6ee1b484dd03eebefd7ebb357ab4d4ce86c4d9d3dd85b0efbdb8e2bb7a9cb76f","filetype":"image/webp","hash_md5":"423704fc7b2c7a9326f0af152ffb0717","name":"content_telecom_simplysecure.webp","is_logo":"Y","hash_crc32c":"84c49c1a","filesize":141946,"asset_id":825,"sort_order":1,"url":"https://info.defcon.org/blobs/content_telecom_simplysecure.webp"}],"title":"SIMply Secure","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Join us at Telecom Village, DEFCON for the SIM Card Testing Workshop. We'll cover SIM card functionality, communication protocols, reading and writing techniques, and introduce SIM card algorithms and authentication. Explore emerging eSIM technology and its communication methods. This hands-on workshop equips participants with practical skills in testing and manipulating SIM cards, providing a comprehensive understanding of both traditional SIM and eSIM technologies","updated_timestamp":{"seconds":1722352190,"nanoseconds":0},"speakers":[{"content_ids":[55561],"conference_id":133,"event_ids":[56076],"name":"Zibran Sayyed","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/zibran-sayyed-81b27618a/"},{"description":"","title":"Twitter (@ZibranSayyed23)","sort_order":0,"url":"https://twitter.com/ZibranSayyed23"}],"media":[],"id":56036}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T15:09:50Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56076,"tag_ids":[46395,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56036}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W201","hotel":"","short_name":"W201","id":46281},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-07-30T15:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk, I will share my journey from a novice to a seasoned hunter. I will explore how I used to report low-impact, informative bugs when I first started, and how I progressively improved by learning from the community, embracing failures/duplicates, and incorporating feedback from triage teams and clients. This journey of continuous learning and adaptation led me from reporting low vulnerabilities to effectively chaining and converting them into critical impacts.\n\nThis session is designed for both aspiring and experienced bug bounty hunters. By reflecting on a decade of lessons learned, I will aim to provide valuable takeaways that can help others navigate their own paths in bug bounty hunting and enhance their skills.\n\nAdditionally, one Synack triage team member will join me on this talk to help differentiate triage thinking from bug bounty hunters' thinking, providing valuable insights into the collaborative process of vulnerability reporting to acceptance.\n\n\n","media":[],"title":"Reflections on a Decade in Bug Bounties: Experiences and Major Takeaways","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"In this talk, I will share my journey from a novice to a seasoned hunter. I will explore how I used to report low-impact, informative bugs when I first started, and how I progressively improved by learning from the community, embracing failures/duplicates, and incorporating feedback from triage teams and clients. This journey of continuous learning and adaptation led me from reporting low vulnerabilities to effectively chaining and converting them into critical impacts.\n\nThis session is designed for both aspiring and experienced bug bounty hunters. By reflecting on a decade of lessons learned, I will aim to provide valuable takeaways that can help others navigate their own paths in bug bounty hunting and enhance their skills.\n\nAdditionally, one Synack triage team member will join me on this talk to help differentiate triage thinking from bug bounty hunters' thinking, providing valuable insights into the collaborative process of vulnerability reporting to acceptance.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54589,55734],"conference_id":133,"event_ids":[56261,54964],"name":"Nikhil \"niks\" Shrivastava","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@niksthehacker)","sort_order":0,"url":"https://twitter.com/niksthehacker"}],"media":[],"id":54340},{"content_ids":[54589,55734],"conference_id":133,"event_ids":[56261,54964],"name":"Charles Waterhouse","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56108}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#reflections-on-a-decade-in-bug-bounties"}],"end":"2024-08-10T01:00:00.000-0000","id":54964,"tag_ids":[46374,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56108},{"tag_id":46167,"sort_order":4,"person_id":54340}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk reveals stunning vulnerability findings in leading solar manufacturers that, when exploited, the stake is the grid. We'll explore three massive vulns in the management platform and discuss how they can be weaponized to become chilling nation security risks.\n\n\n","media":[],"title":"Beyond Sunset: Exposing the Occultations Lurking in Large-Scale Off-Grid Solar Systems","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:30:00Z","end_timestamp":{"seconds":1723249800,"nanoseconds":0},"android_description":"This talk reveals stunning vulnerability findings in leading solar manufacturers that, when exploited, the stake is the grid. We'll explore three massive vulns in the management platform and discuss how they can be weaponized to become chilling nation security risks.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54588],"conference_id":133,"event_ids":[54963],"name":"Dan Berte","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Bitdefender","title":"Manager, IoT Vulnerability Research Program"}],"links":[],"pronouns":null,"media":[],"id":54271,"title":"Manager, IoT Vulnerability Research Program at Bitdefender"},{"content_ids":[54588],"conference_id":133,"event_ids":[54963],"name":"Alexandru Lazar","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Bitdefender","title":"Security Researcher"}],"links":[],"pronouns":null,"media":[],"id":54286,"title":"Security Researcher at Bitdefender"}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T00:30:00.000-0000","id":54963,"tag_ids":[46383,46419,46437,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54286},{"tag_id":46167,"sort_order":1,"person_id":54271}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Using AI to pre-generate gamifie CTFs so hard even the admins won't know the answers. Exploring the visionary concept of using gamified, AI-generated barrier mazes for futuristic authentication and encryption inspired by manga. But in the great words of your Mom and mine, if we aren't breaking into something, then what is David Maynor even doing there?\n\n\n","media":[],"title":"Be the Ghost in the Shell Barrier Mazes FTW","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Using AI to pre-generate gamifie CTFs so hard even the admins won't know the answers. Exploring the visionary concept of using gamified, AI-generated barrier mazes for futuristic authentication and encryption inspired by manga. But in the great words of your Mom and mine, if we aren't breaking into something, then what is David Maynor even doing there?","updated_timestamp":{"seconds":1722376084,"nanoseconds":0},"speakers":[{"content_ids":[54587,55310],"conference_id":133,"event_ids":[55700,54962],"name":"David \"Icer\" Maynor","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ThreatHunter.ai","title":"Secret Keeper"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@Dave_Maynor)","sort_order":0,"url":"https://twitter.com/Dave_Maynor"}],"media":[],"id":54339,"title":"Secret Keeper at ThreatHunter.ai"}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T21:48:04Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":54962,"tag_ids":[46397,46419,46437,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54339}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-07-30T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A lot of security research have recently focused on various wireless communication protocols, targeting smartphones, wireless mice and keyboards and even cars. In order to demonstrate these attacks, researchers developed dedicated tools that for most of them include some specialized firmware of their own but also rely on various unique custom host/device communication protocols. These tools work great but are strongly tied to some specific hardware that at some point will not be available anymore, or require hackers to buy more hardware to carry on to have fun with. Why not making these tools compatible with more hardware ? And why researchers always have to create their own host/device protocol when it comes to using a dedicated hardware ? Why not having one flexible protocol and related tools to rule them all ?\r\n\r\nWe will present in this talk WHAD, a framework that provides an extensible host/device communication protocol, dedicated protocol stacks and way more for hackers who love having fun with wireless protocols. WHAD makes interoperability possible between tools by allowing different hardware devices to be used if they provide the required capabilities, giving the opportunity to create advanced tools without having to care about the hardware and its firmware in most of the cases!\r\n\r\n- [Atlas 2012] Atlas. SubGHz or Bust, 2012. Available at [link](https://media.blackhat.com/bh-us-12/Briefings/Atlas/BH_US_12_Atlas_GHZ_Workshop_Slides.pdf). \r\n- [Blu 2019] Bluetooth SIG. Bluetooth Core Specification, 2019. \r\n- [Cauquil 2016] Damien Cauquil. BtleJuice: The Bluetooth Smart MiTM framework. In DEF CON, volume 24, 2016. \r\n- [Cauquil 2017b] Damien Cauquil. Sniffing BTLE with the Micro:Bit. PoC or GTFO, vol. 17, pages 13–20, 2017. \r\n- [Cauquil 2017c] Damien Cauquil. Weaponizing the BBC Micro:Bit. In DEF CON, volume 25, 2017. Available at [link](https://media.defcon.org/DEFCON25/DEFCON25presentations/DEFCON25-Damien-Cauquil-Weaponizing-the-BBC-MicroBit-UPDATED.pdf).\r\n- [Cauquil 2018] Damien Cauquil. You’d better secure your BLE devices or we’ll kick your butts ! In DEF CON, volume 26, 2018. Available at [link](https://media.defcon.org/DEFCON26/DEFCON26presentations/DEFCON-26-Damien-Cauquil-Secure-Your-BLE-Devices-Updated.pdf).\r\n- [Cauquil 2019] Damien Cauquil. Defeating Bluetooth Low Energy 5 PRNG for fun and jamming. In DEF CON, volume 27, 2019. Available at [link](https://media.defcon.org/DEFCON27/DEFCON27presentations/DEFCON-27-Damien-Cauquil-Defeating-Bluetooth-Low-Energy-5-PRNG-for-fun-and-jamming.PDF). \r\n- [Cayre 2019a] Romain Cayre, Vincent Nicomette, Guillaume Auriol, Eric Alata, Mohamed Kaâniche and Geraldine Marconato. Mirage: towards a Metasploit-like framework for IoT. In 2019 IEEE 30th International Symposium on Software Reliability Engineering (ISSRE), Berlin, Germany, October 2019.\r\n- [Cayre 2021b] Romain Cayre, Florent Galtier, Guillaume Auriol, Vincent Nicomette, Mohamed Kaâniche and Géraldine Marconato. InjectaBLE: Injecting malicious traffic into established Bluetooth Low Energy connections. In IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2021), Taipei (virtual), Taiwan, June 2021. \r\n- [Cayre 2021c] Romain Cayre, Florent Galtier, Guillaume Auriol, Vincent Nicomette, Mohamed Kaâniche and Géraldine Marconato. WazaBee: attacking Zigbee networks by diverting Bluetooth Low Energy chips. In IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2021), Taipei (virtual), Taiwan, June 2021.\r\n- [Cayre 2021d] Romain Cayre, Géraldine Marconato, Florent Galtier, Mohamed Kaâniche, Vincent Nicomette and Guillaume Auriol. Cross-protocol attacks: weaponizing a smartphone by diverting its Bluetooth controller. In 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Abu Dhabi, United Arab Emirates, June 2021. \r\n- [Cayre 2021e] Romain Cayre, Damien Cauquil and Aurélien Francillon. ESPwn32: hacking with ESP32 system-on-chips.In 17th IEEE Workshop on Offensive Technologies (WOOT 2023), co-located with IEEE S&P 2023, San Francisco, United States, May 2023.\r\n- [Goodspeed 2011a] Travis Goodspeed. Promiscuity is the nRF24L01+’s Duty. Available at [link](http://travisgoodspeed.blogspot.com/2011/02/promiscuity-is-nrf24l01s-duty.html), 2011. \r\n- [IEE 2020] IEEE Standard for Low-Rate Wireless Networks. IEEE Std 802.15.4 2020 (Revision of IEEE Std 802.15.4-2015), pages 1–800, 2020. \r\n- [Jasek 2016] Sławomir Jasek. Gattacking Bluetooth Smart Devices. In BlackHat USA, 2016. Available at [link](http://gattack.io/whitepaper.pdf).\r\n- [LOG 2019] LogiTacker GitHub Repository, 2019. Available at [link](https://github.com/RoganDawes/LOGITacker)\r\n- [LoR 2017] LoRa Alliance, Inc. LoRaWan Specification, 2017.\r\n- [Newlin 2016a] Marc Newlin. MouseJack : White Paper. In DEF CON, volume 24, 2016. Available at [link](https://github.com/BastilleResearch/mousejack/blob/master/doc/pdf/DEFCON-24-Marc-Newlin-MouseJack-Injecting-Keystrokes-Into-Wireless-Mice.whitepaper.pdf).\r\n- [Olawumi 2014] Olayemi Olawumi, Keijo Haataja, Mikko Asikainen, Niko Vidgren and Pekka Toivanen. Three practical attacks against ZigBee security: Attack scenario definitions, practical experiments, countermeasures, and lessons learned. In 2014 14th International Conference on Hybrid Intelligent Systems, pages 199–206, 2014.\r\n- [Qasim Khan 2019] Sultan Qasim Khan. Sniffle: A sniffer for Bluetooth 5 (LE), 2019. Available at [link](https://hardwear.io/netherlands-2019/presentation/sniffle-talk-hardwear-io-nl-2019.pdf).\r\n- [Ryan 2013a] Mike Ryan. Bluetooth: With Low Energy Comes Low Security. In 7th USENIX Workshop on Offensive Technologies (WOOT 13), Washington, D.C., August 2013. USENIX Association. \r\n- [Vidgren 2013a] N. Vidgren, K. Haataja, J. L. Patiño-Andres, J. J. Ramírez-Sanchis and P. Toivanen. Security Threats in ZigBee-Enabled Systems: Vulnerability Evaluation, Practical Experiments, Countermeasures, and Lessons Learned. In 2013 46th Hawaii International Conference on System Sciences, pages 5132–5138, 2013.\r\n- [Wright 2009] Joshua Wright. KillerBee: Practical ZigBee Exploitation Framework, 2009. Available at [link](http://www.willhackforsushi.com/presentations/toorcon11-wright.pdf).\r\n- [Zillner 2015] T. Zillner. ZigBee Exploited: The good , the bad and the ugly. In BlackHat, 2015.\r\n\n\n\n","media":[],"title":"One for all and all for WHAD: wireless shenanigans made easy !","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T00:45:00Z","end_timestamp":{"seconds":1723250700,"nanoseconds":0},"android_description":"A lot of security research have recently focused on various wireless communication protocols, targeting smartphones, wireless mice and keyboards and even cars. In order to demonstrate these attacks, researchers developed dedicated tools that for most of them include some specialized firmware of their own but also rely on various unique custom host/device communication protocols. These tools work great but are strongly tied to some specific hardware that at some point will not be available anymore, or require hackers to buy more hardware to carry on to have fun with. Why not making these tools compatible with more hardware ? And why researchers always have to create their own host/device protocol when it comes to using a dedicated hardware ? Why not having one flexible protocol and related tools to rule them all ?\r\n\r\nWe will present in this talk WHAD, a framework that provides an extensible host/device communication protocol, dedicated protocol stacks and way more for hackers who love having fun with wireless protocols. WHAD makes interoperability possible between tools by allowing different hardware devices to be used if they provide the required capabilities, giving the opportunity to create advanced tools without having to care about the hardware and its firmware in most of the cases!\r\n\r\n- [Atlas 2012] Atlas. SubGHz or Bust, 2012. Available at [link](https://media.blackhat.com/bh-us-12/Briefings/Atlas/BH_US_12_Atlas_GHZ_Workshop_Slides.pdf). \r\n- [Blu 2019] Bluetooth SIG. Bluetooth Core Specification, 2019. \r\n- [Cauquil 2016] Damien Cauquil. BtleJuice: The Bluetooth Smart MiTM framework. In DEF CON, volume 24, 2016. \r\n- [Cauquil 2017b] Damien Cauquil. Sniffing BTLE with the Micro:Bit. PoC or GTFO, vol. 17, pages 13–20, 2017. \r\n- [Cauquil 2017c] Damien Cauquil. Weaponizing the BBC Micro:Bit. In DEF CON, volume 25, 2017. Available at [link](https://media.defcon.org/DEFCON25/DEFCON25presentations/DEFCON25-Damien-Cauquil-Weaponizing-the-BBC-MicroBit-UPDATED.pdf).\r\n- [Cauquil 2018] Damien Cauquil. You’d better secure your BLE devices or we’ll kick your butts ! In DEF CON, volume 26, 2018. Available at [link](https://media.defcon.org/DEFCON26/DEFCON26presentations/DEFCON-26-Damien-Cauquil-Secure-Your-BLE-Devices-Updated.pdf).\r\n- [Cauquil 2019] Damien Cauquil. Defeating Bluetooth Low Energy 5 PRNG for fun and jamming. In DEF CON, volume 27, 2019. Available at [link](https://media.defcon.org/DEFCON27/DEFCON27presentations/DEFCON-27-Damien-Cauquil-Defeating-Bluetooth-Low-Energy-5-PRNG-for-fun-and-jamming.PDF). \r\n- [Cayre 2019a] Romain Cayre, Vincent Nicomette, Guillaume Auriol, Eric Alata, Mohamed Kaâniche and Geraldine Marconato. Mirage: towards a Metasploit-like framework for IoT. In 2019 IEEE 30th International Symposium on Software Reliability Engineering (ISSRE), Berlin, Germany, October 2019.\r\n- [Cayre 2021b] Romain Cayre, Florent Galtier, Guillaume Auriol, Vincent Nicomette, Mohamed Kaâniche and Géraldine Marconato. InjectaBLE: Injecting malicious traffic into established Bluetooth Low Energy connections. In IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2021), Taipei (virtual), Taiwan, June 2021. \r\n- [Cayre 2021c] Romain Cayre, Florent Galtier, Guillaume Auriol, Vincent Nicomette, Mohamed Kaâniche and Géraldine Marconato. WazaBee: attacking Zigbee networks by diverting Bluetooth Low Energy chips. In IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2021), Taipei (virtual), Taiwan, June 2021.\r\n- [Cayre 2021d] Romain Cayre, Géraldine Marconato, Florent Galtier, Mohamed Kaâniche, Vincent Nicomette and Guillaume Auriol. Cross-protocol attacks: weaponizing a smartphone by diverting its Bluetooth controller. In 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Abu Dhabi, United Arab Emirates, June 2021. \r\n- [Cayre 2021e] Romain Cayre, Damien Cauquil and Aurélien Francillon. ESPwn32: hacking with ESP32 system-on-chips.In 17th IEEE Workshop on Offensive Technologies (WOOT 2023), co-located with IEEE S&P 2023, San Francisco, United States, May 2023.\r\n- [Goodspeed 2011a] Travis Goodspeed. Promiscuity is the nRF24L01+’s Duty. Available at [link](http://travisgoodspeed.blogspot.com/2011/02/promiscuity-is-nrf24l01s-duty.html), 2011. \r\n- [IEE 2020] IEEE Standard for Low-Rate Wireless Networks. IEEE Std 802.15.4 2020 (Revision of IEEE Std 802.15.4-2015), pages 1–800, 2020. \r\n- [Jasek 2016] Sławomir Jasek. Gattacking Bluetooth Smart Devices. In BlackHat USA, 2016. Available at [link](http://gattack.io/whitepaper.pdf).\r\n- [LOG 2019] LogiTacker GitHub Repository, 2019. Available at [link](https://github.com/RoganDawes/LOGITacker)\r\n- [LoR 2017] LoRa Alliance, Inc. LoRaWan Specification, 2017.\r\n- [Newlin 2016a] Marc Newlin. MouseJack : White Paper. In DEF CON, volume 24, 2016. Available at [link](https://github.com/BastilleResearch/mousejack/blob/master/doc/pdf/DEFCON-24-Marc-Newlin-MouseJack-Injecting-Keystrokes-Into-Wireless-Mice.whitepaper.pdf).\r\n- [Olawumi 2014] Olayemi Olawumi, Keijo Haataja, Mikko Asikainen, Niko Vidgren and Pekka Toivanen. Three practical attacks against ZigBee security: Attack scenario definitions, practical experiments, countermeasures, and lessons learned. In 2014 14th International Conference on Hybrid Intelligent Systems, pages 199–206, 2014.\r\n- [Qasim Khan 2019] Sultan Qasim Khan. Sniffle: A sniffer for Bluetooth 5 (LE), 2019. Available at [link](https://hardwear.io/netherlands-2019/presentation/sniffle-talk-hardwear-io-nl-2019.pdf).\r\n- [Ryan 2013a] Mike Ryan. Bluetooth: With Low Energy Comes Low Security. In 7th USENIX Workshop on Offensive Technologies (WOOT 13), Washington, D.C., August 2013. USENIX Association. \r\n- [Vidgren 2013a] N. Vidgren, K. Haataja, J. L. Patiño-Andres, J. J. Ramírez-Sanchis and P. Toivanen. Security Threats in ZigBee-Enabled Systems: Vulnerability Evaluation, Practical Experiments, Countermeasures, and Lessons Learned. In 2013 46th Hawaii International Conference on System Sciences, pages 5132–5138, 2013.\r\n- [Wright 2009] Joshua Wright. KillerBee: Practical ZigBee Exploitation Framework, 2009. Available at [link](http://www.willhackforsushi.com/presentations/toorcon11-wright.pdf).\r\n- [Zillner 2015] T. Zillner. ZigBee Exploited: The good , the bad and the ugly. In BlackHat, 2015.","updated_timestamp":{"seconds":1720462949,"nanoseconds":0},"speakers":[{"content_ids":[54472],"conference_id":133,"event_ids":[54845],"name":"Damien Cauquil","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Quarkslab","title":"Security Engineer"}],"pronouns":"he/him","links":[{"description":"","title":"mamot.fr/@virtualabs","sort_order":0,"url":"https://mamot.fr/@virtualabs"},{"description":"","title":"quarkslab.com","sort_order":0,"url":"https://quarkslab.com"}],"media":[],"id":54069,"title":"Security Engineer at Quarkslab"},{"content_ids":[54472],"conference_id":133,"event_ids":[54845],"name":"Romain Cayre","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"EURECOM","title":"Assistant Professor, Software and System Security (S3) Group"}],"pronouns":null,"links":[{"description":"","title":"Mastodon (@rcayre@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@rcayre"},{"description":"","title":"Twitter (@CayreRomain)","sort_order":0,"url":"https://twitter.com/CayreRomain"},{"description":"","title":"Website","sort_order":0,"url":"https://www.s3.eurecom.fr/~rcayre/"}],"media":[],"id":54198,"title":"Assistant Professor, Software and System Security (S3) Group at EURECOM"}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:22:29Z","links":[],"end":"2024-08-10T00:45:00.000-0000","id":54845,"tag_ids":[46166,46169,46419,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54069},{"tag_id":46167,"sort_order":2,"person_id":54198}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-07-08T18:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In a world where technology and software are intertwined with our daily lives more than ever, a silent threat grows in the shadows.\n\nEnd-of-life devices—abandoned by manufacturers - power our homes, hospitals, businesses and critical infrastructure. From the depths of the cyber underground, malicious software from cybercriminal and nation-state actors is seizing these forgotten devices and conscripting them into botnets and other malicious infrastructure.\n\nFor example, Black Lotus Labs revealed a chilling trend: 40,000 small office home office (SOHO) routers compromised and enrolled in the sinister 'Faceless' botnet - now powered by devices you own and thought were safe.\n\nAnd it's not just routers. Critical medical devices, essential security hardware—smart home appliances. No gadget is safe. And, with the Internet of Things set to double in the next decade, billions of vulnerable devices marketed and sold to connect us risk robbing, dividing and defeating us in the years to come: a process one expert has termed “enshittification.”\n\nAfter years of warnings from the cybersecurity community, alarms are finally sounding in the halls of power. But more is needed: a clarion call to reset, to redefine ownership and security in an age of smart, connected devices before it's too late.\n\nIn this panel you’ll be enlisted to join the fight. You’ll hear from experts working at the forefront of a fight to challenge the status quo and seek solutions to safeguard our digital futures.Are you ready to stand up for your right to a secure, connected world? The battle for control, for transparency- for a sustainable and resilient digital future begins now!\n\n\n","media":[],"title":"Bricked & Abandoned: How To Keep The IoT From Becoming An Internet of Trash","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T00:45:00Z","end_timestamp":{"seconds":1723250700,"nanoseconds":0},"android_description":"In a world where technology and software are intertwined with our daily lives more than ever, a silent threat grows in the shadows.\n\nEnd-of-life devices—abandoned by manufacturers - power our homes, hospitals, businesses and critical infrastructure. From the depths of the cyber underground, malicious software from cybercriminal and nation-state actors is seizing these forgotten devices and conscripting them into botnets and other malicious infrastructure.\n\nFor example, Black Lotus Labs revealed a chilling trend: 40,000 small office home office (SOHO) routers compromised and enrolled in the sinister 'Faceless' botnet - now powered by devices you own and thought were safe.\n\nAnd it's not just routers. Critical medical devices, essential security hardware—smart home appliances. No gadget is safe. And, with the Internet of Things set to double in the next decade, billions of vulnerable devices marketed and sold to connect us risk robbing, dividing and defeating us in the years to come: a process one expert has termed “enshittification.”\n\nAfter years of warnings from the cybersecurity community, alarms are finally sounding in the halls of power. But more is needed: a clarion call to reset, to redefine ownership and security in an age of smart, connected devices before it's too late.\n\nIn this panel you’ll be enlisted to join the fight. You’ll hear from experts working at the forefront of a fight to challenge the status quo and seek solutions to safeguard our digital futures.Are you ready to stand up for your right to a secure, connected world? The battle for control, for transparency- for a sustainable and resilient digital future begins now!","updated_timestamp":{"seconds":1720307459,"nanoseconds":0},"speakers":[{"content_ids":[54488,54471],"conference_id":133,"event_ids":[54844,54861],"name":"Cory Doctorow","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Author"}],"pronouns":null,"links":[{"description":"","title":"Mastodon (@doctorow@mamot.fr)","sort_order":0,"url":"https://mamot.fr/@doctorow"},{"description":"","title":"Medium (@doctorow)","sort_order":0,"url":"https://medium.com/@doctorow"},{"description":"","title":"Tumblr (@mostlysignssomeportents)","sort_order":0,"url":"https://www.tumblr.com/mostlysignssomeportents"},{"description":"","title":"Twitter (@doctorow)","sort_order":0,"url":"https://twitter.com/doctorow"},{"description":"","title":"Website","sort_order":0,"url":"https://craphound.com"}],"media":[],"id":54119,"title":"Author"},{"content_ids":[54471],"conference_id":133,"event_ids":[54844],"name":"Tarah Wheeler","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Red Queen Dynamics","title":"Founder and CEO"},{"organization":"Council on Foreign Relations","title":"Senior Fellow in Global Cyber Policy"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@tarah)","sort_order":0,"url":"https://twitter.com/tarah"},{"description":"","title":"Website","sort_order":0,"url":"https://tarah.org"}],"media":[],"id":54135,"title":"Senior Fellow in Global Cyber Policy at Council on Foreign Relations"},{"content_ids":[54624,54441,54471],"conference_id":133,"event_ids":[54814,54844,54998],"name":"Dennis Giese","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Twitter (@dgi_DE)","sort_order":0,"url":"https://twitter.com/dgi_DE"},{"description":"","title":"Website","sort_order":0,"url":"https://dontvacuum.me"}],"media":[],"id":54142},{"content_ids":[54471],"conference_id":133,"event_ids":[54844],"name":"Paul Roberts","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Secure Repairs","title":"Founder"},{"organization":"The Security Ledger","title":"Publisher and Editor in Chief"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@paulfroberts)","sort_order":0,"url":"https://twitter.com/paulfroberts"},{"description":"","title":"Website","sort_order":0,"url":"https://pfroberts.com"}],"media":[],"id":54143,"title":"Publisher and Editor in Chief at The Security Ledger"},{"content_ids":[54471],"conference_id":133,"event_ids":[54844],"name":"Chris Wysopal","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Veracode","title":"CTO"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@WeldPond)","sort_order":0,"url":"https://twitter.com/WeldPond"},{"description":"","title":"Twitter (@veracode)","sort_order":0,"url":"https://twitter.com/veracode"}],"media":[],"id":54144,"title":"CTO at Veracode"}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:59Z","links":[],"end":"2024-08-10T00:45:00.000-0000","id":54844,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54143},{"tag_id":46167,"sort_order":4,"person_id":54144},{"tag_id":46167,"sort_order":6,"person_id":54119},{"tag_id":46167,"sort_order":8,"person_id":54135},{"tag_id":46167,"sort_order":10,"person_id":54142}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Secure Web Gateways (SWGs) are cloud-based SSL-intercepting proxies and an important component of enterprise Secure Access Service Edge (SASE) or Security Service Edge (SSE) solutions. SWGs ensure secure web access for enterprise users by doing malware protection, threat prevention, URL filtering, and content inspection of sensitive data, among other critical security measures. \r\n\r\nOur research indicates that in today's world of complex web applications and protocols, SWGs often fail to deliver on their promise. We will demonstrate a new class of attacks: “Last Mile Reassembly Attacks,” which, as of this writing, can bypass every SWG in the Gartner Magic Quadrant for SASE and SSE - this includes the largest public market cybersecurity companies in the world. Additionally, we will release an open-source attack toolkit for researchers and red teams to test these attacks on their security solutions and better understand their security exposure.\r\n\r\nWe aim for our talk to compel SWG vendors to rethink cloud-based client-side web attack detection models, and for enterprises to rethink how they look at securing their users against web threats. \r\n\r\nSecure Web Gateway Basics: [link](https://www.cloudflare.com/learning/access-management/what-is-a-secure-web-gateway/)\r\nSSL Interception and Attacks: [link](https://www.secureworks.com/research/transitive-trust)\n\n\n","media":[],"title":"Breaking Secure Web Gateways (SWG) for Fun and Profit","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T00:45:00Z","end_timestamp":{"seconds":1723250700,"nanoseconds":0},"android_description":"Secure Web Gateways (SWGs) are cloud-based SSL-intercepting proxies and an important component of enterprise Secure Access Service Edge (SASE) or Security Service Edge (SSE) solutions. SWGs ensure secure web access for enterprise users by doing malware protection, threat prevention, URL filtering, and content inspection of sensitive data, among other critical security measures. \r\n\r\nOur research indicates that in today's world of complex web applications and protocols, SWGs often fail to deliver on their promise. We will demonstrate a new class of attacks: “Last Mile Reassembly Attacks,” which, as of this writing, can bypass every SWG in the Gartner Magic Quadrant for SASE and SSE - this includes the largest public market cybersecurity companies in the world. Additionally, we will release an open-source attack toolkit for researchers and red teams to test these attacks on their security solutions and better understand their security exposure.\r\n\r\nWe aim for our talk to compel SWG vendors to rethink cloud-based client-side web attack detection models, and for enterprises to rethink how they look at securing their users against web threats. \r\n\r\nSecure Web Gateway Basics: [link](https://www.cloudflare.com/learning/access-management/what-is-a-secure-web-gateway/)\r\nSSL Interception and Attacks: [link](https://www.secureworks.com/research/transitive-trust)","updated_timestamp":{"seconds":1720462685,"nanoseconds":0},"speakers":[{"content_ids":[54555,54470,55984,55899],"conference_id":133,"event_ids":[56606,56486,54843,54930],"name":"Vivek Ramachandran","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SquareX","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/vivekramachandran/"},{"description":"","title":"Twitter (@vivekramac)","sort_order":0,"url":"https://x.com/vivekramac"}],"media":[],"id":54075,"title":"Founder at SquareX"},{"content_ids":[54470],"conference_id":133,"event_ids":[54843],"name":"Jeswin Mathai","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SquareX","title":"Chief Architect"}],"links":[],"pronouns":null,"media":[],"id":54099,"title":"Chief Architect at SquareX"}],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:18:05Z","links":[],"end":"2024-08-10T00:45:00.000-0000","id":54843,"tag_ids":[46166,46169,46419,46437,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54075},{"tag_id":46167,"sort_order":2,"person_id":54099}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-07-08T18:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00\n\n\n","media":[],"title":"Friends of Bill W","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00","updated_timestamp":{"seconds":1718771079,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-10T00:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T04:24:39Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249486"}],"end":"2024-08-10T01:00:00.000-0000","id":54490,"tag_ids":[46364,46401],"village_id":null,"begin_timestamp":{"seconds":1723248000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W301","hotel":"","short_name":"W301","id":46295},"spans_timebands":"N","begin":"2024-08-10T00:00:00.000-0000","updated":"2024-06-19T04:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Heather Adkins will pull from over 25 years of experience, including responding to major security incidents that impacted national security, to detail how the threat landscape has evolved into what it is today with the introduction of AI. She'll provide lessons learned by the industry in applying AI for security over the years, and explain how AI can be used in arming cyber defenders tasked with protecting the critical infrastructure we rely upon every day.\n\n\n","media":[],"title":"No Time for Complacency: The Stakes of AI in Cybersecurity","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:15:00Z","end_timestamp":{"seconds":1723248900,"nanoseconds":0},"android_description":"Heather Adkins will pull from over 25 years of experience, including responding to major security incidents that impacted national security, to detail how the threat landscape has evolved into what it is today with the introduction of AI. She'll provide lessons learned by the industry in applying AI for security over the years, and explain how AI can be used in arming cyber defenders tasked with protecting the critical infrastructure we rely upon every day.","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[56130,56129],"conference_id":133,"event_ids":[56772,56773],"name":"Heather Adkins","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Vice President of Security Engineering"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/argvee"},{"description":"","title":"Twitter (@argvee)","sort_order":0,"url":"https://twitter.com/argvee"}],"media":[],"id":56515,"title":"Vice President of Security Engineering at Google"}],"begin_tsz":"2024-08-09T23:55:00Z","timeband_id":1147,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-10T00:15:00.000-0000","id":56773,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723247700,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56515}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-09T23:55:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this presentation, we explore the integration of chatbots and large language models (LLMs) like ChatGPT in cybersecurity. We begin by explaining chatbots and LLMs, their operation, and their relevance to cybersecurity. We'll discuss practical applications on both defensive and offensive sides. Defensively, chatbots can automate tasks such as log parsing, web scraping, and data analysis, and aid in educating team members on complex security concepts. Offensively, chatbots can be employed for social engineering, phishing simulations, and automating attack techniques. Real-world examples demonstrate how ChatGPT supports security engineering by generating Python scripts, creating cybersecurity content, and assisting with complex projects. By the end, you'll understand the potential of chatbots and LLMs in enhancing cybersecurity workflows.\n\n\n","media":[],"title":"Chatbots for Cybersecurity","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"In this presentation, we explore the integration of chatbots and large language models (LLMs) like ChatGPT in cybersecurity. We begin by explaining chatbots and LLMs, their operation, and their relevance to cybersecurity. We'll discuss practical applications on both defensive and offensive sides. Defensively, chatbots can automate tasks such as log parsing, web scraping, and data analysis, and aid in educating team members on complex security concepts. Offensively, chatbots can be employed for social engineering, phishing simulations, and automating attack techniques. Real-world examples demonstrate how ChatGPT supports security engineering by generating Python scripts, creating cybersecurity content, and assisting with complex projects. By the end, you'll understand the potential of chatbots and LLMs in enhancing cybersecurity workflows.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55306,55904,55965,55957],"conference_id":133,"event_ids":[56573,56581,55696,56491],"name":"Lenin Alevski","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Security Engineer"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/alevsk/"},{"description":"","title":"Twitter (@alevsk)","sort_order":0,"url":"https://twitter.com/alevsk"},{"description":"","title":"Website","sort_order":0,"url":"https://www.alevsk.com/"}],"media":[],"id":55862,"title":"Security Engineer at Google"}],"begin_tsz":"2024-08-09T23:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":56581,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723246200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55862}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-09T23:30:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come learn about Meshtastic, the long-range, low-power, encrypted off-grid messaging protocol. We'll be setting up our Meshtastic Nuggets, going over the setup options, and exploring the advanced options that make Meshtastic more useful. We'll cover setting encryption, choosing a device role, and connecting over serial, web, and bluetooth. We'll also look at some of the optional modules, like broadcasting sensor telemetry data or adding a GPS.\n\n\n","media":[],"title":"Meshtastic Meetup","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Come learn about Meshtastic, the long-range, low-power, encrypted off-grid messaging protocol. We'll be setting up our Meshtastic Nuggets, going over the setup options, and exploring the advanced options that make Meshtastic more useful. We'll cover setting encryption, choosing a device role, and connecting over serial, web, and bluetooth. We'll also look at some of the optional modules, like broadcasting sensor telemetry data or adding a GPS.","updated_timestamp":{"seconds":1722645221,"nanoseconds":0},"speakers":[{"content_ids":[55930,55931,55932,55933,55934,55935,55936,55937,55938,55939],"conference_id":133,"event_ids":[56521,56522,56523,56524,56525,56526,56527,56528,56529,56530],"name":"Kody K","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56287}],"begin_tsz":"2024-08-09T23:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:41Z","links":[{"label":"Purchase/Pre-Register","type":"link","url":"https://retia.io/products/meshtastic-meetup"}],"end":"2024-08-10T01:00:00.000-0000","id":56524,"tag_ids":[46383,46429,46734],"village_id":null,"begin_timestamp":{"seconds":1723246200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56287}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T23:30:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Winners of Day One announced and prizes given out\n\n\n","media":[],"title":"Payment Village CTF Day One Results","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"Winners of Day One announced and prizes given out","updated_timestamp":{"seconds":1722356387,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T23:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T16:19:47Z","links":[{"label":"More Info","type":"link","url":"https://www.paymentvillage.org/challenges"}],"end":"2024-08-10T00:00:00.000-0000","id":56086,"tag_ids":[46386,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723246200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-09T23:30:00.000-0000","updated":"2024-07-30T16:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The submitted talk will include the intro technical details of Meshtastic. However, the majority of this talk is aimed at the planning, mapping, business and personal contacts of site owners (and the headaches involved), success and failures of our project and node builds. As well as some advanced settings to hide your node deployments in some creative ways. More of a how to build out your mesh network rather than a technical deep dive.\n\n\n","media":[],"title":"Meshtastic Adventures: Triumphs, Tribulations, and Total Mesh-ups.","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:25:00Z","end_timestamp":{"seconds":1723249500,"nanoseconds":0},"android_description":"The submitted talk will include the intro technical details of Meshtastic. However, the majority of this talk is aimed at the planning, mapping, business and personal contacts of site owners (and the headaches involved), success and failures of our project and node builds. As well as some advanced settings to hide your node deployments in some creative ways. More of a how to build out your mesh network rather than a technical deep dive.","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55452],"conference_id":133,"event_ids":[55877],"name":"m1ddl3w4r3","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@anonymousperp)","sort_order":0,"url":"https://twitter.com/anonymousperp"}],"media":[],"id":55992}],"begin_tsz":"2024-08-09T23:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-10T00:25:00.000-0000","id":55877,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723246200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55992}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-09T23:30:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"James \"Jimmy\" Donaldson, better known by his online handle Mr. Beast, is the most successful YouTuber of all time. The digital superstar has often spoken about how learning to make digital content with a group was the reason he was able to grow so quickly. By collaborating with a small cohort of people who shared his passion, each individual was able to not only learn from one another's unique skills, but most importantly, they learned from each other's failures and made corrections to avoid those pitfalls themselves. This workshop is designed to help you learn to apply this same principle to Bug Bounty Hunting and grow exponentially faster than you can on your own.\r\n\r\nAfter sharing some success stories from his own journey, Harrison Richardson (rs0n) will lead the audience in forming small bug bounty hunting groups optimized for success. Attendees will be grouped based on their technical skills, bug bounty experience, and work experience to build an effective cohort. Next, rs0n will guide each group in selecting a public Bug Bounty Program based on their combined skills and will coach the groups individually on working together to find and report bugs. Special emphasis will be placed on learning to take essential notes and build a custom hunting methodology that works for you and your team. Finally, rs0n will host a live Q&A session to answer any \"burning\" questions the participants have about bug bounty hunting and/or transitioning to a career of Application Security.\r\n\r\nThere have been massive strides made in the bug bounty industry over the past few years, but one problem continues to persist. Researchers at all levels view other bug bounty hunters as competition who will steal their techniques. The goal of this workshop is not only to teach the skills needed to effectively collaborate on bug bounty programs, but also to demonstrate the immense value of collaboration when learning offensive security.\n\n\n","media":[],"title":"LFG! Forming a Bug Bounty Hunting Party","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"James \"Jimmy\" Donaldson, better known by his online handle Mr. Beast, is the most successful YouTuber of all time. The digital superstar has often spoken about how learning to make digital content with a group was the reason he was able to grow so quickly. By collaborating with a small cohort of people who shared his passion, each individual was able to not only learn from one another's unique skills, but most importantly, they learned from each other's failures and made corrections to avoid those pitfalls themselves. This workshop is designed to help you learn to apply this same principle to Bug Bounty Hunting and grow exponentially faster than you can on your own.\r\n\r\nAfter sharing some success stories from his own journey, Harrison Richardson (rs0n) will lead the audience in forming small bug bounty hunting groups optimized for success. Attendees will be grouped based on their technical skills, bug bounty experience, and work experience to build an effective cohort. Next, rs0n will guide each group in selecting a public Bug Bounty Program based on their combined skills and will coach the groups individually on working together to find and report bugs. Special emphasis will be placed on learning to take essential notes and build a custom hunting methodology that works for you and your team. Finally, rs0n will host a live Q&A session to answer any \"burning\" questions the participants have about bug bounty hunting and/or transitioning to a career of Application Security.\r\n\r\nThere have been massive strides made in the bug bounty industry over the past few years, but one problem continues to persist. Researchers at all levels view other bug bounty hunters as competition who will steal their techniques. The goal of this workshop is not only to teach the skills needed to effectively collaborate on bug bounty programs, but also to demonstrate the immense value of collaboration when learning offensive security.","updated_timestamp":{"seconds":1721438271,"nanoseconds":0},"speakers":[{"content_ids":[55178],"conference_id":133,"event_ids":[55566],"name":"Harrison Richardson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"@rs0n_live","sort_order":0,"url":"https://twitter.com/rs0n_live"}],"media":[],"id":54818}],"begin_tsz":"2024-08-09T23:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T01:17:51Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#lfg-forming-a-bug-bounty-hunting-party"}],"end":"2024-08-10T01:00:00.000-0000","id":55566,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723246200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54818}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-09T23:30:00.000-0000","updated":"2024-07-20T01:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Taking attendees through the full badge making process from ideation to ordering and producing at scale\n\n\n","media":[],"title":"So you wanna know how to make badges","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:30:00Z","end_timestamp":{"seconds":1723249800,"nanoseconds":0},"android_description":"Taking attendees through the full badge making process from ideation to ordering and producing at scale","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54586],"conference_id":133,"event_ids":[54961],"name":"c0ldbru","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Mastodon (@c0ldbru@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@c0ldbru"},{"description":"","title":"Twitter (@c0ldbru)","sort_order":0,"url":"https://twitter.com/c0ldbru"}],"media":[],"id":54328}],"begin_tsz":"2024-08-09T23:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T00:30:00.000-0000","id":54961,"tag_ids":[46169,46407,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723246200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54328}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-09T23:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Storytelling of a highly complex Red Team with multiple initial accesses only with Social Engineering. could anyone do it? Yes. \r\n\r\nUnder the format of Storytelling this presentation aims to take attendees first person through a RedTeam service with multiple initial accesses with 100% Social Engineering. How to present critical vulnerabilities in a public way without exposing the target company? This live comic will show us how, through one of its protagonists and with practical examples made with the attendees themselves. How does a professional Social Engineering unit work? What are the roles and tasks? How to emulate the reach of a cybercriminal gang in less than three weeks? This dojo aims to show the methodologies and techniques applied in the field to obtain relevant findings, even reaching critical infrastructure without raising alerts and in an extremely limited time. From the first meeting with the client, information gathering, vector selection, exploitation, pretexting to the physical intrusion, even reaching the datacenter. We will demonstrate how luck is no longer an element to consider when your work is SE from Monday to Friday and you have to perform this type of service every month. \n\n\n","media":[],"title":"Master Splinter’s initial physical access dojo: Storytelling of a complex adversarial attack","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"Storytelling of a highly complex Red Team with multiple initial accesses only with Social Engineering. could anyone do it? Yes. \r\n\r\nUnder the format of Storytelling this presentation aims to take attendees first person through a RedTeam service with multiple initial accesses with 100% Social Engineering. How to present critical vulnerabilities in a public way without exposing the target company? This live comic will show us how, through one of its protagonists and with practical examples made with the attendees themselves. How does a professional Social Engineering unit work? What are the roles and tasks? How to emulate the reach of a cybercriminal gang in less than three weeks? This dojo aims to show the methodologies and techniques applied in the field to obtain relevant findings, even reaching critical infrastructure without raising alerts and in an extremely limited time. From the first meeting with the client, information gathering, vector selection, exploitation, pretexting to the physical intrusion, even reaching the datacenter. We will demonstrate how luck is no longer an element to consider when your work is SE from Monday to Friday and you have to perform this type of service every month.","updated_timestamp":{"seconds":1722712977,"nanoseconds":0},"speakers":[{"content_ids":[54585],"conference_id":133,"event_ids":[54960],"name":"Daniel Isler","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Dreamlab Technologies Chile","title":"Team Leader, Fr1endly RATs"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/daniel-isler/"},{"description":"","title":"Twitter (@Fr1endlyRATs)","sort_order":0,"url":"https://twitter.com/Fr1endlyRATs"}],"media":[],"id":54367,"title":"Team Leader, Fr1endly RATs at Dreamlab Technologies Chile"}],"begin_tsz":"2024-08-09T23:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T19:22:57Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":54960,"tag_ids":[46367,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723246200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54367}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T23:30:00.000-0000","updated":"2024-08-03T19:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Introduction to industrial control systems: \r\n- What is ICS \r\n- Purdue model\r\n- How ICS is architected\r\n- Attacker view of ICS architecture\r\n- How to build your own ICS lab \r\n- Equipment \r\n- How to learn / conduct vulnerability research\r\n\n\n\n","media":[],"title":"ICS 101","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"Introduction to industrial control systems: \r\n- What is ICS \r\n- Purdue model\r\n- How ICS is architected\r\n- Attacker view of ICS architecture\r\n- How to build your own ICS lab \r\n- Equipment \r\n- How to learn / conduct vulnerability research","updated_timestamp":{"seconds":1720984389,"nanoseconds":0},"speakers":[{"content_ids":[54584,55984],"conference_id":133,"event_ids":[56606,54959],"name":"Bryson Bort ","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54266},{"content_ids":[54584,54574],"conference_id":133,"event_ids":[54949,54959],"name":"Tom VanNorman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ICS Village","title":""}],"links":[],"pronouns":null,"media":[],"id":54316,"title":"ICS Village"}],"begin_tsz":"2024-08-09T23:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-14T19:13:09Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":54959,"tag_ids":[46382,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723246200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54266},{"tag_id":46167,"sort_order":1,"person_id":54316}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-09T23:30:00.000-0000","updated":"2024-07-14T19:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Pawning countries at top level domain by just buying one specific domain name ‘wpad.tld’, come hear about this more the 25+ years old issue and the research from running eight different wpad.tld domains for more than one year that turn into more the 1+ billion DNS request and more then 600+GB of Apache log data with leaked information from the clients.\r\n\r\nThis is the story about how easy it is to just buying one domain and then many hundreds of thousands of Internet clients will get auto pwned without knowing it and start sending traffic to this man-in-the-middle setup there is bypassing encryption and can change content with the ability to get the clients to download harmful content and execute it.\r\n\r\nThe talk will explain the technical behind this issue and showcase why and how clients will be trick into this Man-in-the-middle trap.\r\n\r\n1. Description of wpad and the function, include listing the security issue. [link](https://en.wikipedia.org/wiki/Web_Proxy_Auto-Discovery_Protocol)\r\n2. Navigator Proxy Auto-Config File Format from March 1996 [link](https://web.archive.org/web/20070307124216/http://wp.netscape.com/eng/mozilla/2.0/relnotes/demo/proxy-live.html)\r\n3. INTERNET-DRAFT 1999 for Web Proxy Auto-Discovery Protocol [link](https://datatracker.ietf.org/doc/html/draft-ietf-wrec-wpad-01)\r\n4. Microsoft Security Bulletin MS99-054 Critical Vulnerability from 1999 [link](https://learn.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-054)\r\n5. Description of the wpad PAC javascript format. [link](https://findproxyforurl.com/)\r\n6. Pentesting tool with function as a WPAD Proxy Server to capture credentials from clients. [link](https://github.com/SpiderLabs/Responder)\r\n7. WPAD Name Collision Vulnerability [link](https://www.cisa.gov/news-events/alerts/2016/05/23/wpad-name-collision-vulnerability)\r\n8. WPAD Vulnerability [link](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10183) [link](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16996)\r\n9. ICANN - Root Cause Analysis - wpad.domain.name [link](https://www.icann.org/en/system/files/files/root-cause-analysis-wpad-18jan23-en.pdf)\r\n10. Windows proxy settings ultimate guide part – WPAD/PAC configuration file\r\n - [link](https://igorpuhalo.wordpress.com/2022/03/02/windows-proxy-settings-ultimate-guide-part-i-wininet-vs-winhttp/)\r\n - [link](https://igorpuhalo.wordpress.com/2022/07/15/windows-proxy-settings-ultimate-guide-part-ii-configuring-proxy-settings/)\r\n - [link](https://igorpuhalo.wordpress.com/2022/08/09/windows-proxy-settings-ultimate-guide-part-iii-wpad-pac-configuration-file/)\r\n\n\n\n","media":[],"title":"Why are you still, using my server for your internet access.","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T00:15:00Z","end_timestamp":{"seconds":1723248900,"nanoseconds":0},"android_description":"Pawning countries at top level domain by just buying one specific domain name ‘wpad.tld’, come hear about this more the 25+ years old issue and the research from running eight different wpad.tld domains for more than one year that turn into more the 1+ billion DNS request and more then 600+GB of Apache log data with leaked information from the clients.\r\n\r\nThis is the story about how easy it is to just buying one domain and then many hundreds of thousands of Internet clients will get auto pwned without knowing it and start sending traffic to this man-in-the-middle setup there is bypassing encryption and can change content with the ability to get the clients to download harmful content and execute it.\r\n\r\nThe talk will explain the technical behind this issue and showcase why and how clients will be trick into this Man-in-the-middle trap.\r\n\r\n1. Description of wpad and the function, include listing the security issue. [link](https://en.wikipedia.org/wiki/Web_Proxy_Auto-Discovery_Protocol)\r\n2. Navigator Proxy Auto-Config File Format from March 1996 [link](https://web.archive.org/web/20070307124216/http://wp.netscape.com/eng/mozilla/2.0/relnotes/demo/proxy-live.html)\r\n3. INTERNET-DRAFT 1999 for Web Proxy Auto-Discovery Protocol [link](https://datatracker.ietf.org/doc/html/draft-ietf-wrec-wpad-01)\r\n4. Microsoft Security Bulletin MS99-054 Critical Vulnerability from 1999 [link](https://learn.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-054)\r\n5. Description of the wpad PAC javascript format. [link](https://findproxyforurl.com/)\r\n6. Pentesting tool with function as a WPAD Proxy Server to capture credentials from clients. [link](https://github.com/SpiderLabs/Responder)\r\n7. WPAD Name Collision Vulnerability [link](https://www.cisa.gov/news-events/alerts/2016/05/23/wpad-name-collision-vulnerability)\r\n8. WPAD Vulnerability [link](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10183) [link](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16996)\r\n9. ICANN - Root Cause Analysis - wpad.domain.name [link](https://www.icann.org/en/system/files/files/root-cause-analysis-wpad-18jan23-en.pdf)\r\n10. Windows proxy settings ultimate guide part – WPAD/PAC configuration file\r\n - [link](https://igorpuhalo.wordpress.com/2022/03/02/windows-proxy-settings-ultimate-guide-part-i-wininet-vs-winhttp/)\r\n - [link](https://igorpuhalo.wordpress.com/2022/07/15/windows-proxy-settings-ultimate-guide-part-ii-configuring-proxy-settings/)\r\n - [link](https://igorpuhalo.wordpress.com/2022/08/09/windows-proxy-settings-ultimate-guide-part-iii-wpad-pac-configuration-file/)","updated_timestamp":{"seconds":1720462754,"nanoseconds":0},"speakers":[{"content_ids":[54469],"conference_id":133,"event_ids":[54842],"name":"Thomas Boejstrup Johansen","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/thomas-b%C3%B8jstrup-johansen-3b45b44/"},{"description":"","title":"Twitter (@ToomsDK)","sort_order":0,"url":"https://twitter.com/ToomsDK"}],"media":[],"id":54169}],"begin_tsz":"2024-08-09T23:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:19:14Z","links":[],"end":"2024-08-10T00:15:00.000-0000","id":54842,"tag_ids":[46166,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723246200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54169}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-09T23:30:00.000-0000","updated":"2024-07-08T18:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Knowing where and how your mobile and IoT devices communicate on the Internet is essential for ensuring privacy and security.\r\n\r\nIn the past, it has been easy to follow their communication through a WIFI connection that you control. However, your devices are becoming more locked down and utilize mobile networks such as 4G and 5G for communication. As the devices communicate directly through mobile network base stations operated by Internet Service Providers (ISPs), tampering with or even monitoring their communication is outside your reach.\r\n\r\nWhile it is possible to set up a private base station, it requires expensive components and is hard to operate. However, many ISPs have begun offering private Access Point Names (APNs) to allow you to have a private network inside the ISP infrastructure.\r\n\r\nThis talk will show how you can affordably leverage ISP-operated mobile networks and their private APN services to control your mobile devices' network traffic. This technique lets you inspect, filter, and tamper with your mobile devices' IP traffic for offensive and defensive cyber security needs, such as penetration testing IoT devices or monitoring mobile device endpoints for malicious traffic.\r\n\r\n- [link](https://librecellular.org/)\r\n- Janne Taponen - Economizing Mobile Network Warfare: Budget-Friendly Baseband Fuzzing - T2 2024 Conference\r\n- XiaoHuiHui - All the 4G Modules Could Be Hacked - DEF CON 27 Conference [link](https://www.youtube.com/watch?v=OORUkEsannA)\n\n\n","media":[],"title":"Leveraging private APNs for mobile network traffic analysis","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T00:15:00Z","end_timestamp":{"seconds":1723248900,"nanoseconds":0},"android_description":"Knowing where and how your mobile and IoT devices communicate on the Internet is essential for ensuring privacy and security.\r\n\r\nIn the past, it has been easy to follow their communication through a WIFI connection that you control. However, your devices are becoming more locked down and utilize mobile networks such as 4G and 5G for communication. As the devices communicate directly through mobile network base stations operated by Internet Service Providers (ISPs), tampering with or even monitoring their communication is outside your reach.\r\n\r\nWhile it is possible to set up a private base station, it requires expensive components and is hard to operate. However, many ISPs have begun offering private Access Point Names (APNs) to allow you to have a private network inside the ISP infrastructure.\r\n\r\nThis talk will show how you can affordably leverage ISP-operated mobile networks and their private APN services to control your mobile devices' network traffic. This technique lets you inspect, filter, and tamper with your mobile devices' IP traffic for offensive and defensive cyber security needs, such as penetration testing IoT devices or monitoring mobile device endpoints for malicious traffic.\r\n\r\n- [link](https://librecellular.org/)\r\n- Janne Taponen - Economizing Mobile Network Warfare: Budget-Friendly Baseband Fuzzing - T2 2024 Conference\r\n- XiaoHuiHui - All the 4G Modules Could Be Hacked - DEF CON 27 Conference [link](https://www.youtube.com/watch?v=OORUkEsannA)","updated_timestamp":{"seconds":1720462702,"nanoseconds":0},"speakers":[{"content_ids":[54468],"conference_id":133,"event_ids":[54841],"name":"Aapo Oksman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Juurin Oy","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/AapoOksman"}],"media":[],"id":54203,"title":"Founder at Juurin Oy"}],"begin_tsz":"2024-08-09T23:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:18:22Z","links":[],"end":"2024-08-10T00:15:00.000-0000","id":54841,"tag_ids":[46166,46169,46419,46880],"village_id":null,"begin_timestamp":{"seconds":1723246200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54203}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-09T23:30:00.000-0000","updated":"2024-07-08T18:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A comprehensive presentation on the evolving landscape of elections in Maricopa County since the continuous 2020 Presidential Election. We will begin with an introduction to Maricopa County, highlighting its demographic and political significance. Following this, we will outline the key dates and events in the 2024 election calendar, ensuring you are well-prepared for the upcoming electoral cycle. Delving into the voting methods available to Maricopa residents, including in-person, mail-in, and early voting options, emphasizing accessibility and convenience we will explore major changes implemented since the 2020 elections.  Focusing on improvements in technology, security, and voter engagement, and reflect on the critical lessons learned from the 2022 elections that have shaped current practices and policies.Looking ahead to the 2024 elections, we will provide an overview of anticipated challenges and opportunities for voter participation. Security is paramount, and we will detail the physical security enhancements made at the voting tabulation center, as well as the strategies and protocols in place for effective coordination with law enforcement. Understanding and mitigating insider threats is essential, and we will cover the measures taken to protect against internal risks. We will also review recent statutory changes affecting elections and their implications for voters and election officials. Finally, we will highlight the importance of social media training for election staff to combat misinformation and engage with the community effectively. Join us for this informative session to gain a deeper understanding of Maricopa County’s election processes and the continuous efforts to enhance transparency, security, and voter confidence.\n\n\n","media":[],"title":"Maricopa County -Preparing for the 2024 Elections Cycle","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"A comprehensive presentation on the evolving landscape of elections in Maricopa County since the continuous 2020 Presidential Election. We will begin with an introduction to Maricopa County, highlighting its demographic and political significance. Following this, we will outline the key dates and events in the 2024 election calendar, ensuring you are well-prepared for the upcoming electoral cycle. Delving into the voting methods available to Maricopa residents, including in-person, mail-in, and early voting options, emphasizing accessibility and convenience we will explore major changes implemented since the 2020 elections.  Focusing on improvements in technology, security, and voter engagement, and reflect on the critical lessons learned from the 2022 elections that have shaped current practices and policies.Looking ahead to the 2024 elections, we will provide an overview of anticipated challenges and opportunities for voter participation. Security is paramount, and we will detail the physical security enhancements made at the voting tabulation center, as well as the strategies and protocols in place for effective coordination with law enforcement. Understanding and mitigating insider threats is essential, and we will cover the measures taken to protect against internal risks. We will also review recent statutory changes affecting elections and their implications for voters and election officials. Finally, we will highlight the importance of social media training for election staff to combat misinformation and engage with the community effectively. Join us for this informative session to gain a deeper understanding of Maricopa County’s election processes and the continuous efforts to enhance transparency, security, and voter confidence.","updated_timestamp":{"seconds":1723183538,"nanoseconds":0},"speakers":[{"content_ids":[56190],"conference_id":133,"event_ids":[56844],"name":"Jason Butryn","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/company/maricopa-county/"},{"description":"","title":"Twitter (@recordersoffice)","sort_order":0,"url":"https://twitter.com/recordersoffice"},{"description":"","title":"Website","sort_order":0,"url":"https://recorder.maricopa.gov/"}],"media":[],"id":56573},{"content_ids":[56190,56202],"conference_id":133,"event_ids":[56844,56856],"name":"Nate Young","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/company/maricopa-county/"},{"description":"","title":"Twitter (@recordersoffice)","sort_order":0,"url":"https://twitter.com/recordersoffice"},{"description":"","title":"Website","sort_order":0,"url":"https://recorder.maricopa.gov/"}],"media":[],"id":56579}],"begin_tsz":"2024-08-09T23:15:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:05:38Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":56844,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723245300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56579},{"tag_id":46167,"sort_order":4,"person_id":56573}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-09T23:15:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The ethical and secure disclosure of vulnerabilities in AI has emerged as a pivotal challenge, compounded by the need to address biases and misinformation that often cloud the true nature of these vulnerabilities. This talk delves into the intricate dynamics of vulnerability disclosure within AI, balancing transparency with security. We'll dissect the unique challenges AI presents, such as data bias exploitation and model manipulation, which can amplify the impact of vulnerabilities. Through a lens of real-world examples and recent disclosures, we'll navigate the complexities of responsible vulnerability management in AI. Our discussion will not only aim to shed light on these critical issues but also inspire a unified approach to refining disclosure processes. This concerted effort is vital for enhancing the integrity of AI systems and bolstering public trust in their use.\n\n\n","media":[],"title":"I've got 99 problems but a prompt injection ain't watermelon","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:45:00Z","end_timestamp":{"seconds":1723247100,"nanoseconds":0},"android_description":"The ethical and secure disclosure of vulnerabilities in AI has emerged as a pivotal challenge, compounded by the need to address biases and misinformation that often cloud the true nature of these vulnerabilities. This talk delves into the intricate dynamics of vulnerability disclosure within AI, balancing transparency with security. We'll dissect the unique challenges AI presents, such as data bias exploitation and model manipulation, which can amplify the impact of vulnerabilities. Through a lens of real-world examples and recent disclosures, we'll navigate the complexities of responsible vulnerability management in AI. Our discussion will not only aim to shed light on these critical issues but also inspire a unified approach to refining disclosure processes. This concerted effort is vital for enhancing the integrity of AI systems and bolstering public trust in their use.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[54623,55698,55989],"conference_id":133,"event_ids":[56611,56229,54997],"name":"Chloé Messdaghi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"HiddenLayer","title":"Head of Threat Intelligence"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@ChloeMessdaghi)","sort_order":0,"url":"https://twitter.com/ChloeMessdaghi"}],"media":[],"id":54278,"title":"Head of Threat Intelligence at HiddenLayer"},{"content_ids":[54623,55878,55698,55989],"conference_id":133,"event_ids":[56611,56229,56463,54997],"name":"Kasimir Schulz","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"HiddenLayer","title":"Principal Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@abraxus7331)","sort_order":0,"url":"https://twitter.com/abraxus7331"}],"media":[],"id":54282,"title":"Principal Security Researcher at HiddenLayer"}],"begin_tsz":"2024-08-09T23:15:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T23:45:00.000-0000","id":56229,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723245300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54278},{"tag_id":46167,"sort_order":6,"person_id":54282}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-09T23:15:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AIxCC Collaborator Panel Discussion\n\n\n","media":[],"title":"Industry Panel: The Modern Evolution of LLMs","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:45:00Z","end_timestamp":{"seconds":1723247100,"nanoseconds":0},"android_description":"AIxCC Collaborator Panel Discussion","updated_timestamp":{"seconds":1722920674,"nanoseconds":0},"speakers":[{"content_ids":[56130,56129],"conference_id":133,"event_ids":[56772,56773],"name":"Heather Adkins","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Vice President of Security Engineering"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/argvee"},{"description":"","title":"Twitter (@argvee)","sort_order":0,"url":"https://twitter.com/argvee"}],"media":[],"id":56515,"title":"Vice President of Security Engineering at Google"},{"content_ids":[56135,56129],"conference_id":133,"event_ids":[56772,56778],"name":"Jason Clinton","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Anthropic","title":"Chief Information Security Officer"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/jason-d-clinton/"},{"description":"","title":"Twitter (@JasonDClinton)","sort_order":0,"url":"https://twitter.com/JasonDClinton"}],"media":[],"id":56516,"title":"Chief Information Security Officer at Anthropic"},{"content_ids":[56131,56133,56129],"conference_id":133,"event_ids":[56772,56774,56776],"name":"Matt Knight","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"OpenAI","title":"Head of Security"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/matthewfknight/"},{"description":"","title":"Twitter (@embeddedsec)","sort_order":0,"url":"https://x.com/embeddedsec"}],"media":[],"id":56517,"title":"Head of Security at OpenAI"},{"content_ids":[56129],"conference_id":133,"event_ids":[56772],"name":"Dr. Matt Turek","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DARPA","title":"Deputy Office Director for DARPA's Information Innovation Office (I2O)"}],"pronouns":"he/him","links":[{"description":"","title":"DARPA Profile","sort_order":0,"url":"https://www.darpa.mil/staff/dr-matt-turek"},{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/matt-turek-0b2b665"}],"media":[],"id":56519,"title":"Deputy Office Director for DARPA's Information Innovation Office (I2O) at DARPA"},{"content_ids":[56129],"conference_id":133,"event_ids":[56772],"name":"David Weston","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":""}],"links":[],"pronouns":null,"media":[],"id":56533,"title":"Microsoft"}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-06T05:04:34Z","links":[],"end":"2024-08-09T23:45:00.000-0000","id":56772,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46488,"sort_order":2,"person_id":56519},{"tag_id":46487,"sort_order":4,"person_id":56515},{"tag_id":46487,"sort_order":6,"person_id":56516},{"tag_id":46487,"sort_order":8,"person_id":56517},{"tag_id":46487,"sort_order":10,"person_id":56533}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-08-06T05:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We’ll walk through the structures of a PDF, analyzing each part of it, demonstrating how Threat Actors work in the inclusion of malicious components in the structures of the file, in addition to demonstrating the collection of IOC(Indicators of Attack)s and how to build IOA(Indicators of Attack) for analysis by behavior, to anticipate new attacks. Demonstrating structures in the binaries as a PDF(header/ body/cross-reference table/trailer) and performing a comparison of malicious PDFs, explaining how each session works within a binary, what are the techniques used such as packers, obfuscation with JavaScript (PDF) and more, explaining too about some anti-disassembly techniques, demonstrating as a is the action of these malware’s and where it would be possible to “include” a malicious code.\n\n\n","media":[],"title":"Structural Insights: PDF Analysis for Detecting and Defending Against Threats","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:30:00Z","end_timestamp":{"seconds":1723246200,"nanoseconds":0},"android_description":"We’ll walk through the structures of a PDF, analyzing each part of it, demonstrating how Threat Actors work in the inclusion of malicious components in the structures of the file, in addition to demonstrating the collection of IOC(Indicators of Attack)s and how to build IOA(Indicators of Attack) for analysis by behavior, to anticipate new attacks. Demonstrating structures in the binaries as a PDF(header/ body/cross-reference table/trailer) and performing a comparison of malicious PDFs, explaining how each session works within a binary, what are the techniques used such as packers, obfuscation with JavaScript (PDF) and more, explaining too about some anti-disassembly techniques, demonstrating as a is the action of these malware’s and where it would be possible to “include” a malicious code.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55303,55493,55964],"conference_id":133,"event_ids":[56580,55693,55922],"name":"Filipi Pires","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"senhasegura","title":"Security and Threat Researcher and Cybersecurity Advocate"},{"organization":"Black&White Technology","title":"Founder"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/filipipires/"},{"description":"","title":"Twitter (@FilipiPires)","sort_order":0,"url":"https://twitter.com/FilipiPires"},{"description":"","title":"Website","sort_order":0,"url":"https://filipipires.com"}],"media":[],"id":55857,"title":"Founder at Black&White Technology"}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-09T23:30:00.000-0000","id":56580,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55857}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is an AMA/Podcast that will be recorded on-site.\n\n\n","media":[],"title":"Interview - the gumshoo, Hosted by Ram","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"This is an AMA/Podcast that will be recorded on-site.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55905],"conference_id":133,"event_ids":[56492],"name":"Ram","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56261},{"content_ids":[55905],"conference_id":133,"event_ids":[56492],"name":"the gumshoo","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56283}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":56492,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56283},{"tag_id":46167,"sort_order":4,"person_id":56261}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Christina will speak to the latest MITRE ATLAS community efforts focused on capturing and sharing cross community data on real world AI incidents, expanding the community’s data on vulnerabilities that can arise when using open-source AI models or data, especially for vulnerabilities that fall outside of the scope of CVE/CWE, and developing mitigations to defend against these AI security threats and vulnerabilities.\r\n\r\nMITRE ATLAS () is a public knowledge base of adversary tactics and techniques based on real-world attack observations and realistic demonstrations from artificial intelligence (AI) red teams and security groups. There are a growing number of vulnerabilities in AI-enabled systems as the incorporation of AI increases the attack surfaces of existing systems beyond those of traditional cyberattacks. We developed ATLAS to raise community awareness and readiness for these unique threats, vulnerabilities, and risks in the broader AI assurance landscape.\n\n\n","media":[],"title":"AI Village Day 1 Keynote – Poison, injection, evasion, oh my! Grounding AI security threats in data driven reality","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"Christina will speak to the latest MITRE ATLAS community efforts focused on capturing and sharing cross community data on real world AI incidents, expanding the community’s data on vulnerabilities that can arise when using open-source AI models or data, especially for vulnerabilities that fall outside of the scope of CVE/CWE, and developing mitigations to defend against these AI security threats and vulnerabilities.\r\n\r\nMITRE ATLAS () is a public knowledge base of adversary tactics and techniques based on real-world attack observations and realistic demonstrations from artificial intelligence (AI) red teams and security groups. There are a growing number of vulnerabilities in AI-enabled systems as the incorporation of AI increases the attack surfaces of existing systems beyond those of traditional cyberattacks. We developed ATLAS to raise community awareness and readiness for these unique threats, vulnerabilities, and risks in the broader AI assurance landscape.","updated_timestamp":{"seconds":1722628416,"nanoseconds":0},"speakers":[{"content_ids":[55892],"conference_id":133,"event_ids":[56479],"name":"Christina Liaghati","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56260}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:53:36Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":56479,"tag_ids":[46368,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56260}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-08-02T19:53:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk explores security issues in quantum computing, identifying attack vectors on major platforms like IBM and IonQ. We examine vulnerabilities in popular quantum software development kits (SDKs) and workflows, highlighting flaws in authentication token management and supply chain attacks that inject malicious circuits.\n\nWe also review existing literature on vulnerabilities in Quantum Processing Units (QPUs) and present new attacks that exploit qubit reset quality to infer results from prior computations and tamper with subsequent ones. Additionally, we demonstrate how crosstalk can inject faults into circuits run by other tenants on the same QPU.\n\nQuantum computing holds immense potential, but so does the responsibility to secure it. By understanding and addressing these vulnerabilities today, we can build a more secure quantum ecosystem.\n\n\n","media":[],"title":"Attack Vectors of Quantum Computers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"This talk explores security issues in quantum computing, identifying attack vectors on major platforms like IBM and IonQ. We examine vulnerabilities in popular quantum software development kits (SDKs) and workflows, highlighting flaws in authentication token management and supply chain attacks that inject malicious circuits.\n\nWe also review existing literature on vulnerabilities in Quantum Processing Units (QPUs) and present new attacks that exploit qubit reset quality to infer results from prior computations and tamper with subsequent ones. Additionally, we demonstrate how crosstalk can inject faults into circuits run by other tenants on the same QPU.\n\nQuantum computing holds immense potential, but so does the responsibility to secure it. By understanding and addressing these vulnerabilities today, we can build a more secure quantum ecosystem.","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[{"content_ids":[55846],"conference_id":133,"event_ids":[56433],"name":"Sorin Boloș","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56224},{"content_ids":[55846],"conference_id":133,"event_ids":[56433],"name":"Adrian Coleșa","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56225}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":56433,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56224},{"tag_id":46167,"sort_order":4,"person_id":56225}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Are you looking to install or upgrade a physical access control system? Having installed, repaired and upgraded dozens of large and small access control system installations, I have found that many vendors install a minimum viable product that can leave your new system unreliable and trivial to bypass.\r\n\r\nThis session will give you the tools and knowledge you need to work with your installer to implement your system using best practices in the following areas:\r\n\r\n- Wiring, supervision, encryption and tamper-resistance\r\n- Choosing clone-resistant badges and securely programming badge readers\r\n- Securing controller equipment and managing issued badges\r\n- Maintaining the system for maximum security and uptime\n\n\n","media":[],"title":"Access Control done right the first time","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:30:00Z","end_timestamp":{"seconds":1723246200,"nanoseconds":0},"android_description":"Are you looking to install or upgrade a physical access control system? Having installed, repaired and upgraded dozens of large and small access control system installations, I have found that many vendors install a minimum viable product that can leave your new system unreliable and trivial to bypass.\r\n\r\nThis session will give you the tools and knowledge you need to work with your installer to implement your system using best practices in the following areas:\r\n\r\n- Wiring, supervision, encryption and tamper-resistance\r\n- Choosing clone-resistant badges and securely programming badge readers\r\n- Securing controller equipment and managing issued badges\r\n- Maintaining the system for maximum security and uptime","updated_timestamp":{"seconds":1722564561,"nanoseconds":0},"speakers":[{"content_ids":[54625,55797],"conference_id":133,"event_ids":[56346,54999],"name":"Tim Clevenger","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SailPoint","title":"Cybersecurity Network Engineer"}],"links":[],"pronouns":null,"media":[],"id":54335,"title":"Cybersecurity Network Engineer at SailPoint"}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T02:09:21Z","links":[],"end":"2024-08-09T23:30:00.000-0000","id":56346,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":4,"person_id":54335}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-08-02T02:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This panel will consist of leaders and practitioners from multiple areas of the security and hacking space, working together to unite the Red Team and the Blue Team.\n\n\n","media":[],"title":"Blue Goes Purple: Purple Teams for Fun and Profit (A BTV & RTV Panel)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"This panel will consist of leaders and practitioners from multiple areas of the security and hacking space, working together to unite the Red Team and the Blue Team.","updated_timestamp":{"seconds":1722814527,"nanoseconds":0},"speakers":[{"content_ids":[54652,55750],"conference_id":133,"event_ids":[56275,55025],"name":"Catherine J. Ullman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"University at Buffalo","title":"Principle Technology Architect, Security"}],"links":[],"pronouns":null,"media":[],"id":54297,"title":"Principle Technology Architect, Security at University at Buffalo"},{"content_ids":[55272,55750],"conference_id":133,"event_ids":[55662,56275],"name":"Ralph May","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Black Hills Information Security (BHIS)","title":"Security Analyst and Penetration Tester"}],"links":[],"pronouns":null,"media":[],"id":55826,"title":"Security Analyst and Penetration Tester at Black Hills Information Security (BHIS)"},{"content_ids":[55750],"conference_id":133,"event_ids":[56275],"name":"Jake Williams","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56152},{"content_ids":[55750],"conference_id":133,"event_ids":[56275],"name":"Meaghan Neill","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"EY Canada","title":"Threat Hunter and DFIR Analyst"}],"links":[],"pronouns":null,"media":[],"id":56165,"title":"Threat Hunter and DFIR Analyst at EY Canada"},{"content_ids":[55750],"conference_id":133,"event_ids":[56275],"name":"Matthew Nickerson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56593}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-04T23:35:27Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":56275,"tag_ids":[46373,46392,46511],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54297},{"tag_id":46167,"sort_order":4,"person_id":56152},{"tag_id":46167,"sort_order":6,"person_id":56165},{"tag_id":46167,"sort_order":8,"person_id":55826},{"tag_id":46167,"sort_order":10,"person_id":56593}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-08-04T23:35:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This presentation is a practical introduction into 802.11ah HaLow WiFi. It starts with a brief description of the IEEE 802.11ah standard, history, and specification and includes a short survey of currently available 802.11ah chipsets and devices. One of these, the TaiXin TXW8301 chipset, is described in detail including hardware, firmware, configuration, and software tools. The radio waveform characteristics are presented as is information in using SDRs to capture and decode the WiFi frames. The presentation concludes with a brief description of the practical uses of 802.11ah devices.\n\n\n","media":[],"title":"A Short Introduction to 802.11ah Long Range WiFi HaLow with TaiXin TXW8301 devices","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:25:00Z","end_timestamp":{"seconds":1723245900,"nanoseconds":0},"android_description":"This presentation is a practical introduction into 802.11ah HaLow WiFi. It starts with a brief description of the IEEE 802.11ah standard, history, and specification and includes a short survey of currently available 802.11ah chipsets and devices. One of these, the TaiXin TXW8301 chipset, is described in detail including hardware, firmware, configuration, and software tools. The radio waveform characteristics are presented as is information in using SDRs to capture and decode the WiFi frames. The presentation concludes with a brief description of the practical uses of 802.11ah devices.","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55451],"conference_id":133,"event_ids":[55876],"name":"Ronald Broberg","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Dark Wolf Solutions","title":""}],"pronouns":null,"links":[{"description":"","title":"Twitter (@noiq15)","sort_order":0,"url":"https://twitter.com/noiq15"}],"media":[],"id":55990,"title":"Dark Wolf Solutions"},{"content_ids":[55451],"conference_id":133,"event_ids":[55876],"name":"Robert Van Etta","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Dark Wolf Solutions","title":"Senior Penetration Tester"}],"links":[],"pronouns":null,"media":[],"id":55991,"title":"Senior Penetration Tester at Dark Wolf Solutions"}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-09T23:25:00.000-0000","id":55876,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55990},{"tag_id":46167,"sort_order":4,"person_id":55991}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the complex landscape of modern cybersecurity, identifying coordinated attacks within massive volumes of operational & security data is a formidable challenge. Security professionals often grapple with distinguishing these attacks from numerous false positives and isolated incidents. This talk will illuminate how data science can be harnessed to transform tons of ICS events, logs, and alerts into a bunch of clusters, a few kill chains, and fewer actionable insights, with open-source models.\r\n\r\nJoin us on a journey to enhance ICS security operations efficacy and efficiency.\r\n\r\nIn the intricate and ever-evolving landscape of modern cybersecurity, pinpointing coordinated attacks amid vast volumes of security data is an immensely challenging task. Security professionals constantly wrestle with distinguishing genuine threats from a sea of false positives and isolated incidents. This talk will shed light on how data science can be leveraged to transform an overwhelming number of events, logs, and alerts into manageable clusters, insightful kill chains, and actionable insights using open-source models.\r\n\r\nAttendees will gain a comprehensive understanding of the necessary steps to preprocess and normalize diverse data sources, map them to standardized threat models, and use AI-driven methods to contextualize and correlate security events. The session will also cover how to generate different types of tickets, such as false positive advisories, incident reports, and detailed attack stories, to streamline response efforts and enhance IT & OT security operations' overall efficacy and efficiency.\n\n\n","media":[],"title":"Correlating & contextualizing OT events/alerts/logs using weakly supervised AI","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:55:00Z","end_timestamp":{"seconds":1723247700,"nanoseconds":0},"android_description":"In the complex landscape of modern cybersecurity, identifying coordinated attacks within massive volumes of operational & security data is a formidable challenge. Security professionals often grapple with distinguishing these attacks from numerous false positives and isolated incidents. This talk will illuminate how data science can be harnessed to transform tons of ICS events, logs, and alerts into a bunch of clusters, a few kill chains, and fewer actionable insights, with open-source models.\r\n\r\nJoin us on a journey to enhance ICS security operations efficacy and efficiency.\r\n\r\nIn the intricate and ever-evolving landscape of modern cybersecurity, pinpointing coordinated attacks amid vast volumes of security data is an immensely challenging task. Security professionals constantly wrestle with distinguishing genuine threats from a sea of false positives and isolated incidents. This talk will shed light on how data science can be leveraged to transform an overwhelming number of events, logs, and alerts into manageable clusters, insightful kill chains, and actionable insights using open-source models.\r\n\r\nAttendees will gain a comprehensive understanding of the necessary steps to preprocess and normalize diverse data sources, map them to standardized threat models, and use AI-driven methods to contextualize and correlate security events. The session will also cover how to generate different types of tickets, such as false positive advisories, incident reports, and detailed attack stories, to streamline response efforts and enhance IT & OT security operations' overall efficacy and efficiency.","updated_timestamp":{"seconds":1721781657,"nanoseconds":0},"speakers":[{"content_ids":[54634,55759,55495,55348,56206,55557],"conference_id":133,"event_ids":[55740,56072,55924,56284,56860,55008],"name":"Ezz Tahoun","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ezzeldinadel/"}],"media":[],"id":54240}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T00:40:57Z","links":[],"end":"2024-08-09T23:55:00.000-0000","id":55740,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54240}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-24T00:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Kubernetes is an extremely popular, open source container orchestration system, that is used by organizations large and small. Kubernetes’s design philosophy leaves security to the system administrators, letting them pick and choose which security mechanisms they want to enable or disable. As such, it can leave Kubernetes deployments quite vulnerable.\n\nIn an attempt to abuse this fact, we began looking for potential exploitation avenues. Eventually, we were able to identify several vulnerabilities in different Kubernetes components that could enable a low privileged attacker to execute code, escalate privileges and exfiltrate data. We also found flaws in Kubernetes sidecar project: “gitsync”. These flaws will not be patched, meaning mitigation hinges only on the awareness of security personnel. \n\nIn this talk we will go through the methodology we used to find these kinds of vulnerabilities, share our thought process on how to exploit them and show how attackers can easily execute commands with SYSTEM privileges. We will also discuss Kubernetes’s design philosophy and how it can allow these types of opportunities.\n\n\n","media":[],"title":"Thinking Outside the Kube - Finding and Exploiting Command Injections in Kubernetes","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T23:50:00Z","end_timestamp":{"seconds":1723247400,"nanoseconds":0},"android_description":"Kubernetes is an extremely popular, open source container orchestration system, that is used by organizations large and small. Kubernetes’s design philosophy leaves security to the system administrators, letting them pick and choose which security mechanisms they want to enable or disable. As such, it can leave Kubernetes deployments quite vulnerable.\n\nIn an attempt to abuse this fact, we began looking for potential exploitation avenues. Eventually, we were able to identify several vulnerabilities in different Kubernetes components that could enable a low privileged attacker to execute code, escalate privileges and exfiltrate data. We also found flaws in Kubernetes sidecar project: “gitsync”. These flaws will not be patched, meaning mitigation hinges only on the awareness of security personnel. \n\nIn this talk we will go through the methodology we used to find these kinds of vulnerabilities, share our thought process on how to exploit them and show how attackers can easily execute commands with SYSTEM privileges. We will also discuss Kubernetes’s design philosophy and how it can allow these types of opportunities.","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55284],"conference_id":133,"event_ids":[55674],"name":"Tomer Peled","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@TomerPeled92)","sort_order":0,"url":"https://twitter.com/TomerPeled92"}],"media":[],"id":55836}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T23:50:00.000-0000","id":55674,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55836}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the world of cybersecurity, the kitchen is always hot, and at this year’s Defcon in Las Vegas, we’re cooking up something special in the Red Team Village. Our dish of the day? A deep dive into the exploitation of Electron applications, served with a side of humor and a dash of intrigue.\n\nElectron applications, while popular, have been found to have a soft underbelly. This talk will demonstrate how these applications can be abused to access directories protected by the Transparency, Consent, and Control (TCC) framework. We’ll also show how these applications can be manipulated to maintain persistence by inserting backdoors, effectively turning them into bridges for privilege escalation.\n\nWe’ll walk you through the anatomy of an Electron app, laying out the exploitation scenarios in detail. We’ll serve up a course of case studies, featuring apps that were once vulnerable but have since been patched, and those that remain vulnerable because their manufacturers do not consider these issues as vulnerabilities (let's see if after this talk they won't fix it). These examples will highlight the loopholes that both red team simulations and real attackers can exploit.\n\nOur menu will also include a discussion on the importance of hardening Electron applications. Without proper hardening, these apps can easily be used as access points for privilege escalation and backdoor implantation. We’ll present techniques that cater to the unique characteristics of some apps, which have diverse permissions in the system.\n\nFor dessert, we’ll delve into the more sinister side of these vulnerabilities. Some applications have entitlements that enable access to the camera and audio, which can be exploited to monitor victims. We’ll demonstrate how these entitlements can be abused, adding a chilling finish to our meal.\n\nThroughout the talk, we’ll be showcasing XX CVE’s that we’ve acquired, providing a real-world context to our discussion. We’ll also demonstrate two tools that we’ve created, which will add some spice to our presentation.\n\nSo, join us as we whip up a batch of Mac-n-Cheese, serving you delicious Electron techniques that will leave you hungry for more. This talk is a must-attend for anyone interested in understanding the potential vulnerabilities in Electron applications and how to exploit them. Bon appétit, Red Teamers!\n\n\n","media":[],"title":"Mac-n-Cheese: How to Cook Up Delicious Electron Techniques for Red Teamers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T23:50:00Z","end_timestamp":{"seconds":1723247400,"nanoseconds":0},"android_description":"In the world of cybersecurity, the kitchen is always hot, and at this year’s Defcon in Las Vegas, we’re cooking up something special in the Red Team Village. Our dish of the day? A deep dive into the exploitation of Electron applications, served with a side of humor and a dash of intrigue.\n\nElectron applications, while popular, have been found to have a soft underbelly. This talk will demonstrate how these applications can be abused to access directories protected by the Transparency, Consent, and Control (TCC) framework. We’ll also show how these applications can be manipulated to maintain persistence by inserting backdoors, effectively turning them into bridges for privilege escalation.\n\nWe’ll walk you through the anatomy of an Electron app, laying out the exploitation scenarios in detail. We’ll serve up a course of case studies, featuring apps that were once vulnerable but have since been patched, and those that remain vulnerable because their manufacturers do not consider these issues as vulnerabilities (let's see if after this talk they won't fix it). These examples will highlight the loopholes that both red team simulations and real attackers can exploit.\n\nOur menu will also include a discussion on the importance of hardening Electron applications. Without proper hardening, these apps can easily be used as access points for privilege escalation and backdoor implantation. We’ll present techniques that cater to the unique characteristics of some apps, which have diverse permissions in the system.\n\nFor dessert, we’ll delve into the more sinister side of these vulnerabilities. Some applications have entitlements that enable access to the camera and audio, which can be exploited to monitor victims. We’ll demonstrate how these entitlements can be abused, adding a chilling finish to our meal.\n\nThroughout the talk, we’ll be showcasing XX CVE’s that we’ve acquired, providing a real-world context to our discussion. We’ll also demonstrate two tools that we’ve created, which will add some spice to our presentation.\n\nSo, join us as we whip up a batch of Mac-n-Cheese, serving you delicious Electron techniques that will leave you hungry for more. This talk is a must-attend for anyone interested in understanding the potential vulnerabilities in Electron applications and how to exploit them. Bon appétit, Red Teamers!","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55283],"conference_id":133,"event_ids":[55673],"name":"Roberto Soares","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@espreto)","sort_order":0,"url":"https://twitter.com/espreto"}],"media":[],"id":55834}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T23:50:00.000-0000","id":55673,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55834}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Amid the Gen-AI revolution, notably through the rise of Large Language Models (LLMs), the cybersecurity landscape faces opportunities and challenges. These advanced AI models have successfully analyzed texts at unprecedented speeds, offering profound insights into vast data pools. However, this rapid technological growth has paved the way for sophisticated Gen-AI-powered cyber threats that exploit these systems' adaptable, polymorphic nature, outpacing traditional defenses.\r\n\r\nThis presentation seeks to empower red teamers by unveiling the potential of open-source Gen-AI as a formidable ally in cybersecurity. Focusing on practical application, we will guide participants through constructing their own Gen-AI-based \"co-pilot,\" leveraging LLMs to enhance vulnerability identification and defense mechanisms. \r\n\r\nAttendees will be introduced to the fundamentals of Gen-AI, including cost-effective strategies for fine-tuning LLMs using custom datasets drawn from pentest reports, bug bounties, and more. The discussion will extend to innovative, memory-efficient training methods such as LORA (Low-Rank Adaptation) and Quantized Low-Rank Adaptation (QLORA), making training an LLM on a modest single GPU setup feasible. \r\n\r\nDesigned for beginners with no prior AI experience, this talk aims to equip red teamers with powerful, open-source AI tools to accelerate vulnerability detection. By harnessing Gen-AI, cybersecurity professionals can stay one step ahead, identifying and mitigating potential threats at machine speed, ensuring they outpace adversaries in the ongoing cyber battle.\n\n\n","media":[],"title":"Building Your Red-Teaming Co-Pilot: Navigating the New Cyber Era with Pretrained Gen-AI","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T23:50:00Z","end_timestamp":{"seconds":1723247400,"nanoseconds":0},"android_description":"Amid the Gen-AI revolution, notably through the rise of Large Language Models (LLMs), the cybersecurity landscape faces opportunities and challenges. These advanced AI models have successfully analyzed texts at unprecedented speeds, offering profound insights into vast data pools. However, this rapid technological growth has paved the way for sophisticated Gen-AI-powered cyber threats that exploit these systems' adaptable, polymorphic nature, outpacing traditional defenses.\r\n\r\nThis presentation seeks to empower red teamers by unveiling the potential of open-source Gen-AI as a formidable ally in cybersecurity. Focusing on practical application, we will guide participants through constructing their own Gen-AI-based \"co-pilot,\" leveraging LLMs to enhance vulnerability identification and defense mechanisms. \r\n\r\nAttendees will be introduced to the fundamentals of Gen-AI, including cost-effective strategies for fine-tuning LLMs using custom datasets drawn from pentest reports, bug bounties, and more. The discussion will extend to innovative, memory-efficient training methods such as LORA (Low-Rank Adaptation) and Quantized Low-Rank Adaptation (QLORA), making training an LLM on a modest single GPU setup feasible. \r\n\r\nDesigned for beginners with no prior AI experience, this talk aims to equip red teamers with powerful, open-source AI tools to accelerate vulnerability detection. By harnessing Gen-AI, cybersecurity professionals can stay one step ahead, identifying and mitigating potential threats at machine speed, ensuring they outpace adversaries in the ongoing cyber battle.","updated_timestamp":{"seconds":1721595356,"nanoseconds":0},"speakers":[{"content_ids":[55282,55199],"conference_id":133,"event_ids":[55589,55672],"name":"Gaspard Baye","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"AI Researcher & Ph.D. Candidate"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/bayegaspard/"},{"description":"","title":"Twitter (@bayegaspard)","sort_order":0,"url":"https://twitter.com/bayegaspard"},{"description":"","title":"Website","sort_order":0,"url":"https://umassd.edu"}],"media":[],"id":55802,"title":"AI Researcher & Ph.D. Candidate"}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T20:55:56Z","links":[],"end":"2024-08-09T23:50:00.000-0000","id":55672,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55802}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-21T20:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The world is currently undergoing a rapid digital transformation sometimes referred to as the fourth industrial revolution. During this transformation, it is increasingly clear that many scientific fields are not prepared for this change. One specific area is agriculture. As the sector which creates global food supply, this critical infrastructure requires detailed assessment and research via newly developed technologies (Millett et al, 2019; Peccoud et al, 2018) . Despite its fundamental significance to modern civilization, many aspects of industrial agriculture have not yet adapted to the digital world. This is evident in the many vulnerabilities currently present within agricultural systems, as well as the lacking and fragmented nature of policy dictating cybersecurity stances– the field which intersects both cybersecurity and biosecurity to protect several areas within life sciences (Murch et al, 2018; Duncan et al, 2019; U.S. Department of Agriculture, 2022) . These looming oversights create dangers to advanced agricultural systems, which in turn poses risk to businesses, economies, and individuals. While there are various methods to reduce these risk factors, they ultimately depend on the careful consideration of cyberbiosecurity (CBS) by all involved. This includes the system developers, equipment engineers, and especially the end users - all of us. A conscientious team-effort can work to diminish risks and ultimately provide a safer environment for advanced agriculture and all who depend on it. This analysis explores numerous vulnerabilities within the system of advanced agriculture, discusses potential solutions to the escalating risks they present, and considers the achievable future of an advanced agricultural system which further implements the role of CBS.\n\n\n","media":[],"title":"The Implications of Cyberbiosecurity in Advanced Agricultural Systems","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"The world is currently undergoing a rapid digital transformation sometimes referred to as the fourth industrial revolution. During this transformation, it is increasingly clear that many scientific fields are not prepared for this change. One specific area is agriculture. As the sector which creates global food supply, this critical infrastructure requires detailed assessment and research via newly developed technologies (Millett et al, 2019; Peccoud et al, 2018) . Despite its fundamental significance to modern civilization, many aspects of industrial agriculture have not yet adapted to the digital world. This is evident in the many vulnerabilities currently present within agricultural systems, as well as the lacking and fragmented nature of policy dictating cybersecurity stances– the field which intersects both cybersecurity and biosecurity to protect several areas within life sciences (Murch et al, 2018; Duncan et al, 2019; U.S. Department of Agriculture, 2022) . These looming oversights create dangers to advanced agricultural systems, which in turn poses risk to businesses, economies, and individuals. While there are various methods to reduce these risk factors, they ultimately depend on the careful consideration of cyberbiosecurity (CBS) by all involved. This includes the system developers, equipment engineers, and especially the end users - all of us. A conscientious team-effort can work to diminish risks and ultimately provide a safer environment for advanced agriculture and all who depend on it. This analysis explores numerous vulnerabilities within the system of advanced agriculture, discusses potential solutions to the escalating risks they present, and considers the achievable future of an advanced agricultural system which further implements the role of CBS.","updated_timestamp":{"seconds":1721495223,"nanoseconds":0},"speakers":[{"content_ids":[55196],"conference_id":133,"event_ids":[55586],"name":"Simone Stephen","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Security Researcher"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/simone-stephen/"}],"media":[],"id":55810,"title":"Security Researcher"}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T17:07:03Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":55586,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55810}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-20T17:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Name the Noob is a fun and interactive session where seasoned hackers create unique handles for new attendees. This activity helps newbies integrate into the hacking community and gives them a memorable start to their cybersecurity journey.\n\n\n","media":[],"title":"Name the Noob","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Name the Noob is a fun and interactive session where seasoned hackers create unique handles for new attendees. This activity helps newbies integrate into the hacking community and gives them a memorable start to their cybersecurity journey.","updated_timestamp":{"seconds":1721487277,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T14:54:37Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55415,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Building an AI product for the everyday person is challenging - doing it in a privacy focused way is nearly impossible without support from the right people. I'll walk through the techniques we're using at Rabbit to secure customer data and provide people a choice as to where their data goes.\n\nWe'll cover the pipelines that\n- Collect and Manage customer identity after they login to a site\n- Log, Anonymize, and Process customer voice interactions\n- Provide \"just in time\" access to customer data for personalized RAG-like models\n\nAs a community, I think we're well within our rights to demand control over the data we provide to companies. This talk aims to provide engineers with a list of ideas on \"what right could look like\", and general attendees a list of things that are possible, so they know its ok to ask for them.\n\n\n","media":[],"title":"Data On Demand: The challenges of building a privacy focused AI Device","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"Building an AI product for the everyday person is challenging - doing it in a privacy focused way is nearly impossible without support from the right people. I'll walk through the techniques we're using at Rabbit to secure customer data and provide people a choice as to where their data goes.\n\nWe'll cover the pipelines that\n- Collect and Manage customer identity after they login to a site\n- Log, Anonymize, and Process customer voice interactions\n- Provide \"just in time\" access to customer data for personalized RAG-like models\n\nAs a community, I think we're well within our rights to demand control over the data we provide to companies. This talk aims to provide engineers with a list of ideas on \"what right could look like\", and general attendees a list of things that are possible, so they know its ok to ask for them.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54583],"conference_id":133,"event_ids":[54958],"name":"Matt Domko","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"(in)famous AI Walkie Talkie Manufacturer","title":"Head of Security"}],"links":[],"pronouns":null,"media":[],"id":54366,"title":"Head of Security at (in)famous AI Walkie Talkie Manufacturer"}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":54958,"tag_ids":[46377,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54366}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Almost since the internet was made widely available to the general public, average technology users have fallen prey to threats from malicious spam, malware, phishing, smishing, scams, fraud, and ransomware. In most of the US, primary and secondary education (in the US, comprising kindergarten through 12th grade) now incorporate computing technology as an integral part of the classroom, and some families introduce computing platforms to children in their toddler and preschool years. Despite our society's growing dependence on computing technology in the world of education, there remain no national standards or curricula for the teaching of data privacy or information security principles. This disconnect sets future generations up for failure, and a continuation of a cycle of ignorance that perpetuates cybercrime victimization. This presentation makes the case that schools must adopt and incorporate concepts of data privacy, information security, defense against fraud and phishing, and internet safety, in age-appropriate ways, into lesson plans at all grade levels. Further, school districts and independent schools must take steps to protect themselves from the threat of ransomware, data breaches, and other forms of criminal activity. \n\n\n","media":[],"title":"Cybersecurity Schoolhouse Rock","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:30:00Z","end_timestamp":{"seconds":1723246200,"nanoseconds":0},"android_description":"Almost since the internet was made widely available to the general public, average technology users have fallen prey to threats from malicious spam, malware, phishing, smishing, scams, fraud, and ransomware. In most of the US, primary and secondary education (in the US, comprising kindergarten through 12th grade) now incorporate computing technology as an integral part of the classroom, and some families introduce computing platforms to children in their toddler and preschool years. Despite our society's growing dependence on computing technology in the world of education, there remain no national standards or curricula for the teaching of data privacy or information security principles. This disconnect sets future generations up for failure, and a continuation of a cycle of ignorance that perpetuates cybercrime victimization. This presentation makes the case that schools must adopt and incorporate concepts of data privacy, information security, defense against fraud and phishing, and internet safety, in age-appropriate ways, into lesson plans at all grade levels. Further, school districts and independent schools must take steps to protect themselves from the threat of ransomware, data breaches, and other forms of criminal activity.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54582],"conference_id":133,"event_ids":[54957],"name":"Avi McGrady","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54315}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T23:30:00.000-0000","id":54957,"tag_ids":[46388,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54315}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Automatic Dependent Surveillance – Contract (ADS-C) is a satellite-based aviation datalink application used to monitor aircraft in remote regions. It is a crucial method for air traffic control to track aircraft where other protocols such as ADS-B lack connectivity. Even though it has been conceived more than 30 years ago, and other legacy communication protocols in aviation have shown to be vulnerable, ADS-C’s security has not been investigated so far in the literature. We conduct a first investigation to close this gap. First, we compile a comprehensive overview of the history, impact, and technical details of ADS-C and its lower layers. Second, we build two software-defined radio receivers in order to analyze over 120’000 real-world ADS-C messages. We further illustrate ADS-C’s lack of authentication by implementing an ADS-C transmitter, which is capable of generating and sending arbitrary ADS-C messages. Finally, we use the channel control offered through a software-defined ADS-C receiver and transmitter as a basis for an in-depth analysis of the protocol weaknesses of the ADS-C system. The found vulnerabilities range from passively tracking aircraft to actively altering the position of actual aircraft through attacks on the downlink and the uplink. We assess the difficulty and impact of these attacks and discuss potential countermeasures.\n\nWe will further look at satellite-based ADS-B receivers and discuss their security and how they relate to ADS-C.\n\n\n","media":[],"title":"Analyzing the Security of Satellite-Based Air Traffic Control","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:30:00Z","end_timestamp":{"seconds":1723246200,"nanoseconds":0},"android_description":"Automatic Dependent Surveillance – Contract (ADS-C) is a satellite-based aviation datalink application used to monitor aircraft in remote regions. It is a crucial method for air traffic control to track aircraft where other protocols such as ADS-B lack connectivity. Even though it has been conceived more than 30 years ago, and other legacy communication protocols in aviation have shown to be vulnerable, ADS-C’s security has not been investigated so far in the literature. We conduct a first investigation to close this gap. First, we compile a comprehensive overview of the history, impact, and technical details of ADS-C and its lower layers. Second, we build two software-defined radio receivers in order to analyze over 120’000 real-world ADS-C messages. We further illustrate ADS-C’s lack of authentication by implementing an ADS-C transmitter, which is capable of generating and sending arbitrary ADS-C messages. Finally, we use the channel control offered through a software-defined ADS-C receiver and transmitter as a basis for an in-depth analysis of the protocol weaknesses of the ADS-C system. The found vulnerabilities range from passively tracking aircraft to actively altering the position of actual aircraft through attacks on the downlink and the uplink. We assess the difficulty and impact of these attacks and discuss potential countermeasures.\n\nWe will further look at satellite-based ADS-B receivers and discuss their security and how they relate to ADS-C.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54581,54473,54638],"conference_id":133,"event_ids":[54846,54956,55012],"name":"Martin Strohmeier","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cyber Defence Campus","title":"Senior Scientist"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@masorx)","sort_order":0,"url":"https://twitter.com/masorx"}],"media":[],"id":54277,"title":"Senior Scientist at Cyber Defence Campus"}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T23:30:00.000-0000","id":54956,"tag_ids":[46366,46419,46437,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54277}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A quarter of a million people die from Hepatitis C every year. Fifty million people are currently infected, and a million more are infected each year. But for the first time in history there is a cure (not just a treatment) for a virus, and it is for Hepatitis C. Take one 400mg pill of Sofosbuvir every day for twelve weeks, and you will be free of the virus. The catch? Those pills are one thousand US dollars apiece because the molecule is the \"Intellectual Property\" of Gilead Pharmaceuticals, and they refuse to share. So if you have $84,000 USD, Hep C is not your problem. But for everyone else, The Four Thieves Vinegar Collective has developed a way to make the entire course of treatment for $300 USD. This methodology also applies to other diseases. Like any science, the method of manufacture of drugs can be replicated, and we are going to give you all the necessary tools and show you the process top-to-bottom. Watch it happen live, participate, and learn to do it yourself: Use our digital research assistant to help you navigate the scientific literature, feed your medicine of choice into ChemHacktica to get a chemical synthesis pathway, put that procedure into the Recipe Press to generate code for the new version of the MicroLab to run, and watch the medicine form in the reaction chamber. Finally come on stage, press some tablets, and make your own thousand-dollar pill for four dollars in materials. The feds say saving a life this way is bioterrorism. We say: So Be It.\n\n\n","media":[],"title":"Eradicating Hepatitis C With BioTerrorism","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T23:45:00Z","end_timestamp":{"seconds":1723247100,"nanoseconds":0},"android_description":"A quarter of a million people die from Hepatitis C every year. Fifty million people are currently infected, and a million more are infected each year. But for the first time in history there is a cure (not just a treatment) for a virus, and it is for Hepatitis C. Take one 400mg pill of Sofosbuvir every day for twelve weeks, and you will be free of the virus. The catch? Those pills are one thousand US dollars apiece because the molecule is the \"Intellectual Property\" of Gilead Pharmaceuticals, and they refuse to share. So if you have $84,000 USD, Hep C is not your problem. But for everyone else, The Four Thieves Vinegar Collective has developed a way to make the entire course of treatment for $300 USD. This methodology also applies to other diseases. Like any science, the method of manufacture of drugs can be replicated, and we are going to give you all the necessary tools and show you the process top-to-bottom. Watch it happen live, participate, and learn to do it yourself: Use our digital research assistant to help you navigate the scientific literature, feed your medicine of choice into ChemHacktica to get a chemical synthesis pathway, put that procedure into the Recipe Press to generate code for the new version of the MicroLab to run, and watch the medicine form in the reaction chamber. Finally come on stage, press some tablets, and make your own thousand-dollar pill for four dollars in materials. The feds say saving a life this way is bioterrorism. We say: So Be It.","updated_timestamp":{"seconds":1720659957,"nanoseconds":0},"speakers":[{"content_ids":[54498,54597],"conference_id":133,"event_ids":[54871,54972],"name":"Mixæl Swan Laufer","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Four Thieves Vinegar Collective","title":"Chief Spokesperson"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@MichaelSLaufer)","sort_order":0,"url":"https://twitter.com/MichaelSLaufer"},{"description":"","title":"fourthievesvinegar.org","sort_order":0,"url":"https://fourthievesvinegar.org"}],"media":[],"id":54090,"title":"Chief Spokesperson at Four Thieves Vinegar Collective"}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-11T01:05:57Z","links":[],"end":"2024-08-09T23:45:00.000-0000","id":54871,"tag_ids":[46166,46169,46419,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54090}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-11T01:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Did you ever receive an empty email and immediately think it might be a reconnaissance attack? What if opening such an email in your Outlook client could trigger remote code execution through an invisible form? Yes, all forms are COM objects, and CVE-2024-21378 has flung open the gates to Outlook RCE chaos.\r\n\r\nIn our session, \"Outlook Unleashing RCE Chaos: CVE-2024-30103\" we'll dive into how this seemingly innocuous vulnerability can lead to mayhem. This vulnerability paved the way for us to discover a series of new remote code execution vulnerabilities in Outlook, including CVE-2024-30103. But we’re not stopping there.\r\n\r\nAdditionally, we'll uncover other vulnerabilities that can cause NTLM leaks from your domain-joined devices.\r\n\r\nSo, how did we get here? Join us as we construct an evolution timeline of this attack surface. From the origins of these exploits to their current incarnations, we'll cover it all. And because we believe in building a safer digital world, we'll conclude with specific, actionable recommendations on how to minimize these threats.\r\n\r\n1. [link](https://www.netspi.com/blog/technical-blog/red-team-operations/microsoft-outlook-remote-code-execution-cve-2024-21378/)\r\n2. [link](https://www.mdsec.co.uk/2023/03/exploiting-cve-2023-23397-microsoft-outlook-elevation-of-privilege-vulnerability/)\r\n3. [link](https://www.akamai.com/blog/security-research/important-outlook-vulnerability-bypass-windows-api)\r\n4. [link](https://www.varonis.com/blog/outlook-vulnerability-new-ways-to-leak-ntlm-hashes)\r\n5. [link](https://research.checkpoint.com/2024/the-risks-of-the-monikerlink-bug-in-microsoft-outlook-and-the-big-picture/)\r\n6. [link](https://sensepost.com/blog/2017/outlook-forms-and-shells/)\r\n\n\n\n","media":[],"title":"Outlook Unleashing RCE Chaos: CVE-2024-30103 & CVE-2024-38021","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T23:45:00Z","end_timestamp":{"seconds":1723247100,"nanoseconds":0},"android_description":"Did you ever receive an empty email and immediately think it might be a reconnaissance attack? What if opening such an email in your Outlook client could trigger remote code execution through an invisible form? Yes, all forms are COM objects, and CVE-2024-21378 has flung open the gates to Outlook RCE chaos.\r\n\r\nIn our session, \"Outlook Unleashing RCE Chaos: CVE-2024-30103\" we'll dive into how this seemingly innocuous vulnerability can lead to mayhem. This vulnerability paved the way for us to discover a series of new remote code execution vulnerabilities in Outlook, including CVE-2024-30103. But we’re not stopping there.\r\n\r\nAdditionally, we'll uncover other vulnerabilities that can cause NTLM leaks from your domain-joined devices.\r\n\r\nSo, how did we get here? Join us as we construct an evolution timeline of this attack surface. From the origins of these exploits to their current incarnations, we'll cover it all. And because we believe in building a safer digital world, we'll conclude with specific, actionable recommendations on how to minimize these threats.\r\n\r\n1. [link](https://www.netspi.com/blog/technical-blog/red-team-operations/microsoft-outlook-remote-code-execution-cve-2024-21378/)\r\n2. [link](https://www.mdsec.co.uk/2023/03/exploiting-cve-2023-23397-microsoft-outlook-elevation-of-privilege-vulnerability/)\r\n3. [link](https://www.akamai.com/blog/security-research/important-outlook-vulnerability-bypass-windows-api)\r\n4. [link](https://www.varonis.com/blog/outlook-vulnerability-new-ways-to-leak-ntlm-hashes)\r\n5. [link](https://research.checkpoint.com/2024/the-risks-of-the-monikerlink-bug-in-microsoft-outlook-and-the-big-picture/)\r\n6. [link](https://sensepost.com/blog/2017/outlook-forms-and-shells/)","updated_timestamp":{"seconds":1720462515,"nanoseconds":0},"speakers":[{"content_ids":[54465],"conference_id":133,"event_ids":[54838],"name":"Michael Gorelik ","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Morphisec","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"Github","sort_order":0,"url":"https://github.com/smgorelik"},{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/smgoreli/"},{"description":"","title":"Twitter (@smgoreli)","sort_order":0,"url":"https://twitter.com/smgoreli"}],"media":[],"id":54138,"title":"Founder at Morphisec"},{"content_ids":[54465],"conference_id":133,"event_ids":[54838],"name":"Arnold Osipov","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Morphisec","title":"Distinguished Malware Researcher"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/arnoldosipov/"},{"description":"","title":"Twitter (@osipov_ar)","sort_order":0,"url":"https://twitter.com/osipov_ar"}],"media":[],"id":54184,"title":"Distinguished Malware Researcher at Morphisec"}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:15:15Z","links":[],"end":"2024-08-09T23:45:00.000-0000","id":54838,"tag_ids":[46166,46169,46419,46437,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54138},{"tag_id":46167,"sort_order":2,"person_id":54184}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-08T18:15:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Making the DEF CON 32 Badge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1720307458,"nanoseconds":0},"speakers":[{"content_ids":[54445],"conference_id":133,"event_ids":[54818],"name":"Mar Williams","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54206}],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:58Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":54818,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54206}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We are back with another Pub Quiz at DEF CON. Here at Pub Quiz, we felt the need to add additional prizes for 4th and 5th place. We had a very successful one last year and we have made some improvements to make it every better. So do you like Pub Quizzes?? If you do then get your butts to join us in participating in the 2nd Pub Quiz at DEF CON 32. \r\n\r\nQuiz will consist of 7 rounds question will include 90’s/2000’s TV and Movies, DefCon trivia, music, anime, and a little sex. The theme for our Pub Quiz will be all things that make DEF CON attendees exceptional. There will be a little something for everyone. The quiz will consist of visual and audio rounds along with some Con questions; we need to make sure we stimulate you peeps. We encourage people to get into teams of 5 or 6. \r\n\r\nThis is a social event, so we try to get people into Teams. You never know you may meet the love of your life. Did I mention CASH! Yes we will have cold hard cash prizes for the 1st, 2nd, 3rd, 4th, and 5th high scoring groups. As always if we do have ties will be break those ties with a good old fashion dance off from a person of the tied teams. The hosts and a few goons will help in judging. \n\n\n","media":[{"hash_sha256":"94ee76407dd35e39514ab4f3441d703fecc64829dcf606c96fb811bc51d3cb63","filetype":"image/png","hash_md5":"d5f32bb1825ea4a6de07651c9ab076aa","name":"ct_PubQuizLogo.png","is_logo":"Y","hash_crc32c":"1650df37","filesize":503062,"asset_id":706,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_PubQuizLogo.png"}],"title":"Pub Quiz","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T02:00:00Z","end_timestamp":{"seconds":1723255200,"nanoseconds":0},"android_description":"We are back with another Pub Quiz at DEF CON. Here at Pub Quiz, we felt the need to add additional prizes for 4th and 5th place. We had a very successful one last year and we have made some improvements to make it every better. So do you like Pub Quizzes?? If you do then get your butts to join us in participating in the 2nd Pub Quiz at DEF CON 32. \r\n\r\nQuiz will consist of 7 rounds question will include 90’s/2000’s TV and Movies, DefCon trivia, music, anime, and a little sex. The theme for our Pub Quiz will be all things that make DEF CON attendees exceptional. There will be a little something for everyone. The quiz will consist of visual and audio rounds along with some Con questions; we need to make sure we stimulate you peeps. We encourage people to get into teams of 5 or 6. \r\n\r\nThis is a social event, so we try to get people into Teams. You never know you may meet the love of your life. Did I mention CASH! Yes we will have cold hard cash prizes for the 1st, 2nd, 3rd, 4th, and 5th high scoring groups. As always if we do have ties will be break those ties with a good old fashion dance off from a person of the tied teams. The hosts and a few goons will help in judging.","updated_timestamp":{"seconds":1719556108,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T06:28:28Z","links":[{"label":"Sub-Forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249844"}],"end":"2024-08-10T02:00:00.000-0000","id":54615,"tag_ids":[46427,46439,46495],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46334,"name":"LVCC - L1 - North Lobby Contests/ACK Stage","hotel":"","short_name":"North Lobby Contests/ACK Stage","id":46332},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-06-28T06:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come by this informal mixer to meet others in the lgbtqia+ community who are a part of this wonderful world that is InfoSec. This is a safe and inclusive space to meet and talk to others with your shared experience and is a nice environment to network and unwind with a drink.\n\n\n","media":[{"hash_sha256":"2656c5ebc25f87c2aace541797f643642da570a63fff5f24da518c3d6d472944","filetype":"image/png","hash_md5":"ed87e0dc24f65f5259a7bdff54921872","name":"pme_queercon-mixer.png","is_logo":"Y","hash_crc32c":"f9440803","filesize":140037,"asset_id":682,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_queercon-mixer.png"}],"title":"QueerCon Mixer","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Come by this informal mixer to meet others in the lgbtqia+ community who are a part of this wonderful world that is InfoSec. This is a safe and inclusive space to meet and talk to others with your shared experience and is a nice environment to network and unwind with a drink.","updated_timestamp":{"seconds":1718813154,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T16:05:54Z","links":[{"label":"Twitter (@queercon)","type":"link","url":"https://twitter.com/queercon"},{"label":"Discord","type":"link","url":"https://queercon.lgbt/discord"},{"label":"Website","type":"link","url":"https://queercon.org"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249580"}],"end":"2024-08-10T01:00:00.000-0000","id":54517,"tag_ids":[46364],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W231-W233 (Chillout 2)","hotel":"","short_name":"W231-W233 (Chillout 2)","id":46316},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-06-19T16:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"They say Atlanta is the city too busy to hate, but it also has too much traffic for its widespread hacker fam to get together in a single meetup. So instead, we're meeting up in the desert during DEF CON! The one time of year when intown, northern burbs, south siders, and anyone else connected to DC404's 25+ year legacy can catch up and share stories. Join us and meet your fellow ATL hackers!\n\n\n","media":[{"hash_sha256":"66ebdc9c4e2c3e3a195aab289ccec4572a3ccd41d88fd7dda7f49e7bec73d87a","filetype":"image/png","hash_md5":"9759ea1982692e75a5fa7b327478690a","name":"pme_dc404.png","is_logo":"Y","hash_crc32c":"e8e5952c","filesize":100009,"asset_id":673,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_dc404.png"}],"title":"DCG Atlanta (DC404,678,770,470)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-10T02:00:00Z","end_timestamp":{"seconds":1723255200,"nanoseconds":0},"android_description":"They say Atlanta is the city too busy to hate, but it also has too much traffic for its widespread hacker fam to get together in a single meetup. So instead, we're meeting up in the desert during DEF CON! The one time of year when intown, northern burbs, south siders, and anyone else connected to DC404's 25+ year legacy can catch up and share stories. Join us and meet your fellow ATL hackers!","updated_timestamp":{"seconds":1718776129,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T05:48:49Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249509"},{"label":"Discord","type":"link","url":"https://discord.gg/eHm7NnZ"},{"label":"Website","type":"link","url":"https://dc404.org"}],"end":"2024-08-10T02:00:00.000-0000","id":54499,"tag_ids":[46364],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W236","hotel":"","short_name":"W236","id":46293},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-06-19T05:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In The Netherlands it's a tradition to catch up with your colleagues just before the end of the workday on Friday when the weekend starts to kick in. In The Netherlands this is called the \"VrijMiBo\" (Vrijdag/Friday - Middag/Afternoon Borrel/Drink)\r\n\r\n\"VrijMiBo/Friday afternoon Drink\" at DEF CON is a perfect moment to talk about what your favorite thing is at DEF CON, show your cool handmade badges, impress other hackers about your latest hacks, make new friends, gossip about your boss and show your cat or dog pictures.\r\n\r\nVrijdag Middag Borrel, Freitag Mittags Getränk, Apéritif du vendredi après-midi, trago de viernes por la tarde.\n\n\n","media":[{"hash_sha256":"5cb51792ae9d7b45008db3ac093873d39ad77ba26cbd87d0724da6090da08323","filetype":"image/png","hash_md5":"44c753fc5d3d3e514e994a75aa1fd8fa","name":"pme_defcon_holland.png","is_logo":"Y","hash_crc32c":"af6d53fb","filesize":9457,"asset_id":696,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_defcon_holland.png"}],"title":"DEF CON Holland Group Presents: VrijMiBo","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-10T02:00:00Z","end_timestamp":{"seconds":1723255200,"nanoseconds":0},"android_description":"In The Netherlands it's a tradition to catch up with your colleagues just before the end of the workday on Friday when the weekend starts to kick in. In The Netherlands this is called the \"VrijMiBo\" (Vrijdag/Friday - Middag/Afternoon Borrel/Drink)\r\n\r\n\"VrijMiBo/Friday afternoon Drink\" at DEF CON is a perfect moment to talk about what your favorite thing is at DEF CON, show your cool handmade badges, impress other hackers about your latest hacks, make new friends, gossip about your boss and show your cat or dog pictures.\r\n\r\nVrijdag Middag Borrel, Freitag Mittags Getränk, Apéritif du vendredi après-midi, trago de viernes por la tarde.","updated_timestamp":{"seconds":1718775458,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T23:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T05:37:38Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249506"}],"end":"2024-08-10T02:00:00.000-0000","id":54496,"tag_ids":[46364],"village_id":null,"begin_timestamp":{"seconds":1723244400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"HallwayCon Lounge past W234","hotel":"","short_name":"HallwayCon Lounge past W234","id":46310},"spans_timebands":"N","begin":"2024-08-09T23:00:00.000-0000","updated":"2024-06-19T05:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Holding upwards of $400,000, ATMs continue to be a target of opportunity and have seen over a 600% increase in crime in just the last few years. During this time, I led security research with another colleague into the enterprise ATM industry resulting in the discovery of 6 zero-day vulnerabilities affecting Diebold Nixdorf’s Vynamic Security Suite (VSS), the most prolific ATM security solution in the market. 10 minutes or less is all that a malicious actor would need to gain full control of any system running VSS via offline code injection and decryption of the primary Windows OS. Diebold Nixdorf is one of three major North American enterprise class ATM manufacturers with a global presence in the financial, casino/gaming, and point-of-sale markets. Similar attack surfaces are currently being used in the wild and impact millions of systems across the globe. Furthermore, VSS is known to be present throughout the US gaming industry, including most of the ATM/cash-out systems across Vegas.\r\n\r\nIn this session, I will walk through my research, review the discovery process, and dive into the technical intricacies of each vulnerability. The Full Disk Encryption module of VSS conducts a complex integrity validation process to ensure a trusted system state, performed as a layered approach during system initialization. Examination of this workflow will highlight various deficiencies that I will demonstrate through PoC exploitation.\r\n\r\nEach vulnerability presented in this session has been observed to have a recursive impact across all major versions of VSS and represents a systemic ongoing risk. We will explore the root-cause, vendor remediation steps, and short-comings thereof – perpetuating the attack narrative. In conclusion, proper mitigation techniques and procedures will be covered, providing valuable insights into defending against potential compromise.\n\n\n","media":[],"title":"Where’s the Money: Defeating ATM Disk Encryption","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:30:00Z","end_timestamp":{"seconds":1723246200,"nanoseconds":0},"android_description":"Holding upwards of $400,000, ATMs continue to be a target of opportunity and have seen over a 600% increase in crime in just the last few years. During this time, I led security research with another colleague into the enterprise ATM industry resulting in the discovery of 6 zero-day vulnerabilities affecting Diebold Nixdorf’s Vynamic Security Suite (VSS), the most prolific ATM security solution in the market. 10 minutes or less is all that a malicious actor would need to gain full control of any system running VSS via offline code injection and decryption of the primary Windows OS. Diebold Nixdorf is one of three major North American enterprise class ATM manufacturers with a global presence in the financial, casino/gaming, and point-of-sale markets. Similar attack surfaces are currently being used in the wild and impact millions of systems across the globe. Furthermore, VSS is known to be present throughout the US gaming industry, including most of the ATM/cash-out systems across Vegas.\r\n\r\nIn this session, I will walk through my research, review the discovery process, and dive into the technical intricacies of each vulnerability. The Full Disk Encryption module of VSS conducts a complex integrity validation process to ensure a trusted system state, performed as a layered approach during system initialization. Examination of this workflow will highlight various deficiencies that I will demonstrate through PoC exploitation.\r\n\r\nEach vulnerability presented in this session has been observed to have a recursive impact across all major versions of VSS and represents a systemic ongoing risk. We will explore the root-cause, vendor remediation steps, and short-comings thereof – perpetuating the attack narrative. In conclusion, proper mitigation techniques and procedures will be covered, providing valuable insights into defending against potential compromise.","updated_timestamp":{"seconds":1721146927,"nanoseconds":0},"speakers":[{"content_ids":[54580,54437],"conference_id":133,"event_ids":[54810,54955],"name":"Matt Burch","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Independent Vulnerability Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@emptynebuli)","sort_order":0,"url":"https://twitter.com/emptynebuli"}],"media":[],"id":54049,"title":"Independent Vulnerability Researcher"}],"begin_tsz":"2024-08-09T22:50:00Z","timeband_id":1147,"updated_tsz":"2024-07-16T16:22:07Z","links":[],"end":"2024-08-09T23:30:00.000-0000","id":54955,"tag_ids":[46383,46419,46437,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723243800,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54049}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-09T22:50:00.000-0000","updated":"2024-07-16T16:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"After doing recon on a target you probably end up with more URLs, domains and IPs that you can handle, and when time is limited, how do you prioritize them? Recon MindMap (RMM) is a tool that will simplify the task of organizing and sorting all these assets. RMM can help you to generate complex domain structures, visualize them using your favorite mind map tools, make informed decisions, and improve your reports visual appeal.\n\nDuring the talk I’ll discuss the motivations behind building this tool and what problem it solves, the algorithm behind, scenarios and use cases for this tool, how to contribute to the project and what’s next for RMM.\n\nRMM it's opensource and it's available at https://github.com/Alevsk/rmm\n\n\n","media":[],"title":"Recon MindMap: Organize, Visualize, and Prioritize Your Recon Data Efficiently","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:20:00Z","end_timestamp":{"seconds":1723245600,"nanoseconds":0},"android_description":"After doing recon on a target you probably end up with more URLs, domains and IPs that you can handle, and when time is limited, how do you prioritize them? Recon MindMap (RMM) is a tool that will simplify the task of organizing and sorting all these assets. RMM can help you to generate complex domain structures, visualize them using your favorite mind map tools, make informed decisions, and improve your reports visual appeal.\n\nDuring the talk I’ll discuss the motivations behind building this tool and what problem it solves, the algorithm behind, scenarios and use cases for this tool, how to contribute to the project and what’s next for RMM.\n\nRMM it's opensource and it's available at https://github.com/Alevsk/rmm","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55306,55904,55965,55957],"conference_id":133,"event_ids":[56573,56581,55696,56491],"name":"Lenin Alevski","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Security Engineer"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/alevsk/"},{"description":"","title":"Twitter (@alevsk)","sort_order":0,"url":"https://twitter.com/alevsk"},{"description":"","title":"Website","sort_order":0,"url":"https://www.alevsk.com/"}],"media":[],"id":55862,"title":"Security Engineer at Google"}],"begin_tsz":"2024-08-09T22:45:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T23:20:00.000-0000","id":56491,"tag_ids":[46391,46511],"village_id":null,"begin_timestamp":{"seconds":1723243500,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55862}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T22:45:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the ever-evolving landscape of containerized applications, ensuring the integrity and security of your container images is paramount. Join us for an immersive, hands-on workshop titled \"Hands-On Container Image Security: Mastering Sigstore for Unbreachable Integrity,\" where we'll dive deep into securing your container images using the cutting-edge open-source tools Cosign and Rekor from the Sigstore project.\n\nThis workshop will provide a comprehensive, practical introduction to Sigstore tools, demonstrating how they can be seamlessly integrated into your DevOps workflows. We'll begin with a brief overview of the common security challenges associated with container images and how Sigstore addresses these issues by providing automated and tamper-proof signing and verification processes.\n\nParticipants will then engage in hands-on exercises, where they'll:\n1. Learn to sign container images and verify their integrity using Cosign. We'll guide you through setting up Cosign, signing your first image, and verifying its signature, ensuring you have a solid understanding of this powerful tool.\n2. Delve into using Rekor, Sigstore's transparency log, to record and verify signed image metadata. You'll experience firsthand how Rekor enhances security by providing an immutable log of all signed images, ensuring accountability and traceability.\n3. Discover how to seamlessly integrate these tools into your existing DevOps pipelines, automating the signing and verification process, and ensuring that only trusted and verified images make it to production environments.\n\nBy the end of this workshop, you'll have gained hands-on experience with Sigstore tools and a deep understanding of how to implement them in your own environment. This session is tailored for DevOps engineers, security professionals, and software developers who are committed to enhancing their container security practices.\n\nDon't miss this unique opportunity to acquire practical knowledge and skills in securing your container images. Join us and learn how to leverage Sigstore's powerful tools to ensure your container images are secure, verified, and trustworthy, safeguarding your applications from potential threats.\n\n\n","media":[],"title":"Hands-On Container Image Security: Mastering Sigstore for Unbreachable Integrity","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T00:40:00Z","end_timestamp":{"seconds":1723250400,"nanoseconds":0},"android_description":"In the ever-evolving landscape of containerized applications, ensuring the integrity and security of your container images is paramount. Join us for an immersive, hands-on workshop titled \"Hands-On Container Image Security: Mastering Sigstore for Unbreachable Integrity,\" where we'll dive deep into securing your container images using the cutting-edge open-source tools Cosign and Rekor from the Sigstore project.\n\nThis workshop will provide a comprehensive, practical introduction to Sigstore tools, demonstrating how they can be seamlessly integrated into your DevOps workflows. We'll begin with a brief overview of the common security challenges associated with container images and how Sigstore addresses these issues by providing automated and tamper-proof signing and verification processes.\n\nParticipants will then engage in hands-on exercises, where they'll:\n1. Learn to sign container images and verify their integrity using Cosign. We'll guide you through setting up Cosign, signing your first image, and verifying its signature, ensuring you have a solid understanding of this powerful tool.\n2. Delve into using Rekor, Sigstore's transparency log, to record and verify signed image metadata. You'll experience firsthand how Rekor enhances security by providing an immutable log of all signed images, ensuring accountability and traceability.\n3. Discover how to seamlessly integrate these tools into your existing DevOps pipelines, automating the signing and verification process, and ensuring that only trusted and verified images make it to production environments.\n\nBy the end of this workshop, you'll have gained hands-on experience with Sigstore tools and a deep understanding of how to implement them in your own environment. This session is tailored for DevOps engineers, security professionals, and software developers who are committed to enhancing their container security practices.\n\nDon't miss this unique opportunity to acquire practical knowledge and skills in securing your container images. Join us and learn how to leverage Sigstore's powerful tools to ensure your container images are secure, verified, and trustworthy, safeguarding your applications from potential threats.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55487],"conference_id":133,"event_ids":[55916],"name":"Mohammed Ilyas Ahmed","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"beingilyasahmed","sort_order":0,"url":"https://beingilyasahmed"}],"media":[],"id":56015},{"content_ids":[55487],"conference_id":133,"event_ids":[55916],"name":"Syed Aamiruddin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56016}],"begin_tsz":"2024-08-09T22:40:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-10T00:40:00.000-0000","id":55916,"tag_ids":[46376,46734],"village_id":null,"begin_timestamp":{"seconds":1723243200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56015},{"tag_id":46167,"sort_order":4,"person_id":56016}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T22:40:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"BTV Conversations explores creative, personal, or cutting-edge Blue Team topics in an interactive, conversational format.\r\n\r\nCtrlAltFu will share personal experiences combatting work stress and burnout through physical activity, and invite a conversation about others’ experiences and strategies to combat burnout.\n\n\n","media":[],"title":"BTV Conversations: Touch Grass to Combat Burnout","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:30:00Z","end_timestamp":{"seconds":1723246200,"nanoseconds":0},"android_description":"BTV Conversations explores creative, personal, or cutting-edge Blue Team topics in an interactive, conversational format.\r\n\r\nCtrlAltFu will share personal experiences combatting work stress and burnout through physical activity, and invite a conversation about others’ experiences and strategies to combat burnout.","updated_timestamp":{"seconds":1723186128,"nanoseconds":0},"speakers":[{"content_ids":[56205],"conference_id":133,"event_ids":[56859],"name":"CtrlAltFu","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56589}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:48:48Z","links":[],"end":"2024-08-09T23:30:00.000-0000","id":56859,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56589}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W311-W313 (BTV)","hotel":"","short_name":"W311-W313 (BTV)","id":46296},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-08-09T06:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk will cover common voting machine myths and dispel common voting machine cases and fallacies that are prevalent in the media during election cycles and disinformation from social media and ‘experts’ from the perspective of a CIA HUMINT/Technical Officer now in the Cybersecurity field investigating corporate espionage and intentional sabotage. I will show- with pictures and evidence from previous Voting Machine Village work- that the sensational news headlines are not related to the reality of digital voting.\n\n\n","media":[],"title":"Breaking Through Election Myths","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:15:00Z","end_timestamp":{"seconds":1723245300,"nanoseconds":0},"android_description":"This talk will cover common voting machine myths and dispel common voting machine cases and fallacies that are prevalent in the media during election cycles and disinformation from social media and ‘experts’ from the perspective of a CIA HUMINT/Technical Officer now in the Cybersecurity field investigating corporate espionage and intentional sabotage. I will show- with pictures and evidence from previous Voting Machine Village work- that the sensational news headlines are not related to the reality of digital voting.","updated_timestamp":{"seconds":1723183538,"nanoseconds":0},"speakers":[{"content_ids":[56189],"conference_id":133,"event_ids":[56843],"name":"Will Baggett","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/will-baggett-4969048/"},{"description":"","title":"Twitter (@iosforensic)","sort_order":0,"url":"https://twitter.com/iosforensic"}],"media":[],"id":56587}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:05:38Z","links":[],"end":"2024-08-09T23:15:00.000-0000","id":56843,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56587}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"It's time to go beyond hacking the planet! Join us for an offensive cybersecurity in space workshop. We will discuss the challenges that are introduced when attacking space vehicles and work with space industry software such as COSMOS, the ground station software used by NASA, and a modified version of NOS3, NASA's satellite simulator. Attendees will have access to cloud environments that contain an operator station, a ground station, and a simulated satellite. We will walk you through the basics of accessing, operating, and of course, attacking these stations for the ultimate goal of taking control of the satellite.\n\n\n","media":[],"title":"Space Pirate Simulator","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T00:30:00Z","end_timestamp":{"seconds":1723249800,"nanoseconds":0},"android_description":"It's time to go beyond hacking the planet! Join us for an offensive cybersecurity in space workshop. We will discuss the challenges that are introduced when attacking space vehicles and work with space industry software such as COSMOS, the ground station software used by NASA, and a modified version of NOS3, NASA's satellite simulator. Attendees will have access to cloud environments that contain an operator station, a ground station, and a simulated satellite. We will walk you through the basics of accessing, operating, and of course, attacking these stations for the ultimate goal of taking control of the satellite.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55833],"conference_id":133,"event_ids":[56383],"name":"Michael Butler","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56193},{"content_ids":[55833],"conference_id":133,"event_ids":[56383],"name":"Jacob Oakley","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56194}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T00:30:00.000-0000","id":56383,"tag_ids":[46366,46734],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56193},{"tag_id":46484,"sort_order":4,"person_id":56194}],"tags":"","conference_id":133,"location":{"parent_id":46259,"name":"LVCC - L1 - HW2-07-02 (Aerospace) - Workshops","hotel":"","short_name":"Workshops","id":46476},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Microhard is a Canadian-based company that specializes in long range \"robust\" radio equipment. They are used in SCADA environments, point-of-sale terminals, power utilities, and more. From a security standpoint, however, some of their products are anything but \"robust\". And they have a habit of hiding their vulnerability fixes behind intentionally vague release notes, which will make this even more fun! (No, I'm not bitter at all) Command injections and buffer overflows abound, as well as a lesson or two in the need for a \"robust\" secure development process.\n\n\n","media":[],"title":"Microhard? More like MicroEASY...to exploit...","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Microhard is a Canadian-based company that specializes in long range \"robust\" radio equipment. They are used in SCADA environments, point-of-sale terminals, power utilities, and more. From a security standpoint, however, some of their products are anything but \"robust\". And they have a habit of hiding their vulnerability fixes behind intentionally vague release notes, which will make this even more fun! (No, I'm not bitter at all) Command injections and buffer overflows abound, as well as a lesson or two in the need for a \"robust\" secure development process.","updated_timestamp":{"seconds":1722479563,"nanoseconds":0},"speakers":[{"content_ids":[55775],"conference_id":133,"event_ids":[56316],"name":"Ricky \"HeadlessZeke\" Lawshae","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Keysight","title":"Principal Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@HeadlessZeke)","sort_order":0,"url":"https://twitter.com/HeadlessZeke"}],"media":[],"id":54323,"title":"Principal Security Researcher at Keysight"}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T02:32:43Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56316,"tag_ids":[46169,46383,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":54323}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-08-01T02:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Who can tag me in a post? If I move this file to another folder, who now has access? If my owner breaks up with his friend, will I still get a bone?\r\n\r\nWhether you're a human, or a dog, let's face it, authorisation is hard. Role-based access control is a great starting point but hard to scale. Attribute-based access control scales better, but neither are much good at answering more complex conditions, like whether friends-of-friends can read your posts. For such situations, we generally have to wrap this up into business logic.\r\n\r\nThis is where relationship-based access control (ReBAC) comes in, offering a nuanced approach to accessing resources without codifying that into the applications.\r\n\r\nIn this session, we'll look at how to define these relationships, experience live demos, and discover how we can deploy our own fine-grained authorisation service. Expect some tail-wagging insights and a few laughs as we explore access control from a canine's point of view.\n\n\n","media":[],"title":"Fine Grained Authorisation with Relationship-Based Access Control","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Who can tag me in a post? If I move this file to another folder, who now has access? If my owner breaks up with his friend, will I still get a bone?\r\n\r\nWhether you're a human, or a dog, let's face it, authorisation is hard. Role-based access control is a great starting point but hard to scale. Attribute-based access control scales better, but neither are much good at answering more complex conditions, like whether friends-of-friends can read your posts. For such situations, we generally have to wrap this up into business logic.\r\n\r\nThis is where relationship-based access control (ReBAC) comes in, offering a nuanced approach to accessing resources without codifying that into the applications.\r\n\r\nIn this session, we'll look at how to define these relationships, experience live demos, and discover how we can deploy our own fine-grained authorisation service. Expect some tail-wagging insights and a few laughs as we explore access control from a canine's point of view.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55743],"conference_id":133,"event_ids":[56243],"name":"Ben Dechrai","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56106}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56243,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56106}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Welcome to the next generation of wardriving, where we encourage you to step outside, breathe in the fresh air, and shred the streets as you’re collecting ALL the WIFI. In this presentation, we'll dive into the world of Warwheeling, a novel twist on wardriving that involves using a onewheel or any PEV as your mobile exploration hub.\n\n\n","media":[],"title":"Warwheeling: The Wireless Sk8r","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:55:00Z","end_timestamp":{"seconds":1723244100,"nanoseconds":0},"android_description":"Welcome to the next generation of wardriving, where we encourage you to step outside, breathe in the fresh air, and shred the streets as you’re collecting ALL the WIFI. In this presentation, we'll dive into the world of Warwheeling, a novel twist on wardriving that involves using a onewheel or any PEV as your mobile exploration hub.","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55450],"conference_id":133,"event_ids":[55875],"name":"r1otctrl","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"SOCC Analyst"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@r1otctrl)","sort_order":0,"url":"https://twitter.com/r1otctrl"}],"media":[],"id":55989,"title":"SOCC Analyst"}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-09T22:55:00.000-0000","id":55875,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55989}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the rapidly evolving landscape of cybersecurity, operational technology (OT) systems are increasingly becoming prime targets for cyber attacks. As a result, the adoption of effective incident response plans and threat hunting strategies has become essential for organizations to protect their critical OT infrastructure. This presentation will discuss the importance of OT incident response and threat hunting, as well as the challenges faced by the OT industry in implementing these cybersecurity measures.\r\n\r\nOne of the key challenges in the OT industry is the complexity and interconnectivity of OT systems, which often consist of legacy equipment and proprietary protocols that can be difficult to monitor and secure. Additionally, the lack of visibility into OT networks and the limited availability of skilled cybersecurity professionals with OT expertise pose significant obstacles in detecting and responding to cyber threats in a timely manner. Moreover, the convergence of IT and OT environments further complicates incident response efforts, as organizations must navigate the unique requirements and operational constraints of both domains.\r\n\r\nDespite these challenges, we will provide you with tools and frameworks to help overcome them by implementing a proactive approach to incident response and threat hunting in OT environments. This includes conducting architecture, passive, and active defense mechanisms and strategies in the OT environments. By addressing these challenges head-on and fostering collaboration between IT and OT teams, organizations can enhance their cybersecurity posture and effectively defend against cyber threats targeting their OT systems.\n\n\n","media":[],"title":"OT Incident response and Threat Hunting","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:55:00Z","end_timestamp":{"seconds":1723244100,"nanoseconds":0},"android_description":"In the rapidly evolving landscape of cybersecurity, operational technology (OT) systems are increasingly becoming prime targets for cyber attacks. As a result, the adoption of effective incident response plans and threat hunting strategies has become essential for organizations to protect their critical OT infrastructure. This presentation will discuss the importance of OT incident response and threat hunting, as well as the challenges faced by the OT industry in implementing these cybersecurity measures.\r\n\r\nOne of the key challenges in the OT industry is the complexity and interconnectivity of OT systems, which often consist of legacy equipment and proprietary protocols that can be difficult to monitor and secure. Additionally, the lack of visibility into OT networks and the limited availability of skilled cybersecurity professionals with OT expertise pose significant obstacles in detecting and responding to cyber threats in a timely manner. Moreover, the convergence of IT and OT environments further complicates incident response efforts, as organizations must navigate the unique requirements and operational constraints of both domains.\r\n\r\nDespite these challenges, we will provide you with tools and frameworks to help overcome them by implementing a proactive approach to incident response and threat hunting in OT environments. This includes conducting architecture, passive, and active defense mechanisms and strategies in the OT environments. By addressing these challenges head-on and fostering collaboration between IT and OT teams, organizations can enhance their cybersecurity posture and effectively defend against cyber threats targeting their OT systems.","updated_timestamp":{"seconds":1721781635,"nanoseconds":0},"speakers":[{"content_ids":[55347],"conference_id":133,"event_ids":[55739],"name":"Adam Robbie","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Palo Alto Networks","title":"Head of OT Security Research"}],"links":[],"pronouns":null,"media":[],"id":55946,"title":"Head of OT Security Research at Palo Alto Networks"},{"content_ids":[55347],"conference_id":133,"event_ids":[55739],"name":"Bradley Nash","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ExxonMobil Corporation","title":"IIT Perimeter Security Supervisor"}],"links":[],"pronouns":null,"media":[],"id":56052,"title":"IIT Perimeter Security Supervisor at ExxonMobil Corporation"}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T00:40:35Z","links":[],"end":"2024-08-09T22:55:00.000-0000","id":55739,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55946},{"tag_id":46167,"sort_order":4,"person_id":56052}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-07-24T00:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Space missions have increasingly been the subject in the context of security breaches and satellite hacks. The majority of discussions revolve around direct communication and access to spacecraft through means such as Software Defined Radio. However, the reality is that this approach isn't practical for most adversaries, as it requires substantial resources and is easily detectable due to the power and radio frequencies required to command a spacecraft. Instead, adversaries might shift their focus away from the Space Segment and opt for a more practical approach, such as accessing and exploiting the Ground Segment vulnerabilities and flaws in order to gain control over spacecraft. Every space mission comprises custom-made hardware and software components, which interact with each other utilizing dedicated protocols and standards designed and developed for this sole purpose. Numerous potential failure points can adversely impact a space mission, many of which persist on the ground. Considering the essential services they facilitate and the extent to which contemporary society relies on space technology, each component utilized in space missions should be regarded as integral to critical infrastructure and treated as such, particularly from a security standpoint. This study centers on the Space Link Extension (SLE) protocol, which is employed as a standard for communication between mission data systems and ground stations by various space agencies and organizations, including NASA and ESA. We will address the security concerns inherent in the SLE protocol. At the same time, we demonstrate methods and techniques malicious actors can employ to conduct a Denial of Service (DoS) or tap into the ground station communications, gaining control over an actual spacecraft. We will conclude this publication by presenting the reader with a possible mitigation strategy that we believe should be employed at the SLE protocol level. Additionally, we will outline a forecast for future work, detailing both planned endeavors and those already in progress, to further expand on this research.\n\n\n","media":[],"title":"Ground Control to Major Threat - Hacking the Space Link Extension Protocol","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Space missions have increasingly been the subject in the context of security breaches and satellite hacks. The majority of discussions revolve around direct communication and access to spacecraft through means such as Software Defined Radio. However, the reality is that this approach isn't practical for most adversaries, as it requires substantial resources and is easily detectable due to the power and radio frequencies required to command a spacecraft. Instead, adversaries might shift their focus away from the Space Segment and opt for a more practical approach, such as accessing and exploiting the Ground Segment vulnerabilities and flaws in order to gain control over spacecraft. Every space mission comprises custom-made hardware and software components, which interact with each other utilizing dedicated protocols and standards designed and developed for this sole purpose. Numerous potential failure points can adversely impact a space mission, many of which persist on the ground. Considering the essential services they facilitate and the extent to which contemporary society relies on space technology, each component utilized in space missions should be regarded as integral to critical infrastructure and treated as such, particularly from a security standpoint. This study centers on the Space Link Extension (SLE) protocol, which is employed as a standard for communication between mission data systems and ground stations by various space agencies and organizations, including NASA and ESA. We will address the security concerns inherent in the SLE protocol. At the same time, we demonstrate methods and techniques malicious actors can employ to conduct a Denial of Service (DoS) or tap into the ground station communications, gaining control over an actual spacecraft. We will conclude this publication by presenting the reader with a possible mitigation strategy that we believe should be employed at the SLE protocol level. Additionally, we will outline a forecast for future work, detailing both planned endeavors and those already in progress, to further expand on this research.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54578,54631],"conference_id":133,"event_ids":[54953,55005],"name":"Andrzej Olchawa","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/andrzejolchawa"},{"description":"","title":"Twitter (@0x4ndy)","sort_order":0,"url":"https://x.com/0x4ndy"},{"description":"","title":"andy.codes","sort_order":0,"url":"https://andy.codes"}],"media":[],"id":54248}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":54953,"tag_ids":[46169,46366,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54248}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Years progress, time passes, and medical devices are still vulnerable, with Hospital computer and network security being a hot topic on the minds of citizens and CISA/FDA/etc. If we do not get better now, things will get much worse in the future. My talk will cover some general mistakes observed within the Medical device topography, misnomers about SBOM and what it is and what it accomplishes, ideas for roadmaps for more secure devices and environments and discussions around CVEs relating to the medical device topography.\n\n\n","media":[],"title":"Dysfunctional Unity: The Road to Nowhere","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Years progress, time passes, and medical devices are still vulnerable, with Hospital computer and network security being a hot topic on the minds of citizens and CISA/FDA/etc. If we do not get better now, things will get much worse in the future. My talk will cover some general mistakes observed within the Medical device topography, misnomers about SBOM and what it is and what it accomplishes, ideas for roadmaps for more secure devices and environments and discussions around CVEs relating to the medical device topography.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54208,54577],"conference_id":133,"event_ids":[54581,54952],"name":"Michael \"v3ga\" Aguilar","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Secureworks Adversary Group","title":"Principle Consultant"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/v3gahax"},{"description":"","title":"Twitter (@v3ga_hax )","sort_order":0,"url":"https://twitter.com/v3ga_hax "}],"media":[],"id":53858,"title":"Principle Consultant at Secureworks Adversary Group"}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":54952,"tag_ids":[46169,46371,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":4,"person_id":53858}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this presentation, the core AI Red Team at Meta will take you on a journey through the story of Red Teaming the Llama 3 Large Language Model. This talk is perfect for anyone eager to delve into the complexity of advanced model Red Teaming and safety, as well as how to perform their own research to find new attacks should attend this talk. We’ll begin by exploring what AI Red Teaming is truly about, before exploring Meta’s process and approaches on the topic. The team will detail our methodology for discovering new risks within complex AI capabilities, how emergent capabilities may breed emergent risks, what types of attacks we’re looking to perform across different model capabilities and how or why the attacks even work. Moreover, we’ll explore insights into which lessons from decades of security expertise can – and cannot – be applied as we venture into a new era of AI trust and safety.\n\nThe team will then move on to how we used automation to scale attacks up, our novel approach to multi-turn adversarial AI agents and the systems we built to benchmark safety across a set of different high-risk areas. We also plan to discuss advanced cyber-attacks (both human and automated), Meta’s open benchmark CyberSecEvals and touch on Red Teaming for national security threats presented by state-of-the-art models. For each of these areas we’ll touch on various assessment and measurement challenges, ending on where we see the AI Red Teaming industry gaps, as well as where AI Safety is heading at a rapid pace.\n\n\n","media":[],"title":"Taming the Beast: Inside the Llama 3 Red Team Process","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T23:15:00Z","end_timestamp":{"seconds":1723245300,"nanoseconds":0},"android_description":"In this presentation, the core AI Red Team at Meta will take you on a journey through the story of Red Teaming the Llama 3 Large Language Model. This talk is perfect for anyone eager to delve into the complexity of advanced model Red Teaming and safety, as well as how to perform their own research to find new attacks should attend this talk. We’ll begin by exploring what AI Red Teaming is truly about, before exploring Meta’s process and approaches on the topic. The team will detail our methodology for discovering new risks within complex AI capabilities, how emergent capabilities may breed emergent risks, what types of attacks we’re looking to perform across different model capabilities and how or why the attacks even work. Moreover, we’ll explore insights into which lessons from decades of security expertise can – and cannot – be applied as we venture into a new era of AI trust and safety.\n\nThe team will then move on to how we used automation to scale attacks up, our novel approach to multi-turn adversarial AI agents and the systems we built to benchmark safety across a set of different high-risk areas. We also plan to discuss advanced cyber-attacks (both human and automated), Meta’s open benchmark CyberSecEvals and touch on Red Teaming for national security threats presented by state-of-the-art models. For each of these areas we’ll touch on various assessment and measurement challenges, ending on where we see the AI Red Teaming industry gaps, as well as where AI Safety is heading at a rapid pace.","updated_timestamp":{"seconds":1720307459,"nanoseconds":0},"speakers":[{"content_ids":[54464],"conference_id":133,"event_ids":[54837],"name":"Maya Pavlova","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Meta","title":"Software Engineer, GenAI Trust & Safety"}],"links":[],"pronouns":null,"media":[],"id":54048,"title":"Software Engineer, GenAI Trust & Safety at Meta"},{"content_ids":[54464],"conference_id":133,"event_ids":[54837],"name":"Ivan Evtimov","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Meta","title":"Red Teaming Research Scientist, Gen AI Trust & Safety"}],"links":[],"pronouns":null,"media":[],"id":54078,"title":"Red Teaming Research Scientist, Gen AI Trust & Safety at Meta"},{"content_ids":[54464],"conference_id":133,"event_ids":[54837],"name":"Joanna Bitton","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Meta","title":"Software Engineer, GenAI Trust & Safety"}],"links":[],"pronouns":null,"media":[],"id":54181,"title":"Software Engineer, GenAI Trust & Safety at Meta"},{"content_ids":[54464],"conference_id":133,"event_ids":[54837],"name":"Aaron \"dyn\" Grattafiori","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Meta","title":"Lead, AI Red Teaming"}],"links":[],"pronouns":"he/him","media":[],"id":54205,"title":"Lead, AI Red Teaming at Meta"}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:59Z","links":[],"end":"2024-08-09T23:15:00.000-0000","id":54837,"tag_ids":[46166,46419,46880],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54205},{"tag_id":46167,"sort_order":4,"person_id":54078},{"tag_id":46167,"sort_order":6,"person_id":54181},{"tag_id":46167,"sort_order":8,"person_id":54048}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AI is transforming social engineering. Using tools like ChatGPT, Gemini, and Copilot, attackers can make phishing and vishing attacks nearly impossible to distinguish from legitimate Interactions. This presentation will demonstrate how virtually anyone with a pulse can now use AI to craft sophisticated phishing sites and conduct vishing operations with unprecedented subtlety and effectiveness. These next-generation techniques are transforming the landscape of social engineering. \r\n\r\nYou will learn how to replicate these advanced techniques to elevate your own social-engineering game. You will learn how criminals can manipulate AI tools to simulate real-world attacks and gain a deeper insight into their tactics. You’ll learn how to use A.I. to enhance how you attack now & ways for it to supplement skills you don’t currently have. \r\n\r\nYou will learn how to leverage these techniques to transform an organization’s, traditional, “security awareness” mentality into a “situational awareness” mindset. Using real-world examples, we demonstrate turning potential threats into teachable moments. \r\n\r\nThis session is essential for anyone looking to harness the power of AI in hacking and Red Teaming. We offer practical skills to engage employees and enhance your approach to social engineering both offensively and defensively. And yes, we do this with a certain theme in mind as I ENGAGE the audience as we boldly go where no Hackers have gone before!\r\n\r\n1. [link](https://www.nytimes.com/1973/03/25/archives/the-horseless-carriage-means-troublele.html)\r\n2. [link](https://www.seacoastnh.com/electricity-sparks-fears-in-1900/)\r\n3. [link](https://www.technologyreview.com/2024/01/27/1087041/technological-unemployment-elon-musk-jobs-ai/)\r\n4. [link](https://www.euronews.com/health/2023/12/31/scientists-discover-the-first-new-antibiotics-in-over-60-years-using-ai)\r\n5. [link](https://www.languagemagazine.com/2023/05/31/the-importance-of-artificial-intelligence-in-education-for-all-students/)\r\n6. [link](https://www.weforum.org/agenda/2024/02/ai-combat-climate-change/)\r\n7. [link](https://cyberconiq.com/blog/how-hackers-are-using-ai-for-social-engineering/)\r\n8. [link](https://www.forbes.com/sites/forbestechcouncil/2023/05/26/how-ai-is-changing-social-engineering-forever/?sh=1f0ac29f321b)\r\n9. [link](https://chat.openai.com/)\r\n10. [link](https://www.politifact.com/factchecks/2024/jan/22/robocaller/fake-joe-biden-robocall-in-new-hampshire-tells-dem/)\r\n11. [link](https://thehackernews.com/2024/02/chinese-hackers-using-deepfakes-in.html)\r\n12. [link](https://www.entrepreneur.com/business-news/a-deepfake-phone-call-dupes-an-employee-into-giving-away/414109)\r\n13. [link](https://www.facebook.com/0copter/posts/2435859133141081/)\r\n14. [link](https://hackerrangers.com/)\r\n\n\n\n","media":[],"title":"Social Engineering Like you’re Picard","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T23:15:00Z","end_timestamp":{"seconds":1723245300,"nanoseconds":0},"android_description":"AI is transforming social engineering. Using tools like ChatGPT, Gemini, and Copilot, attackers can make phishing and vishing attacks nearly impossible to distinguish from legitimate Interactions. This presentation will demonstrate how virtually anyone with a pulse can now use AI to craft sophisticated phishing sites and conduct vishing operations with unprecedented subtlety and effectiveness. These next-generation techniques are transforming the landscape of social engineering. \r\n\r\nYou will learn how to replicate these advanced techniques to elevate your own social-engineering game. You will learn how criminals can manipulate AI tools to simulate real-world attacks and gain a deeper insight into their tactics. You’ll learn how to use A.I. to enhance how you attack now & ways for it to supplement skills you don’t currently have. \r\n\r\nYou will learn how to leverage these techniques to transform an organization’s, traditional, “security awareness” mentality into a “situational awareness” mindset. Using real-world examples, we demonstrate turning potential threats into teachable moments. \r\n\r\nThis session is essential for anyone looking to harness the power of AI in hacking and Red Teaming. We offer practical skills to engage employees and enhance your approach to social engineering both offensively and defensively. And yes, we do this with a certain theme in mind as I ENGAGE the audience as we boldly go where no Hackers have gone before!\r\n\r\n1. [link](https://www.nytimes.com/1973/03/25/archives/the-horseless-carriage-means-troublele.html)\r\n2. [link](https://www.seacoastnh.com/electricity-sparks-fears-in-1900/)\r\n3. [link](https://www.technologyreview.com/2024/01/27/1087041/technological-unemployment-elon-musk-jobs-ai/)\r\n4. [link](https://www.euronews.com/health/2023/12/31/scientists-discover-the-first-new-antibiotics-in-over-60-years-using-ai)\r\n5. [link](https://www.languagemagazine.com/2023/05/31/the-importance-of-artificial-intelligence-in-education-for-all-students/)\r\n6. [link](https://www.weforum.org/agenda/2024/02/ai-combat-climate-change/)\r\n7. [link](https://cyberconiq.com/blog/how-hackers-are-using-ai-for-social-engineering/)\r\n8. [link](https://www.forbes.com/sites/forbestechcouncil/2023/05/26/how-ai-is-changing-social-engineering-forever/?sh=1f0ac29f321b)\r\n9. [link](https://chat.openai.com/)\r\n10. [link](https://www.politifact.com/factchecks/2024/jan/22/robocaller/fake-joe-biden-robocall-in-new-hampshire-tells-dem/)\r\n11. [link](https://thehackernews.com/2024/02/chinese-hackers-using-deepfakes-in.html)\r\n12. [link](https://www.entrepreneur.com/business-news/a-deepfake-phone-call-dupes-an-employee-into-giving-away/414109)\r\n13. [link](https://www.facebook.com/0copter/posts/2435859133141081/)\r\n14. [link](https://hackerrangers.com/)","updated_timestamp":{"seconds":1720462568,"nanoseconds":0},"speakers":[{"content_ids":[55686,54463,56241],"conference_id":133,"event_ids":[56353,56899,56900,56209,54836],"name":"Jayson E. Street","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"HackerAdventures.world","sort_order":0,"url":"https://HackerAdventures.world"},{"description":"","title":"Twitter (@jaysonstreet)","sort_order":0,"url":"https://twitter.com/jaysonstreet"},{"description":"","title":"Website","sort_order":0,"url":"https://JaysonEStreet.com"}],"media":[],"id":54170}],"begin_tsz":"2024-08-09T22:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:16:08Z","links":[],"end":"2024-08-09T23:15:00.000-0000","id":54836,"tag_ids":[46166,46169,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723242600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54170}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-09T22:30:00.000-0000","updated":"2024-07-08T18:16:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"“What do you mean I can’t bring my car keys into this building?” \r\n\r\n“No internet?? But how do I download things from GitHub?” \r\n\r\nJoin a recovering government attorney and an open-source hacker for a fiery debate that dives into the world of DoD cybersecurity inefficiencies. Rebecca, a former DoD lawyer, pairs her intricate understanding of perplexing government policies with Eddie’s fresh, critical (and dare we say naive?) insights from the private sector. This session will explore the frustrating “how” behind the government’s “why,” from slow booting government laptops to the realities of “military-grade technology.” Together, they will challenge the status quo, proposing innovative, open-source inspired solutions to streamline and secure DoD operations. Expect a dynamic exchange filled with real-world frustrations, enlightening explanations, and a hacker’s touch on how to fix what’s broken.\n\n\n","media":[],"title":"Open Source Hacker Vs. Government Lawyer: Clashing Views on Fixing Tech in the DoD\r\n","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"“What do you mean I can’t bring my car keys into this building?” \r\n\r\n“No internet?? But how do I download things from GitHub?” \r\n\r\nJoin a recovering government attorney and an open-source hacker for a fiery debate that dives into the world of DoD cybersecurity inefficiencies. Rebecca, a former DoD lawyer, pairs her intricate understanding of perplexing government policies with Eddie’s fresh, critical (and dare we say naive?) insights from the private sector. This session will explore the frustrating “how” behind the government’s “why,” from slow booting government laptops to the realities of “military-grade technology.” Together, they will challenge the status quo, proposing innovative, open-source inspired solutions to streamline and secure DoD operations. Expect a dynamic exchange filled with real-world frustrations, enlightening explanations, and a hacker’s touch on how to fix what’s broken.","updated_timestamp":{"seconds":1720394584,"nanoseconds":0},"speakers":[{"content_ids":[54576],"conference_id":133,"event_ids":[54951],"name":"Eddie Zaneski","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Defense Unicorns","title":"Open Source Tech Lead"}],"links":[],"pronouns":null,"media":[],"id":54257,"title":"Open Source Tech Lead at Defense Unicorns"},{"content_ids":[54576],"conference_id":133,"event_ids":[54951],"name":"Rebecca Lively","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Defense Unicorns","title":"Polymath"}],"links":[],"pronouns":null,"media":[],"id":54365,"title":"Polymath at Defense Unicorns"}],"begin_tsz":"2024-08-09T22:15:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T23:23:04Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":54951,"tag_ids":[46388,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723241700,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54257},{"tag_id":46167,"sort_order":1,"person_id":54365}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-09T22:15:00.000-0000","updated":"2024-07-07T23:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A CI/CD pipeline is a sequence of steps designed to automate the software delivery process. DevOps environments consist of multiple systems that collaborate to facilitate CI/CD pipelines. However, DevOps systems are significant targets for attackers due to their possession of credentials and access keys for various components, including domain accounts, databases, and cloud assets.\nEpyon is a versatile tool for red teamers to target common DevOps systems. It is open source and written entirely in Golang. Moreover, it features multiple modules, such as GitLab, SonarQube, and Azure DevOps.\nDuring this demonstration, I will present examples (based on real project experiences) of how to utilize Epyon for privilege escalation and lateral movement within a DevOps environment.\n\n\n","media":[],"title":"Epyon - Attacking DevOps environments","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:40:00Z","end_timestamp":{"seconds":1723243200,"nanoseconds":0},"android_description":"A CI/CD pipeline is a sequence of steps designed to automate the software delivery process. DevOps environments consist of multiple systems that collaborate to facilitate CI/CD pipelines. However, DevOps systems are significant targets for attackers due to their possession of credentials and access keys for various components, including domain accounts, databases, and cloud assets.\nEpyon is a versatile tool for red teamers to target common DevOps systems. It is open source and written entirely in Golang. Moreover, it features multiple modules, such as GitLab, SonarQube, and Azure DevOps.\nDuring this demonstration, I will present examples (based on real project experiences) of how to utilize Epyon for privilege escalation and lateral movement within a DevOps environment.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55486],"conference_id":133,"event_ids":[55915],"name":"Victor Pasknel","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"pasknel","sort_order":0,"url":"https://pasknel"}],"media":[],"id":56018}],"begin_tsz":"2024-08-09T22:10:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T22:40:00.000-0000","id":55915,"tag_ids":[46169,46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723241400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":56018}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T22:10:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Curious about mobile phone privacy? Come on over for this workshop with lots of direct Q&A!\n\n\n","media":[],"title":"Basic Mobile Phone Privacy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T22:30:00Z","end_timestamp":{"seconds":1723242600,"nanoseconds":0},"android_description":"Curious about mobile phone privacy? Come on over for this workshop with lots of direct Q&A!","updated_timestamp":{"seconds":1723249495,"nanoseconds":0},"speakers":[{"content_ids":[54553,56218],"conference_id":133,"event_ids":[56872,56878,54928],"name":"Grey Fox","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54320}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-10T00:24:55Z","links":[],"end":"2024-08-09T22:30:00.000-0000","id":56872,"tag_ids":[46377,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54320}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-10T00:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Generative AI vs Crusty NCO","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723225140,"nanoseconds":0},"speakers":[{"content_ids":[56210],"conference_id":133,"event_ids":[56864],"name":"Col Travis Hartman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56602}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T17:39:00Z","links":[],"end":"2024-08-09T22:45:00.000-0000","id":56864,"tag_ids":[46409,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56602}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W213-W214","hotel":"","short_name":"W213-W214","id":46286},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-09T17:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Before you can deal with secrets sprawl, you first need to understand how deep the issue of plaintext secrets can be. Improperly stored and shared secrets are a problem beyond just the top layer of code you put in production. It affects feature branches, old commits, logs, and communication and collaboration tools.\r\n\r\nIn this exercise, you will be challenged to find all the secrets and then use a special tool to quickly validate the secrets and your work. Walk away from this exercise ready to apply the lessons learned to make your organization safer in no time.\n\n\n","media":[],"title":"Activity: Spot the Secrets: Finding Secrets Throughout Your Environments by GitGuardian","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"Before you can deal with secrets sprawl, you first need to understand how deep the issue of plaintext secrets can be. Improperly stored and shared secrets are a problem beyond just the top layer of code you put in production. It affects feature branches, old commits, logs, and communication and collaboration tools.\r\n\r\nIn this exercise, you will be challenged to find all the secrets and then use a special tool to quickly validate the secrets and your work. Walk away from this exercise ready to apply the lessons learned to make your organization safer in no time.","updated_timestamp":{"seconds":1723007453,"nanoseconds":0},"speakers":[{"content_ids":[56165],"conference_id":133,"event_ids":[56809,56817,56818],"name":"mcdwayne","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56551}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T05:10:53Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":56817,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56551}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 2","hotel":"","short_name":"ASV Pod 2","id":46467},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-07T05:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for a revealing exploration of open-source trust and its vulnerabilities. In this captivating activity, we will delve into the fascinating world of developer credibility and the unsettling phenomenon of faking GitHub contributions. With open source becoming an integral part of software development, we find ourselves relying on strangers to provide us with code. Trust is often based on factors like the number of stars on a package or the credibility of the package’s maintainer on GitHub. However, what if I told you that all of this could be convincingly spoofed?\n\n\n","media":[],"title":"Activity: Hacking Developers’ Trust – Faking GitHub Contribution by Checkmarx","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"Join us for a revealing exploration of open-source trust and its vulnerabilities. In this captivating activity, we will delve into the fascinating world of developer credibility and the unsettling phenomenon of faking GitHub contributions. With open source becoming an integral part of software development, we find ourselves relying on strangers to provide us with code. Trust is often based on factors like the number of stars on a package or the credibility of the package’s maintainer on GitHub. However, what if I told you that all of this could be convincingly spoofed?","updated_timestamp":{"seconds":1723007375,"nanoseconds":0},"speakers":[{"content_ids":[55713,56163],"conference_id":133,"event_ids":[56807,56814,56239],"name":"Ori Ron","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56076},{"content_ids":[55713,56163],"conference_id":133,"event_ids":[56807,56814,56239],"name":"Tal Folkman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56087},{"content_ids":[56163,56167],"conference_id":133,"event_ids":[56807,56811,56814,56823],"name":"Mário Leitão-Teixeira","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56550}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T05:09:35Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":56807,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56087},{"tag_id":46167,"sort_order":4,"person_id":56076},{"tag_id":46167,"sort_order":6,"person_id":56550}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 3","hotel":"","short_name":"ASV Pod 3","id":46468},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-07T05:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Our software systems are vulnerable. Imagine a world where they're not. DARPA's Information Innovation Office discusses the agency's mission in closing the software vulnerability gap\n\n\n","media":[],"title":"Closing the Software Vulnerability Gap","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"Our software systems are vulnerable. Imagine a world where they're not. DARPA's Information Innovation Office discusses the agency's mission in closing the software vulnerability gap","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[56128],"conference_id":133,"event_ids":[56771],"name":"Dr. Kathleen Fisher","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DARPA","title":"DARPA Information Innovation Office Director"}],"pronouns":"she/her","links":[{"description":"","title":"DARPA Profile","sort_order":0,"url":"https://www.darpa.mil/staff/dr-kathleen-fisher"},{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/kathleen-fisher-4000964"}],"media":[],"id":56518,"title":"DARPA Information Innovation Office Director at DARPA"}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-09T22:45:00.000-0000","id":56771,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56518}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Hands-on workshop","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722715708,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T20:08:28Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":56609,"tag_ids":[46367,46734],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-03T20:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"One of the major problems faced by law enforcement and investigators is the process of identifying threat actors who use the tor network. The purpose of this work is to show that sometimes these Threat Actors fall into the same problems as other victims of malicious artifacts on the Internet.\n\n\n","media":[],"title":"Removing OPSEC from Cyber Predators and Threat Actors","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"One of the major problems faced by law enforcement and investigators is the process of identifying threat actors who use the tor network. The purpose of this work is to show that sometimes these Threat Actors fall into the same problems as other victims of malicious artifacts on the Internet.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55963,55976],"conference_id":133,"event_ids":[56579,56592],"name":"Thiago Bordini","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Head Cyber Threat Intelligence"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@tbordini)","sort_order":0,"url":"https://www.twitter.com/tbordini"}],"media":[],"id":56298,"title":"Head Cyber Threat Intelligence"}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56579,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56298}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is an AMA/Podcast that will be recorded on-site.\n\n\n","media":[],"title":"Interview - Scott Helme, Hosted by Shubham","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"This is an AMA/Podcast that will be recorded on-site.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55903],"conference_id":133,"event_ids":[56490],"name":"Scott Helme","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56281},{"content_ids":[55903],"conference_id":133,"event_ids":[56490],"name":"Shubham","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56282}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56490,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56281},{"tag_id":46167,"sort_order":4,"person_id":56282}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"After this interactive talk, you will never see images the same way again. This enlightening session explores the dynamic realm of GEOINT (Geospatial Intelligence), a captivating subset of OSINT (Open Source Intelligence) that unlocks a wealth of hidden insights within images and videos. From identifying objects, landscapes, and aircraft to interpreting symbols, shadows, and reflections, we'll go deep into the art of imagery analysis. Learn how to decode the language of trees, signs, text and logos, and uncover the strategic implications behind seemingly mundane details using common browser tools. This talk promises to equip you with mind-blowing skills that you can easily learn as I take you through multiple demos.\n\n\n","media":[],"title":"GeoINT Mastery: A pixel is worth a thousand words","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"After this interactive talk, you will never see images the same way again. This enlightening session explores the dynamic realm of GEOINT (Geospatial Intelligence), a captivating subset of OSINT (Open Source Intelligence) that unlocks a wealth of hidden insights within images and videos. From identifying objects, landscapes, and aircraft to interpreting symbols, shadows, and reflections, we'll go deep into the art of imagery analysis. Learn how to decode the language of trees, signs, text and logos, and uncover the strategic implications behind seemingly mundane details using common browser tools. This talk promises to equip you with mind-blowing skills that you can easily learn as I take you through multiple demos.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55276,55902],"conference_id":133,"event_ids":[55666,56489],"name":"Mishaal Khan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@mish3alkhan)","sort_order":0,"url":"https://twitter.com/mish3alkhan"}],"media":[],"id":55829}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T22:45:00.000-0000","id":56489,"tag_ids":[46391,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55829}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"One of the best parts of DEF CON is the glitz and glam of Vegas, the gambling capital of the world. Many have explored hacking casinos (on and off stage). Unfortunately, it’s just not like it is portrayed in the Oceans franchise.. in real life there’s much less action, no George Clooney, and it’s a lot harder to pull off a heist than it seems.\n\nWell fortunately I’m not your typical hacker, I’m an AI hacker. I use adversarial machine learning techniques to disrupt, deceive and disclose information from Artificial Intelligence systems. I chose my target carefully: Canberra Casino. It’s the best casino in my city.. It’s also the only casino but that’s not the point.\n\nThe casino industry is at an interesting inflection point. Many large casinos have already adopted AI for surveillance and gameplay monitoring, smaller casinos are starting to make the transition, and there’s only a couple of companies in the world that provide this software. It’s ripe for exploitation.\n\nIn this talk I’m going to show you how I bypassed casino AI systems - facial recognition, surveillance systems and game monitoring. AI Security is the new cyber security threat, and attacks on AI systems could have broad implications including misdiagnoses in medical imaging, navigation errors in autonomous vehicles.. and successful casino heists.\n\n\n","media":[],"title":"On Your Ocean’s 11 Team, I’m the AI Guy (technically Girl)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"One of the best parts of DEF CON is the glitz and glam of Vegas, the gambling capital of the world. Many have explored hacking casinos (on and off stage). Unfortunately, it’s just not like it is portrayed in the Oceans franchise.. in real life there’s much less action, no George Clooney, and it’s a lot harder to pull off a heist than it seems.\n\nWell fortunately I’m not your typical hacker, I’m an AI hacker. I use adversarial machine learning techniques to disrupt, deceive and disclose information from Artificial Intelligence systems. I chose my target carefully: Canberra Casino. It’s the best casino in my city.. It’s also the only casino but that’s not the point.\n\nThe casino industry is at an interesting inflection point. Many large casinos have already adopted AI for surveillance and gameplay monitoring, smaller casinos are starting to make the transition, and there’s only a couple of companies in the world that provide this software. It’s ripe for exploitation.\n\nIn this talk I’m going to show you how I bypassed casino AI systems - facial recognition, surveillance systems and game monitoring. AI Security is the new cyber security threat, and attacks on AI systems could have broad implications including misdiagnoses in medical imaging, navigation errors in autonomous vehicles.. and successful casino heists.","updated_timestamp":{"seconds":1722625241,"nanoseconds":0},"speakers":[{"content_ids":[54612,54447,55880],"conference_id":133,"event_ids":[56465,54820,54986],"name":"Harriet Farlow","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Mileva Security Labs","title":"CEO"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/harriet-farlow-654963b7/"},{"description":"","title":"YouTube","sort_order":0,"url":"https://www.youtube.com/@HarrietHacks"},{"description":"","title":"www.harriethacks.com/","sort_order":0,"url":"https://www.harriethacks.com/"},{"description":"","title":"www.mileva.com.au/about-us","sort_order":0,"url":"https://www.mileva.com.au/about-us"}],"media":[],"id":54195,"title":"CEO at Mileva Security Labs"}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:00:41Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56465,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54195}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-02T19:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this two-part presentation, we will explore the workings of trapped-ion quantum computers. The first part provides an introduction to the fundamental concepts of quantum computation, as well as the scientific principles behind implementing these concepts with lasers and trapped ions. The second part delves into the practical aspects of trapped-ion quantum computing by following a quantum circuit through the process of compilation and execution by control electronics.\n\n\n","media":[],"title":"Trapped Ion Quantum Computing Systems - Behind The Scenes: from the physics to control electronics","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"In this two-part presentation, we will explore the workings of trapped-ion quantum computers. The first part provides an introduction to the fundamental concepts of quantum computation, as well as the scientific principles behind implementing these concepts with lasers and trapped ions. The second part delves into the practical aspects of trapped-ion quantum computing by following a quantum circuit through the process of compilation and execution by control electronics.","updated_timestamp":{"seconds":1722865255,"nanoseconds":0},"speakers":[{"content_ids":[55845],"conference_id":133,"event_ids":[56432],"name":"Daiwei Zhu","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56222},{"content_ids":[55845],"conference_id":133,"event_ids":[56432],"name":"Rick Altherr","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56223}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-05T13:40:55Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56432,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56222},{"tag_id":46167,"sort_order":4,"person_id":56223}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-08-05T13:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Regardless of where it is hosted, a codebase could end up in the hands of malicious actors. Aside from the open source scenario, attackers may utilize sophisticated techniques to access and download it. An example is Okta's 2022 breach, in which the source code of the identity and access management platform was obtained from GitHub.\r\n\r\nDevelopers are advised to adopt a shift-left approach, uncovering as many code flaws as possible before releasing it to the public.\r\n\r\n\"The Open Source Fortress\" will provide a framework for detecting vulnerabilities in codebases with open-source tools. The examples imply the discovery of vulnerabilities in a custom, purposefully vulnerable codebase written in C and Python. Static techniques such as symbolic execution, secret scanning, code querying, and dependency scanning will be discussed, as will dynamic techniques such as fuzzing.\n\n\n","media":[],"title":"The Open Source Fortress: Finding Vulnerabilities in Your Codebase Using Open Source Tools","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T00:30:00Z","end_timestamp":{"seconds":1723249800,"nanoseconds":0},"android_description":"Regardless of where it is hosted, a codebase could end up in the hands of malicious actors. Aside from the open source scenario, attackers may utilize sophisticated techniques to access and download it. An example is Okta's 2022 breach, in which the source code of the identity and access management platform was obtained from GitHub.\r\n\r\nDevelopers are advised to adopt a shift-left approach, uncovering as many code flaws as possible before releasing it to the public.\r\n\r\n\"The Open Source Fortress\" will provide a framework for detecting vulnerabilities in codebases with open-source tools. The examples imply the discovery of vulnerabilities in a custom, purposefully vulnerable codebase written in C and Python. Static techniques such as symbolic execution, secret scanning, code querying, and dependency scanning will be discussed, as will dynamic techniques such as fuzzing.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55740],"conference_id":133,"event_ids":[56266],"name":"iosifache","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56116}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-10T00:30:00.000-0000","id":56266,"tag_ids":[46370,46734],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56116}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Classroom","hotel":"","short_name":"ASV Classroom","id":46465},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As the adoption of CI/CD practices continues to grow, securing these pipelines has become increasingly important. However, identifying vulnerabilities in CI/CD pipelines can be daunting, especially at scale. In this talk, we present our tooling, which we intend to release as open-source software to the public that helped us uncover hundreds of vulnerabilities in popular open-source projects' CI/CD pipelines.\r\n\r\nRAVEN (Risk Analysis and Vulnerability Enumeration for CI/CD) is a powerful security tool designed to perform massive scans for GitHub Actions CI workflows and digest the discovered data into a Neo4j database. With RAVEN, we were able to identify and address potential security vulnerabilities in some of the most popular repositories hosted on GitHub, including FreeCodeCamp, Fluent UI by Microsoft, and much more. \r\nThis tool provides a reliable and scalable solution for security analysis, enabling users to query the database and gain insights about their codebase's security posture\n\n\n","media":[],"title":"Arsenal: Introducing RAVEN - Discovering and Analyzing CI/CD Vulnerabilities in Scale","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"As the adoption of CI/CD practices continues to grow, securing these pipelines has become increasingly important. However, identifying vulnerabilities in CI/CD pipelines can be daunting, especially at scale. In this talk, we present our tooling, which we intend to release as open-source software to the public that helped us uncover hundreds of vulnerabilities in popular open-source projects' CI/CD pipelines.\r\n\r\nRAVEN (Risk Analysis and Vulnerability Enumeration for CI/CD) is a powerful security tool designed to perform massive scans for GitHub Actions CI workflows and digest the discovered data into a Neo4j database. With RAVEN, we were able to identify and address potential security vulnerabilities in some of the most popular repositories hosted on GitHub, including FreeCodeCamp, Fluent UI by Microsoft, and much more. \r\nThis tool provides a reliable and scalable solution for security analysis, enabling users to query the database and gain insights about their codebase's security posture","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55724,55742],"conference_id":133,"event_ids":[56242,56255],"name":"Oreen Livni","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56075},{"content_ids":[55724,55742],"conference_id":133,"event_ids":[56242,56255],"name":"Elad Pticha","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56111}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56242,"tag_ids":[46169,46370,46438,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"Tool 🛠, Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":56111},{"tag_id":46167,"sort_order":1,"person_id":56075}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Arsenal 2","hotel":"","short_name":"ASV Arsenal 2","id":46470},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"HunterBounter is an open-source tool designed to automate the scanning processes of tools like OpenVAS and ZAP Proxy using multiple Docker containers. Each container establishes a VPN connection to bypass security measures like IP bans during automated scans. The tool simplifies automated scanning for bug bounty hunters and penetration testers. Development is ongoing to integrate more open-source products for mobile, web application, and network scanning.\r\n\r\nMore information about the tool:\r\nhttps://hunterbounter.com\r\nSource code:\r\nhttps://github.com/hunterbounter\r\n\r\nDemo Platform:\r\nhttps://panel.hunterbounter.com\r\nUsername:\r\nAppSecVillage\r\nPassword:\r\ngX8Q.Ja7!RMHD.kzSp!Zyu?AWGV\n\n\n","media":[],"title":"Arsenal: HunterBounter - Swiss Army Knife for Bug Bounty","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"HunterBounter is an open-source tool designed to automate the scanning processes of tools like OpenVAS and ZAP Proxy using multiple Docker containers. Each container establishes a VPN connection to bypass security measures like IP bans during automated scans. The tool simplifies automated scanning for bug bounty hunters and penetration testers. Development is ongoing to integrate more open-source products for mobile, web application, and network scanning.\r\n\r\nMore information about the tool:\r\nhttps://hunterbounter.com\r\nSource code:\r\nhttps://github.com/hunterbounter\r\n\r\nDemo Platform:\r\nhttps://panel.hunterbounter.com\r\nUsername:\r\nAppSecVillage\r\nPassword:\r\ngX8Q.Ja7!RMHD.kzSp!Zyu?AWGV","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55741],"conference_id":133,"event_ids":[56241],"name":"Utku Yildirim","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56093}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56241,"tag_ids":[46169,46370,46438,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"Tool 🛠, Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":56093}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Arsenal 1","hotel":"","short_name":"ASV Arsenal 1","id":46469},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us at Telecom Village, DEFCON for a workshop on 2G and 3G network architectures and SS7 protocols. Gain a deep understanding of GSM and 3G networks, discover SS7 vulnerabilities, and engage in hands-on activities to simulate and analyze SS7 attacks. Designed for telecom professionals, cybersecurity enthusiasts, and researchers, this session aims to enhance your knowledge and security awareness in legacy telecom infrastructures\n\n\n","media":[{"hash_sha256":"7d3bdf3ae394c5e5397b08f6342618b88ed69dd84ce34f5a64cc3d532a303a4f","filetype":"image/webp","hash_md5":"d511b3850ee1b7e3d01cff37209be59b","name":"content_telecom_telecomtimemachine.webp","is_logo":"Y","hash_crc32c":"2053e9e5","filesize":161152,"asset_id":826,"sort_order":1,"url":"https://info.defcon.org/blobs/content_telecom_telecomtimemachine.webp"}],"title":"Telecom Time Machine","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"Join us at Telecom Village, DEFCON for a workshop on 2G and 3G network architectures and SS7 protocols. Gain a deep understanding of GSM and 3G networks, discover SS7 vulnerabilities, and engage in hands-on activities to simulate and analyze SS7 attacks. Designed for telecom professionals, cybersecurity enthusiasts, and researchers, this session aims to enhance your knowledge and security awareness in legacy telecom infrastructures","updated_timestamp":{"seconds":1722352176,"nanoseconds":0},"speakers":[{"content_ids":[55560],"conference_id":133,"event_ids":[56075],"name":"Nadeem Bagwan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/nadeem-bagwan-777856126/"}],"media":[],"id":56032}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T15:09:36Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":56075,"tag_ids":[46395,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56032}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W201","hotel":"","short_name":"W201","id":46281},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-30T15:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Breaking into the capture the flag (CTF) world can be daunting and many people are overwhelmed when faced with participation in these events and challenges. With how beneficial the various challenges can be to both beginners and seasoned professionals, we want to demystify this world and help people get the most out of them. This is a full hands-on course on how to do CTFs, tools and more. Bring your laptops!\n\n\n","media":[],"title":"C2Society / DC702 Intro to CTFs","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Breaking into the capture the flag (CTF) world can be daunting and many people are overwhelmed when faced with participation in these events and challenges. With how beneficial the various challenges can be to both beginners and seasoned professionals, we want to demystify this world and help people get the most out of them. This is a full hands-on course on how to do CTFs, tools and more. Bring your laptops!","updated_timestamp":{"seconds":1722361378,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T17:42:58Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55757,"tag_ids":[46398,46641],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-30T17:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ethernet for Plant Automation (EPA) is one of the global variety of IEC 61158 standards, developed as a regionalized versions of Fieldbus standards, used predominantly in industrial settings with prohibitive latency and durability requirements. EPA in particular seems to be used exclusively in the People's Republic of China, and largely for power stations.\r\n\r\nIn this talk, I will cover the standard through both IEC and GB/T documents, both in English and Mandarin, the protocol's history used in sensitive national projects, and what supporting the standard is like. I'll even dive in to some example software and hardware that use the standard, and show some POC code for interacting with EPA devices, should you be lucky enough to find yourself on a network with an EPA-supported router or PLC.\n\n\n","media":[],"title":"The People's Republic of Fieldbus: What to know about EPA","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:25:00Z","end_timestamp":{"seconds":1723242300,"nanoseconds":0},"android_description":"Ethernet for Plant Automation (EPA) is one of the global variety of IEC 61158 standards, developed as a regionalized versions of Fieldbus standards, used predominantly in industrial settings with prohibitive latency and durability requirements. EPA in particular seems to be used exclusively in the People's Republic of China, and largely for power stations.\r\n\r\nIn this talk, I will cover the standard through both IEC and GB/T documents, both in English and Mandarin, the protocol's history used in sensitive national projects, and what supporting the standard is like. I'll even dive in to some example software and hardware that use the standard, and show some POC code for interacting with EPA devices, should you be lucky enough to find yourself on a network with an EPA-supported router or PLC.","updated_timestamp":{"seconds":1721781610,"nanoseconds":0},"speakers":[{"content_ids":[55346],"conference_id":133,"event_ids":[55738],"name":"Jonathan Reiter","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55957}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T00:40:10Z","links":[],"end":"2024-08-09T22:25:00.000-0000","id":55738,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55957}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-24T00:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"On April 30th, the White House released National Security Memorandum-22 (NSM) on Critical Infrastructure Security and Resilience, which updates national policy on how the U.S. government protects and secures critical infrastructure from cyber and all-hazard threats. NSM-22 recognizes the changed risk landscape over the past decade and leverages the enhanced authorities of federal departments and agencies to implement a new risk management cycle that prioritizes collaborating with partners to identify and mitigate sector, cross-sector, and nationally significant risk. The culmination of this cycle is the creation of the National Infrastructure Risk Management Plan (National Plan)—thereby replacing the 2013 National Infrastructure Protection Plan—and will guide the Federal effort to mitigate cross-sector and national risks to critical infrastructure. As the National Coordinator for critical infrastructure security and resilience, CISA will develop this National Plan to be forward-looking and one that employs all available Federal tools, resources, and authorities to manage and reduce national-level risks, including those cascading across critical infrastructure sectors. In other words, the National Plan will be the federal government’s comprehensive plan to mitigate and manage cross-sector risk. And that is why CISA is asking for you to help us and Sector Risk Management Agencies (SRMAs) over the course of the year as we develop this foundational document. During this session, two of the CISA leads when it comes to drafting this document will briefly walk through their approach, and then the rest of the session will be devoted to guided discussion and feedback.\n\n\n","media":[],"title":"NSM-22 and the National Risk Management Plan: CISA Wants to Hear from You on How to Protect Our Nation’s Critical Infrastructure","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:45:00Z","end_timestamp":{"seconds":1723247100,"nanoseconds":0},"android_description":"On April 30th, the White House released National Security Memorandum-22 (NSM) on Critical Infrastructure Security and Resilience, which updates national policy on how the U.S. government protects and secures critical infrastructure from cyber and all-hazard threats. NSM-22 recognizes the changed risk landscape over the past decade and leverages the enhanced authorities of federal departments and agencies to implement a new risk management cycle that prioritizes collaborating with partners to identify and mitigate sector, cross-sector, and nationally significant risk. The culmination of this cycle is the creation of the National Infrastructure Risk Management Plan (National Plan)—thereby replacing the 2013 National Infrastructure Protection Plan—and will guide the Federal effort to mitigate cross-sector and national risks to critical infrastructure. As the National Coordinator for critical infrastructure security and resilience, CISA will develop this National Plan to be forward-looking and one that employs all available Federal tools, resources, and authorities to manage and reduce national-level risks, including those cascading across critical infrastructure sectors. In other words, the National Plan will be the federal government’s comprehensive plan to mitigate and manage cross-sector risk. And that is why CISA is asking for you to help us and Sector Risk Management Agencies (SRMAs) over the course of the year as we develop this foundational document. During this session, two of the CISA leads when it comes to drafting this document will briefly walk through their approach, and then the rest of the session will be devoted to guided discussion and feedback.","updated_timestamp":{"seconds":1721778710,"nanoseconds":0},"speakers":[{"content_ids":[55333],"conference_id":133,"event_ids":[55724],"name":"Michael Garcia","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DHS Cyber Security and Infrastructure Security Agency","title":"Senior Policy Advisor for the Office of Strategy, Policy, and Plans"}],"links":[],"pronouns":null,"media":[],"id":55934,"title":"Senior Policy Advisor for the Office of Strategy, Policy, and Plans at DHS Cyber Security and Infrastructure Security Agency"},{"content_ids":[55333],"conference_id":133,"event_ids":[55724],"name":"William Loomis","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DHS Cyber Security and Infrastructure Security Agency","title":"Cyber Policy Advisor for the Office of Strategy, Policy, and Plans"}],"links":[],"pronouns":null,"media":[],"id":55943,"title":"Cyber Policy Advisor for the Office of Strategy, Policy, and Plans at DHS Cyber Security and Infrastructure Security Agency"}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-23T23:51:50Z","links":[],"end":"2024-08-09T23:45:00.000-0000","id":55724,"tag_ids":[46388,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":55943},{"tag_id":46487,"sort_order":4,"person_id":55934}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-23T23:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the realm of cybersecurity, Threat Emulation is akin to a skilled wizard mastering the arcane arts of replicating real-world threats and their myriad behaviors to scrutinize the defenses of an organization. This mystical practice involves crafting Intelligence-driven scenarios, woven with the threads of reality, to mimic the nefarious maneuvers of creatures that lurk in the shadows. By summoning these simulated events, organizations can fortify their defenses, sharpening their blades against the invisible foes that threaten their digital realms.\r\n\r\nEmbark on a quest with Trey, the seasoned Threat Emulator, as he unveils the secrets of this mystical art.\n\n\n","media":[],"title":"Threat Emulation 101","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T22:50:00Z","end_timestamp":{"seconds":1723243800,"nanoseconds":0},"android_description":"In the realm of cybersecurity, Threat Emulation is akin to a skilled wizard mastering the arcane arts of replicating real-world threats and their myriad behaviors to scrutinize the defenses of an organization. This mystical practice involves crafting Intelligence-driven scenarios, woven with the threads of reality, to mimic the nefarious maneuvers of creatures that lurk in the shadows. By summoning these simulated events, organizations can fortify their defenses, sharpening their blades against the invisible foes that threaten their digital realms.\r\n\r\nEmbark on a quest with Trey, the seasoned Threat Emulator, as he unveils the secrets of this mystical art.","updated_timestamp":{"seconds":1721595407,"nanoseconds":0},"speakers":[{"content_ids":[55281,55993],"conference_id":133,"event_ids":[55671,56615],"name":"Trey Bilbrey","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SCYTHE Labs","title":"Lead"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/georgebilbrey"},{"description":"","title":"Twitter (@TCraf7)","sort_order":0,"url":"https://twitter.com/TCraf7"}],"media":[],"id":55832,"title":"Lead at SCYTHE Labs"}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T20:56:47Z","links":[],"end":"2024-08-09T22:50:00.000-0000","id":55671,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55832}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-21T20:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for an immersive workshop that will revolutionize your approach to Command-and-Control (C2) infrastructure deployments. Whether you're a seasoned Red Team operator or just starting your offensive security journey, this workshop is designed to equip you with the tools and knowledge to create scalable, operationally secure C2 infrastructure using the power of automation.\r\n\r\nIn this hands-on session, we'll demystify the process of deploying and configuring C2 components, such as frameworks, redirectors, and associated compute infrastructure.\r\n\r\nYou'll learn how to leverage infrastructure as code principles to create consistent, reliable, and secure C2 deployments, all while minimizing the risk of human error.\r\n\r\nWe'll dive deep into the best practices for designing and implementing C2 infrastructure automation, with a strong emphasis on operational security from the ground up.\r\n\r\nOur instructor will guide you through real-world examples and provide you with a solid foundation for building your own secure C2 deployments.\r\n\r\nWhether you're looking to enhance your Red Team capabilities or simply want to streamline your offensive security workflows, this workshop is perfect for you.\r\n\r\nJoin us and unlock the ability to spend less time on 'Sysadmin' tasks and more time focusing on what matters most – attacking and improving your organization's security posture!\r\n\r\nNo prior experience with C2 infrastructure automation is required.\r\n\r\nOur instructor will guide you every step of the way, ensuring that you leave the workshop with the confidence and skills to create secure, automated C2 deployments.\r\n\r\nDon't miss this opportunity to take your offensive security skills to the next level. Register now and unlock the power of secure C2 infrastructure automation!\n\n\n","media":[],"title":"New Skill Unlocked: C2 Infrastructure Automation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T23:50:00Z","end_timestamp":{"seconds":1723247400,"nanoseconds":0},"android_description":"Join us for an immersive workshop that will revolutionize your approach to Command-and-Control (C2) infrastructure deployments. Whether you're a seasoned Red Team operator or just starting your offensive security journey, this workshop is designed to equip you with the tools and knowledge to create scalable, operationally secure C2 infrastructure using the power of automation.\r\n\r\nIn this hands-on session, we'll demystify the process of deploying and configuring C2 components, such as frameworks, redirectors, and associated compute infrastructure.\r\n\r\nYou'll learn how to leverage infrastructure as code principles to create consistent, reliable, and secure C2 deployments, all while minimizing the risk of human error.\r\n\r\nWe'll dive deep into the best practices for designing and implementing C2 infrastructure automation, with a strong emphasis on operational security from the ground up.\r\n\r\nOur instructor will guide you through real-world examples and provide you with a solid foundation for building your own secure C2 deployments.\r\n\r\nWhether you're looking to enhance your Red Team capabilities or simply want to streamline your offensive security workflows, this workshop is perfect for you.\r\n\r\nJoin us and unlock the ability to spend less time on 'Sysadmin' tasks and more time focusing on what matters most – attacking and improving your organization's security posture!\r\n\r\nNo prior experience with C2 infrastructure automation is required.\r\n\r\nOur instructor will guide you every step of the way, ensuring that you leave the workshop with the confidence and skills to create secure, automated C2 deployments.\r\n\r\nDon't miss this opportunity to take your offensive security skills to the next level. Register now and unlock the power of secure C2 infrastructure automation!","updated_timestamp":{"seconds":1721595412,"nanoseconds":0},"speakers":[{"content_ids":[55280],"conference_id":133,"event_ids":[55670],"name":"Robert Pimentel","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@hacker_hermanos)","sort_order":0,"url":"https://twitter.com/hacker_hermanos"}],"media":[],"id":55830},{"content_ids":[55280],"conference_id":133,"event_ids":[55670],"name":"Josh Huff","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55831}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T20:56:52Z","links":[],"end":"2024-08-09T23:50:00.000-0000","id":55670,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55831},{"tag_id":46167,"sort_order":4,"person_id":55830}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-21T20:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Step into a cybernetic world where humanity and technology intertwine in a complex dance of evolution. Just like the cyberpunk masterpiece, we will augment our cybersecurity defenses through the fusion of artificial intelligence and human ingenuity.\n\nIn this presentation, we explore the symbiotic relationship between humans and AI, mirroring the fusion of man and machine in Ghost in the Shell. Through the lens of AI-enhanced threat modeling, we uncover how Generative Artificial Intelligence Language Models (GenAI LLMs) empower penetration testing and red teaming professionals to transcend traditional boundaries and improve security early in the design process. Additionally, they contribute to more efficient testing of completed systems and applications.\n\nJoin us as we journey through the cybernetic landscape, where attendees will learn to merge human intuition with AI intelligence to fortify solutions and improve offensive security testing. Together, we will transcend the limitations of conventional approaches and embrace the cybernetic evolution that awaits us.\n\n\n","media":[],"title":"GHOST in the Model: Generating AI-Assisted Threat Models for Efficient Offensive Security Testing","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T22:50:00Z","end_timestamp":{"seconds":1723243800,"nanoseconds":0},"android_description":"Step into a cybernetic world where humanity and technology intertwine in a complex dance of evolution. Just like the cyberpunk masterpiece, we will augment our cybersecurity defenses through the fusion of artificial intelligence and human ingenuity.\n\nIn this presentation, we explore the symbiotic relationship between humans and AI, mirroring the fusion of man and machine in Ghost in the Shell. Through the lens of AI-enhanced threat modeling, we uncover how Generative Artificial Intelligence Language Models (GenAI LLMs) empower penetration testing and red teaming professionals to transcend traditional boundaries and improve security early in the design process. Additionally, they contribute to more efficient testing of completed systems and applications.\n\nJoin us as we journey through the cybernetic landscape, where attendees will learn to merge human intuition with AI intelligence to fortify solutions and improve offensive security testing. Together, we will transcend the limitations of conventional approaches and embrace the cybernetic evolution that awaits us.","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55279],"conference_id":133,"event_ids":[55669],"name":"Sam Cosentino","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55833}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T22:50:00.000-0000","id":55669,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55833}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Over the years, while people have expressed more and more concern about what freedoms we have in the US, less and less understanding of what true freedom means has been demonstrated. Here, we take a look at the related definitions, and how technology has been both a secret advocate and opponent of the freedoms we claim to desire so much.\n\n\n","media":[],"title":"Life, Liberty and the pursuit of Convenience: the slow death of independence","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Over the years, while people have expressed more and more concern about what freedoms we have in the US, less and less understanding of what true freedom means has been demonstrated. Here, we take a look at the related definitions, and how technology has been both a secret advocate and opponent of the freedoms we claim to desire so much.","updated_timestamp":{"seconds":1721495207,"nanoseconds":0},"speakers":[{"content_ids":[55195],"conference_id":133,"event_ids":[55585],"name":"Kaleeque Pierce","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Management Professional"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/kaleequepierce/"}],"media":[],"id":55796,"title":"Management Professional"}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T17:06:47Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":55585,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55796}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-20T17:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Prototype pollution is a vulnerability in JavaScript applications that can have varying impacts depending on the complexity and nature of the affected app. By manipulating an object's prototype chain, an attacker can introduce malicious properties, leading to unexpected behavior and potentially allowing the attacker to execute arbitrary code.\r\nIn this workshop, we will first try to understand the subtleties of the Javascript prototype chain. Then, we will explore different techniques for black box detection. Finally, we will use pp-finder to find new RCE gadgets in popular libraries.\r\n\r\nPre-Requisites:\r\n- Attendees are expect to have basic Javascript knowledge and have a computer with docker ready\n\n\n","media":[],"title":"Prototype Pollution in Depth, From Beginner to 0-Day Hunter","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T23:30:00Z","end_timestamp":{"seconds":1723246200,"nanoseconds":0},"android_description":"Prototype pollution is a vulnerability in JavaScript applications that can have varying impacts depending on the complexity and nature of the affected app. By manipulating an object's prototype chain, an attacker can introduce malicious properties, leading to unexpected behavior and potentially allowing the attacker to execute arbitrary code.\r\nIn this workshop, we will first try to understand the subtleties of the Javascript prototype chain. Then, we will explore different techniques for black box detection. Finally, we will use pp-finder to find new RCE gadgets in popular libraries.\r\n\r\nPre-Requisites:\r\n- Attendees are expect to have basic Javascript knowledge and have a computer with docker ready","updated_timestamp":{"seconds":1721438211,"nanoseconds":0},"speakers":[{"content_ids":[55172,55177],"conference_id":133,"event_ids":[55560,55565],"name":"Lucas Philippe","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"YesWeHack","title":""}],"pronouns":null,"links":[{"description":"","title":"@BitK","sort_order":0,"url":"https://twitter.com/BitK"}],"media":[],"id":54831,"title":"YesWeHack"}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T01:16:51Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#prototype-pollution-in-depth"}],"end":"2024-08-09T23:30:00.000-0000","id":55565,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54831}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-20T01:16:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk, I will detail my discovery and analysis of CVE 2023-52709, a vulnerability in the TI Bluetooth stack. This flaw allows the stack to fail in generating a resolvable Random Private Address (RPA), which can lead to a Denial of Service (DoS) for already bonded peer devices. The discussion will cover the technical aspects of the vulnerability, the implications for automotive security, and potential mitigation strategies.\n\n\n","media":[],"title":"Bluetooth Blues: Unmasking CVE 2023-52709 - The TI BLE5-Stack Attack","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:30:00Z","end_timestamp":{"seconds":1723242600,"nanoseconds":0},"android_description":"In this talk, I will detail my discovery and analysis of CVE 2023-52709, a vulnerability in the TI Bluetooth stack. This flaw allows the stack to fail in generating a resolvable Random Private Address (RPA), which can lead to a Denial of Service (DoS) for already bonded peer devices. The discussion will cover the technical aspects of the vulnerability, the implications for automotive security, and potential mitigation strategies.","updated_timestamp":{"seconds":1720403281,"nanoseconds":0},"speakers":[{"content_ids":[54627],"conference_id":133,"event_ids":[55001],"name":"Kevin Mitchell","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54313}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T01:48:01Z","links":[],"end":"2024-08-09T22:30:00.000-0000","id":55001,"tag_ids":[46375,46419,46437,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54313}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-08T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Many medical devices are “not connected to a network”, so let’s bring our own! This talk will teach you how to create a BadUSB device that can wirelessly execute payloads on “airgapped” systems like medical devices that aren’t connected to the internet. WIth only $10 of off-the-shelf hardware and some basic arduino code you too can start popping shells in the device lab.\n\n\n","media":[],"title":"Breaking Boundaries: Popping Shells in the Airgap with $10 and a Dash of Arduino Magic","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:30:00Z","end_timestamp":{"seconds":1723242600,"nanoseconds":0},"android_description":"Many medical devices are “not connected to a network”, so let’s bring our own! This talk will teach you how to create a BadUSB device that can wirelessly execute payloads on “airgapped” systems like medical devices that aren’t connected to the internet. WIth only $10 of off-the-shelf hardware and some basic arduino code you too can start popping shells in the device lab.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54575],"conference_id":133,"event_ids":[54950],"name":"Daniel Beard","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Mastodon (@varx@defcon.social)","sort_order":0,"url":"https://defcon.social/@varx"}],"media":[],"id":54324}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T22:30:00.000-0000","id":54950,"tag_ids":[46371,46419,46438,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54324}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"DC101 Panel","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1720307459,"nanoseconds":0},"speakers":[{"content_ids":[54462],"conference_id":133,"event_ids":[54835],"name":"Nikita Kronenberg","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DEF CON Communications","title":"Director of Content and Coordination"}],"links":[],"pronouns":"she/her","media":[],"id":55970,"title":"Director of Content and Coordination at DEF CON Communications"},{"content_ids":[54462],"conference_id":133,"event_ids":[54835],"name":"AdaZebra","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DEF CON 32","title":"Head of Hotline"}],"links":[],"pronouns":"she/her","media":[],"id":56607,"title":"Head of Hotline at DEF CON 32"},{"content_ids":[54462],"conference_id":133,"event_ids":[54835],"name":"Drew \"aNullValue\" Stemen","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Hacker Tracker","title":"Project Manager"}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@aNullValue@defcon.social)","sort_order":0,"url":"@aNullValue@defcon.social"},{"description":"","title":"Website","sort_order":0,"url":"https://anullvalue.net"}],"media":[],"id":56608,"title":"Project Manager at Hacker Tracker"},{"content_ids":[54462],"conference_id":133,"event_ids":[54835],"name":"Grifter","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DEF CON 32","title":"Contests & Events Lead"}],"links":[],"pronouns":null,"media":[],"id":56609,"title":"Contests & Events Lead at DEF CON 32"}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:59Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":54835,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":55970},{"tag_id":46487,"sort_order":4,"person_id":56608},{"tag_id":46487,"sort_order":6,"person_id":56609},{"tag_id":46487,"sort_order":8,"person_id":56607}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Do you consider the list of mobile apps you use and the frequency at which you use them private information? What about the GPS coordinates of the cell towers to which your smartphone connects? The Android framework restricts third-party apps from freely obtaining this information – unless the user explicitly grants the app access. Android is a diverse ecosystem that comes with many benefits, but device vendors can still unintentionally expose app usage and device location in a variety of ways. We uncover privacy leaks of both types of data, where pre-loaded vendor software exposes app usage and location to co-located software. We also explore various local exposures of this data, where it is leaked to resources that do not require any special permissions or privileges to access.\r\n\r\nWe discovered these leakages across several major vendors, including Samsung, Nokia, Transsion brands (i.e., Tecno, Infinix, and Itel), and additional vendors that utilize a pre-installed Qualcomm app for performance monitoring. We cover each of these exposures in detail. App usage reveals the subset of the apps that the user actually interacts with, which can be collected, combined with location data, and analyzed for advertising, profiling, and establishing user pattern-of-life.\r\n\r\n\r\n1. [link](https://developer.android.com/develop/sensors-and-location/location/permissions#accuracy)\r\n2. [link](https://developer.android.com/training/package-visibility)\r\n3. [link](https://support.google.com/googleplay/android-developer/answer/10158779)\r\n4. [link](https://developer.android.com/reference/android/app/ActivityManager#getRunningTasks)\r\n5. [link](https://android.googlesource.com/platform/frameworks/base/+/2d7576b%5E!/)\r\n6. [link](https://android.googlesource.com/platform/frameworks/base/+/refs/heads/android14-platform-release/core/res/AndroidManifest.xml#3080)\r\n7. [link](https://medium.com/@amir.ghm/a-deep-dive-to-get-the-top-activity-name-of-currently-running-application-in-android-50e5f17f47d5)\r\n8. [link](https://developer.android.com/reference/android/telephony/TelephonyManager#getAllCellInfo)\r\n9. [link](https://developer.android.com/reference/android/telephony/TelephonyManager#getCellLocation)\r\n10. [link](https://opencellid.org/)\r\n11. [link](https://www.idc.com/getdoc.jsp?containerId=prUS52032524)\r\n12. [link](https://gs.statcounter.com/vendor-market-share/mobile)\r\n13. [link](https://source.android.com/)\r\n14. [link](https://www.counterpointresearch.com/insights/global-smartphone-ap-market-share/)\r\n15. [link](https://en.wikipedia.org/wiki/Transsion)\r\n16. [link](https://www.simo.co/about-us)\r\n17. [link](https://play.google.com/store/apps/details?id=com.skyroam.app)\r\n18. [link](https://apkpure.com/simo-global-local-internet/com.skyroam.app/download)\r\n19. [link](https://www.quokka.io/blog/vsim-vulnerability-within-simo-android-phones-exposed)\r\n20. [link](https://7561470.fs1.hubspotusercontent-na1.net/hubfs/7561470/QKKA_Resources/Security%20Analysis%20of%20Simo%E2%80%99s%20vSIM%20Android%20Software_Academic%20Paper.pdf)\r\n21. [link](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41848)\r\n22. [link](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41850)\r\n23. [link](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41849)\r\n24. [link](https://www.idc.com/promo/smartphone-market-share)\r\n25. [link](https://developer.android.com/reference/android/provider/Settings)\r\n\n\n\n","media":[],"title":"Android App Usage and Cell Tower Location: Private. Sensitive. Available to Anyone?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"Do you consider the list of mobile apps you use and the frequency at which you use them private information? What about the GPS coordinates of the cell towers to which your smartphone connects? The Android framework restricts third-party apps from freely obtaining this information – unless the user explicitly grants the app access. Android is a diverse ecosystem that comes with many benefits, but device vendors can still unintentionally expose app usage and device location in a variety of ways. We uncover privacy leaks of both types of data, where pre-loaded vendor software exposes app usage and location to co-located software. We also explore various local exposures of this data, where it is leaked to resources that do not require any special permissions or privileges to access.\r\n\r\nWe discovered these leakages across several major vendors, including Samsung, Nokia, Transsion brands (i.e., Tecno, Infinix, and Itel), and additional vendors that utilize a pre-installed Qualcomm app for performance monitoring. We cover each of these exposures in detail. App usage reveals the subset of the apps that the user actually interacts with, which can be collected, combined with location data, and analyzed for advertising, profiling, and establishing user pattern-of-life.\r\n\r\n\r\n1. [link](https://developer.android.com/develop/sensors-and-location/location/permissions#accuracy)\r\n2. [link](https://developer.android.com/training/package-visibility)\r\n3. [link](https://support.google.com/googleplay/android-developer/answer/10158779)\r\n4. [link](https://developer.android.com/reference/android/app/ActivityManager#getRunningTasks)\r\n5. [link](https://android.googlesource.com/platform/frameworks/base/+/2d7576b%5E!/)\r\n6. [link](https://android.googlesource.com/platform/frameworks/base/+/refs/heads/android14-platform-release/core/res/AndroidManifest.xml#3080)\r\n7. [link](https://medium.com/@amir.ghm/a-deep-dive-to-get-the-top-activity-name-of-currently-running-application-in-android-50e5f17f47d5)\r\n8. [link](https://developer.android.com/reference/android/telephony/TelephonyManager#getAllCellInfo)\r\n9. [link](https://developer.android.com/reference/android/telephony/TelephonyManager#getCellLocation)\r\n10. [link](https://opencellid.org/)\r\n11. [link](https://www.idc.com/getdoc.jsp?containerId=prUS52032524)\r\n12. [link](https://gs.statcounter.com/vendor-market-share/mobile)\r\n13. [link](https://source.android.com/)\r\n14. [link](https://www.counterpointresearch.com/insights/global-smartphone-ap-market-share/)\r\n15. [link](https://en.wikipedia.org/wiki/Transsion)\r\n16. [link](https://www.simo.co/about-us)\r\n17. [link](https://play.google.com/store/apps/details?id=com.skyroam.app)\r\n18. [link](https://apkpure.com/simo-global-local-internet/com.skyroam.app/download)\r\n19. [link](https://www.quokka.io/blog/vsim-vulnerability-within-simo-android-phones-exposed)\r\n20. [link](https://7561470.fs1.hubspotusercontent-na1.net/hubfs/7561470/QKKA_Resources/Security%20Analysis%20of%20Simo%E2%80%99s%20vSIM%20Android%20Software_Academic%20Paper.pdf)\r\n21. [link](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41848)\r\n22. [link](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41850)\r\n23. [link](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41849)\r\n24. [link](https://www.idc.com/promo/smartphone-market-share)\r\n25. [link](https://developer.android.com/reference/android/provider/Settings)","updated_timestamp":{"seconds":1720462627,"nanoseconds":0},"speakers":[{"content_ids":[54461],"conference_id":133,"event_ids":[54834],"name":"Ryan Johnson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Quokka","title":"Senior Director, R&D"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ryan-johnson-137b7b169/"}],"media":[],"id":54050,"title":"Senior Director, R&D at Quokka"}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:17:07Z","links":[],"end":"2024-08-09T22:45:00.000-0000","id":54834,"tag_ids":[46166,46169,46419,46437,46881],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54050}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-08T18:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Windows Hello is touted by Microsoft as the modern de facto authentication scheme on Windows platforms, supporting authentication and encryption backed by biometrics. In a world that is quickly accelerating towards a passwordless existence, what new threats do we face in this complex landscape? We will take a deep dive into the inner working of Windows Hello. Via the release of a new tool, it will be demonstrated how an attacker on a fully compromised Windows host can leverage secrets backed by Windows Hello biometrics without needing the biometric data that protects them. We will also show how the hardware protections of Windows Hello and its accompanying Primary Refresh Tokens can be defeated, making it possible to use Windows Hello for identity persistency and PRT stealing, in some cases even without Administrator access on the host. \r\n\r\n- [link](https://www.insecurity.be/blog/2020/12/24/dpapi-in-depth-with-tooling-standalone-dpapi/)\r\n- [link](https://github.com/tijldeneut/dpapilab-ng)\r\n- [link](https://dirkjanm.io/phishing-for-microsoft-entra-primary-refresh-tokens/)\r\n- [link](https://dirkjanm.io/digging-further-into-the-primary-refresh-token/)\r\n- [link](https://dirkjanm.io/assets/raw/Windows%20Hello%20from%20the%20other%20side_nsec_v1.0.pdf)\r\n\n\n\n","media":[],"title":"Abusing Windows Hello Without a Severed Hand","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"Windows Hello is touted by Microsoft as the modern de facto authentication scheme on Windows platforms, supporting authentication and encryption backed by biometrics. In a world that is quickly accelerating towards a passwordless existence, what new threats do we face in this complex landscape? We will take a deep dive into the inner working of Windows Hello. Via the release of a new tool, it will be demonstrated how an attacker on a fully compromised Windows host can leverage secrets backed by Windows Hello biometrics without needing the biometric data that protects them. We will also show how the hardware protections of Windows Hello and its accompanying Primary Refresh Tokens can be defeated, making it possible to use Windows Hello for identity persistency and PRT stealing, in some cases even without Administrator access on the host. \r\n\r\n- [link](https://www.insecurity.be/blog/2020/12/24/dpapi-in-depth-with-tooling-standalone-dpapi/)\r\n- [link](https://github.com/tijldeneut/dpapilab-ng)\r\n- [link](https://dirkjanm.io/phishing-for-microsoft-entra-primary-refresh-tokens/)\r\n- [link](https://dirkjanm.io/digging-further-into-the-primary-refresh-token/)\r\n- [link](https://dirkjanm.io/assets/raw/Windows%20Hello%20from%20the%20other%20side_nsec_v1.0.pdf)","updated_timestamp":{"seconds":1720462448,"nanoseconds":0},"speakers":[{"content_ids":[54460],"conference_id":133,"event_ids":[54833],"name":"Dirk-jan Mollema","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Outsider Security","title":"Security Researcher"}],"links":[],"pronouns":null,"media":[],"id":54051,"title":"Security Researcher at Outsider Security"},{"content_ids":[54460],"conference_id":133,"event_ids":[54833],"name":"Ceri Coburn","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Pen Test Partners","title":"Red Team Operator and Offensive Security Dev"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@_ethicalchaos_)","sort_order":0,"url":"https://twitter.com/_ethicalchaos_"},{"description":"","title":"ethicalchaos.dev/","sort_order":0,"url":"https://ethicalchaos.dev/"}],"media":[],"id":54088,"title":"Red Team Operator and Offensive Security Dev at Pen Test Partners"}],"begin_tsz":"2024-08-09T22:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:14:08Z","links":[],"end":"2024-08-09T22:45:00.000-0000","id":54833,"tag_ids":[46166,46169,46419,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723240800,"nanoseconds":0},"includes":"Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54088},{"tag_id":46167,"sort_order":4,"person_id":54051}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-09T22:00:00.000-0000","updated":"2024-07-08T18:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"What does it mean to be an American? Or perhaps what should it mean? The world we live is now more complex then ever, with technology, law, policy, threats to personal wellbeing and international conflict dominating the headlines, how do Americans manage to stay in engaged in the affairs that control their society? This talk will be structured as a short presentation leading to an open forum discussion positioned to discover what it means to be an American in this current climate. We’ll discuss civics, generational gaps, and the role of technology in addressing the active citizen today. We’re all here to defend and support democracy, but that starts with a conversation.\n\n\n","media":[],"title":"What Does it Mean to be an American?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:30:00Z","end_timestamp":{"seconds":1723242600,"nanoseconds":0},"android_description":"What does it mean to be an American? Or perhaps what should it mean? The world we live is now more complex then ever, with technology, law, policy, threats to personal wellbeing and international conflict dominating the headlines, how do Americans manage to stay in engaged in the affairs that control their society? This talk will be structured as a short presentation leading to an open forum discussion positioned to discover what it means to be an American in this current climate. We’ll discuss civics, generational gaps, and the role of technology in addressing the active citizen today. We’re all here to defend and support democracy, but that starts with a conversation.","updated_timestamp":{"seconds":1723183539,"nanoseconds":0},"speakers":[{"content_ids":[56195,56202],"conference_id":133,"event_ids":[56849,56856],"name":"Kendall Spencer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/spenceresq"},{"description":"","title":"Twitter (@kendallspencer)","sort_order":0,"url":"https://twitter.com/kendallspencer"},{"description":"","title":"Website","sort_order":0,"url":"https://nightcommission.org"}],"media":[],"id":56574}],"begin_tsz":"2024-08-09T21:45:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:05:39Z","links":[],"end":"2024-08-09T22:30:00.000-0000","id":56849,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723239900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56574}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-09T21:45:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"How do we use the apparent magic of LLMs to help us threat model? What are the challenges? What works? What doesn’t?\n\n\n","media":[],"title":"Threat Modeling in the Age of AI","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:15:00Z","end_timestamp":{"seconds":1723241700,"nanoseconds":0},"android_description":"How do we use the apparent magic of LLMs to help us threat model? What are the challenges? What works? What doesn’t?","updated_timestamp":{"seconds":1723061775,"nanoseconds":0},"speakers":[{"content_ids":[56171],"conference_id":133,"event_ids":[56825],"name":"Adam Shostack","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56555}],"begin_tsz":"2024-08-09T21:45:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T20:16:15Z","links":[],"end":"2024-08-09T22:15:00.000-0000","id":56825,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723239900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56555}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-09T21:45:00.000-0000","updated":"2024-08-07T20:16:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"BTV Conversations explores creative, personal, or cutting-edge Blue Team topics in an interactive, conversational format.\r\n\r\nTodd Fletcher will introduce listeners to the topic of cyberpsychology. This discussion investigates the psychological and ethical dimensions influencing cybersecurity practitioners' behaviors towards cyber defense, utilizing Q-Methodology to elucidate diverse motivations and ethical perspectives within the community. The connected study involves participants sorting statements reflecting their views on cybersecurity, providing insights into common typologies and perspectives. Findings aim to inform nuanced cybersecurity strategies that prioritize both security and practitioners' mental well-being, adhering to strict ethical standards. This research contributes significantly to Cyberpsychology, enhancing understanding and practical approaches to contemporary cybersecurity challenges.\n\n\n","media":[],"title":"BTV Conversations: Exploring the Cyberpsychology of Cyber Defender Acceptance Behaviors and Personality Traits","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:30:00Z","end_timestamp":{"seconds":1723242600,"nanoseconds":0},"android_description":"BTV Conversations explores creative, personal, or cutting-edge Blue Team topics in an interactive, conversational format.\r\n\r\nTodd Fletcher will introduce listeners to the topic of cyberpsychology. This discussion investigates the psychological and ethical dimensions influencing cybersecurity practitioners' behaviors towards cyber defense, utilizing Q-Methodology to elucidate diverse motivations and ethical perspectives within the community. The connected study involves participants sorting statements reflecting their views on cybersecurity, providing insights into common typologies and perspectives. Findings aim to inform nuanced cybersecurity strategies that prioritize both security and practitioners' mental well-being, adhering to strict ethical standards. This research contributes significantly to Cyberpsychology, enhancing understanding and practical approaches to contemporary cybersecurity challenges.","updated_timestamp":{"seconds":1723186068,"nanoseconds":0},"speakers":[{"content_ids":[56204],"conference_id":133,"event_ids":[56858],"name":"Todd Fletcher","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"CrowdStrike","title":"Principal Consultant"}],"links":[],"pronouns":null,"media":[],"id":56588,"title":"Principal Consultant at CrowdStrike"}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:47:48Z","links":[],"end":"2024-08-09T22:30:00.000-0000","id":56858,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56588}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W311-W313 (BTV)","hotel":"","short_name":"W311-W313 (BTV)","id":46296},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-08-09T06:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join the inventor of Risk Limiting Audits for an up close hands on demo of how true Risk Limiting Audits work. Lean the principals and practice of conducting Risk Liming Audits. We will actually be conducting a Risk Limiting Audit during this demo and the audience will participate.\n\n\n","media":[],"title":"Risk Limiting Audit DEMO by Philip Stark","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:45:00Z","end_timestamp":{"seconds":1723239900,"nanoseconds":0},"android_description":"Join the inventor of Risk Limiting Audits for an up close hands on demo of how true Risk Limiting Audits work. Lean the principals and practice of conducting Risk Liming Audits. We will actually be conducting a Risk Limiting Audit during this demo and the audience will participate.","updated_timestamp":{"seconds":1723183538,"nanoseconds":0},"speakers":[{"content_ids":[56187,56185,56183],"conference_id":133,"event_ids":[56837,56839,56841],"name":"Philip Stark","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/philip-stark-0422325"},{"description":"","title":"Twitter (@philipbstark)","sort_order":0,"url":"https://twitter.com/philipbstark"},{"description":"","title":"Website","sort_order":0,"url":"https://www.stat.berkeley.edu/~stark/"}],"media":[],"id":56561}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:05:38Z","links":[],"end":"2024-08-09T21:45:00.000-0000","id":56841,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56561}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk will focus on the implications of our work defending AI based cybersecurity systems against file format abuse for the design of AI systems for cyber. The audience will learn how the interface between traditional cybersecurity systems and the AI models being integrated into them impacts security. File format abuse enables polyglot files to bypass state-of-the-art malware detection systems (EDR tools) that utilize machine learning in an attempt to catch novel forms of malware. The polyglot file is sent to the wrong model because the embedded file type is not detected. Existing file type, file carving, and polyglot detection tools are insufficient to detect polyglots used by threat actors in the wild. However, we trained a machine learning model capable of detecting all polyglot types in our dataset, which is based on threat actor usage of polyglots in the wild, with over 99.9% accuracy. Content disarm and reconstruct (CDR) tools can also be used to disarm polyglots, but are not effective on all file types.\n\n\n","media":[],"title":"Removing the Ring of Gyges: Lessons from Securing AI Systems Against File Format Abuse","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"This talk will focus on the implications of our work defending AI based cybersecurity systems against file format abuse for the design of AI systems for cyber. The audience will learn how the interface between traditional cybersecurity systems and the AI models being integrated into them impacts security. File format abuse enables polyglot files to bypass state-of-the-art malware detection systems (EDR tools) that utilize machine learning in an attempt to catch novel forms of malware. The polyglot file is sent to the wrong model because the embedded file type is not detected. Existing file type, file carving, and polyglot detection tools are insufficient to detect polyglots used by threat actors in the wild. However, we trained a machine learning model capable of detecting all polyglot types in our dataset, which is based on threat actor usage of polyglots in the wild, with over 99.9% accuracy. Content disarm and reconstruct (CDR) tools can also be used to disarm polyglots, but are not effective on all file types.","updated_timestamp":{"seconds":1722625241,"nanoseconds":0},"speakers":[{"content_ids":[55879],"conference_id":133,"event_ids":[56464],"name":"Sean Oesch","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Oak Ridge National Laboratory","title":""}],"links":[],"pronouns":null,"media":[],"id":56239,"title":"Oak Ridge National Laboratory"},{"content_ids":[55879],"conference_id":133,"event_ids":[56464],"name":"Luke Koch","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Oak Ridge National Laboratory","title":""}],"links":[],"pronouns":null,"media":[],"id":56240,"title":"Oak Ridge National Laboratory"},{"content_ids":[55879],"conference_id":133,"event_ids":[56464],"name":"Brian Weber","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Oak Ridge National Laboratory","title":""}],"links":[],"pronouns":null,"media":[],"id":56241,"title":"Oak Ridge National Laboratory"},{"content_ids":[55879],"conference_id":133,"event_ids":[56464],"name":"Amul Chaulagain","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Oak Ridge National Laboratory","title":""}],"links":[],"pronouns":null,"media":[],"id":56242,"title":"Oak Ridge National Laboratory"},{"content_ids":[55879],"conference_id":133,"event_ids":[56464],"name":"Matthew Dixson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":""}],"links":[],"pronouns":null,"media":[],"id":56243},{"content_ids":[55879],"conference_id":133,"event_ids":[56464],"name":"Jared Dixon","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":""}],"links":[],"pronouns":null,"media":[],"id":56244},{"content_ids":[55879],"conference_id":133,"event_ids":[56464],"name":"Cory Watson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":""}],"links":[],"pronouns":null,"media":[],"id":56245}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:00:41Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":56464,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56239},{"tag_id":46167,"sort_order":4,"person_id":56240},{"tag_id":46167,"sort_order":6,"person_id":56241},{"tag_id":46167,"sort_order":8,"person_id":56242},{"tag_id":46167,"sort_order":10,"person_id":56243},{"tag_id":46167,"sort_order":12,"person_id":56244},{"tag_id":46167,"sort_order":14,"person_id":56245}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-08-02T19:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn how to build a device to emulate magstripe using data intercepted from EMV chip and contactless interfaces\n\n\n","media":[],"title":"Emulating Magstripe with Arduino","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T22:10:00Z","end_timestamp":{"seconds":1723241400,"nanoseconds":0},"android_description":"Learn how to build a device to emulate magstripe using data intercepted from EMV chip and contactless interfaces","updated_timestamp":{"seconds":1722356245,"nanoseconds":0},"speakers":[{"content_ids":[55566,55567,55568],"conference_id":133,"event_ids":[56081,56082,56089,56091,56092],"name":"Leigh-Anne Galloway","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"UNDERLE LTD","title":"Director of Research"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/leighannegalloway/"},{"description":"","title":"Twitter (@L_Agalloway)","sort_order":0,"url":"https://twitter.com/L_Agalloway"}],"media":[],"id":56039,"title":"Director of Research at UNDERLE LTD"}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T16:17:25Z","links":[],"end":"2024-08-09T22:10:00.000-0000","id":56081,"tag_ids":[46386,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56039}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-07-30T16:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk will explore how default configurations in reference architectures of our most commonly used software supply chain services can lead to a handful of unsavory outcomes including secrets exfiltration, lateral movement, and privilege escalation within production cloud and SaaS environments. We'll take a close look at how many of the interactions between people and CI|CD services are not as safe as we think. Some examples we’ll look at:\n\n - Abusing PRs against Github repositories allows for execution of code prior to code review & merge, for all downstream services (GH Actions, Buildkite, & Terraform)\n - Multi-tenant infrastructures in CI like Buildkite lead to over-authorization & access to production cloud secrets\n - Lacking Pipeline Based Access Control (PBAC) in CI services like Buildkite leads to code execution in production cloud environments\n\n\nAfter we identify the pitfalls in our by-default configurations, we’ll demonstrate how best to modify them using available tools, services, & best practices.\n\n\n","media":[],"title":"Attacking and Defending Software Supply Chains: How we got Admin in your Clouds!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:10:00Z","end_timestamp":{"seconds":1723241400,"nanoseconds":0},"android_description":"This talk will explore how default configurations in reference architectures of our most commonly used software supply chain services can lead to a handful of unsavory outcomes including secrets exfiltration, lateral movement, and privilege escalation within production cloud and SaaS environments. We'll take a close look at how many of the interactions between people and CI|CD services are not as safe as we think. Some examples we’ll look at:\n\n - Abusing PRs against Github repositories allows for execution of code prior to code review & merge, for all downstream services (GH Actions, Buildkite, & Terraform)\n - Multi-tenant infrastructures in CI like Buildkite lead to over-authorization & access to production cloud secrets\n - Lacking Pipeline Based Access Control (PBAC) in CI services like Buildkite leads to code execution in production cloud environments\n\n\nAfter we identify the pitfalls in our by-default configurations, we’ll demonstrate how best to modify them using available tools, services, & best practices.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55485],"conference_id":133,"event_ids":[55914],"name":"Mike Ruth","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"MF_Ruth","sort_order":0,"url":"https://MF_Ruth"}],"media":[],"id":56007}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T22:10:00.000-0000","id":55914,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56007}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Devices with radios are everywhere and sooner or later radios will be in everything, maybe even sooner than you think. During our talk we will be sharing CNLohr's research about transmitting RF signals without a radio. We will share our findings on how this these new techniques can be abused by an adversary. Finally, we will highlight how so many amazing tools and techniques are available to us because they are open source and why we need to support and protect these kinds of works to sustain a culture of learning and growing.\n\n\n","media":[],"title":"Yet another way of exfiltrating data from air-gapped systems OR Oh no, everything is a radio","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:25:00Z","end_timestamp":{"seconds":1723242300,"nanoseconds":0},"android_description":"Devices with radios are everywhere and sooner or later radios will be in everything, maybe even sooner than you think. During our talk we will be sharing CNLohr's research about transmitting RF signals without a radio. We will share our findings on how this these new techniques can be abused by an adversary. Finally, we will highlight how so many amazing tools and techniques are available to us because they are open source and why we need to support and protect these kinds of works to sustain a culture of learning and growing.","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55449],"conference_id":133,"event_ids":[55874],"name":"C$","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DCG862 (DEF CON Group 862)","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":55987,"title":"Founder at DCG862 (DEF CON Group 862)"},{"content_ids":[55449],"conference_id":133,"event_ids":[55874],"name":"Endeavors","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DCG862 (DEF CON Group 862)","title":"Founding Member"}],"links":[],"pronouns":null,"media":[],"id":55988,"title":"Founding Member at DCG862 (DEF CON Group 862)"}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-09T22:25:00.000-0000","id":55874,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55987},{"tag_id":46167,"sort_order":4,"person_id":55988}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Using hardware hacking techniques, it was possible to detect the use of learning codes instead of rolling codes in a key job of a car widely used in my country. For this purpose, the key job was disassembled and the HS2240 integrated circuit was detected and, using a logic analyzer, the emission of learning codes from the integrated circuit to the radio frequency LED emitter was checked.\nWith the use of HackRF SDR, the learning code is duplicated to be able to open the car N times without needing the original key anymore, which proves that the use of learning codes is very vulnerable, just like fixed codes.\n\n\n","media":[],"title":"How I discovered and hacked Learning Codes of the key job of a car assembled in my country","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"Using hardware hacking techniques, it was possible to detect the use of learning codes instead of rolling codes in a key job of a car widely used in my country. For this purpose, the key job was disassembled and the HS2240 integrated circuit was detected and, using a logic analyzer, the emission of learning codes from the integrated circuit to the radio frequency LED emitter was checked.\nWith the use of HackRF SDR, the learning code is duplicated to be able to open the car N times without needing the original key anymore, which proves that the use of learning codes is very vulnerable, just like fixed codes.","updated_timestamp":{"seconds":1720331871,"nanoseconds":0},"speakers":[{"content_ids":[54636],"conference_id":133,"event_ids":[55010],"name":"Danilo Erazo","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Fluid Attacks","title":"Ethical Hacker"}],"links":[],"pronouns":null,"media":[],"id":54349,"title":"Ethical Hacker at Fluid Attacks"}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:51Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":55010,"tag_ids":[46169,46375,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54349}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Have you ever wondered how those little boxes that you tap your card to open doors work? What are they reading on the card? How do they ultimately unlock the door? And, are they even secure? In this talk, we will answer all of those questions and more. We will walk through how access-control systems, in general, work, and dig into the details of the most popular systems. Fortunately for the entertainment value of this talk, there be dragons in our doors. We will walk through some of the most high-profile attacks in detail and then dive into some more fundamental flaws with how the systems are designed. All of these discussions will be accompanied with live demos and first hand experience. After this talk, you will look at the world, especially doors, differently -- weaknesses everywhere! My hope is that we can all learn from past mistakes and create a more secure and less frustrating tomorrow together\n\n\n","media":[],"title":"Your Smartcard is Dumb: A Brief History of Hacking Access Control Systems","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:30:00Z","end_timestamp":{"seconds":1723242600,"nanoseconds":0},"android_description":"Have you ever wondered how those little boxes that you tap your card to open doors work? What are they reading on the card? How do they ultimately unlock the door? And, are they even secure? In this talk, we will answer all of those questions and more. We will walk through how access-control systems, in general, work, and dig into the details of the most popular systems. Fortunately for the entertainment value of this talk, there be dragons in our doors. We will walk through some of the most high-profile attacks in detail and then dive into some more fundamental flaws with how the systems are designed. All of these discussions will be accompanied with live demos and first hand experience. After this talk, you will look at the world, especially doors, differently -- weaknesses everywhere! My hope is that we can all learn from past mistakes and create a more secure and less frustrating tomorrow together","updated_timestamp":{"seconds":1723044372,"nanoseconds":0},"speakers":[{"content_ids":[54629],"conference_id":133,"event_ids":[55003],"name":"Chad Shortman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Allthenticate","title":"CEO"}],"links":[],"pronouns":null,"media":[],"id":54345,"title":"CEO at Allthenticate"}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T15:26:12Z","links":[],"end":"2024-08-09T22:30:00.000-0000","id":55003,"tag_ids":[46169,46387,46419,46511,46736],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54345}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-08-07T15:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In recent years, we have witnessed a surge in attacks aimed at critical infrastructure, varying widely in scope and impact depending on the region. While the definition of critical infrastructure differs by country, it typically encompasses essential sectors such as oil, natural gas, water, power, and manufacturing. The ramifications of these attacks are complex and often unpredictable.\n\nTo gain a clearer understanding of the state of critical infrastructure globally, starting in 2023, we will annually survey 300 CISOs or security directors across different countries in this sector. We will share the data-driven insights to offer a detailed examination of the current conditions and challenges faced by these crucial systems. By comparing trends across different years, countries, and industries, our goal is to enhance the security and resilience of critical infrastructures worldwide.\n\n\n","media":[],"title":"Mapping the Landscape: Top 10 Cybersecurity Trends in Critical Infrastructure for 2024","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"In recent years, we have witnessed a surge in attacks aimed at critical infrastructure, varying widely in scope and impact depending on the region. While the definition of critical infrastructure differs by country, it typically encompasses essential sectors such as oil, natural gas, water, power, and manufacturing. The ramifications of these attacks are complex and often unpredictable.\n\nTo gain a clearer understanding of the state of critical infrastructure globally, starting in 2023, we will annually survey 300 CISOs or security directors across different countries in this sector. We will share the data-driven insights to offer a detailed examination of the current conditions and challenges faced by these crucial systems. By comparing trends across different years, countries, and industries, our goal is to enhance the security and resilience of critical infrastructures worldwide.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54573],"conference_id":133,"event_ids":[54948],"name":"Mars Cheng","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"TXOne Networks Inc","title":"Threat Research Manager, PSIRT and Threat Research"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@marscheng_)","sort_order":0,"url":"https://twitter.com/marscheng_"}],"media":[],"id":54343,"title":"Threat Research Manager, PSIRT and Threat Research at TXOne Networks Inc"}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":54948,"tag_ids":[46382,46419,46463,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54343}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Social media have been a decade-long dress rehearsal in online manipulation. AI can create information, make predictions and take decisions that will affect human behaviour, including our behaviours as citizens, workers and consumers. Safeguards are needed, since generative AI will only exacerbate the personal, social and societal harms already caused by data-driven business models.\r\n\r\nWe examine the centrality of human dignity in tech law and policy and how our mindsets and legal frameworks must be informed by psychological, technological and societal perspectives. Based on insights from market dynamics, marketing techniques, design strategies, and human frailties we demonstrate how information asymmetries have reduced individual agency and the ability to create transparency.\r\n\r\nHuman dignity is a core value in liberal democracies that must also be reflected in tech policy. Protections are required when businesses interfere with our rights to freedom, property, privacy and non-discrimination. With the digitalisation of the human experience, users have become programmable objects. We cannot rely on regulation alone and need to discuss how we can act to reclaim our dignity.\n\n\n","media":[],"title":"Human Dignity in AI and Tech Policy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:15:00Z","end_timestamp":{"seconds":1723241700,"nanoseconds":0},"android_description":"Social media have been a decade-long dress rehearsal in online manipulation. AI can create information, make predictions and take decisions that will affect human behaviour, including our behaviours as citizens, workers and consumers. Safeguards are needed, since generative AI will only exacerbate the personal, social and societal harms already caused by data-driven business models.\r\n\r\nWe examine the centrality of human dignity in tech law and policy and how our mindsets and legal frameworks must be informed by psychological, technological and societal perspectives. Based on insights from market dynamics, marketing techniques, design strategies, and human frailties we demonstrate how information asymmetries have reduced individual agency and the ability to create transparency.\r\n\r\nHuman dignity is a core value in liberal democracies that must also be reflected in tech policy. Protections are required when businesses interfere with our rights to freedom, property, privacy and non-discrimination. With the digitalisation of the human experience, users have become programmable objects. We cannot rely on regulation alone and need to discuss how we can act to reclaim our dignity.","updated_timestamp":{"seconds":1721350090,"nanoseconds":0},"speakers":[{"content_ids":[54572],"conference_id":133,"event_ids":[54947],"name":"Jan Trzaskowski","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Aalborg University and Copenhagen Business School","title":"Law Professor"}],"links":[],"pronouns":null,"media":[],"id":54262,"title":"Law Professor at Aalborg University and Copenhagen Business School"}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-19T00:48:10Z","links":[],"end":"2024-08-09T22:15:00.000-0000","id":54947,"tag_ids":[46388,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54262}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-07-19T00:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As cellular technologies continue to become more integrated into IoT devices, there has been a noticeable lag in comprehending potential security implications associated with cellular hardware technologies. Furthermore, the development of effective hardware testing methodologies has also fallen behind. Given the highly regulated nature of cellular communication and the prevalent use of encryption, it is imperative for security researchers to deepen their understanding of circuit design and the integration of cellular modems into IoT devices. In this presentation, I will introduce a wide-ranging testing and analysis methodology aimed at enhancing our understanding and evaluation of the security of IoT devices that currently rely on cellular communications. This methodology will encompass an examination of various cellular modem modules in use, their integration into circuit design, and hardware hacking techniques for interacting with communication circuits to control cellular modules, all for the purpose of security testing and analysis.\n\n\n","media":[],"title":"Exploration of Cellular Based IoT Technology","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:30:00Z","end_timestamp":{"seconds":1723242600,"nanoseconds":0},"android_description":"As cellular technologies continue to become more integrated into IoT devices, there has been a noticeable lag in comprehending potential security implications associated with cellular hardware technologies. Furthermore, the development of effective hardware testing methodologies has also fallen behind. Given the highly regulated nature of cellular communication and the prevalent use of encryption, it is imperative for security researchers to deepen their understanding of circuit design and the integration of cellular modems into IoT devices. In this presentation, I will introduce a wide-ranging testing and analysis methodology aimed at enhancing our understanding and evaluation of the security of IoT devices that currently rely on cellular communications. This methodology will encompass an examination of various cellular modem modules in use, their integration into circuit design, and hardware hacking techniques for interacting with communication circuits to control cellular modules, all for the purpose of security testing and analysis.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54571],"conference_id":133,"event_ids":[54946],"name":"Carlota Bindner","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Thermo Fisher Scientific","title":"Lead Product Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/carlotabindner/"},{"description":"","title":"Twitter (@CarlotaBindner)","sort_order":0,"url":"https://twitter.com/CarlotaBindner"}],"media":[],"id":54235,"title":"Lead Product Security Researcher at Thermo Fisher Scientific"},{"content_ids":[54571],"conference_id":133,"event_ids":[54946],"name":"Deral Heiland","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Rapid7","title":"Principal Security Researcher (IoT)"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@percent_x)","sort_order":0,"url":"https://twitter.com/percent_x"}],"media":[],"id":54267,"title":"Principal Security Researcher (IoT) at Rapid7"}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T22:30:00.000-0000","id":54946,"tag_ids":[46169,46383,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54235},{"tag_id":46167,"sort_order":1,"person_id":54267}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Imagine if you could go back in time to precompute all passwords that could have been generated by an off-the-shelf password generator? With RoboForm versions prior to June 2015, you can! \r\n\r\nIn Joe and Bruno's Guide to Hacking Time, Joe and Bruno share their story, process, and experiences of reverse engineering RoboForm, finding a weakness in the randomness of the password generation routine, and creating a wrapper to generate all possible passwords that could have been generated within a specific time frame. Their work, using Cheat Engine, Ghidra, x64dbg, and custom code, was done specifically to help someone recover over $3 million of Bitcoin locked in a software wallet, but the attack could be exploited against any account or system protected by a password generated by RoboForm before their 7.9.14 release when this problem was fixed.\r\n\r\n- Kung Fury, [link](https://www.youtube.com/watch?v=fQGbXmkSArs)\r\n- Cheat Engine\r\n- Ghidra\r\n- x64dbg\n\n\n","media":[],"title":"Joe and Bruno's Guide to Hacking Time: Regenerating Passwords from RoboForm's Password Generator","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T22:15:00Z","end_timestamp":{"seconds":1723241700,"nanoseconds":0},"android_description":"Imagine if you could go back in time to precompute all passwords that could have been generated by an off-the-shelf password generator? With RoboForm versions prior to June 2015, you can! \r\n\r\nIn Joe and Bruno's Guide to Hacking Time, Joe and Bruno share their story, process, and experiences of reverse engineering RoboForm, finding a weakness in the randomness of the password generation routine, and creating a wrapper to generate all possible passwords that could have been generated within a specific time frame. Their work, using Cheat Engine, Ghidra, x64dbg, and custom code, was done specifically to help someone recover over $3 million of Bitcoin locked in a software wallet, but the attack could be exploited against any account or system protected by a password generated by RoboForm before their 7.9.14 release when this problem was fixed.\r\n\r\n- Kung Fury, [link](https://www.youtube.com/watch?v=fQGbXmkSArs)\r\n- Cheat Engine\r\n- Ghidra\r\n- x64dbg","updated_timestamp":{"seconds":1720462431,"nanoseconds":0},"speakers":[{"content_ids":[54459],"conference_id":133,"event_ids":[54832],"name":"Joe \"Kingpin\" Grand","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"LinkTree","sort_order":0,"url":"https://linktr.ee/joegrand"},{"description":"","title":"Twitter (@joegrand)","sort_order":0,"url":"https://twitter.com/joegrand"},{"description":"","title":"YouTube","sort_order":0,"url":"https://www.youtube.com/@JoeGrand"}],"media":[],"id":54052},{"content_ids":[54459],"conference_id":133,"event_ids":[54832],"name":"Bruno Krauss","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/bruno-krauss/"}],"media":[],"id":54093}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:13:51Z","links":[],"end":"2024-08-09T22:15:00.000-0000","id":54832,"tag_ids":[46166,46169,46419,46437,46438,46882],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54052},{"tag_id":46167,"sort_order":2,"person_id":54093}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-07-08T18:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The cloud seems complex, but it's what happens behind the scenes that really complicates things. Some services utilize others as resources as part of their logic/operation. Interestingly enough, it turns out that this could lead to catastrophic results if done unsafely.\r\n\r\nThis talk will present six critical vulnerabilities that we found in AWS, along with the stories and methodologies behind them. These vulnerabilities, which were all promptly acknowledged and fixed by AWS, could allow external attackers to breach almost any AWS account. The vulnerabilities range from remote code execution, which could lead to full account takeover, to information disclosure, potentially exposing sensitive data, or causing denial of service. The session will share our story of discovery, how we were able to identify commonalities among them, and how we developed a method to uncover more vulnerabilities and enhance the impact by using common techniques leading to privilege escalation. We will then detail our approach for mapping service external resources and release our Open-Source tool to research service internal API calls. We will also present a method to check if accounts have been vulnerable to this vector in the past.\r\n\r\nWe will conclude our talk with the lessons learned during this research and our future line of research. We will highlight new areas that cloud researchers need to explore when hunting for cloud vulnerabilities and highlight best practices for developers to use in complex environments.\r\n\r\n- [link](https://rhinosecuritylabs.com/aws/cloud-malware-cloudformation-injection/)\r\n- [link](https://github.com/RhinoSecurityLabs/pacu/wiki/Module-Details#cfn__resource_injection)\r\n- [link](https://docs.aws.amazon.com/)\r\n\n\n\n","media":[],"title":"Breaching AWS Accounts Through Shadow Resources","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T22:15:00Z","end_timestamp":{"seconds":1723241700,"nanoseconds":0},"android_description":"The cloud seems complex, but it's what happens behind the scenes that really complicates things. Some services utilize others as resources as part of their logic/operation. Interestingly enough, it turns out that this could lead to catastrophic results if done unsafely.\r\n\r\nThis talk will present six critical vulnerabilities that we found in AWS, along with the stories and methodologies behind them. These vulnerabilities, which were all promptly acknowledged and fixed by AWS, could allow external attackers to breach almost any AWS account. The vulnerabilities range from remote code execution, which could lead to full account takeover, to information disclosure, potentially exposing sensitive data, or causing denial of service. The session will share our story of discovery, how we were able to identify commonalities among them, and how we developed a method to uncover more vulnerabilities and enhance the impact by using common techniques leading to privilege escalation. We will then detail our approach for mapping service external resources and release our Open-Source tool to research service internal API calls. We will also present a method to check if accounts have been vulnerable to this vector in the past.\r\n\r\nWe will conclude our talk with the lessons learned during this research and our future line of research. We will highlight new areas that cloud researchers need to explore when hunting for cloud vulnerabilities and highlight best practices for developers to use in complex environments.\r\n\r\n- [link](https://rhinosecuritylabs.com/aws/cloud-malware-cloudformation-injection/)\r\n- [link](https://github.com/RhinoSecurityLabs/pacu/wiki/Module-Details#cfn__resource_injection)\r\n- [link](https://docs.aws.amazon.com/)","updated_timestamp":{"seconds":1722098250,"nanoseconds":0},"speakers":[{"content_ids":[54458],"conference_id":133,"event_ids":[54831],"name":"Yakir Kadkoda","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Aqua","title":"Lead Security Researcher, Team Nautilus"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/yakir-kadkoda/"},{"description":"","title":"Twitter (@YakirKad)","sort_order":0,"url":"https://twitter.com/YakirKad"},{"description":"","title":"www.aquasec.com/authors/yakir-kadkoda/","sort_order":0,"url":"https://www.aquasec.com/authors/yakir-kadkoda/"}],"media":[],"id":54079,"title":"Lead Security Researcher, Team Nautilus at Aqua"},{"content_ids":[54458],"conference_id":133,"event_ids":[54831],"name":"Ofek Itach","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Aqua","title":"Senior Security Researcher"}],"links":[],"pronouns":null,"media":[],"id":54092,"title":"Senior Security Researcher at Aqua"},{"content_ids":[54458],"conference_id":133,"event_ids":[54831],"name":"Michael Katchinskiy","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54202}],"begin_tsz":"2024-08-09T21:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-27T16:37:30Z","links":[],"end":"2024-08-09T22:15:00.000-0000","id":54831,"tag_ids":[46166,46169,46419,46437,46438,46880],"village_id":null,"begin_timestamp":{"seconds":1723239000,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54079},{"tag_id":46167,"sort_order":4,"person_id":54202},{"tag_id":46167,"sort_order":6,"person_id":54092}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-09T21:30:00.000-0000","updated":"2024-07-27T16:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The first 35 Veterans can receive a free autographed vopy of Mr Roccia's new book, Visual Threat Intelligence: An Illustrated Guide for Threat Researchers, courtesy of VETCON.\n\n\n","media":[],"title":"Book Signing: Visual Threat Intelligence: An Illustrated Guide for Threat Researchers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:45:00Z","end_timestamp":{"seconds":1723239900,"nanoseconds":0},"android_description":"The first 35 Veterans can receive a free autographed vopy of Mr Roccia's new book, Visual Threat Intelligence: An Illustrated Guide for Threat Researchers, courtesy of VETCON.","updated_timestamp":{"seconds":1723225127,"nanoseconds":0},"speakers":[{"content_ids":[54442,56209],"conference_id":133,"event_ids":[54815,56863],"name":"Thomas Roccia","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":"Senior Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/thomas-roccia/"},{"description":"","title":"Past Presentations","sort_order":0,"url":"https://speakerdeck.com/fr0gger"},{"description":"","title":"Twitter (@fr0gger_)","sort_order":0,"url":"https://twitter.com/fr0gger_"},{"description":"","title":"Website","sort_order":0,"url":"https://www.securitybreak.io"}],"media":[],"id":54118,"title":"Senior Security Researcher at Microsoft"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T17:38:47Z","links":[],"end":"2024-08-09T21:45:00.000-0000","id":56863,"tag_ids":[46409,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54118}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W213-W214","hotel":"","short_name":"W213-W214","id":46286},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-08-09T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This presentation delves into the geopolitical landscape of the United States and\nbeyond, providing a critical examination of the evolving societal attitudes toward democracy, globalism,\nand privacy. Through the lens of psychological influence and cognitive security, we explore how cyber\nand economic warfare shape human behavior and decision-making processes. By bringing awareness to\nthe myriad forces that drive individual choices—from mundane daily activities like selecting breakfast to\nsignificant actions such as voting in elections—we aim to elucidate the intricate web of influence. This\nincludes an analysis of historical strategies employed in influence campaigns and a critical look at the\ntechnical and non-technical tactics used today. We highlight the economic underpinnings and financial\nmechanisms that support these campaigns, revealing the sophisticated interplay between economic\nwarfare and psychological manipulation. Through this exploration, we seek to equip participants with a\ndeeper understanding of the strategies behind modern influence campaigns and their profound impact on\nboth individual and collective decision-making within democratic societies.\n\n\n","media":[],"title":"Election 2024 Freedom of Choice: A Psybernomic Conundrum","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:45:00Z","end_timestamp":{"seconds":1723239900,"nanoseconds":0},"android_description":"This presentation delves into the geopolitical landscape of the United States and\nbeyond, providing a critical examination of the evolving societal attitudes toward democracy, globalism,\nand privacy. Through the lens of psychological influence and cognitive security, we explore how cyber\nand economic warfare shape human behavior and decision-making processes. By bringing awareness to\nthe myriad forces that drive individual choices—from mundane daily activities like selecting breakfast to\nsignificant actions such as voting in elections—we aim to elucidate the intricate web of influence. This\nincludes an analysis of historical strategies employed in influence campaigns and a critical look at the\ntechnical and non-technical tactics used today. We highlight the economic underpinnings and financial\nmechanisms that support these campaigns, revealing the sophisticated interplay between economic\nwarfare and psychological manipulation. Through this exploration, we seek to equip participants with a\ndeeper understanding of the strategies behind modern influence campaigns and their profound impact on\nboth individual and collective decision-making within democratic societies.","updated_timestamp":{"seconds":1723183538,"nanoseconds":0},"speakers":[{"content_ids":[56186],"conference_id":133,"event_ids":[56840],"name":"Hallie Stern","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/halliejstern-informationscientist"},{"description":"","title":"Twitter (@madmirrormedia)","sort_order":0,"url":"https://twitter.com/madmirrormedia"},{"description":"","title":"Website","sort_order":0,"url":"https://terraoptica.io"}],"media":[],"id":56569},{"content_ids":[56186],"conference_id":133,"event_ids":[56840],"name":"Tina Schneibs","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Website","sort_order":0,"url":"https://www.womenintechnology.org/board-of-directors"}],"media":[],"id":56586}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:05:38Z","links":[],"end":"2024-08-09T21:45:00.000-0000","id":56840,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56569},{"tag_id":46167,"sort_order":4,"person_id":56586}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Data brokers, and in particular people-search sites, are a headache for those of us trying to keep our addresses off the internet… and an absolute nightmare for people who are targeted due to their identity, profession, or political beliefs. In this talk, I’ll present the results of a collaborative research project by Tall Poppy and Consumer Reports that evaluates paid people-search removal services. I’ll also discuss how data brokers harm people, what you can do to protect yourself, why it’s so difficult, and what we can do as individuals and at a policy/advocacy level to solve this pernicious privacy problem.\n\n\n","media":[],"title":"Data Brokers and the Threat to Your Privacy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:30:00Z","end_timestamp":{"seconds":1723239000,"nanoseconds":0},"android_description":"Data brokers, and in particular people-search sites, are a headache for those of us trying to keep our addresses off the internet… and an absolute nightmare for people who are targeted due to their identity, profession, or political beliefs. In this talk, I’ll present the results of a collaborative research project by Tall Poppy and Consumer Reports that evaluates paid people-search removal services. I’ll also discuss how data brokers harm people, what you can do to protect yourself, why it’s so difficult, and what we can do as individuals and at a policy/advocacy level to solve this pernicious privacy problem.","updated_timestamp":{"seconds":1722725838,"nanoseconds":0},"speakers":[{"content_ids":[55998],"conference_id":133,"event_ids":[56620],"name":"Yael Grauer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56337}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T22:57:18Z","links":[],"end":"2024-08-09T21:30:00.000-0000","id":56620,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56337}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-08-03T22:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ask other hard hat enthusiasts about tips, tricks, and techniques during the Hard Hat Makers Panel. Power? Bling? Warez? Process? Let us help you on your own build journey.\n\n\n","media":[],"title":"Hard Hat Brigade Maker Panel","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"Ask other hard hat enthusiasts about tips, tricks, and techniques during the Hard Hat Makers Panel. Power? Bling? Warez? Process? Let us help you on your own build journey.","updated_timestamp":{"seconds":1722716460,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T20:21:00Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":56618,"tag_ids":[46403,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-02","hotel":"","short_name":"HW2-08-02","id":46261},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-08-03T20:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Esta conferencia se centrará en el actor amenaza UXHIL, responsable de la distribución del malware URSA, ofreciendo una visión profunda basada en ciberinteligencia. Exploraremos cómo este actor ha estado distribuyendo el malware, las tácticas, técnicas y procedimientos (TTPs) que utiliza y cómo es su cadena de infección. Los asistentes aprenderán a identificar y analizar estos patrones para desarrollar estrategias efectivas de mitigación.\n\n\n","media":[],"title":"Amenaza persistente: UXHIL y la propagación de URSA","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"Esta conferencia se centrará en el actor amenaza UXHIL, responsable de la distribución del malware URSA, ofreciendo una visión profunda basada en ciberinteligencia. Exploraremos cómo este actor ha estado distribuyendo el malware, las tácticas, técnicas y procedimientos (TTPs) que utiliza y cómo es su cadena de infección. Los asistentes aprenderán a identificar y analizar estos patrones para desarrollar estrategias efectivas de mitigación.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55962],"conference_id":133,"event_ids":[56578],"name":"Armando Aguilar","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Cyber Threat Analyst"}],"links":[],"pronouns":null,"media":[],"id":56297,"title":"Cyber Threat Analyst"},{"content_ids":[55962],"conference_id":133,"event_ids":[56578],"name":"Jesika Juarez","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Senior Cyber Threat Intelligence Analyst at Deloitte México"}],"links":[],"pronouns":"she/her","media":[],"id":56299,"title":"Senior Cyber Threat Intelligence Analyst at Deloitte México"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":56578,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56299},{"tag_id":46167,"sort_order":4,"person_id":56297}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Test out your through-hole and surface mount soldering skills to create your own open-source, cat-themed hacking tool! The WiFi nugget is a microcontroller-powered WiFi hacking device you will then flash with a suite of WiFi tools to get started with offensive and defensive WiFi security techniques.\n\n\n","media":[],"title":"Solder your own cat shaped WiFi Haking tool","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Test out your through-hole and surface mount soldering skills to create your own open-source, cat-themed hacking tool! The WiFi nugget is a microcontroller-powered WiFi hacking device you will then flash with a suite of WiFi tools to get started with offensive and defensive WiFi security techniques.","updated_timestamp":{"seconds":1722645221,"nanoseconds":0},"speakers":[{"content_ids":[55930,55931,55932,55933,55934,55935,55936,55937,55938,55939],"conference_id":133,"event_ids":[56521,56522,56523,56524,56525,56526,56527,56528,56529,56530],"name":"Kody K","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56287}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:41Z","links":[{"label":"Purchase/Pre-Register","type":"link","url":"https://retia.io/products/solder-your-own-cat-themed-wi-fi-hacking-tool"}],"end":"2024-08-09T23:00:00.000-0000","id":56523,"tag_ids":[46383,46429,46734],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56287}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Unleash your creativity at the Tool Makers Hackathon, where innovation meets functionality. Collaborate with fellow hackers to design and build groundbreaking tools that push the boundaries of cybersecurity. Whether you're a seasoned pro or a budding developer, this is your chance to showcase your skills, learn from the best, and create something truly unique.\n\n\n","media":[],"title":"ToolMakers Hackathon","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Unleash your creativity at the Tool Makers Hackathon, where innovation meets functionality. Collaborate with fellow hackers to design and build groundbreaking tools that push the boundaries of cybersecurity. Whether you're a seasoned pro or a budding developer, this is your chance to showcase your skills, learn from the best, and create something truly unique.","updated_timestamp":{"seconds":1722633249,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:09Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56503,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk Bruna will bring to the table societal aspects of quantum technologies from a Global South perspective. In particular, how different are the dynamics of quantum hype in non-English speaking countries, how economic inequality affects quantum-readiness and why this should be everyone’s problem.\n\n\n","media":[],"title":"Quantum on the flip side - A global south perspective on Quantum Technologies","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"In this talk Bruna will bring to the table societal aspects of quantum technologies from a Global South perspective. In particular, how different are the dynamics of quantum hype in non-English speaking countries, how economic inequality affects quantum-readiness and why this should be everyone’s problem.","updated_timestamp":{"seconds":1722626529,"nanoseconds":0},"speakers":[{"content_ids":[55844,55855],"conference_id":133,"event_ids":[56431,56442],"name":"Bruna Shinohara de Mendonça","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56221}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:22:09Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":56431,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56221}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-08-02T19:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join BTV and the Aerospace Village for a large-scale interactive tabletop exercise with a game show panel format. Participants will walk through a security incident within input from security pros, tabletop experts, and aerospace insiders. The host will invite answers and prizes may fly through the air as our subject matter experts weigh in on the response effort with snark but no judgment.\n\n\nJoin BTV and the Aerospace Village for a large-scale interactive tabletop exercise with a game show panel format. Participants will walk through a security incident within input from security pros, tabletop experts, and aerospace insiders. The host will invite answers and prizes may fly through the air as our subject matter experts weigh in on the response effort with snark but no judgment.","media":[],"title":"Area DC32: An Interactive Tabletop Takes Flight (A BTV Panel)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Join BTV and the Aerospace Village for a large-scale interactive tabletop exercise with a game show panel format. Participants will walk through a security incident within input from security pros, tabletop experts, and aerospace insiders. The host will invite answers and prizes may fly through the air as our subject matter experts weigh in on the response effort with snark but no judgment.\n\n\nJoin BTV and the Aerospace Village for a large-scale interactive tabletop exercise with a game show panel format. Participants will walk through a security incident within input from security pros, tabletop experts, and aerospace insiders. The host will invite answers and prizes may fly through the air as our subject matter experts weigh in on the response effort with snark but no judgment.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55763,54574],"conference_id":133,"event_ids":[56287,54949],"name":"Matt Mayes","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Aerospace Village","title":""}],"links":[],"pronouns":null,"media":[],"id":55971,"title":"Aerospace Village"},{"content_ids":[55763],"conference_id":133,"event_ids":[56287],"name":"Caspian Kilkelly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56137},{"content_ids":[55763],"conference_id":133,"event_ids":[56287],"name":"Harlan Geer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56142},{"content_ids":[55763,55760],"conference_id":133,"event_ids":[56285,56287],"name":"Shea Nangle","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56157},{"content_ids":[55763],"conference_id":133,"event_ids":[56287],"name":"Aakin Patel","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56161},{"content_ids":[55763],"conference_id":133,"event_ids":[56287],"name":"Gwyddia","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56172}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56287,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56161},{"tag_id":46167,"sort_order":4,"person_id":56137},{"tag_id":46167,"sort_order":6,"person_id":56172},{"tag_id":46167,"sort_order":8,"person_id":56142},{"tag_id":46167,"sort_order":12,"person_id":56157},{"tag_id":46167,"sort_order":14,"person_id":55971}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Most web security professionals are familiar with Relative Path Overwrite (RPO) attacks that allow injecting malicious CSS via a quirk in how browsers handle paths. But what if you could use a similar technique to get victims to download malicious files by clicking an innocuous looking download link on a trusted site? In this presentation, we'll unveil a new attack vector dubbed Relative Path File Injection (RPFI) that abuses path handling to turn benign websites into malware delivery platforms. Attendees will learn the anatomy of an RPFI attack, see demos of it in action, and learn how to detect this overlooked vulnerability class in the wild. We'll also release an open source GitHub repo with proof of concepts for users to try for themselves. RPFI represents a new breed of polyglot-based attack that exploits gaps between web specifications and real-world implementations.\n\n\n","media":[],"title":"Relative Path File Injection: The Next Evolution in RPO","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:30:00Z","end_timestamp":{"seconds":1723239000,"nanoseconds":0},"android_description":"Most web security professionals are familiar with Relative Path Overwrite (RPO) attacks that allow injecting malicious CSS via a quirk in how browsers handle paths. But what if you could use a similar technique to get victims to download malicious files by clicking an innocuous looking download link on a trusted site? In this presentation, we'll unveil a new attack vector dubbed Relative Path File Injection (RPFI) that abuses path handling to turn benign websites into malware delivery platforms. Attendees will learn the anatomy of an RPFI attack, see demos of it in action, and learn how to detect this overlooked vulnerability class in the wild. We'll also release an open source GitHub repo with proof of concepts for users to try for themselves. RPFI represents a new breed of polyglot-based attack that exploits gaps between web specifications and real-world implementations.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55738],"conference_id":133,"event_ids":[56264],"name":"Ian Hickey","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56119}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T21:30:00.000-0000","id":56264,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56119}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"OWASP Cornucopia is a card game to assist software development teams identify security requirements in agile, conventional, and formal software development processes. It is language, platform, and technology agnostic. Having celebrated its 10th anniversary last year, Cornucopia has been refreshed including an updated full version of the game, a new Website App Edition updated with the OWASP ASVS 4.0 mapping and a Mobile App Edition with the OWASP MASVS 2.0 mapping for mobile development.\n\n\n","media":[],"title":"Extend reality with tabletop RPG OWASP Cornucopia. Play sessions throughout workshop times.","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"OWASP Cornucopia is a card game to assist software development teams identify security requirements in agile, conventional, and formal software development processes. It is language, platform, and technology agnostic. Having celebrated its 10th anniversary last year, Cornucopia has been refreshed including an updated full version of the game, a new Website App Edition updated with the OWASP ASVS 4.0 mapping and a Mobile App Edition with the OWASP MASVS 2.0 mapping for mobile development.","updated_timestamp":{"seconds":1722368947,"nanoseconds":0},"speakers":[{"content_ids":[54593,55580],"conference_id":133,"event_ids":[56102,54968],"name":"Stryker","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Adversary Pursuit Group (APG)","title":"Head of Security Communications and Planning"}],"pronouns":"she/her","links":[{"description":"","title":"Website","sort_order":0,"url":"https://strykernostriking.com"}],"media":[],"id":56045,"title":"Head of Security Communications and Planning at Adversary Pursuit Group (APG)"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T19:49:07Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56102,"tag_ids":[46397,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56045}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-06","hotel":"","short_name":"HW4-01-06","id":46354},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-30T19:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"For customers of Microsoft 365 and Azure, obtaining the role of Global Administrator (GA) is every attacker's dream - it is the Domain Administrator of the cloud. This makes Global Administrator every organization's nightmare of being owned by a threat group or hacker. Luckily, well-defined role-based access control and a strict application consent model can severely limit who gets their fingers on Global Administrator - or does it?\n\nThis talk explores a novel discovery that resulted in privilege elevation to Global Administrator in Entra ID (Azure AD). Part conversation about the research background, part discussion of the foundational components involved, this talk will walk step-by-step through the path to privilege elevation, and owning Global Admin.\n\n\n","media":[],"title":"UnOAuthorized: Discovering the path to privilege elevation to Global Administrator","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:30:00Z","end_timestamp":{"seconds":1723239000,"nanoseconds":0},"android_description":"For customers of Microsoft 365 and Azure, obtaining the role of Global Administrator (GA) is every attacker's dream - it is the Domain Administrator of the cloud. This makes Global Administrator every organization's nightmare of being owned by a threat group or hacker. Luckily, well-defined role-based access control and a strict application consent model can severely limit who gets their fingers on Global Administrator - or does it?\n\nThis talk explores a novel discovery that resulted in privilege elevation to Global Administrator in Entra ID (Azure AD). Part conversation about the research background, part discussion of the foundational components involved, this talk will walk step-by-step through the path to privilege elevation, and owning Global Admin.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55484],"conference_id":133,"event_ids":[55913],"name":"Eric Woodruff","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"ericonidentity","sort_order":0,"url":"https://ericonidentity"}],"media":[],"id":56006}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T21:30:00.000-0000","id":55913,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56006}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Make a friendship bracelet with an exclusive WISP charm.\n\n\n","media":[],"title":"Friendship Bracelet Making","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Make a friendship bracelet with an exclusive WISP charm.","updated_timestamp":{"seconds":1722207088,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T22:51:28Z","links":[{"label":"Website","type":"link","url":"https://www.wisporg.com/"}],"end":"2024-08-09T23:00:00.000-0000","id":55901,"tag_ids":[46410,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-04","hotel":"","short_name":"HW3-05-04","id":46266},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-28T22:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Quansheng UV-K5 has quickly become the hot new budget radio for new hams and old hams that love to tinker. In this presentation, I will talk about the capabilities of the radio, open source firmware mods, and hardware mods. I'll also show why transmitting with a radio on frequencies it can't properly filter can be a bad idea!\n\n\n","media":[],"title":"Hacking the Quansheng UV-K5","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"The Quansheng UV-K5 has quickly become the hot new budget radio for new hams and old hams that love to tinker. In this presentation, I will talk about the capabilities of the radio, open source firmware mods, and hardware mods. I'll also show why transmitting with a radio on frequencies it can't properly filter can be a bad idea!","updated_timestamp":{"seconds":1722185592,"nanoseconds":0},"speakers":[{"content_ids":[55435],"conference_id":133,"event_ids":[55860],"name":"Jon Marler","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@jmarler"}],"media":[],"id":55977}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T16:53:12Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":55860,"tag_ids":[46169,46380,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":55977}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W321","hotel":"","short_name":"W321","id":46337},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-28T16:53:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn how to hack the DCNextGen Badge and take it to another level!\n\n\n","media":[],"title":"Hack the Badge (Badge class level 2)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"Learn how to hack the DCNextGen Badge and take it to another level!","updated_timestamp":{"seconds":1721785056,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T01:37:36Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":55756,"tag_ids":[46398,46641],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-24T01:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Microsoft Detours library was leveraged to instrument the entire process environment of an engineering workstation in an operational technology/industrial control system (OT/ICS) setting. This approach allowed for the comprehensive monitoring and analysis of privileged file operations within these systems. Through this method, multiple vulnerabilities in SCADA software were identified and exploited, demonstrating the effective use of Detours for security research in critical infrastructure contexts.\r\nThis presentation will discuss how the custom dynamic-link library (DLL) developed with Detours enabled the systematic examination of file operations, leading to the discovery of security flaws that were then exploited. The talk will showcase these exploitations, providing insight into the types of vulnerabilities that were uncovered and the potential implications for system security. The focus will be on demonstrating the importance of having an effective vulnerability hunting strategy in critical environments and showing real exploitation scenarios of the vulnerabilities found through this method.\n\n\n","media":[],"title":"Detouring Danger: Hunting Privileged File Operation Vulnerabilities in OT/ICS software","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:55:00Z","end_timestamp":{"seconds":1723240500,"nanoseconds":0},"android_description":"The Microsoft Detours library was leveraged to instrument the entire process environment of an engineering workstation in an operational technology/industrial control system (OT/ICS) setting. This approach allowed for the comprehensive monitoring and analysis of privileged file operations within these systems. Through this method, multiple vulnerabilities in SCADA software were identified and exploited, demonstrating the effective use of Detours for security research in critical infrastructure contexts.\r\nThis presentation will discuss how the custom dynamic-link library (DLL) developed with Detours enabled the systematic examination of file operations, leading to the discovery of security flaws that were then exploited. The talk will showcase these exploitations, providing insight into the types of vulnerabilities that were uncovered and the potential implications for system security. The focus will be on demonstrating the importance of having an effective vulnerability hunting strategy in critical environments and showing real exploitation scenarios of the vulnerabilities found through this method.","updated_timestamp":{"seconds":1721781590,"nanoseconds":0},"speakers":[{"content_ids":[55345,55977],"conference_id":133,"event_ids":[55737,56593],"name":"Asher Davila","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Palo Alto Networks","title":"IoT/OT Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/asherdavila/"},{"description":"","title":"Twitter (@asher_davila)","sort_order":0,"url":"https://twitter.com/asher_davila"},{"description":"","title":"Website","sort_order":0,"url":"https://cronop-io.github.io/"}],"media":[],"id":55948,"title":"IoT/OT Security Researcher at Palo Alto Networks"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T00:39:50Z","links":[],"end":"2024-08-09T21:55:00.000-0000","id":55737,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55948}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-24T00:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cyber-financial crimes devastate marginalized communities, robbing them of economic opportunity and hard earned civil rights. This panel issues an urgent call to action to cyber advocates: join forces in pioneering policy solutions that enhance community resilience against these persistent threats to our global community. Our experts go beyond critiquing existing laws to envision groundbreaking models prioritizing the voices of impacted groups. We'll explore how to effectively amplify grassroots initiatives fostering digital awareness and empowerment from the ground up. This is a roadmap for multi-stakeholder collaboration - uniting policy leaders, corporate innovators, government officials, hackers, and advocates. Together we can build robust frameworks that embed civil rights into the core of cybersecurity strategy and implementation.\n\n\n","media":[],"title":"Advocating for an Inclusive Cyber-Civil Rights Policy Agenda for Vulnerable Communities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:45:00Z","end_timestamp":{"seconds":1723239900,"nanoseconds":0},"android_description":"Cyber-financial crimes devastate marginalized communities, robbing them of economic opportunity and hard earned civil rights. This panel issues an urgent call to action to cyber advocates: join forces in pioneering policy solutions that enhance community resilience against these persistent threats to our global community. Our experts go beyond critiquing existing laws to envision groundbreaking models prioritizing the voices of impacted groups. We'll explore how to effectively amplify grassroots initiatives fostering digital awareness and empowerment from the ground up. This is a roadmap for multi-stakeholder collaboration - uniting policy leaders, corporate innovators, government officials, hackers, and advocates. Together we can build robust frameworks that embed civil rights into the core of cybersecurity strategy and implementation.","updated_timestamp":{"seconds":1721778687,"nanoseconds":0},"speakers":[{"content_ids":[55332],"conference_id":133,"event_ids":[55723],"name":"Elizabeth Eigner","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":"Security Policy Strategist"}],"links":[],"pronouns":null,"media":[],"id":55926,"title":"Security Policy Strategist at Microsoft"},{"content_ids":[55332,55685],"conference_id":133,"event_ids":[55723,56208],"name":"Jacob H Braun","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Office of the National Cyber Director (ONCD)","title":"Acting Principal Deputy National Cyber Director"}],"links":[],"pronouns":null,"media":[],"id":55928,"title":"Acting Principal Deputy National Cyber Director at Office of the National Cyber Director (ONCD)"},{"content_ids":[55332],"conference_id":133,"event_ids":[55723],"name":"Kemba Walden","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Paladin Global Institute","title":"President"}],"links":[],"pronouns":null,"media":[],"id":55932,"title":"President at Paladin Global Institute"},{"content_ids":[55332],"conference_id":133,"event_ids":[55723],"name":"Nicole Tisdale","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Advocacy Blueprints","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":55937,"title":"Founder at Advocacy Blueprints"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-23T23:51:27Z","links":[],"end":"2024-08-09T21:45:00.000-0000","id":55723,"tag_ids":[46388,46419,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":55937},{"tag_id":46487,"sort_order":4,"person_id":55932},{"tag_id":46487,"sort_order":6,"person_id":55928},{"tag_id":46487,"sort_order":8,"person_id":55926}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-23T23:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Breaking Through Barriers: Attacking Access Control Systems\r\n\r\nIn this in-depth session, we will dive into the vulnerabilities of access control systems, specifically targeting RFID readers and the Wiegand protocol that these readers commonly use to interact with other security devices. Discover the intricate design process behind a custom tool crafted to exploit specific Schlage proximity readers. \r\n\r\nThis talk will cover:\r\n\r\n- The fundamental weaknesses in RFID reader technologies and the Wiegand communication protocol.\r\n- Step-by-step breakdown of designing a tool to man-in-the-middle Schlage proximity readers.\r\n- Real-world implications and case studies demonstrating successful attacks on high-security installations.\r\n\r\nAttendees will gain actionable insights into the inner workings of access control systems, enabling them to conduct physical security assessments with more success. This session is a must-attend for security professionals looking to stay ahead of the curve in physical offensive security strategies.\n\n\n","media":[],"title":"Physical Security - Bypassing Access Control Systems","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T21:50:00Z","end_timestamp":{"seconds":1723240200,"nanoseconds":0},"android_description":"Breaking Through Barriers: Attacking Access Control Systems\r\n\r\nIn this in-depth session, we will dive into the vulnerabilities of access control systems, specifically targeting RFID readers and the Wiegand protocol that these readers commonly use to interact with other security devices. Discover the intricate design process behind a custom tool crafted to exploit specific Schlage proximity readers. \r\n\r\nThis talk will cover:\r\n\r\n- The fundamental weaknesses in RFID reader technologies and the Wiegand communication protocol.\r\n- Step-by-step breakdown of designing a tool to man-in-the-middle Schlage proximity readers.\r\n- Real-world implications and case studies demonstrating successful attacks on high-security installations.\r\n\r\nAttendees will gain actionable insights into the inner workings of access control systems, enabling them to conduct physical security assessments with more success. This session is a must-attend for security professionals looking to stay ahead of the curve in physical offensive security strategies.","updated_timestamp":{"seconds":1721595431,"nanoseconds":0},"speakers":[{"content_ids":[55278],"conference_id":133,"event_ids":[55668],"name":"Andrew Johnson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@_inyernet)","sort_order":0,"url":"https://twitter.com/_inyernet"}],"media":[],"id":55827}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T20:57:11Z","links":[],"end":"2024-08-09T21:50:00.000-0000","id":55668,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55827}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-21T20:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Operational security (OpSec) is a cornerstone in red teaming, necessitating continuous refinement of tools and techniques to avoid detection. This workshop is designed for new red team operators and individuals seeking to enhance their offensive capabilities. It focuses on customizing the Impacket toolset—a collection of Python classes for working with network protocols—to improve OpSec during engagements.\n\nImpacket tools such as wmiexec, smbexec, and secretsdump are staples in the toolkit of any red teamer due to their versatility and power in gaining access and extracting sensitive data from Windows environments. However, their detectability has increased as defensive measures have become more sophisticated. This session proposes modifications to these tools to reduce their footprint and evade modern security defenses.\n\nParticipants will explore various customization strategies, including altering network signatures, timing attacks to evade detection, and integrating stealthier authentication methods. Practical exercises will guide attendees through the process of modifying the Impacket scripts, demonstrating how these changes can significantly enhance operational security in simulated environments.\n\n\n","media":[],"title":"Modifying Impacket for Better OpSec","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T22:50:00Z","end_timestamp":{"seconds":1723243800,"nanoseconds":0},"android_description":"Operational security (OpSec) is a cornerstone in red teaming, necessitating continuous refinement of tools and techniques to avoid detection. This workshop is designed for new red team operators and individuals seeking to enhance their offensive capabilities. It focuses on customizing the Impacket toolset—a collection of Python classes for working with network protocols—to improve OpSec during engagements.\n\nImpacket tools such as wmiexec, smbexec, and secretsdump are staples in the toolkit of any red teamer due to their versatility and power in gaining access and extracting sensitive data from Windows environments. However, their detectability has increased as defensive measures have become more sophisticated. This session proposes modifications to these tools to reduce their footprint and evade modern security defenses.\n\nParticipants will explore various customization strategies, including altering network signatures, timing attacks to evade detection, and integrating stealthier authentication methods. Practical exercises will guide attendees through the process of modifying the Impacket scripts, demonstrating how these changes can significantly enhance operational security in simulated environments.","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55277,55985],"conference_id":133,"event_ids":[55667,56607],"name":"Ryan O'Donnell","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":"Senior Offensive Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/odonnell-ryan"},{"description":"","title":"Twitter (@odiesec)","sort_order":0,"url":"https://twitter.com/odiesec"}],"media":[],"id":55828,"title":"Senior Offensive Security Engineer at Microsoft"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T22:50:00.000-0000","id":55667,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55828}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Dive into the dynamic world of Open Source Intelligence (OSINT) with this quick workshop designed to give you a taste of practical online investigations and threat hunting. Led by a seasoned professional, this immersive session offers a condensed yet impactful introduction to essential OSINT techniques that you can use in your red teaming engagements.\r\n\r\nExperience the power of hands-on learning as you engage in live demonstrations, exploring key concepts such as operational security (OpSec), advanced search engine queries, username and phone number lookups, social media reconnaissance, breached records analysis, network reconnaissance, historical records, and essential documentation, all within the span of this engaging workshop. Through interactive exercises and guided discussions, participants will gain a glimpse into the world of OSINT.\r\n\r\nWho’s it for?\r\n\r\nThis training is suited for all individuals in any field with a keen interest in online investigations regardless of their experience level in OSINT\n\n\n","media":[],"title":"Level UP OSINT","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T21:50:00Z","end_timestamp":{"seconds":1723240200,"nanoseconds":0},"android_description":"Dive into the dynamic world of Open Source Intelligence (OSINT) with this quick workshop designed to give you a taste of practical online investigations and threat hunting. Led by a seasoned professional, this immersive session offers a condensed yet impactful introduction to essential OSINT techniques that you can use in your red teaming engagements.\r\n\r\nExperience the power of hands-on learning as you engage in live demonstrations, exploring key concepts such as operational security (OpSec), advanced search engine queries, username and phone number lookups, social media reconnaissance, breached records analysis, network reconnaissance, historical records, and essential documentation, all within the span of this engaging workshop. Through interactive exercises and guided discussions, participants will gain a glimpse into the world of OSINT.\r\n\r\nWho’s it for?\r\n\r\nThis training is suited for all individuals in any field with a keen interest in online investigations regardless of their experience level in OSINT","updated_timestamp":{"seconds":1721595185,"nanoseconds":0},"speakers":[{"content_ids":[55276,55902],"conference_id":133,"event_ids":[55666,56489],"name":"Mishaal Khan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@mish3alkhan)","sort_order":0,"url":"https://twitter.com/mish3alkhan"}],"media":[],"id":55829}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T20:53:05Z","links":[],"end":"2024-08-09T21:50:00.000-0000","id":55666,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55829}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-21T20:53:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"One of the best ways to learn something is to teach others about it. BYOCTF is a CTF framework (really a concept) that allows CTF players to contribute challenges for other players to solve and earn points as a reward. The purpose of the framework is to allow people to think about the learning experience of others. Everyone can learn how to become a CTF challenge developer.\n\n\n","media":[],"title":"\"BYOCTF\" - Bring Your Own [Challenges||Capture] The Flag","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"One of the best ways to learn something is to teach others about it. BYOCTF is a CTF framework (really a concept) that allows CTF players to contribute challenges for other players to solve and earn points as a reward. The purpose of the framework is to allow people to think about the learning experience of others. Everyone can learn how to become a CTF challenge developer.","updated_timestamp":{"seconds":1721495194,"nanoseconds":0},"speakers":[{"content_ids":[55194],"conference_id":133,"event_ids":[55584],"name":"Eli McRae","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Penetration Tester"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/eli-mcrae"},{"description":"","title":"Mastodon (@shyft@defcon.social)","sort_order":0,"url":"https://defcon.social/@shyft"},{"description":"","title":"Twitter (@earcmile)","sort_order":0,"url":"https://x.com/earcmile"},{"description":"","title":"Website","sort_order":0,"url":"https://shyft.us"}],"media":[],"id":55800,"title":"Penetration Tester"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T17:06:34Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":55584,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55800}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-20T17:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The presentation will feature a brief introduction to Web3 and Web3 bug bounties, notoriously some of the differences that the typical blockchain transparency brings in comparison to web2. Then we will explain what’s at stake in Web3. In traditional bug bounties, what's most often at stake is PII data, as well as critical infrastructure. In the blockchain world, money is at malicious actors' finger tips - extremely large sums of money. We will go over some of the most notorious hacks that happened in Web3, and we will look at real blockchain data:\r\n\r\n- The technical details of the exploit\r\n- The money flows\r\n- The out of this world messages sent in the negotiation process between the hackers and the hacked protocol. Yes, often this negotiation actually happens through transparent blockchain transactions.\r\n\r\nFinally, we will recreate some of the most iconic +$1M bounties and their proof of concepts. At least one will be on smart contracts, one will be on the blockchain stack and one on will be in novelty zero knowledge circuit technology.\n\n\n","media":[],"title":"Why You Should Be Hunting on Web3 Bug Bounties","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"The presentation will feature a brief introduction to Web3 and Web3 bug bounties, notoriously some of the differences that the typical blockchain transparency brings in comparison to web2. Then we will explain what’s at stake in Web3. In traditional bug bounties, what's most often at stake is PII data, as well as critical infrastructure. In the blockchain world, money is at malicious actors' finger tips - extremely large sums of money. We will go over some of the most notorious hacks that happened in Web3, and we will look at real blockchain data:\r\n\r\n- The technical details of the exploit\r\n- The money flows\r\n- The out of this world messages sent in the negotiation process between the hackers and the hacked protocol. Yes, often this negotiation actually happens through transparent blockchain transactions.\r\n\r\nFinally, we will recreate some of the most iconic +$1M bounties and their proof of concepts. At least one will be on smart contracts, one will be on the blockchain stack and one on will be in novelty zero knowledge circuit technology.","updated_timestamp":{"seconds":1721438154,"nanoseconds":0},"speakers":[{"content_ids":[55176],"conference_id":133,"event_ids":[55564],"name":"Gonçalo Marques Raposo de Magalhães","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Immunefi","title":"Head of Security"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@realgmhacker)","sort_order":0,"url":"https://twitter.com/realgmhacker"}],"media":[],"id":54816,"title":"Head of Security at Immunefi"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T01:15:54Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#why-you-should-be-hunting-on-web3-bug-bounties"}],"end":"2024-08-09T22:00:00.000-0000","id":55564,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54816}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-20T01:15:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Resume Reviews offer attendees the opportunity to have their resumes critiqued by industry professionals. This activity provides personalized feedback and tips on how to improve resumes to stand out in the cybersecurity job market. It's a great way for participants to enhance their professional profiles and increase their chances of landing their desired roles.\n\n\n","media":[],"title":"Resume Reviews","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Resume Reviews offer attendees the opportunity to have their resumes critiqued by industry professionals. This activity provides personalized feedback and tips on how to improve resumes to stand out in the cybersecurity job market. It's a great way for participants to enhance their professional profiles and increase their chances of landing their desired roles.","updated_timestamp":{"seconds":1721487270,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T14:54:30Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55412,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Some diagnostic services in UDSonCAN that could affect driving should be disabled while driving and protected by authentication mechanisms such as SecurityAccess. However, without these security measures, attackers can cause a serious safety risk to the driver using only diagnostic messages. In this talk, we introduce UDSonCAN attacks discovered through fuzzing and describe their countermeasures. These attacks can cause a moving car to suddenly stop or a stationary car to suddenly acceleration with just simple diagnostic messages. We discovered these vulnerabilities in the latest electric vehicle model and have prepared a demo.\n\n\n","media":[],"title":"UDSonCAN Attacks: Discovering Safety-Critical Risks by Fuzzing","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:30:00Z","end_timestamp":{"seconds":1723239000,"nanoseconds":0},"android_description":"Some diagnostic services in UDSonCAN that could affect driving should be disabled while driving and protected by authentication mechanisms such as SecurityAccess. However, without these security measures, attackers can cause a serious safety risk to the driver using only diagnostic messages. In this talk, we introduce UDSonCAN attacks discovered through fuzzing and describe their countermeasures. These attacks can cause a moving car to suddenly stop or a stationary car to suddenly acceleration with just simple diagnostic messages. We discovered these vulnerabilities in the latest electric vehicle model and have prepared a demo.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54570],"conference_id":133,"event_ids":[54945],"name":"Soohwan Oh","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54258},{"content_ids":[54570],"conference_id":133,"event_ids":[54945],"name":"Jonghyuk Song","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54275},{"content_ids":[54570],"conference_id":133,"event_ids":[54945],"name":"Seunghee Han","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Autocrypt Engineering","title":"Automotive Engineer and Security Tester"}],"links":[],"pronouns":null,"media":[],"id":54298,"title":"Automotive Engineer and Security Tester at Autocrypt Engineering"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T21:30:00.000-0000","id":54945,"tag_ids":[46375,46419,46437,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54275},{"tag_id":46167,"sort_order":1,"person_id":54298},{"tag_id":46167,"sort_order":1,"person_id":54258}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Economic efficiency and increasing automation mean that many industrial assets are remotely monitored and controlled. While some assets, such as oil production platforms, remain manned in isolated conditions, the ecosystem of renewable energy and distributed energy resources (DERs), pipelines, and other assets are increasingly unmanned with control extending over common information links. While this has been a boon for cost, it has also resulted in a radical extension of attack surface for cyber operations.\n\nIn this discussion, we will explore the nature of distributed industrial asset operation and the opportunities this presents for adversaries to infiltrate and potentially disrupt critical infrastructure operations. To make this point, we will review examples of adversary activity, from the 2022 ViaSat incident through historical pipeline intrusions (NOT Colonial!), showing how adversaries intentionally or inadvertently prey on brittle communication links for industrial disruption. We will conclude with a discussion of how these risks can be mitigated in a way that is sensible and economical, because wind farm operators won't lay their own dedicated fiber anytime soon.\n\n\n","media":[],"title":"The Risk and Reward of Distributed Industrial Control","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:30:00Z","end_timestamp":{"seconds":1723239000,"nanoseconds":0},"android_description":"Economic efficiency and increasing automation mean that many industrial assets are remotely monitored and controlled. While some assets, such as oil production platforms, remain manned in isolated conditions, the ecosystem of renewable energy and distributed energy resources (DERs), pipelines, and other assets are increasingly unmanned with control extending over common information links. While this has been a boon for cost, it has also resulted in a radical extension of attack surface for cyber operations.\n\nIn this discussion, we will explore the nature of distributed industrial asset operation and the opportunities this presents for adversaries to infiltrate and potentially disrupt critical infrastructure operations. To make this point, we will review examples of adversary activity, from the 2022 ViaSat incident through historical pipeline intrusions (NOT Colonial!), showing how adversaries intentionally or inadvertently prey on brittle communication links for industrial disruption. We will conclude with a discussion of how these risks can be mitigated in a way that is sensible and economical, because wind farm operators won't lay their own dedicated fiber anytime soon.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54569,55764],"conference_id":133,"event_ids":[56273,54944],"name":"Joe Slowik","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54362}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T21:30:00.000-0000","id":54944,"tag_ids":[46382,46419,46463,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54362}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you have an interest in physical security and want to help your employer secure their buildings, this talk is for you! We'll cover common flaws in locks, alarms, surveillance systems and employee training, and how to test for them and suggest remediations to company leadership. Learn methods of lock bypass, alarm bypass, forcible entry, social engineering and other common vulnerabilities! \n\nThis talk is aimed at employees whose primary job function does not involve physical security - that often includes cybersecurity teams though, so we'll make lots of analogies to infosec concepts, but the talk is accessible to everyone. \n\n\n","media":[],"title":"Physical Security Assessment Basics for Internal Employees","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:30:00Z","end_timestamp":{"seconds":1723239000,"nanoseconds":0},"android_description":"If you have an interest in physical security and want to help your employer secure their buildings, this talk is for you! We'll cover common flaws in locks, alarms, surveillance systems and employee training, and how to test for them and suggest remediations to company leadership. Learn methods of lock bypass, alarm bypass, forcible entry, social engineering and other common vulnerabilities! \n\nThis talk is aimed at employees whose primary job function does not involve physical security - that often includes cybersecurity teams though, so we'll make lots of analogies to infosec concepts, but the talk is accessible to everyone.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54568,54648],"conference_id":133,"event_ids":[54943,55021],"name":"Billy Graydon","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GGR Security","title":"Principal"}],"links":[],"pronouns":null,"media":[],"id":54354,"title":"Principal at GGR Security"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T21:30:00.000-0000","id":54943,"tag_ids":[46387,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54354}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"GPU security is a vital area of mobile security highlighted both by public security research as well as by in-the-wild attacks. Due to the high complexity of the GPU software/firmware along with a widely available attack surface, issues in GPU provide strong exploitation primitives for local privilege escalation attacks by the code running in unprivileged context.\n\nIn this talk, we will focus our research on the Qualcomm Adreno GPU, which is a very popular GPU implementation in mobile devices. We will do a deep dive into Adreno GPU kernel module implementation focusing on the most recent GPU versions, reveal its complex and new attack surfaces, and discuss vulnerabilities we discovered in this component.\n\nIn total we identified 9+ exploitable vulnerabilities in Adreno GPU driver leading to kernel code execution and affecting Qualcomm-based devices using the latest GPU models. We will demonstrate the exploitation of one of the race condition issues on a fully-patched widely used Android device to obtain root privileges from zero-permission application with 100% success rate.\n\nAndroid kernel mitigations such as CFI and W^X create significant hurdles for exploiting vulnerabilities in kernel to achieve code execution. Also race condition usually means unstable, low success rate. We'll explain how we overcome these challenges with a novel, generic exploit method that leverages GPU features to achieve arbitrary physical memory read/write. This technique bypasses key mitigations (CFI, W^X) and has broader implications for kernel heap buffer overflows. We will cover the technical details of the exploitation, and especially the novel generic exploit method.\n\nWe will also discuss the action items that the vendors could take to minimize the impact of this exploit method, as well as general methods to improve the overall security status of the GPU.\n\n\n","media":[],"title":"The Way To Android Root: Exploiting Your GPU On Smartphone","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T21:45:00Z","end_timestamp":{"seconds":1723239900,"nanoseconds":0},"android_description":"GPU security is a vital area of mobile security highlighted both by public security research as well as by in-the-wild attacks. Due to the high complexity of the GPU software/firmware along with a widely available attack surface, issues in GPU provide strong exploitation primitives for local privilege escalation attacks by the code running in unprivileged context.\n\nIn this talk, we will focus our research on the Qualcomm Adreno GPU, which is a very popular GPU implementation in mobile devices. We will do a deep dive into Adreno GPU kernel module implementation focusing on the most recent GPU versions, reveal its complex and new attack surfaces, and discuss vulnerabilities we discovered in this component.\n\nIn total we identified 9+ exploitable vulnerabilities in Adreno GPU driver leading to kernel code execution and affecting Qualcomm-based devices using the latest GPU models. We will demonstrate the exploitation of one of the race condition issues on a fully-patched widely used Android device to obtain root privileges from zero-permission application with 100% success rate.\n\nAndroid kernel mitigations such as CFI and W^X create significant hurdles for exploiting vulnerabilities in kernel to achieve code execution. Also race condition usually means unstable, low success rate. We'll explain how we overcome these challenges with a novel, generic exploit method that leverages GPU features to achieve arbitrary physical memory read/write. This technique bypasses key mitigations (CFI, W^X) and has broader implications for kernel heap buffer overflows. We will cover the technical details of the exploitation, and especially the novel generic exploit method.\n\nWe will also discuss the action items that the vendors could take to minimize the impact of this exploit method, as well as general methods to improve the overall security status of the GPU.","updated_timestamp":{"seconds":1720307459,"nanoseconds":0},"speakers":[{"content_ids":[54457],"conference_id":133,"event_ids":[54830],"name":"Eugene Rodionov","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Technical Leader, Android Red Team"}],"links":[],"pronouns":null,"media":[],"id":54102,"title":"Technical Leader, Android Red Team at Google"},{"content_ids":[54457],"conference_id":133,"event_ids":[54830],"name":"Xiling Gong","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Security Researcher, Android Red Team"}],"links":[],"pronouns":null,"media":[],"id":54116,"title":"Security Researcher, Android Red Team at Google"},{"content_ids":[54457],"conference_id":133,"event_ids":[54830],"name":"Xuan Xing","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Manager, Android Red Team"}],"links":[],"pronouns":null,"media":[],"id":54125,"title":"Manager, Android Red Team at Google"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:59Z","links":[],"end":"2024-08-09T21:45:00.000-0000","id":54830,"tag_ids":[46166,46169,46419,46437,46881],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"Exploit 🪲, Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":54116},{"tag_id":46167,"sort_order":6,"person_id":54102},{"tag_id":46167,"sort_order":8,"person_id":54125}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Sashay away from this talk with the knowledge to perform state-of-the-art espionage, no technical background required.\r\n\r\nIn the realm of privilege escalation and data exfiltration, the physical world quietly screams secrets. We'll demystify the fascinating physics behind signals and how various forms of energy--infrared, visible, and ultraviolet light, radio, ultrasound, audible sound, mechanical vibration, and temperature--can be interpreted as waves that unintentionally leak information, even in air-gapped (non-networked) systems. We'll observe how air is in fact not an effective gap or barrier as radio, light, sound, and vibration excitedly travel through it. We'll explore how all electrical signals radiate electromagnetism (light or radio) that can be intercepted and how we can reverse this process, producing electromagnetism to inject desired electrical signals into our target.\r\n\r\nWe'll delve into historical and seminal side-channel/TEMPEST attacks from our friends at the NSA, KGB, and past DEF CON pioneers. You'll learn about the essential electrical and optical components combined for cutting-edge eavesdropping, including what our target is typing from a distance.\r\n\r\nWhile others believe they're obtaining noise, we will extract signal, and you'll leave this talk hearing the world in a new light.\r\n\r\n- [1985] Electromagnetic radiation from video display units - Wim van Eck\r\n- Bunnie [link](https://www.bunniestudios.com/blog/hacking-the-pic-18f1320/)\r\n- DEFCON 17: Sniff Keystrokes With Lasers/Voltmeters - Andrea Barisani, Daniele Bianco\r\n- DEF CON 23 - Colin Flynn - Dont Whisper my Chips: Sidechannel and Glitching for Fun and Profit\r\n- DEF CON 24 - Marc Newlin - MouseJack: Injecting Keystrokes into Wireless Mice\r\n- DEF CON 25 - Matt Wixey - See no evil, hear no evil: Hacking invisibly & silently with light & sound\r\n- DEF CON 31 - Video Based Cryptanalysis Extracting Keys from Power LEDs - Ben Nassi, Ofek Vayner\r\n- Georgi Gerganov - kbd-audio [link](https://github.com/ggerganov/kbd-audio)\r\n- Lest We Remember: Cold Boot Attacks on Encryption Keys - Halderman et al [link](https://www.usenix.org/legacy/event/sec08/tech/full_papers/halderman/halderman.pdf)\r\n- RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis - Daniel Genkin, Adi Shamir, Eran Tromer [link](https://cs-people.bu.edu/tromer/acoustic/)\r\n\n\n\n","media":[],"title":"Optical Espionage: Using Lasers to Hear Keystrokes Through Glass Windows","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T21:45:00Z","end_timestamp":{"seconds":1723239900,"nanoseconds":0},"android_description":"Sashay away from this talk with the knowledge to perform state-of-the-art espionage, no technical background required.\r\n\r\nIn the realm of privilege escalation and data exfiltration, the physical world quietly screams secrets. We'll demystify the fascinating physics behind signals and how various forms of energy--infrared, visible, and ultraviolet light, radio, ultrasound, audible sound, mechanical vibration, and temperature--can be interpreted as waves that unintentionally leak information, even in air-gapped (non-networked) systems. We'll observe how air is in fact not an effective gap or barrier as radio, light, sound, and vibration excitedly travel through it. We'll explore how all electrical signals radiate electromagnetism (light or radio) that can be intercepted and how we can reverse this process, producing electromagnetism to inject desired electrical signals into our target.\r\n\r\nWe'll delve into historical and seminal side-channel/TEMPEST attacks from our friends at the NSA, KGB, and past DEF CON pioneers. You'll learn about the essential electrical and optical components combined for cutting-edge eavesdropping, including what our target is typing from a distance.\r\n\r\nWhile others believe they're obtaining noise, we will extract signal, and you'll leave this talk hearing the world in a new light.\r\n\r\n- [1985] Electromagnetic radiation from video display units - Wim van Eck\r\n- Bunnie [link](https://www.bunniestudios.com/blog/hacking-the-pic-18f1320/)\r\n- DEFCON 17: Sniff Keystrokes With Lasers/Voltmeters - Andrea Barisani, Daniele Bianco\r\n- DEF CON 23 - Colin Flynn - Dont Whisper my Chips: Sidechannel and Glitching for Fun and Profit\r\n- DEF CON 24 - Marc Newlin - MouseJack: Injecting Keystrokes into Wireless Mice\r\n- DEF CON 25 - Matt Wixey - See no evil, hear no evil: Hacking invisibly & silently with light & sound\r\n- DEF CON 31 - Video Based Cryptanalysis Extracting Keys from Power LEDs - Ben Nassi, Ofek Vayner\r\n- Georgi Gerganov - kbd-audio [link](https://github.com/ggerganov/kbd-audio)\r\n- Lest We Remember: Cold Boot Attacks on Encryption Keys - Halderman et al [link](https://www.usenix.org/legacy/event/sec08/tech/full_papers/halderman/halderman.pdf)\r\n- RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis - Daniel Genkin, Adi Shamir, Eran Tromer [link](https://cs-people.bu.edu/tromer/acoustic/)","updated_timestamp":{"seconds":1720462408,"nanoseconds":0},"speakers":[{"content_ids":[54456],"conference_id":133,"event_ids":[54829],"name":"samy kamkar","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Github","sort_order":0,"url":"https://github.com/samyk"},{"description":"","title":"Twitter (@samykamkar)","sort_order":0,"url":"https://twitter.com/samykamkar"},{"description":"","title":"samy.pl","sort_order":0,"url":"https://samy.pl"}],"media":[],"id":54103}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:13:28Z","links":[],"end":"2024-08-09T21:45:00.000-0000","id":54829,"tag_ids":[46166,46169,46419,46437,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54103}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-08T18:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join DEF CON Founder Jeff Moss for an Ask Me Anything with CISA Director Jen Easterly. REAL WORLD DEF CON: Where hackers stop being polite and start getting real.\n\n\n","media":[],"title":"DEF CON Unplugged: Cocktails & Cyber with Jeff & Jen","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T21:45:00Z","end_timestamp":{"seconds":1723239900,"nanoseconds":0},"android_description":"Join DEF CON Founder Jeff Moss for an Ask Me Anything with CISA Director Jen Easterly. REAL WORLD DEF CON: Where hackers stop being polite and start getting real.","updated_timestamp":{"seconds":1721177942,"nanoseconds":0},"speakers":[{"content_ids":[54455],"conference_id":133,"event_ids":[54828],"name":"Jen Easterly","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cybersecurity and Infrastructure Security Agency (CISA)","title":"Director"}],"pronouns":"she/her","links":[{"description":"","title":"CISA.gov","sort_order":0,"url":"https://CISA.gov"},{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/jen-easterly"},{"description":"","title":"Twitter (@CISAGov)","sort_order":0,"url":"https://twitter.com/CISAGov"},{"description":"","title":"Twitter (@CISAJen)","sort_order":0,"url":"https://twitter.com/CISAJen"}],"media":[],"id":54121,"title":"Director at Cybersecurity and Infrastructure Security Agency (CISA)"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-17T00:59:02Z","links":[],"end":"2024-08-09T21:45:00.000-0000","id":54828,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54121}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-17T00:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Get ready to strut your stuff, hackers! We're thrilled to announce the 6th annual Hack3r Runw@y returning to DEF CON 32, bigger and bolder than ever.\r\n\r\nCalling all glamorous geeks, crafty coders, and fashionably functional folks: Dust off your soldering irons, grab your needles and threads, and unleash your creativity! Hack3r Runw@y challenges you to reimagine fashion through the lens of hacking.\r\n\r\nShow us your wearable tech wonders in the following 4 categories for a chance to win in each category plus one coveted People’s Choice trophy where ANYONE can win, but there will be a twist. Did you see this year's theme (hint).\r\n\r\nSmart wear that wows: Integrate LEDs, microcontrollers, and sensors into your designs for dazzling functionality.\r\n\r\nDigital design that dazzles: light it up with LEDs, bling with lights, but keep it passive.\r\n\r\nFunctional Fashion: masks and shields, hazmat suit, lockpick earrings, and cufflink shims.\r\n\r\nExtraordinary style: Elevate your daily wardrobe with unique fabrics, passive design, 3d textures, optical illusions, cosplay, and security-inspired patterns.\r\n\r\nNo matter your skill level, Hack3r Runw@y has a place for you! Whether you're a seasoned maker or a coding newbie, join us in celebrating the convergence of creativity, technology, and style.\r\n\r\nWinners selected by judges selection based on:\r\n\r\nUniqueness\r\nTrendy\r\nPractical\r\nCouture\r\nCreativity\r\nRelevance\r\nOriginality\r\nPresentation\r\nMastery\n\n\n","media":[{"hash_sha256":"90908ba4a7bf0e11167114397d24e522453fd0810cbee9c9c6e675120cd23e6c","filetype":"image/png","hash_md5":"24d77c529e00d7a297152d4f47229091","name":"ct_hack3rrunway2024-fin.png","is_logo":"Y","hash_crc32c":"04c8e95e","filesize":223387,"asset_id":708,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hack3rrunway2024-fin.png"}],"title":"Hack3r Runw@y - Signups","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Get ready to strut your stuff, hackers! We're thrilled to announce the 6th annual Hack3r Runw@y returning to DEF CON 32, bigger and bolder than ever.\r\n\r\nCalling all glamorous geeks, crafty coders, and fashionably functional folks: Dust off your soldering irons, grab your needles and threads, and unleash your creativity! Hack3r Runw@y challenges you to reimagine fashion through the lens of hacking.\r\n\r\nShow us your wearable tech wonders in the following 4 categories for a chance to win in each category plus one coveted People’s Choice trophy where ANYONE can win, but there will be a twist. Did you see this year's theme (hint).\r\n\r\nSmart wear that wows: Integrate LEDs, microcontrollers, and sensors into your designs for dazzling functionality.\r\n\r\nDigital design that dazzles: light it up with LEDs, bling with lights, but keep it passive.\r\n\r\nFunctional Fashion: masks and shields, hazmat suit, lockpick earrings, and cufflink shims.\r\n\r\nExtraordinary style: Elevate your daily wardrobe with unique fabrics, passive design, 3d textures, optical illusions, cosplay, and security-inspired patterns.\r\n\r\nNo matter your skill level, Hack3r Runw@y has a place for you! Whether you're a seasoned maker or a coding newbie, join us in celebrating the convergence of creativity, technology, and style.\r\n\r\nWinners selected by judges selection based on:\r\n\r\nUniqueness\r\nTrendy\r\nPractical\r\nCouture\r\nCreativity\r\nRelevance\r\nOriginality\r\nPresentation\r\nMastery","updated_timestamp":{"seconds":1719556432,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T06:33:52Z","links":[{"label":"More Info","type":"link","url":"https://hack3rrunway.github.io/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249353"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249352"}],"end":"2024-08-09T23:00:00.000-0000","id":54617,"tag_ids":[46427,46439,46493],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - WH4 - Contest Area","hotel":"","short_name":"Contest Area","id":46333},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-28T06:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"BLE CTF is a series of Bluetooth Low Energy challenges in a capture-the-flag format. It was created to teach the fundamentals of interacting with and hacking Bluetooth Low Energy services. Each exercise, or flag, aims to interactively introduce a new concept to the user. \nOver the past few years, BLE CTF has expanded to support multiple platforms and skill levels. Various books, workshops, training, and conferences have utilized it as an educational platform and CTF. As an open source, low-cost of entry, and expandable education solution, BLE CTF has helped progress Bluetooth security research.\nThis workshop will teach the fundamentals of interacting with and hacking Bluetooth Low Energy services. Each exercise, or flag, aims to interactively introduce a new concept to the user. For this workshop, we will undergo a series of exercises to teach beginner students new concepts and allow more seasoned users to try new tools and techniques. After completing this workshop, you should have a good solid understanding of how to interact with and hack on BLE devices in the wild.\nIf you have done BLE CTF in the past, this class is still valuable. For advanced users, we offer BLE CTF Infinity, a sequel to BLE CTF. The workshop will also showcase new hardware platforms and client tools for interacting with and completing the exercises.\nTo prepare for the workshop, please follow the setup documentation located at https://github.com/hackgnar/ble_ctf/blob/master/docs/workshop_setup.md\n\n\n","media":[],"title":"Learning to Hack Bluetooth Low Energy with BLE CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"BLE CTF is a series of Bluetooth Low Energy challenges in a capture-the-flag format. It was created to teach the fundamentals of interacting with and hacking Bluetooth Low Energy services. Each exercise, or flag, aims to interactively introduce a new concept to the user. \nOver the past few years, BLE CTF has expanded to support multiple platforms and skill levels. Various books, workshops, training, and conferences have utilized it as an educational platform and CTF. As an open source, low-cost of entry, and expandable education solution, BLE CTF has helped progress Bluetooth security research.\nThis workshop will teach the fundamentals of interacting with and hacking Bluetooth Low Energy services. Each exercise, or flag, aims to interactively introduce a new concept to the user. For this workshop, we will undergo a series of exercises to teach beginner students new concepts and allow more seasoned users to try new tools and techniques. After completing this workshop, you should have a good solid understanding of how to interact with and hack on BLE devices in the wild.\nIf you have done BLE CTF in the past, this class is still valuable. For advanced users, we offer BLE CTF Infinity, a sequel to BLE CTF. The workshop will also showcase new hardware platforms and client tools for interacting with and completing the exercises.\nTo prepare for the workshop, please follow the setup documentation located at https://github.com/hackgnar/ble_ctf/blob/master/docs/workshop_setup.md","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54226],"conference_id":133,"event_ids":[54599],"name":"Alek Amrani","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53829},{"content_ids":[54226],"conference_id":133,"event_ids":[54599],"name":"Ryan Holeman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Stability AI","title":"CISO"}],"links":[],"pronouns":null,"media":[],"id":53866,"title":"CISO at Stability AI"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Holeman_DC32.eventbrite.com"}],"end":"2024-08-10T01:00:00.000-0000","id":54599,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53829},{"tag_id":46167,"sort_order":1,"person_id":53866}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Desert Inn","hotel":"","short_name":"Desert Inn","id":46328},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Tired of legacy ICS systems? Attend this workshop to hack the next generation of Industrial Control Systems! No more Modbus, no more standard PLC, no more Purdue model!\nThis workshop is designed to show what the future might look like for Industrial Control Systems, and how it will impact cybersecurity.\nWe’ll bring a realistic ICS setup that features all the fancy current and future trends: SD-WAN and Zero Trust, OPC-UA, MQTT, Digital Twin, Edge devices and soft-PLCs to control a small-scale industrial process simulation.\nAfter a short introduction, we’ll get into hacking! We will walk you through a CTF-style exercise to go from 0 to full industrial process hacking! The CTF will be guided so that everyone learns something and gets a chance to get most flags!\n\n\n","media":[],"title":"Hack the connected plant!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Tired of legacy ICS systems? Attend this workshop to hack the next generation of Industrial Control Systems! No more Modbus, no more standard PLC, no more Purdue model!\nThis workshop is designed to show what the future might look like for Industrial Control Systems, and how it will impact cybersecurity.\nWe’ll bring a realistic ICS setup that features all the fancy current and future trends: SD-WAN and Zero Trust, OPC-UA, MQTT, Digital Twin, Edge devices and soft-PLCs to control a small-scale industrial process simulation.\nAfter a short introduction, we’ll get into hacking! We will walk you through a CTF-style exercise to go from 0 to full industrial process hacking! The CTF will be guided so that everyone learns something and gets a chance to get most flags!","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54225,54230],"conference_id":133,"event_ids":[54598,54603],"name":"Alexandrine Torrents","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Wavestone","title":"Cybersecurity Expert"}],"links":[],"pronouns":null,"media":[],"id":53831,"title":"Cybersecurity Expert at Wavestone"},{"content_ids":[54225],"conference_id":133,"event_ids":[54598],"name":"Arnaud Soullié","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Wavestone","title":"Senior Manager"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@arnaudsoullie)","sort_order":0,"url":"https://twitter.com/arnaudsoullie"}],"media":[],"id":53835,"title":"Senior Manager at Wavestone"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://SOULLIE_DC32.eventbrite.com"}],"end":"2024-08-10T01:00:00.000-0000","id":54598,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53831},{"tag_id":46167,"sort_order":1,"person_id":53835}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dunes","hotel":"","short_name":"Dunes","id":46329},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Reverse engineering is done for a variety of reasons, most commonly to analyze malware, when searching for (and when looking to understand) vulnerabilities, or simply because of one’s curiosity. The NSA understood this early on and developed a framework to aid them in their reversing endeavors, which they open-sourced in early 2019: Ghidra. Since then, Ghidra has been one of the industry standard tools to analyze files, mainly due to its active development, as well as due to its accessible and versatile nature.\r\n\r\nThis four-hour workshop primarily focuses on the analyst mindset and fundamental knowledge with regards to reverse engineering, including but not limited to understanding Ghidra’s core capabilities such as the disassembly and decompiler views, creating and retyping data structures, writing scripts to extend and automate tasks, and the creation and use of function recognition databases for FunctionID and BSim.\r\n\r\nThe concepts behind the capabilities of Ghidra are the focus of the theory and during the hands-on exercises, allowing one to transfer the gained knowledge to another tool if so desired. As such, this class is perfect for aspiring and beginning analysts, while also providing background information and additional techniques for intermediate analysts.\r\n\r\nThe workshop’s materials will partially consist of multiple malware samples, the precautions for which will be explained in-detail during the workshop, ensuring the safety and integrity of the systems of the attendees. A laptop with a preinstalled Intel based 64-bit Ubuntu 22.04 VM, along with Ghidra, Eclipse, and OpenJDK 21 is required.\r\n\r\nAdditionally, knowing how to read C/C++ is required when dealing with decompiled code. Being able to read and write Java is required for the automation scripting, even though Python 2 can be used as well. If you cannot write Java and would still like to participate, you are welcome, but do note that this will impede some parts of the workshop’s exercises.\n\n\n","media":[],"title":"Ghidra Analysis & Automation Masterclass","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Reverse engineering is done for a variety of reasons, most commonly to analyze malware, when searching for (and when looking to understand) vulnerabilities, or simply because of one’s curiosity. The NSA understood this early on and developed a framework to aid them in their reversing endeavors, which they open-sourced in early 2019: Ghidra. Since then, Ghidra has been one of the industry standard tools to analyze files, mainly due to its active development, as well as due to its accessible and versatile nature.\r\n\r\nThis four-hour workshop primarily focuses on the analyst mindset and fundamental knowledge with regards to reverse engineering, including but not limited to understanding Ghidra’s core capabilities such as the disassembly and decompiler views, creating and retyping data structures, writing scripts to extend and automate tasks, and the creation and use of function recognition databases for FunctionID and BSim.\r\n\r\nThe concepts behind the capabilities of Ghidra are the focus of the theory and during the hands-on exercises, allowing one to transfer the gained knowledge to another tool if so desired. As such, this class is perfect for aspiring and beginning analysts, while also providing background information and additional techniques for intermediate analysts.\r\n\r\nThe workshop’s materials will partially consist of multiple malware samples, the precautions for which will be explained in-detail during the workshop, ensuring the safety and integrity of the systems of the attendees. A laptop with a preinstalled Intel based 64-bit Ubuntu 22.04 VM, along with Ghidra, Eclipse, and OpenJDK 21 is required.\r\n\r\nAdditionally, knowing how to read C/C++ is required when dealing with decompiled code. Being able to read and write Java is required for the automation scripting, even though Python 2 can be used as well. If you cannot write Java and would still like to participate, you are welcome, but do note that this will impede some parts of the workshop’s exercises.","updated_timestamp":{"seconds":1720035869,"nanoseconds":0},"speakers":[{"content_ids":[54224,54440],"conference_id":133,"event_ids":[54597,54813],"name":"Max \"Libra\" Kersten","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/libranalysis/"},{"description":"","title":"Mastodon (@libra@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@libra"},{"description":"","title":"Twitter (@Libranalysis)","sort_order":0,"url":"https://twitter.com/Libranalysis"},{"description":"","title":"Website","sort_order":0,"url":"https://maxkersten.nl"}],"media":[],"id":54141}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-03T19:44:29Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Kersten_DC32.eventbrite.com"}],"end":"2024-08-10T01:00:00.000-0000","id":54597,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54141}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dean Martin","hotel":"","short_name":"Dean Martin","id":46327},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-03T19:44:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Are you ready to dive deep into the world of malware analysis? Join me for an immersive workshop that will demystify the process of dissecting and analyzing malicious software. Throughout this hands-on session, participants will explore essential techniques and methodologies for uncovering the inner workings of malware and identifying potential threats.\nDuring the workshop we will analyze different kinds of malware, from malicious documents, .NET malware and more . Through practical demonstrations attendees will learn how to conduct static and dynamic analysis effectively, gaining valuable insights into malware behaviors and characteristics. Moreover, attendees will gain firsthand experience in executing and analyzing techniques used by attackers, deepening their understanding of how threat actors operate and how to detect and mitigate their malware effectively.\nBy the end of the workshop, attendees will have developed practical skills and techniques for analyzing real-world malware samples, empowering them to defend against evolving cyberthreats effectively.\n\n\n","media":[],"title":"From an attacker's lair to your home: A practical journey through the world of Malware","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Are you ready to dive deep into the world of malware analysis? Join me for an immersive workshop that will demystify the process of dissecting and analyzing malicious software. Throughout this hands-on session, participants will explore essential techniques and methodologies for uncovering the inner workings of malware and identifying potential threats.\nDuring the workshop we will analyze different kinds of malware, from malicious documents, .NET malware and more . Through practical demonstrations attendees will learn how to conduct static and dynamic analysis effectively, gaining valuable insights into malware behaviors and characteristics. Moreover, attendees will gain firsthand experience in executing and analyzing techniques used by attackers, deepening their understanding of how threat actors operate and how to detect and mitigate their malware effectively.\nBy the end of the workshop, attendees will have developed practical skills and techniques for analyzing real-world malware samples, empowering them to defend against evolving cyberthreats effectively.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54223],"conference_id":133,"event_ids":[54596],"name":"Sebastian Tapia De la torre","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Offensive Security Architect"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@stapiadlt)","sort_order":0,"url":"https://twitter.com/stapiadlt"}],"media":[],"id":53869,"title":"Offensive Security Architect"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://torre_DC32.eventbrite.com"}],"end":"2024-08-10T01:00:00.000-0000","id":54596,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53869}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Frontier","hotel":"","short_name":"Frontier","id":46330},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Gain a deeper understanding of how ransomware evades analysis and learn how to identify and counter these techniques. This workshop will explore common evasion methods, how they work, and how you can develop the skills to write code that re-enacts these methods. This workshop will begin by showing you how ransomware builders work. How do the builders generate reliable, viable ransomware code? You’ll learn! Once built, how do these malicious binaries implement analysis evasion techniques? Which techniques are used often? How do they function? We'll dive into the most prevalent techniques to show you how they work and why. Finally, you will learn how to re-enact some of these techniques along with more advanced methods within your own code. Are you ready to take your reverse engineering and coding skills to the next levels? – Let’s do this! And remember: #RansomwareSucks!\n\n\n\n","media":[],"title":"Dissecting and Defeating Ransomware's Evasion Tactics","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Gain a deeper understanding of how ransomware evades analysis and learn how to identify and counter these techniques. This workshop will explore common evasion methods, how they work, and how you can develop the skills to write code that re-enacts these methods. This workshop will begin by showing you how ransomware builders work. How do the builders generate reliable, viable ransomware code? You’ll learn! Once built, how do these malicious binaries implement analysis evasion techniques? Which techniques are used often? How do they function? We'll dive into the most prevalent techniques to show you how they work and why. Finally, you will learn how to re-enact some of these techniques along with more advanced methods within your own code. Are you ready to take your reverse engineering and coding skills to the next levels? – Let’s do this! And remember: #RansomwareSucks!","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54222],"conference_id":133,"event_ids":[54595],"name":"Aaron Rosenmund","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Pluralsight","title":"Senior Director of Content Strategy & Curriculum"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@arosenmund )","sort_order":0,"url":"https://twitter.com/arosenmund "}],"media":[],"id":53828,"title":"Senior Director of Content Strategy & Curriculum at Pluralsight"},{"content_ids":[54207,54222],"conference_id":133,"event_ids":[54580,54595],"name":"Josh Stroschein","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Reverse Engineer, FLARE team"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@jstrosch)","sort_order":0,"url":"https://twitter.com/jstrosch"}],"media":[],"id":53850,"title":"Reverse Engineer, FLARE team at Google"},{"content_ids":[54222,55764],"conference_id":133,"event_ids":[56273,54595],"name":"Ryan Chapman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@rj_chap)","sort_order":0,"url":"https://twitter.com/rj_chap"}],"media":[],"id":53865}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Chapman_DC32.eventbrite.com"}],"end":"2024-08-10T01:00:00.000-0000","id":54595,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53828},{"tag_id":46167,"sort_order":1,"person_id":53850},{"tag_id":46167,"sort_order":1,"person_id":53865}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Sands","hotel":"","short_name":"Sands","id":46331},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Talk on health info privacy\n\n\n","media":[],"title":"HDA Presents : Naomi Brockwell","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Talk on health info privacy","updated_timestamp":{"seconds":1722102331,"nanoseconds":0},"speakers":[{"content_ids":[54203],"conference_id":133,"event_ids":[54576],"name":"Naomi Brockwell","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NBTV","title":""}],"pronouns":"she/her","links":[{"description":"","title":"YouTube","sort_order":0,"url":"https://www.youtube.com/Naomibrockwelltv"}],"media":[],"id":53777,"title":"NBTV"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-27T17:45:31Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":54576,"tag_ids":[46404,46511],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":53777}],"tags":"","conference_id":133,"location":{"parent_id":46251,"name":"LVCC - L1 - W110 (HDA)","hotel":"","short_name":"W110 (HDA)","id":46280},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-07-27T17:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hopper is a Coverage-Guided Greybox Distributed Fuzzer, inspired by AFL++, and written in Golang. Like other fuzzers, Hopper operates as a standard command-line interface tool, allowing you to run fuzz campaigns to find vulnerabilities and exploits in software. Hopper's mutation algorithm, energy assigning strategy, and out-of-process coverage gathering, are all inspired by AFL++, the current state of the art fuzzer. However, Hopper's distributed strategy differs substantially than AFL++ in an attempt to define a new distributed fuzzing paradigm. AFL++ and LibFuzzer have clear scaling limitations in larger environments, notably the AFL++’s rudimentary multi-machine mode. As an early prototype, Hopper addresses these limitations by implementing a deduplicating communication schema that establishes a consistency invariant, minimizing repeated work done by fuzzing nodes. Hopper is a standalone, new piece of software developed from scratch in the spirit of exploration, this is not yet another python plugin/extension for AFL++. Hopper is currently available on GitHub, including containerized runnable campaign demos. Tooling and observability are first class features, in the form of a TUI to monitor fuzzing campaigns, usage docs, and quick-start scripts for orchestrating fuzz campaigns.\n\n\n","media":[],"title":"Hopper - Distributed Fuzzer","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"Hopper is a Coverage-Guided Greybox Distributed Fuzzer, inspired by AFL++, and written in Golang. Like other fuzzers, Hopper operates as a standard command-line interface tool, allowing you to run fuzz campaigns to find vulnerabilities and exploits in software. Hopper's mutation algorithm, energy assigning strategy, and out-of-process coverage gathering, are all inspired by AFL++, the current state of the art fuzzer. However, Hopper's distributed strategy differs substantially than AFL++ in an attempt to define a new distributed fuzzing paradigm. AFL++ and LibFuzzer have clear scaling limitations in larger environments, notably the AFL++’s rudimentary multi-machine mode. As an early prototype, Hopper addresses these limitations by implementing a deduplicating communication schema that establishes a consistency invariant, minimizing repeated work done by fuzzing nodes. Hopper is a standalone, new piece of software developed from scratch in the spirit of exploration, this is not yet another python plugin/extension for AFL++. Hopper is currently available on GitHub, including containerized runnable campaign demos. Tooling and observability are first class features, in the form of a TUI to monitor fuzzing campaigns, usage docs, and quick-start scripts for orchestrating fuzz campaigns.","updated_timestamp":{"seconds":1718922483,"nanoseconds":0},"speakers":[{"content_ids":[54181],"conference_id":133,"event_ids":[54550],"name":"Luciano Remes","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Palantir Technologies","title":"Software Engineer"}],"links":[],"pronouns":null,"media":[],"id":53754,"title":"Software Engineer at Palantir Technologies"},{"content_ids":[54181],"conference_id":133,"event_ids":[54550],"name":"Wade Cappa","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Palantir Technologies","title":"Software Engineer"}],"links":[],"pronouns":null,"media":[],"id":53776,"title":"Software Engineer at Palantir Technologies"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:28:03Z","links":[{"label":"Project","type":"link","url":"https://github.com/Cybergenik/hopper"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249620"}],"end":"2024-08-09T22:45:00.000-0000","id":54550,"tag_ids":[46169,46441,46443,46453,46460],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53754},{"tag_id":46167,"sort_order":4,"person_id":53776}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W308","hotel":"","short_name":"W308","id":46321},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-20T22:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Malware frequently employs anti-VM techniques, which can vary in their difficulty to detect and counteract. While integrating anti-detection measures in our labs is a frequently used option, we should also consider using a real hardware sandbox, even if this sounds weird. By leveraging the awesome PCILeech project and DMA hardware access, XenoboxX provides a suite of tools for analysis tasks, such as dumping dynamically allocated memory and searching for IoC. These tools allow us to inject code at kernel level through DMA, making detection significantly more challenging and giving a new perspective to the analysis.\n\n\n","media":[],"title":"XenoboxX - Hardware Sandbox Toolkit","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"Malware frequently employs anti-VM techniques, which can vary in their difficulty to detect and counteract. While integrating anti-detection measures in our labs is a frequently used option, we should also consider using a real hardware sandbox, even if this sounds weird. By leveraging the awesome PCILeech project and DMA hardware access, XenoboxX provides a suite of tools for analysis tasks, such as dumping dynamically allocated memory and searching for IoC. These tools allow us to inject code at kernel level through DMA, making detection significantly more challenging and giving a new perspective to the analysis.","updated_timestamp":{"seconds":1718922428,"nanoseconds":0},"speakers":[{"content_ids":[54178],"conference_id":133,"event_ids":[54547],"name":"Cesare Pizzi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Security Researcher, Analyst, and Technology Enthusiast"}],"links":[],"pronouns":null,"media":[],"id":53729,"title":"Security Researcher, Analyst, and Technology Enthusiast"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:27:08Z","links":[{"label":"Project","type":"link","url":"https://github.com/cecio"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249619"}],"end":"2024-08-09T22:45:00.000-0000","id":54547,"tag_ids":[46169,46441,46445,46449,46468,46469],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53729}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W307","hotel":"","short_name":"W307","id":46322},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-20T22:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Garak, Generative AI Red-teaming and Assessment Kit, is a vulnerability scanner for large language models (LLMs) and dialogue systems. It has a host of different probes, each working on different vulnerabilities and payloads. It connects to a broad range of different LLMs. The attacks range between static tests of fixed prompts, to dynamically assembled prompts, to probes that respond to existing model behavior when working out their next move. Community contribution plays a big part of Garak already, with an active repo & over 300 members in the Discord. Garak can assess and attack anything that takes text and returns text, and is already used by many industry players in assessment of internal and external models, including NVIDIA and Microsoft as well as a range of emerging AI Security startups; it’s the #1 ranked tool for LLM security on Hackernews. But we think it’s mostly a lot of fun.\n\n\n","media":[],"title":"Garak","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"Garak, Generative AI Red-teaming and Assessment Kit, is a vulnerability scanner for large language models (LLMs) and dialogue systems. It has a host of different probes, each working on different vulnerabilities and payloads. It connects to a broad range of different LLMs. The attacks range between static tests of fixed prompts, to dynamically assembled prompts, to probes that respond to existing model behavior when working out their next move. Community contribution plays a big part of Garak already, with an active repo & over 300 members in the Discord. Garak can assess and attack anything that takes text and returns text, and is already used by many industry players in assessment of internal and external models, including NVIDIA and Microsoft as well as a range of emerging AI Security startups; it’s the #1 ranked tool for LLM security on Hackernews. But we think it’s mostly a lot of fun.","updated_timestamp":{"seconds":1718922377,"nanoseconds":0},"speakers":[{"content_ids":[55882,54175],"conference_id":133,"event_ids":[56467,54544],"name":"Erick Galinkin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NVIDIA","title":"Research Scientist"}],"links":[],"pronouns":null,"media":[],"id":53735,"title":"Research Scientist at NVIDIA"},{"content_ids":[55882,54175],"conference_id":133,"event_ids":[56467,54544],"name":"Leon Derczynski","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ITU Copenhagen","title":"Prof, Natural Language Processing"},{"organization":"NVIDIA","title":"Principal Research Scientist, LLM Security"}],"links":[],"pronouns":null,"media":[],"id":53749,"title":"Principal Research Scientist, LLM Security at NVIDIA"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:26:17Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249618"},{"label":"Project","type":"link","url":"https://github.com/leondz/garak/"}],"end":"2024-08-09T22:45:00.000-0000","id":54544,"tag_ids":[46169,46441,46442,46445,46453],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53735},{"tag_id":46167,"sort_order":4,"person_id":53749}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W306","hotel":"","short_name":"W306","id":46323},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-20T22:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"SCAGoat is a deliberately insecure web application designed for learning and testing Software Composition Analysis (SCA) tools. It offers a hands-on environment to explore vulnerabilities in Node.js and Java Springboot applications, including actively exploitable CVEs like CVE-2023-42282 and CVE-2021-44228 (log4j). This application can be utilized to evaluate various SCA and container security tools, assessing their capability to identify vulnerable packages and code reachability. As part of our independent research, the README includes reports from SCA tools like semgrep, snyk, and endor labs. Future research plans include incorporating compromised or malicious packages to test SCA tool detection and exploring supply chain attack scenarios.\n\n\n","media":[],"title":"SCAGoat - Exploiting Damn Vulnerable SCA Application","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"SCAGoat is a deliberately insecure web application designed for learning and testing Software Composition Analysis (SCA) tools. It offers a hands-on environment to explore vulnerabilities in Node.js and Java Springboot applications, including actively exploitable CVEs like CVE-2023-42282 and CVE-2021-44228 (log4j). This application can be utilized to evaluate various SCA and container security tools, assessing their capability to identify vulnerable packages and code reachability. As part of our independent research, the README includes reports from SCA tools like semgrep, snyk, and endor labs. Future research plans include incorporating compromised or malicious packages to test SCA tool detection and exploring supply chain attack scenarios.","updated_timestamp":{"seconds":1718922319,"nanoseconds":0},"speakers":[{"content_ids":[54172],"conference_id":133,"event_ids":[54541],"name":"Hare Krishna Rai","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Product Security Engineer"}],"links":[],"pronouns":null,"media":[],"id":53738,"title":"Product Security Engineer"},{"content_ids":[54172],"conference_id":133,"event_ids":[54541],"name":"Prashant Venkatesh","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Manager, Product Security"}],"links":[],"pronouns":null,"media":[],"id":53768,"title":"Manager, Product Security"}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:25:19Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249617"},{"label":"Project","type":"link","url":"https://github.com/harekrishnarai/Damn-vulnerable-sca"}],"end":"2024-08-09T22:45:00.000-0000","id":54541,"tag_ids":[46169,46441,46446,46459,46460],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53738},{"tag_id":46167,"sort_order":4,"person_id":53768}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W305","hotel":"","short_name":"W305","id":46324},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-20T22:25:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Injectyll-HIDe project (released at DEF CON 30) is back and better than ever! The hardware implant utilizes the same standard features that you have come to know and love (keystroke recording, keystroke injection, mouse jiggler, etc.) but it has evolved into so much more. The functionality has been steadily growing over its initial release to offer users even more tools! But wait, there’s more! We’re proud to show off the new SEEK shields this year at the CON! Tired of running a covert mesh network? Want to try out new RF technologies? We’ve added LoRa and LoRaWAN to the mix as well! These shields are field swappable and work with the existing C2 and implant code to give you the versatility that you need to continue evading detection. Attendees should be prepared to flip 0ut over these features, as well as some new additions to the project that we will be announcing at DEF CON. Who’s ready for a high stakes game of hacker’s HIDe and SEEK?\n\n\n","media":[],"title":"HIDe & SEEK","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"The Injectyll-HIDe project (released at DEF CON 30) is back and better than ever! The hardware implant utilizes the same standard features that you have come to know and love (keystroke recording, keystroke injection, mouse jiggler, etc.) but it has evolved into so much more. The functionality has been steadily growing over its initial release to offer users even more tools! But wait, there’s more! We’re proud to show off the new SEEK shields this year at the CON! Tired of running a covert mesh network? Want to try out new RF technologies? We’ve added LoRa and LoRaWAN to the mix as well! These shields are field swappable and work with the existing C2 and implant code to give you the versatility that you need to continue evading detection. Attendees should be prepared to flip 0ut over these features, as well as some new additions to the project that we will be announcing at DEF CON. Who’s ready for a high stakes game of hacker’s HIDe and SEEK?","updated_timestamp":{"seconds":1718922255,"nanoseconds":0},"speakers":[{"content_ids":[54169],"conference_id":133,"event_ids":[54538],"name":"Jonathan Fischer","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Red Team Consultant and Researcher"}],"links":[],"pronouns":null,"media":[],"id":53744,"title":"Red Team Consultant and Researcher"},{"content_ids":[54169],"conference_id":133,"event_ids":[54538],"name":"Matthew Richard","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53758}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:24:15Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249616"},{"label":"Project","type":"link","url":"https://github.com/Injectyll-HIDe/Injectyll-HIDe"}],"end":"2024-08-09T22:45:00.000-0000","id":54538,"tag_ids":[46169,46441,46449,46453,46456],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53744},{"tag_id":46167,"sort_order":4,"person_id":53758}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W304","hotel":"","short_name":"W304","id":46325},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-20T22:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Tommyknocker is an open source project designed to facilitate automation of continuous security control validation, bringing some of the processes developers have been using for years for regressing testing, to the security world. It allows users to easily create test scenarios using docker images and standard scripts to perform one or more test actions, followed by the ability to easily check common tooling (SIEM, IDS, Log aggregators) for any expected alerts or log entries. Using Tommyknocker, security organizations can add test cases each time a new security control is created, so that any time a change is made in the environment, the continued functioning of existing controls can be validated. Many times, security organizations will only test controls when they are first implemented, and potentially a few times a year for audit purposes. With Tommyknocker, controls can be tested multiple times per day, ensuring that alerts are raised as soon as possible when a control ceases to function correctly, or is compromised by a threat actor.\n\n\n","media":[],"title":"Automated Control Validation with Tommyknocker","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T22:45:00Z","end_timestamp":{"seconds":1723243500,"nanoseconds":0},"android_description":"Tommyknocker is an open source project designed to facilitate automation of continuous security control validation, bringing some of the processes developers have been using for years for regressing testing, to the security world. It allows users to easily create test scenarios using docker images and standard scripts to perform one or more test actions, followed by the ability to easily check common tooling (SIEM, IDS, Log aggregators) for any expected alerts or log entries. Using Tommyknocker, security organizations can add test cases each time a new security control is created, so that any time a change is made in the environment, the continued functioning of existing controls can be validated. Many times, security organizations will only test controls when they are first implemented, and potentially a few times a year for audit purposes. With Tommyknocker, controls can be tested multiple times per day, ensuring that alerts are raised as soon as possible when a control ceases to function correctly, or is compromised by a threat actor.","updated_timestamp":{"seconds":1718922192,"nanoseconds":0},"speakers":[{"content_ids":[54166],"conference_id":133,"event_ids":[54535],"name":"Jeremy Banker","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53743}],"begin_tsz":"2024-08-09T21:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:23:12Z","links":[{"label":"Project","type":"link","url":"https://github.com/loredous/tommyknocker"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249615"}],"end":"2024-08-09T22:45:00.000-0000","id":54535,"tag_ids":[46169,46441,46445,46453,46455,46464,46465],"village_id":null,"begin_timestamp":{"seconds":1723237200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53743}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W303","hotel":"","short_name":"W303","id":46326},"spans_timebands":"N","begin":"2024-08-09T21:00:00.000-0000","updated":"2024-06-20T22:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Surprise Talk","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722991456,"nanoseconds":0},"speakers":[{"content_ids":[54545,56160],"conference_id":133,"event_ids":[56804,54920],"name":"Rachel Cummings","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Columbia University","title":"Associate Professor of Industrial Engineering and Operations Research"}],"links":[],"pronouns":null,"media":[],"id":54353,"title":"Associate Professor of Industrial Engineering and Operations Research at Columbia University"}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T00:44:16Z","links":[],"end":"2024-08-09T20:45:00.000-0000","id":56804,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54353}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-08-07T00:44:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"En una actividad de simulación de adversarios, se demostró cómo se puede comprometer una empresa utilizando su antivirus corporativo. Aprovechando las funcionalidades de antivirus de nueva generación, y el compromiso de la consola de administración se logro desplegar un comando y control (C2) en equipos críticos como controladores de dominio. La capacidad del antivirus para comunicarse con subredes críticas y aplicar excepciones a otras herramientas de seguridad facilitó el compromiso total de la red, destacando la necesidad de una gestión y auditoría exhaustivas de estas herramientas.\n\n\n","media":[],"title":"De Escudo a Espada: Cómo un Antivirus Facilitó el compromiso de una compañía","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"En una actividad de simulación de adversarios, se demostró cómo se puede comprometer una empresa utilizando su antivirus corporativo. Aprovechando las funcionalidades de antivirus de nueva generación, y el compromiso de la consola de administración se logro desplegar un comando y control (C2) en equipos críticos como controladores de dominio. La capacidad del antivirus para comunicarse con subredes críticas y aplicar excepciones a otras herramientas de seguridad facilitó el compromiso total de la red, destacando la necesidad de una gestión y auditoría exhaustivas de estas herramientas.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55961],"conference_id":133,"event_ids":[56577],"name":"R4v3n Bl4ck","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Sr Red Team"}],"links":[],"pronouns":null,"media":[],"id":56296,"title":"Sr Red Team"}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":56577,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56296}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AI’ll be watching you will cover attacking an embedded AI on a family of popular security cameras with over 100,000 combined reviews on Amazon. The camera’s embedded AI system is used for on-device person detection, a system that filters notifications based on whether a person is detected. Traditionally the camera would alert the owner if any motion was detected, meaning that an attacker would have to have no motion be detected, but now with the embedded AI making decisions, an attacker needs to only appear not to be human. While this may seem a simple task, dressing up as a giant bush would be noticeable by the people around the attacker, meaning that a successful attack against this system requires the on-camera AI to be tricked while not alerting nearby people to any suspicious disguises.\n\nIn this talk we will cover the steps we took to research and gain access to the device in order to perform greybox attacks against its embedded AI. We will demonstrate how we rooted an older version of the device to gain access to how the models were brought to the camera. We will show how the knowledge we gained while reverse engineering let us download the models for any arbitrary device or firmware and, eventually, how we were able to exploit and gain root on the newer, more secure device. We will show the audience our process in which we discovered and reverse-engineered a proprietary model format that we had never seen before. Finally, we will show how, once we understood the model, we were able to perform attacks against both it and the camera.\n\nThe purpose of this talk is to raise awareness about the insecurity of embedded AI as well as to demonstrate how known attack techniques can be used on never-before-seen models, showcasing that AI/ML research has truly passed the infant stage and has reached a point where developed methods can be broadly applied.\n\n\n","media":[],"title":"AI’ll be watching you. Greybox Attacks against an Embedded AI","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:30:00Z","end_timestamp":{"seconds":1723239000,"nanoseconds":0},"android_description":"AI’ll be watching you will cover attacking an embedded AI on a family of popular security cameras with over 100,000 combined reviews on Amazon. The camera’s embedded AI system is used for on-device person detection, a system that filters notifications based on whether a person is detected. Traditionally the camera would alert the owner if any motion was detected, meaning that an attacker would have to have no motion be detected, but now with the embedded AI making decisions, an attacker needs to only appear not to be human. While this may seem a simple task, dressing up as a giant bush would be noticeable by the people around the attacker, meaning that a successful attack against this system requires the on-camera AI to be tricked while not alerting nearby people to any suspicious disguises.\n\nIn this talk we will cover the steps we took to research and gain access to the device in order to perform greybox attacks against its embedded AI. We will demonstrate how we rooted an older version of the device to gain access to how the models were brought to the camera. We will show how the knowledge we gained while reverse engineering let us download the models for any arbitrary device or firmware and, eventually, how we were able to exploit and gain root on the newer, more secure device. We will show the audience our process in which we discovered and reverse-engineered a proprietary model format that we had never seen before. Finally, we will show how, once we understood the model, we were able to perform attacks against both it and the camera.\n\nThe purpose of this talk is to raise awareness about the insecurity of embedded AI as well as to demonstrate how known attack techniques can be used on never-before-seen models, showcasing that AI/ML research has truly passed the infant stage and has reached a point where developed methods can be broadly applied.","updated_timestamp":{"seconds":1722625241,"nanoseconds":0},"speakers":[{"content_ids":[54623,55878,55698,55989],"conference_id":133,"event_ids":[56611,56229,56463,54997],"name":"Kasimir Schulz","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"HiddenLayer","title":"Principal Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@abraxus7331)","sort_order":0,"url":"https://twitter.com/abraxus7331"}],"media":[],"id":54282,"title":"Principal Security Researcher at HiddenLayer"},{"content_ids":[55878],"conference_id":133,"event_ids":[56463],"name":"Ryan Tracey","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"HiddenLayer","title":""}],"links":[],"pronouns":null,"media":[],"id":56237,"title":"HiddenLayer"},{"content_ids":[55878],"conference_id":133,"event_ids":[56463],"name":"Tom Boner","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"HiddenLayer","title":""}],"links":[],"pronouns":null,"media":[],"id":56238,"title":"HiddenLayer"}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:00:41Z","links":[],"end":"2024-08-09T21:30:00.000-0000","id":56463,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56237},{"tag_id":46167,"sort_order":4,"person_id":54282},{"tag_id":46167,"sort_order":6,"person_id":56238}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-08-02T19:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Counterfeiting badges for conferences and employee access has evolved into a sophisticated craft, blending creativity with technology. This talk explores modern techniques from traditional methods to innovations like 3D printing and digital replication. We uncover how these tools enable counterfeiting to compromise even highly secure systems.\n\n\n","media":[],"title":"Bogus Badges: The Art and Innovation of Badge Counterfeiting","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"Counterfeiting badges for conferences and employee access has evolved into a sophisticated craft, blending creativity with technology. This talk explores modern techniques from traditional methods to innovations like 3D printing and digital replication. We uncover how these tools enable counterfeiting to compromise even highly secure systems.","updated_timestamp":{"seconds":1722564525,"nanoseconds":0},"speakers":[{"content_ids":[55795],"conference_id":133,"event_ids":[56344],"name":"Nick Warner","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56554}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T02:08:45Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":56344,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56554}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-08-02T02:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"RFID PACS systems are used to secure doors to airports, server rooms, and other high security facilities, but the security is often more marketing than reality. This talk will reveal a new media authentication bypass vulnerability in HID iCLASS and Signo physical access control system RFID readers that has existed for over a decade and the journey of initial discovery, disbelief, vendor disclosure, and patch. While legacy iCLASS has been known to be compromised for years thanks to the research presented in Milosch Meriac’s “Heart of Darkness” and Flavio D. Garcia’s “Dismantling iCLASS and iCLASS Elite” for standard and elite keys respectively. iCLASS SE systems have had a presumed level of security over legacy iCLASS at least as far as direct attacks that don’t involve additional techniques such as downgrading.\n\n\n","media":[],"title":"iCLASS - Throwing away the keys","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:25:00Z","end_timestamp":{"seconds":1723238700,"nanoseconds":0},"android_description":"RFID PACS systems are used to secure doors to airports, server rooms, and other high security facilities, but the security is often more marketing than reality. This talk will reveal a new media authentication bypass vulnerability in HID iCLASS and Signo physical access control system RFID readers that has existed for over a decade and the journey of initial discovery, disbelief, vendor disclosure, and patch. While legacy iCLASS has been known to be compromised for years thanks to the research presented in Milosch Meriac’s “Heart of Darkness” and Flavio D. Garcia’s “Dismantling iCLASS and iCLASS Elite” for standard and elite keys respectively. iCLASS SE systems have had a presumed level of security over legacy iCLASS at least as far as direct attacks that don’t involve additional techniques such as downgrading.","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55448],"conference_id":133,"event_ids":[55873],"name":"Tiernan \"nvx\" Messmer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Mastodon (@nvx@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@nvx"},{"description":"","title":"Twitter (@TiernanNV)","sort_order":0,"url":"https://twitter.com/TiernanNV"}],"media":[],"id":55986}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-09T21:25:00.000-0000","id":55873,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55986}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In an era where critical infrastructure faces unprecedented cyber threats, Cyber Informed Engineering (CIE) emerges as a pivotal strategy to safeguard essential services. This talk delves into the significance of integrating CIE into both existing installations and new builds, highlighting its transformative impact on enhancing security and resilience. Attendees will gain insights into practical applications of CIE, exploring use cases that demonstrate its efficacy in retrofitting legacy systems and embedding robust cybersecurity measures in new projects. Additionally, we'll discuss how CIE serves as a powerful tool for comprehensively understanding and optimizing business processes, ultimately driving more secure and efficient operations. Join us to uncover the essential role of Cyber Informed Engineering in fortifying our critical infrastructure against evolving cyber threats.\n\n\n","media":[],"title":"Cyber Informed Engineering for Critical Infrastructure","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:55:00Z","end_timestamp":{"seconds":1723236900,"nanoseconds":0},"android_description":"In an era where critical infrastructure faces unprecedented cyber threats, Cyber Informed Engineering (CIE) emerges as a pivotal strategy to safeguard essential services. This talk delves into the significance of integrating CIE into both existing installations and new builds, highlighting its transformative impact on enhancing security and resilience. Attendees will gain insights into practical applications of CIE, exploring use cases that demonstrate its efficacy in retrofitting legacy systems and embedding robust cybersecurity measures in new projects. Additionally, we'll discuss how CIE serves as a powerful tool for comprehensively understanding and optimizing business processes, ultimately driving more secure and efficient operations. Join us to uncover the essential role of Cyber Informed Engineering in fortifying our critical infrastructure against evolving cyber threats.","updated_timestamp":{"seconds":1721781569,"nanoseconds":0},"speakers":[{"content_ids":[55344],"conference_id":133,"event_ids":[55736],"name":"Aaron Crow","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55945}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T00:39:29Z","links":[],"end":"2024-08-09T20:55:00.000-0000","id":55736,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55945}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-07-24T00:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Malware traffic is commonly identified using signatures based off its code, strings, and associated network infrastructure. However, it's also possible to build signatures from the timing between network transactions. This presentation will explore using network captures of known malicious network activity to find similar behavior in random traffic. The talk is technical as it involves processing packets with Python and a some data science, but will be presented in a way that anyone should be able to understand and enjoy.\n\n\n\n","media":[],"title":"Signature-Based Detection Using Network Timing","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:30:00Z","end_timestamp":{"seconds":1723239000,"nanoseconds":0},"android_description":"Malware traffic is commonly identified using signatures based off its code, strings, and associated network infrastructure. However, it's also possible to build signatures from the timing between network transactions. This presentation will explore using network captures of known malicious network activity to find similar behavior in random traffic. The talk is technical as it involves processing packets with Python and a some data science, but will be presented in a way that anyone should be able to understand and enjoy.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54567],"conference_id":133,"event_ids":[54942],"name":"Josh Pyorre","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cisco Talos","title":"Security Researcher"}],"links":[],"pronouns":null,"media":[],"id":54327,"title":"Security Researcher at Cisco Talos"}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T21:30:00.000-0000","id":54942,"tag_ids":[46385,46419,46438,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54327}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is an entry level talk about the practical parts of Physical Security Assessment, and how to talk to clients.\n\n\n","media":[],"title":"Doors, Cameras, & Mantraps: Oh my!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"This is an entry level talk about the practical parts of Physical Security Assessment, and how to talk to clients.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54566],"conference_id":133,"event_ids":[54941],"name":"Dylan \"The Magician\" Baklor","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Macy's","title":"Web Application Pentester and Network Security Pentester"}],"links":[],"pronouns":null,"media":[],"id":54246,"title":"Web Application Pentester and Network Security Pentester at Macy's"}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":54941,"tag_ids":[46384,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54246}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Unprecedented investments in vehicle electrification are creating new pathways for hackers to exploit EVs and EV chargers. Many of these risks are theoretical and have not been demonstrated in the wild…yet. Policymakers are racing to better understand systemic cyber risks present in this new EV ecosystem—particularly those which might impact the electric grid—so we can devise effective mitigations now. This talk offers a White House policymaker’s perspective on the changing EV landscape, new policy measures under consideration to identify and reduce the impact of vulnerabilities, and the critical role that hackers can play in focusing our work.\n\n\n","media":[],"title":"Building a secure and resilient nationwide EV charging network: the role of hackers in the clean energy revolution ","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"Unprecedented investments in vehicle electrification are creating new pathways for hackers to exploit EVs and EV chargers. Many of these risks are theoretical and have not been demonstrated in the wild…yet. Policymakers are racing to better understand systemic cyber risks present in this new EV ecosystem—particularly those which might impact the electric grid—so we can devise effective mitigations now. This talk offers a White House policymaker’s perspective on the changing EV landscape, new policy measures under consideration to identify and reduce the impact of vulnerabilities, and the critical role that hackers can play in focusing our work.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54565],"conference_id":133,"event_ids":[54940],"name":"Harry Krejsa","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ONCD","title":"Assistant National Cyber Director for Strategy"}],"links":[],"pronouns":null,"media":[],"id":54364,"title":"Assistant National Cyber Director for Strategy at ONCD"},{"content_ids":[54565],"conference_id":133,"event_ids":[54940],"name":"Sarah Hipel","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"ONCD","title":"Standards and Reliability Program Manager"}],"links":[],"pronouns":null,"media":[],"id":54666,"title":"Standards and Reliability Program Manager at ONCD"}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":54940,"tag_ids":[46375,46419,46460,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54364},{"tag_id":46167,"sort_order":4,"person_id":54666}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"At Pwn2Own Toronto 2023, NCC Group was one of the two teams that compromised the Xiaomi 13 Pro. The exploit chain involved using a malicious HTML hyperlink and uploading a potentially malicious application to the Xiaomi app store.\r\n\r\nHowever, this talk is not just about the technical details of the exploit. While researching the final exploit, NCC Group discovered how an exploit could work in one region of the world, but not in other regions, and how the researchers had to travel to Canada for a day just to test if the exploit would work in Canada. This talk also discusses just how far Xiaomi is willing to go to make sure their device isn't hacked at Pwn2Own, and why only two teams were able to successfully compromise the device during the competition.\n\n\n","media":[],"title":"Xiaomi The Money - Our Toronto Pwn2Own Exploit and Behind The Scenes Story","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T21:15:00Z","end_timestamp":{"seconds":1723238100,"nanoseconds":0},"android_description":"At Pwn2Own Toronto 2023, NCC Group was one of the two teams that compromised the Xiaomi 13 Pro. The exploit chain involved using a malicious HTML hyperlink and uploading a potentially malicious application to the Xiaomi app store.\r\n\r\nHowever, this talk is not just about the technical details of the exploit. While researching the final exploit, NCC Group discovered how an exploit could work in one region of the world, but not in other regions, and how the researchers had to travel to Canada for a day just to test if the exploit would work in Canada. This talk also discusses just how far Xiaomi is willing to go to make sure their device isn't hacked at Pwn2Own, and why only two teams were able to successfully compromise the device during the competition.","updated_timestamp":{"seconds":1720375742,"nanoseconds":0},"speakers":[{"content_ids":[54454],"conference_id":133,"event_ids":[54827],"name":"Ken Gannon","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NCC Group","title":"Principal Security Consultant"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@yogehi)","sort_order":0,"url":"https://twitter.com/yogehi"},{"description":"","title":"yogehi.github.io","sort_order":0,"url":"https://yogehi.github.io"}],"media":[],"id":54104,"title":"Principal Security Consultant at NCC Group"},{"content_ids":[54454],"conference_id":133,"event_ids":[54827],"name":"Ilyes Beghdadi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Census Labs","title":"Senior Application Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@040xZx)","sort_order":0,"url":"https://twitter.com/040xZx"}],"media":[],"id":54149,"title":"Senior Application Security Engineer at Census Labs"}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T18:09:02Z","links":[],"end":"2024-08-09T21:15:00.000-0000","id":54827,"tag_ids":[46166,46419,46437,46882],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54104},{"tag_id":46167,"sort_order":2,"person_id":54149}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-07-07T18:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There are physical markings that are required under hundreds of different international laws, some governing transport of goods across national borders, some offering humanitarian protections on the battlefield, some seeking to protect the environment or genetic diversity… What they all have in common is that they’re currently represented by visual marks applied to objects. Many of these processes are undergoing “digitalization,” and becoming machine-readable, or electronically-signaled. A standards effort currently underway in the IETF seeks to create a common global marking protocol which would allow open-standards-based devices to scan, cryptographically validate, and display the digital versions of these marks. This session will relate the state of the standards effort, the scope of markings that have been considered thus far, and seek input on security or privacy vulnerabilities which may exist in the proposed standard.\n\n\n\n","media":[],"title":"Digital Emblems: When markings are required under international law, but you don’t have a rattle-can handy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T21:15:00Z","end_timestamp":{"seconds":1723238100,"nanoseconds":0},"android_description":"There are physical markings that are required under hundreds of different international laws, some governing transport of goods across national borders, some offering humanitarian protections on the battlefield, some seeking to protect the environment or genetic diversity… What they all have in common is that they’re currently represented by visual marks applied to objects. Many of these processes are undergoing “digitalization,” and becoming machine-readable, or electronically-signaled. A standards effort currently underway in the IETF seeks to create a common global marking protocol which would allow open-standards-based devices to scan, cryptographically validate, and display the digital versions of these marks. This session will relate the state of the standards effort, the scope of markings that have been considered thus far, and seek input on security or privacy vulnerabilities which may exist in the proposed standard.","updated_timestamp":{"seconds":1720307459,"nanoseconds":0},"speakers":[{"content_ids":[54453,56178,55917],"conference_id":133,"event_ids":[56832,54826,56508],"name":"Bill Woodcock","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Packet Clearing House","title":"Executive Director"}],"links":[],"pronouns":null,"media":[],"id":54077,"title":"Executive Director at Packet Clearing House"}],"begin_tsz":"2024-08-09T20:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:59Z","links":[],"end":"2024-08-09T21:15:00.000-0000","id":54826,"tag_ids":[46166,46419,46880],"village_id":null,"begin_timestamp":{"seconds":1723235400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54077}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-09T20:30:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This short talk explores the intelligence potential available in the Telegram messaging app, with particular focus on our novel work exploring its new “similar channels” feature. Telegram is a popular application with numerous, but labyrinthine, security settings and many ways to spill data. In November 2023, Telegram also launched a new “similar channels” recommender feature, explaining that upon joining a channel, users will be shown similar channels that were \"selected automatically based on similarities in their subscriber bases.” We built a new tool, which we will release at DEFCON, to collect and analyze this similar channels data. We will then show how to use social network analysis techniques to uncover previously-hidden relationships between channels on the platform. In the course of collecting this OSINT for our own research projects, we uncovered evidence of numerous inauthentic channel networks that are being used to influence political discourse.\n\n\n","media":[],"title":"Tapping the OSINT potential of Telegram","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"This short talk explores the intelligence potential available in the Telegram messaging app, with particular focus on our novel work exploring its new “similar channels” feature. Telegram is a popular application with numerous, but labyrinthine, security settings and many ways to spill data. In November 2023, Telegram also launched a new “similar channels” recommender feature, explaining that upon joining a channel, users will be shown similar channels that were \"selected automatically based on similarities in their subscriber bases.” We built a new tool, which we will release at DEFCON, to collect and analyze this similar channels data. We will then show how to use social network analysis techniques to uncover previously-hidden relationships between channels on the platform. In the course of collecting this OSINT for our own research projects, we uncovered evidence of numerous inauthentic channel networks that are being used to influence political discourse.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55901],"conference_id":133,"event_ids":[56488],"name":"Megan Squire","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56266}],"begin_tsz":"2024-08-09T20:25:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":56488,"tag_ids":[46391,46511],"village_id":null,"begin_timestamp":{"seconds":1723235100,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56266}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T20:25:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this presentation, we researched vulnerable security configurations that enable attacks on Kubernetes (K8s) clusters and examined how these settings can be exploited in CNCF projects. Kubernetes (K8s) uses YAML files to manage various security settings, leading to potential attacks such as information leakage, excessive permission acquisition, and container escape.\n\nInitially, this study focused on three security configuration areas in K8s: RBAC, HostPID, and Security Context. We explained the threats present if vulnerable settings are included.\n\n - RBAC: Excessive permission in K8s resources allows sensitive information theft or access to other nodes\n - HostPID: Access to node process information enables container escape attacks\n - Security Context: Incorrect security settings enable node escape and host access\n\n\nNext, we created patterns for identifying weak security settings through YAML files. To do this, we conducted a literature review and expanded the vulnerable patterns centered on RBAC proposed in various papers. Additionally, we included other security settings (HostPID, Security Context).\n[Our Pattern vs Paper Pattern]\n\n 1. RBAC:\n - Our: Daemonset, Deployment SA > node Patch and Secret Get/List\n - Paper: Daemonset > node Patch and Secret Get/List\n 2. Kind:\n Our: Cluster Role, Role, Role Binding\n Paper: Cluster Role\n 3. Other Security configurations:\n - Our: HostPID, SecurityContext\n - Paper: X\n\nUtilizing these patterns, we examined over 150 widely-used 3rd-party CNCF projects in K8s, discovering more than 50 instances of vulnerable patterns.\nWe provide detailed demonstrations of three scenarios for seizing nodes or clusters by using the discovered patterns to set Base Attack conditions.\n\n[Base Attack Conditions]\n\n - RBAC > Demonset / Deployment > Service Account > Secret (Get/List) or Node(Patch)\n [Exploit Scenario]\n - Stealing Tokens using Pods with excessive privileges\n - Node Take over via 1 Day (CVE-2022-42889) or hostPID: True or Security Context\n - Take over of another node or cluster using the Service Account Token on the deodorized node \n\n\nAdditionally, we are aware that 3rd-Party CNCF projects are widely used for convenience when operating K8S in CSPs (AWS, Azure, GCP). Since scenarios can occur in a CSP environment, we demonstrate in more detail.\nFinally, based on these research results, we share vulnerable patterns with project owners to collaborate on patching and issue tracking. Before the presentation, we plan to share any reporting on CVEs and patch notes.\n\n\n","media":[],"title":"Exploit K8S via Misconfiguration .YAML in CSP environments","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"In this presentation, we researched vulnerable security configurations that enable attacks on Kubernetes (K8s) clusters and examined how these settings can be exploited in CNCF projects. Kubernetes (K8s) uses YAML files to manage various security settings, leading to potential attacks such as information leakage, excessive permission acquisition, and container escape.\n\nInitially, this study focused on three security configuration areas in K8s: RBAC, HostPID, and Security Context. We explained the threats present if vulnerable settings are included.\n\n - RBAC: Excessive permission in K8s resources allows sensitive information theft or access to other nodes\n - HostPID: Access to node process information enables container escape attacks\n - Security Context: Incorrect security settings enable node escape and host access\n\n\nNext, we created patterns for identifying weak security settings through YAML files. To do this, we conducted a literature review and expanded the vulnerable patterns centered on RBAC proposed in various papers. Additionally, we included other security settings (HostPID, Security Context).\n[Our Pattern vs Paper Pattern]\n\n 1. RBAC:\n - Our: Daemonset, Deployment SA > node Patch and Secret Get/List\n - Paper: Daemonset > node Patch and Secret Get/List\n 2. Kind:\n Our: Cluster Role, Role, Role Binding\n Paper: Cluster Role\n 3. Other Security configurations:\n - Our: HostPID, SecurityContext\n - Paper: X\n\nUtilizing these patterns, we examined over 150 widely-used 3rd-party CNCF projects in K8s, discovering more than 50 instances of vulnerable patterns.\nWe provide detailed demonstrations of three scenarios for seizing nodes or clusters by using the discovered patterns to set Base Attack conditions.\n\n[Base Attack Conditions]\n\n - RBAC > Demonset / Deployment > Service Account > Secret (Get/List) or Node(Patch)\n [Exploit Scenario]\n - Stealing Tokens using Pods with excessive privileges\n - Node Take over via 1 Day (CVE-2022-42889) or hostPID: True or Security Context\n - Take over of another node or cluster using the Service Account Token on the deodorized node \n\n\nAdditionally, we are aware that 3rd-Party CNCF projects are widely used for convenience when operating K8S in CSPs (AWS, Azure, GCP). Since scenarios can occur in a CSP environment, we demonstrate in more detail.\nFinally, based on these research results, we share vulnerable patterns with project owners to collaborate on patching and issue tracking. Before the presentation, we plan to share any reporting on CVEs and patch notes.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55483],"conference_id":133,"event_ids":[55912],"name":"Wooseok Kim","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"woooseokkim","sort_order":0,"url":"https://woooseokkim"}],"media":[],"id":56004},{"content_ids":[55483],"conference_id":133,"event_ids":[55912],"name":"Changhyun Park","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56005}],"begin_tsz":"2024-08-09T20:25:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":55912,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723235100,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56004},{"tag_id":46167,"sort_order":4,"person_id":56005}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T20:25:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk, we will discuss the strengths and limitations of LLMs for code analysis tasks like code search and code clone detection. We will show when the LLMs make mistakes and what kinds of mistakes they make. For example, we observe that the performance of popular LLMs heavily relies on the well-defined variable and function names, therefore, they will make mistakes when some misleading variable name is given. Anyone interested in exploring the intersection of AI and code security analysis can attend this talk.\n\n\n","media":[],"title":"SDLC Nightmares - Defeating Secure Code Review GPT Hallucinations","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"In this talk, we will discuss the strengths and limitations of LLMs for code analysis tasks like code search and code clone detection. We will show when the LLMs make mistakes and what kinds of mistakes they make. For example, we observe that the performance of popular LLMs heavily relies on the well-defined variable and function names, therefore, they will make mistakes when some misleading variable name is given. Anyone interested in exploring the intersection of AI and code security analysis can attend this talk.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55737],"conference_id":133,"event_ids":[56263],"name":"Wang Zhilong","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56098},{"content_ids":[55737],"conference_id":133,"event_ids":[56263],"name":"Xinzhi Luo","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56099}],"begin_tsz":"2024-08-09T20:15:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T20:45:00.000-0000","id":56263,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723234500,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56098},{"tag_id":46167,"sort_order":1,"person_id":56099}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-09T20:15:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Q&A With OWASP","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723235175,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T20:26:15Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":56870,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 2","hotel":"","short_name":"ASV Pod 2","id":46467},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-09T20:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"No CTF? No Problem! Leveraging Alternate Reality Games to Develop OSINT and Cryptography Skills","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723225114,"nanoseconds":0},"speakers":[{"content_ids":[56208],"conference_id":133,"event_ids":[56862],"name":"John \"2PAC\" Smithberger","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56600}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T17:38:34Z","links":[],"end":"2024-08-09T20:45:00.000-0000","id":56862,"tag_ids":[46409,46511],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56600}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W213-W214","hotel":"","short_name":"W213-W214","id":46286},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-09T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Risk Limiting Audits are a powerful statistical technique for determining whether or not election outcomes, determined provisionally by machine counts, are likely to be correct. Join us for an overview of Risk Limiting Audits by the person who invented them. This is an incredible opportunity to understand what a true Risk Limiting Audit is. Many people have misconceptions of what audits and recounts are, and unfortunately do not understand the fundamental basics of what a true audit of an election would look like. Professor Stark will be giving a full overview. Don’t miss out! Following this talk Professor Stark will be giving a Risk Limiting Audit demo in our Voting Machine Lab that we highly recommend you check out!\n\n\n","media":[],"title":"Risk Limiting Audits From the Source","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"Risk Limiting Audits are a powerful statistical technique for determining whether or not election outcomes, determined provisionally by machine counts, are likely to be correct. Join us for an overview of Risk Limiting Audits by the person who invented them. This is an incredible opportunity to understand what a true Risk Limiting Audit is. Many people have misconceptions of what audits and recounts are, and unfortunately do not understand the fundamental basics of what a true audit of an election would look like. Professor Stark will be giving a full overview. Don’t miss out! Following this talk Professor Stark will be giving a Risk Limiting Audit demo in our Voting Machine Lab that we highly recommend you check out!","updated_timestamp":{"seconds":1723183538,"nanoseconds":0},"speakers":[{"content_ids":[56187,56185,56183],"conference_id":133,"event_ids":[56837,56839,56841],"name":"Philip Stark","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/philip-stark-0422325"},{"description":"","title":"Twitter (@philipbstark)","sort_order":0,"url":"https://twitter.com/philipbstark"},{"description":"","title":"Website","sort_order":0,"url":"https://www.stat.berkeley.edu/~stark/"}],"media":[],"id":56561}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:05:38Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":56839,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56561}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"It's in the Cards! Pick 5 cards with random levels of difficulty. Answer questions ranging from true/false to multiple choice to spot the vulnerable code. Test your knowledge on risky deployment scenarios, rack up the points, and get to the top of the leaderboard to win!\n\n\n","media":[],"title":"Activity: Test Your AppSec Knowledge by Deepfactor","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"It's in the Cards! Pick 5 cards with random levels of difficulty. Answer questions ranging from true/false to multiple choice to spot the vulnerable code. Test your knowledge on risky deployment scenarios, rack up the points, and get to the top of the leaderboard to win!","updated_timestamp":{"seconds":1723007481,"nanoseconds":0},"speakers":[{"content_ids":[56166],"conference_id":133,"event_ids":[56810],"name":"Mike Larkin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56552}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T05:11:21Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":56810,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56552}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 3","hotel":"","short_name":"ASV Pod 3","id":46468},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-07T05:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for an exhilarating container security CTF where you can go head-to-head with your peers. In this session, we will explore the world of container security, including image analysis, enumeration, and the most up-to-date container escape techniques. Put your skills to the test and compete for the top spot! Participants will gain valuable knowledge in container security and have the chance to win some exciting prizes. Don't miss out on this thrilling opportunity to showcase your expertise!\n\n\n","media":[],"title":"Activity: Capture the Container by Chainguard","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"Join us for an exhilarating container security CTF where you can go head-to-head with your peers. In this session, we will explore the world of container security, including image analysis, enumeration, and the most up-to-date container escape techniques. Put your skills to the test and compete for the top spot! Participants will gain valuable knowledge in container security and have the chance to win some exciting prizes. Don't miss out on this thrilling opportunity to showcase your expertise!","updated_timestamp":{"seconds":1723007321,"nanoseconds":0},"speakers":[{"content_ids":[56162],"conference_id":133,"event_ids":[56806,56813],"name":"Jonathan Leitschuh","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56549}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T05:08:41Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":56806,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56549}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 1","hotel":"","short_name":"ASV Pod 1","id":46466},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-07T05:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Are you getting stuck on solving ciphers in challenges? Not sure who or what Caesar is? What is \"polyalphabetic\" or \"transposition\"? Is this even relevant to modern day cryptography? Come on over for the Intro to Ciphers talk! Talk time: 5-15 minutes\n\n\n","media":[],"title":"CPV: Intro to Cyphers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:15:00Z","end_timestamp":{"seconds":1723234500,"nanoseconds":0},"android_description":"Are you getting stuck on solving ciphers in challenges? Not sure who or what Caesar is? What is \"polyalphabetic\" or \"transposition\"? Is this even relevant to modern day cryptography? Come on over for the Intro to Ciphers talk! Talk time: 5-15 minutes","updated_timestamp":{"seconds":1722725880,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T22:58:00Z","links":[],"end":"2024-08-09T20:15:00.000-0000","id":56788,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-03T22:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"MITRE Caldera is a scalable, automated adversary emulation, open-source cybersecurity platform developed by MITRE. It empowers cyber practitioners to save time, money, and energy through automated security assessments. Caldera not only tests and evaluates detection/analytic and response platforms, but it also provides the capability for your red team to perform manual assessments with computer assistance. This is achieved by augmenting existing offensive toolsets. The framework can be extended to integrate with any custom tools you may have. The development team behind the platform is a group of red teamers, software developers, exploit writers, cyber threat analysts, AI researchers, cybersecurity engineers, and computer scientists. They all pursue the common goal of building a premier adversary emulation platform for our security defenders around the world. To showcase Caldera at DEF CON 32, we will present a scenario that a commercial or corporate entity may ask of a security team. In this scenario, a concerned organization is requesting a security team to develop a repeatable adversary emulation plan based on current cyber threat intelligence (CTI) for a specific advanced persistent threat (APT) that has been targeting the organization’s industry sector. We will create three cyber threat intelligence reports for this adversary detailing the tactics, techniques, and procedures (TTPs) attributed to them. These TTPs will correspond with the abilities available in Caldera’s Stockpile and Atomic plugins. This collection of abilities makes the job of developing an adversary emulation very simple. We will go on to demonstrate how to develop an adversary emulation plan in Caldera utilizing the relevant TTPs described in the CTI reporting. Finally, we will execute the new adversary emulation plan against the target machines and display the facts that Caldera collects during an operation, the outputs of all commands run, and the final report generated by the Debrief plugin.\n\n\n","media":[],"title":"Introduction to MITRE Caldera Through Adversary Emulation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"MITRE Caldera is a scalable, automated adversary emulation, open-source cybersecurity platform developed by MITRE. It empowers cyber practitioners to save time, money, and energy through automated security assessments. Caldera not only tests and evaluates detection/analytic and response platforms, but it also provides the capability for your red team to perform manual assessments with computer assistance. This is achieved by augmenting existing offensive toolsets. The framework can be extended to integrate with any custom tools you may have. The development team behind the platform is a group of red teamers, software developers, exploit writers, cyber threat analysts, AI researchers, cybersecurity engineers, and computer scientists. They all pursue the common goal of building a premier adversary emulation platform for our security defenders around the world. To showcase Caldera at DEF CON 32, we will present a scenario that a commercial or corporate entity may ask of a security team. In this scenario, a concerned organization is requesting a security team to develop a repeatable adversary emulation plan based on current cyber threat intelligence (CTI) for a specific advanced persistent threat (APT) that has been targeting the organization’s industry sector. We will create three cyber threat intelligence reports for this adversary detailing the tactics, techniques, and procedures (TTPs) attributed to them. These TTPs will correspond with the abilities available in Caldera’s Stockpile and Atomic plugins. This collection of abilities makes the job of developing an adversary emulation very simple. We will go on to demonstrate how to develop an adversary emulation plan in Caldera utilizing the relevant TTPs described in the CTI reporting. Finally, we will execute the new adversary emulation plan against the target machines and display the facts that Caldera collects during an operation, the outputs of all commands run, and the final report generated by the Debrief plugin.","updated_timestamp":{"seconds":1722715708,"nanoseconds":0},"speakers":[{"content_ids":[55986,54197],"conference_id":133,"event_ids":[56608,54566],"name":"Mark Perry","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MITRE Corp","title":"Lead Applied Cyber Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/mark-perry-2a4a8451"}],"media":[],"id":53755,"title":"Lead Applied Cyber Security Engineer at MITRE Corp"},{"content_ids":[55986,54197],"conference_id":133,"event_ids":[56608,54566],"name":"Rachel Murphy","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MITRE Corp","title":"Cyber Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/rachelcmurphy"}],"media":[],"id":53769,"title":"Cyber Security Engineer at MITRE Corp"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T20:08:28Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":56608,"tag_ids":[46367,46734],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":53769},{"tag_id":46484,"sort_order":4,"person_id":53755}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-03T20:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is an AMA/Podcast that will be recorded on-site.\n\n\n","media":[],"title":"Interview - Mika Devonshire, Hosted by Himanshu Das","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"This is an AMA/Podcast that will be recorded on-site.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55900],"conference_id":133,"event_ids":[56487],"name":"Mika Devonshire","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56279},{"content_ids":[55900],"conference_id":133,"event_ids":[56487],"name":"Himanshu Das","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56280}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":56487,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56279},{"tag_id":46167,"sort_order":4,"person_id":56280}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this workshop, attendees are introduced to the basics of satellite communication in a hands-on manner. Also, through the power of virtualization and open-source software, attendees will get a step-by-step guide to create their own personal satellite lab, while helping discover the fundamental principles of satellite communication, from orbital mechanics to data transmission protocols, as you design, simulate, and experiment with satellite systems in a risk-free, virtual environment. Unveil the secrets of satellite technology, gain hands-on experience with real-world scenarios, and configuring and controlling your virtual satellite. This unique learning experience equips you with the knowledge and practical skills needed to explore the possibilities of satellite communication. Unlock the universe of opportunities that satellite communication offers, right from your own laptop.\r\n\r\nAttendee Requirements:\r\n- A moder laptop with VMware Workstation or VMware Fusion Installed.\r\n- Both Intel/AMD64 and ARM64 are supported in this workshop\r\n- Internet Access is not Required but the ability to connect to a local Wi-Fi network will be in order to access the workshop materials.\r\n \r\nAudience Skill Level: Beginner\r\n\r\nBYOS is a beginner friendly workshop that does require some use of the Linux command line, however if you have never used the command line before, you can still be successful in this lab.\r\n\r\nSome concepts will be new to attendees and the workshop is setup to allow ample time for questions and troubleshooting.\r\n\n\n\n","media":[],"title":"BYOS – Bring Your Own Satellite","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"In this workshop, attendees are introduced to the basics of satellite communication in a hands-on manner. Also, through the power of virtualization and open-source software, attendees will get a step-by-step guide to create their own personal satellite lab, while helping discover the fundamental principles of satellite communication, from orbital mechanics to data transmission protocols, as you design, simulate, and experiment with satellite systems in a risk-free, virtual environment. Unveil the secrets of satellite technology, gain hands-on experience with real-world scenarios, and configuring and controlling your virtual satellite. This unique learning experience equips you with the knowledge and practical skills needed to explore the possibilities of satellite communication. Unlock the universe of opportunities that satellite communication offers, right from your own laptop.\r\n\r\nAttendee Requirements:\r\n- A moder laptop with VMware Workstation or VMware Fusion Installed.\r\n- Both Intel/AMD64 and ARM64 are supported in this workshop\r\n- Internet Access is not Required but the ability to connect to a local Wi-Fi network will be in order to access the workshop materials.\r\n \r\nAudience Skill Level: Beginner\r\n\r\nBYOS is a beginner friendly workshop that does require some use of the Linux command line, however if you have never used the command line before, you can still be successful in this lab.\r\n\r\nSome concepts will be new to attendees and the workshop is setup to allow ample time for questions and troubleshooting.","updated_timestamp":{"seconds":1722626524,"nanoseconds":0},"speakers":[{"content_ids":[55832],"conference_id":133,"event_ids":[56382],"name":"Tim Fowler","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/roobixx/"}],"media":[],"id":56192}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:22:04Z","links":[],"end":"2024-08-09T22:00:00.000-0000","id":56382,"tag_ids":[46366,46734],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56192}],"tags":"","conference_id":133,"location":{"parent_id":46259,"name":"LVCC - L1 - HW2-07-02 (Aerospace) - Workshops","hotel":"","short_name":"Workshops","id":46476},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-02T19:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"With our open-source tool GraphQL Armor we want to take GraphQL security to the next level. GraphQL Armor is a dead-simple yet highly customizable security middleware for various GraphQL server engines. It offers advanced protection against common vulnerabilities like query depth, complexity, and rate limiting. \r\n\r\nIn this session, we’ll dive into the technical details, demonstrating how to identify GraphQL-specific vulnerabilities, integrate GraphQL Armor into your current setup, and customize it to your needs. \n\n\n","media":[],"title":"Arsenal: GraphQL Armor - Open Source GraphQL Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"With our open-source tool GraphQL Armor we want to take GraphQL security to the next level. GraphQL Armor is a dead-simple yet highly customizable security middleware for various GraphQL server engines. It offers advanced protection against common vulnerabilities like query depth, complexity, and rate limiting. \r\n\r\nIn this session, we’ll dive into the technical details, demonstrating how to identify GraphQL-specific vulnerabilities, integrate GraphQL Armor into your current setup, and customize it to your needs.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55736],"conference_id":133,"event_ids":[56238],"name":"Tristan Kalos","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56091},{"content_ids":[55736],"conference_id":133,"event_ids":[56238],"name":"Antoine Carossio","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56104}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":56238,"tag_ids":[46169,46370,46438,46511],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"Tool 🛠, Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":56104},{"tag_id":46167,"sort_order":1,"person_id":56091}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Arsenal 2","hotel":"","short_name":"ASV Arsenal 2","id":46470},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this workshop we present two perspectives on card present attacks - attacker's and defender's. What typical banks and card processors think of modern card present attacks?\r\nHow easy is it to mitigate those without compromising on user experience?\n\n\n","media":[],"title":"Attacking and defending card present transactions","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"In this workshop we present two perspectives on card present attacks - attacker's and defender's. What typical banks and card processors think of modern card present attacks?\r\nHow easy is it to mitigate those without compromising on user experience?","updated_timestamp":{"seconds":1722356150,"nanoseconds":0},"speakers":[{"content_ids":[55564],"conference_id":133,"event_ids":[56079],"name":"Sebastiaan Pierrot","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Adyen","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/sebastiaanpierrot/"}],"media":[],"id":56040,"title":"Adyen"},{"content_ids":[55564],"conference_id":133,"event_ids":[56079],"name":"Stephan Viljoen","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Adyen","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/stephan-viljoen-974ba09b/"}],"media":[],"id":56041,"title":"Adyen"},{"content_ids":[55564],"conference_id":133,"event_ids":[56079],"name":"Yurii Zadoianchuk","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Adyen","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/yurii-zadoianchuk/"}],"media":[],"id":56043,"title":"Adyen"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T16:15:50Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":56079,"tag_ids":[46386,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56043},{"tag_id":46484,"sort_order":4,"person_id":56041},{"tag_id":46484,"sort_order":6,"person_id":56040}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-30T16:15:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this MarSec event we will engage convention goers with a number of different tabletop games to help them understand the operational issues surrounding offensive and defensive cyber operations in a port complex. Players will become familiar with the various network components that support port and shipping operations from the underlying infrastructure to the system components at ports and commercial ships. A fictional terminal, Boundary Terminal part of the Port Elizabeth New Jersey complex, and a fictional shipping line, Worldwide Shipping Operations form the basis for all of three of our games. The games are: a short game designed to show the basic target set and linkages, a longer role-playing game where players can engage in detail with port systems, and a card driven game focused on detection, forensics, and counter-forensics. The role-playing game has been conducted as part of the MarSec portion of the ICS Village for the past two years, while the shorter version was added last year. This year we will add the counter-forensics game. All of the games are designed to be entertaining and engaging with prizes provided to the winners and best players (usually everyone gets a prize).\n\n\n","media":[{"hash_sha256":"a43e90beb02db94f81620530a72e3185043ff5f6a8fc15d5b915c4b7414f537a","filetype":"image/png","hash_md5":"381e707c51504a86ffccd678769cfbf7","name":"ct_hacking-boundary.png","is_logo":"Y","hash_crc32c":"81a9d890","filesize":253710,"asset_id":645,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hacking-boundary.png"}],"title":"Hacking Boundary Terminal","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"In this MarSec event we will engage convention goers with a number of different tabletop games to help them understand the operational issues surrounding offensive and defensive cyber operations in a port complex. Players will become familiar with the various network components that support port and shipping operations from the underlying infrastructure to the system components at ports and commercial ships. A fictional terminal, Boundary Terminal part of the Port Elizabeth New Jersey complex, and a fictional shipping line, Worldwide Shipping Operations form the basis for all of three of our games. The games are: a short game designed to show the basic target set and linkages, a longer role-playing game where players can engage in detail with port systems, and a card driven game focused on detection, forensics, and counter-forensics. The role-playing game has been conducted as part of the MarSec portion of the ICS Village for the past two years, while the shorter version was added last year. This year we will add the counter-forensics game. All of the games are designed to be entertaining and engaging with prizes provided to the winners and best players (usually everyone gets a prize).","updated_timestamp":{"seconds":1722308655,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:04:15Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249344"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249345"}],"end":"2024-08-10T01:00:00.000-0000","id":56008,"tag_ids":[46427,46439,46772],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-E","hotel":"","short_name":"HW4-03-06-E","id":46378},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-30T03:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us at the lock pick village tables after Jared's talk on safe manipulation for some hands on practice!\n\n\n","media":[],"title":"Safecracking Practical Demonstration","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Join us at the lock pick village tables after Jared's talk on safe manipulation for some hands on practice!","updated_timestamp":{"seconds":1722209247,"nanoseconds":0},"speakers":[{"content_ids":[54556,55503],"conference_id":133,"event_ids":[55932,54931],"name":"Jared Dygert","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54305}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:27:27Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":55932,"tag_ids":[46384,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54305}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03-A","hotel":"","short_name":"HW2-07-03-A","id":46383},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-28T23:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Microsoft Azure threat matrix contains a mysterious and almost empty item: AZT508 - Azure Policy, which suggests this service can break bad but gives almost no details as to how. To quote Microsoft: “Azure Policy helps to enforce organizational standards and to assess compliance at-scale.“ How does this banal sounding service come to be used for attacking Azure users?\n\nThis talk aims to fill in the picture. We will explore the Azure Policy service and how it can be used for badness: punching holes in acls, creating persistent backdoors on virtual machines, assigning attacker controlled roles to resources, modifying database encryption, etc. I will demo an abuse scenario, and discuss others that can be used for privilege escalation and persistence. I will also discuss a confused deputy attack on this service. Finally, I will share detection and control recommendations.\n\nTalk Outline:\n---\nThe Azure Policy service (3 mins):\n- What it is, how it works, and how it is intended to be used. This service is billed as an integral part of the Azure compliance story. Policies examine resources and can block or alert on non-compliance.\n- Introduce the components at play and lay the groundwork for understanding later abuse. -----There are lots of interlocking pieces to understand.\n- Introducing policy effects which go far beyond normal auditing scope. Effects are how policies can make changes to resource configuration.\n\nEstablishing the abuse case: (7 mins)\n- Discussion of evil that can be done with intended functionality including a demo\n- Policy adds an arbitrary script to every VM, which runs as soon as it starts up, calling a reverse shell home.\n- Policy turns off database encryption\n- Policy to assign an RBAC role to attacker controlled account\n- What privileges and roles are need for the above\n\nPrivesc scenario (7 mins)\n- Policy initiatives - these are higher level groupings of policies\n- Confused deputy attack via initiative\n- The curious case of `append` actions\n- Policies can append an attacker IP to every new ACL in your environment\n- Adding attacker ssh keys to all VMs\n\n\n","media":[],"title":"ExploitIfNotExists: Privilege Escalation & Persistence with Azure Policy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:25:00Z","end_timestamp":{"seconds":1723235100,"nanoseconds":0},"android_description":"The Microsoft Azure threat matrix contains a mysterious and almost empty item: AZT508 - Azure Policy, which suggests this service can break bad but gives almost no details as to how. To quote Microsoft: “Azure Policy helps to enforce organizational standards and to assess compliance at-scale.“ How does this banal sounding service come to be used for attacking Azure users?\n\nThis talk aims to fill in the picture. We will explore the Azure Policy service and how it can be used for badness: punching holes in acls, creating persistent backdoors on virtual machines, assigning attacker controlled roles to resources, modifying database encryption, etc. I will demo an abuse scenario, and discuss others that can be used for privilege escalation and persistence. I will also discuss a confused deputy attack on this service. Finally, I will share detection and control recommendations.\n\nTalk Outline:\n---\nThe Azure Policy service (3 mins):\n- What it is, how it works, and how it is intended to be used. This service is billed as an integral part of the Azure compliance story. Policies examine resources and can block or alert on non-compliance.\n- Introduce the components at play and lay the groundwork for understanding later abuse. -----There are lots of interlocking pieces to understand.\n- Introducing policy effects which go far beyond normal auditing scope. Effects are how policies can make changes to resource configuration.\n\nEstablishing the abuse case: (7 mins)\n- Discussion of evil that can be done with intended functionality including a demo\n- Policy adds an arbitrary script to every VM, which runs as soon as it starts up, calling a reverse shell home.\n- Policy turns off database encryption\n- Policy to assign an RBAC role to attacker controlled account\n- What privileges and roles are need for the above\n\nPrivesc scenario (7 mins)\n- Policy initiatives - these are higher level groupings of policies\n- Confused deputy attack via initiative\n- The curious case of `append` actions\n- Policies can append an attacker IP to every new ACL in your environment\n- Adding attacker ssh keys to all VMs","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55482],"conference_id":133,"event_ids":[55911],"name":"Zander Mackie","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"ZanderMackie","sort_order":0,"url":"https://ZanderMackie"}],"media":[],"id":56021}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T20:25:00.000-0000","id":55911,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56021}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Biometrics applied to PACS (Physical Access Control Systems) has been an hot-topic for a few years now. The spread of fingerprint or face recognition based access control and time attendance systems among corporate, industrial and military environments has surged. And with it, also the number of potential attack vectors has increased. In this talk, after a brief overview of the state of art of available PACS utilizing biometrics to authenticate and authorize users, we will investigate one technology among others (usually perceived less-invasive) that has been widely used in some specific fields (e.g. industrial plants, airports, food industry, etc.): the handpunch access control and time attendance systems. The handpunch PACS are based on the hand-geometry recognition. In this presentation we will have a look how this tech works and, in particular, we will focus our attention on reviewing some of existing handpunch devices: from a physical security POV until reversing the communication protocol. Moreover, during the presentation will be demonstrated how to remotely push a new super-admin user into it (i.e. persistent backdoor), how to dump existing users credentials and will be also released an opensource tool-suite: HandScan & HandPwner. \r\n\r\nEventually, thanks the cooperation with Shodan’s creator, it has been confirmed that more than 1800 of these vulnerable devices were found exposed on the Internet. Finally, we will conclude the talk with practical and actionable countermeasures to prevent these attacks and how to harden these devices.\n\n\n","media":[],"title":"HandPwning: \"Your Hand is your Passport. Verify me. Now let me in!\"","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:25:00Z","end_timestamp":{"seconds":1723235100,"nanoseconds":0},"android_description":"Biometrics applied to PACS (Physical Access Control Systems) has been an hot-topic for a few years now. The spread of fingerprint or face recognition based access control and time attendance systems among corporate, industrial and military environments has surged. And with it, also the number of potential attack vectors has increased. In this talk, after a brief overview of the state of art of available PACS utilizing biometrics to authenticate and authorize users, we will investigate one technology among others (usually perceived less-invasive) that has been widely used in some specific fields (e.g. industrial plants, airports, food industry, etc.): the handpunch access control and time attendance systems. The handpunch PACS are based on the hand-geometry recognition. In this presentation we will have a look how this tech works and, in particular, we will focus our attention on reviewing some of existing handpunch devices: from a physical security POV until reversing the communication protocol. Moreover, during the presentation will be demonstrated how to remotely push a new super-admin user into it (i.e. persistent backdoor), how to dump existing users credentials and will be also released an opensource tool-suite: HandScan & HandPwner. \r\n\r\nEventually, thanks the cooperation with Shodan’s creator, it has been confirmed that more than 1800 of these vulnerable devices were found exposed on the Internet. Finally, we will conclude the talk with practical and actionable countermeasures to prevent these attacks and how to harden these devices.","updated_timestamp":{"seconds":1722564738,"nanoseconds":0},"speakers":[{"content_ids":[55343,55800],"conference_id":133,"event_ids":[55735,56349,56352],"name":"Luca \"CYBERANTANI\" Bongiorni","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"We Hack In Disguise (WHID)","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":55951,"title":"Founder at We Hack In Disguise (WHID)"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T02:12:18Z","links":[],"end":"2024-08-09T20:25:00.000-0000","id":55735,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55951}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-02T02:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"One year since the five-agency release of the Request for Information (RFI) on Open-Source Software Security Areas of Long Term Focus and Prioritization the U.S. government is returning to DEF CON to release an RFI Summary Report that consolidates the feedback received from the open-source software community and highlight agency-wide priorities to secure the open-source software ecosystem. In this panel, you will hear from government employees leading the charge on policy solutions towards secure open-source software and building trust with the open-source software ecosystem. In this panel, White House, the U.S. Department of Homeland Security, and Infrastructure Security Agency officials will present an overview of the Federal Government efforts in this space. The discussion will address the five priority areas addressed in the RFI, including (i) Securing Open-Source Software Foundations; (ii) Sustaining Open-Source Software Communities and Governance; (iii) Creating Behavioral and Economic Incentives to Secure the Open-Source Software Ecosystem; (iv) Improving R&D/ Innovation; and (v) Expanding International Collaboration. We look to work with you to ensure a secure, sustainable, and resilient open-source software future.\n\n\n","media":[],"title":"The Value of Trust in the Open-source Software Ecosystem","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"One year since the five-agency release of the Request for Information (RFI) on Open-Source Software Security Areas of Long Term Focus and Prioritization the U.S. government is returning to DEF CON to release an RFI Summary Report that consolidates the feedback received from the open-source software community and highlight agency-wide priorities to secure the open-source software ecosystem. In this panel, you will hear from government employees leading the charge on policy solutions towards secure open-source software and building trust with the open-source software ecosystem. In this panel, White House, the U.S. Department of Homeland Security, and Infrastructure Security Agency officials will present an overview of the Federal Government efforts in this space. The discussion will address the five priority areas addressed in the RFI, including (i) Securing Open-Source Software Foundations; (ii) Sustaining Open-Source Software Communities and Governance; (iii) Creating Behavioral and Economic Incentives to Secure the Open-Source Software Ecosystem; (iv) Improving R&D/ Innovation; and (v) Expanding International Collaboration. We look to work with you to ensure a secure, sustainable, and resilient open-source software future.","updated_timestamp":{"seconds":1721778655,"nanoseconds":0},"speakers":[{"content_ids":[55331,56138],"conference_id":133,"event_ids":[55730,56781],"name":"Aeva Black","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DHS Cyber Security and Infrastructure Security Agency","title":""}],"links":[],"pronouns":"they/them","media":[],"id":55918,"title":"DHS Cyber Security and Infrastructure Security Agency"},{"content_ids":[55331],"conference_id":133,"event_ids":[55730],"name":"Jordan Kasper","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Department of Homeland Security","title":"Senior Advisor for Technology and Delivery in the Office of the CIO"}],"links":[],"pronouns":null,"media":[],"id":55930,"title":"Senior Advisor for Technology and Delivery in the Office of the CIO at Department of Homeland Security"},{"content_ids":[55331],"conference_id":133,"event_ids":[55730],"name":"Nasreen Djouini","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Office of the National Cyber Director (ONCD)","title":"Senior Policy Advisor"}],"links":[],"pronouns":null,"media":[],"id":55936,"title":"Senior Policy Advisor at Office of the National Cyber Director (ONCD)"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-23T23:50:55Z","links":[],"end":"2024-08-09T20:45:00.000-0000","id":55730,"tag_ids":[46388,46419,46511],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55936},{"tag_id":46167,"sort_order":4,"person_id":55930},{"tag_id":46167,"sort_order":6,"person_id":55918}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-23T23:50:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Drone hacking tends to be an expensive and sometimes unsafe, but not if you use a simulator!. I have developed a drone hacking simulator called the [Damn Vulnerable Drone](https://github.com/nicholasaleks/Damn-Vulnerable-Drone). \r\n\r\nThe Damn Vulnerable Drone is a virtually simulated environment designed for offensive security professionals to safely learn and practice drone hacking techniques. It simulates real-world ArduPilot & MAVLink drone architectures and vulnerabilities, offering a hands-on experience in exploiting drone systems.\n\n\n","media":[],"title":"Simulated Drone Hacking","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T20:50:00Z","end_timestamp":{"seconds":1723236600,"nanoseconds":0},"android_description":"Drone hacking tends to be an expensive and sometimes unsafe, but not if you use a simulator!. I have developed a drone hacking simulator called the [Damn Vulnerable Drone](https://github.com/nicholasaleks/Damn-Vulnerable-Drone). \r\n\r\nThe Damn Vulnerable Drone is a virtually simulated environment designed for offensive security professionals to safely learn and practice drone hacking techniques. It simulates real-world ArduPilot & MAVLink drone architectures and vulnerabilities, offering a hands-on experience in exploiting drone systems.","updated_timestamp":{"seconds":1721595168,"nanoseconds":0},"speakers":[{"content_ids":[55275,55836],"conference_id":133,"event_ids":[55665,56386],"name":"Nick Aleks","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@exploitpapi)","sort_order":0,"url":"https://twitter.com/exploitpapi"}],"media":[],"id":55824}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T20:52:48Z","links":[],"end":"2024-08-09T20:50:00.000-0000","id":55665,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55824}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-21T20:52:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this collaborative panel with Blue Team Village we'll sit down with two Red Teamers and two Blue Teamers to talk through how real world attacks could take place - and how to defend them.\n\n\n","media":[],"title":"Red Goes Purple: Executing the Attack Path","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T20:50:00Z","end_timestamp":{"seconds":1723236600,"nanoseconds":0},"android_description":"In this collaborative panel with Blue Team Village we'll sit down with two Red Teamers and two Blue Teamers to talk through how real world attacks could take place - and how to defend them.","updated_timestamp":{"seconds":1722720713,"nanoseconds":0},"speakers":[{"content_ids":[54216,55274],"conference_id":133,"event_ids":[55664,54589],"name":"Kevin \"Kent\" Clark","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"BC Security","title":"Red Team Instructor"},{"organization":"TrustedSec","title":"Security Consultant"}],"pronouns":null,"links":[{"description":"","title":"Blog","sort_order":0,"url":"https://henpeebin.com/kevin/blog"}],"media":[],"id":53853,"title":"Security Consultant at TrustedSec"},{"content_ids":[55290,55309,55957,55274],"conference_id":133,"event_ids":[55699,56573,55664,55680],"name":"Omar Santos","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@santosomar)","sort_order":0,"url":"https://twitter.com/santosomar"}],"media":[],"id":55860},{"content_ids":[55274],"conference_id":133,"event_ids":[55664],"name":"Graham Helton","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56336}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T21:31:53Z","links":[],"end":"2024-08-09T20:50:00.000-0000","id":55664,"tag_ids":[46373,46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46488,"sort_order":2,"person_id":55860},{"tag_id":46487,"sort_order":4,"person_id":56336},{"tag_id":46487,"sort_order":6,"person_id":53853}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-08-03T21:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"DC NextGen / Youth Challenge Area at Red Team Village","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1721595757,"nanoseconds":0},"speakers":[{"content_ids":[55273],"conference_id":133,"event_ids":[55663,55712,55713],"name":"RTV Staff","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@redteamvillage_)","sort_order":0,"url":"https://twitter.com/redteamvillage_"}],"media":[],"id":55852}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T21:02:37Z","links":[],"end":"2024-08-10T00:00:00.000-0000","id":55663,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55852}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Ascension","hotel":"","short_name":"Ascension","id":46504},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-21T21:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this workshop, we distill key tactics from the comprehensive Practical Physical Exploitation course, tailored specifically for penetration testers looking to attack Physical Access Controls (PACS).\n\nParticipants will embark on a journey through the ins and outs of cloning badges during physical penetration tests. Explore the intricacies of long-range, short-range, and Stealth cloning tactics, gaining hands-on experience in the art of badge duplication. Delve into the realm of implantable devices, understanding their role in modern access control exploitation.\n\nJoin us as we uncover the nuances of downgrade/upgrade attacks and the protocols that make them possible. Learn to navigate the landscape of access control systems with expert guidance, equipping yourself with the knowledge to identify and exploit vulnerabilities.\n\nBy the end of this session, you'll wield an arsenal of cutting-edge techniques, ready to transform your facility into a bastion of high-security readiness. Don't miss this opportunity to elevate your skills and refine your physical security penetration testing skills.\n\n\n","media":[],"title":"Badge Cloning: A Penetration Tester's Guide to Capturing and Writing Badges","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T21:50:00Z","end_timestamp":{"seconds":1723240200,"nanoseconds":0},"android_description":"In this workshop, we distill key tactics from the comprehensive Practical Physical Exploitation course, tailored specifically for penetration testers looking to attack Physical Access Controls (PACS).\n\nParticipants will embark on a journey through the ins and outs of cloning badges during physical penetration tests. Explore the intricacies of long-range, short-range, and Stealth cloning tactics, gaining hands-on experience in the art of badge duplication. Delve into the realm of implantable devices, understanding their role in modern access control exploitation.\n\nJoin us as we uncover the nuances of downgrade/upgrade attacks and the protocols that make them possible. Learn to navigate the landscape of access control systems with expert guidance, equipping yourself with the knowledge to identify and exploit vulnerabilities.\n\nBy the end of this session, you'll wield an arsenal of cutting-edge techniques, ready to transform your facility into a bastion of high-security readiness. Don't miss this opportunity to elevate your skills and refine your physical security penetration testing skills.","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55272],"conference_id":133,"event_ids":[55662],"name":"Travis Weathers","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@tweathers_sec)","sort_order":0,"url":"https://twitter.com/tweathers_sec"}],"media":[],"id":55825},{"content_ids":[55272,55750],"conference_id":133,"event_ids":[55662,56275],"name":"Ralph May","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Black Hills Information Security (BHIS)","title":"Security Analyst and Penetration Tester"}],"links":[],"pronouns":null,"media":[],"id":55826,"title":"Security Analyst and Penetration Tester at Black Hills Information Security (BHIS)"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T21:50:00.000-0000","id":55662,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55825},{"tag_id":46167,"sort_order":4,"person_id":55826}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this session, we'll translate PCAPs, STIX objects, or detection repositories into attack scenarios and send test data to a data lake/SIEM to test detection logic and organizational context. We'll write scenarios in descriptive language, and give public access to a bunch of scenario content for participants to use and contribute to, as well as leave with the data to test your environment with at home if you want, and public access to the free tools to use scenarios.\n\n\n","media":[],"title":"Adversary Simulation: Using Blue Eyes to See Red","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T20:50:00Z","end_timestamp":{"seconds":1723236600,"nanoseconds":0},"android_description":"In this session, we'll translate PCAPs, STIX objects, or detection repositories into attack scenarios and send test data to a data lake/SIEM to test detection logic and organizational context. We'll write scenarios in descriptive language, and give public access to a bunch of scenario content for participants to use and contribute to, as well as leave with the data to test your environment with at home if you want, and public access to the free tools to use scenarios.","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55271],"conference_id":133,"event_ids":[55661],"name":"Fred Wilmot","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@fewdisc)","sort_order":0,"url":"https://twitter.com/fewdisc"}],"media":[],"id":55822},{"content_ids":[55271],"conference_id":133,"event_ids":[55661],"name":"Sebastien Tricaud","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55823}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T20:50:00.000-0000","id":55661,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55822},{"tag_id":46167,"sort_order":4,"person_id":55823}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Artificial intelligence (AI) promises to be a game-changing technology across industries, but when it comes to identifying and mitigating complex cybersecurity threats, AI still falls short. The inherent nature of malicious attacks and the sophistication of hackers ultimately hamper even the most advanced AI systems currently available. There are many critical jobs where AI cannot replace humans due to the limits of current technology in exercising judgment, especially in undefined and complex situations. AI can only process information it has been trained on, lacking real-world experience and the discernment needed for high-stakes decision making.\n\n\n","media":[],"title":"Worried about AI taking your job? Then this talk is for you.","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"Artificial intelligence (AI) promises to be a game-changing technology across industries, but when it comes to identifying and mitigating complex cybersecurity threats, AI still falls short. The inherent nature of malicious attacks and the sophistication of hackers ultimately hamper even the most advanced AI systems currently available. There are many critical jobs where AI cannot replace humans due to the limits of current technology in exercising judgment, especially in undefined and complex situations. AI can only process information it has been trained on, lacking real-world experience and the discernment needed for high-stakes decision making.","updated_timestamp":{"seconds":1721495180,"nanoseconds":0},"speakers":[{"content_ids":[55193],"conference_id":133,"event_ids":[55583],"name":"Levone Campbell","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Incident Response & Cyber Operations Consultant"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/levone-campbell-mba-mps-cissp-3b305234/"},{"description":"","title":"Mastodon (@BillClintonJr@mastodon.social)","sort_order":0,"url":"https://mastodon.social/@BillClintonJr"}],"media":[],"id":55805,"title":"Incident Response & Cyber Operations Consultant"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T17:06:20Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":55583,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55805}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-20T17:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This research aims to enhance electric vehicle cybersecurity by uncovering vulnerabilities in the Electric Vehicle Communication Controller (EVCC), crucial for charging communication. We've developed a specialized security tool after examining electric vehicle charging ports and On-Board Charging (OBC) protocols, with a focus on ISO 15118 standards.\n\n\n","media":[],"title":"V2GEvil: Ghost in the wires","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:30:00Z","end_timestamp":{"seconds":1723235400,"nanoseconds":0},"android_description":"This research aims to enhance electric vehicle cybersecurity by uncovering vulnerabilities in the Electric Vehicle Communication Controller (EVCC), crucial for charging communication. We've developed a specialized security tool after examining electric vehicle charging ports and On-Board Charging (OBC) protocols, with a focus on ISO 15118 standards.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54564,54526],"conference_id":133,"event_ids":[54899,54939],"name":"Thomas \"Cr0wTom\" Sermpinis","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Auxilium Pentest Labs","title":"Technical Director"}],"pronouns":"he/him","links":[{"description":"","title":"cr0wsplace.com","sort_order":0,"url":"https://cr0wsplace.com"}],"media":[],"id":54059,"title":"Technical Director at Auxilium Pentest Labs"},{"content_ids":[54564],"conference_id":133,"event_ids":[54939],"name":"Pavel Khunt","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Auxilium Pentest Labs","title":"Automotive Security Researcher and Penetration Tester"}],"links":[],"pronouns":null,"media":[],"id":54306,"title":"Automotive Security Researcher and Penetration Tester at Auxilium Pentest Labs"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T20:30:00.000-0000","id":54939,"tag_ids":[46375,46419,46438,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54306},{"tag_id":46167,"sort_order":6,"person_id":54059}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Seems like the world has completely changed in the last 12-24 months:\r\n\r\n- Multiple Global Conflicts\r\n- Launch of ChatGPT\r\n- CISO’s being held personally accountable for security breaches\r\n- Government Regulations on security\r\n- Economic Uncertainties (interest rates, layoffs)\r\n\r\nAll of these changes have played a major role in reshaping the security landscape. From adversaries with political motivations to another just trying to provide for his/her family. Security is no longer just your job, but you could actually be held personally liable. Oh and don’t forget that an adversary now has the ability to rewrite vulnerabilities with the click of a button, or can create deep fakes so real that a zoom call with multiple “people” was undetectable by a real person.\n\n\n","media":[],"title":"Preparing for the Future: A Discussion of our Rapidly Evolving Threat Landscape","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:30:00Z","end_timestamp":{"seconds":1723235400,"nanoseconds":0},"android_description":"Seems like the world has completely changed in the last 12-24 months:\r\n\r\n- Multiple Global Conflicts\r\n- Launch of ChatGPT\r\n- CISO’s being held personally accountable for security breaches\r\n- Government Regulations on security\r\n- Economic Uncertainties (interest rates, layoffs)\r\n\r\nAll of these changes have played a major role in reshaping the security landscape. From adversaries with political motivations to another just trying to provide for his/her family. Security is no longer just your job, but you could actually be held personally liable. Oh and don’t forget that an adversary now has the ability to rewrite vulnerabilities with the click of a button, or can create deep fakes so real that a zoom call with multiple “people” was undetectable by a real person.","updated_timestamp":{"seconds":1720394121,"nanoseconds":0},"speakers":[{"content_ids":[54563],"conference_id":133,"event_ids":[54938],"name":"Jamie Hardy","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Intuit","title":"Principal Product Manager"}],"links":[],"pronouns":null,"media":[],"id":54218,"title":"Principal Product Manager at Intuit"},{"content_ids":[54563],"conference_id":133,"event_ids":[54938],"name":"Rachael Tubbs","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54228},{"content_ids":[54563],"conference_id":133,"event_ids":[54938],"name":"Ted Harrington","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Independent Security Evaluators","title":"Executive Partner"}],"links":[],"pronouns":null,"media":[],"id":54231,"title":"Executive Partner at Independent Security Evaluators"},{"content_ids":[54563],"conference_id":133,"event_ids":[54938],"name":"Steve McGregory ","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Keysight Technologies","title":"Senior Director of the Cybersecurity Center of Excellence (COE)"}],"links":[],"pronouns":null,"media":[],"id":54242,"title":"Senior Director of the Cybersecurity Center of Excellence (COE) at Keysight Technologies"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T23:15:21Z","links":[],"end":"2024-08-09T20:30:00.000-0000","id":54938,"tag_ids":[46383,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54218},{"tag_id":46167,"sort_order":1,"person_id":54228},{"tag_id":46167,"sort_order":1,"person_id":54242},{"tag_id":46167,"sort_order":1,"person_id":54231}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-07T23:15:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Often there are times to collect #allTheWireless, but with that comes some planning, we've created a modular survey system and developed an Elastic-based analytic platform named PacketGlass to visualize and explore the terabytes of information collected over multiple surveys. Our system collects all data types supported by Kismet plus raw PCAP data, ingests the data, and displays tens of millions of devices in an easy to query and display manner. Using different parsing techniques, We plan to show how to build one of these survey platforms and discuss the methodology used to transform Elastic into a robust analytical platform.\n\n\n","media":[],"title":"MoWireless MoProblems: Modular Wireless Survey Systems and the Data Analytics That Love Them","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:30:00Z","end_timestamp":{"seconds":1723235400,"nanoseconds":0},"android_description":"Often there are times to collect #allTheWireless, but with that comes some planning, we've created a modular survey system and developed an Elastic-based analytic platform named PacketGlass to visualize and explore the terabytes of information collected over multiple surveys. Our system collects all data types supported by Kismet plus raw PCAP data, ingests the data, and displays tens of millions of devices in an easy to query and display manner. Using different parsing techniques, We plan to show how to build one of these survey platforms and discuss the methodology used to transform Elastic into a robust analytical platform.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54562],"conference_id":133,"event_ids":[54937],"name":"Geoff Horvath","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Alsatian Consulting, LLC","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":54293,"title":"Founder at Alsatian Consulting, LLC"},{"content_ids":[54562],"conference_id":133,"event_ids":[54937],"name":"Winson Tam","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54344}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T20:30:00.000-0000","id":54937,"tag_ids":[46385,46419,46438,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54293},{"tag_id":46167,"sort_order":1,"person_id":54344}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There are loads of ways to get through a door without actually attacking the lock itself, including using the egress hardware, access control hardware, and countless other techniques to gain entry. Learn how to do these attacks in this talk!\n\n\n","media":[],"title":"Bypass 101","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"There are loads of ways to get through a door without actually attacking the lock itself, including using the egress hardware, access control hardware, and countless other techniques to gain entry. Learn how to do these attacks in this talk!","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54561],"conference_id":133,"event_ids":[54936],"name":"Sam Mayers","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Beazley Security","title":"Security Researcher"}],"links":[],"pronouns":null,"media":[],"id":54237,"title":"Security Researcher at Beazley Security"},{"content_ids":[54561,54621,55796],"conference_id":133,"event_ids":[56873,56345,54936,54995],"name":"Karen Ng","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GGR Security","title":"Risk Analyst"}],"links":[],"pronouns":null,"media":[],"id":54281,"title":"Risk Analyst at GGR Security"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":54936,"tag_ids":[46169,46387,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54281},{"tag_id":46167,"sort_order":1,"person_id":54237}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Secure Shell (SSH) has evolved from a remote shell service to a standardized secure transport that is second only to Transport Layer Security (TLS) in terms of exposure and popularity. SSH is no longer just for POSIX operating systems; SSH services can be found in everything from network devices, to source code forges, to Windows-based file transfer tools. While OpenSSH is still the most prominent implementation, it's now just one of dozens, and these include a handful of libraries that drive a wide range of applications. This presentation digs deep into SSH, the lesser-known implementations, many of the surprising security issues found along the way, and how to exploit them. As part of this talk, we will release an open source tool, dubbed \"sshamble\", that assists with research and security testing of SSH services. \n\n\n","media":[],"title":"Sshamble: Unexpected Exposures in the Secure Shell","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"The Secure Shell (SSH) has evolved from a remote shell service to a standardized secure transport that is second only to Transport Layer Security (TLS) in terms of exposure and popularity. SSH is no longer just for POSIX operating systems; SSH services can be found in everything from network devices, to source code forges, to Windows-based file transfer tools. While OpenSSH is still the most prominent implementation, it's now just one of dozens, and these include a handful of libraries that drive a wide range of applications. This presentation digs deep into SSH, the lesser-known implementations, many of the surprising security issues found along the way, and how to exploit them. As part of this talk, we will release an open source tool, dubbed \"sshamble\", that assists with research and security testing of SSH services.","updated_timestamp":{"seconds":1720307459,"nanoseconds":0},"speakers":[{"content_ids":[54452],"conference_id":133,"event_ids":[54825],"name":"HD Moore","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"runZero","title":"CEO and Co-Founder"}],"links":[],"pronouns":"he/him","media":[],"id":54105,"title":"CEO and Co-Founder at runZero"},{"content_ids":[54452],"conference_id":133,"event_ids":[54825],"name":"Rob King","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"runZero","title":"Director of Security Research"}],"links":[],"pronouns":null,"media":[],"id":54132,"title":"Director of Security Research at runZero"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:59Z","links":[],"end":"2024-08-09T20:45:00.000-0000","id":54825,"tag_ids":[46166,46169,46419,46437,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54105},{"tag_id":46167,"sort_order":2,"person_id":54132}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The DEF CON community challenges the status quo, bringing a diversity of perspectives and ideas to identify hidden problems and solutions. While DARPA lays claim to the origin of the ARPANET/internet, vast communities of people with different interests created its novel components. The DARPA Cyber Grand Challenge helped launch the field of vulnerability detection and remediation and numerous DARPA Cyber Fast Track program performers continue to contribute to DEF CON. \n\nWhat if current vulnerabilities all magically disappeared overnight and critical infrastructure were “safe and secure” for the time being. What would come next? \n\nIn this talk, Dr. Stefanie Tompkins will discuss the value of the hacker community and many of the contributions that have come from it, as well as the growth and synergy of the two communities. She’ll also explore the question of what comes next.\n\nFor a deeper dive into the real-world impacts of DARPA cyber technologies, Dr. Renee Wegrzyn, the inaugural director of the Advanced Research Projects Agency for Health (ARPA-H), will join Stefanie and a moderator. They will discuss efforts that impact DEF CON areas of interest and inform ARPA-H work, from Cyber Fast Track to current work focused on securing and defending hospitals and the health tech ecosystem from cyberattacks. \n\n\n","media":[],"title":"If Existing Cyber Vulnerabilities Magically Disappeared Overnight, What Would Be Next?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"The DEF CON community challenges the status quo, bringing a diversity of perspectives and ideas to identify hidden problems and solutions. While DARPA lays claim to the origin of the ARPANET/internet, vast communities of people with different interests created its novel components. The DARPA Cyber Grand Challenge helped launch the field of vulnerability detection and remediation and numerous DARPA Cyber Fast Track program performers continue to contribute to DEF CON. \n\nWhat if current vulnerabilities all magically disappeared overnight and critical infrastructure were “safe and secure” for the time being. What would come next? \n\nIn this talk, Dr. Stefanie Tompkins will discuss the value of the hacker community and many of the contributions that have come from it, as well as the growth and synergy of the two communities. She’ll also explore the question of what comes next.\n\nFor a deeper dive into the real-world impacts of DARPA cyber technologies, Dr. Renee Wegrzyn, the inaugural director of the Advanced Research Projects Agency for Health (ARPA-H), will join Stefanie and a moderator. They will discuss efforts that impact DEF CON areas of interest and inform ARPA-H work, from Cyber Fast Track to current work focused on securing and defending hospitals and the health tech ecosystem from cyberattacks.","updated_timestamp":{"seconds":1720307458,"nanoseconds":0},"speakers":[{"content_ids":[54451],"conference_id":133,"event_ids":[54824],"name":"Dr. Renee Wegrzyn","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Advanced Research Projects Agency for Health (ARPA-H)","title":"First Director"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/renee-wegrzyn-ba00643/"}],"media":[],"id":54123,"title":"First Director at Advanced Research Projects Agency for Health (ARPA-H)"},{"content_ids":[54451],"conference_id":133,"event_ids":[54824],"name":"Peiter “Mudge” Zatko","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DARPA","title":"Chief Information Officer"}],"links":[],"pronouns":null,"media":[],"id":54148,"title":"Chief Information Officer at DARPA"},{"content_ids":[54451],"conference_id":133,"event_ids":[54824],"name":"Dr. Stefanie Tompkins","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Defense Advanced Research Projects Agency (DARPA)","title":"Director"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/stefanie-tompkins-3180a9140/"}],"media":[],"id":54151,"title":"Director at Defense Advanced Research Projects Agency (DARPA)"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:58Z","links":[],"end":"2024-08-09T20:45:00.000-0000","id":54824,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54151},{"tag_id":46167,"sort_order":4,"person_id":54123},{"tag_id":46167,"sort_order":6,"person_id":54148}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Endpoint detection and response (EDR) software has gained significant market share due to its ability to examine system state for signs of malware and attacker activity well beyond what traditional anti-virus software is capable of detecting. This deep inspection capability of EDRs has led to an arms race with malware developers who want to evade EDRs while still achieving desired goals, such as code injection, lateral movement, and credential theft. This monitoring and evasion occurs in the lowest levels of hardware and software, including call stack frames, exception handlers, system calls, and manipulation of native instructions. Given this reality, EDRs are limited in how much lower they can operate to maintain an advantage. The success of EDR bypasses has led to their use in many high-profile attacks and by prolific ransomware groups.\r\n \r\nIn this talk, we discuss our research effort that led to the development of new memory forensics techniques for the detection of the bypasses that malware uses to evade EDRs. This includes bypass techniques, such as direct and indirect system calls, module overwriting, malicious exceptions handlers, and abuse of debug registers. Our developed capabilities were created as new plugins to the Volatility memory analysis framework, version 3, and will be released after the talk.\r\n\r\n1. “Operation Dragon Castling: APT group targeting betting companies,” [link](https://cymulate.com/threats/operation-dragon-castling-apt-group-targeting-betting-companies/), 2023.\r\n2. “Defeating Guloader Anti-Analysis Technique,” [link](https://unit42.paloaltonetworks.com/guloader-variant-anti-analysis/), 2023.\r\n3. “A Deep Dive Into ALPHV/BlackCat Ransomware,” [link](https://securityscorecard.com/research/deep-dive-into-alphv-blackcat-ransomware/), 2024.\r\n4. “APT Operation Skeleton Key,” [link](https://cycraft.com/download/CyCraft-Whitepaper-Chimera%20V4.1.pdf), 2023.\r\n5. “LockBit Ransomware Side-loads Cobalt Strike Beacon with Legitimate VMware Utility,” [link](https://www.sentinelone.com/labs/lockbit-ransomware-side-loads-cobalt-strike-beacon-with-legitimate-vmware-utility/), 2024.19\r\n6. “BlueBravo Uses Ambassador Lure to Deploy,” [link](https://go.recordedfuture.com/hubfs/reports/cta-2023-0127.pdf), 2024.\r\n7. “UNMASKING THE DARK ART OF VECTORED EXCEPTION HANDLING: BYPASSING XDR AND EDR IN THE EVOLVING CYBER THREAT LANDSCAPE,” [link](https://blackhatmea.com/session/unmasking-dark-art-vectored-exception-handling-bypassing-xdr-and-edr-evolving-cyber-threat), 2023.\r\n8. “Dirty Vanity: A New Approach to Code injection & EDR by-pass,” [link](https://i.blackhat.com/EU-22/Thursday-Briefings/EU-22-Nissan-DirtyVanity.pdf), 2022.\r\n9. Volexity, “Surge Collect Pro,” [link](https://www.volexity.com/products-overview/surge/), 2022.\r\n10. “capstone,” [link](https://www.capstone-engine.org/), 2024.\r\n11. “Silencing cylance: A case study in modern edrs,” [link](https://www.mdsec.co.uk/2019/03/silencing-cylance-a-case-study-in-modern-edrs/), 2019.\r\n12. “Av/edr evasion — malware development p — 3,” [link](https://medium.com/@0xHossam/unhooking-memory-object-hiding-3229b75618f7), 2023.\r\n13. “A practical guide to bypassing userland api hooking,” [link](https://www.advania.co.uk/insights/blog/a-practical-guide-to-bypassing-userland-api-hooking/), 2022.\r\n14. A. Case, A. Ali-Gombe, M. Sun, R. Maggio, M. Firoz-Ul-Amin, M. Jalalzai, and G. G. R. III, “HookTracer: A System for Automated and Accessible API Hooks Analysis,” Proceedings of the 18th Annual Digital Forensics Research Conference (DFRWS), 2019.\r\n15. F. Block, “Windows memory forensics: Identification of (malicious) modifications in memory-mapped image files,” Forensic Science International: Digital Investigation, 2023. (Online). Available: [link](https://www.sciencedirect.com/science/article/pii/S2666281723000707)\r\n16. F. Block and A. Dewald, “Windows memory forensics: Detecting (un)intentionally hidden injected code by examining page table entries,” Digital Investigation, vol. 29, pp. S3–S12, 07 2019.\r\n17. “CCob,” [link](https://github.com/CCob/SylantStrike/tree/master), 2024.\r\n18. “Lets Create An EDR. . . And Bypass It! Part 1,” [link](https://ethicalchaos.dev/2020/05/27/lets-create-an-edr-and-bypass-it-part-1/), 2020.\r\n19. “r77 rootkit,” [link](https://github.com/bytecode77/r77-rootkit/), 2024.\r\n20. “Deep Vanity,” [link](https://github.com/deepinstinct/Dirty-Vanity), 2022. 20\r\n21. “Peruns-Fart,” [link](https://github.com/plackyhacker/Peruns-Fart/), 2023.\r\n22. “FREEZE – A PAYLOAD TOOLKIT FOR BYPASSING EDRS USING SUSPENDED PROCESSES,” [link](https://www.hawk-eye.io/2023/06/freeze-a-payload-toolkit-for-bypassing-edrs-using-suspended-processes/), 2023.\r\n23. “Process Cloning,” [link](https://github.com/huntandhackett/process-cloning), 2023.\r\n24. “APT Group Chimera,” [link](https://cycraft.com/download/CyCraft-Whitepaper-Chimera%20V4.1.pdf), 2022.\r\n25. “Red Team Tactics: Combining Direct System Calls and sRDI to bypass AV/EDR,” [link](https://www.outflank.nl/blog/2019/06/19/red-team-tactics-combining-direct-system-calls-and-srdi-to-bypass-av-edr/), 2019.\r\n26. “Hell’s Gate,” [link](https://github.com/am0nsec/HellsGate/blob/master/hells-gate.pdf), 2020.\r\n27. “Halo’s Gate,” [link](https://blog.sektor7.net/#!res/2021/halosgate.md), 2021.\r\n28. “Tartarus Gate,” [link](https://trickster0.github.io/posts/Halo’s-Gate-Evolves-to-Tartarus-Gate/), 2021.\r\n29. “Bypassing User-Mode Hooks and Direct Invocation of System Calls for Red Teams,” [link](https://www.mdsec.co.uk/2020/12/bypassing-user-mode-hooks-and-direct-invocation-of-system-calls-for-red-teams/), 2020.\r\n30. “SysWhispers2,” [link](https://github.com/jthuraisamy/SysWhispers2), 2022.\r\n31. “An Introduction into Stack Spoofing,” [link](https://dtsec.us/2023-09-15-StackSpoofin/), 2023.\r\n32. “SilentMoonwalk: Implementing a dynamic Call Stack Spoofer,” [link](https://klezvirus.github.io/RedTeaming/AV%20Evasion/StackSpoofing/), 2022.\r\n33. “Spoofing Call Stacks To Confuse EDRs,” [link](https://labs.withsecure.com/publications/spoofing-call-stacks-to-confuse-edrs), 2022.\r\n34. “Behind the Mask: Spoofing Call Stacks Dynamically with Timers,” [link](https://www.cobaltstrike.com/blog/behind-the-mask-spoofing-call-stacks-dynamically-with-timers), 2022.\r\n35. “HellHall,” [link](https://github.com/Maldev-Academy/HellHall), 2023.\r\n36. [link](http://phrack.org/issues/65/8.html#article), 2008.\r\n37. “Defeating Guloader Anti-Analysis Technique,” [link](https://unit42.paloaltonetworks.com/guloader-variant-anti-analysis/), 2022.21\r\n38. “GULoader Campaigns: A Deep Dive Analysis of a highly evasive Shellcode based loader,” [link](https://www.mcafee.com/blogs/other-blogs/mcafee-labs/guloader-campaigns-a-deep-dive-analysis-of-a-highly-evasive-shellcode-based-loader/), 2023.\r\n39. “Gh0stRat Anti-Debugging : Nested SEH (try - catch) to Decrypt and Load its Payload,” [link](https://tccontre.blogspot.com/2021/02/gh0strat-anti-debugging-nested-seh-try.html), 2021.\r\n40. “Syscalls via Vectored Exception Handling,” [link](https://redops.at/en/blog/syscalls-via-vectored-exception-handling), 2024.\r\n41. “Bypassing AV/EDR Hooks via Vectored Syscall - POC,” [link](https://cyberwarfare.live/bypassing-av-edr-hooks-via-vectored-syscall-poc/), 2022.\r\n42. “MutationGate,” [link](https://github.com/senzee1984/MutationGate/tree/main), 2024.\r\n43. Cymulate Research, “BlindSide,” [link](https://github.com/CymulateResearch/Blindside/blob/main/Blindside/Blindside.cpp#L31), 2023.\r\n44. “In-Process Patchless AMSI Bypass,” [link](https://ethicalchaos.dev/2022/04/17/in-process-patchless-amsi-bypass/), 2022.\r\n45. “PatchlessCLR,” [link](https://github.com/VoldeSec/PatchlessCLRLoader/tree/main), 2022.\r\n46. “Dumping the VEH in Windows 10,” [link](https://dimitrifourny.github.io/2020/06/11/dumping-veh-win10.html), 2020.\r\n47. “Detecting anomalous Vectored Exception Handlers on Windows,” [link](https://research.nccgroup.com/2022/03/01/detecting-anomalous-vectored-exception-handlers-on-windows/), 2022.\r\n48. “SetUnhandledExceptionFilter,” [link](https://learn.microsoft.com/en-us/windows/win32/api/errhandlingapi/nf-errhandlingapi-setunhandledexceptionfilter), 2024.\r\n\n\n\n","media":[],"title":"Defeating EDR Evading Malware with Memory Forensics","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"Endpoint detection and response (EDR) software has gained significant market share due to its ability to examine system state for signs of malware and attacker activity well beyond what traditional anti-virus software is capable of detecting. This deep inspection capability of EDRs has led to an arms race with malware developers who want to evade EDRs while still achieving desired goals, such as code injection, lateral movement, and credential theft. This monitoring and evasion occurs in the lowest levels of hardware and software, including call stack frames, exception handlers, system calls, and manipulation of native instructions. Given this reality, EDRs are limited in how much lower they can operate to maintain an advantage. The success of EDR bypasses has led to their use in many high-profile attacks and by prolific ransomware groups.\r\n \r\nIn this talk, we discuss our research effort that led to the development of new memory forensics techniques for the detection of the bypasses that malware uses to evade EDRs. This includes bypass techniques, such as direct and indirect system calls, module overwriting, malicious exceptions handlers, and abuse of debug registers. Our developed capabilities were created as new plugins to the Volatility memory analysis framework, version 3, and will be released after the talk.\r\n\r\n1. “Operation Dragon Castling: APT group targeting betting companies,” [link](https://cymulate.com/threats/operation-dragon-castling-apt-group-targeting-betting-companies/), 2023.\r\n2. “Defeating Guloader Anti-Analysis Technique,” [link](https://unit42.paloaltonetworks.com/guloader-variant-anti-analysis/), 2023.\r\n3. “A Deep Dive Into ALPHV/BlackCat Ransomware,” [link](https://securityscorecard.com/research/deep-dive-into-alphv-blackcat-ransomware/), 2024.\r\n4. “APT Operation Skeleton Key,” [link](https://cycraft.com/download/CyCraft-Whitepaper-Chimera%20V4.1.pdf), 2023.\r\n5. “LockBit Ransomware Side-loads Cobalt Strike Beacon with Legitimate VMware Utility,” [link](https://www.sentinelone.com/labs/lockbit-ransomware-side-loads-cobalt-strike-beacon-with-legitimate-vmware-utility/), 2024.19\r\n6. “BlueBravo Uses Ambassador Lure to Deploy,” [link](https://go.recordedfuture.com/hubfs/reports/cta-2023-0127.pdf), 2024.\r\n7. “UNMASKING THE DARK ART OF VECTORED EXCEPTION HANDLING: BYPASSING XDR AND EDR IN THE EVOLVING CYBER THREAT LANDSCAPE,” [link](https://blackhatmea.com/session/unmasking-dark-art-vectored-exception-handling-bypassing-xdr-and-edr-evolving-cyber-threat), 2023.\r\n8. “Dirty Vanity: A New Approach to Code injection & EDR by-pass,” [link](https://i.blackhat.com/EU-22/Thursday-Briefings/EU-22-Nissan-DirtyVanity.pdf), 2022.\r\n9. Volexity, “Surge Collect Pro,” [link](https://www.volexity.com/products-overview/surge/), 2022.\r\n10. “capstone,” [link](https://www.capstone-engine.org/), 2024.\r\n11. “Silencing cylance: A case study in modern edrs,” [link](https://www.mdsec.co.uk/2019/03/silencing-cylance-a-case-study-in-modern-edrs/), 2019.\r\n12. “Av/edr evasion — malware development p — 3,” [link](https://medium.com/@0xHossam/unhooking-memory-object-hiding-3229b75618f7), 2023.\r\n13. “A practical guide to bypassing userland api hooking,” [link](https://www.advania.co.uk/insights/blog/a-practical-guide-to-bypassing-userland-api-hooking/), 2022.\r\n14. A. Case, A. Ali-Gombe, M. Sun, R. Maggio, M. Firoz-Ul-Amin, M. Jalalzai, and G. G. R. III, “HookTracer: A System for Automated and Accessible API Hooks Analysis,” Proceedings of the 18th Annual Digital Forensics Research Conference (DFRWS), 2019.\r\n15. F. Block, “Windows memory forensics: Identification of (malicious) modifications in memory-mapped image files,” Forensic Science International: Digital Investigation, 2023. (Online). Available: [link](https://www.sciencedirect.com/science/article/pii/S2666281723000707)\r\n16. F. Block and A. Dewald, “Windows memory forensics: Detecting (un)intentionally hidden injected code by examining page table entries,” Digital Investigation, vol. 29, pp. S3–S12, 07 2019.\r\n17. “CCob,” [link](https://github.com/CCob/SylantStrike/tree/master), 2024.\r\n18. “Lets Create An EDR. . . And Bypass It! Part 1,” [link](https://ethicalchaos.dev/2020/05/27/lets-create-an-edr-and-bypass-it-part-1/), 2020.\r\n19. “r77 rootkit,” [link](https://github.com/bytecode77/r77-rootkit/), 2024.\r\n20. “Deep Vanity,” [link](https://github.com/deepinstinct/Dirty-Vanity), 2022. 20\r\n21. “Peruns-Fart,” [link](https://github.com/plackyhacker/Peruns-Fart/), 2023.\r\n22. “FREEZE – A PAYLOAD TOOLKIT FOR BYPASSING EDRS USING SUSPENDED PROCESSES,” [link](https://www.hawk-eye.io/2023/06/freeze-a-payload-toolkit-for-bypassing-edrs-using-suspended-processes/), 2023.\r\n23. “Process Cloning,” [link](https://github.com/huntandhackett/process-cloning), 2023.\r\n24. “APT Group Chimera,” [link](https://cycraft.com/download/CyCraft-Whitepaper-Chimera%20V4.1.pdf), 2022.\r\n25. “Red Team Tactics: Combining Direct System Calls and sRDI to bypass AV/EDR,” [link](https://www.outflank.nl/blog/2019/06/19/red-team-tactics-combining-direct-system-calls-and-srdi-to-bypass-av-edr/), 2019.\r\n26. “Hell’s Gate,” [link](https://github.com/am0nsec/HellsGate/blob/master/hells-gate.pdf), 2020.\r\n27. “Halo’s Gate,” [link](https://blog.sektor7.net/#!res/2021/halosgate.md), 2021.\r\n28. “Tartarus Gate,” [link](https://trickster0.github.io/posts/Halo’s-Gate-Evolves-to-Tartarus-Gate/), 2021.\r\n29. “Bypassing User-Mode Hooks and Direct Invocation of System Calls for Red Teams,” [link](https://www.mdsec.co.uk/2020/12/bypassing-user-mode-hooks-and-direct-invocation-of-system-calls-for-red-teams/), 2020.\r\n30. “SysWhispers2,” [link](https://github.com/jthuraisamy/SysWhispers2), 2022.\r\n31. “An Introduction into Stack Spoofing,” [link](https://dtsec.us/2023-09-15-StackSpoofin/), 2023.\r\n32. “SilentMoonwalk: Implementing a dynamic Call Stack Spoofer,” [link](https://klezvirus.github.io/RedTeaming/AV%20Evasion/StackSpoofing/), 2022.\r\n33. “Spoofing Call Stacks To Confuse EDRs,” [link](https://labs.withsecure.com/publications/spoofing-call-stacks-to-confuse-edrs), 2022.\r\n34. “Behind the Mask: Spoofing Call Stacks Dynamically with Timers,” [link](https://www.cobaltstrike.com/blog/behind-the-mask-spoofing-call-stacks-dynamically-with-timers), 2022.\r\n35. “HellHall,” [link](https://github.com/Maldev-Academy/HellHall), 2023.\r\n36. [link](http://phrack.org/issues/65/8.html#article), 2008.\r\n37. “Defeating Guloader Anti-Analysis Technique,” [link](https://unit42.paloaltonetworks.com/guloader-variant-anti-analysis/), 2022.21\r\n38. “GULoader Campaigns: A Deep Dive Analysis of a highly evasive Shellcode based loader,” [link](https://www.mcafee.com/blogs/other-blogs/mcafee-labs/guloader-campaigns-a-deep-dive-analysis-of-a-highly-evasive-shellcode-based-loader/), 2023.\r\n39. “Gh0stRat Anti-Debugging : Nested SEH (try - catch) to Decrypt and Load its Payload,” [link](https://tccontre.blogspot.com/2021/02/gh0strat-anti-debugging-nested-seh-try.html), 2021.\r\n40. “Syscalls via Vectored Exception Handling,” [link](https://redops.at/en/blog/syscalls-via-vectored-exception-handling), 2024.\r\n41. “Bypassing AV/EDR Hooks via Vectored Syscall - POC,” [link](https://cyberwarfare.live/bypassing-av-edr-hooks-via-vectored-syscall-poc/), 2022.\r\n42. “MutationGate,” [link](https://github.com/senzee1984/MutationGate/tree/main), 2024.\r\n43. Cymulate Research, “BlindSide,” [link](https://github.com/CymulateResearch/Blindside/blob/main/Blindside/Blindside.cpp#L31), 2023.\r\n44. “In-Process Patchless AMSI Bypass,” [link](https://ethicalchaos.dev/2022/04/17/in-process-patchless-amsi-bypass/), 2022.\r\n45. “PatchlessCLR,” [link](https://github.com/VoldeSec/PatchlessCLRLoader/tree/main), 2022.\r\n46. “Dumping the VEH in Windows 10,” [link](https://dimitrifourny.github.io/2020/06/11/dumping-veh-win10.html), 2020.\r\n47. “Detecting anomalous Vectored Exception Handlers on Windows,” [link](https://research.nccgroup.com/2022/03/01/detecting-anomalous-vectored-exception-handlers-on-windows/), 2022.\r\n48. “SetUnhandledExceptionFilter,” [link](https://learn.microsoft.com/en-us/windows/win32/api/errhandlingapi/nf-errhandlingapi-setunhandledexceptionfilter), 2024.","updated_timestamp":{"seconds":1720462370,"nanoseconds":0},"speakers":[{"content_ids":[54450],"conference_id":133,"event_ids":[54823],"name":"Austin Sellers","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Volexity","title":"Detection Engineer"}],"links":[],"pronouns":null,"media":[],"id":54070,"title":"Detection Engineer at Volexity"},{"content_ids":[54450],"conference_id":133,"event_ids":[54823],"name":"Andrew Case","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Volexity","title":"Director of Research"}],"links":[],"pronouns":"he/him","media":[],"id":54100,"title":"Director of Research at Volexity"},{"content_ids":[54450],"conference_id":133,"event_ids":[54823],"name":"Gustavo Moreira","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Volexity","title":"Senior Security Engineer"}],"links":[],"pronouns":null,"media":[],"id":54139,"title":"Senior Security Engineer at Volexity"},{"content_ids":[54450],"conference_id":133,"event_ids":[54823],"name":"David McDonald","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Volexity","title":"Volcano team"}],"links":[],"pronouns":null,"media":[],"id":54180,"title":"Volcano team at Volexity"},{"content_ids":[54450],"conference_id":133,"event_ids":[54823],"name":"Golden Richard","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Center for Computation and Technology (CCT) at LSU","title":"Professor of Computer Science and Engineering and Associate Director for Cybersecurity"}],"links":[],"pronouns":null,"media":[],"id":54186,"title":"Professor of Computer Science and Engineering and Associate Director for Cybersecurity at Center for Computation and Technology (CCT) at LSU"}],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:12:50Z","links":[],"end":"2024-08-09T20:45:00.000-0000","id":54823,"tag_ids":[46166,46169,46419,46438,46881],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"Tool 🛠, Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":54100},{"tag_id":46167,"sort_order":4,"person_id":54070},{"tag_id":46167,"sort_order":6,"person_id":54186},{"tag_id":46167,"sort_order":8,"person_id":54180},{"tag_id":46167,"sort_order":10,"person_id":54139}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-08T18:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Welcome to the “AI Art Battle\" Generative AI Art Contest! \r\n\r\nThis unique competition invites creative minds to dive into the world of artificial intelligence and art. The challenge is to craft the most imaginative prompts that will be used by generative AI models to create artwork.\r\n\r\nContestants will not be creating the art themselves; instead, they will focus on designing prompts for well-known topics that push the boundaries of creativity and innovation.\r\n\r\nHow It Works: \r\n\r\nSelect a Topic: Contestants will choose from a list of random topics. \r\n\r\nThese could range from historical events, famous literary works, mythical creatures, futuristic landscapes, to iconic pop culture references. \r\n\r\nCraft a Prompt: \r\n\r\nUsing their creativity, contestants will write a detailed prompt designed to guide AI models in generating original artwork. The prompts should be clear, imaginative, and offer enough detail to spark the AI's artistic capabilities. \r\n\r\nSubmission: Each contestant will submit their prompt and the intended outcome. \r\n\r\nAI Generation: The submitted prompts will be fed into a generative AI art model, which will create corresponding artworks based on the prompts.\r\n\r\nA random panel will determine who the winners are.\r\n\r\nSchedule:\r\n- 13:00 - 13:30 setup\r\n- 13:30 - 14:00 qualifiers\r\n- 14:00 - 15:00 contest\r\n\n\n\n","media":[{"hash_sha256":"7c7db21dd301cc94bb3871fdc1ae0446967c7ef507540de50b7d2c736a460a0d","filetype":"image/png","hash_md5":"89fe8dd9f1d2af64919f4583216681ca","name":"ct_ai_art_battle.png","is_logo":"Y","hash_crc32c":"c7772e60","filesize":634922,"asset_id":707,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_ai_art_battle.png"}],"title":"AI Art Battle","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"Welcome to the “AI Art Battle\" Generative AI Art Contest! \r\n\r\nThis unique competition invites creative minds to dive into the world of artificial intelligence and art. The challenge is to craft the most imaginative prompts that will be used by generative AI models to create artwork.\r\n\r\nContestants will not be creating the art themselves; instead, they will focus on designing prompts for well-known topics that push the boundaries of creativity and innovation.\r\n\r\nHow It Works: \r\n\r\nSelect a Topic: Contestants will choose from a list of random topics. \r\n\r\nThese could range from historical events, famous literary works, mythical creatures, futuristic landscapes, to iconic pop culture references. \r\n\r\nCraft a Prompt: \r\n\r\nUsing their creativity, contestants will write a detailed prompt designed to guide AI models in generating original artwork. The prompts should be clear, imaginative, and offer enough detail to spark the AI's artistic capabilities. \r\n\r\nSubmission: Each contestant will submit their prompt and the intended outcome. \r\n\r\nAI Generation: The submitted prompts will be fed into a generative AI art model, which will create corresponding artworks based on the prompts.\r\n\r\nA random panel will determine who the winners are.\r\n\r\nSchedule:\r\n- 13:00 - 13:30 setup\r\n- 13:30 - 14:00 qualifiers\r\n- 14:00 - 15:00 contest","updated_timestamp":{"seconds":1720390566,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T22:16:06Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249452"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249453"}],"end":"2024-08-09T22:00:00.000-0000","id":54610,"tag_ids":[46439,46491],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46334,"name":"LVCC - L1 - North Lobby Contests/ACK Stage","hotel":"","short_name":"North Lobby Contests/ACK Stage","id":46332},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-07-07T22:16:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ham radio is the original group of electronic hackers, starting long before computers, circuit chips, or even transistors. Continuing this pioneer spirit, The Ham Radio Village is offering free ham radio exams again at DEF CON! All are welcome to come and take the exam and get their amateur radio license upon passing. All three levels (technician, general, and amateur extra) of exams will be offered during DEF CON at the Ham Radio Village. Examinees are encouraged to study the question pool and take practice exams on ham.study.\r\n\r\nEverything we do today involves wireless communications of some sort, and a basic knowledge of how radio works is crucial. Getting your amateur radio license and entering the world of amateur radio will better equip you with knowledge about what goes on in the radio frequency domain, and this can be applied to other RF topics (like RFID credentials, WiFi, or anything else that communicated wirelessly)\n\n\n","media":[{"hash_sha256":"8121f8bfb8be2b701aea4941904ae7a178b8b90e84dd6cf786636abf65c33a38","filetype":"image/png","hash_md5":"d4129f6c22e4e172784f5759c4bb75d9","name":"pme_hamexams.png","is_logo":"Y","hash_crc32c":"ff2e55b6","filesize":31886,"asset_id":680,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_hamexams.png"}],"title":"Ham Radio Exams","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Ham radio is the original group of electronic hackers, starting long before computers, circuit chips, or even transistors. Continuing this pioneer spirit, The Ham Radio Village is offering free ham radio exams again at DEF CON! All are welcome to come and take the exam and get their amateur radio license upon passing. All three levels (technician, general, and amateur extra) of exams will be offered during DEF CON at the Ham Radio Village. Examinees are encouraged to study the question pool and take practice exams on ham.study.\r\n\r\nEverything we do today involves wireless communications of some sort, and a basic knowledge of how radio works is crucial. Getting your amateur radio license and entering the world of amateur radio will better equip you with knowledge about what goes on in the radio frequency domain, and this can be applied to other RF topics (like RFID credentials, WiFi, or anything else that communicated wirelessly)","updated_timestamp":{"seconds":1718812742,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T20:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T15:59:02Z","links":[{"label":"Website","type":"link","url":"https://hamvillage.org/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249512"},{"label":"Registration (Free)","type":"link","url":"https://ham.study/sessions/669069be6af12f90943be578/1"},{"label":"Twitter (@HamRadioVillage)","type":"link","url":"https://twitter.com/HamRadioVillage"}],"end":"2024-08-09T23:00:00.000-0000","id":54508,"tag_ids":[46365,46380],"village_id":null,"begin_timestamp":{"seconds":1723233600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W320","hotel":"","short_name":"W320","id":46299},"spans_timebands":"N","begin":"2024-08-09T20:00:00.000-0000","updated":"2024-06-19T15:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Enterprise users on their web browsers are prime targets for attackers, penetration testers, and red teamers. A common tactic involves tricking users into clicking on spear-phishing emails, downloading malicious documents or binaries, and subsequently compromising their systems. To mitigate these web-based initial access threats, enterprises deploy Secure Web Gateways (SWGs). SWGs are essentially SSL-intercepting cloud proxies that inspect web traffic, blocking attacks such as malicious file downloads, harmful websites, and scripts. Since all web traffic from users' browsers is routed through these proxies, SWGs have complete visibility into the scripts loading into users' browsers and the capability to block them.\n\nIn this talk, we will explore how to conduct reconnaissance against SWGs, identify the vendor and location, reconstruct the rules and policies applied, and identify bypasses based on these insights. We will introduce SWGRecon, a new tool designed to automate enumeration processes. This tool can be deployed as a JavaScript file for automatic enumeration and is complemented by a browser extension for certain scenarios. Our techniques have been rigorously tested against all the leading vendors in the market and have proven to be highly effective as of this writing.\n\nOur primary objective is to raise awareness about how easily an attacker can deploy JavaScript via their website or inject it into a known website, uncovering loopholes in SWG rules and policies. By exploiting these loopholes, attackers can bypass protections and deliver malware or malicious websites directly to enterprise users' browsers.\n\n\n","media":[],"title":"SWGRecon: Automate SWG Rules, Policy, and Bypass Enumeration","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:25:00Z","end_timestamp":{"seconds":1723235100,"nanoseconds":0},"android_description":"Enterprise users on their web browsers are prime targets for attackers, penetration testers, and red teamers. A common tactic involves tricking users into clicking on spear-phishing emails, downloading malicious documents or binaries, and subsequently compromising their systems. To mitigate these web-based initial access threats, enterprises deploy Secure Web Gateways (SWGs). SWGs are essentially SSL-intercepting cloud proxies that inspect web traffic, blocking attacks such as malicious file downloads, harmful websites, and scripts. Since all web traffic from users' browsers is routed through these proxies, SWGs have complete visibility into the scripts loading into users' browsers and the capability to block them.\n\nIn this talk, we will explore how to conduct reconnaissance against SWGs, identify the vendor and location, reconstruct the rules and policies applied, and identify bypasses based on these insights. We will introduce SWGRecon, a new tool designed to automate enumeration processes. This tool can be deployed as a JavaScript file for automatic enumeration and is complemented by a browser extension for certain scenarios. Our techniques have been rigorously tested against all the leading vendors in the market and have proven to be highly effective as of this writing.\n\nOur primary objective is to raise awareness about how easily an attacker can deploy JavaScript via their website or inject it into a known website, uncovering loopholes in SWG rules and policies. By exploiting these loopholes, attackers can bypass protections and deliver malware or malicious websites directly to enterprise users' browsers.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[54555,54470,55984,55899],"conference_id":133,"event_ids":[56606,56486,54843,54930],"name":"Vivek Ramachandran","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SquareX","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/vivekramachandran/"},{"description":"","title":"Twitter (@vivekramac)","sort_order":0,"url":"https://x.com/vivekramac"}],"media":[],"id":54075,"title":"Founder at SquareX"}],"begin_tsz":"2024-08-09T19:40:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T20:25:00.000-0000","id":56486,"tag_ids":[46391,46511],"village_id":null,"begin_timestamp":{"seconds":1723232400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54075}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T19:40:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Esta plática abordará detalles sobre tres investigaciones recientemente realizadas por el equipo de respuesta a incidentes (GERT) y el equipo de investigación (GReAT). La plática será impartida por María Isabel (GReAT) y Ashley Hiram (GERT) mostrando las investigaciones hechas en conjunto con la finalidad de brindar diferentes perspectivas, así como resaltar la colaboración y resultados de ambos equipos, resaltando que una de ellas nos permitió añadir una sub-técnica al MITRE ATT&CK.\r\n\r\nLas investigaciones a mostrar son conocidas como:\r\n\r\n\r\n- NKAbuse: Malware que utiliza Blockchain para su C2.\r\n- LockBit 3.0 Builder: Capacidades adicionales a LockBit.\r\n- Grandoreiro: Campañas de alcance global.\r\n\r\nWe will talk about three investigations recently conducted by the Incident Response Team (GERT) and the Investigation Team (GReAT). The talk will be given by María Isabel (GReAT) and Ashley Hiram (GERT) showing the research done together with the purpose of providing different perspectives, as well as highlighting the collaboration and results of both teams, highlighting that one of them allowed us to add a sub-technical to MITRE ATT&CK.\r\n\r\nThe investigations to be shown are known as:\r\n\r\n- NKAbuse: Malware that uses Blockchain for your C2.\r\n- LockBit 3.0 Builder: Additional capabilities to LockBit.\r\n- Grandoreiro: Global reach campaigns.\r\n\n\n\n","media":[],"title":"Mexicans Together - Un vistazo a recientes investigaciones de nuestros dos equipos globales","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:30:00Z","end_timestamp":{"seconds":1723235400,"nanoseconds":0},"android_description":"Esta plática abordará detalles sobre tres investigaciones recientemente realizadas por el equipo de respuesta a incidentes (GERT) y el equipo de investigación (GReAT). La plática será impartida por María Isabel (GReAT) y Ashley Hiram (GERT) mostrando las investigaciones hechas en conjunto con la finalidad de brindar diferentes perspectivas, así como resaltar la colaboración y resultados de ambos equipos, resaltando que una de ellas nos permitió añadir una sub-técnica al MITRE ATT&CK.\r\n\r\nLas investigaciones a mostrar son conocidas como:\r\n\r\n\r\n- NKAbuse: Malware que utiliza Blockchain para su C2.\r\n- LockBit 3.0 Builder: Capacidades adicionales a LockBit.\r\n- Grandoreiro: Campañas de alcance global.\r\n\r\nWe will talk about three investigations recently conducted by the Incident Response Team (GERT) and the Investigation Team (GReAT). The talk will be given by María Isabel (GReAT) and Ashley Hiram (GERT) showing the research done together with the purpose of providing different perspectives, as well as highlighting the collaboration and results of both teams, highlighting that one of them allowed us to add a sub-technical to MITRE ATT&CK.\r\n\r\nThe investigations to be shown are known as:\r\n\r\n- NKAbuse: Malware that uses Blockchain for your C2.\r\n- LockBit 3.0 Builder: Additional capabilities to LockBit.\r\n- Grandoreiro: Global reach campaigns.","updated_timestamp":{"seconds":1722701501,"nanoseconds":0},"speakers":[{"content_ids":[55960],"conference_id":133,"event_ids":[56576],"name":"Ashley Hiram M.","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Incident Response Specialist (GERT)"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ashley-hiram-m-382648a0/"},{"description":"","title":"Twitter (@3NTR0_py)","sort_order":0,"url":"https://twitter.com/3NTR0_py"}],"media":[],"id":56295,"title":"Incident Response Specialist (GERT)"},{"content_ids":[55960,55970],"conference_id":133,"event_ids":[56576,56586],"name":"Isabel Manjarrez","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Threat Researcher (GReAT)"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@IsMR0a)","sort_order":0,"url":"https://x.com/IsMR0a"}],"media":[],"id":56306,"title":"Threat Researcher (GReAT)"}],"begin_tsz":"2024-08-09T19:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T16:11:41Z","links":[],"end":"2024-08-09T20:30:00.000-0000","id":56576,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723231800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56295},{"tag_id":46167,"sort_order":4,"person_id":56306}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-09T19:30:00.000-0000","updated":"2024-08-03T16:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk will cover:\r\n- Timeline of stealer variants rise\r\n- Common stealer behaviors\r\n- The anatomy of a stealer log\r\n- An overview of stealer log sales and trading points in cybercrime communities\r\n- Insights from our analysis of millions of stealer logs\r\n- Automation pipeline for stealer log collection\r\n- Stealer log parsing and analysis\r\n- Post-discovery response\r\n- Other defensive strategies for stealer defense\n\n\nWhat would someone know about you if they had all of the credentials saved on your computer? More importantly what would you know about the world if you had 60 million random samples of all of the credentials saved on the' computers of others? Join Eric Clay and Nick Ascoli as they dive into the fascinating world of stealer logs. Nick & Eric have spent more than 6 months examining the world's most comprehensive stealer log data set to understand.... well everything. Nick and Eric will not only go deep and examine one of the most interesting data sets for intelligence around, but will demonstrate data pipelines you can implement for collecting and operationalizing stealer logs for defense.","media":[],"title":"Stealer Logs: Automation, Analysis, & Espionage in the World's Most Interesting Dataset","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:30:00Z","end_timestamp":{"seconds":1723235400,"nanoseconds":0},"android_description":"This talk will cover:\r\n- Timeline of stealer variants rise\r\n- Common stealer behaviors\r\n- The anatomy of a stealer log\r\n- An overview of stealer log sales and trading points in cybercrime communities\r\n- Insights from our analysis of millions of stealer logs\r\n- Automation pipeline for stealer log collection\r\n- Stealer log parsing and analysis\r\n- Post-discovery response\r\n- Other defensive strategies for stealer defense\n\n\nWhat would someone know about you if they had all of the credentials saved on your computer? More importantly what would you know about the world if you had 60 million random samples of all of the credentials saved on the' computers of others? Join Eric Clay and Nick Ascoli as they dive into the fascinating world of stealer logs. Nick & Eric have spent more than 6 months examining the world's most comprehensive stealer log data set to understand.... well everything. Nick and Eric will not only go deep and examine one of the most interesting data sets for intelligence around, but will demonstrate data pipelines you can implement for collecting and operationalizing stealer logs for defense.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55752,55308],"conference_id":133,"event_ids":[55698,56277],"name":"Eric Clay","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55813},{"content_ids":[55308,55752],"conference_id":133,"event_ids":[55698,56277],"name":"Nick Ascoli","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@kcin418)","sort_order":0,"url":"https://twitter.com/kcin418"}],"media":[],"id":55861}],"begin_tsz":"2024-08-09T19:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-09T20:30:00.000-0000","id":56277,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723231800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55813},{"tag_id":46167,"sort_order":6,"person_id":55861}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-09T19:30:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"I conducted thorough research on a corporate banking software widely utilized by numerous banks globally. This research was conducted during a bug bounty program for a leading bank in middle east, which employs this software. By examining their marketing brochures, we identified the third party company responsible for its development and after looking at their client we found out, their software is utilized by 60-70% of banks worldwide.\r\n\r\nIn this talk i will explain how did i recon corporate banking application from extracting interesting endpoints and methods. Further used them to find attack surface. Furthermore, I will delve into the methods used to uncover critical vulnerabilities within their application, including SQL injections, bypassing access control mechanisms etc.\n\n\n","media":[],"title":"Hacking Corporate Banking for Fun and Profit","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"I conducted thorough research on a corporate banking software widely utilized by numerous banks globally. This research was conducted during a bug bounty program for a leading bank in middle east, which employs this software. By examining their marketing brochures, we identified the third party company responsible for its development and after looking at their client we found out, their software is utilized by 60-70% of banks worldwide.\r\n\r\nIn this talk i will explain how did i recon corporate banking application from extracting interesting endpoints and methods. Further used them to find attack surface. Furthermore, I will delve into the methods used to uncover critical vulnerabilities within their application, including SQL injections, bypassing access control mechanisms etc.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[54589,55734],"conference_id":133,"event_ids":[56261,54964],"name":"Nikhil \"niks\" Shrivastava","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@niksthehacker)","sort_order":0,"url":"https://twitter.com/niksthehacker"}],"media":[],"id":54340},{"content_ids":[54589,55734],"conference_id":133,"event_ids":[56261,54964],"name":"Charles Waterhouse","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56108}],"begin_tsz":"2024-08-09T19:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56261,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723231800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56108},{"tag_id":46167,"sort_order":6,"person_id":54340}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-09T19:30:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cloud Offensive Breach and Risk Assessment (COBRA) is an open-source tool designed to empower users to simulate attacks within multi-cloud environments, offering a comprehensive evaluation of security controls. By automating the testing of various threat vectors including external and insider threats, lateral movement, and data exfiltration, COBRA enables organizations to gain insights into their security posture vulnerabilities. COBRA is designed to conduct simulated attacks to assess an organization's ability to detect and respond to security threats effectively.\n\nIt facilitates Proof of Concept (POC) evaluations, assesses security controls, measures maturity levels, and generates comprehensive reports, enabling organizations to enhance their cloud security resilience through lifelike threat scenarios.\n\nCOBRA Features:\n---\nSeamless Integration for POC and Tool Evaluation: COBRA provides seamless integration for Proof of Concept (POC) and tool evaluation purposes. Whether you're exploring new cloud-native applications or evaluating existing solutions, COBRA offers a user-friendly interface and flexible deployment options to facilitate effortless testing and assessment.\nComprehensive Assessment of Cloud-Native Security Posture: Gain unparalleled insights into your organization's existing cloud-native security posture with COBRA. Our advanced assessment capabilities enable you to identify vulnerabilities, assess security controls, and pinpoint areas for improvement. By understanding your current security posture, you can proactively address gaps and strengthen your defenses against emerging threats.\nBenchmarking Against Industry Standards and Best Practices: COBRA enables you to benchmark your cloud security controls against industry standards and best practices. With our comprehensive benchmarking framework, you can compare your security posture against established benchmarks, identify areas of strength and weakness, and prioritize remediation efforts accordingly.\nActionable Insights and Recommendations: COBRA goes beyond providing insights by providing a report delivering actionable recommendations tailored to your organization's specific needs. Whether it's optimizing security configurations, implementing additional controls, or enhancing incident response processes, COBRA equips you with the tools and guidance needed to bolster your cloud security defenses.\n\nContinuous Threat Simulation: COBRA offers a modular and templatized approach for users to easily integrate additional modules, allowing for continuous threat simulation and adaptability, by providing a flexible framework for adding modules, COBRA ensures that users can tailor their threat simulation capabilities according to evolving security needs, making it an ideal platform for continuous threat simulation.\n\n\n","media":[],"title":"Cloud Offensive Breach and Risk Assessment (COBRA)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Cloud Offensive Breach and Risk Assessment (COBRA) is an open-source tool designed to empower users to simulate attacks within multi-cloud environments, offering a comprehensive evaluation of security controls. By automating the testing of various threat vectors including external and insider threats, lateral movement, and data exfiltration, COBRA enables organizations to gain insights into their security posture vulnerabilities. COBRA is designed to conduct simulated attacks to assess an organization's ability to detect and respond to security threats effectively.\n\nIt facilitates Proof of Concept (POC) evaluations, assesses security controls, measures maturity levels, and generates comprehensive reports, enabling organizations to enhance their cloud security resilience through lifelike threat scenarios.\n\nCOBRA Features:\n---\nSeamless Integration for POC and Tool Evaluation: COBRA provides seamless integration for Proof of Concept (POC) and tool evaluation purposes. Whether you're exploring new cloud-native applications or evaluating existing solutions, COBRA offers a user-friendly interface and flexible deployment options to facilitate effortless testing and assessment.\nComprehensive Assessment of Cloud-Native Security Posture: Gain unparalleled insights into your organization's existing cloud-native security posture with COBRA. Our advanced assessment capabilities enable you to identify vulnerabilities, assess security controls, and pinpoint areas for improvement. By understanding your current security posture, you can proactively address gaps and strengthen your defenses against emerging threats.\nBenchmarking Against Industry Standards and Best Practices: COBRA enables you to benchmark your cloud security controls against industry standards and best practices. With our comprehensive benchmarking framework, you can compare your security posture against established benchmarks, identify areas of strength and weakness, and prioritize remediation efforts accordingly.\nActionable Insights and Recommendations: COBRA goes beyond providing insights by providing a report delivering actionable recommendations tailored to your organization's specific needs. Whether it's optimizing security configurations, implementing additional controls, or enhancing incident response processes, COBRA equips you with the tools and guidance needed to bolster your cloud security defenses.\n\nContinuous Threat Simulation: COBRA offers a modular and templatized approach for users to easily integrate additional modules, allowing for continuous threat simulation and adaptability, by providing a flexible framework for adding modules, COBRA ensures that users can tailor their threat simulation capabilities according to evolving security needs, making it an ideal platform for continuous threat simulation.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55481,54179],"conference_id":133,"event_ids":[55910,54548],"name":"Anand Tiwari","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@anandtiwarics)","sort_order":0,"url":"https://twitter.com/anandtiwarics"}],"media":[],"id":53722},{"content_ids":[55481,54179],"conference_id":133,"event_ids":[55910,54548],"name":"Harsha Koushik","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@0xlcheetah)","sort_order":0,"url":"https://twitter.com/0xlcheetah"}],"media":[],"id":53739}],"begin_tsz":"2024-08-09T19:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":55910,"tag_ids":[46169,46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723231800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53739},{"tag_id":46167,"sort_order":4,"person_id":53722}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T19:30:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This presentation follows the journey of investigating, conceptualizing, and implementing a Wormable Botnet for the Evowera Planck Mini Smart Manual Toothbrush, as fear-mongered by the team at Fortinet. We'll start with a high level overview of how the ESP32 OTA process works, as well as cover issues with the reference implementation released by Espressif. We'll then pivot to specifically attacking the Evowera Planck mini, dumping the firmware and doing some lite RE, monitoring the devices wireless traffic, theorizing exploits and fuzzing undocumented PCB, writing botnet software, as well as what is involved in getting an ESP32 to serve the firmware it is running as an OTA update to other Evowera Planck Minis. We'll then conclude with some proof that the devices do function as a botnet, complete with a stealthy github based C2.\n\n\n","media":[],"title":"Exploiting insecure OTA updates to create the worlds first Toothbrush Botnet and selfreplicating ESP32 worm","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:25:00Z","end_timestamp":{"seconds":1723235100,"nanoseconds":0},"android_description":"This presentation follows the journey of investigating, conceptualizing, and implementing a Wormable Botnet for the Evowera Planck Mini Smart Manual Toothbrush, as fear-mongered by the team at Fortinet. We'll start with a high level overview of how the ESP32 OTA process works, as well as cover issues with the reference implementation released by Espressif. We'll then pivot to specifically attacking the Evowera Planck mini, dumping the firmware and doing some lite RE, monitoring the devices wireless traffic, theorizing exploits and fuzzing undocumented PCB, writing botnet software, as well as what is involved in getting an ESP32 to serve the firmware it is running as an OTA update to other Evowera Planck Minis. We'll then conclude with some proof that the devices do function as a botnet, complete with a stealthy github based C2.","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55447],"conference_id":133,"event_ids":[55872],"name":"Lozaning","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"they/them","links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@Lozaning"}],"media":[],"id":55984}],"begin_tsz":"2024-08-09T19:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-09T20:25:00.000-0000","id":55872,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723231800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55984}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-09T19:30:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"You know the sound of *beep*... *Click* when using a badge to enter a door to a building, but how does this work and how can you hack it? This talk will explain the basics of what’s inside the readers and the badges, and how they communicate wirelessly. You will learn about the common tools available (Proxmark, Flipper, Keysy), how to get one and how to use it. We’ll talk about techniques to clone badges, and brute force systems to get access you never had in the first place.\n\n\n","media":[],"title":"RFID 101","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"You know the sound of *beep*... *Click* when using a badge to enter a door to a building, but how does this work and how can you hack it? This talk will explain the basics of what’s inside the readers and the badges, and how they communicate wirelessly. You will learn about the common tools available (Proxmark, Flipper, Keysy), how to get one and how to use it. We’ll talk about techniques to clone badges, and brute force systems to get access you never had in the first place.","updated_timestamp":{"seconds":1720331870,"nanoseconds":0},"speakers":[{"content_ids":[54560],"conference_id":133,"event_ids":[54935],"name":"Ege Feyzioglu","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"GGR Security","title":"Physical Security Analyst"}],"links":[],"pronouns":null,"media":[],"id":54304,"title":"Physical Security Analyst at GGR Security"},{"content_ids":[54560],"conference_id":133,"event_ids":[54935],"name":"Andrew M","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54322}],"begin_tsz":"2024-08-09T19:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:50Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":54935,"tag_ids":[46169,46387,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723231800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54322},{"tag_id":46167,"sort_order":1,"person_id":54304}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-09T19:30:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this technical talk, we will uncover a new aspect of NFTs: using them as attack vectors to relay C2 commands. Fingerprinting a system? Exfiltrating information? Encrypting and wiping data? Executing arbitrary commands? Of course! But with a dark twist: deployed NFTs are blockchain-backed assets immune to takedowns. Imagine having your own “immortal” C2 Server for less than $10 dollars in $ETH. \r\n\r\nFor this, we will introduce “mFT” an open-source tool that automates the creation of malicious payloads and provide sample harmless NFTs, allowing attendees to explore this novel attack vector on their own machines safely. This talk is the spiritual successor of \"Everything is a C2 if you're brave enough\". \n\n\n","media":[],"title":"MFT: Malicious Fungible Tokens","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"In this technical talk, we will uncover a new aspect of NFTs: using them as attack vectors to relay C2 commands. Fingerprinting a system? Exfiltrating information? Encrypting and wiping data? Executing arbitrary commands? Of course! But with a dark twist: deployed NFTs are blockchain-backed assets immune to takedowns. Imagine having your own “immortal” C2 Server for less than $10 dollars in $ETH. \r\n\r\nFor this, we will introduce “mFT” an open-source tool that automates the creation of malicious payloads and provide sample harmless NFTs, allowing attendees to explore this novel attack vector on their own machines safely. This talk is the spiritual successor of \"Everything is a C2 if you're brave enough\".","updated_timestamp":{"seconds":1722712816,"nanoseconds":0},"speakers":[{"content_ids":[54559,55973,55976],"conference_id":133,"event_ids":[56589,56592,54934],"name":"Mauro Eldritch","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Birmingham Cyber Arms LTD","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/mauroeldritch/"},{"description":"","title":"Twitter (@MauroEldritch)","sort_order":0,"url":"https://twitter.com/MauroEldritch"},{"description":"","title":"Website","sort_order":0,"url":"https://www.birminghamcyberarms.co.uk/"}],"media":[],"id":54249,"title":"Founder at Birmingham Cyber Arms LTD"},{"content_ids":[54559,55973],"conference_id":133,"event_ids":[56589,54934],"name":"Cybelle Oliveira ","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"CTI Malwarelandia","title":""}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/cybelleoliveira/"},{"description":"","title":"Twitter (@cyb3113)","sort_order":0,"url":"https://twitter.com/cyb3113"}],"media":[],"id":54350,"title":"CTI Malwarelandia"}],"begin_tsz":"2024-08-09T19:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T19:20:16Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":54934,"tag_ids":[46169,46367,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723231800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54350},{"tag_id":46167,"sort_order":1,"person_id":54249}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T19:30:00.000-0000","updated":"2024-08-03T19:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk we will explore vulnerabilities in Amazon Web Services (AWS) products which allowed us to gain access to cloud environments.\r\n\r\nTraditionally, adversaries have abused misconfigurations and leaked credentials to gain access to AWS workloads. Things like exposed long-lived access keys and exploiting the privileges of virtual machines have allowed adversaries to breach cloud resources. However, these mistakes are on the customer side of the shared responsibility model. In this session, we will cover vulnerabilities in AWS services that have been fixed and that previously allowed us to access cloud resources.\r\n\r\nWe will start with an exploration of how Identity and Access Management (IAM) roles establish trust with AWS services and cover the mechanisms that prevent an adversary from assuming roles in other AWS accounts. We’ll then demonstrate a vulnerability that bypassed those protections. We’ll cover a real world example of a confused deputy vulnerability we found in AWS AppSync that allowed us to hijack IAM roles in other accounts.\r\n\r\nNext, we'll highlight potential misconfigurations involving IAM roles leveraging sts:AssumeRoleWithWebIdentity. These misconfigurations cloud permit unauthorized global access to these roles without the need for authentication, affecting services like Amazon Cognito, GitHub Actions, and more.\r\n\r\nFinally, we’ll cover a vulnerability we found in AWS Amplify that exposed customer IAM roles associated with the service to takeover, allowing anyone the ability to gain a foothold in that victim account. We’ll also discuss how security practitioners can secure their environments, even against a zero-day like one we’ll demonstrate.\r\n\r\nJoin us to learn how attackers search for and exploit vulnerabilities in AWS services to gain access to cloud environments.\r\n\r\n- [link](https://securitylabs.datadoghq.com/articles/amplified-exposure-how-aws-flaws-made-amplify-iam-roles-vulnerable-to-takeover/)\r\n- [link](https://securitylabs.datadoghq.com/articles/appsync-vulnerability-disclosure/)\r\n\n\n\n","media":[],"title":"Kicking in the Door to the Cloud: Exploiting Cloud Provider Vulnerabilities for Initial Access","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T20:15:00Z","end_timestamp":{"seconds":1723234500,"nanoseconds":0},"android_description":"In this talk we will explore vulnerabilities in Amazon Web Services (AWS) products which allowed us to gain access to cloud environments.\r\n\r\nTraditionally, adversaries have abused misconfigurations and leaked credentials to gain access to AWS workloads. Things like exposed long-lived access keys and exploiting the privileges of virtual machines have allowed adversaries to breach cloud resources. However, these mistakes are on the customer side of the shared responsibility model. In this session, we will cover vulnerabilities in AWS services that have been fixed and that previously allowed us to access cloud resources.\r\n\r\nWe will start with an exploration of how Identity and Access Management (IAM) roles establish trust with AWS services and cover the mechanisms that prevent an adversary from assuming roles in other AWS accounts. We’ll then demonstrate a vulnerability that bypassed those protections. We’ll cover a real world example of a confused deputy vulnerability we found in AWS AppSync that allowed us to hijack IAM roles in other accounts.\r\n\r\nNext, we'll highlight potential misconfigurations involving IAM roles leveraging sts:AssumeRoleWithWebIdentity. These misconfigurations cloud permit unauthorized global access to these roles without the need for authentication, affecting services like Amazon Cognito, GitHub Actions, and more.\r\n\r\nFinally, we’ll cover a vulnerability we found in AWS Amplify that exposed customer IAM roles associated with the service to takeover, allowing anyone the ability to gain a foothold in that victim account. We’ll also discuss how security practitioners can secure their environments, even against a zero-day like one we’ll demonstrate.\r\n\r\nJoin us to learn how attackers search for and exploit vulnerabilities in AWS services to gain access to cloud environments.\r\n\r\n- [link](https://securitylabs.datadoghq.com/articles/amplified-exposure-how-aws-flaws-made-amplify-iam-roles-vulnerable-to-takeover/)\r\n- [link](https://securitylabs.datadoghq.com/articles/appsync-vulnerability-disclosure/)","updated_timestamp":{"seconds":1720462025,"nanoseconds":0},"speakers":[{"content_ids":[54449,55498],"conference_id":133,"event_ids":[55927,54822],"name":"Nick Frichette","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Datadog","title":"Staff Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@frichetten@fosstodon.org)","sort_order":0,"url":"https://fosstodon.org/@frichetten"},{"description":"","title":"Twitter (@Frichette_n)","sort_order":0,"url":"https://twitter.com/Frichette_n"},{"description":"","title":"Website","sort_order":0,"url":"https://frichetten.com/"}],"media":[],"id":54089,"title":"Staff Security Researcher at Datadog"}],"begin_tsz":"2024-08-09T19:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:07:05Z","links":[],"end":"2024-08-09T20:15:00.000-0000","id":54822,"tag_ids":[46166,46419,46880],"village_id":null,"begin_timestamp":{"seconds":1723231800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54089}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-09T19:30:00.000-0000","updated":"2024-07-08T18:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk is aimed at non-experts and anyone who wants to stay ahead of the curve in a world where encryption rules are about to change dramatically. Whether you believe cryptographically relevant quantum computers are 10 or 100 years away, the first steps towards cryptographic agility that are being mandated within a couple of years. We'll explore the mind-bending math behind lattice-based and other exotic cryptosystems. Then, we'll get our hands dirty, dissecting real-world attacks launched against the finalists in the NIST PQC competition.\nPwn the future of cryptography!\n\n\n","media":[],"title":"A Hacker's guide to PQC","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"This talk is aimed at non-experts and anyone who wants to stay ahead of the curve in a world where encryption rules are about to change dramatically. Whether you believe cryptographically relevant quantum computers are 10 or 100 years away, the first steps towards cryptographic agility that are being mandated within a couple of years. We'll explore the mind-bending math behind lattice-based and other exotic cryptosystems. Then, we'll get our hands dirty, dissecting real-world attacks launched against the finalists in the NIST PQC competition.\nPwn the future of cryptography!","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[{"content_ids":[55843],"conference_id":133,"event_ids":[56430],"name":"Konstantinos Karagiannis","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56220}],"begin_tsz":"2024-08-09T19:15:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56430,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723230900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56220}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-09T19:15:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Server-Side Request Forgery is now one of the most widely recognized and significant vulnerabilities that bug hunters should have in their arsenal. This interactive workshop covers basic exploitation of SSRF, as well as tackling more intricate vulnerabilities that involve chaining multiple exploits, a thorough comprehension of the target's infrastructure, and other advanced techniques.\r\n\r\nPre-Prerequisites\r\n\r\n- Basic understanding of web application hacking\r\n- Knowledge of Web Proxies\r\n- Working laptop\r\n- Working WiFi (Will not be doable without access to a working WiFi)\r\n- Caido (BurpSuite or similar works too!)\n\n\n","media":[],"title":"A Zero to Hero Crash Course to Server-Side Request Forgery (SSRF)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"Server-Side Request Forgery is now one of the most widely recognized and significant vulnerabilities that bug hunters should have in their arsenal. This interactive workshop covers basic exploitation of SSRF, as well as tackling more intricate vulnerabilities that involve chaining multiple exploits, a thorough comprehension of the target's infrastructure, and other advanced techniques.\r\n\r\nPre-Prerequisites\r\n\r\n- Basic understanding of web application hacking\r\n- Knowledge of Web Proxies\r\n- Working laptop\r\n- Working WiFi (Will not be doable without access to a working WiFi)\r\n- Caido (BurpSuite or similar works too!)","updated_timestamp":{"seconds":1721438067,"nanoseconds":0},"speakers":[{"content_ids":[55175,55181,55265],"conference_id":133,"event_ids":[55563,55569,55655],"name":"Ben \"NahamSec\" Sadeghipour","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Hacking Hub","title":""}],"pronouns":null,"links":[{"description":"","title":"Twitter (@nahamsec)","sort_order":0,"url":"https://twitter.com/nahamsec"}],"media":[],"id":54808,"title":"Hacking Hub"}],"begin_tsz":"2024-08-09T19:15:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T01:14:27Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#a-zero-to-hero-crash-course-to-server-side-request-forgery"}],"end":"2024-08-09T20:45:00.000-0000","id":55563,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723230900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54808}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-09T19:15:00.000-0000","updated":"2024-07-20T01:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Cloud Shell feature from cloud service providers offers a convenient way to access resources within the cloud, significantly improving the user experience for both administrators and developers. However, even though the spawned instance has a short lifespan, granting excessive permissions could still pose security risks to users. This talk reveals an abuse methodology that leverages an unexpected, public-facing port in GCP Cloud Shell discovered during recon. Through manipulation in Linux Netfilter's NAT table, it serves various internally running services such as HTTP, SOCKS, and SSH within the Cloud Shell container to the public. This configuration could be exploited by adversaries to bypass the Google authentication needed in its Web Preview feature to leak data, to deliver malicious content, or to pivot attack traffic through the Google network.\n\n\n","media":[],"title":"One Port to Serve Them All - Google GCP Cloud Shell Abuse","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:30:00Z","end_timestamp":{"seconds":1723231800,"nanoseconds":0},"android_description":"The Cloud Shell feature from cloud service providers offers a convenient way to access resources within the cloud, significantly improving the user experience for both administrators and developers. However, even though the spawned instance has a short lifespan, granting excessive permissions could still pose security risks to users. This talk reveals an abuse methodology that leverages an unexpected, public-facing port in GCP Cloud Shell discovered during recon. Through manipulation in Linux Netfilter's NAT table, it serves various internally running services such as HTTP, SOCKS, and SSH within the Cloud Shell container to the public. This configuration could be exploited by adversaries to bypass the Google authentication needed in its Web Preview feature to leak data, to deliver malicious content, or to pivot attack traffic through the Google network.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55480],"conference_id":133,"event_ids":[55909],"name":"Hubert Lin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"hubertwslin","sort_order":0,"url":"https://hubertwslin"}],"media":[],"id":56020}],"begin_tsz":"2024-08-09T19:10:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T19:30:00.000-0000","id":55909,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723230600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56020}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T19:10:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"WHOIS data is a prime resources for identifying apex domains owned by a company. Unfortunately that data is typically locked up behind rate limited systems, third party APIs, or expensive bulk purchases. We developed whoiswatcher to run in serverless cloud (where we have clocked it at 1-1.5MM domains per day) or by using IPv6 proxying (can hit 150-200k domains per day with a small VPC). This makes it a perfect candidate to build a WHOIS dataset, review historic WHOIS records, and alert you on fresh enterprise domains. We will demo all this and more!\n\n\n","media":[],"title":"Bypassing WHOIS Rate Limiting and Alerting on Fresh Enterprise Domains","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:40:00Z","end_timestamp":{"seconds":1723232400,"nanoseconds":0},"android_description":"WHOIS data is a prime resources for identifying apex domains owned by a company. Unfortunately that data is typically locked up behind rate limited systems, third party APIs, or expensive bulk purchases. We developed whoiswatcher to run in serverless cloud (where we have clocked it at 1-1.5MM domains per day) or by using IPv6 proxying (can hit 150-200k domains per day with a small VPC). This makes it a perfect candidate to build a WHOIS dataset, review historic WHOIS records, and alert you on fresh enterprise domains. We will demo all this and more!","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55898],"conference_id":133,"event_ids":[56485],"name":"Willis Vandevanter","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56265}],"begin_tsz":"2024-08-09T19:05:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T19:40:00.000-0000","id":56485,"tag_ids":[46391,46511],"village_id":null,"begin_timestamp":{"seconds":1723230300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56265}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T19:05:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Bridging the Gap: How the American Legion Provides Veterans with a Sense of Belonging and Support","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:45:00Z","end_timestamp":{"seconds":1723232700,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723225098,"nanoseconds":0},"speakers":[{"content_ids":[56207],"conference_id":133,"event_ids":[56861],"name":"Chris Davis","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56599}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T17:38:18Z","links":[],"end":"2024-08-09T19:45:00.000-0000","id":56861,"tag_ids":[46409,46511],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56599}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W213-W214","hotel":"","short_name":"W213-W214","id":46286},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-08-09T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Welcome to the Gold Bug at the 11th annual Crypto & Privacy Village! This opening talk compliments the Gold Bug: Puzzle Panel on Day 2.\r\n\r\nThe Gold Bug Team 2024 at the Crypto & Privacy Village: 0xCryptok, tseven, llamaprincess, pleoxconfusa, Pascal-0x90, Delta_JRM, are the beloved puzzle-makers within Crypto & Privacy Village. We make a special effort to include accessible puzzles at all skill levels. It is our hope that anyone, from new puzzlers (even kids!) to seasoned puzzle hunters, can participate in and enjoy this contest.\r\n\r\nThe GoldBug team also runs Crypto & Privacy Village's Junior Cryptography at DC NextGen.\n\n\n","media":[],"title":"Gold Bug: Welcome","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Welcome to the Gold Bug at the 11th annual Crypto & Privacy Village! This opening talk compliments the Gold Bug: Puzzle Panel on Day 2.\r\n\r\nThe Gold Bug Team 2024 at the Crypto & Privacy Village: 0xCryptok, tseven, llamaprincess, pleoxconfusa, Pascal-0x90, Delta_JRM, are the beloved puzzle-makers within Crypto & Privacy Village. We make a special effort to include accessible puzzles at all skill levels. It is our hope that anyone, from new puzzlers (even kids!) to seasoned puzzle hunters, can participate in and enjoy this contest.\r\n\r\nThe GoldBug team also runs Crypto & Privacy Village's Junior Cryptography at DC NextGen.","updated_timestamp":{"seconds":1722725985,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T22:59:45Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56624,"tag_ids":[46377,46439,46768],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-08-03T22:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"What if we play with the ISP? In this talk I am going to tell you how one day, something that started as a simple SQL injection, going through LFI, RCE, ended up in a pwn of an internet provider in my country that affected more than 25 cities, being able to intercept user traffic and other stuff.\n\n\n","media":[],"title":"SQLi to Root Access: Exploiting a ISP infrastructure","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:30:00Z","end_timestamp":{"seconds":1723231800,"nanoseconds":0},"android_description":"What if we play with the ISP? In this talk I am going to tell you how one day, something that started as a simple SQL injection, going through LFI, RCE, ended up in a pwn of an internet provider in my country that affected more than 25 cities, being able to intercept user traffic and other stuff.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55297,55959],"conference_id":133,"event_ids":[56575,55687],"name":"Ignacio Daniel Navarro","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Appication security / Ethical hacker"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ignavarro1/?locale=en_US"},{"description":"","title":"Twitter (@IgNavarro1)","sort_order":0,"url":"https://twitter.com/IgNavarro1"}],"media":[],"id":55850,"title":"Appication security / Ethical hacker"}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-09T19:30:00.000-0000","id":56575,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55850}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this class, we solder together a light-up, cat-themed badge that teaches a simple RGB tuning circuit. By turning the red, green, or blue knobs, you can adjust the color of the cat’s eyes. Perfect for beginners and soldering experts wanting to make a fun and cute badge.\n\n\n","media":[],"title":"Learn Beginner Soldering With the Meow Mixer Badge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T20:30:00Z","end_timestamp":{"seconds":1723235400,"nanoseconds":0},"android_description":"In this class, we solder together a light-up, cat-themed badge that teaches a simple RGB tuning circuit. By turning the red, green, or blue knobs, you can adjust the color of the cat’s eyes. Perfect for beginners and soldering experts wanting to make a fun and cute badge.","updated_timestamp":{"seconds":1722645221,"nanoseconds":0},"speakers":[{"content_ids":[55930,55931,55932,55933,55934,55935,55936,55937,55938,55939],"conference_id":133,"event_ids":[56521,56522,56523,56524,56525,56526,56527,56528,56529,56530],"name":"Kody K","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56287}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:41Z","links":[{"label":"Purchase/Pre-Register","type":"link","url":"https://retia.io/products/dc32-learn-beginner-soldering-with-the-meow-mixer-badge"}],"end":"2024-08-09T20:30:00.000-0000","id":56522,"tag_ids":[46383,46429,46734],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56287}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is an AMA/Podcast that will be recorded on-site.\n\n\n","media":[],"title":"Ask Me Anything - Daniel Cutberth, Moderated by Sudhanshu","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"This is an AMA/Podcast that will be recorded on-site.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55897],"conference_id":133,"event_ids":[56484],"name":"Sudhanshu","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56278},{"content_ids":[55897,55338],"conference_id":133,"event_ids":[55729,56484],"name":"Daniel Cuthbert","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56284}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56484,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":4,"person_id":56278},{"tag_id":46167,"sort_order":6,"person_id":56284}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Flipping Locks (The Remix) - Remote Badge Cloning with the Flipper Zero and More","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722564508,"nanoseconds":0},"speakers":[{"content_ids":[55794,55802],"conference_id":133,"event_ids":[56343,56351],"name":"Dan Goga","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56181},{"content_ids":[55794,55802],"conference_id":133,"event_ids":[56343,56351],"name":"Langston Clement","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56183}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T02:08:28Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56343,"tag_ids":[46387,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56183},{"tag_id":46167,"sort_order":4,"person_id":56181}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-08-02T02:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”\n\n\n","media":[{"hash_sha256":"428e14f21b35d7673729fe64d1b505c806155472894b40ffe1ce7324527577b1","filetype":"image/png","hash_md5":"97e55dc0e441e94ee6f15b141155b4f9","name":"ct_bic-ctf.png","is_logo":"Y","hash_crc32c":"4ce34dd1","filesize":257047,"asset_id":628,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_bic-ctf.png"}],"title":"Blacks in Cyber CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"The BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”","updated_timestamp":{"seconds":1722311050,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:44:10Z","links":[{"label":"More Info","type":"link","url":"https://www.blacksincyberconf.com/ctf"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249409"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249410"}],"end":"2024-08-11T00:00:00.000-0000","id":56059,"tag_ids":[46372,46426,46439,46755],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"Y","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-30T03:44:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”\n\n\n","media":[{"hash_sha256":"428e14f21b35d7673729fe64d1b505c806155472894b40ffe1ce7324527577b1","filetype":"image/png","hash_md5":"97e55dc0e441e94ee6f15b141155b4f9","name":"ct_bic-ctf.png","is_logo":"Y","hash_crc32c":"4ce34dd1","filesize":257047,"asset_id":628,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_bic-ctf.png"}],"title":"Blacks in Cyber CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”","updated_timestamp":{"seconds":1722311050,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:44:10Z","links":[{"label":"More Info","type":"link","url":"https://www.blacksincyberconf.com/ctf"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249409"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249410"}],"end":"2024-08-10T01:00:00.000-0000","id":56057,"tag_ids":[46372,46426,46439,46755],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-30T03:44:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The DEF CON Kubernetes Capture the Flag (CTF) contest features a Kubernetes-based CTF challenge, where teams and individuals can build and test their Kubernetes hacking skills. Each team/individual is given access to a single Kubernetes cluster that contains a set of serial challenges, winning flags and points as they progress. Later flags pose more difficulty, but count for more points.\r\n\r\nA scoreboard tracks the teams’ current and final scores. In the event of a tie, the first team to achieve the score wins that tie.\n\n\n","media":[{"hash_sha256":"a5a762ead7376172dae80fa2c3959bd1e4a22190a057721df654c025d0edfd7f","filetype":"image/png","hash_md5":"01005631367ac14ee6f758e7b45997bc","name":"ct_kubernetes-ctf.png","is_logo":"Y","hash_crc32c":"160f25aa","filesize":16051,"asset_id":636,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_kubernetes-ctf.png"}],"title":"DC Kubernetes Capture the Flag (CTF)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T03:00:00Z","end_timestamp":{"seconds":1723258800,"nanoseconds":0},"android_description":"The DEF CON Kubernetes Capture the Flag (CTF) contest features a Kubernetes-based CTF challenge, where teams and individuals can build and test their Kubernetes hacking skills. Each team/individual is given access to a single Kubernetes cluster that contains a set of serial challenges, winning flags and points as they progress. Later flags pose more difficulty, but count for more points.\r\n\r\nA scoreboard tracks the teams’ current and final scores. In the event of a tie, the first team to achieve the score wins that tie.","updated_timestamp":{"seconds":1722310069,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:27:49Z","links":[{"label":"More Info","type":"link","url":"https://containersecurityctf.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249379"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249378"}],"end":"2024-08-10T03:00:00.000-0000","id":56028,"tag_ids":[46428,46439,46765],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-E","hotel":"","short_name":"HW4-02-01-E","id":46360},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-30T03:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Red Alert ICS CTF is a competition for Hackers by Hackers, organized by the RedAlert Lab of NSHC Security. The event exclusively focuses on having the participants clear a series of challenges and break through several layers of security in our OT environment and eventually take over complete control of the ICS components.\r\n\r\nRed Alert ICS CTF is back with a ton of fun challenges after successfully running the CTF since DEF CON 26. Red Alert ICS CTF is proud to be among the Black Badge contests at DEF CON 31 and DEF CON 26.\r\n\r\nThe contest would house real world ICS (Industrial Control System) equipment from various vendors on showcasing different sectors of critical infrastructure. The participants would be able to view and engage with the devices in real time and understand how each of them control each of the aspects of the testbed and leverage this to compromise the devices.\r\n\r\nRed Alert ICS CTF at DEF CON 32 would also be offering players the unique opportunity to compromise the latest cyber ranges on Maritime Cyber Security.\n\n\n","media":[{"hash_sha256":"201a70cf75d615a3c181f84f46b40a9beef121ef55f3c3e4998383da2228c638","filetype":"image/png","hash_md5":"ef3ab1513d15d09e91e3dcaf6fb35b22","name":"ct_red-alert.png","is_logo":"Y","hash_crc32c":"f7736a86","filesize":69710,"asset_id":656,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_red-alert.png"}],"title":"Red Alert ICS CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"Red Alert ICS CTF is a competition for Hackers by Hackers, organized by the RedAlert Lab of NSHC Security. The event exclusively focuses on having the participants clear a series of challenges and break through several layers of security in our OT environment and eventually take over complete control of the ICS components.\r\n\r\nRed Alert ICS CTF is back with a ton of fun challenges after successfully running the CTF since DEF CON 26. Red Alert ICS CTF is proud to be among the Black Badge contests at DEF CON 31 and DEF CON 26.\r\n\r\nThe contest would house real world ICS (Industrial Control System) equipment from various vendors on showcasing different sectors of critical infrastructure. The participants would be able to view and engage with the devices in real time and understand how each of them control each of the aspects of the testbed and leverage this to compromise the devices.\r\n\r\nRed Alert ICS CTF at DEF CON 32 would also be offering players the unique opportunity to compromise the latest cyber ranges on Maritime Cyber Security.","updated_timestamp":{"seconds":1722306363,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:26:03Z","links":[{"label":"Twitter (@icsctf)","type":"link","url":"https://twitter.com/icsctf"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249300"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249301"}],"end":"2024-08-10T00:00:00.000-0000","id":55964,"tag_ids":[46427,46439,46788],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-07","hotel":"","short_name":"HW4-03-07","id":46379},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-30T02:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Andrew is formally a ships engineer and now spends much of his time pen testing ships. Along the way he's found the weirdest ways that IT/OT segregation has been broken, often through 3rd party technology suppliers. From VDRs to ICMS to safety management systems to fire control to azipods to... you name it he's broken it.\r\n\r\nCruising adds another layer of complexity, bringing together customer entertainment, restaurant and billing systems. The scope for segregation errors is multiplied.\r\n\r\nThe headline of this talk is tale about a misconfigured golf simulator onboard, that led to compromise of almost the entire vessel.\n\n\n","media":[],"title":"A hole in one: pwning a cruise ship from a golf simulator and other tales of maritime IT-OT misconvergence","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Andrew is formally a ships engineer and now spends much of his time pen testing ships. Along the way he's found the weirdest ways that IT/OT segregation has been broken, often through 3rd party technology suppliers. From VDRs to ICMS to safety management systems to fire control to azipods to... you name it he's broken it.\r\n\r\nCruising adds another layer of complexity, bringing together customer entertainment, restaurant and billing systems. The scope for segregation errors is multiplied.\r\n\r\nThe headline of this talk is tale about a misconfigured golf simulator onboard, that led to compromise of almost the entire vessel.","updated_timestamp":{"seconds":1721781536,"nanoseconds":0},"speakers":[{"content_ids":[55342],"conference_id":133,"event_ids":[55734],"name":"Andrew Tierney","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Pen Test Partners","title":"Security Consultant"}],"links":[],"pronouns":null,"media":[],"id":55947,"title":"Security Consultant at Pen Test Partners"}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T00:38:56Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":55734,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55947}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-24T00:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As digital technology is changing how militaries conduct war, a trend has emerged in which a growing number of civilians are becoming involved in armed conflicts through digital means. Sitting at some distance from physical hostilities, including outside the countries at war, civilians – including hackers – are conducting a range of cyber operations against their “enemy.” One example is the international armed conflict between Russia and Ukraine, where some groups present themselves as a “worldwide IT community” with the mission to, in their words, “help Ukraine win by crippling aggressor economies, blocking vital financial, infrastructural and government services, and tiring major taxpayers.” Others have reportedly “called for and carried out disruptive – albeit temporary – attacks on hospital websites in both Ukraine and allied countries,” among many other operations. In this session, the International Committee of the Red Cross will highlight that there are legal limits in warfare, and will set out several international humanitarian law (IHL)-based rules that all hackers who carry out operations in the context of an armed conflict must comply with. The session will also discuss why it is a State’s responsibility to restrain hackers engaging in those conflicts.\n\n\n","media":[],"title":"Rules All Hackers Must Follow in War","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:45:00Z","end_timestamp":{"seconds":1723232700,"nanoseconds":0},"android_description":"As digital technology is changing how militaries conduct war, a trend has emerged in which a growing number of civilians are becoming involved in armed conflicts through digital means. Sitting at some distance from physical hostilities, including outside the countries at war, civilians – including hackers – are conducting a range of cyber operations against their “enemy.” One example is the international armed conflict between Russia and Ukraine, where some groups present themselves as a “worldwide IT community” with the mission to, in their words, “help Ukraine win by crippling aggressor economies, blocking vital financial, infrastructural and government services, and tiring major taxpayers.” Others have reportedly “called for and carried out disruptive – albeit temporary – attacks on hospital websites in both Ukraine and allied countries,” among many other operations. In this session, the International Committee of the Red Cross will highlight that there are legal limits in warfare, and will set out several international humanitarian law (IHL)-based rules that all hackers who carry out operations in the context of an armed conflict must comply with. The session will also discuss why it is a State’s responsibility to restrain hackers engaging in those conflicts.","updated_timestamp":{"seconds":1721778581,"nanoseconds":0},"speakers":[{"content_ids":[55330],"conference_id":133,"event_ids":[55722],"name":"Dr. Kosuke Onishi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"International Committee of the Red Cross","title":"Legal Advisor"}],"links":[],"pronouns":null,"media":[],"id":55925,"title":"Legal Advisor at International Committee of the Red Cross"}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-23T23:49:41Z","links":[],"end":"2024-08-09T19:45:00.000-0000","id":55722,"tag_ids":[46388,46419,46511],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":4,"person_id":55925}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-23T23:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"How to build automated Red Team Infrastructure that is composable and reproducable.\n\n\n","media":[],"title":"Red Team Terraform Workshop","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T19:50:00Z","end_timestamp":{"seconds":1723233000,"nanoseconds":0},"android_description":"How to build automated Red Team Infrastructure that is composable and reproducable.","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55292,55270],"conference_id":133,"event_ids":[55682,55660],"name":"Moses Frost","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@mosesrenegade)","sort_order":0,"url":"https://twitter.com/mosesrenegade"}],"media":[],"id":55817}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T19:50:00.000-0000","id":55660,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55817}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Narrows (Track 4)","hotel":"","short_name":"Narrows (Track 4)","id":46503},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"You are targeting a modern organization, but new to you, the target environment has no Windows. You scour the internet for guidance, and find the results insufficient. You begin to think, “Progress will not happen until there is new maintainer.”\n\nThis talk presents a set of techniques for hacking environments built on macOS, Kubernetes, and cloud (AWS). These techniques are accompanied by anecdotes of adventures in Red Teaming. Attendees will learn new tricks for initial access, lateral movement, and persistence in modern non-Windows environments.\n\n\n","media":[],"title":"Modern Red Teaming: macOS, K8s, and Cloud","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T19:50:00Z","end_timestamp":{"seconds":1723233000,"nanoseconds":0},"android_description":"You are targeting a modern organization, but new to you, the target environment has no Windows. You scour the internet for guidance, and find the results insufficient. You begin to think, “Progress will not happen until there is new maintainer.”\n\nThis talk presents a set of techniques for hacking environments built on macOS, Kubernetes, and cloud (AWS). These techniques are accompanied by anecdotes of adventures in Red Teaming. Attendees will learn new tricks for initial access, lateral movement, and persistence in modern non-Windows environments.","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55269],"conference_id":133,"event_ids":[55659],"name":"Chris Gates","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55818},{"content_ids":[55269],"conference_id":133,"event_ids":[55659],"name":"int eighty (of Dual Core)","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@int0x80)","sort_order":0,"url":"https://twitter.com/int0x80"}],"media":[],"id":55819}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T19:50:00.000-0000","id":55659,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55818},{"tag_id":46167,"sort_order":4,"person_id":55819}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Haven (Track 1)","hotel":"","short_name":"Haven (Track 1)","id":46500},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the cloud computing landscape, the ease of resource allocation by cloud providers contrasts sharply with traditional computing's constraints, turning IPv4 addresses into digital assets with multiple tenancies. Our presentation explores the \"Dangling DNS\" phenomenon—active DNS records pointing to IP addresses uncontrolled by the domain owner, creating potential security vulnerabilities.\n\nWe will unravel the persistence of IP address-based authentication and authorization practices on the internet and discuss methods to enhance the credibility of these dangling DNS entries, including the acquisition of x.509 certificates. The implications are significant, offering avenues for commandeering these entries for Command and Control (C2) operations or crafting phishing emails capable of circumventing standard email security frameworks.\n\nFollowing the foundational discussion, our presentation will delve into analysis of dangling DNS entries discovered in live environments. We will discuss the widespread occurrence of dangling DNS entries, identifying the cloud providers where they are most frequently found. Furthermore, we will delve into specific case studies, presenting particularly intriguing instances of dangling DNS entries to underscore their varied nature and potential implications.\n\nA pivotal segment of our presentation introduces innovative methodologies for the identification of dangling DNS vulnerabilities. We will showcase \"Paydirt,\" an open-source tool, written by the author, designed to unearth dangling DNS entries within cloud provider shared IP address space. Furthermore, we will unveil a tool at Defcon 2024, engineered to detect exploitable cloud IP addresses within Sender Policy Framework (SPF) entries, a critical vector for executing sophisticated spear-phishing campaigns.\n\nOur presentation aims not only to highlight the security challenges posed by the transient nature of cloud-assigned IP addresses but also to equip the cybersecurity community with simple actionable strategies to fortify their defenses against these threats.\n\n\n","media":[],"title":"Mining for Abandoned Gold in DNS","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T19:50:00Z","end_timestamp":{"seconds":1723233000,"nanoseconds":0},"android_description":"In the cloud computing landscape, the ease of resource allocation by cloud providers contrasts sharply with traditional computing's constraints, turning IPv4 addresses into digital assets with multiple tenancies. Our presentation explores the \"Dangling DNS\" phenomenon—active DNS records pointing to IP addresses uncontrolled by the domain owner, creating potential security vulnerabilities.\n\nWe will unravel the persistence of IP address-based authentication and authorization practices on the internet and discuss methods to enhance the credibility of these dangling DNS entries, including the acquisition of x.509 certificates. The implications are significant, offering avenues for commandeering these entries for Command and Control (C2) operations or crafting phishing emails capable of circumventing standard email security frameworks.\n\nFollowing the foundational discussion, our presentation will delve into analysis of dangling DNS entries discovered in live environments. We will discuss the widespread occurrence of dangling DNS entries, identifying the cloud providers where they are most frequently found. Furthermore, we will delve into specific case studies, presenting particularly intriguing instances of dangling DNS entries to underscore their varied nature and potential implications.\n\nA pivotal segment of our presentation introduces innovative methodologies for the identification of dangling DNS vulnerabilities. We will showcase \"Paydirt,\" an open-source tool, written by the author, designed to unearth dangling DNS entries within cloud provider shared IP address space. Furthermore, we will unveil a tool at Defcon 2024, engineered to detect exploitable cloud IP addresses within Sender Policy Framework (SPF) entries, a critical vector for executing sophisticated spear-phishing campaigns.\n\nOur presentation aims not only to highlight the security challenges posed by the transient nature of cloud-assigned IP addresses but also to equip the cybersecurity community with simple actionable strategies to fortify their defenses against these threats.","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55268],"conference_id":133,"event_ids":[55658],"name":"Matt Pawloski","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@mpawl)","sort_order":0,"url":"https://twitter.com/mpawl"}],"media":[],"id":55815}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T19:50:00.000-0000","id":55658,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55815}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Ascension","hotel":"","short_name":"Ascension","id":46504},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"With widespread zero trust security adoption there has also been more focus put into corporate controls. As a red teamer what this means is that bypassing EDR is not enough, you also need to think about application allowlisting, DLP solutions, Managed browsers, MDM profiles and custom DnR tooling. In this talk I will walkthrough Mac capabilities that corporate controls leverage, their limitations and features to build into your payload and payload delivery to circumvent these restrictions.\n\n\n","media":[],"title":"Bypassing Corporate controls on Mac Devices","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T19:50:00Z","end_timestamp":{"seconds":1723233000,"nanoseconds":0},"android_description":"With widespread zero trust security adoption there has also been more focus put into corporate controls. As a red teamer what this means is that bypassing EDR is not enough, you also need to think about application allowlisting, DLP solutions, Managed browsers, MDM profiles and custom DnR tooling. In this talk I will walkthrough Mac capabilities that corporate controls leverage, their limitations and features to build into your payload and payload delivery to circumvent these restrictions.","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55267],"conference_id":133,"event_ids":[55657],"name":"Ian Foster","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55814},{"content_ids":[55267],"conference_id":133,"event_ids":[55657],"name":"Adwiteeya Agrawal","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55816}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T19:50:00.000-0000","id":55657,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55816},{"tag_id":46167,"sort_order":4,"person_id":55814}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Side Winder (Track 2)","hotel":"","short_name":"Side Winder (Track 2)","id":46501},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As more scrutiny is placed on the endpoint, threat actors are turning to DevOps and CI/CD platforms for initial access, escalation, and lateral movement. This workshop will showcase how these platforms can be used to pivot from on-prem to cloud, from cloud to on-prem, and how to push malicious code through pipelines to obtain additional access or establish persistence.\n\nAttendees will get hands-on and perform field-tested, OPSEC-conscious techniques against full CI/CD pipelines. Come add TTPs to your toolkit and see why DevOps is the target-rich environment modern adversaries are looking to exploit.\n\n\n","media":[],"title":"Abusing DevOps to Pivot Between Cloud and On-Prem","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T19:50:00Z","end_timestamp":{"seconds":1723233000,"nanoseconds":0},"android_description":"As more scrutiny is placed on the endpoint, threat actors are turning to DevOps and CI/CD platforms for initial access, escalation, and lateral movement. This workshop will showcase how these platforms can be used to pivot from on-prem to cloud, from cloud to on-prem, and how to push malicious code through pipelines to obtain additional access or establish persistence.\n\nAttendees will get hands-on and perform field-tested, OPSEC-conscious techniques against full CI/CD pipelines. Come add TTPs to your toolkit and see why DevOps is the target-rich environment modern adversaries are looking to exploit.","updated_timestamp":{"seconds":1721541571,"nanoseconds":0},"speakers":[{"content_ids":[55266],"conference_id":133,"event_ids":[55656],"name":"Tom Porter","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@porterhau5)","sort_order":0,"url":"https://twitter.com/porterhau5"}],"media":[],"id":55820},{"content_ids":[55266],"conference_id":133,"event_ids":[55656],"name":"Colbert Zhu","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55821}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-21T05:59:31Z","links":[],"end":"2024-08-09T19:50:00.000-0000","id":55656,"tag_ids":[46392,46734],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55821},{"tag_id":46167,"sort_order":4,"person_id":55820}],"tags":"","conference_id":133,"location":{"parent_id":46283,"name":"LVCC - L2 - W204-W207 (RTV) - Infinity (Track 3)","hotel":"","short_name":"Infinity (Track 3)","id":46502},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-21T05:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hybrid Contest\r\nContest available online Friday 12:00 to Saturday 17:00\r\n\r\nThe BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”\n\n\n","media":[{"hash_sha256":"428e14f21b35d7673729fe64d1b505c806155472894b40ffe1ce7324527577b1","filetype":"image/png","hash_md5":"97e55dc0e441e94ee6f15b141155b4f9","name":"ct_bic-ctf.png","is_logo":"Y","hash_crc32c":"4ce34dd1","filesize":257047,"asset_id":628,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_bic-ctf.png"}],"title":"Blacks in Cyber CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Hybrid Contest\r\nContest available online Friday 12:00 to Saturday 17:00\r\n\r\nThe BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”","updated_timestamp":{"seconds":1721487832,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T15:03:52Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55574,"tag_ids":[46372,46426,46439],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-20T15:03:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hybrid Contest\r\nContest available online Friday 12:00 to Saturday 17:00\r\n\r\nThe BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”\n\n\n","media":[{"hash_sha256":"428e14f21b35d7673729fe64d1b505c806155472894b40ffe1ce7324527577b1","filetype":"image/png","hash_md5":"97e55dc0e441e94ee6f15b141155b4f9","name":"ct_bic-ctf.png","is_logo":"Y","hash_crc32c":"4ce34dd1","filesize":257047,"asset_id":628,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_bic-ctf.png"}],"title":"Blacks in Cyber CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T00:00:00Z","end_timestamp":{"seconds":1723334400,"nanoseconds":0},"android_description":"Hybrid Contest\r\nContest available online Friday 12:00 to Saturday 17:00\r\n\r\nThe BIC Village Capture The Flag is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve, but a gamified way to learn concepts of social justice and Black history. This event will highlight previous, current and up & coming Black individuals and their contributions to technology. This year we are excited to bring back our physical challenge room with a variety of interactive components for players to interface with.\r\n\r\nThis event also aims to bring to the forefront a range of technologies that we will expose to the community that operate in our day-to-day lives and examine their capabilities; contributing to the discussion of privacy, social justice and civil rights. Our event will allow the DEF CON community to fully engage in “Reading all the stories, learning all the technologies, and hacking all the things.”","updated_timestamp":{"seconds":1721487832,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T15:03:52Z","links":[],"end":"2024-08-11T00:00:00.000-0000","id":55573,"tag_ids":[46372,46426,46439],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"Y","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-20T15:03:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The game is afoot! The curious case of Alice and Bob will explore beyond the surface of technical know-how. Attendees will navigate the intricate labyrinth of digital investigation, learning not just 'where' to seek digital clues – perhaps hidden in the registry – but crucially, 'why' these details matter and 'how' they fit into the larger puzzle of our investigation. Join me on a narrative adventure illuminating the practical use of tools in a real-world scenario. For both seasoned and aspiring digital sleuths, this talk aims to sharpen investigative skills, setting or recalibrating your expectations of what digital forensics can realistically achieve.\n\n\n","media":[],"title":"The Curious Case of Alice and Bob: What You Can (And Cannot!) Do as Digital Investigators","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"The game is afoot! The curious case of Alice and Bob will explore beyond the surface of technical know-how. Attendees will navigate the intricate labyrinth of digital investigation, learning not just 'where' to seek digital clues – perhaps hidden in the registry – but crucially, 'why' these details matter and 'how' they fit into the larger puzzle of our investigation. Join me on a narrative adventure illuminating the practical use of tools in a real-world scenario. For both seasoned and aspiring digital sleuths, this talk aims to sharpen investigative skills, setting or recalibrating your expectations of what digital forensics can realistically achieve.","updated_timestamp":{"seconds":1720332054,"nanoseconds":0},"speakers":[{"content_ids":[54652,55750],"conference_id":133,"event_ids":[56275,55025],"name":"Catherine J. Ullman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"University at Buffalo","title":"Principle Technology Architect, Security"}],"links":[],"pronouns":null,"media":[],"id":54297,"title":"Principle Technology Architect, Security at University at Buffalo"}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T06:00:54Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":55025,"tag_ids":[46385,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54297}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-07T06:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn the inner workings and vulnerabilities of mechanical combination safe locks! Safe manipulation is an underrated aspect of locksport and this talk will guide you through the ins and outs of how to do it.\n\n\n","media":[],"title":"Safecracking for Everyone","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Learn the inner workings and vulnerabilities of mechanical combination safe locks! Safe manipulation is an underrated aspect of locksport and this talk will guide you through the ins and outs of how to do it.","updated_timestamp":{"seconds":1720331869,"nanoseconds":0},"speakers":[{"content_ids":[54556,55503],"conference_id":133,"event_ids":[55932,54931],"name":"Jared Dygert","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54305}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:49Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":54931,"tag_ids":[46384,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54305}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Veilid Dev and Community Meetup","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T20:15:00Z","end_timestamp":{"seconds":1723234500,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1720307458,"nanoseconds":0},"speakers":[{"content_ids":[54448],"conference_id":133,"event_ids":[54821],"name":"The_Gibson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54129}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:58Z","links":[],"end":"2024-08-09T20:15:00.000-0000","id":54821,"tag_ids":[46166,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54129}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"One of the best parts of DEF CON is the glitz and glam of Vegas, the gambling capital of the world. Many have explored hacking casinos (on and off stage). Unfortunately, it’s just not like it is portrayed in the Oceans franchise.. in real life there’s much less action, no George Clooney, and it’s a lot harder to pull off a successful heist. \r\n\r\nFortunately I’m not your typical hacker, I’m an AI hacker. I use adversarial machine learning techniques to disrupt, deceive and disclose information from Artificial Intelligence systems. \r\n\r\nI chose my target carefully: Canberra Casino. It’s the best casino in my city.. It’s also the only casino but that’s not the point. \r\nThe casino industry is at an interesting inflection point. Many large casinos have already adopted AI for surveillance and gameplay monitoring, smaller casinos are starting to make the transition, and there’s only a couple of companies in the world that provide this software. It’s ripe for exploitation. \r\n\r\nIn this talk I’m going to show you how I bypassed Casino Canberra's AI systems - facial recognition, surveillance systems and gameplay monitoring. AI Security is the new cyber security threat, and attacks on AI systems could have broad implications including misdiagnoses in medical imaging, navigation errors in autonomous vehicles.. and successful casino heists.\r\n\r\n1. Standing Committee of the One Hundred Year Study of Artificial Intelligence. Gathering Strength,Gathering Storms: The One Hundred Year Study on Artificial Intelligence (AI100) 2021 Study Panel Report | One Hundred Year Study on Artificial Intelligence (AI100). Technical report, September 2021.\r\n2. Eva A. M. van Dis, Johan Bollen, Willem Zuidema, Robert van Rooij, and Claudi L. Bockting. ChatGPT: five priorities for research. Nature, 614(7947):224–226, February 2023. Bandiera abtest: a Cg type: Comment Number: 7947 Publisher: Nature Publishing Group Subject term: Com-puter science, Research management, Publishing, Machine learning.\r\n3. Mingfu Xue, Chengxiang Yuan, Heyi Wu, Yushu Zhang, and Weiqiang Liu. Machine Learn-ing Security: Threats, Countermeasures, and Evaluations. IEEE Access, 8:74720–74742, 2020.Conference Name: IEEE Access.\r\n4. NSCAI. The National Security Commission on Artificial Intelligence.\r\n5. Elisa Bertino, Murat Kantarcioglu, Cuneyt Gurcan Akcora, Sagar Samtani, Sudip Mittal, and Maanak Gupta. AI for Security and Security for AI. In Proceedings of the Eleventh ACM Confer-ence on Data and Application Security and Privacy, CODASPY ’21, pages 333–334, New York, NY, USA, April 2021. Association for Computing Machinery.\r\n5. Battista Biggio and Fabio Roli. Wild patterns: Ten years after the rise of adversarial machine learning. Pattern Recognition, 84:317–331, December 2018.\r\n6. Ian Goodfellow, Jonathon Shlens, and Christian Szegedy. Explaining and Harnessing Adversarial Examples. In International Conference on Learning Representations, 2015.\r\n7. Christian Szegedy, Wojciech Zaremba, Ilya Sutskever, Joan Bruna, Dumitru Erhan, Ian Goodfellow, and Rob Fergus. Intriguing properties of neural networks, February 2014. arXiv:1312.6199 [cs].\r\n8. Mahmood Sharif, Sruti Bhagavatula, Lujo Bauer, and Michael K. Reiter. Accessorize to a Crime: Real and Stealthy Attacks on State-of-the-Art Face Recognition. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS ’16, pages 1528–1540, New York, NY, USA, October 2016. Association for Computing Machinery.\r\n9. Tom Brown, Dandelion Mane, Aurko Roy, Martin Abadi, and Justin Gilmer. Adversarial Patch. 2017.\r\n10. US Marines Defeat DARPA Robot by Hiding Under a Cardboard Box | Extremetech.\r\n11. Walter David, Paolo Pappalepore, Alexandra Stefanova, and Brindusa Andreea Sarbu. AI-Powered Lethal Autonomous Weapon Systems in Defence Transformation. Impact and Chal-lenges. In Jan Mazal, Adriano Fagiolini, and Petr Vasik, editors, Modelling and Simulation for Autonomous Systems, Lecture Notes in Computer Science, pages 337–350, Cham, 2020. Springer International Publishing.\r\n12. C Wise and J Plested. Developing Imperceptible Adversarial Patches to Camouflage Military Assets From Computer Vision Enabled Technologies, May 2022. arXiv:2202.08892 cs..\r\n13. Anish Athalye, Nicholas Carlini, and David Wagner. Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples. In Proceedings of the 35th International Conference on Machine Learning, pages 274–283. PMLR, July 2018. ISSN: 2640-3498.\r\n14. Kevin Eykholt, Ivan Evtimov, Earlence Fernandes, Bo Li, Amir Rahmati, Chaowei Xiao, Atul Prakash, Tadayoshi Kohno, and Dawn Song. Robust Physical-World Attacks on Deep Learning Visual Classification. In 2018 IEEE/CVF Conference on Computer Vision and Pattern Recognition, pages 1625–1634, Salt Lake City, UT, USA, June 2018. IEEE.\r\n15. Ram Shankar Siva Kumar, Magnus Nystr ̈om, John Lambert, Andrew Marshall, Mario Goertzel, Andi Comissoneru, Matt Swann, and Sharon Xia. Adversarial Machine Learning-Industry Perspectives. In 2020 IEEE Security and Privacy Workshops (SPW), pages 69–75, May 2020.\r\n\n\n\n","media":[],"title":"On Your Ocean's 11 Team, I'm the AI Guy (technically Girl)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T19:45:00Z","end_timestamp":{"seconds":1723232700,"nanoseconds":0},"android_description":"One of the best parts of DEF CON is the glitz and glam of Vegas, the gambling capital of the world. Many have explored hacking casinos (on and off stage). Unfortunately, it’s just not like it is portrayed in the Oceans franchise.. in real life there’s much less action, no George Clooney, and it’s a lot harder to pull off a successful heist. \r\n\r\nFortunately I’m not your typical hacker, I’m an AI hacker. I use adversarial machine learning techniques to disrupt, deceive and disclose information from Artificial Intelligence systems. \r\n\r\nI chose my target carefully: Canberra Casino. It’s the best casino in my city.. It’s also the only casino but that’s not the point. \r\nThe casino industry is at an interesting inflection point. Many large casinos have already adopted AI for surveillance and gameplay monitoring, smaller casinos are starting to make the transition, and there’s only a couple of companies in the world that provide this software. It’s ripe for exploitation. \r\n\r\nIn this talk I’m going to show you how I bypassed Casino Canberra's AI systems - facial recognition, surveillance systems and gameplay monitoring. AI Security is the new cyber security threat, and attacks on AI systems could have broad implications including misdiagnoses in medical imaging, navigation errors in autonomous vehicles.. and successful casino heists.\r\n\r\n1. Standing Committee of the One Hundred Year Study of Artificial Intelligence. Gathering Strength,Gathering Storms: The One Hundred Year Study on Artificial Intelligence (AI100) 2021 Study Panel Report | One Hundred Year Study on Artificial Intelligence (AI100). Technical report, September 2021.\r\n2. Eva A. M. van Dis, Johan Bollen, Willem Zuidema, Robert van Rooij, and Claudi L. Bockting. ChatGPT: five priorities for research. Nature, 614(7947):224–226, February 2023. Bandiera abtest: a Cg type: Comment Number: 7947 Publisher: Nature Publishing Group Subject term: Com-puter science, Research management, Publishing, Machine learning.\r\n3. Mingfu Xue, Chengxiang Yuan, Heyi Wu, Yushu Zhang, and Weiqiang Liu. Machine Learn-ing Security: Threats, Countermeasures, and Evaluations. IEEE Access, 8:74720–74742, 2020.Conference Name: IEEE Access.\r\n4. NSCAI. The National Security Commission on Artificial Intelligence.\r\n5. Elisa Bertino, Murat Kantarcioglu, Cuneyt Gurcan Akcora, Sagar Samtani, Sudip Mittal, and Maanak Gupta. AI for Security and Security for AI. In Proceedings of the Eleventh ACM Confer-ence on Data and Application Security and Privacy, CODASPY ’21, pages 333–334, New York, NY, USA, April 2021. Association for Computing Machinery.\r\n5. Battista Biggio and Fabio Roli. Wild patterns: Ten years after the rise of adversarial machine learning. Pattern Recognition, 84:317–331, December 2018.\r\n6. Ian Goodfellow, Jonathon Shlens, and Christian Szegedy. Explaining and Harnessing Adversarial Examples. In International Conference on Learning Representations, 2015.\r\n7. Christian Szegedy, Wojciech Zaremba, Ilya Sutskever, Joan Bruna, Dumitru Erhan, Ian Goodfellow, and Rob Fergus. Intriguing properties of neural networks, February 2014. arXiv:1312.6199 [cs].\r\n8. Mahmood Sharif, Sruti Bhagavatula, Lujo Bauer, and Michael K. Reiter. Accessorize to a Crime: Real and Stealthy Attacks on State-of-the-Art Face Recognition. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS ’16, pages 1528–1540, New York, NY, USA, October 2016. Association for Computing Machinery.\r\n9. Tom Brown, Dandelion Mane, Aurko Roy, Martin Abadi, and Justin Gilmer. Adversarial Patch. 2017.\r\n10. US Marines Defeat DARPA Robot by Hiding Under a Cardboard Box | Extremetech.\r\n11. Walter David, Paolo Pappalepore, Alexandra Stefanova, and Brindusa Andreea Sarbu. AI-Powered Lethal Autonomous Weapon Systems in Defence Transformation. Impact and Chal-lenges. In Jan Mazal, Adriano Fagiolini, and Petr Vasik, editors, Modelling and Simulation for Autonomous Systems, Lecture Notes in Computer Science, pages 337–350, Cham, 2020. Springer International Publishing.\r\n12. C Wise and J Plested. Developing Imperceptible Adversarial Patches to Camouflage Military Assets From Computer Vision Enabled Technologies, May 2022. arXiv:2202.08892 cs..\r\n13. Anish Athalye, Nicholas Carlini, and David Wagner. Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples. In Proceedings of the 35th International Conference on Machine Learning, pages 274–283. PMLR, July 2018. ISSN: 2640-3498.\r\n14. Kevin Eykholt, Ivan Evtimov, Earlence Fernandes, Bo Li, Amir Rahmati, Chaowei Xiao, Atul Prakash, Tadayoshi Kohno, and Dawn Song. Robust Physical-World Attacks on Deep Learning Visual Classification. In 2018 IEEE/CVF Conference on Computer Vision and Pattern Recognition, pages 1625–1634, Salt Lake City, UT, USA, June 2018. IEEE.\r\n15. Ram Shankar Siva Kumar, Magnus Nystr ̈om, John Lambert, Andrew Marshall, Mario Goertzel, Andi Comissoneru, Matt Swann, and Sharon Xia. Adversarial Machine Learning-Industry Perspectives. In 2020 IEEE Security and Privacy Workshops (SPW), pages 69–75, May 2020.","updated_timestamp":{"seconds":1720382842,"nanoseconds":0},"speakers":[{"content_ids":[54612,54447,55880],"conference_id":133,"event_ids":[56465,54820,54986],"name":"Harriet Farlow","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Mileva Security Labs","title":"CEO"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/harriet-farlow-654963b7/"},{"description":"","title":"YouTube","sort_order":0,"url":"https://www.youtube.com/@HarrietHacks"},{"description":"","title":"www.harriethacks.com/","sort_order":0,"url":"https://www.harriethacks.com/"},{"description":"","title":"www.mileva.com.au/about-us","sort_order":0,"url":"https://www.mileva.com.au/about-us"}],"media":[],"id":54195,"title":"CEO at Mileva Security Labs"}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T20:07:22Z","links":[],"end":"2024-08-09T19:45:00.000-0000","id":54820,"tag_ids":[46166,46169,46419,46879],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54195}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-07T20:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This fireside chat will feature an in depth conversation between DNSA Neuberger and Dark Tangent on a variety of cybersecurity and emerging technology topics such as artificial intelligence and quantum computing. DNSA Neuberger has served in a variety of senior intelligence and cybersecurity roles within the National Security Agency, including Director of NSA’s cybersecurity organization and Deputy Director of NSA’s intelligence operations. She has also held multiple positions at the Department of Defense and the private sector, and now leads development of the Biden Administration’s policies on cybersecurity and emerging technologies from the White House. She and DT will delve into the latest and most pressing issues in these domains that concern the White House and how hackers can influence tech-related discussions to improve policy and operational outcomes.\n\n\n","media":[],"title":"Fireside Chat with DNSA Anne Neuberger","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T19:45:00Z","end_timestamp":{"seconds":1723232700,"nanoseconds":0},"android_description":"This fireside chat will feature an in depth conversation between DNSA Neuberger and Dark Tangent on a variety of cybersecurity and emerging technology topics such as artificial intelligence and quantum computing. DNSA Neuberger has served in a variety of senior intelligence and cybersecurity roles within the National Security Agency, including Director of NSA’s cybersecurity organization and Deputy Director of NSA’s intelligence operations. She has also held multiple positions at the Department of Defense and the private sector, and now leads development of the Biden Administration’s policies on cybersecurity and emerging technologies from the White House. She and DT will delve into the latest and most pressing issues in these domains that concern the White House and how hackers can influence tech-related discussions to improve policy and operational outcomes.","updated_timestamp":{"seconds":1720370589,"nanoseconds":0},"speakers":[{"content_ids":[54523,54446,54436,54542,54574],"conference_id":133,"event_ids":[54809,54819,54896,54949,54915],"name":"Jeff \"The Dark Tangent\" Moss","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DEF CON Communications","title":""}],"pronouns":null,"links":[{"description":"","title":"Mastodon (@thedarktangent@defcon.social)","sort_order":0,"url":"https://defcon.social/@thedarktangent"},{"description":"","title":"Twitter (@thedarktangent)","sort_order":0,"url":"https://twitter.com/thedarktangent"}],"media":[{"hash_sha256":"f53ed4086958b3703d597c50fe74eef1800cf474aa3d17c0895bf89d6c05716f","filetype":"image/jpeg","hash_md5":"8104a1f4b82a4241208b7f6b9112ebf2","name":"thedarktangent_avatar.jpeg","hash_crc32c":"4ae7af86","asset_id":689,"filesize":2064,"sort_order":1,"url":"https://info.defcon.org/blobs/thedarktangent_avatar.jpeg","person_id":52629}],"id":52629,"title":"DEF CON Communications"},{"content_ids":[54446],"conference_id":133,"event_ids":[54819],"name":"Anne Neuberger","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Deputy National Security Advisor for Cyber and Emerging Tech"}],"links":[],"pronouns":"she/her","media":[],"id":54073,"title":"Deputy National Security Advisor for Cyber and Emerging Tech"}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T16:43:09Z","links":[],"end":"2024-08-09T19:45:00.000-0000","id":54819,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54073},{"tag_id":46167,"sort_order":4,"person_id":52629}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-07-07T16:43:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"How well do *you* know your man pages? Find out by teaming up with up to 3 other people (or come solo and get matched up with some new friends) and play \"Aw, man...pages!\". Across several rounds, your knowledge of man pages will be tested to the limit. Can you remember what command line flag is being described by its help text? Can you identify a tool just from a man page snippet? Can you provide the long-form flag when only given the short? Will you prove yourself worthy to be crowned the man page champion?\n\n\n","media":[],"title":"Aw, man…pages!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"How well do *you* know your man pages? Find out by teaming up with up to 3 other people (or come solo and get matched up with some new friends) and play \"Aw, man...pages!\". Across several rounds, your knowledge of man pages will be tested to the limit. Can you remember what command line flag is being described by its help text? Can you identify a tool just from a man page snippet? Can you provide the long-form flag when only given the short? Will you prove yourself worthy to be crowned the man page champion?","updated_timestamp":{"seconds":1719553672,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T05:47:52Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249418"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249417"}],"end":"2024-08-09T20:00:00.000-0000","id":54609,"tag_ids":[46427,46439,46490],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46334,"name":"LVCC - L1 - North Lobby Contests/ACK Stage","hotel":"","short_name":"North Lobby Contests/ACK Stage","id":46332},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-06-28T05:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Serberus is a serial Man-in-the-Middle hardware hacking tool designed to connect to embedded devices . It has 4 channels and has headers to interface with up to 3 UARTs simultaneously and also has the ability to connect to JTAG, SPI, I2C and SWD interfaces. During this talk I will introduce the Serberus and what makes it different than other, similar tools. It has a level shifter and switch to allow you to connect to logic voltages of 1.8, 2.5 and 3.3v or any arbitrary voltage between 1.65v and 5.5v, matching that of your target. The Serberus is unique in that it was designed to use open source tools like the Akheron proxy in order to MitM serial communications. I will demonstrate the Serberus connecting to a wifi router, to a JTAG, I2C or SPI target and I will also show the MitM capabilities on the serial connection between an aircraft transponder and its avionics system. The Serberus project is free and open source with all board layouts, gerbers and schematics published.\n\n\n","media":[],"title":"Serberus","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"The Serberus is a serial Man-in-the-Middle hardware hacking tool designed to connect to embedded devices . It has 4 channels and has headers to interface with up to 3 UARTs simultaneously and also has the ability to connect to JTAG, SPI, I2C and SWD interfaces. During this talk I will introduce the Serberus and what makes it different than other, similar tools. It has a level shifter and switch to allow you to connect to logic voltages of 1.8, 2.5 and 3.3v or any arbitrary voltage between 1.65v and 5.5v, matching that of your target. The Serberus is unique in that it was designed to use open source tools like the Akheron proxy in order to MitM serial communications. I will demonstrate the Serberus connecting to a wifi router, to a JTAG, I2C or SPI target and I will also show the MitM capabilities on the serial connection between an aircraft transponder and its avionics system. The Serberus project is free and open source with all board layouts, gerbers and schematics published.","updated_timestamp":{"seconds":1718922462,"nanoseconds":0},"speakers":[{"content_ids":[54180],"conference_id":133,"event_ids":[54549],"name":"Patrick Kiley","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Mandiant","title":"Principal Consultant"}],"links":[],"pronouns":null,"media":[],"id":53766,"title":"Principal Consultant at Mandiant"}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:27:42Z","links":[{"label":"Project","type":"link","url":"https://github.com/pk-mdt/Serberus"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249614"}],"end":"2024-08-09T20:45:00.000-0000","id":54549,"tag_ids":[46169,46441,46449],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53766}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W308","hotel":"","short_name":"W308","id":46321},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-06-20T22:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Paraweb empowers people to publish and surf invisibly on a World Wide Web without the telltale traffic patterns that can betray our use of Tor and VPNs to network monitors. Paraweb is a wide-area hypermedia information retrieval initiative that combines steganography and open Web 1.0-inspired protocols to hijack and embed itself as a parasitic communications network inside existing social network websites like Tumblr, Instagram, and Reddit. Paraweb publishers can steganographically encode HTML-based, para-hyperlinked sites within innocuous media, then post those media on social network sites indistinguishably from benign content creators. Paraweb surfers can traverse these media as benign social network users, decoding the contents of para-sites as they appear normally in their searches, traversals, and feeds. Paraweb traffic is designed to blend indistinguishably with normal Web 2.0 and social network traffic, enabling Paraweb netizens to “hide in plain sight.” Paraweb’s loose and open-source combination of steganography and web-based protocols extends the hard-shell defenses of the encrypted web to the realms of deniability and stealth.\n\n\n","media":[],"title":"The World Wide Paraweb","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"Paraweb empowers people to publish and surf invisibly on a World Wide Web without the telltale traffic patterns that can betray our use of Tor and VPNs to network monitors. Paraweb is a wide-area hypermedia information retrieval initiative that combines steganography and open Web 1.0-inspired protocols to hijack and embed itself as a parasitic communications network inside existing social network websites like Tumblr, Instagram, and Reddit. Paraweb publishers can steganographically encode HTML-based, para-hyperlinked sites within innocuous media, then post those media on social network sites indistinguishably from benign content creators. Paraweb surfers can traverse these media as benign social network users, decoding the contents of para-sites as they appear normally in their searches, traversals, and feeds. Paraweb traffic is designed to blend indistinguishably with normal Web 2.0 and social network traffic, enabling Paraweb netizens to “hide in plain sight.” Paraweb’s loose and open-source combination of steganography and web-based protocols extends the hard-shell defenses of the encrypted web to the realms of deniability and stealth.","updated_timestamp":{"seconds":1718922411,"nanoseconds":0},"speakers":[{"content_ids":[54177],"conference_id":133,"event_ids":[54546],"name":"Nathan Sidles","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53763}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:26:51Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249613"},{"label":"Project","type":"link","url":"https://www.paraweb.io/"}],"end":"2024-08-09T20:45:00.000-0000","id":54546,"tag_ids":[46169,46441],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53763}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W307","hotel":"","short_name":"W307","id":46322},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-06-20T22:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Skynet is an AI project (just kidding.) It is meant to be a sort of unified theory of detection, enabling us to plot any detection artifact types on screen around an entity and decision them faster and more accurately. While plotting alert sets, attack trees, and kill chains has been done, for the presentation of alert sets and cases, we are planning to use graphing as the primary presentation, triage and decisioning mechanism, at scale, using a novel combination of heuristics and machine learning. It is an alert manager made by users, for users.\n\n\n","media":[],"title":"Skynet","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"Skynet is an AI project (just kidding.) It is meant to be a sort of unified theory of detection, enabling us to plot any detection artifact types on screen around an entity and decision them faster and more accurately. While plotting alert sets, attack trees, and kill chains has been done, for the presentation of alert sets and cases, we are planning to use graphing as the primary presentation, triage and decisioning mechanism, at scale, using a novel combination of heuristics and machine learning. It is an alert manager made by users, for users.","updated_timestamp":{"seconds":1718922358,"nanoseconds":0},"speakers":[{"content_ids":[54174],"conference_id":133,"event_ids":[54543],"name":"Craig Chamberlain","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53731},{"content_ids":[54174],"conference_id":133,"event_ids":[54543],"name":"Rewanth Tammana","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53770}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:25:58Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249612"}],"end":"2024-08-09T20:45:00.000-0000","id":54543,"tag_ids":[46169,46441,46445],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53731},{"tag_id":46167,"sort_order":4,"person_id":53770}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W306","hotel":"","short_name":"W306","id":46323},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-06-20T22:25:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Tengu Marauder, derived from a previous security drone project, is a portable wheeled robot equipped with an ESP32 Marauder, currently in its testing phase. Designed for simplicity and efficiency, the Tengu Marauder serves as an alternative and interactive tool for WiFi network security testing. Its capabilities include WiFi scanning, deauthentication attacks, packet sniffing, and other wireless security tests. The compact design ensures ease of construction and maintenance using readily available parts and straightforward code integration. Essentially an advanced RC robot, the Tengu Marauder operates headless via XBee, providing a fun and engaging platform for testing the security of network-controlled devices over WiFi, such as IoT smart home devices and smaller WiFi-controlled drones like the Ryze Tello. This project would not have been possible without the development help, test runs, and support from the Philadelphia RAICES organization, the Philadelphia DEFCON group, and DeciSym.AI.\n\n\n","media":[],"title":"Tengu Marauder","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"The Tengu Marauder, derived from a previous security drone project, is a portable wheeled robot equipped with an ESP32 Marauder, currently in its testing phase. Designed for simplicity and efficiency, the Tengu Marauder serves as an alternative and interactive tool for WiFi network security testing. Its capabilities include WiFi scanning, deauthentication attacks, packet sniffing, and other wireless security tests. The compact design ensures ease of construction and maintenance using readily available parts and straightforward code integration. Essentially an advanced RC robot, the Tengu Marauder operates headless via XBee, providing a fun and engaging platform for testing the security of network-controlled devices over WiFi, such as IoT smart home devices and smaller WiFi-controlled drones like the Ryze Tello. This project would not have been possible without the development help, test runs, and support from the Philadelphia RAICES organization, the Philadelphia DEFCON group, and DeciSym.AI.","updated_timestamp":{"seconds":1718922301,"nanoseconds":0},"speakers":[{"content_ids":[54171],"conference_id":133,"event_ids":[54540],"name":"Leonardo Serrano","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53750},{"content_ids":[54171],"conference_id":133,"event_ids":[54540],"name":"Lexie Thach","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53752}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:25:01Z","links":[{"label":"Project","type":"link","url":"https://github.com/Lexicon121/Tengu-Marauder "},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249611"}],"end":"2024-08-09T20:45:00.000-0000","id":54540,"tag_ids":[46169,46441,46447,46449,46457,46458,46459],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53750},{"tag_id":46167,"sort_order":4,"person_id":53752}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W305","hotel":"","short_name":"W305","id":46324},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-06-20T22:25:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"BypassIT is a framework for covert delivery of malware, using AutoIT, AutoHotKey, and other Live off the Land (LotL) tools to deliver payloads and avoid detection. These techniques were derived from reversing attacks observed in the wild by DarkGate and other MaaS actors, revealing universal principles and methods useful for red teaming or internal testing. The framework will consist of a series of tools, techniques, and methods along with testing and reporting on effectiveness, as it relates to evading multiple specific antivirus products.\n\n\n","media":[],"title":"BypassIT - Using AutoIT & Similar Tools for Covert Payload Delivery","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"BypassIT is a framework for covert delivery of malware, using AutoIT, AutoHotKey, and other Live off the Land (LotL) tools to deliver payloads and avoid detection. These techniques were derived from reversing attacks observed in the wild by DarkGate and other MaaS actors, revealing universal principles and methods useful for red teaming or internal testing. The framework will consist of a series of tools, techniques, and methods along with testing and reporting on effectiveness, as it relates to evading multiple specific antivirus products.","updated_timestamp":{"seconds":1718922236,"nanoseconds":0},"speakers":[{"content_ids":[54168],"conference_id":133,"event_ids":[54537],"name":"Ezra Woods","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Arizona","title":"Information Security Analyst, Department of Economic Security"}],"links":[],"pronouns":null,"media":[],"id":53736,"title":"Information Security Analyst, Department of Economic Security at Arizona"},{"content_ids":[54168],"conference_id":133,"event_ids":[54537],"name":"Mike Manrod","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Grand Canyon Education","title":"Chief Information Security Officer"}],"links":[],"pronouns":null,"media":[],"id":53761,"title":"Chief Information Security Officer at Grand Canyon Education"}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:23:56Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249610"}],"end":"2024-08-09T20:45:00.000-0000","id":54537,"tag_ids":[46169,46441,46445,46450,46453],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53736},{"tag_id":46167,"sort_order":4,"person_id":53761}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W304","hotel":"","short_name":"W304","id":46325},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-06-20T22:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Penetration testing tools often face limitations such as IP blocking, insufficient computing power, and time constraints. However, by executing these tests across a distributed network of hundreds of devices, these challenges can be overcome. Organizing such a large-scale attack efficiently is complex, as the number of nodes increases, so does the difficulty in orchestration and management. distribRuted provides the necessary infrastructure and orchestration for distributed attacks. This framework allows developers to easily create and execute specific distributed attacks using standard application modules. Users can develop their attack modules or utilize pre-existing ones from the community. With distribRuted, automating, managing, and tracking a distributed attack across hundreds of nodes becomes straightforward, thereby enhancing efficiency, reducing time and costs, and eliminating Single Point of Failure (SPoF) in penetration testing.\n\n\n","media":[],"title":"distribRuted - Distributed Attack Framework","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T20:45:00Z","end_timestamp":{"seconds":1723236300,"nanoseconds":0},"android_description":"Penetration testing tools often face limitations such as IP blocking, insufficient computing power, and time constraints. However, by executing these tests across a distributed network of hundreds of devices, these challenges can be overcome. Organizing such a large-scale attack efficiently is complex, as the number of nodes increases, so does the difficulty in orchestration and management. distribRuted provides the necessary infrastructure and orchestration for distributed attacks. This framework allows developers to easily create and execute specific distributed attacks using standard application modules. Users can develop their attack modules or utilize pre-existing ones from the community. With distribRuted, automating, managing, and tracking a distributed attack across hundreds of nodes becomes straightforward, thereby enhancing efficiency, reducing time and costs, and eliminating Single Point of Failure (SPoF) in penetration testing.","updated_timestamp":{"seconds":1718922174,"nanoseconds":0},"speakers":[{"content_ids":[54165],"conference_id":133,"event_ids":[54534],"name":"Ismail Melih Tas","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"VP in Application Security"},{"organization":"VulnHero","title":"Founder and CEO"},{"organization":"Siber Ninja","title":"Founder and CEO"}],"links":[],"pronouns":null,"media":[],"id":53740,"title":"Founder and CEO at Siber Ninja"},{"content_ids":[54165],"conference_id":133,"event_ids":[54534],"name":"Numan Ozdemir","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Cybersecurity Researcher and Computer Programmer"}],"links":[],"pronouns":null,"media":[],"id":53764,"title":"Cybersecurity Researcher and Computer Programmer"}],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:22:54Z","links":[{"label":"Project","type":"link","url":"https://distribruted.com"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249609"}],"end":"2024-08-09T20:45:00.000-0000","id":54534,"tag_ids":[46169,46441,46446,46453,46460],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53740},{"tag_id":46167,"sort_order":4,"person_id":53764}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W303","hotel":"","short_name":"W303","id":46326},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-06-20T22:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cult of the Dead Cow and Hackers.Town are bringing you a meet and greet and chat session about Veilid Framework. Come by, say hi, talk shop, let’s see each other in person and have a little fun! Veilid Foundation directors and many of the primary contributors will be there to share progress over the last year. Come by and help us to restore the future and ensure the privacy of the internet for generations to come!\n\n\n","media":[{"hash_sha256":"1cce0efcba77ccb9db77b14e465b4e60bcba5661f640606e368116cf449d54b3","filetype":"image/png","hash_md5":"70a665f9777940174c0ff2c42e9f0870","name":"pme_veilid.png","is_logo":"Y","hash_crc32c":"d8ef9fd5","filesize":30996,"asset_id":687,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_veilid.png"}],"title":"Veilid Dev and Community Meetup","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-09T20:30:00Z","end_timestamp":{"seconds":1723235400,"nanoseconds":0},"android_description":"Cult of the Dead Cow and Hackers.Town are bringing you a meet and greet and chat session about Veilid Framework. Come by, say hi, talk shop, let’s see each other in person and have a little fun! Veilid Foundation directors and many of the primary contributors will be there to share progress over the last year. Come by and help us to restore the future and ensure the privacy of the internet for generations to come!","updated_timestamp":{"seconds":1718812658,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T15:57:38Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249521"},{"label":"More Info","type":"link","url":"https://veilid.com/"}],"end":"2024-08-09T20:30:00.000-0000","id":54507,"tag_ids":[46364,46882],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-06-19T15:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00\n\n\n","media":[],"title":"Friends of Bill W","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00","updated_timestamp":{"seconds":1718771079,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T19:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T04:24:39Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249486"}],"end":"2024-08-09T20:00:00.000-0000","id":54485,"tag_ids":[46364,46401],"village_id":null,"begin_timestamp":{"seconds":1723230000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W301","hotel":"","short_name":"W301","id":46295},"spans_timebands":"N","begin":"2024-08-09T19:00:00.000-0000","updated":"2024-06-19T04:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In 2021, Georgia’s voting system suffered the most severe security\nbreach known in US history when partisan operatives entered the\nelection offices in Coffee County, a small county in south Georgia,\nand took forensic images of all components of the voting system.\nAnd because Georgia uses one voting system statewide, the\nsoftware stolen from Coffee is the same in use across the state.\nRemarkably, even though the crimes were caught on surveillance\ncamera, the security breach did not come to light until 15 months\nlater, when the plaintiffs in the civil litigation, Curling v.\nRaffensperger uncovered not just the surveillance camera footage,\nbut emails, documents and contracts that showed this was an\nextensive and coordinated plot to unlawfully take voting software\nfrom Georgia and other states too.\nDespite the extensive evidentiary record the plaintiffs have\ndeveloped, neither the local DA or the state Attorney General\nsought to charge these crimes. However, Fulton County District\nAttorney Fani Willis included computer trespass, computer identity\ntheft and computer theft alleged in Coffee County as predicate\ncrimes in her RICO indictment, charging four individuals specifically\nwith that element of the conspiracy. Two of those charged, Sidney\nPowell and Scott Hall, have pleaded guilty.\nThis panel will explain how these events took place, and how they\nwere uncovered, not by the Secretary of State, other election\nofficials or federal or Georgia law enforcement; but by a small\nnon-profit and its fellow plaintiffs and attorneys in civil litigation. The\npresentation will also discuss how these events are connected to\nother voting system software breaches in other states, and what\nthis could mean for the 2024 elections and beyond.\n\n\n","media":[],"title":"How to Steal Voting Software and Get Away With It","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:45:00Z","end_timestamp":{"seconds":1723232700,"nanoseconds":0},"android_description":"In 2021, Georgia’s voting system suffered the most severe security\nbreach known in US history when partisan operatives entered the\nelection offices in Coffee County, a small county in south Georgia,\nand took forensic images of all components of the voting system.\nAnd because Georgia uses one voting system statewide, the\nsoftware stolen from Coffee is the same in use across the state.\nRemarkably, even though the crimes were caught on surveillance\ncamera, the security breach did not come to light until 15 months\nlater, when the plaintiffs in the civil litigation, Curling v.\nRaffensperger uncovered not just the surveillance camera footage,\nbut emails, documents and contracts that showed this was an\nextensive and coordinated plot to unlawfully take voting software\nfrom Georgia and other states too.\nDespite the extensive evidentiary record the plaintiffs have\ndeveloped, neither the local DA or the state Attorney General\nsought to charge these crimes. However, Fulton County District\nAttorney Fani Willis included computer trespass, computer identity\ntheft and computer theft alleged in Coffee County as predicate\ncrimes in her RICO indictment, charging four individuals specifically\nwith that element of the conspiracy. Two of those charged, Sidney\nPowell and Scott Hall, have pleaded guilty.\nThis panel will explain how these events took place, and how they\nwere uncovered, not by the Secretary of State, other election\nofficials or federal or Georgia law enforcement; but by a small\nnon-profit and its fellow plaintiffs and attorneys in civil litigation. The\npresentation will also discuss how these events are connected to\nother voting system software breaches in other states, and what\nthis could mean for the 2024 elections and beyond.","updated_timestamp":{"seconds":1723183538,"nanoseconds":0},"speakers":[{"content_ids":[56184],"conference_id":133,"event_ids":[56838],"name":"Anna Bower","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@annabower)","sort_order":0,"url":"https://twitter.com/annabower"},{"description":"","title":"Website","sort_order":0,"url":"https://www.lawfaremedia.org/contributors/abower"}],"media":[],"id":56562},{"content_ids":[56184],"conference_id":133,"event_ids":[56838],"name":"Marilyn Marks","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@MarilynRMarks1)","sort_order":0,"url":"https://twitter.com/MarilynRMarks1"},{"description":"","title":"Website","sort_order":0,"url":"https://www.netrootsnation.org/profile/marilyn-marks/"}],"media":[],"id":56575},{"content_ids":[56184],"conference_id":133,"event_ids":[56838],"name":"Rich DeMillo","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/richard-demillo"},{"description":"","title":"Twitter (@richde)","sort_order":0,"url":"https://twitter.com/richde"},{"description":"","title":"Website","sort_order":0,"url":"https://www.cc.gatech.edu/people/richard-demillo"}],"media":[],"id":56582},{"content_ids":[56183,56184],"conference_id":133,"event_ids":[56837,56838],"name":"Susan Greenhalgh","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/susan-greenhalgh-7078a9111"},{"description":"","title":"Twitter (@segreenhalgh)","sort_order":0,"url":"https://twitter.com/segreenhalgh"},{"description":"","title":"Website","sort_order":0,"url":"https://freespeechforpeople.org/susan-greenhalgh/"}],"media":[],"id":56584}],"begin_tsz":"2024-08-09T18:45:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:05:38Z","links":[],"end":"2024-08-09T19:45:00.000-0000","id":56838,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723229100,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":56584},{"tag_id":46487,"sort_order":4,"person_id":56562},{"tag_id":46487,"sort_order":6,"person_id":56582},{"tag_id":46487,"sort_order":8,"person_id":56575}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-09T18:45:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Are you curious about accessing and collecting triage data from Android devices? I was. This workshop is designed for the defender that doesn't know much about Android or how to access it to collect forensic triage data, but would like to understand the subject better. This workshop gives a solid foundation for accessing Android devices and collecting data from them. It will cover:\r\n\r\n* Installing and using an Android emulator\r\n* How does an Android emulator differ from an actual Android device\r\n* Using the Android Debug Bridge (ADB) to send commands to Android\r\n* Collecting triage data using ADB or natively on the Android device\r\n* Side loading and running a Linux executable on an Android device\r\n* Remote access to the Android native AChoirX collector over TCP\r\n* Collecting triage data both locally and remotely\r\n* Transferring the collected data using ADB, SFTP, and S3\r\n* Things to look out for. Android is very different from Windows, MacOS, and Linux\r\n* Limitations and caveats\r\n\r\nThis workshop requires Windows 10 or 11. We will install and play with Android Studio, install and play with ADB, and run AChoirX collections both remotely and locally. It is highly recommended that the student come to the workshop with Android Studio, ADB, and AChoirX already installed on their machine. We will make a small amount of time to install the software, but will not be able to troubleshoot any installation issues.\n\n\nAfter discovering that the Android Operating System commands nearly 44% of the total Operating Systems market (Windows is about 27%). I set about to see if the AChoirX triage collection program could run on it. Since Android is a Linux variant, and AChoirX already ran on Windows, MacOS, and Linux, it seemed very likely that I could make it work.\r\n\r\nIn a short time I went from knowing nearly nothing about Android to creating both a remote and local triage collector for Android. This workshop will walk the student through how I created both remote and local triage collection systems for Android. It does not cover analysis of the artifacts, but will cover how to collect data from an Android device (and the limitations) using Free and Open Source tools.","media":[],"title":"Adventures in Android Triage Collection","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T20:30:00Z","end_timestamp":{"seconds":1723235400,"nanoseconds":0},"android_description":"Are you curious about accessing and collecting triage data from Android devices? I was. This workshop is designed for the defender that doesn't know much about Android or how to access it to collect forensic triage data, but would like to understand the subject better. This workshop gives a solid foundation for accessing Android devices and collecting data from them. It will cover:\r\n\r\n* Installing and using an Android emulator\r\n* How does an Android emulator differ from an actual Android device\r\n* Using the Android Debug Bridge (ADB) to send commands to Android\r\n* Collecting triage data using ADB or natively on the Android device\r\n* Side loading and running a Linux executable on an Android device\r\n* Remote access to the Android native AChoirX collector over TCP\r\n* Collecting triage data both locally and remotely\r\n* Transferring the collected data using ADB, SFTP, and S3\r\n* Things to look out for. Android is very different from Windows, MacOS, and Linux\r\n* Limitations and caveats\r\n\r\nThis workshop requires Windows 10 or 11. We will install and play with Android Studio, install and play with ADB, and run AChoirX collections both remotely and locally. It is highly recommended that the student come to the workshop with Android Studio, ADB, and AChoirX already installed on their machine. We will make a small amount of time to install the software, but will not be able to troubleshoot any installation issues.\n\n\nAfter discovering that the Android Operating System commands nearly 44% of the total Operating Systems market (Windows is about 27%). I set about to see if the AChoirX triage collection program could run on it. Since Android is a Linux variant, and AChoirX already ran on Windows, MacOS, and Linux, it seemed very likely that I could make it work.\r\n\r\nIn a short time I went from knowing nearly nothing about Android to creating both a remote and local triage collector for Android. This workshop will walk the student through how I created both remote and local triage collection systems for Android. It does not cover analysis of the artifacts, but will cover how to collect data from an Android device (and the limitations) using Free and Open Source tools.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55755],"conference_id":133,"event_ids":[56280],"name":"Omenscan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56136}],"begin_tsz":"2024-08-09T18:45:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-09T20:30:00.000-0000","id":56280,"tag_ids":[46373,46734],"village_id":null,"begin_timestamp":{"seconds":1723229100,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56136}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W309 (BTV Track 2 Workshops)","hotel":"","short_name":"W309 (BTV Track 2 Workshops)","id":46473},"spans_timebands":"N","begin":"2024-08-09T18:45:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Explore the intricacies of time-based SQL injection through the lens of Operation GhostShell. This session delves into the methods used by attackers to exploit time delays for data extraction, highlighting real-world examples and the impact of these breaches on major universities. Attendees will gain a deep understanding of the technical aspects, see live demonstrations, and learn practical defense strategies to safeguard against such vulnerabilities. Perfect for security professionals seeking to enhance their knowledge of advanced SQLi techniques and mitigation.\n\n\n","media":[],"title":"Ticking SQLi","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:15:00Z","end_timestamp":{"seconds":1723230900,"nanoseconds":0},"android_description":"Explore the intricacies of time-based SQL injection through the lens of Operation GhostShell. This session delves into the methods used by attackers to exploit time delays for data extraction, highlighting real-world examples and the impact of these breaches on major universities. Attendees will gain a deep understanding of the technical aspects, see live demonstrations, and learn practical defense strategies to safeguard against such vulnerabilities. Perfect for security professionals seeking to enhance their knowledge of advanced SQLi techniques and mitigation.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55733],"conference_id":133,"event_ids":[56260],"name":"Iggy","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56120}],"begin_tsz":"2024-08-09T18:45:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T19:15:00.000-0000","id":56260,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723229100,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56120}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-09T18:45:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Book Signing Schedule\r\n\r\nFriday, August 9\r\n11:30 a.m. Tim Arnold, Black Hat Python, 2nd Edition\r\n12:00 p.m. Jack Rhysider from Darknet Diaries\r\n12:30 p.m. James Forshaw, Windows Security Internals \r\n1:30 p.m. Nick Aleks, Black Hat Bash [DEF CON edition] and Black Hat GraphQL\r\n2:30 p.m. Jim O'Gorman and Daniel Graham, Metasploit, 2nd Edition [DEF CON edition]\r\n3:30 p.m. Corey Ball, Hacking APIs\r\n4:30 p.m. Elonka Dunin and Klaus Schmeh, Codebreaking\r\n \r\nSaturday, August 10\r\n10:30 a.m. Travis Goodspeed, Microcontroller Exploitsand PoC||GTFO, Volumes 1, 2, and 3\r\n12:30 p.m. Micah Lee, Hacks, Leaks, and Revelations\r\n1:30 p.m. Jon DiMaggio, The Art of Cyberwarfare \r\n2:30 p.m. Matt Burrough and Jos Weyers, Locksport\r\n3:30 p.m. Chris Eagle and Kara Nance, The Ghidra Book\r\n4:30 p.m. Alex Matrosov, Rootkits and Bootkits\r\n \r\nSunday, August 11\r\n11:30 a.m. Beau Woods, Fotios Chantzis, and Paulino Calderon, Practical IoT Hacking\n\n\n","media":[],"title":"Book Signings","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-10T00:30:00Z","end_timestamp":{"seconds":1723249800,"nanoseconds":0},"android_description":"Book Signing Schedule\r\n\r\nFriday, August 9\r\n11:30 a.m. Tim Arnold, Black Hat Python, 2nd Edition\r\n12:00 p.m. Jack Rhysider from Darknet Diaries\r\n12:30 p.m. James Forshaw, Windows Security Internals \r\n1:30 p.m. Nick Aleks, Black Hat Bash [DEF CON edition] and Black Hat GraphQL\r\n2:30 p.m. Jim O'Gorman and Daniel Graham, Metasploit, 2nd Edition [DEF CON edition]\r\n3:30 p.m. Corey Ball, Hacking APIs\r\n4:30 p.m. Elonka Dunin and Klaus Schmeh, Codebreaking\r\n \r\nSaturday, August 10\r\n10:30 a.m. Travis Goodspeed, Microcontroller Exploitsand PoC||GTFO, Volumes 1, 2, and 3\r\n12:30 p.m. Micah Lee, Hacks, Leaks, and Revelations\r\n1:30 p.m. Jon DiMaggio, The Art of Cyberwarfare \r\n2:30 p.m. Matt Burrough and Jos Weyers, Locksport\r\n3:30 p.m. Chris Eagle and Kara Nance, The Ghidra Book\r\n4:30 p.m. Alex Matrosov, Rootkits and Bootkits\r\n \r\nSunday, August 11\r\n11:30 a.m. Beau Woods, Fotios Chantzis, and Paulino Calderon, Practical IoT Hacking","updated_timestamp":{"seconds":1723237021,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T20:57:01Z","links":[],"end":"2024-08-10T00:30:00.000-0000","id":56871,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-04 (Vendors East)","hotel":"","short_name":"HW4-04-04 (Vendors East)","id":46382},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-08-09T20:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is going to be a lightning talk covering three short aviation cybersecurity topics. 1) What is the attack surface of an airport 2) How plane hacking is represented in the movies 3) What it takes to resolve a 3 year disclosure process for an EFB.\n\n\n","media":[],"title":"Aviation cybersecurity lightning talk: Three topics in thirty minutes","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:00:00Z","end_timestamp":{"seconds":1723230000,"nanoseconds":0},"android_description":"This is going to be a lightning talk covering three short aviation cybersecurity topics. 1) What is the attack surface of an airport 2) How plane hacking is represented in the movies 3) What it takes to resolve a 3 year disclosure process for an EFB.","updated_timestamp":{"seconds":1723168589,"nanoseconds":0},"speakers":[{"content_ids":[54606,55837,56177],"conference_id":133,"event_ids":[56387,56831,54980],"name":"Ken Munro","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Pen Test Partners","title":"Partner and Founder"}],"links":[],"pronouns":null,"media":[],"id":54347,"title":"Partner and Founder at Pen Test Partners"}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T01:56:29Z","links":[],"end":"2024-08-09T19:00:00.000-0000","id":56831,"tag_ids":[46366,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54347}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-08-09T01:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn how DARPA's Signature Management using Operational Knowledge and Environments (SMOKE) program aims to develop data-driven tools to automate the planning and execution of emulated threat actor infrastructure needed for red team operations.\n\n\n","media":[],"title":"SMOKE: Signature Management using Operational Knowledge and Environments","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:50:00Z","end_timestamp":{"seconds":1723229400,"nanoseconds":0},"android_description":"Learn how DARPA's Signature Management using Operational Knowledge and Environments (SMOKE) program aims to develop data-driven tools to automate the planning and execution of emulated threat actor infrastructure needed for red team operations.","updated_timestamp":{"seconds":1722920303,"nanoseconds":0},"speakers":[{"content_ids":[56127],"conference_id":133,"event_ids":[56770],"name":"Tejas Patel","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Defense Advanced Research Projects Agency (DARPA)","title":"Program Manager"}],"pronouns":"he/him","links":[{"description":"","title":"DARPA Profile","sort_order":0,"url":"https://www.darpa.mil/staff/mr-tejas-patel"},{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/thpatel"},{"description":"","title":"Mastodon (@thpatel@mastodon.social)","sort_order":0,"url":"@thpatel@mastodon.social"},{"description":"","title":"Twitter (@thpatelusa)","sort_order":0,"url":"https://twitter.com/thpatelusa"}],"media":[],"id":56524,"title":"Program Manager at Defense Advanced Research Projects Agency (DARPA)"}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-06T04:58:23Z","links":[],"end":"2024-08-09T18:50:00.000-0000","id":56770,"tag_ids":[46369,46511],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56524}],"tags":"","conference_id":133,"location":{"parent_id":46268,"name":"LVCC - L1 - HW3-05-06 (AIxCC) - Stage","hotel":"","short_name":"AIxCC Stage","id":46498},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-08-06T04:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"On December 12th, millions of Ukrainians trying to connect on Kyivstar's mobile and internet services were met with silence. The outage, it turned out, was no accident, but a carefully planned attack that had been brewing for months. One day later, a message saying “We take full responsibility for the cyber attack on Kyivstar” appeared on social media accounts belonging to a group calling itself ‘Solntsepek’. \n\n“We attacked Kyivstar because the company provides communications to the Armed Forces of Ukraine” the message continued. The Ukrainian users found themselves an audience of another hacking stunt in the ongoing war that started with the Russian invasion of Ukraine. Almost one month later, the pro-Ukraine hacker group “BlackJack” claimed to have breached the Russian internet provider M9com as revenge for the Kyivstar attack. \n\nThese attacks demonstrate a rising trend where groups, ostensibly state-sponsored yet posing as hacktivists, execute cyber and influence operations. This approach provides plausible deniability and an appearance of legitimacy, avoiding the direct implications of government involvement. These actors, often using various group names, leverage grassroots facades for anonymity and to minimize international backlash.\n\nBut what if the inflation in the trend is its weakest point? This is where yet another trendy topic comes in handy— Machine Learning (And yes, AI as well). We analyzed thousands of public messages from Hacktivist groups in Europe and the Middle East and combined classic Cyber threat-intelligence practices with modern ML models to learn about their motives over time and more importantly — tie some of these groups together and improve the way we do attribution when it comes to Hacktivism.\n\n\n","media":[],"title":"Hospitals, Airports, and Telcos — Modern Approach to Attributing Hacktivism Attacks","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:05:00Z","end_timestamp":{"seconds":1723230300,"nanoseconds":0},"android_description":"On December 12th, millions of Ukrainians trying to connect on Kyivstar's mobile and internet services were met with silence. The outage, it turned out, was no accident, but a carefully planned attack that had been brewing for months. One day later, a message saying “We take full responsibility for the cyber attack on Kyivstar” appeared on social media accounts belonging to a group calling itself ‘Solntsepek’. \n\n“We attacked Kyivstar because the company provides communications to the Armed Forces of Ukraine” the message continued. The Ukrainian users found themselves an audience of another hacking stunt in the ongoing war that started with the Russian invasion of Ukraine. Almost one month later, the pro-Ukraine hacker group “BlackJack” claimed to have breached the Russian internet provider M9com as revenge for the Kyivstar attack. \n\nThese attacks demonstrate a rising trend where groups, ostensibly state-sponsored yet posing as hacktivists, execute cyber and influence operations. This approach provides plausible deniability and an appearance of legitimacy, avoiding the direct implications of government involvement. These actors, often using various group names, leverage grassroots facades for anonymity and to minimize international backlash.\n\nBut what if the inflation in the trend is its weakest point? This is where yet another trendy topic comes in handy— Machine Learning (And yes, AI as well). We analyzed thousands of public messages from Hacktivist groups in Europe and the Middle East and combined classic Cyber threat-intelligence practices with modern ML models to learn about their motives over time and more importantly — tie some of these groups together and improve the way we do attribution when it comes to Hacktivism.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55896],"conference_id":133,"event_ids":[56483],"name":"Itay Cohen","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56264}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T19:05:00.000-0000","id":56483,"tag_ids":[46391,46511],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56264}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Broken Object Level Authorization (BOLA) is a prevalent vulnerability in modern APIs and web applications, ranked as the top risk in the OWASP API top 10 and the fourth most reported vulnerability type in HackerOne Global Top 10. The consequences of BOLA can be severe, from sensitive data exposure to a total loss of system control.\n\nWhile manually verifying or triggering known BOLAs is typically straightforward, automatically identifying the correct execution sequences and generating viable input values for testing BOLAs is challenging. The complexities of application and business logic, the wide range of input parameters, and the stateful nature of modern web applications all hinder existing static analysis tools from detecting unknown BOLAs.\n\nTo overcome these challenges, we leverage LLM’s reasoning and generative capabilities to automate tasks that were previously done manually. These tasks include understanding application logic, uncovering endpoint dependency relationships, generating test cases, and interpreting test results. When combined with heuristics, this AI-backed method enables fully automated BOLA detection at scale. We dub this research BOLABuster.\n\nAlthough BOLABuster is still in its early stages, it has already discovered multiple new vulnerabilities in open-source projects. In one instance, we submitted 15 CVEs for one project, some leading to critical privilege escalation. Our most recent disclosed vulnerability was CVE-2024-1313, a BOLA vulnerability in Grafana, an open-source project used by over 20 million users.\n\nWhen benchmarked against other state-of-the-art fuzzing tools using applications with known BOLAs, BOLABuster, on average, sends less than 1% of the API requests to a target server to uncover a BOLA.\n\nIn this talk, we will share our methodology and the lessons learned from our research. We invite you to join us to learn about our journey with AI and explore a new approach to conducting vulnerability research.\n\n\n","media":[],"title":"BOLABuster: Harnessing LLMs for Automating BOLA Detection","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:30:00Z","end_timestamp":{"seconds":1723231800,"nanoseconds":0},"android_description":"Broken Object Level Authorization (BOLA) is a prevalent vulnerability in modern APIs and web applications, ranked as the top risk in the OWASP API top 10 and the fourth most reported vulnerability type in HackerOne Global Top 10. The consequences of BOLA can be severe, from sensitive data exposure to a total loss of system control.\n\nWhile manually verifying or triggering known BOLAs is typically straightforward, automatically identifying the correct execution sequences and generating viable input values for testing BOLAs is challenging. The complexities of application and business logic, the wide range of input parameters, and the stateful nature of modern web applications all hinder existing static analysis tools from detecting unknown BOLAs.\n\nTo overcome these challenges, we leverage LLM’s reasoning and generative capabilities to automate tasks that were previously done manually. These tasks include understanding application logic, uncovering endpoint dependency relationships, generating test cases, and interpreting test results. When combined with heuristics, this AI-backed method enables fully automated BOLA detection at scale. We dub this research BOLABuster.\n\nAlthough BOLABuster is still in its early stages, it has already discovered multiple new vulnerabilities in open-source projects. In one instance, we submitted 15 CVEs for one project, some leading to critical privilege escalation. Our most recent disclosed vulnerability was CVE-2024-1313, a BOLA vulnerability in Grafana, an open-source project used by over 20 million users.\n\nWhen benchmarked against other state-of-the-art fuzzing tools using applications with known BOLAs, BOLABuster, on average, sends less than 1% of the API requests to a target server to uncover a BOLA.\n\nIn this talk, we will share our methodology and the lessons learned from our research. We invite you to join us to learn about our journey with AI and explore a new approach to conducting vulnerability research.","updated_timestamp":{"seconds":1722625241,"nanoseconds":0},"speakers":[{"content_ids":[55702,55877],"conference_id":133,"event_ids":[56244,56462],"name":"Ravid Mazon","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56081},{"content_ids":[55702,55877],"conference_id":133,"event_ids":[56244,56462],"name":"Jay Chen","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56125}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:00:41Z","links":[],"end":"2024-08-09T19:30:00.000-0000","id":56462,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56081},{"tag_id":46167,"sort_order":4,"person_id":56125}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-08-02T19:00:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"User Behaviour Analytics are powerful predictors of both genuine and anomalous behaviour in payments. This talk will work through a few examples of payment fraud scenarios and is aimed at demonstrating the thought processes of computing effective indicators of fraud. This talk should be of interest to people interested in payments but also analysts using UEBA systems in cybersecurity.\n\n\n","media":[],"title":"User Behaviour Analytics in Payments","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:40:00Z","end_timestamp":{"seconds":1723232400,"nanoseconds":0},"android_description":"User Behaviour Analytics are powerful predictors of both genuine and anomalous behaviour in payments. This talk will work through a few examples of payment fraud scenarios and is aimed at demonstrating the thought processes of computing effective indicators of fraud. This talk should be of interest to people interested in payments but also analysts using UEBA systems in cybersecurity.","updated_timestamp":{"seconds":1722356433,"nanoseconds":0},"speakers":[{"content_ids":[55573],"conference_id":133,"event_ids":[56088],"name":"Karthik Tadinada","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Fortify Solutions","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":56038,"title":"Founder at Fortify Solutions"}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T16:20:33Z","links":[],"end":"2024-08-09T19:40:00.000-0000","id":56088,"tag_ids":[46386,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56038}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-07-30T16:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk, we explore privilege escalation mechanisms and paths within Oracle Cloud. Privilege escalation, the process by which an attacker gains elevated access and permissions beyond those intended by the cloud administrator, poses a significant threat in cloud environments and can significantly aid an attacker or pentester.\n\nOur discussion will focus on identifying privilege escalation paths, understanding how cloud administrators can misconfigure policies, and the methods attackers can use to exploit these vulnerabilities. Through carefully designed scenarios and real-world examples, attendees will learn to recognize signs of privilege escalation, thereby enhancing their security posture.\n\n\n","media":[],"title":"The Oracle Awakens: Demystifying Privilege Escalation in the cloud","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:10:00Z","end_timestamp":{"seconds":1723230600,"nanoseconds":0},"android_description":"In this talk, we explore privilege escalation mechanisms and paths within Oracle Cloud. Privilege escalation, the process by which an attacker gains elevated access and permissions beyond those intended by the cloud administrator, poses a significant threat in cloud environments and can significantly aid an attacker or pentester.\n\nOur discussion will focus on identifying privilege escalation paths, understanding how cloud administrators can misconfigure policies, and the methods attackers can use to exploit these vulnerabilities. Through carefully designed scenarios and real-world examples, attendees will learn to recognize signs of privilege escalation, thereby enhancing their security posture.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55479],"conference_id":133,"event_ids":[55908],"name":"Felipe Pr0teus","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Pr0teusBR","sort_order":0,"url":"https://Pr0teusBR"}],"media":[],"id":56002},{"content_ids":[55479],"conference_id":133,"event_ids":[55908],"name":"Lucas Cioffi","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56003}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T19:10:00.000-0000","id":55908,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56002},{"tag_id":46167,"sort_order":4,"person_id":56003}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"So you just picked up an RTL-SDR? HackRF? Not sure what to do with it or where to get started? This talk is nothing new or ground–breaking, rather a compilation and lessons learned into the world of software defined radios (SDRs), namely to solve challenges for the RF capture the flag. It will cover topics of SDR basics, hardware comparison and capabilities/limitations, software (focusing on Linux-based operating systems), and the tactics, techniques, and procedures to find your first RF CTF flag and get on the scoreboard. By the end, you will have enough tools and knowledge to start hunting for SDR flags in the ongoing capture the flag.\n\n\n","media":[],"title":"Software Defined Radio 101: Capturing Your First RFCTF Flag","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:25:00Z","end_timestamp":{"seconds":1723231500,"nanoseconds":0},"android_description":"So you just picked up an RTL-SDR? HackRF? Not sure what to do with it or where to get started? This talk is nothing new or ground–breaking, rather a compilation and lessons learned into the world of software defined radios (SDRs), namely to solve challenges for the RF capture the flag. It will cover topics of SDR basics, hardware comparison and capabilities/limitations, software (focusing on Linux-based operating systems), and the tactics, techniques, and procedures to find your first RF CTF flag and get on the scoreboard. By the end, you will have enough tools and knowledge to start hunting for SDR flags in the ongoing capture the flag.","updated_timestamp":{"seconds":1722188328,"nanoseconds":0},"speakers":[{"content_ids":[55446],"conference_id":133,"event_ids":[55871],"name":"bkobe","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@kobeski1906)","sort_order":0,"url":"https://twitter.com/kobeski1906"}],"media":[],"id":55985}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T17:38:48Z","links":[],"end":"2024-08-09T19:25:00.000-0000","id":55871,"tag_ids":[46390,46511],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55985}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-07-28T17:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"SSTV - what the heck is slow scan TV and can you send cat memes with it? In this talk, hamster dives into the history, development and use of SSTV. From this, he will present the design for a wearable device to decode SSTV images and why he thought that was a good idea.\n\n\n","media":[],"title":"SSTV: How To Send Cat Memes Via Ham Radio","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:30:00Z","end_timestamp":{"seconds":1723231800,"nanoseconds":0},"android_description":"SSTV - what the heck is slow scan TV and can you send cat memes with it? In this talk, hamster dives into the history, development and use of SSTV. From this, he will present the design for a wearable device to decode SSTV images and why he thought that was a good idea.","updated_timestamp":{"seconds":1722185568,"nanoseconds":0},"speakers":[{"content_ids":[54615,55434],"conference_id":133,"event_ids":[55859,54989],"name":"Hamster","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Github","sort_order":0,"url":"https://github.com/hamster"},{"description":"","title":"Twitter (@hamster)","sort_order":0,"url":"https://twitter.com/hamster"}],"media":[],"id":54217}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T16:52:48Z","links":[],"end":"2024-08-09T19:30:00.000-0000","id":55859,"tag_ids":[46380,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54217}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W321","hotel":"","short_name":"W321","id":46337},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-07-28T16:52:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"While living off the land attacks have always been possible in industrial environments, a notable uptick has been reported recently between Volt Typhoon's five-plus year campaign and reports of attackers using unauthenticated industrial protocols to manipulate and impact industrial processes. This talk will explore past living off the land attacks in industrial environments, the differences in IT and OT living off the land attacks, and provide approaches to counter these attacks.\n\n\n","media":[],"title":"Invisible Invaders: Strategies to Combat Living Off the Land Techniques in ICS","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:55:00Z","end_timestamp":{"seconds":1723229700,"nanoseconds":0},"android_description":"While living off the land attacks have always been possible in industrial environments, a notable uptick has been reported recently between Volt Typhoon's five-plus year campaign and reports of attackers using unauthenticated industrial protocols to manipulate and impact industrial processes. This talk will explore past living off the land attacks in industrial environments, the differences in IT and OT living off the land attacks, and provide approaches to counter these attacks.","updated_timestamp":{"seconds":1722609175,"nanoseconds":0},"speakers":[{"content_ids":[55341],"conference_id":133,"event_ids":[55733],"name":"Dan Gunter","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Insane Cyber","title":"Founder and CEO"}],"links":[],"pronouns":null,"media":[],"id":55952,"title":"Founder and CEO at Insane Cyber"}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T14:32:55Z","links":[],"end":"2024-08-09T18:55:00.000-0000","id":55733,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55952}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-08-02T14:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk dives deep into the historical context of redlining, segregation, and the enduring legacy of unequal access to technology, particularly focusing on its impact on Black communities. It examines the concept of broadband deserts, highlighting geographic disparities and their economic ramifications. Furthermore, the talk explores how the lack of broadband access hinders economic opportunities for Black individuals, including limited exposure to the tech field and decreased participation in tech and cyber-related activities from a young age. By shedding light on these issues, the presentation aims to foster awareness and discussion on strategies to bridge the digital divide and promote equitable access to technology in marginalized communities.\n\n\n","media":[],"title":"From Redlining to Weblining: Examining Broadband Deserts and Racial Injustice","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:30:00Z","end_timestamp":{"seconds":1723231800,"nanoseconds":0},"android_description":"This talk dives deep into the historical context of redlining, segregation, and the enduring legacy of unequal access to technology, particularly focusing on its impact on Black communities. It examines the concept of broadband deserts, highlighting geographic disparities and their economic ramifications. Furthermore, the talk explores how the lack of broadband access hinders economic opportunities for Black individuals, including limited exposure to the tech field and decreased participation in tech and cyber-related activities from a young age. By shedding light on these issues, the presentation aims to foster awareness and discussion on strategies to bridge the digital divide and promote equitable access to technology in marginalized communities.","updated_timestamp":{"seconds":1721495162,"nanoseconds":0},"speakers":[{"content_ids":[55192],"conference_id":133,"event_ids":[55582],"name":"Dr. Fatou Sankare","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Security Researcher & Professor"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/fsankare"},{"description":"","title":"Mastodon (@theedataenthusiast@defcon.social)","sort_order":0,"url":"https://defcon.social/@theedataenthusiast"}],"media":[],"id":55789,"title":"Security Researcher & Professor"}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T17:06:02Z","links":[],"end":"2024-08-09T19:30:00.000-0000","id":55582,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55789}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-07-20T17:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"For the past few years, we have had multiple instances of sophisticated cyber attacks ranging from ransomware attacks to attacks propagated by state sponsored threat actors; targeting elections, organizations, critical infrastructure etc. Organizations have had to step up and compensate with additional security controls and resources. We are living in a phase where even the most secure organizations are not immune to targeted cyber threats, the landscape of cyber security is in the state of constant evolution, with everybody playing to catch up. \r\n\r\nThis panel has been structured to delve into the complex and evolving nature of cyber adversaries. Beginning with an overview of recent cyber-attacks, breaches, and targeted ransomware incidents. We will also examine the rising wave of state sponsored threat actors, while focusing on their sophisticated adversary tactics, techniques and procedures. \r\n\r\nThis panel will focus on why organizations with even the most advanced cyber defense tooling and more than capable resources are still affected by breaches and threat actors. Our panel of experts will discuss the reasons behind these incidents and provide Insights into effective response and contentment strategies. Conversation will explore the critical components of how efficiently respond to threats, contain, and remediate them. \r\n\r\nAdditionally, the panel will also touch upon how threat intel assisted adversarial attack simulation, offensive cyber security operations could be used as proactive measures in enhancing an organization’s defense posture, offering valuable insights into the mindset and methodologies of potential attackers. \r\n\n\n\n","media":[],"title":"Formidable Adversaries: Responding to Breaches, Ransomware, and State-Sponsored Threat Actors","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:30:00Z","end_timestamp":{"seconds":1723231800,"nanoseconds":0},"android_description":"For the past few years, we have had multiple instances of sophisticated cyber attacks ranging from ransomware attacks to attacks propagated by state sponsored threat actors; targeting elections, organizations, critical infrastructure etc. Organizations have had to step up and compensate with additional security controls and resources. We are living in a phase where even the most secure organizations are not immune to targeted cyber threats, the landscape of cyber security is in the state of constant evolution, with everybody playing to catch up. \r\n\r\nThis panel has been structured to delve into the complex and evolving nature of cyber adversaries. Beginning with an overview of recent cyber-attacks, breaches, and targeted ransomware incidents. We will also examine the rising wave of state sponsored threat actors, while focusing on their sophisticated adversary tactics, techniques and procedures. \r\n\r\nThis panel will focus on why organizations with even the most advanced cyber defense tooling and more than capable resources are still affected by breaches and threat actors. Our panel of experts will discuss the reasons behind these incidents and provide Insights into effective response and contentment strategies. Conversation will explore the critical components of how efficiently respond to threats, contain, and remediate them. \r\n\r\nAdditionally, the panel will also touch upon how threat intel assisted adversarial attack simulation, offensive cyber security operations could be used as proactive measures in enhancing an organization’s defense posture, offering valuable insights into the mindset and methodologies of potential attackers.","updated_timestamp":{"seconds":1720394908,"nanoseconds":0},"speakers":[{"content_ids":[54593,55984],"conference_id":133,"event_ids":[56606,54968],"name":"Ken Kato","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Omni Federal","title":"VP"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/devsecops-kkato/"},{"description":"","title":"Twitter (@CyberCalyx)","sort_order":0,"url":"https://x.com/CyberCalyx"}],"media":[],"id":54207,"title":"VP at Omni Federal"},{"content_ids":[54593,55984],"conference_id":133,"event_ids":[56606,54968],"name":"Abhijith “Abx” B R","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/abhijith-b-r/"},{"description":"","title":"Twitter (@abhijithbr)","sort_order":0,"url":"https://twitter.com/abhijithbr"},{"description":"","title":"adversaryvillage.org","sort_order":0,"url":"https://adversaryvillage.org"}],"media":[],"id":54209},{"content_ids":[54593],"conference_id":133,"event_ids":[54968],"name":"Adam \"_whatshisface\" Pennington","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"The MITRE Corporation","title":"Lead, ATT&CK"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/adamp/"},{"description":"","title":"Twitter (@_whatshisface)","sort_order":0,"url":"https://twitter.com/_whatshisface"}],"media":[],"id":54211,"title":"Lead, ATT&CK at The MITRE Corporation"},{"content_ids":[54593],"conference_id":133,"event_ids":[54968],"name":"Nikhil Mittal","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Altered Security","title":"Founder and Director"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@nikhil_mitt)","sort_order":0,"url":"https://x.com/nikhil_mitt"},{"description":"","title":"in.linkedin.com/in/mittalnikhil","sort_order":0,"url":"https://in.linkedin.com/in/mittalnikhil"}],"media":[],"id":54456,"title":"Founder and Director at Altered Security"},{"content_ids":[54593,55580],"conference_id":133,"event_ids":[56102,54968],"name":"Stryker","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Adversary Pursuit Group (APG)","title":"Head of Security Communications and Planning"}],"pronouns":"she/her","links":[{"description":"","title":"Website","sort_order":0,"url":"https://strykernostriking.com"}],"media":[],"id":56045,"title":"Head of Security Communications and Planning at Adversary Pursuit Group (APG)"}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T23:28:28Z","links":[],"end":"2024-08-09T19:30:00.000-0000","id":54968,"tag_ids":[46367,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54209},{"tag_id":46167,"sort_order":4,"person_id":54211},{"tag_id":46167,"sort_order":6,"person_id":54207},{"tag_id":46167,"sort_order":8,"person_id":54456},{"tag_id":46167,"sort_order":10,"person_id":56045}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-07-07T23:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Electronic conference badges are cool and everything, but they're A LOT of time, money, and effort including but not limited to hardware, software and art design, testing, manufacturing, testing, provisioning, and repairing.\r\n\r\nI'll share OpenTaxus, a relatively simple, cheap, mass-producible, and open-source badge design. We'll start out by looking at and understanding the design and implementation, highlighting the areas worth customizing (and which to leave as-s). I'll do a walkthrough of a few changes to customize the design - in KiCAD for hardware changes, and in CircuitPython for software changes.\r\n\r\nWe'll wrap up with some discussion of how to handle cost reduction to fit in a certain budget, manage badge logistics for events of different sizes, and warn about some of the many pitfalls that electronic badges suffer. You should walk away with the ability to customize a badge to be mass produced for your own event.\n\n\n","media":[],"title":"Custom, cheap, easy, and safe badges - without starting from scratch","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:30:00Z","end_timestamp":{"seconds":1723231800,"nanoseconds":0},"android_description":"Electronic conference badges are cool and everything, but they're A LOT of time, money, and effort including but not limited to hardware, software and art design, testing, manufacturing, testing, provisioning, and repairing.\r\n\r\nI'll share OpenTaxus, a relatively simple, cheap, mass-producible, and open-source badge design. We'll start out by looking at and understanding the design and implementation, highlighting the areas worth customizing (and which to leave as-s). I'll do a walkthrough of a few changes to customize the design - in KiCAD for hardware changes, and in CircuitPython for software changes.\r\n\r\nWe'll wrap up with some discussion of how to handle cost reduction to fit in a certain budget, manage badge logistics for events of different sizes, and warn about some of the many pitfalls that electronic badges suffer. You should walk away with the ability to customize a badge to be mass produced for your own event.","updated_timestamp":{"seconds":1720802405,"nanoseconds":0},"speakers":[{"content_ids":[54554],"conference_id":133,"event_ids":[54929],"name":"Joe \"securelyfitz\" FitzPatrick","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SecuringHardware.com","title":"Instructor and Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@securelyfitz)","sort_order":0,"url":"https://twitter.com/securelyfitz"}],"media":[],"id":54332,"title":"Instructor and Researcher at SecuringHardware.com"}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-12T16:40:05Z","links":[],"end":"2024-08-09T19:30:00.000-0000","id":54929,"tag_ids":[46169,46381,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54332}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-07-12T16:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Meet an attacking MySQL honepot which can “Attack the attackers”. In 2023 we have found a CVE (CVE-2023-21980) in MySQL that allows a rogue MySQL “server” to attack a client connecting to it; attack meaning RCE on the client side. Since then we were thinking on how to use it for good. One obvious application is to create a honeypot which will attack the attackers. In 2024 we have found another RCE in mysqldump utility (CVE-2024-21096), so we have created a rogue MySQL server and weaponized it with a chain of 3 vulnerabilities: 1/ arbitrary file read 2/ RCE from 2023 (CVE-2023- 21980) 3/ the new RCE (CVE-2024-21096). With this atomic honeypot we were able to discover 2 new attacks against MySQL server. Using arbitrary file read vulnerability in MySQL we were able to download and analyze the attackers' code and then execute an “attack against attackers” using a chain of exploits.\r\n\r\nCVE-2023-21980\r\nCVE-2024-21096\n\n\n","media":[],"title":"Atomic Honeypot: A MySQL Honeypot That Drops Shells","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T19:00:00Z","end_timestamp":{"seconds":1723230000,"nanoseconds":0},"android_description":"Meet an attacking MySQL honepot which can “Attack the attackers”. In 2023 we have found a CVE (CVE-2023-21980) in MySQL that allows a rogue MySQL “server” to attack a client connecting to it; attack meaning RCE on the client side. Since then we were thinking on how to use it for good. One obvious application is to create a honeypot which will attack the attackers. In 2024 we have found another RCE in mysqldump utility (CVE-2024-21096), so we have created a rogue MySQL server and weaponized it with a chain of 3 vulnerabilities: 1/ arbitrary file read 2/ RCE from 2023 (CVE-2023- 21980) 3/ the new RCE (CVE-2024-21096). With this atomic honeypot we were able to discover 2 new attacks against MySQL server. Using arbitrary file read vulnerability in MySQL we were able to download and analyze the attackers' code and then execute an “attack against attackers” using a chain of exploits.\r\n\r\nCVE-2023-21980\r\nCVE-2024-21096","updated_timestamp":{"seconds":1720374911,"nanoseconds":0},"speakers":[{"content_ids":[54467],"conference_id":133,"event_ids":[54840],"name":"Alexander Rubin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Amazon Web Services (AWS)","title":"Principal Security Engineer, leading RDS Red Team"}],"links":[],"pronouns":"he/him","media":[],"id":54107,"title":"Principal Security Engineer, leading RDS Red Team at Amazon Web Services (AWS)"},{"content_ids":[54467],"conference_id":133,"event_ids":[54840],"name":"Martin Rakhmanov","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Amazon Web Services (AWS)","title":"Senior Security Engineer, RDS Red Team"}],"links":[],"pronouns":null,"media":[],"id":54173,"title":"Senior Security Engineer, RDS Red Team at Amazon Web Services (AWS)"}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T17:55:11Z","links":[],"end":"2024-08-09T19:00:00.000-0000","id":54840,"tag_ids":[46166,46169,46419,46437,46438,46878],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54107},{"tag_id":46167,"sort_order":2,"person_id":54173}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-07-07T17:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Websites are riddled with timing oracles eager to divulge their innermost secrets. It's time we started listening to them.\r\n\r\nIn this session, I'll unleash novel attack concepts to coax out server secrets including masked misconfigurations, blind data-structure injection, hidden routes to forbidden areas, and a vast expanse of invisible attack-surface.\r\n\r\nThis is not a theoretical threat; every technique will be illustrated with multiple real-world case studies on diverse targets. Unprecedented advances have made these attacks both accurate and efficient; in the space of ten seconds you can now reliably detect a sub-millisecond differential with no prior configuration or 'lab conditions' required. In other words, I'm going to share timing attacks you can actually use.\r\n\r\nTo help, I'll equip you with a suite of battle-tested open-source tools enabling both hands-free automated exploitation, and custom attack scripting. I'll also share a little CTF to help you hone your new skillset.\r\n\r\nWant to take things further? I'll help you transform your own attack ideas from theory to reality, by sharing a methodology refined through testing countless concepts on thousands of websites. We've neglected this omnipresent and incredibly powerful side-channel for too long.\r\n\r\n- [link](https://www.usenix.org/conference/usenixsecurity20/presentation/van-goethem)\r\n- [link](https://portswigger.net/research/smashing-the-state-machine)\r\n\n\n\n","media":[],"title":"Listen to the whispers: web timing attacks that actually work","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T19:15:00Z","end_timestamp":{"seconds":1723230900,"nanoseconds":0},"android_description":"Websites are riddled with timing oracles eager to divulge their innermost secrets. It's time we started listening to them.\r\n\r\nIn this session, I'll unleash novel attack concepts to coax out server secrets including masked misconfigurations, blind data-structure injection, hidden routes to forbidden areas, and a vast expanse of invisible attack-surface.\r\n\r\nThis is not a theoretical threat; every technique will be illustrated with multiple real-world case studies on diverse targets. Unprecedented advances have made these attacks both accurate and efficient; in the space of ten seconds you can now reliably detect a sub-millisecond differential with no prior configuration or 'lab conditions' required. In other words, I'm going to share timing attacks you can actually use.\r\n\r\nTo help, I'll equip you with a suite of battle-tested open-source tools enabling both hands-free automated exploitation, and custom attack scripting. I'll also share a little CTF to help you hone your new skillset.\r\n\r\nWant to take things further? I'll help you transform your own attack ideas from theory to reality, by sharing a methodology refined through testing countless concepts on thousands of websites. We've neglected this omnipresent and incredibly powerful side-channel for too long.\r\n\r\n- [link](https://www.usenix.org/conference/usenixsecurity20/presentation/van-goethem)\r\n- [link](https://portswigger.net/research/smashing-the-state-machine)","updated_timestamp":{"seconds":1720461981,"nanoseconds":0},"speakers":[{"content_ids":[54444,55173],"conference_id":133,"event_ids":[55561,54817],"name":"James \"albinowax\" Kettle","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"PortSwigger","title":"Director of Research"}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@albinowax@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@albinowax"},{"description":"","title":"Twitter (@albinowax)","sort_order":0,"url":"https://twitter.com/albinowax"},{"description":"","title":"Website","sort_order":0,"url":"https://jameskettle.com/"}],"media":[],"id":54156,"title":"Director of Research at PortSwigger"}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:06:21Z","links":[],"end":"2024-08-09T19:15:00.000-0000","id":54817,"tag_ids":[46166,46169,46419,46437,46438,46880],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"Exploit 🪲, Demo 💻, Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54156}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-07-08T18:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Introduced in 2011, HID Global’s iCLASS SE solution is one of the world’s most widely-deployed Electronic Physical Access Control platforms. HID's iCLASS SE Readers are ubiquitous in electronic physical access control and used in most government agencies and Fortune 500 companies. The readers can be easily seen and identified in almost every form of mainstream media. Almost 13 years after iCLASS SE’s introduction, ground-breaking research and technical exploits will be disclosed publicly for the first time. \r\n\r\nIn this talk, we detail the process by which we reverse engineered the complex hardware and software chain of trust securing HID’s iCLASS SE platform. \r\n\r\nOver a seven-year research period, we analyzed hardware, firmware, and software elements the ecosystem, uncovering an unfortunate series of pitfalls and implementation defects. These flaws culminated in an attack chain that allowed for the recovery of sensitive cryptographic key material from secure elements, which have received CC EAL 5+ accreditation. This chain resulted in revealing some cryptographic keys to the kingdom. \r\n\r\nFinally, we provide comprehensive guidance on technical and operational mitigations for end customers to identify practical risks and reduce impact.\r\n\r\nInspirational (research done on previous generation system) \r\n\r\n- Heart of Darkness - Milosch Meriac [link](https://get.meriac.com/docs/HID-iCLASS-security.pdf) \r\n- Dismantling iClass and iClass Elite - Garcia, de Koning Gans, Verdult, & Meriac [link](https://www.cs.bham.ac.uk/~garciaf/publications/dismantling.iClass.pdf) \r\n\n\n\n","media":[],"title":"High Intensity Deconstruction: Chronicles of a Cryptographic Heist","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T19:45:00Z","end_timestamp":{"seconds":1723232700,"nanoseconds":0},"android_description":"Introduced in 2011, HID Global’s iCLASS SE solution is one of the world’s most widely-deployed Electronic Physical Access Control platforms. HID's iCLASS SE Readers are ubiquitous in electronic physical access control and used in most government agencies and Fortune 500 companies. The readers can be easily seen and identified in almost every form of mainstream media. Almost 13 years after iCLASS SE’s introduction, ground-breaking research and technical exploits will be disclosed publicly for the first time. \r\n\r\nIn this talk, we detail the process by which we reverse engineered the complex hardware and software chain of trust securing HID’s iCLASS SE platform. \r\n\r\nOver a seven-year research period, we analyzed hardware, firmware, and software elements the ecosystem, uncovering an unfortunate series of pitfalls and implementation defects. These flaws culminated in an attack chain that allowed for the recovery of sensitive cryptographic key material from secure elements, which have received CC EAL 5+ accreditation. This chain resulted in revealing some cryptographic keys to the kingdom. \r\n\r\nFinally, we provide comprehensive guidance on technical and operational mitigations for end customers to identify practical risks and reduce impact.\r\n\r\nInspirational (research done on previous generation system) \r\n\r\n- Heart of Darkness - Milosch Meriac [link](https://get.meriac.com/docs/HID-iCLASS-security.pdf) \r\n- Dismantling iClass and iClass Elite - Garcia, de Koning Gans, Verdult, & Meriac [link](https://www.cs.bham.ac.uk/~garciaf/publications/dismantling.iClass.pdf)","updated_timestamp":{"seconds":1720461961,"nanoseconds":0},"speakers":[{"content_ids":[54443],"conference_id":133,"event_ids":[54816],"name":"Babak Javadi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Red Team Alliance","title":"Co-Founder"},{"organization":"The CORE Group","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@babakjavadi)","sort_order":0,"url":"https://twitter.com/babakjavadi"}],"media":[],"id":54074,"title":"Founder at The CORE Group"},{"content_ids":[54443],"conference_id":133,"event_ids":[54816],"name":"Nick Draffen","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Product Security Architect"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@tcprst)","sort_order":0,"url":"https://twitter.com/tcprst"}],"media":[],"id":54083,"title":"Product Security Architect"},{"content_ids":[54443],"conference_id":133,"event_ids":[54816],"name":"Aaron Levy","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Clover","title":"Lead of Security Engineering"}],"links":[],"pronouns":null,"media":[],"id":54150,"title":"Lead of Security Engineering at Clover"}],"begin_tsz":"2024-08-09T18:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:06:01Z","links":[],"end":"2024-08-09T19:45:00.000-0000","id":54816,"tag_ids":[46166,46169,46419,46437,46881],"village_id":null,"begin_timestamp":{"seconds":1723228200,"nanoseconds":0},"includes":"Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":2,"person_id":54074},{"tag_id":46167,"sort_order":4,"person_id":54150},{"tag_id":46167,"sort_order":6,"person_id":54083}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-09T18:30:00.000-0000","updated":"2024-07-08T18:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There are many hurdles we have to solve before we can make Quantum Computing a part of our everyday lives. Yes, we need to work out how to build it, and what we're actually going to run on it, but ignore that for now: we also need to figure out how we program it.\r\n\r\nUp until now most quantum programming frameworks have been written in Python, and simply serialize to simplistic string-based representations that are sent over a REST API to cloud-connected quantum hardware. But this ignores the history of classical programming infrastructure, and the fact that no algorithm is purely quantum -- there is bound to be expensive and interwoven classical processing, and we need to take this into account.\r\n\r\nJosh will chat about how we are planning to bring quantum to the existing LLVM compiler toolchain, show what quantum programming and compilation looks like today (and in the future!), and how you might be able to help us build it.\n\n\n","media":[],"title":"How do we make LLVM quantum?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:15:00Z","end_timestamp":{"seconds":1723230900,"nanoseconds":0},"android_description":"There are many hurdles we have to solve before we can make Quantum Computing a part of our everyday lives. Yes, we need to work out how to build it, and what we're actually going to run on it, but ignore that for now: we also need to figure out how we program it.\r\n\r\nUp until now most quantum programming frameworks have been written in Python, and simply serialize to simplistic string-based representations that are sent over a REST API to cloud-connected quantum hardware. But this ignores the history of classical programming infrastructure, and the fact that no algorithm is purely quantum -- there is bound to be expensive and interwoven classical processing, and we need to take this into account.\r\n\r\nJosh will chat about how we are planning to bring quantum to the existing LLVM compiler toolchain, show what quantum programming and compilation looks like today (and in the future!), and how you might be able to help us build it.","updated_timestamp":{"seconds":1722626503,"nanoseconds":0},"speakers":[{"content_ids":[55842],"conference_id":133,"event_ids":[56429],"name":"Josh Isaac","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56219}],"begin_tsz":"2024-08-09T18:25:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:21:43Z","links":[],"end":"2024-08-09T19:15:00.000-0000","id":56429,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723227900,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56219}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-09T18:25:00.000-0000","updated":"2024-08-02T19:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In today's dynamic cybersecurity landscape, organizations and security professionals are constantly seeking innovative approaches to enhance their defensive capabilities. One such approach involves leveraging cloud-native technologies to build a robust platform for security operations and capture the flag (CTF) events. By combining the power of Cilium, Arkime, and Amazon Elastic Kubernetes Service (EKS), you can create a comprehensive solution that empowers security teams with unprecedented visibility, observability, and control over their environments.\r\n\r\nEnhancing Security Operations from Layer 3 to Layer 7\r\nThis cloud-native platform integrates Cilium, Arkime, and EKS to provide a holistic view of network activities and potential threats from Layer 3 to Layer 7 of the OSI model. Cilium, leveraging eBPF (Extended Berkeley Packet Filter) technology, offers deep visibility into network traffic, enabling security teams to observe and analyze network flows from the Network layer to the Application layer. This allows for the detection of anomalous behavior and the enforcement of security policies at a granular level. Arkime complements this by providing large-scale packet capture and analysis, allowing security professionals to perform in-depth forensic analysis and threat hunting. By integrating Arkime with Cilium, security teams can seamlessly correlate network flows with packet data, offering a comprehensive understanding of network activities.\r\n\r\nScalability, Flexibility, and Community Collaboration\r\nAmazon EKS underpins this platform, providing a scalable and resilient infrastructure for deploying and managing Kubernetes clusters. This enables security teams to focus on core operations without worrying about the underlying infrastructure. The platform's scalability ensures it can handle large-scale CTF events or security incidents. During the Defcon Blue Team Village talk, attendees will learn about the integration and deployment process of this platform, including the challenges faced and solutions implemented. Post-conference, the platform will be released for public use, allowing the security community to leverage, contribute to, and enhance this innovative solution for their own security operations and CTF events. This collaborative effort aims to collectively advance the capabilities of cloud-native security platforms.\n\n\nIn today's dynamic cybersecurity landscape, organizations and security professionals are constantly seeking innovative approaches to enhance their defensive capabilities. One such approach involves leveraging cloud-native technologies to build a robust platform for security operations and capture the flag (CTF) events. By combining the power of Cilium, Arkime, and Amazon Elastic Kubernetes Service (EKS), you can create a comprehensive solution that empowers security teams with unprecedented visibility, observability, and control over their environments.","media":[],"title":"Cloud Native Security Platform for Defenders","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:15:00Z","end_timestamp":{"seconds":1723230900,"nanoseconds":0},"android_description":"In today's dynamic cybersecurity landscape, organizations and security professionals are constantly seeking innovative approaches to enhance their defensive capabilities. One such approach involves leveraging cloud-native technologies to build a robust platform for security operations and capture the flag (CTF) events. By combining the power of Cilium, Arkime, and Amazon Elastic Kubernetes Service (EKS), you can create a comprehensive solution that empowers security teams with unprecedented visibility, observability, and control over their environments.\r\n\r\nEnhancing Security Operations from Layer 3 to Layer 7\r\nThis cloud-native platform integrates Cilium, Arkime, and EKS to provide a holistic view of network activities and potential threats from Layer 3 to Layer 7 of the OSI model. Cilium, leveraging eBPF (Extended Berkeley Packet Filter) technology, offers deep visibility into network traffic, enabling security teams to observe and analyze network flows from the Network layer to the Application layer. This allows for the detection of anomalous behavior and the enforcement of security policies at a granular level. Arkime complements this by providing large-scale packet capture and analysis, allowing security professionals to perform in-depth forensic analysis and threat hunting. By integrating Arkime with Cilium, security teams can seamlessly correlate network flows with packet data, offering a comprehensive understanding of network activities.\r\n\r\nScalability, Flexibility, and Community Collaboration\r\nAmazon EKS underpins this platform, providing a scalable and resilient infrastructure for deploying and managing Kubernetes clusters. This enables security teams to focus on core operations without worrying about the underlying infrastructure. The platform's scalability ensures it can handle large-scale CTF events or security incidents. During the Defcon Blue Team Village talk, attendees will learn about the integration and deployment process of this platform, including the challenges faced and solutions implemented. Post-conference, the platform will be released for public use, allowing the security community to leverage, contribute to, and enhance this innovative solution for their own security operations and CTF events. This collaborative effort aims to collectively advance the capabilities of cloud-native security platforms.\n\n\nIn today's dynamic cybersecurity landscape, organizations and security professionals are constantly seeking innovative approaches to enhance their defensive capabilities. One such approach involves leveraging cloud-native technologies to build a robust platform for security operations and capture the flag (CTF) events. By combining the power of Cilium, Arkime, and Amazon Elastic Kubernetes Service (EKS), you can create a comprehensive solution that empowers security teams with unprecedented visibility, observability, and control over their environments.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55756],"conference_id":133,"event_ids":[56281],"name":"Dafinga","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56167}],"begin_tsz":"2024-08-09T18:15:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-09T19:15:00.000-0000","id":56281,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723227300,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56167}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-09T18:15:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Richard Branson is oft quoted with the quip that the quickest way to become a millionaire in the Airline Industry is to start as a billionaire. An Industry constrained by high fixed capital costs, bi-lateral capacity treaties, airport slots and curfews, labour etc; Airlines use the practice of revenue management to fill planes, maximise earnings and keep competitors at bay. But you’re not interested in an economics talk – this is a hacker con. I’m here to provide a birds-eye view and introduction into how fares and ticketing work, debunking some myths while outlining system constraints and limitations that introduce vulnerabilities. As an outcome, attendees should gain an introductory understanding of airline industry pricing, published fares and terminology. With most blogged 'deals' patched quicker than RCEs, the deeper understanding of not what but how, facilitates a progression for those interested to interact on more specialised discussion forums.\n\n\n","media":[],"title":"An adversarial approach to Airline Revenue Management Proving Ground","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:30:00Z","end_timestamp":{"seconds":1723228200,"nanoseconds":0},"android_description":"Richard Branson is oft quoted with the quip that the quickest way to become a millionaire in the Airline Industry is to start as a billionaire. An Industry constrained by high fixed capital costs, bi-lateral capacity treaties, airport slots and curfews, labour etc; Airlines use the practice of revenue management to fill planes, maximise earnings and keep competitors at bay. But you’re not interested in an economics talk – this is a hacker con. I’m here to provide a birds-eye view and introduction into how fares and ticketing work, debunking some myths while outlining system constraints and limitations that introduce vulnerabilities. As an outcome, attendees should gain an introductory understanding of airline industry pricing, published fares and terminology. With most blogged 'deals' patched quicker than RCEs, the deeper understanding of not what but how, facilitates a progression for those interested to interact on more specialised discussion forums.","updated_timestamp":{"seconds":1723168573,"nanoseconds":0},"speakers":[{"content_ids":[56176],"conference_id":133,"event_ids":[56830],"name":"Craig Lester","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56559}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T01:56:13Z","links":[],"end":"2024-08-09T18:30:00.000-0000","id":56830,"tag_ids":[46366,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56559}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-08-09T01:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Put your skills to the test in this challenge and try to find all the vulnerabilities in the code. We have a wide range of challenges, from easy to advanced in various languages. Can you find them all?\n\n\n","media":[],"title":"Activity: Vulnerability Hunt - The Snippets Edition","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Put your skills to the test in this challenge and try to find all the vulnerabilities in the code. We have a wide range of challenges, from easy to advanced in various languages. Can you find them all?","updated_timestamp":{"seconds":1723007517,"nanoseconds":0},"speakers":[{"content_ids":[56163,56167],"conference_id":133,"event_ids":[56807,56811,56814,56823],"name":"Mário Leitão-Teixeira","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56550}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T05:11:57Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56823,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56550}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 1","hotel":"","short_name":"ASV Pod 1","id":46466},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-08-07T05:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Before you can deal with secrets sprawl, you first need to understand how deep the issue of plaintext secrets can be. Improperly stored and shared secrets are a problem beyond just the top layer of code you put in production. It affects feature branches, old commits, logs, and communication and collaboration tools.\r\n\r\nIn this exercise, you will be challenged to find all the secrets and then use a special tool to quickly validate the secrets and your work. Walk away from this exercise ready to apply the lessons learned to make your organization safer in no time.\n\n\n","media":[],"title":"Activity: Spot the Secrets: Finding Secrets Throughout Your Environments by GitGuardian","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Before you can deal with secrets sprawl, you first need to understand how deep the issue of plaintext secrets can be. Improperly stored and shared secrets are a problem beyond just the top layer of code you put in production. It affects feature branches, old commits, logs, and communication and collaboration tools.\r\n\r\nIn this exercise, you will be challenged to find all the secrets and then use a special tool to quickly validate the secrets and your work. Walk away from this exercise ready to apply the lessons learned to make your organization safer in no time.","updated_timestamp":{"seconds":1723007453,"nanoseconds":0},"speakers":[{"content_ids":[56165],"conference_id":133,"event_ids":[56809,56817,56818],"name":"mcdwayne","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56551}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T05:10:53Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56809,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56551}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 2","hotel":"","short_name":"ASV Pod 2","id":46467},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-08-07T05:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Find the reachable one! You’ve got 18x18 inch game board, 5 cards, 5 code weaknesses, and a 5-minute sand timer, ready, set, go! You'll have 5 minutes to place the cards in the correct order and find the true positive(s). The winner? Whoever finds the solution in the shortest amount of time!\n\n\n","media":[],"title":"Activity: Spot the Reachable by Backslash","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#ec8041","name":"Creator Tabletop Exercise","updated_tsz":"2024-08-04T15:14:02Z","id":46830},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Find the reachable one! You’ve got 18x18 inch game board, 5 cards, 5 code weaknesses, and a 5-minute sand timer, ready, set, go! You'll have 5 minutes to place the cards in the correct order and find the true positive(s). The winner? Whoever finds the solution in the shortest amount of time!","updated_timestamp":{"seconds":1723007403,"nanoseconds":0},"speakers":[{"content_ids":[56164],"conference_id":133,"event_ids":[56808,56815,56816],"name":"Czesia Glik","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56548},{"content_ids":[56164],"conference_id":133,"event_ids":[56808,56815,56816],"name":"Yossi Pik","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Backslash Security","title":"CTO & Co-Founder"}],"links":[],"pronouns":null,"media":[],"id":56553,"title":"CTO & Co-Founder at Backslash Security"}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T05:10:03Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56808,"tag_ids":[46370,46830],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56548},{"tag_id":46167,"sort_order":4,"person_id":56553}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Pod 3","hotel":"","short_name":"ASV Pod 3","id":46468},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-08-07T05:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Operational security (OpSec) is a cornerstone in red teaming, necessitating continuous refinement of tools and techniques to avoid detection. This workshop is designed for new red team operators and individuals seeking to enhance their offensive capabilities. It focuses on customizing the Impacket toolset—a collection of Python classes for working with network protocols—to improve OpSec during engagements. Impacket tools such as wmiexec, smbexec, and secretsdump are staples in the toolkit of any red teamer due to their versatility and power in gaining access and extracting sensitive data from Windows environments. However, their detectability has increased as defensive measures have become more sophisticated. This session proposes modifications to these tools to reduce their footprint and evade modern security defenses. Participants will explore various customization strategies, including altering network signatures, timing attacks to evade detection, and integrating stealthier authentication methods. Practical exercises will guide attendees through the process of modifying the Impacket scripts, demonstrating how these changes can significantly enhance operational security in simulated environments.\n\n\n","media":[],"title":"Modifying Impacket for Better OpSec","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Operational security (OpSec) is a cornerstone in red teaming, necessitating continuous refinement of tools and techniques to avoid detection. This workshop is designed for new red team operators and individuals seeking to enhance their offensive capabilities. It focuses on customizing the Impacket toolset—a collection of Python classes for working with network protocols—to improve OpSec during engagements. Impacket tools such as wmiexec, smbexec, and secretsdump are staples in the toolkit of any red teamer due to their versatility and power in gaining access and extracting sensitive data from Windows environments. However, their detectability has increased as defensive measures have become more sophisticated. This session proposes modifications to these tools to reduce their footprint and evade modern security defenses. Participants will explore various customization strategies, including altering network signatures, timing attacks to evade detection, and integrating stealthier authentication methods. Practical exercises will guide attendees through the process of modifying the Impacket scripts, demonstrating how these changes can significantly enhance operational security in simulated environments.","updated_timestamp":{"seconds":1722715708,"nanoseconds":0},"speakers":[{"content_ids":[55277,55985],"conference_id":133,"event_ids":[55667,56607],"name":"Ryan O'Donnell","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":"Senior Offensive Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/odonnell-ryan"},{"description":"","title":"Twitter (@odiesec)","sort_order":0,"url":"https://twitter.com/odiesec"}],"media":[],"id":55828,"title":"Senior Offensive Security Engineer at Microsoft"}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T20:08:28Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56607,"tag_ids":[46367,46734],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":55828}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-08-03T20:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Esta palestra apresenta um estudo de caso real onde técnicas de Red Team foram cruciais para identificar e prender uma quadrilha de fraudadores especializada em esquemas financeiros. A equipe de Red Team conduziu simulações de ataques controlados, explorando vulnerabilidades na segurança da organização alvo.\n\n\n","media":[],"title":"Prendendo Fraudadores utilizando Técnicas de Red Team","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:00:00Z","end_timestamp":{"seconds":1723230000,"nanoseconds":0},"android_description":"Esta palestra apresenta um estudo de caso real onde técnicas de Red Team foram cruciais para identificar e prender uma quadrilha de fraudadores especializada em esquemas financeiros. A equipe de Red Team conduziu simulações de ataques controlados, explorando vulnerabilidades na segurança da organização alvo.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55958],"conference_id":133,"event_ids":[56574],"name":"Gustavo Roberto","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Old Pirate"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/gustavorobertux/"},{"description":"","title":"Twitter (@gustavorobertux)","sort_order":0,"url":"https://x.com/gustavorobertux"}],"media":[],"id":56293,"title":"Old Pirate"}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-09T19:00:00.000-0000","id":56574,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56293}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Imagine GCHQ's CyberChef integrated in BurpSuite with live modification of requests at your fingertips. That's exactly what we had in mind when we built the Cyber Security Transformation Chef (CSTC) a few years ago. The CSTC is an extension to the popular BurpSuite Proxy built for experts working with web applications. It enables users to define recipes that are applied to outgoing or incoming HTTP requests/ responses automatically. Whatever quirks and specialties an application might challenge you with during an assessment, the CSTC has you covered. Furthermore, it allows to quickly apply custom formatting to a chosen message, if a more detailed analysis is needed\n\n\n","media":[],"title":"Arsenal: CyberChef like Automation within BurpSuite - Let's get cooking with the CSTC","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Imagine GCHQ's CyberChef integrated in BurpSuite with live modification of requests at your fingertips. That's exactly what we had in mind when we built the Cyber Security Transformation Chef (CSTC) a few years ago. The CSTC is an extension to the popular BurpSuite Proxy built for experts working with web applications. It enables users to define recipes that are applied to outgoing or incoming HTTP requests/ responses automatically. Whatever quirks and specialties an application might challenge you with during an assessment, the CSTC has you covered. Furthermore, it allows to quickly apply custom formatting to a chosen message, if a more detailed analysis is needed","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55732,54194],"conference_id":133,"event_ids":[56259,54563],"name":"Florian Haag","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"usd AG","title":"Managing Security Consultant"}],"links":[],"pronouns":null,"media":[],"id":53737,"title":"Managing Security Consultant at usd AG"},{"content_ids":[55732,54194],"conference_id":133,"event_ids":[56259,54563],"name":"Matthias Göhring","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"usd AG","title":"Security Consultant and Penetration Tester"}],"links":[],"pronouns":null,"media":[],"id":53759,"title":"Security Consultant and Penetration Tester at usd AG"}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56259,"tag_ids":[46169,46370,46438,46511],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"Tool 🛠, Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53759},{"tag_id":46167,"sort_order":6,"person_id":53737}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Arsenal 2","hotel":"","short_name":"ASV Arsenal 2","id":46470},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn from the ground up how to take over the execution of another process and make it do your bidding! This workshop teaches you the basic to intermediate levels of runtime intra-process hacking on Windows and POSIX systems covering injecting code into another process on windows (and an overview of how this could be done on a POSIX system), locating specific code within an application in a update resistant manner, hooking and redirecting code execution using several techniques, abusing error handlers to disguise code and an overview of mitigation strategies to protect apps from intra-process hacking.\n\n\n","media":[],"title":"Mind-Controlling Other Applications: An intro to intra-process hacking","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"Learn from the ground up how to take over the execution of another process and make it do your bidding! This workshop teaches you the basic to intermediate levels of runtime intra-process hacking on Windows and POSIX systems covering injecting code into another process on windows (and an overview of how this could be done on a POSIX system), locating specific code within an application in a update resistant manner, hooking and redirecting code execution using several techniques, abusing error handlers to disguise code and an overview of mitigation strategies to protect apps from intra-process hacking.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55729],"conference_id":133,"event_ids":[56257],"name":"ILOVEPIE","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56077}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":56257,"tag_ids":[46370,46734],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56077}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Classroom","hotel":"","short_name":"ASV Classroom","id":46465},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AI Goat is a deliberately vulnerable AI infrastructure designed to help security enthusiasts and pen-testers understand and exploit AI-specific vulnerabilities based on the OWASP AI Top 10. This arsenal session will demonstrate how to deploy AI Goat, explore various vulnerabilities, and guide participants in exploiting these weaknesses. Attendees will engage hands-on with the tool, gaining practical experience in AI security. Deployment scripts will be open-source and available after the session.\n\n\n","media":[],"title":"Arsenal: AI Goat","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"AI Goat is a deliberately vulnerable AI infrastructure designed to help security enthusiasts and pen-testers understand and exploit AI-specific vulnerabilities based on the OWASP AI Top 10. This arsenal session will demonstrate how to deploy AI Goat, explore various vulnerabilities, and guide participants in exploiting these weaknesses. Attendees will engage hands-on with the tool, gaining practical experience in AI security. Deployment scripts will be open-source and available after the session.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55731],"conference_id":133,"event_ids":[56237],"name":"Ofir Yakobi","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56074},{"content_ids":[55731],"conference_id":133,"event_ids":[56237],"name":"Shir Sadon","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56085}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56237,"tag_ids":[46169,46370,46438,46511],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"Tool 🛠, Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":56074},{"tag_id":46167,"sort_order":1,"person_id":56085}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Arsenal 1","hotel":"","short_name":"ASV Arsenal 1","id":46469},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cross-site scripting (XSS) remains a top web vulnerability. Google has invested heavily in defenses, and in this talk, we'll share our blueprint for protecting your code. We'll discuss how we implemented runtime and compile-time protections across hundreds of products used by billions, highlighting technical lessons and best practices. We'll also glimpse into the future of anti-XSS defenses and explore how we can make the web safer for everyone.\n\n\n","media":[],"title":"Securing Frontends at Scale: Paving our Way to the Post-XSS World","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:30:00Z","end_timestamp":{"seconds":1723228200,"nanoseconds":0},"android_description":"Cross-site scripting (XSS) remains a top web vulnerability. Google has invested heavily in defenses, and in this talk, we'll share our blueprint for protecting your code. We'll discuss how we implemented runtime and compile-time protections across hundreds of products used by billions, highlighting technical lessons and best practices. We'll also glimpse into the future of anti-XSS defenses and explore how we can make the web safer for everyone.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55728],"conference_id":133,"event_ids":[56236],"name":"Aaron Shim","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56100},{"content_ids":[55728],"conference_id":133,"event_ids":[56236],"name":"jen-ozmen","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56126}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T18:30:00.000-0000","id":56236,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56100},{"tag_id":46167,"sort_order":1,"person_id":56126}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Glad Scientist will share their experiences and techniques for building out immersive performances, with a specific focus on their unique use of XR and generative AI in their process. Expect VR modular synthesis, weird generative AI hacks, and a lot of talk about breaking things in the name of creativity! This session is beginner-friendly, and attendees are welcome to follow along and test these techniques, or to listen and ask questions.\n\n\n","media":[],"title":"Trip Through Reality XR for Performances Masterclass with the Glad Scientist","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"The Glad Scientist will share their experiences and techniques for building out immersive performances, with a specific focus on their unique use of XR and generative AI in their process. Expect VR modular synthesis, weird generative AI hacks, and a lot of talk about breaking things in the name of creativity! This session is beginner-friendly, and attendees are welcome to follow along and test these techniques, or to listen and ask questions.","updated_timestamp":{"seconds":1722368911,"nanoseconds":0},"speakers":[{"content_ids":[55579],"conference_id":133,"event_ids":[56101],"name":"The Glad Scientist","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"they/them","links":[{"description":"","title":"thegladscientist.info/4023/","sort_order":0,"url":"https://thegladscientist.info/4023/"}],"media":[],"id":56044}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T19:48:31Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":56101,"tag_ids":[46397,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56044}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-06","hotel":"","short_name":"HW4-01-06","id":46354},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-30T19:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The \"5G Security Infrastructure\" workshop at DEFCON begins with an overview of 5G infrastructure security. Module 1 covers 5G security architecture, RAN architecture, deployment models, critical components, and assessment methods. Module 2 examines new 5G protocols and their security impacts, including SBA, HTTP2, JSON API, N32 interface, PFCP, and SEPP. Module 3 explores network access security, SIM card security, 5G AKA, SUPI, and SUCI. Module 4 presents a 5G threat case study, with hands-on activities in UE & PT configuration, RAN security, and API testing\n\n\n","media":[{"hash_sha256":"a34c663c52b0aea8f6604b8afbcd36481eb5e5d308c0a7ba8146a2bbecdbe8e3","filetype":"image/webp","hash_md5":"896c3dc790f54fee550b83254036da28","name":"content_telecom_5gfortress.webp","is_logo":"Y","hash_crc32c":"4fdf800f","filesize":110834,"asset_id":827,"sort_order":1,"url":"https://info.defcon.org/blobs/content_telecom_5gfortress.webp"}],"title":"5G Fortress","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"The \"5G Security Infrastructure\" workshop at DEFCON begins with an overview of 5G infrastructure security. Module 1 covers 5G security architecture, RAN architecture, deployment models, critical components, and assessment methods. Module 2 examines new 5G protocols and their security impacts, including SBA, HTTP2, JSON API, N32 interface, PFCP, and SEPP. Module 3 explores network access security, SIM card security, 5G AKA, SUPI, and SUCI. Module 4 presents a 5G threat case study, with hands-on activities in UE & PT configuration, RAN security, and API testing","updated_timestamp":{"seconds":1722352158,"nanoseconds":0},"speakers":[{"content_ids":[55557,55559,55562],"conference_id":133,"event_ids":[56072,56074,56077],"name":"Akib Sayyed","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Matrix Shell Technologies","title":"Founder and Director"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/akibsayyed/"},{"description":"","title":"Twitter (@akibsayyed)","sort_order":0,"url":"https://twitter.com/@akibsayyed"}],"media":[],"id":56031,"title":"Founder and Director at Matrix Shell Technologies"}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T15:09:18Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":56074,"tag_ids":[46395,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56031}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W201","hotel":"","short_name":"W201","id":46281},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-30T15:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Begins Friday at 12:00 (11:00 for the pre-tournament poker clinic)\r\n\r\nWe’re going all in on internet freedom. Take a break from hacking the Gibson to face off with your competition at the tables—and benefit EFF! Your buy-in is paired with a donation to support EFF’s mission to protect online privacy and free expression for all. Play for glory. Play for money. Play for the future of the web. Seating is limited, so reserve your spot today.\n\n\n","media":[{"hash_sha256":"9f0243615ab7fd284e339e0d1f9eaa7cf221334cff36dfb491fe00ab11d19367","filetype":"image/png","hash_md5":"dcf800a22d838c6f4fa8156eba650a8f","name":"ct_eff-poker-dogs.png","is_logo":"Y","hash_crc32c":"26e14ace","filesize":106506,"asset_id":638,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_eff-poker-dogs.png"}],"title":"Betting on Your Digital Rights: 3rd Annual EFF Benefit Poker Tournament at DEF CON 32","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"Begins Friday at 12:00 (11:00 for the pre-tournament poker clinic)\r\n\r\nWe’re going all in on internet freedom. Take a break from hacking the Gibson to face off with your competition at the tables—and benefit EFF! Your buy-in is paired with a donation to support EFF’s mission to protect online privacy and free expression for all. Play for glory. Play for money. Play for the future of the web. Seating is limited, so reserve your spot today.","updated_timestamp":{"seconds":1722312157,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T04:02:37Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249415"},{"label":"More Info","type":"link","url":"https://www.eff.org/poker"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249414"}],"end":"2024-08-09T18:00:00.000-0000","id":56070,"tag_ids":[46427,46439,46754],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-30T04:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Zoogleta has been scheming to corporatize and enshittify the Internet through regulatory capture, squashing indy devs, and commodifying users.\r\n\r\nYou've been contacted by journalists and whistleblowers who need help sifting through some big dumps of encrypted data and password hashes.\r\n\r\nHelp them so they can publish the smoking gun, crash Zoogleta's stock price, and get their leadership and the corrupt politicians they own arrested by exposing their internal dirt, for great justice.\r\n\r\nTime is of the essence! You will have 48 hours to crack as many files and hashes as possible.\r\n\r\nOpen to all; preregistration is recommended. Compete in the Street class for individuals or small teams, or in Pro if you do not want to sleep all weekend. Check out past years' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/\n\n\n","media":[{"hash_sha256":"8c55b933bea038dc88c4628f4a2689a38cb05c0482e20738f947c7c0a6d0bd03","filetype":"image/png","hash_md5":"1747482750537af24b802702bb112b7e","name":"ct_crackmeifyoucan.png","is_logo":"Y","hash_crc32c":"398a67a5","filesize":50685,"asset_id":721,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_crackmeifyoucan.png"}],"title":"CrackMeIfYouCan","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T18:00:00Z","end_timestamp":{"seconds":1723399200,"nanoseconds":0},"android_description":"Zoogleta has been scheming to corporatize and enshittify the Internet through regulatory capture, squashing indy devs, and commodifying users.\r\n\r\nYou've been contacted by journalists and whistleblowers who need help sifting through some big dumps of encrypted data and password hashes.\r\n\r\nHelp them so they can publish the smoking gun, crash Zoogleta's stock price, and get their leadership and the corrupt politicians they own arrested by exposing their internal dirt, for great justice.\r\n\r\nTime is of the essence! You will have 48 hours to crack as many files and hashes as possible.\r\n\r\nOpen to all; preregistration is recommended. Compete in the Street class for individuals or small teams, or in Pro if you do not want to sleep all weekend. Check out past years' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/","updated_timestamp":{"seconds":1722310455,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:34:15Z","links":[{"label":"More Info","type":"link","url":"https://www.crackmeifyoucan.com"},{"label":"Sub-Forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250053"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250054"},{"label":"Mastodon (@CrackMeIfYouCan@infosec.exchange)","type":"link","url":"https://infosec.exchange/@CrackMeIfYouCan"}],"end":"2024-08-11T18:00:00.000-0000","id":56039,"tag_ids":[46428,46439,46761],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"Y","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-30T03:34:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn how to program the DCNextGen Badge\n\n\n","media":[],"title":"Intro to Circuit Python (Badge class level 1)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T19:00:00Z","end_timestamp":{"seconds":1723230000,"nanoseconds":0},"android_description":"Learn how to program the DCNextGen Badge","updated_timestamp":{"seconds":1721785040,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T01:37:20Z","links":[],"end":"2024-08-09T19:00:00.000-0000","id":55755,"tag_ids":[46398,46641],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-24T01:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the realm of Operational Technology (OT) environments, incident response is a critical function that ensures the continuity and security of industrial processes. A thorough understanding of vendors, asset types, and associated frameworks is indispensable for effective incident management. This talk underscores the significance of this knowledge from an operator's perspective, highlighting how it can substantially enhance the ability of a cyber security analyst to respond to incidents swiftly and efficiently.\r\n\r\nKnowing your vendors and the specific types of assets deployed within an OT environment provides a foundational understanding that is crucial during an incident. Cyber Security analyst's equipped with detailed knowledge of where to locate critical configuration files and logs on OT devices can significantly streamline the incident response process. This insight is vital for establishing baselines, which are essential for detecting anomalies and potential threats. When an incident occurs, the ability to swiftly access and analyze these files can make the difference between a contained event and a widespread disruption.\n\n\n","media":[],"title":"Importance of ICS knowledge from a engineer's perspective","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:25:00Z","end_timestamp":{"seconds":1723227900,"nanoseconds":0},"android_description":"In the realm of Operational Technology (OT) environments, incident response is a critical function that ensures the continuity and security of industrial processes. A thorough understanding of vendors, asset types, and associated frameworks is indispensable for effective incident management. This talk underscores the significance of this knowledge from an operator's perspective, highlighting how it can substantially enhance the ability of a cyber security analyst to respond to incidents swiftly and efficiently.\r\n\r\nKnowing your vendors and the specific types of assets deployed within an OT environment provides a foundational understanding that is crucial during an incident. Cyber Security analyst's equipped with detailed knowledge of where to locate critical configuration files and logs on OT devices can significantly streamline the incident response process. This insight is vital for establishing baselines, which are essential for detecting anomalies and potential threats. When an incident occurs, the ability to swiftly access and analyze these files can make the difference between a contained event and a widespread disruption.","updated_timestamp":{"seconds":1721781474,"nanoseconds":0},"speakers":[{"content_ids":[55340,55349],"conference_id":133,"event_ids":[55732,55741],"name":"Ray Baeza","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Agriculture Defense Group","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":55964,"title":"Founder at Agriculture Defense Group"}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T00:37:54Z","links":[],"end":"2024-08-09T18:25:00.000-0000","id":55732,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55964}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-24T00:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This keynote panel will highlight the significance of an adversarial mindset. Through this discussion, we will cover the advantages of approaching challenges from the perspective of an adversary in our professional journeys, and discuss practical ways in which we have implemented this mindset in our work.\n\n\n","media":[],"title":"The Art of Critical Thinking through an Adversarial Mindset? (RTV Keynote)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:50:00Z","end_timestamp":{"seconds":1723229400,"nanoseconds":0},"android_description":"This keynote panel will highlight the significance of an adversarial mindset. Through this discussion, we will cover the advantages of approaching challenges from the perspective of an adversary in our professional journeys, and discuss practical ways in which we have implemented this mindset in our work.","updated_timestamp":{"seconds":1722720483,"nanoseconds":0},"speakers":[{"content_ids":[55175,55181,55265],"conference_id":133,"event_ids":[55563,55569,55655],"name":"Ben \"NahamSec\" Sadeghipour","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Hacking Hub","title":""}],"pronouns":null,"links":[{"description":"","title":"Twitter (@nahamsec)","sort_order":0,"url":"https://twitter.com/nahamsec"}],"media":[],"id":54808,"title":"Hacking Hub"},{"content_ids":[55324,55265],"conference_id":133,"event_ids":[55716,55655],"name":"YTCracker","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55915},{"content_ids":[54574,55265],"conference_id":133,"event_ids":[55655,54949],"name":"Savannah \"lazzslayer\" Lazzara","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56333},{"content_ids":[55265],"conference_id":133,"event_ids":[55655],"name":"Barrett \"pwneip\" Darnell","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56334},{"content_ids":[55265],"conference_id":133,"event_ids":[55655],"name":"Ryan M. \"0dayCTF\" Montgomery","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56335}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T21:28:03Z","links":[],"end":"2024-08-09T18:50:00.000-0000","id":55655,"tag_ids":[46392,46511],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46488,"sort_order":2,"person_id":54808},{"tag_id":46487,"sort_order":4,"person_id":55915},{"tag_id":46487,"sort_order":6,"person_id":56334},{"tag_id":46487,"sort_order":8,"person_id":56335},{"tag_id":46487,"sort_order":10,"person_id":56333}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W204-W207 (RTV)","hotel":"","short_name":"W204-W207 (RTV)","id":46283},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-08-03T21:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for an engaging and insightful panel discussion at the Bug Bounty Village, where community leaders from four of the world's leading bug bounty platforms—HackerOne, Synack, YesWeHack, and Intigriti—come together to share their expertise and vision for the future of bug bounty programs. This panel, moderated by a prominent hacker from the community, will explore the latest trends, challenges, and innovations in the bug bounty space. \r\n\r\nAttendees will gain valuable insights into how these platforms are evolving to meet the growing demands of cybersecurity, the strategies they employ to attract and retain top talent, and their perspectives on the impact of bug bounty programs on the broader security landscape. Through a crowdsourced Q&A session, community-driven questions will take center stage, allowing participants to delve into topics that matter most to them. \r\n\r\nWhether you are a seasoned bug bounty hunter, a security professional, or someone new to the field, this panel offers a unique opportunity to learn from the leaders shaping the future of vulnerability disclosure and rewarding ethical hacking. Don't miss this chance to connect with industry pioneers and contribute to the dialogue that drives innovation and collaboration in cybersecurity.\n\n\n","media":[],"title":"Panel of Bug Bounty Community Leaders","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:15:00Z","end_timestamp":{"seconds":1723230900,"nanoseconds":0},"android_description":"Join us for an engaging and insightful panel discussion at the Bug Bounty Village, where community leaders from four of the world's leading bug bounty platforms—HackerOne, Synack, YesWeHack, and Intigriti—come together to share their expertise and vision for the future of bug bounty programs. This panel, moderated by a prominent hacker from the community, will explore the latest trends, challenges, and innovations in the bug bounty space. \r\n\r\nAttendees will gain valuable insights into how these platforms are evolving to meet the growing demands of cybersecurity, the strategies they employ to attract and retain top talent, and their perspectives on the impact of bug bounty programs on the broader security landscape. Through a crowdsourced Q&A session, community-driven questions will take center stage, allowing participants to delve into topics that matter most to them. \r\n\r\nWhether you are a seasoned bug bounty hunter, a security professional, or someone new to the field, this panel offers a unique opportunity to learn from the leaders shaping the future of vulnerability disclosure and rewarding ethical hacking. Don't miss this chance to connect with industry pioneers and contribute to the dialogue that drives innovation and collaboration in cybersecurity.","updated_timestamp":{"seconds":1721437185,"nanoseconds":0},"speakers":[{"content_ids":[54547,55172],"conference_id":133,"event_ids":[55560,54922],"name":"Roni \"Lupin\" Carta","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Lupin & Holmes","title":"Co-Founder"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@0xlupin)","sort_order":0,"url":"https://twitter.com/0xlupin"}],"media":[],"id":54285,"title":"Co-Founder at Lupin & Holmes"},{"content_ids":[55172],"conference_id":133,"event_ids":[55560],"name":"Inti De Ceukelaire","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Intigriti","title":""}],"pronouns":null,"links":[{"description":"","title":"@securinti","sort_order":0,"url":"https://twitter.com/securinti"}],"media":[],"id":54819,"title":"Intigriti"},{"content_ids":[55172],"conference_id":133,"event_ids":[55560],"name":"Jessica Sexton","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"HackerOne","title":""}],"pronouns":null,"links":[{"description":"","title":"@sgtcardigan","sort_order":0,"url":"https://twitter.com/sgtcardigan"}],"media":[],"id":54824,"title":"HackerOne"},{"content_ids":[55172,55177],"conference_id":133,"event_ids":[55560,55565],"name":"Lucas Philippe","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"YesWeHack","title":""}],"pronouns":null,"links":[{"description":"","title":"@BitK","sort_order":0,"url":"https://twitter.com/BitK"}],"media":[],"id":54831,"title":"YesWeHack"},{"content_ids":[55172],"conference_id":133,"event_ids":[55560],"name":"Ryan Rutan","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SynAck","title":""}],"pronouns":null,"links":[{"description":"","title":"@ryanrutan","sort_order":0,"url":"https://twitter.com/ryanrutan"}],"media":[],"id":54837,"title":"SynAck"},{"content_ids":[55172],"conference_id":133,"event_ids":[55560],"name":"Michael \"codingo\" Skelton","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Bugcrowd","title":"VP of Operations"}],"pronouns":null,"links":[{"description":"","title":"Github","sort_order":0,"url":"https://github.com/codingo"},{"description":"","title":"Twitter (@codingo_)","sort_order":0,"url":"https://x.com/codingo_"},{"description":"","title":"YouTube","sort_order":0,"url":"https://youtube.com/codingo"}],"media":[],"id":55969,"title":"VP of Operations at Bugcrowd"}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T00:59:45Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#panel-of-bug-bounty-community-leaders"}],"end":"2024-08-09T19:15:00.000-0000","id":55560,"tag_ids":[46374,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":54819},{"tag_id":46487,"sort_order":4,"person_id":54824},{"tag_id":46487,"sort_order":6,"person_id":54837},{"tag_id":46487,"sort_order":8,"person_id":54831},{"tag_id":46487,"sort_order":10,"person_id":55969},{"tag_id":46488,"sort_order":12,"person_id":54285}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-20T00:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Expedient Digital Defense focuses on using free and readily available applications, or recommending paid-for commercial apps and tools that have proven records of credibility, to make our devices and online presence less harmful to us. We will follow a typical traveler in the United States, with some experiences drawn from overseas travel.\n\nThe talk stresses the value of Operational Security (OPSEC), and the mindset of seeing every piece of communication through the eyes of your adversary. The intent is to make people think twice before revealing anything considered sensitive, even if using the latest and greatest encryption. The surveillance economy and ever-present data collection in our modern world demand better awareness of how our digital world works. We’ll discuss examples like invasive social media collection, foreign influence on public perception, data insecurity putting users in danger, and advertising models based on location and click tracking.\n\nFinally, the take-away is knowing the tools and tech available, and being able to select those which fit your needs, if at all. Most of the time, one mitigation isn't enough, and several need to be emplaced to achieve proper defense in depth, in case one solution fails. Even if no technical solutions are put in place, the user will have that \"red team\" mindset and awareness that calibrates better judgment over technical solutions, and promotes OPSEC and rational thinking for security rather than blindly depending on apps and gadgets.\n\n\n","media":[],"title":"Travel Better: Expedient Digital Defense","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:30:00Z","end_timestamp":{"seconds":1723228200,"nanoseconds":0},"android_description":"Expedient Digital Defense focuses on using free and readily available applications, or recommending paid-for commercial apps and tools that have proven records of credibility, to make our devices and online presence less harmful to us. We will follow a typical traveler in the United States, with some experiences drawn from overseas travel.\n\nThe talk stresses the value of Operational Security (OPSEC), and the mindset of seeing every piece of communication through the eyes of your adversary. The intent is to make people think twice before revealing anything considered sensitive, even if using the latest and greatest encryption. The surveillance economy and ever-present data collection in our modern world demand better awareness of how our digital world works. We’ll discuss examples like invasive social media collection, foreign influence on public perception, data insecurity putting users in danger, and advertising models based on location and click tracking.\n\nFinally, the take-away is knowing the tools and tech available, and being able to select those which fit your needs, if at all. Most of the time, one mitigation isn't enough, and several need to be emplaced to achieve proper defense in depth, in case one solution fails. Even if no technical solutions are put in place, the user will have that \"red team\" mindset and awareness that calibrates better judgment over technical solutions, and promotes OPSEC and rational thinking for security rather than blindly depending on apps and gadgets.","updated_timestamp":{"seconds":1720331869,"nanoseconds":0},"speakers":[{"content_ids":[54553,56218],"conference_id":133,"event_ids":[56872,56878,54928],"name":"Grey Fox","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54320}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:49Z","links":[],"end":"2024-08-09T18:30:00.000-0000","id":54928,"tag_ids":[46377,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54320}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Step into the mind of a bug bounty hunter as I take you on a journey through my own adventures in vulnerability hunting. In this presentation, I’ll share some of the most intriguing bugs I've discovered, from the shockingly/stupidly simple to the mind-bendingly complex.\n\nWe'll start with the surprising simplicity of some bugs, but as the hunt isn’t always so simple, I’ll also reveal some complex bug chains that required advanced knowledge, lot of work and probably some hacker's intuition to know it was worth pushing further.\n\nIf you want to know how a coffee break gave me the opportunity to get infinite money, or how a vulnerable CAPTCHA helped me to break the encryption of a sensitive application - you're in the right place!\n\n\n","media":[],"title":"From Easy Wins to Epic Challenges: Bounty Hunter Edition","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T19:00:00Z","end_timestamp":{"seconds":1723230000,"nanoseconds":0},"android_description":"Step into the mind of a bug bounty hunter as I take you on a journey through my own adventures in vulnerability hunting. In this presentation, I’ll share some of the most intriguing bugs I've discovered, from the shockingly/stupidly simple to the mind-bendingly complex.\n\nWe'll start with the surprising simplicity of some bugs, but as the hunt isn’t always so simple, I’ll also reveal some complex bug chains that required advanced knowledge, lot of work and probably some hacker's intuition to know it was worth pushing further.\n\nIf you want to know how a coffee break gave me the opportunity to get infinite money, or how a vulnerable CAPTCHA helped me to break the encryption of a sensitive application - you're in the right place!","updated_timestamp":{"seconds":1720331869,"nanoseconds":0},"speakers":[{"content_ids":[54551],"conference_id":133,"event_ids":[54926],"name":"Daniel \"Blaklis\" Le Gall","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@Blaklis_)","sort_order":0,"url":"https://twitter.com/Blaklis_"}],"media":[],"id":54236}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:49Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#from-easy-wins-to-epic-challenges-bounty-hunter"}],"end":"2024-08-09T19:00:00.000-0000","id":54926,"tag_ids":[46374,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54236}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The DOE National Lab mission space includes exploring the use of disruptive technology to enable increasing efficiency and abilities of operations critical to national security, infrastructure, communication, and many other fields. The XR field has become a new area of active research and implementation at many national labs across the US, integrating with cutting edge hardware and software to enable users with increased capabilities. At the Pacific Northwest National Lab (PNNL), we have been using immersive XR platforms to enable a variety of government and external sponsors with novel approaches to their field. These include creating new 3D virtual twins to enable remote engagements as if remote users had access to one-of-a-kind lab equipment, creating simulation environments of hazardous environments or dangerous situations that can’t be recreated in the real world, and outreach and communication projects to engage both sponsors and the public with critical information about current security threats. During this presentation I will touch on a few case studies of projects taken on at PNNL to make the best use of XR platforms, and where we see future development with this capability.\n\n\n","media":[],"title":"National Labs Use of XR","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:30:00Z","end_timestamp":{"seconds":1723228200,"nanoseconds":0},"android_description":"The DOE National Lab mission space includes exploring the use of disruptive technology to enable increasing efficiency and abilities of operations critical to national security, infrastructure, communication, and many other fields. The XR field has become a new area of active research and implementation at many national labs across the US, integrating with cutting edge hardware and software to enable users with increased capabilities. At the Pacific Northwest National Lab (PNNL), we have been using immersive XR platforms to enable a variety of government and external sponsors with novel approaches to their field. These include creating new 3D virtual twins to enable remote engagements as if remote users had access to one-of-a-kind lab equipment, creating simulation environments of hazardous environments or dangerous situations that can’t be recreated in the real world, and outreach and communication projects to engage both sponsors and the public with critical information about current security threats. During this presentation I will touch on a few case studies of projects taken on at PNNL to make the best use of XR platforms, and where we see future development with this capability.","updated_timestamp":{"seconds":1720331869,"nanoseconds":0},"speakers":[{"content_ids":[54550],"conference_id":133,"event_ids":[54925],"name":"Martin Pratt","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Pacific Northwest National Lab","title":"Lead, Immersive Computing Development Team"}],"links":[],"pronouns":null,"media":[],"id":54251,"title":"Lead, Immersive Computing Development Team at Pacific Northwest National Lab"}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:49Z","links":[],"end":"2024-08-09T18:30:00.000-0000","id":54925,"tag_ids":[46169,46397,46419,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54251}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"On Fri, 29 Mar 2024, at exactly 08:51:26, OSS security received a message from Andres Freund, a software engineer at Microsoft, stating he had discovered a backdoor in upstream xz/liblzma that could compromise SSH servers. The open-source project XZ, specifically the liblzma library, has been compromised by a mysterious maintainer named Jia Tan, putting the entire internet at risk. Fortunately, this discovery helped us avoid the worst.\r\n\r\nBut what happened? How long has this rogue maintainer been part of the project? Who is Jia Tan? Was he involved in other projects? How does the backdoor work? And what should we learn from this?\r\n\r\nThese are questions we will attempt to answer. First, we will discuss the discovery, which is so riddled with coincidences and chance that it's hard not to think about all the ones we've missed. Then, we'll examine the process itself, from gaining trust within the project to deploying the backdoor, dissecting the operating methods and the main protagonists. We will also dive into the technical details, explaining how the backdoor is deployed and how it can be exploited.\r\n\r\nThe XZ backdoor is not just an incredible undercover operation but also a gigantic puzzle to solve. Beyond the technical background, there is a story to tell here, to capitalize on what went wrong and what we could improve.\r\n\r\n- OSS Security Andres Freund Email: [link](https://www.openwall.com/lists/oss-security/2024/03/29/4)\r\n- My work on the XZ Backdoor: [link](https://x.com/fr0gger_/status/1774342248437813525)\r\n- Second tweet of the XZ Backdoor: [link](https://x.com/fr0gger_/status/1775759514249445565)\r\n- Additional works related to my presentation:\r\n - Gynvael Coldwind: [link](https://gynvael.coldwind.pl/?lang=en&id=782)\r\n - [link](https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27) by @thesamesam@social.treehouse.systems\r\n - [link](https://boehs.org/node/everything-i-know-about-the-xz-backdoor) by @eb@social.coop\r\n - [link](https://wiz.io/blog/cve-2024-3094-critical-rce-vulnerability-found-in-xz-utils) by @wiz_io\r\n - [link](https://gist.github.com/smx-smx/a6112d54777845d389bd7126d6e9f504) by smx\r\n - [link](https://securelist.com/xz-backdoor-story-part-1/112354/) by Kaspersky\r\n - [link](https://github.com/blasty/JiaTansSSHAgent) by @bl4sty\r\n\n\n\n","media":[],"title":"The XZ Backdoor Story: The Undercover Operation That Set the Internet on Fire","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T18:45:00Z","end_timestamp":{"seconds":1723229100,"nanoseconds":0},"android_description":"On Fri, 29 Mar 2024, at exactly 08:51:26, OSS security received a message from Andres Freund, a software engineer at Microsoft, stating he had discovered a backdoor in upstream xz/liblzma that could compromise SSH servers. The open-source project XZ, specifically the liblzma library, has been compromised by a mysterious maintainer named Jia Tan, putting the entire internet at risk. Fortunately, this discovery helped us avoid the worst.\r\n\r\nBut what happened? How long has this rogue maintainer been part of the project? Who is Jia Tan? Was he involved in other projects? How does the backdoor work? And what should we learn from this?\r\n\r\nThese are questions we will attempt to answer. First, we will discuss the discovery, which is so riddled with coincidences and chance that it's hard not to think about all the ones we've missed. Then, we'll examine the process itself, from gaining trust within the project to deploying the backdoor, dissecting the operating methods and the main protagonists. We will also dive into the technical details, explaining how the backdoor is deployed and how it can be exploited.\r\n\r\nThe XZ backdoor is not just an incredible undercover operation but also a gigantic puzzle to solve. Beyond the technical background, there is a story to tell here, to capitalize on what went wrong and what we could improve.\r\n\r\n- OSS Security Andres Freund Email: [link](https://www.openwall.com/lists/oss-security/2024/03/29/4)\r\n- My work on the XZ Backdoor: [link](https://x.com/fr0gger_/status/1774342248437813525)\r\n- Second tweet of the XZ Backdoor: [link](https://x.com/fr0gger_/status/1775759514249445565)\r\n- Additional works related to my presentation:\r\n - Gynvael Coldwind: [link](https://gynvael.coldwind.pl/?lang=en&id=782)\r\n - [link](https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27) by @thesamesam@social.treehouse.systems\r\n - [link](https://boehs.org/node/everything-i-know-about-the-xz-backdoor) by @eb@social.coop\r\n - [link](https://wiz.io/blog/cve-2024-3094-critical-rce-vulnerability-found-in-xz-utils) by @wiz_io\r\n - [link](https://gist.github.com/smx-smx/a6112d54777845d389bd7126d6e9f504) by smx\r\n - [link](https://securelist.com/xz-backdoor-story-part-1/112354/) by Kaspersky\r\n - [link](https://github.com/blasty/JiaTansSSHAgent) by @bl4sty","updated_timestamp":{"seconds":1720461930,"nanoseconds":0},"speakers":[{"content_ids":[54442,56209],"conference_id":133,"event_ids":[54815,56863],"name":"Thomas Roccia","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":"Senior Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/thomas-roccia/"},{"description":"","title":"Past Presentations","sort_order":0,"url":"https://speakerdeck.com/fr0gger"},{"description":"","title":"Twitter (@fr0gger_)","sort_order":0,"url":"https://twitter.com/fr0gger_"},{"description":"","title":"Website","sort_order":0,"url":"https://www.securitybreak.io"}],"media":[],"id":54118,"title":"Senior Security Researcher at Microsoft"}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:05:30Z","links":[],"end":"2024-08-09T18:45:00.000-0000","id":54815,"tag_ids":[46166,46169,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":1,"person_id":54118}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-08T18:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We all know it all too well: that ominous feeling when opening an unknown file in your favorite analysis tool, only to be greeted with hundreds or thousands of unknown functions, none of which are matched by your existing function signatures, nor any of your helper scripts. This makes the analysis a painfully slow and tedious process. Additionally, it sometimes means that the required analysis time exceeds the available time, and another file is chosen to be reversed instead. Especially when dealing with malware, this is an undesired scenario, as it would create a blind spot from a blue team’s perspective.\r\n\r\nThe goal of this talk is to share a tried and tested method on how to deal with thousands of unknown functions in a given file, significantly decreasing the time spent on the analysis. The example throughout the talk is the Golang based qBit family, but is applicable to any kind of binary. While this talk focuses on using Ghidra, given its free and open-source nature, it is equally possible with other industry standard tools. The focus will be on scripts, as well as the creation and usage of FunctionID and BSim databases. By combining these, you will be able to create your own symbols, and bring them anywhere you go, for any language of choice.\r\n\r\nWhile the symbols are portable, an aggregation of them scales very well over any number of analysts. As such, this methodology works well for individual researchers, but when scaling it for a team of researchers, the outcome will be greater than the sum of its parts.\r\n\r\nThis talk will use (malicious) Golang binaries as examples and provide a large dataset of symbols for this language. The scripts, as well as FunctionID and BSim databases, mentioned in this talk will all be made publicly available at the time of this talk.\r\n\r\nIn no particular order:\r\n\r\n- Automate .fidb generation with headless Ghidra: [link](https://blog.threatrack.de/2019/09/20/ghidra-fid-generator/)\r\n- Understanding static and dynamic compilation and linking: [link](https://www.youtube.com/watch?v=fGnbGX88z3Y)\r\n- How symbols work: [link](https://www.youtube.com/watch?v=iBQo962Sx0g)\r\n- BSim answers from the Ghidra team: [link](https://github.com/NationalSecurityAgency/ghidra/issues/6098)\r\n- Feeding Gophers to Ghidra (a blog I wrote for my employer about my research into Golang internals): [link](https://www.trellix.com/blogs/research/feeding-gophers-to-ghidra/)\r\n- A blog I wrote summarising my Golang reversing journey for my employer: [link](https://www.trellix.com/blogs/research/feeding-gophers-to-ghidra/)\r\n- The open-source scripts on GitHub: [link](https://github.com/advanced-threat-research/GhidraScripts)\r\n- A talk I gave about the Golang internals at HackInTheBox Amsterdam 2023: [link](https://www.youtube.com/watch?v=wsNfHqZfTfE)\r\n- Ghidra’s FunctionID codebase: [link](https://github.com/NationalSecurityAgency/ghidra/tree/master/Ghidra/Features/FunctionID)\r\n- Hex-Ray’s IDA Pro’s F.L.I.R.T. explained: [link](https://hex-rays.com/products/ida/tech/flirt/in_depth/)\r\n- BSim’s GhidraDoc explanation and tutorial: [link](https://github.com/NationalSecurityAgency/ghidra/blob/master/GhidraDocs/GhidraClass/BSim/README.md)\r\n\n\n\n","media":[],"title":"No Symbols When Reversing? No Problem: Bring Your Own","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T18:20:00Z","end_timestamp":{"seconds":1723227600,"nanoseconds":0},"android_description":"We all know it all too well: that ominous feeling when opening an unknown file in your favorite analysis tool, only to be greeted with hundreds or thousands of unknown functions, none of which are matched by your existing function signatures, nor any of your helper scripts. This makes the analysis a painfully slow and tedious process. Additionally, it sometimes means that the required analysis time exceeds the available time, and another file is chosen to be reversed instead. Especially when dealing with malware, this is an undesired scenario, as it would create a blind spot from a blue team’s perspective.\r\n\r\nThe goal of this talk is to share a tried and tested method on how to deal with thousands of unknown functions in a given file, significantly decreasing the time spent on the analysis. The example throughout the talk is the Golang based qBit family, but is applicable to any kind of binary. While this talk focuses on using Ghidra, given its free and open-source nature, it is equally possible with other industry standard tools. The focus will be on scripts, as well as the creation and usage of FunctionID and BSim databases. By combining these, you will be able to create your own symbols, and bring them anywhere you go, for any language of choice.\r\n\r\nWhile the symbols are portable, an aggregation of them scales very well over any number of analysts. As such, this methodology works well for individual researchers, but when scaling it for a team of researchers, the outcome will be greater than the sum of its parts.\r\n\r\nThis talk will use (malicious) Golang binaries as examples and provide a large dataset of symbols for this language. The scripts, as well as FunctionID and BSim databases, mentioned in this talk will all be made publicly available at the time of this talk.\r\n\r\nIn no particular order:\r\n\r\n- Automate .fidb generation with headless Ghidra: [link](https://blog.threatrack.de/2019/09/20/ghidra-fid-generator/)\r\n- Understanding static and dynamic compilation and linking: [link](https://www.youtube.com/watch?v=fGnbGX88z3Y)\r\n- How symbols work: [link](https://www.youtube.com/watch?v=iBQo962Sx0g)\r\n- BSim answers from the Ghidra team: [link](https://github.com/NationalSecurityAgency/ghidra/issues/6098)\r\n- Feeding Gophers to Ghidra (a blog I wrote for my employer about my research into Golang internals): [link](https://www.trellix.com/blogs/research/feeding-gophers-to-ghidra/)\r\n- A blog I wrote summarising my Golang reversing journey for my employer: [link](https://www.trellix.com/blogs/research/feeding-gophers-to-ghidra/)\r\n- The open-source scripts on GitHub: [link](https://github.com/advanced-threat-research/GhidraScripts)\r\n- A talk I gave about the Golang internals at HackInTheBox Amsterdam 2023: [link](https://www.youtube.com/watch?v=wsNfHqZfTfE)\r\n- Ghidra’s FunctionID codebase: [link](https://github.com/NationalSecurityAgency/ghidra/tree/master/Ghidra/Features/FunctionID)\r\n- Hex-Ray’s IDA Pro’s F.L.I.R.T. explained: [link](https://hex-rays.com/products/ida/tech/flirt/in_depth/)\r\n- BSim’s GhidraDoc explanation and tutorial: [link](https://github.com/NationalSecurityAgency/ghidra/blob/master/GhidraDocs/GhidraClass/BSim/README.md)","updated_timestamp":{"seconds":1720461878,"nanoseconds":0},"speakers":[{"content_ids":[54224,54440],"conference_id":133,"event_ids":[54597,54813],"name":"Max \"Libra\" Kersten","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/libranalysis/"},{"description":"","title":"Mastodon (@libra@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@libra"},{"description":"","title":"Twitter (@Libranalysis)","sort_order":0,"url":"https://twitter.com/Libranalysis"},{"description":"","title":"Website","sort_order":0,"url":"https://maxkersten.nl"}],"media":[],"id":54141}],"begin_tsz":"2024-08-09T18:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:04:38Z","links":[],"end":"2024-08-09T18:20:00.000-0000","id":54813,"tag_ids":[46166,46419,46438,46880],"village_id":null,"begin_timestamp":{"seconds":1723226400,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":1,"person_id":54141}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-09T18:00:00.000-0000","updated":"2024-07-08T18:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Where to start looking for attackers in a cloud environment? In a world where cloud providers have hundreds of services and thousands of API calls, getting started can feel overwhelming.\n\nIn this talk, we lay out the foundations of a modern detection engineering program built and tailored for the cloud, such as threat-informed defense based on real-world attacker activity, emulating common attacker behavior, shortening feedback loops to validate telemetry, and continuous end-to-end testing of threat detection rules. Additionally, we introduce a new open-source project, Grimoire, which allows leveraging pre-built datasets of AWS CloudTrail logs for common attacks.\n\nYou'll gain a hands-on, actionable understanding of how to start identifying threats in your cloud environment, or improve your existing process.\n\n\n","media":[],"title":"Catch them all! Detection Engineering and Purple Teaming in the Cloud","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:30:00Z","end_timestamp":{"seconds":1723228200,"nanoseconds":0},"android_description":"Where to start looking for attackers in a cloud environment? In a world where cloud providers have hundreds of services and thousands of API calls, getting started can feel overwhelming.\n\nIn this talk, we lay out the foundations of a modern detection engineering program built and tailored for the cloud, such as threat-informed defense based on real-world attacker activity, emulating common attacker behavior, shortening feedback loops to validate telemetry, and continuous end-to-end testing of threat detection rules. Additionally, we introduce a new open-source project, Grimoire, which allows leveraging pre-built datasets of AWS CloudTrail logs for common attacks.\n\nYou'll gain a hands-on, actionable understanding of how to start identifying threats in your cloud environment, or improve your existing process.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55478],"conference_id":133,"event_ids":[55907],"name":"Christophe Tafani-Dereeper","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"christophetd","sort_order":0,"url":"https://christophetd"}],"media":[],"id":56001}],"begin_tsz":"2024-08-09T17:50:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T18:30:00.000-0000","id":55907,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723225800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56001}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T17:50:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"For three weeks in January 2024, a federal judge heard arguments that Ballot Marking Devices (BMDs) as they are uniformly used in Georgia burden the right to vote to the extent that their continued use is unconstitutional.  In 2019, the same court banned the use of Direct Recording Equipment (DRE) on the same grounds. Banning BMDs would have national repercussions. The case was litigated in a bench trial, a lawsuit not tried in front of a jury.\n\nUsing actual court presentations and documents, the proposed panel will summarize the arguments made by attorneys and experts for the Plaintiffs (a coalition of cybersecurity and voting systems experts and voting rights activists) and the Defendant (Georgia Secretary of State Raffmsperger). Panelists include representatives of the plaintiffs, defendants, and independent experts, moderated by a distinguished legal journalist. Observers will explain the extraordinary coincidences surrounding this lawsuit, including the events of January 6th, the Trump allies’ successful efforts to steal the state’s software,  and the attempt by backers of then-President Donald Trump and the attempt to brand Plaintiffs as election deniers. Panelists will also recreate technical demonstrations used in court.\n\nThe panel will use a novel “steelman” analysis of the Defense’s arguments. Unlike strawman analysis, a steelman (often called charitable analysis) argument crafts the most favorable interpretation of the responses to the Plaintiff's complaint, strengthening and in some cases correcting errors.\n\n\n","media":[],"title":"Play by Play of the Curling v. Raffensperger Lawsuit","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:45:00Z","end_timestamp":{"seconds":1723229100,"nanoseconds":0},"android_description":"For three weeks in January 2024, a federal judge heard arguments that Ballot Marking Devices (BMDs) as they are uniformly used in Georgia burden the right to vote to the extent that their continued use is unconstitutional.  In 2019, the same court banned the use of Direct Recording Equipment (DRE) on the same grounds. Banning BMDs would have national repercussions. The case was litigated in a bench trial, a lawsuit not tried in front of a jury.\n\nUsing actual court presentations and documents, the proposed panel will summarize the arguments made by attorneys and experts for the Plaintiffs (a coalition of cybersecurity and voting systems experts and voting rights activists) and the Defendant (Georgia Secretary of State Raffmsperger). Panelists include representatives of the plaintiffs, defendants, and independent experts, moderated by a distinguished legal journalist. Observers will explain the extraordinary coincidences surrounding this lawsuit, including the events of January 6th, the Trump allies’ successful efforts to steal the state’s software,  and the attempt by backers of then-President Donald Trump and the attempt to brand Plaintiffs as election deniers. Panelists will also recreate technical demonstrations used in court.\n\nThe panel will use a novel “steelman” analysis of the Defense’s arguments. Unlike strawman analysis, a steelman (often called charitable analysis) argument crafts the most favorable interpretation of the responses to the Plaintiff's complaint, strengthening and in some cases correcting errors.","updated_timestamp":{"seconds":1723183538,"nanoseconds":0},"speakers":[{"content_ids":[56187,56185,56183],"conference_id":133,"event_ids":[56837,56839,56841],"name":"Philip Stark","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/philip-stark-0422325"},{"description":"","title":"Twitter (@philipbstark)","sort_order":0,"url":"https://twitter.com/philipbstark"},{"description":"","title":"Website","sort_order":0,"url":"https://www.stat.berkeley.edu/~stark/"}],"media":[],"id":56561},{"content_ids":[56183],"conference_id":133,"event_ids":[56837],"name":"Drew Springall","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@_aaspring_)","sort_order":0,"url":"https://twitter.com/_aaspring_"},{"description":"","title":"Website","sort_order":0,"url":"https://aaspring.com"}],"media":[],"id":56567},{"content_ids":[56183],"conference_id":133,"event_ids":[56837],"name":"Mary Kaiser","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/mary-kaiser-53394010"},{"description":"","title":"Twitter (@goodwinlaw)","sort_order":0,"url":"https://twitter.com/goodwinlaw"},{"description":"","title":"Website","sort_order":0,"url":"https://goodwinlaw.com"}],"media":[],"id":56576},{"content_ids":[56183,56184],"conference_id":133,"event_ids":[56837,56838],"name":"Susan Greenhalgh","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/susan-greenhalgh-7078a9111"},{"description":"","title":"Twitter (@segreenhalgh)","sort_order":0,"url":"https://twitter.com/segreenhalgh"},{"description":"","title":"Website","sort_order":0,"url":"https://freespeechforpeople.org/susan-greenhalgh/"}],"media":[],"id":56584}],"begin_tsz":"2024-08-09T17:45:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:05:38Z","links":[],"end":"2024-08-09T18:45:00.000-0000","id":56837,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723225500,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":56584},{"tag_id":46487,"sort_order":4,"person_id":56576},{"tag_id":46487,"sort_order":6,"person_id":56567},{"tag_id":46487,"sort_order":8,"person_id":56561}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-09T17:45:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Recursion has a tendency to turn little bugs into explosive ones. In this talk, witness the myriad of strange and unexpected bugs we encountered while building BBOT, a recursive internet scanner. Rendered in smooth realtime animations, these bugs may appear fun and sometimes hilarious, but when they occurred they were extremely problematic, and taught us some valuable lessons about the internet and recursion.\n\nDiscover the nefarious traps and nightmarish edge cases that awaited us in the depths of the internet, the destruction they caused, the awkward situations they put us in, and the tricks we used to overcome them. Most importantly, discover the kinds of hidden gems recursion can uncover (when it's implemented properly), and the critical advantage it will give you in your recon!\n\n\n","media":[],"title":"Recursion is a Harsh Mistress: How (Not) To Build a Recursive Internet Scanner","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:30:00Z","end_timestamp":{"seconds":1723228200,"nanoseconds":0},"android_description":"Recursion has a tendency to turn little bugs into explosive ones. In this talk, witness the myriad of strange and unexpected bugs we encountered while building BBOT, a recursive internet scanner. Rendered in smooth realtime animations, these bugs may appear fun and sometimes hilarious, but when they occurred they were extremely problematic, and taught us some valuable lessons about the internet and recursion.\n\nDiscover the nefarious traps and nightmarish edge cases that awaited us in the depths of the internet, the destruction they caused, the awkward situations they put us in, and the tricks we used to overcome them. Most importantly, discover the kinds of hidden gems recursion can uncover (when it's implemented properly), and the critical advantage it will give you in your recon!","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55895],"conference_id":133,"event_ids":[56482],"name":"TheTechromancer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56263}],"begin_tsz":"2024-08-09T17:45:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T18:30:00.000-0000","id":56482,"tag_ids":[46391,46511],"village_id":null,"begin_timestamp":{"seconds":1723225500,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56263}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T17:45:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come ask us anything about the GRT2! There will be a short presentation about how to participate and the objectives of the event and then you can ask us anything about it and ML flaws and vulnerabilities.\n\n\n","media":[],"title":"Generative Red Team 2 Kickoff","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:30:00Z","end_timestamp":{"seconds":1723228200,"nanoseconds":0},"android_description":"Come ask us anything about the GRT2! There will be a short presentation about how to participate and the objectives of the event and then you can ask us anything about it and ML flaws and vulnerabilities.","updated_timestamp":{"seconds":1722626317,"nanoseconds":0},"speakers":[{"content_ids":[55875,55888],"conference_id":133,"event_ids":[56460,56473],"name":"Jerome Wynne","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56229},{"content_ids":[55875,55888],"conference_id":133,"event_ids":[56460,56473],"name":"Kent Wilson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56230},{"content_ids":[55875,55888],"conference_id":133,"event_ids":[56460,56473],"name":"Nicole DeCario","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56231},{"content_ids":[55875,55888],"conference_id":133,"event_ids":[56460,56473],"name":"Sean McGregor","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56232},{"content_ids":[55875,55876,55888],"conference_id":133,"event_ids":[56460,56473,56461],"name":"Sven Cattell","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"AI Village","title":"Founder"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@comathematician)","sort_order":0,"url":"https://x.com/comathematician"}],"media":[],"id":56233,"title":"Founder at AI Village"},{"content_ids":[55875,55888],"conference_id":133,"event_ids":[56460,56473],"name":"Will Pearce","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56234}],"begin_tsz":"2024-08-09T17:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:18:37Z","links":[{"label":"Website","type":"link","url":"https://grt.aivillage.org/"}],"end":"2024-08-09T18:30:00.000-0000","id":56460,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723224600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56233},{"tag_id":46167,"sort_order":4,"person_id":56234},{"tag_id":46167,"sort_order":6,"person_id":56229},{"tag_id":46167,"sort_order":8,"person_id":56232},{"tag_id":46167,"sort_order":10,"person_id":56231},{"tag_id":46167,"sort_order":12,"person_id":56230}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-09T17:30:00.000-0000","updated":"2024-08-02T19:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this workshop, we explore the design, construction, and configuration of cost-effective Low Earth Orbit (LEO) satellite ground stations using open source tools. The aim is to demonstrate that high-quality ground stations can be developed on a limited budget without sacrificing performance. We will delve into the selection of hardware components, the integration process, and the software tools necessary for seamless operation. Additionally, real-world applications and case studies will be showcased to highlight the practical benefits and potential of these budget-friendly solutions. Attendees will leave with a comprehensive understanding of how to leverage open source resources to build and operate efficient ground stations, making advanced aerospace technology accessible to enthusiasts and professionals alike.\n\n\n","media":[],"title":"Building the Ultimate Budget-Friendly Low Earth Orbit Satellite Ground Station","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T19:30:00Z","end_timestamp":{"seconds":1723231800,"nanoseconds":0},"android_description":"In this workshop, we explore the design, construction, and configuration of cost-effective Low Earth Orbit (LEO) satellite ground stations using open source tools. The aim is to demonstrate that high-quality ground stations can be developed on a limited budget without sacrificing performance. We will delve into the selection of hardware components, the integration process, and the software tools necessary for seamless operation. Additionally, real-world applications and case studies will be showcased to highlight the practical benefits and potential of these budget-friendly solutions. Attendees will leave with a comprehensive understanding of how to leverage open source resources to build and operate efficient ground stations, making advanced aerospace technology accessible to enthusiasts and professionals alike.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55831],"conference_id":133,"event_ids":[56381],"name":"Victor Fernandez Minguillon","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/victorminguillon/"}],"media":[],"id":56191}],"begin_tsz":"2024-08-09T17:30:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-09T19:30:00.000-0000","id":56381,"tag_ids":[46366,46734],"village_id":null,"begin_timestamp":{"seconds":1723224600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56191}],"tags":"","conference_id":133,"location":{"parent_id":46259,"name":"LVCC - L1 - HW2-07-02 (Aerospace) - Workshops","hotel":"","short_name":"Workshops","id":46476},"spans_timebands":"N","begin":"2024-08-09T17:30:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"An introduction to the analyst mindset for IR and how to ensure quality. First, we'll discuss the analyst mindset. How does your investigation flow and potentially impact people? This is a big responsibility. Next we will discuss quality assurance. The \"evil\" metrics that we so often fear. Why are they important and how can we best use them?\n\n\nAn introduction to the analyst mindset for IR and how to ensure quality. First, we'll discuss the analyst mindset. How does your investigation flow and potentially impact people? This is a big responsibility. Next we will discuss quality assurance. The \"evil\" metrics that we so often fear. Why are they important and how can we best use them?","media":[],"title":"Incident Response 101: Part 2 (Analyst Mindset and Quality Assurance)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"An introduction to the analyst mindset for IR and how to ensure quality. First, we'll discuss the analyst mindset. How does your investigation flow and potentially impact people? This is a big responsibility. Next we will discuss quality assurance. The \"evil\" metrics that we so often fear. Why are they important and how can we best use them?\n\n\nAn introduction to the analyst mindset for IR and how to ensure quality. First, we'll discuss the analyst mindset. How does your investigation flow and potentially impact people? This is a big responsibility. Next we will discuss quality assurance. The \"evil\" metrics that we so often fear. Why are they important and how can we best use them?","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55761],"conference_id":133,"event_ids":[56269],"name":"David \"CountZ3r0\" Roman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56139}],"begin_tsz":"2024-08-09T17:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-09T18:00:00.000-0000","id":56269,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723224600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56139}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-09T17:30:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In-Person Contest\r\nFriday and Saturday: 10:30-18:00\r\nCTF begins Friday 10:30; CTF ends Saturday 18:00\r\n\r\nThe Blue Team Village (BTV) CTF is a cyber defense Capture the Flag inspired by a mix of trending nation-state actor kill chains and at least one custom insider threat story. You are an incident responder tasked to investigate several incidents involving different operating systems and OT devices. You will have access to SIEM and Packet captures; however, just like in real life, these tools have issues you must overcome to uncover what happened.\r\n\r\nExpect indexes to telemetry issues, raw data not extracted properly, and missing fields. Regex may be helpful. In addition, Arkime, the network monitoring tool, will only work partially and correctly. You must find ways to make the best of the telemetry provided, and remember that you can always extract the resulting pcaps!\r\n\r\nThe CTF challenges contestants to leverage diverse cyber defense skills, including Incident Response, Forensics, and Threat Hunting. Both host and network telemetry are required to solve all the flags.\r\n\r\nBTV’s Project Obsidian crew developed the CTF to allow anyone, regardless of skill or knowledge, to participate and sharpen their cyber defense skills. We recommend creating or joining a team if you are new to cyber defense. We highly recommend participating in the BTV’s Project Obsidian workshop sessions if you are new to cyber defense. Sessions cover many of the topics on the CTF and will help you along the way.\n\n\n","media":[],"title":"Blue Team Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"In-Person Contest\r\nFriday and Saturday: 10:30-18:00\r\nCTF begins Friday 10:30; CTF ends Saturday 18:00\r\n\r\nThe Blue Team Village (BTV) CTF is a cyber defense Capture the Flag inspired by a mix of trending nation-state actor kill chains and at least one custom insider threat story. You are an incident responder tasked to investigate several incidents involving different operating systems and OT devices. You will have access to SIEM and Packet captures; however, just like in real life, these tools have issues you must overcome to uncover what happened.\r\n\r\nExpect indexes to telemetry issues, raw data not extracted properly, and missing fields. Regex may be helpful. In addition, Arkime, the network monitoring tool, will only work partially and correctly. You must find ways to make the best of the telemetry provided, and remember that you can always extract the resulting pcaps!\r\n\r\nThe CTF challenges contestants to leverage diverse cyber defense skills, including Incident Response, Forensics, and Threat Hunting. Both host and network telemetry are required to solve all the flags.\r\n\r\nBTV’s Project Obsidian crew developed the CTF to allow anyone, regardless of skill or knowledge, to participate and sharpen their cyber defense skills. We recommend creating or joining a team if you are new to cyber defense. We highly recommend participating in the BTV’s Project Obsidian workshop sessions if you are new to cyber defense. Sessions cover many of the topics on the CTF and will help you along the way.","updated_timestamp":{"seconds":1722310974,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:42:54Z","links":[{"label":"More Info","type":"link","url":"https://www.blueteamvillage.org/ctf"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249405"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249404"}],"end":"2024-08-10T01:00:00.000-0000","id":56055,"tag_ids":[46373,46427,46439,46756],"village_id":null,"begin_timestamp":{"seconds":1723224600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W311-W313 (BTV)","hotel":"","short_name":"W311-W313 (BTV)","id":46296},"spans_timebands":"N","begin":"2024-08-09T17:30:00.000-0000","updated":"2024-07-30T03:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Presentation to kick off the Radio Frequency Village CTF with helpful tips for new folks.\n\n\n","media":[],"title":"RF CTF Kick Off Day 1","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:25:00Z","end_timestamp":{"seconds":1723227900,"nanoseconds":0},"android_description":"Presentation to kick off the Radio Frequency Village CTF with helpful tips for new folks.","updated_timestamp":{"seconds":1722186661,"nanoseconds":0},"speakers":[{"content_ids":[55443,55453,55461],"conference_id":133,"event_ids":[55868,55878,55886],"name":"RF Hackers","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@rfhackers"},{"description":"","title":"Website","sort_order":0,"url":"https://rfhackers.com/"}],"media":[],"id":55982}],"begin_tsz":"2024-08-09T17:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T17:11:01Z","links":[],"end":"2024-08-09T18:25:00.000-0000","id":55868,"tag_ids":[46390,46427,46511,46742],"village_id":null,"begin_timestamp":{"seconds":1723224600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55982}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-09T17:30:00.000-0000","updated":"2024-07-28T17:11:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This contest is simple, and is designed to teach you the basics of transmitter direction finding and “fox hunting”. We offer multiple levels of difficulty – whether you’ve never done a fox hunt before or are a seasoned pro, you can participate in the hunt! Learning how to locate the source of radio signals is an important tool you can add to your hacker arsenal. Whether you’re hunting for a source of interference, a rogue wireless AP, or tracking down the FCC’s monitoring vans, the real-world skills you will gain from this contest will be invaluable.\r\n\r\nTo participate in the beginner IR foxhunt you will need a device that can receive IR light in the 900nm range – such as many cell phones and digital cameras!\r\n\r\nTo participate in the RF foxhunt(s) you will need a radio or a scanner that can receive signals in the 2m and/or 70cm Amateur Radio Bands (144.000 MHz - 146.000 MHz, 420.000 MHZ - 450.000 MHz)\n\n\n","media":[{"hash_sha256":"eaa2e18ed376870b0b3ebb931ebea74844c1032d6e048968b87b07d86e184b3a","filetype":"image/png","hash_md5":"0f6296e86e5676264624f7692fbe4ca2","name":"ct_ham-fox-hunt.png","is_logo":"Y","hash_crc32c":"c9eab3b2","filesize":83132,"asset_id":646,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_ham-fox-hunt.png"}],"title":"Ham Radio Fox Hunt","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"This contest is simple, and is designed to teach you the basics of transmitter direction finding and “fox hunting”. We offer multiple levels of difficulty – whether you’ve never done a fox hunt before or are a seasoned pro, you can participate in the hunt! Learning how to locate the source of radio signals is an important tool you can add to your hacker arsenal. Whether you’re hunting for a source of interference, a rogue wireless AP, or tracking down the FCC’s monitoring vans, the real-world skills you will gain from this contest will be invaluable.\r\n\r\nTo participate in the beginner IR foxhunt you will need a device that can receive IR light in the 900nm range – such as many cell phones and digital cameras!\r\n\r\nTo participate in the RF foxhunt(s) you will need a radio or a scanner that can receive signals in the 2m and/or 70cm Amateur Radio Bands (144.000 MHz - 146.000 MHz, 420.000 MHZ - 450.000 MHz)","updated_timestamp":{"seconds":1722184768,"nanoseconds":0},"speakers":[{"content_ids":[55432],"conference_id":133,"event_ids":[55855,55856,55857],"name":"Ham Radio Village Staff","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@HamRadioVillage"},{"description":"","title":"Website","sort_order":0,"url":"https://hamvillage.org"}],"media":[],"id":55973}],"begin_tsz":"2024-08-09T17:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T16:39:28Z","links":[{"label":"More Info","type":"link","url":"https://hamvillage.org/dc32/"}],"end":"2024-08-10T01:00:00.000-0000","id":55855,"tag_ids":[46380,46427,46439,46743],"village_id":null,"begin_timestamp":{"seconds":1723224600,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":55973}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-A","hotel":"","short_name":"HW4-02-02-A","id":46362},"spans_timebands":"N","begin":"2024-08-09T17:30:00.000-0000","updated":"2024-07-28T16:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this talk we will present the ICS firing range we built and hacked to simulate an actual attack against a hydroelectric power plant and create a DFIR training from the evidence left behind. The talk aims to emphasize the importance of attack simulation in the context of critical infrastructure and the potential benefit that firing ranges can provide to such assessments.\r\n\r\nFirst we will examine the motivation behind the construction and usage of a firing range, covering various aspects including:\r\n- the threats operators of critical infrastructure face,\r\n- how security assessments are conducted in an OT context and\r\n- how an ICS firing range can be utilized to support them.\r\n\r\nNext we will discuss the intended use cases of the firing range and the scenario it was made to display, the flooding of a hydroelectric power plant. As a result, the relevant components and production processes of the plant will be outlined.\r\nThen we will present and go into detail about the design & architecture of the firing range:\r\n- individual physical and virtual networks and components,\r\n- separate Active Directory environments,\r\n- implemented security measures\r\n- specific vulnerabilities intentionally left behind. \r\n\r\nPicking up this last bullet-point, we continue with how we hacked the firing range and performed a Red Team assessment against it, simulating an actual attack. Starting with the C2 infrastructure we set up for the attack, we will guide the audience through the kill chain in chronological order and highlight the most important and relevant steps of the attack.\r\n\r\nOnce the offensive part of the talk concludes, a shift of perspective takes place and the attack is evaluated from the defence's point-of-view: we'll show how we identified, secured and analyzed indicators of compromise left behind by the attack. This includes the analysis of network captures, Windows event logs, memory dumps and more.\r\n\r\nThis talk will be presented by not only people from NVISO as the IT security service provider who built the firing range and performed to attack against it, but also by people from VERBUND's IT security team who actively use the firing range for training. This way we can involve both the attacker's and the defence's point-of-view.\n\n\n","media":[],"title":"Attack and Defence in OT - Simulating attacks against hydroelectric power plants leveraging ICS Firing Ranges","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"In this talk we will present the ICS firing range we built and hacked to simulate an actual attack against a hydroelectric power plant and create a DFIR training from the evidence left behind. The talk aims to emphasize the importance of attack simulation in the context of critical infrastructure and the potential benefit that firing ranges can provide to such assessments.\r\n\r\nFirst we will examine the motivation behind the construction and usage of a firing range, covering various aspects including:\r\n- the threats operators of critical infrastructure face,\r\n- how security assessments are conducted in an OT context and\r\n- how an ICS firing range can be utilized to support them.\r\n\r\nNext we will discuss the intended use cases of the firing range and the scenario it was made to display, the flooding of a hydroelectric power plant. As a result, the relevant components and production processes of the plant will be outlined.\r\nThen we will present and go into detail about the design & architecture of the firing range:\r\n- individual physical and virtual networks and components,\r\n- separate Active Directory environments,\r\n- implemented security measures\r\n- specific vulnerabilities intentionally left behind. \r\n\r\nPicking up this last bullet-point, we continue with how we hacked the firing range and performed a Red Team assessment against it, simulating an actual attack. Starting with the C2 infrastructure we set up for the attack, we will guide the audience through the kill chain in chronological order and highlight the most important and relevant steps of the attack.\r\n\r\nOnce the offensive part of the talk concludes, a shift of perspective takes place and the attack is evaluated from the defence's point-of-view: we'll show how we identified, secured and analyzed indicators of compromise left behind by the attack. This includes the analysis of network captures, Windows event logs, memory dumps and more.\r\n\r\nThis talk will be presented by not only people from NVISO as the IT security service provider who built the firing range and performed to attack against it, but also by people from VERBUND's IT security team who actively use the firing range for training. This way we can involve both the attacker's and the defence's point-of-view.","updated_timestamp":{"seconds":1720393612,"nanoseconds":0},"speakers":[{"content_ids":[54549],"conference_id":133,"event_ids":[54924],"name":"Julia Dewitz-Würzelberger","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"VERBUND","title":"Project Manager, OT Cyber Security"}],"links":[],"pronouns":null,"media":[],"id":54661,"title":"Project Manager, OT Cyber Security at VERBUND"},{"content_ids":[54549],"conference_id":133,"event_ids":[54924],"name":"Bernhard Sedlmayer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56027},{"content_ids":[54549],"conference_id":133,"event_ids":[54924],"name":"Sarah Mader","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NVISO","title":"Senior Consultant"}],"links":[],"pronouns":null,"media":[],"id":56028,"title":"Senior Consultant at NVISO"}],"begin_tsz":"2024-08-09T17:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T23:06:52Z","links":[],"end":"2024-08-09T18:00:00.000-0000","id":54924,"tag_ids":[46169,46382,46419,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723224600,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":54661},{"tag_id":46167,"sort_order":4,"person_id":56027},{"tag_id":46167,"sort_order":6,"person_id":56028}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T17:30:00.000-0000","updated":"2024-07-07T23:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join General Paul M. Nakasone, U.S. Army (Retired), for a deep dive into the realities of modern cyber warfare at DefCon. With critical stories from his extensive career, General Nakasone will expose the details of national security in the digital era.\n\nThe longest-serving leader of both the National Security Agency and U.S. Cyber Command, General Nakasone has been on the frontlines of America's cyber defense. He will share firsthand accounts of defending against nation-state hackers, securing critical infrastructure during global crises, and the strategies that kept adversaries at bay.\n\nThis talk will examine the evolving nature of conflict, where the battlefield extends into cyberspace and unique partnerships must be built to offer agility and resilience. General Nakasone will discuss the persistent threats posed by sophisticated hackers and the innovative defenses employed to counteract them. He’ll delve into the importance of intelligence sharing, international alliances, and transparency in operations.\n\nLooking ahead, General Nakasone will present a forward-thinking vision for the future of warfare. He’ll highlight the necessity for adaptive cyber strategies, resilient defenses, and the cultivation of new leadership to address emerging threats.\n\n\n","media":[],"title":"Spies and Bytes: Victory in the Digital Age","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T18:15:00Z","end_timestamp":{"seconds":1723227300,"nanoseconds":0},"android_description":"Join General Paul M. Nakasone, U.S. Army (Retired), for a deep dive into the realities of modern cyber warfare at DefCon. With critical stories from his extensive career, General Nakasone will expose the details of national security in the digital era.\n\nThe longest-serving leader of both the National Security Agency and U.S. Cyber Command, General Nakasone has been on the frontlines of America's cyber defense. He will share firsthand accounts of defending against nation-state hackers, securing critical infrastructure during global crises, and the strategies that kept adversaries at bay.\n\nThis talk will examine the evolving nature of conflict, where the battlefield extends into cyberspace and unique partnerships must be built to offer agility and resilience. General Nakasone will discuss the persistent threats posed by sophisticated hackers and the innovative defenses employed to counteract them. He’ll delve into the importance of intelligence sharing, international alliances, and transparency in operations.\n\nLooking ahead, General Nakasone will present a forward-thinking vision for the future of warfare. He’ll highlight the necessity for adaptive cyber strategies, resilient defenses, and the cultivation of new leadership to address emerging threats.","updated_timestamp":{"seconds":1720307458,"nanoseconds":0},"speakers":[{"content_ids":[54439],"conference_id":133,"event_ids":[54812],"name":"General Paul M. Nakasone","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Vanderbilt’s Institute of National Security","title":"Founding Director"}],"links":[],"pronouns":null,"media":[],"id":54136,"title":"Founding Director at Vanderbilt’s Institute of National Security"}],"begin_tsz":"2024-08-09T17:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:58Z","links":[],"end":"2024-08-09T18:15:00.000-0000","id":54812,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723224600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54136}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-09T17:30:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Advanced Local Procedure Call (ALPC) is an Inter Process Communication method in the Windows kernel. In the past few years, Windows ALPC and RPC vulnerabilities have emerged in an endless stream. These vulnerabilities are mainly based on TOCTOU file operations, memory corruption vulnerabilities in RPC services and ALPC syscalls in ntoskrnl. \n\nWindows kernel provides a variety of security measures to ensure that the data and context accepted by the ALPC and RPC servers are safe. We noticed the attack surface in the security mechanism of the ALPC kernel, and we found a security flaw in this mechanism (magic) and successfully obtained the system privilege from unauthorized users (defeating magic by magic).\n\nIn this talk, we will first overview the communication mechanism of ALPC and RPC services. We will discuss the details of ALPC and RPC in the marshal/unmarshal process that has not been disclosed before. We'll also talk about the kernel security mechanism in ALPC syscalls. Then we will analyze some historical bugs in ALPC and RPC, and disclose the details of the vulnerability we found, discussing how we bypassed the security mechanism through a small security flaw in security mechanisms. Later we'll discuss the exploitation, you will learn about the multiple ways. Finally, We'll make conclusions and share our opinions on this attack surface, including some tips and opinions on how to find these kinds of bugs.\n\n1. A view into ALPC-RPC by Clement Rouault and Thomas Imbert Hack.lu 2017 \n2. Exploiting Errors in Windows Error Reporting - Gal De Leon\n3. Windows Internals, Part 2, 7th Edition\n\n\n","media":[],"title":"Defeating magic by magic:Using ALPC security features to compromise RPC services","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T18:15:00Z","end_timestamp":{"seconds":1723227300,"nanoseconds":0},"android_description":"Advanced Local Procedure Call (ALPC) is an Inter Process Communication method in the Windows kernel. In the past few years, Windows ALPC and RPC vulnerabilities have emerged in an endless stream. These vulnerabilities are mainly based on TOCTOU file operations, memory corruption vulnerabilities in RPC services and ALPC syscalls in ntoskrnl. \n\nWindows kernel provides a variety of security measures to ensure that the data and context accepted by the ALPC and RPC servers are safe. We noticed the attack surface in the security mechanism of the ALPC kernel, and we found a security flaw in this mechanism (magic) and successfully obtained the system privilege from unauthorized users (defeating magic by magic).\n\nIn this talk, we will first overview the communication mechanism of ALPC and RPC services. We will discuss the details of ALPC and RPC in the marshal/unmarshal process that has not been disclosed before. We'll also talk about the kernel security mechanism in ALPC syscalls. Then we will analyze some historical bugs in ALPC and RPC, and disclose the details of the vulnerability we found, discussing how we bypassed the security mechanism through a small security flaw in security mechanisms. Later we'll discuss the exploitation, you will learn about the multiple ways. Finally, We'll make conclusions and share our opinions on this attack surface, including some tips and opinions on how to find these kinds of bugs.\n\n1. A view into ALPC-RPC by Clement Rouault and Thomas Imbert Hack.lu 2017 \n2. Exploiting Errors in Windows Error Reporting - Gal De Leon\n3. Windows Internals, Part 2, 7th Edition","updated_timestamp":{"seconds":1720307458,"nanoseconds":0},"speakers":[{"content_ids":[54438],"conference_id":133,"event_ids":[54811],"name":"WangJunJie Zhang","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Hillstone Network Security Research Institute","title":"Senior Security Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@hillstone_lab)","sort_order":0,"url":"https://twitter.com/hillstone_lab"}],"media":[],"id":54183,"title":"Senior Security Researcher at Hillstone Network Security Research Institute"},{"content_ids":[54438],"conference_id":133,"event_ids":[54811],"name":"YiSheng He","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54187}],"begin_tsz":"2024-08-09T17:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:58Z","links":[],"end":"2024-08-09T18:15:00.000-0000","id":54811,"tag_ids":[46166,46419,46881],"village_id":null,"begin_timestamp":{"seconds":1723224600,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54183},{"tag_id":46167,"sort_order":2,"person_id":54187}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-09T17:30:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to create a cute, squishy, Wi-Fi controllable LED cat lamp? In this workshop, we'll create a cute cat lamp featuring programmable IoT LED's, giving it custom light animations and Wi-Fi control! Your adorable cat lamp can be controlled over Wi-Fi with WLED, allowing you to control it with home automation software. You will create open source, Wi-Fi controlled LED art; learn basic soldering; and take home the remote-controlled Pusheen lamp of your dreams.\n\n\n","media":[],"title":"IoT Cat Lamp","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T18:45:00Z","end_timestamp":{"seconds":1723229100,"nanoseconds":0},"android_description":"Want to create a cute, squishy, Wi-Fi controllable LED cat lamp? In this workshop, we'll create a cute cat lamp featuring programmable IoT LED's, giving it custom light animations and Wi-Fi control! Your adorable cat lamp can be controlled over Wi-Fi with WLED, allowing you to control it with home automation software. You will create open source, Wi-Fi controlled LED art; learn basic soldering; and take home the remote-controlled Pusheen lamp of your dreams.","updated_timestamp":{"seconds":1722645221,"nanoseconds":0},"speakers":[{"content_ids":[55930,55931,55932,55933,55934,55935,55936,55937,55938,55939],"conference_id":133,"event_ids":[56521,56522,56523,56524,56525,56526,56527,56528,56529,56530],"name":"Kody K","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56287}],"begin_tsz":"2024-08-09T17:15:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:41Z","links":[{"label":"Purchase/Pre-Register","type":"link","url":"https://retia.io/products/cat-shaped-wi-fi-defender-hands-on-hacker-hunting-with-microcontrollers-copy"}],"end":"2024-08-09T18:45:00.000-0000","id":56521,"tag_ids":[46383,46429,46734],"village_id":null,"begin_timestamp":{"seconds":1723223700,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56287}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:15:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the casino industry, a surge of ransomware attacks has marked an era of unprecedented threats and vulnerabilities. This session will focus on a critical aspect of security within this industry, exploring how ransomware has specifically impacted applications and associated systems. Attendees will gain insights into the methods used by malicious actors to compromise casino applications, the resulting financial and operational disruptions, (i.e., affected customer data security etc.) and responses developed to counter these threats. By researching industry giants like MGM and Caesars, we will highlight the importance of robust application security measures and the future landscape of cybersecurity in this sector. Unique security challenges faced by the casino industry will be explored, along with examples of vulnerabilities and their exploitation. The session will also delve into the interplay between ICT, IoT, and application security in the casino context.\n\n\n","media":[],"title":"Winning big: AppSec Considerations From the Casino Industry","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:45:00Z","end_timestamp":{"seconds":1723225500,"nanoseconds":0},"android_description":"In the casino industry, a surge of ransomware attacks has marked an era of unprecedented threats and vulnerabilities. This session will focus on a critical aspect of security within this industry, exploring how ransomware has specifically impacted applications and associated systems. Attendees will gain insights into the methods used by malicious actors to compromise casino applications, the resulting financial and operational disruptions, (i.e., affected customer data security etc.) and responses developed to counter these threats. By researching industry giants like MGM and Caesars, we will highlight the importance of robust application security measures and the future landscape of cybersecurity in this sector. Unique security challenges faced by the casino industry will be explored, along with examples of vulnerabilities and their exploitation. The session will also delve into the interplay between ICT, IoT, and application security in the casino context.","updated_timestamp":{"seconds":1722457116,"nanoseconds":0},"speakers":[{"content_ids":[55727,55760],"conference_id":133,"event_ids":[56235,56285],"name":"Tennisha Martin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56089},{"content_ids":[55727],"conference_id":133,"event_ids":[56235],"name":"Aleise McGowan","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56101}],"begin_tsz":"2024-08-09T17:15:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T20:18:36Z","links":[],"end":"2024-08-09T17:45:00.000-0000","id":56235,"tag_ids":[46370,46511],"village_id":null,"begin_timestamp":{"seconds":1723223700,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56101},{"tag_id":46167,"sort_order":1,"person_id":56089}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV Main Stage","hotel":"","short_name":"ASV Main Stage","id":46464},"spans_timebands":"N","begin":"2024-08-09T17:15:00.000-0000","updated":"2024-07-31T20:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Find out how to participate in the Payment Village CTF\n\n\n","media":[],"title":"Introduction to Payment Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:20:00Z","end_timestamp":{"seconds":1723224000,"nanoseconds":0},"android_description":"Find out how to participate in the Payment Village CTF","updated_timestamp":{"seconds":1722356274,"nanoseconds":0},"speakers":[{"content_ids":[55566,55567,55568],"conference_id":133,"event_ids":[56081,56082,56089,56091,56092],"name":"Leigh-Anne Galloway","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"UNDERLE LTD","title":"Director of Research"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/leighannegalloway/"},{"description":"","title":"Twitter (@L_Agalloway)","sort_order":0,"url":"https://twitter.com/L_Agalloway"}],"media":[],"id":56039,"title":"Director of Research at UNDERLE LTD"}],"begin_tsz":"2024-08-09T17:15:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T16:17:54Z","links":[],"end":"2024-08-09T17:20:00.000-0000","id":56082,"tag_ids":[46386,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723223700,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56039}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-09T17:15:00.000-0000","updated":"2024-07-30T16:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"60 seconds. 1 minute.\n\nThat's all it takes for an attacker to compromise an account with access.\nAnd the account doesn't even need to have obvious privileged rights for the attacker to own the cloud environment.\n\nThen, once they get Global Admin rights to Azure AD/Entra ID, it's game over since they have full admin rights, access to all data, and can easily pivot to control all Azure subscription services and content.\n\nThis talk walks through the most common ways that attackers compromise the Microsoft Cloud, specifically Azure AD/Entra ID and how to mitigate these attack techniques.\n\nJoin me in this journey of attacker methods involving account compromise of admin and user accounts, including interesting pairing of role rights, application permissions, and Conditional Access gaps.\n\nSo go beyond Global Administrator to better understand the Entra ID roles that really matter in the tenant and how application permissions provide attacker opportunity in most environments!\n\nAttendees will learn both Azure AD/Entra ID attack and defense during this session.\n\n\n","media":[],"title":"Gone in 60 Seconds… How Azure AD/Entra ID Tenants are Compromised","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:50:00Z","end_timestamp":{"seconds":1723225800,"nanoseconds":0},"android_description":"60 seconds. 1 minute.\n\nThat's all it takes for an attacker to compromise an account with access.\nAnd the account doesn't even need to have obvious privileged rights for the attacker to own the cloud environment.\n\nThen, once they get Global Admin rights to Azure AD/Entra ID, it's game over since they have full admin rights, access to all data, and can easily pivot to control all Azure subscription services and content.\n\nThis talk walks through the most common ways that attackers compromise the Microsoft Cloud, specifically Azure AD/Entra ID and how to mitigate these attack techniques.\n\nJoin me in this journey of attacker methods involving account compromise of admin and user accounts, including interesting pairing of role rights, application permissions, and Conditional Access gaps.\n\nSo go beyond Global Administrator to better understand the Entra ID roles that really matter in the tenant and how application permissions provide attacker opportunity in most environments!\n\nAttendees will learn both Azure AD/Entra ID attack and defense during this session.","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[{"content_ids":[55477],"conference_id":133,"event_ids":[55906],"name":"Sean Metcalf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"PyroTek3","sort_order":0,"url":"https://PyroTek3"}],"media":[],"id":56000}],"begin_tsz":"2024-08-09T17:10:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T17:50:00.000-0000","id":55906,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723223400,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56000}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T17:10:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Quantum computing harnesses the laws of nature to solve problems that are infeasible on conventional computers, such as integer factorization, which has applications in cryptography, or analyzing properties of molecules and chemical reactions. \r\n\r\nIn this workshop, you will learn the basics of quantum computing and quantum programming using Q# programming language and Azure Quantum Development Kit. You will learn enough to write your first quantum programs — quantum random number generator and Deutsch-Jozsa algorithm — an algorithm that is exponentially faster than any deterministic classical algorithm for that problem. HINT - for those looking to compete in the Quantum CTF, Mariia’s talk will be very useful indeed!!\n\n\n","media":[],"title":"Intro to Quantum with Q#","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:25:00Z","end_timestamp":{"seconds":1723227900,"nanoseconds":0},"android_description":"Quantum computing harnesses the laws of nature to solve problems that are infeasible on conventional computers, such as integer factorization, which has applications in cryptography, or analyzing properties of molecules and chemical reactions. \r\n\r\nIn this workshop, you will learn the basics of quantum computing and quantum programming using Q# programming language and Azure Quantum Development Kit. You will learn enough to write your first quantum programs — quantum random number generator and Deutsch-Jozsa algorithm — an algorithm that is exponentially faster than any deterministic classical algorithm for that problem. HINT - for those looking to compete in the Quantum CTF, Mariia’s talk will be very useful indeed!!","updated_timestamp":{"seconds":1722626493,"nanoseconds":0},"speakers":[{"content_ids":[55841,56226],"conference_id":133,"event_ids":[56884,56428],"name":"Mariia Mykhailova","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56218}],"begin_tsz":"2024-08-09T17:05:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:21:33Z","links":[],"end":"2024-08-09T18:25:00.000-0000","id":56428,"tag_ids":[46389,46511],"village_id":null,"begin_timestamp":{"seconds":1723223100,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56218}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-09T17:05:00.000-0000","updated":"2024-08-02T19:21:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Brief overview of what the Voting Village is, it’s mission, it’s goals, and it’s history.\n\n\n","media":[],"title":"What is the Voting Village?","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:45:00Z","end_timestamp":{"seconds":1723225500,"nanoseconds":0},"android_description":"Brief overview of what the Voting Village is, it’s mission, it’s goals, and it’s history.","updated_timestamp":{"seconds":1723183538,"nanoseconds":0},"speakers":[{"content_ids":[56200,56182,56192],"conference_id":133,"event_ids":[56836,56846,56854],"name":"Catherine Terranova","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/catherine-terranova-8b209826a"},{"description":"","title":"Twitter (@catlovesvoting)","sort_order":0,"url":"https://twitter.com/catlovesvoting"},{"description":"","title":"Website","sort_order":0,"url":"https://votingvillage.org"}],"media":[],"id":56563},{"content_ids":[56182,56193,56192],"conference_id":133,"event_ids":[56836,56846,56847],"name":"Harri Hursti","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/hhursti"},{"description":"","title":"Twitter (@harrihursti)","sort_order":0,"url":"https://twitter.com/harrihursti"},{"description":"","title":"Website","sort_order":0,"url":"https://votingvillage.org"}],"media":[],"id":56570},{"content_ids":[56182,56192],"conference_id":133,"event_ids":[56836,56846],"name":"Matt Blaze","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@mattblaze)","sort_order":0,"url":"https://twitter.com/mattblaze"},{"description":"","title":"Website","sort_order":0,"url":"https://votingvillage.org"}],"media":[],"id":56577}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:05:38Z","links":[],"end":"2024-08-09T17:45:00.000-0000","id":56836,"tag_ids":[46396,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56563},{"tag_id":46167,"sort_order":4,"person_id":56577},{"tag_id":46167,"sort_order":6,"person_id":56570}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W223-W224","hotel":"","short_name":"W223-W224","id":46289},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-09T06:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Experts have long agreed that secure internet voting in public elections is not feasible with today's technology, nor with any technologies of the foreseeable future. The challenges are numerous, including many fundamental threats such as vulnerability to malicious clients, authentication attacks, privacy attacks, network and Internet infrastructure attacks, server penetration attacks, and various kinds of denial of service attacks. Internet voting systems also suffer from a lack of any meaningful end-to-end auditability. In this hacking challenge, we will set aside these broader concerns to focus on a specific proposed internet voting system called SIV (Secure Internet Voting) intended for real public elections in the United States. They are conducting a mock online election this week with the specific goal of challenging anyone to break their system.\n\n\n","media":[],"title":"SIV Internet Voting Hacking Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"Experts have long agreed that secure internet voting in public elections is not feasible with today's technology, nor with any technologies of the foreseeable future. The challenges are numerous, including many fundamental threats such as vulnerability to malicious clients, authentication attacks, privacy attacks, network and Internet infrastructure attacks, server penetration attacks, and various kinds of denial of service attacks. Internet voting systems also suffer from a lack of any meaningful end-to-end auditability. In this hacking challenge, we will set aside these broader concerns to focus on a specific proposed internet voting system called SIV (Secure Internet Voting) intended for real public elections in the United States. They are conducting a mock online election this week with the specific goal of challenging anyone to break their system.","updated_timestamp":{"seconds":1723212527,"nanoseconds":0},"speakers":[{"content_ids":[56181],"conference_id":133,"event_ids":[56835],"name":"SIV","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Website","sort_order":0,"url":"https://hack.siv.org/"}],"media":[],"id":56583}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T14:08:47Z","links":[{"label":"Website","type":"link","url":"http://hack.siv.org/"}],"end":"2024-08-11T20:00:00.000-0000","id":56835,"tag_ids":[46396,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56583}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"Y","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-09T14:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Physical Security Village explores the world of hardware bypasses and techniques generally outside of the realm of cyber-security and lockpicking. Come learn some of these bypasses, how to fix them, and have the opportunity to try them out for yourself. \r\n\r\nWe’ll be covering the basics, like the under-the-door-tool and latch slipping attacks, as well as an in depth look at more complicated bypasses. Learn about elevator hacking, attacking alarm systems at the sensor and communication line, and cut-away and display models of common hardware to show how it works on the inside. \r\n\r\nLooking for a challenge? Show us you can use lock bypass to escape from a pair of standard handcuffs in under 30 seconds and receive a prize!\n\n\n","media":[],"title":"Physical Security Village Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The Physical Security Village explores the world of hardware bypasses and techniques generally outside of the realm of cyber-security and lockpicking. Come learn some of these bypasses, how to fix them, and have the opportunity to try them out for yourself. \r\n\r\nWe’ll be covering the basics, like the under-the-door-tool and latch slipping attacks, as well as an in depth look at more complicated bypasses. Learn about elevator hacking, attacking alarm systems at the sensor and communication line, and cut-away and display models of common hardware to show how it works on the inside. \r\n\r\nLooking for a challenge? Show us you can use lock bypass to escape from a pair of standard handcuffs in under 30 seconds and receive a prize!","updated_timestamp":{"seconds":1723044549,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T15:29:09Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56819,"tag_ids":[46387,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-03","hotel":"","short_name":"HW2-08-03","id":46342},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-07T15:29:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In addition to the CTF and talks which are elsewhere on the schedule, the RF Village is also a place to hang out and chat with like minded folks who share your interests.\n\n\n","media":[],"title":"Radio Frequency Village Events","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"In addition to the CTF and talks which are elsewhere on the schedule, the RF Village is also a place to hang out and chat with like minded folks who share your interests.","updated_timestamp":{"seconds":1722874415,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-05T16:13:35Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56766,"tag_ids":[46390,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-05T16:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this game capture the flag you will be presented with real configurations of real wireless and radio technologies to attack. Practice your skill and learn new ones from Radio Frequency IDentification (RFID) through Software Defined Radio (SDR) and up to Bluetooth and WiFi. There may even be Infrared, if you have the eye for it.\r\n\r\nRF Hackers Sanctuary is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 32. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\r\n\r\nWe cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\r\n\r\nThis game doesn’t let you sit still either, as there are numerous fox hunts, testing your skill in tracking various signals. If running around the conference looking for WiFi, Bluetooth, or even a Tire Pressure Monitoring System (TPMS) device sounds like fun, we are your source of a higher step count.\r\n\r\nThere will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.\n\n\n","media":[{"hash_sha256":"5f981ba5433d67bf2f8834a45bb258444769b295ae92186f2f68a4af3895f9c6","filetype":"image/png","hash_md5":"72e07d62ad0bbc2e291d84f343f14ae7","name":"ct_rfhs.png","is_logo":"Y","hash_crc32c":"5c2623fd","filesize":55723,"asset_id":657,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_rfhs.png"}],"title":"Radio Frequency Capture the Flag","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T20:00:00Z","end_timestamp":{"seconds":1723406400,"nanoseconds":0},"android_description":"In this game capture the flag you will be presented with real configurations of real wireless and radio technologies to attack. Practice your skill and learn new ones from Radio Frequency IDentification (RFID) through Software Defined Radio (SDR) and up to Bluetooth and WiFi. There may even be Infrared, if you have the eye for it.\r\n\r\nRF Hackers Sanctuary is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 32. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\r\n\r\nWe cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\r\n\r\nThis game doesn’t let you sit still either, as there are numerous fox hunts, testing your skill in tracking various signals. If running around the conference looking for WiFi, Bluetooth, or even a Tire Pressure Monitoring System (TPMS) device sounds like fun, we are your source of a higher step count.\r\n\r\nThere will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.","updated_timestamp":{"seconds":1722114431,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-27T21:07:11Z","links":[{"label":"Website","type":"link","url":"https://rfhackers.com"},{"label":"Scoreboard","type":"link","url":"https://scoreboard.rfhackers.com/"}],"end":"2024-08-11T20:00:00.000-0000","id":56765,"tag_ids":[46390,46439,46742],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"Y","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-27T21:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Hardware Hacking and Soldering Skills Village Open (HHV-SSV)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722822007,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-05T01:40:07Z","links":[{"label":"Website","type":"link","url":"https://dchhv.org"}],"end":"2024-08-10T01:00:00.000-0000","id":56757,"tag_ids":[46381,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-05T01:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"To celebrate DEF CON 32, the Hardware Hacking Village (HHV) is hosting a Rube Goldberg Machine (RGM) Event! This idea has been kicking around the HHV volunteer circle in one shape or another since at least DEF CON 20, so it’s about time that it happened! The goal is to create a series of devices that combine to form an end-to-end Rube Goldberg machine for transmitting messages. The hope is that all sorts of creative devices will be connected up to each other to move bits through various complicated and fun analog/digital methods. Ideas have ranged from simply wiring RX to TX — to using radios to bounce the message off the moon!\n\n\n","media":[],"title":"HHV Rube Goldberg Machine","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"To celebrate DEF CON 32, the Hardware Hacking Village (HHV) is hosting a Rube Goldberg Machine (RGM) Event! This idea has been kicking around the HHV volunteer circle in one shape or another since at least DEF CON 20, so it’s about time that it happened! The goal is to create a series of devices that combine to form an end-to-end Rube Goldberg machine for transmitting messages. The hope is that all sorts of creative devices will be connected up to each other to move bits through various complicated and fun analog/digital methods. Ideas have ranged from simply wiring RX to TX — to using radios to bounce the message off the moon!","updated_timestamp":{"seconds":1722821818,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-05T01:36:58Z","links":[{"label":"More Info","type":"link","url":"https://dchhv.org/events/hhv_rgb.html"}],"end":"2024-08-10T01:00:00.000-0000","id":56756,"tag_ids":[46381,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-05T01:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you have never participated in a Robo Sumo event before, welcome to the crowd! There are a number of resources online on this topic. We are lucky enough to have Pololu as a local resource. Their office is a short distance from the strip. They have have robots and parts to make robots. They can ship to your hotel if desired. Put something together and bring it down to show off and shove other bots around.\r\n\r\nPlease follow the \"more info\" link if you would like to know more.\n\n\n","media":[],"title":"Robo Sumo","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"If you have never participated in a Robo Sumo event before, welcome to the crowd! There are a number of resources online on this topic. We are lucky enough to have Pololu as a local resource. Their office is a short distance from the strip. They have have robots and parts to make robots. They can ship to your hotel if desired. Put something together and bring it down to show off and shove other bots around.\r\n\r\nPlease follow the \"more info\" link if you would like to know more.","updated_timestamp":{"seconds":1722821775,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-05T01:36:15Z","links":[{"label":"More Info","type":"link","url":"https://dchhv.org/events/robosumo.html"}],"end":"2024-08-10T01:00:00.000-0000","id":56755,"tag_ids":[46381,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-05T01:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Welcome to the inaugural GameHacking.GG @ DEF CON 32, where gaming and cybersecurity intersect in exciting and interactive ways. Our mission is to delve into various aspects of game security, fostering an environment of exploration, play, and learning. The DEFCON32 event is constructed to make game security accessible and playable at all skill levels. \r\n\r\nAt the Game Hacking DEF CON 32 event, participants can engage in activities ranging from modding games to exploring the intricacies of memory hacking and multiplayer cheats. In future iterations of the event we hope to expand to learning about game malware and maybe even some hardware hacks. Whether you're a beginner or an experienced hacker, we will have presentations and activities to challenge your skills.\r\n\r\nBe part of the evolution of game security. Dive into our activities, engage with other game hackers, and explore opportunities to contribute to and support the Game Hacking Community. Let’s play, learn, exploit, and perhaps even profit.\n\n\n","media":[],"title":"Game Hacking Community Activities & CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Welcome to the inaugural GameHacking.GG @ DEF CON 32, where gaming and cybersecurity intersect in exciting and interactive ways. Our mission is to delve into various aspects of game security, fostering an environment of exploration, play, and learning. The DEFCON32 event is constructed to make game security accessible and playable at all skill levels. \r\n\r\nAt the Game Hacking DEF CON 32 event, participants can engage in activities ranging from modding games to exploring the intricacies of memory hacking and multiplayer cheats. In future iterations of the event we hope to expand to learning about game malware and maybe even some hardware hacks. Whether you're a beginner or an experienced hacker, we will have presentations and activities to challenge your skills.\r\n\r\nBe part of the evolution of game security. Dive into our activities, engage with other game hackers, and explore opportunities to contribute to and support the Game Hacking Community. Let’s play, learn, exploit, and perhaps even profit.","updated_timestamp":{"seconds":1722815557,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-04T23:52:37Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56751,"tag_ids":[46402,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-03","hotel":"","short_name":"HW4-01-03","id":46275},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-04T23:52:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Lonely Hackers Club is conducting some meshtastic activities during DEF CON 32. \r\n\r\nThe Lonely Hackers Club is hosting a CTF over Meshtastic. To participate you will need a Meshtastic node. There will be additional flags located in or near the LHC room. For more information check out our [Meshtastic page](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Getting Started\r\n\r\nLearn more [here](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Default LongFast Mesh + LHC Channel, Use before DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CgcSAQE6AgggChcSEMSWXxEzf_LVVi5jI8UQhWUaA2xoYxIMCAE4AUADSAFQHmgB)\r\n\r\n## DEFCONnect ShortFast Mesh + LHC Channel, Use during DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CjISIDhLvMAdwCLRgb82uGEh4fuWty5Vv3Qifp1q-0jWTLGhGgpERUZDT05uZWN0OgIIDQoXEhDEll8RM3_y1VYuYyPFEIVlGgNsaGMSEQgBEAY4AUADSAFQHmgBwAYB)\r\n\n\n\n","media":[],"title":"LHC Meshtastic Activities and CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Lonely Hackers Club is conducting some meshtastic activities during DEF CON 32. \r\n\r\nThe Lonely Hackers Club is hosting a CTF over Meshtastic. To participate you will need a Meshtastic node. There will be additional flags located in or near the LHC room. For more information check out our [Meshtastic page](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Getting Started\r\n\r\nLearn more [here](https://lonelyhackers.club/meshtastic/).\r\n\r\n## Default LongFast Mesh + LHC Channel, Use before DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CgcSAQE6AgggChcSEMSWXxEzf_LVVi5jI8UQhWUaA2xoYxIMCAE4AUADSAFQHmgB)\r\n\r\n## DEFCONnect ShortFast Mesh + LHC Channel, Use during DEF CON\r\n\r\n[Tap here to reconfigure your device](https://meshtastic.org/e/#CjISIDhLvMAdwCLRgb82uGEh4fuWty5Vv3Qifp1q-0jWTLGhGgpERUZDT05uZWN0OgIIDQoXEhDEll8RM3_y1VYuYyPFEIVlGgNsaGMSEQgBEAY4AUADSAFQHmgBwAYB)","updated_timestamp":{"seconds":1722875831,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-05T16:37:11Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56748,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-05T16:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"\"Tamper-evident\" refers to a physical security technology that provides evidence of tampering (access, damage, repair, or replacement) to determine authenticity or integrity of a container or object(s). In practical terms, this can be a piece of tape that closes an envelope, a plastic detainer that secures a hasp, or an ink used to identify a legitimate document. Tamper-evident technologies are often confused with \"tamper resistant\" or \"tamper proof\" technologies which attempt to prevent tampering in the first place. Referred to individually as \"seals,\" many tamper technologies are easy to destroy, but a destroyed (or missing) seal would provide evidence of tampering! The goal of the TEV is to teach attendees how these technologies work and how many can be tampered with without leaving evidence.\r\n\r\nThe Tamper-Evident Village includes the following contests and events:\r\n\r\n- The Box; an electronic tamper challenge. An extremely realistic explosive with traps, alarms, and a timer ticking down. One mistake and BOOM, you're dead. Make every second count! Sign ups on-site when the TEV begins.\r\n- Tamper-Evident King of the Hill; a full-featured tamper challenge. Tamper single items at your leisure and attempt to beat the current best. There can be only ONE! No sign ups required, play on-site when the TEV begins.\r\n- Badge Counterfeiting Contest; submit your best forgery of a DEF CON human badge. Other target badges are also available for those looking for more counterfeit fun!\r\n- For your viewing pleasure, collections of high-security tamper-evident seals from around the world.\r\n- Presentations & demonstrations on various aspects of tamper-evident seals and methods to defeat them.\r\n- Hands-on fun with adhesive seals, mechanical seals, envelopes, and evidence bags.\n\n\n","media":[],"title":"Tamper Evident Village Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"\"Tamper-evident\" refers to a physical security technology that provides evidence of tampering (access, damage, repair, or replacement) to determine authenticity or integrity of a container or object(s). In practical terms, this can be a piece of tape that closes an envelope, a plastic detainer that secures a hasp, or an ink used to identify a legitimate document. Tamper-evident technologies are often confused with \"tamper resistant\" or \"tamper proof\" technologies which attempt to prevent tampering in the first place. Referred to individually as \"seals,\" many tamper technologies are easy to destroy, but a destroyed (or missing) seal would provide evidence of tampering! The goal of the TEV is to teach attendees how these technologies work and how many can be tampered with without leaving evidence.\r\n\r\nThe Tamper-Evident Village includes the following contests and events:\r\n\r\n- The Box; an electronic tamper challenge. An extremely realistic explosive with traps, alarms, and a timer ticking down. One mistake and BOOM, you're dead. Make every second count! Sign ups on-site when the TEV begins.\r\n- Tamper-Evident King of the Hill; a full-featured tamper challenge. Tamper single items at your leisure and attempt to beat the current best. There can be only ONE! No sign ups required, play on-site when the TEV begins.\r\n- Badge Counterfeiting Contest; submit your best forgery of a DEF CON human badge. Other target badges are also available for those looking for more counterfeit fun!\r\n- For your viewing pleasure, collections of high-security tamper-evident seals from around the world.\r\n- Presentations & demonstrations on various aspects of tamper-evident seals and methods to defeat them.\r\n- Hands-on fun with adhesive seals, mechanical seals, envelopes, and evidence bags.","updated_timestamp":{"seconds":1722801725,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-04T20:02:05Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56745,"tag_ids":[46394,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-04T20:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Welcome to the 11th CPV at DEF CON! This will be the absolute fastest state of the village sharing talks for the day, plus what's available at the village.\n\n\n","media":[],"title":"CPV: Day 1 Welcome","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:02:00Z","end_timestamp":{"seconds":1723222920,"nanoseconds":0},"android_description":"Welcome to the 11th CPV at DEF CON! This will be the absolute fastest state of the village sharing talks for the day, plus what's available at the village.","updated_timestamp":{"seconds":1722725815,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T22:56:55Z","links":[],"end":"2024-08-09T17:02:00.000-0000","id":56619,"tag_ids":[46377,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-02","hotel":"","short_name":"HW2-09-02","id":46263},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T22:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Adversary Village keynote kick-off panel","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1723217383,"nanoseconds":0},"speakers":[{"content_ids":[54555,54470,55984,55899],"conference_id":133,"event_ids":[56606,56486,54843,54930],"name":"Vivek Ramachandran","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SquareX","title":"Founder"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/vivekramachandran/"},{"description":"","title":"Twitter (@vivekramac)","sort_order":0,"url":"https://x.com/vivekramac"}],"media":[],"id":54075,"title":"Founder at SquareX"},{"content_ids":[54593,55984],"conference_id":133,"event_ids":[56606,54968],"name":"Ken Kato","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Omni Federal","title":"VP"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/devsecops-kkato/"},{"description":"","title":"Twitter (@CyberCalyx)","sort_order":0,"url":"https://x.com/CyberCalyx"}],"media":[],"id":54207,"title":"VP at Omni Federal"},{"content_ids":[54593,55984],"conference_id":133,"event_ids":[56606,54968],"name":"Abhijith “Abx” B R","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/abhijith-b-r/"},{"description":"","title":"Twitter (@abhijithbr)","sort_order":0,"url":"https://twitter.com/abhijithbr"},{"description":"","title":"adversaryvillage.org","sort_order":0,"url":"https://adversaryvillage.org"}],"media":[],"id":54209},{"content_ids":[54584,55984],"conference_id":133,"event_ids":[56606,54959],"name":"Bryson Bort ","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54266},{"content_ids":[55984],"conference_id":133,"event_ids":[56606],"name":"Sanne Maasakkers","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Mandiant","title":"Threat Intel"}],"links":[],"pronouns":null,"media":[],"id":56597,"title":"Threat Intel at Mandiant"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T15:29:43Z","links":[],"end":"2024-08-09T18:00:00.000-0000","id":56606,"tag_ids":[46367,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46487,"sort_order":2,"person_id":54209},{"tag_id":46487,"sort_order":4,"person_id":54266},{"tag_id":46487,"sort_order":6,"person_id":54207},{"tag_id":46487,"sort_order":8,"person_id":54075},{"tag_id":46487,"sort_order":10,"person_id":56597}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV stage","hotel":"","short_name":"ADV stage","id":46477},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-09T15:29:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This area will feature guided breach simulation exercises for participants to engage with. There will be two activities, \"Breach-the-Hospital\" and \"Breach-the-Office,\" based on two LEGO sets. A simulated cyber range will be available for each scenario, providing an exact replica of an enterprise production environment. We will provide a detailed walkthrough of the attack scenarios, including Tools-Techniques-and-Procedures (TTPs) commands and how-to guides, demonstrating how to atatck and breach the hospital's infrastructure or the office environment. This exercise will give participants a clear understanding of how adversaries infiltrate corporate environments.\n\n\n","media":[],"title":"Hands-on Attack and Breach Simulation exercises","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"This area will feature guided breach simulation exercises for participants to engage with. There will be two activities, \"Breach-the-Hospital\" and \"Breach-the-Office,\" based on two LEGO sets. A simulated cyber range will be available for each scenario, providing an exact replica of an enterprise production environment. We will provide a detailed walkthrough of the attack scenarios, including Tools-Techniques-and-Procedures (TTPs) commands and how-to guides, demonstrating how to atatck and breach the hospital's infrastructure or the office environment. This exercise will give participants a clear understanding of how adversaries infiltrate corporate environments.","updated_timestamp":{"seconds":1722714024,"nanoseconds":0},"speakers":[{"content_ids":[55981,55982,55983,55994],"conference_id":133,"event_ids":[56597,56598,56599,56600,56601,56602,56603,56604,56605,56616],"name":"Adversary Village Crew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56320}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T19:40:24Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56599,"tag_ids":[46367,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56320}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV Hands-on Area","hotel":"","short_name":"ADV Hands-on Area","id":46478},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T19:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Adversary Adventure is a Choose-Your-Own-Adventure model interactive table-top exercise game, where everyone can participate and choose various tasks. The participants can choose to play as an attacker who performs adversarial activities against a target, a defender who deals with a potential breach, as a CISO who is managing a ransomware attack, or even as management executives going through a table-top exercise.\n\n\n","media":[],"title":"Adversary-Adventure Table-top Game","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Adversary Adventure is a Choose-Your-Own-Adventure model interactive table-top exercise game, where everyone can participate and choose various tasks. The participants can choose to play as an attacker who performs adversarial activities against a target, a defender who deals with a potential breach, as a CISO who is managing a ransomware attack, or even as management executives going through a table-top exercise.","updated_timestamp":{"seconds":1722714013,"nanoseconds":0},"speakers":[{"content_ids":[55981,55982,55983,55994],"conference_id":133,"event_ids":[56597,56598,56599,56600,56601,56602,56603,56604,56605,56616],"name":"Adversary Village Crew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56320}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T19:40:13Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56598,"tag_ids":[46367,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56320}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV Hands-on Area","hotel":"","short_name":"ADV Hands-on Area","id":46478},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T19:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Adversary Simulator booth is a volunteer assisted activity, which has hands-on adversary emulation plans and exercises specific to a wide variety of threat-actors; these are meant to provide the participants with a better understanding of adversarial attack emulation. The booth will be hosting a simulated environment meant to recreate enterprise infrastructure, operational technology environment, which serves targets for various attack simulations.The hands-on simulator booth also hosts an activity, which would need the participants to generate their own adversary emulation plans to assess the efficacy of the defense systems based on publicly available cyber threat intelligence.\n\n\n","media":[],"title":"Adversary simulator and purple teaming hands-on booth","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Adversary Simulator booth is a volunteer assisted activity, which has hands-on adversary emulation plans and exercises specific to a wide variety of threat-actors; these are meant to provide the participants with a better understanding of adversarial attack emulation. The booth will be hosting a simulated environment meant to recreate enterprise infrastructure, operational technology environment, which serves targets for various attack simulations.The hands-on simulator booth also hosts an activity, which would need the participants to generate their own adversary emulation plans to assess the efficacy of the defense systems based on publicly available cyber threat intelligence.","updated_timestamp":{"seconds":1722713994,"nanoseconds":0},"speakers":[{"content_ids":[55981,55982,55983,55994],"conference_id":133,"event_ids":[56597,56598,56599,56600,56601,56602,56603,56604,56605,56616],"name":"Adversary Village Crew","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56320}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T19:39:54Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56597,"tag_ids":[46367,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56320}],"tags":"","conference_id":133,"location":{"parent_id":46372,"name":"ADV Hands-on Area","hotel":"","short_name":"ADV Hands-on Area","id":46478},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T19:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The S.O.D.A. Machine Experience:\r\n\r\nImagine being at DEF CON, eager to dive into some serious hacking without being tethered to your laptop. The Shell On Demand Appliance is here to enhance your experience by providing access to anonymous virtual machine using cold hard cash. \r\n\r\nWhat is the Shell On Demand Appliance?\r\n\r\nThe S.O.D.A. machine is now located in the contest area at the DEF CON Scavenger Hunt booth, offering virtual machines accessible via the DEF CON network. A blend of hardware, software, art, and hacking, using recycled materials to create a sustainable tech experience. The built-in datacenter connects directly to the DEF CON network. Insert cash or coins into the machine to get started, the system deploys the VM to the network, and a receipt with your login credentials is printed. Users receive login credentials to access their virtual machine via remote shell. You can change the password, install tools and applications, and customize the VM to suit your needs. The updated system now provides secure access from anywhere in the world through a web browser or standard SSH client. Be sure to check out the BBS too!\r\n\r\nSupporting the Cause:\r\n\r\nAll proceeds from the S.O.D.A. Machine benefit the National Upcycled Computing Collective, Inc., a 501(c)(3) nonprofit organization dedicated to advancing research and education in computer science, technology, and engineering. Contributions are welcome at [https://www.paypal.com/paypalme/NUCC](https://www.paypal.com/paypalme/NUCC).\n\n\n","media":[],"title":"Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The S.O.D.A. Machine Experience:\r\n\r\nImagine being at DEF CON, eager to dive into some serious hacking without being tethered to your laptop. The Shell On Demand Appliance is here to enhance your experience by providing access to anonymous virtual machine using cold hard cash. \r\n\r\nWhat is the Shell On Demand Appliance?\r\n\r\nThe S.O.D.A. machine is now located in the contest area at the DEF CON Scavenger Hunt booth, offering virtual machines accessible via the DEF CON network. A blend of hardware, software, art, and hacking, using recycled materials to create a sustainable tech experience. The built-in datacenter connects directly to the DEF CON network. Insert cash or coins into the machine to get started, the system deploys the VM to the network, and a receipt with your login credentials is printed. Users receive login credentials to access their virtual machine via remote shell. You can change the password, install tools and applications, and customize the VM to suit your needs. The updated system now provides secure access from anywhere in the world through a web browser or standard SSH client. Be sure to check out the BBS too!\r\n\r\nSupporting the Cause:\r\n\r\nAll proceeds from the S.O.D.A. Machine benefit the National Upcycled Computing Collective, Inc., a 501(c)(3) nonprofit organization dedicated to advancing research and education in computer science, technology, and engineering. Contributions are welcome at [https://www.paypal.com/paypalme/NUCC](https://www.paypal.com/paypalme/NUCC).","updated_timestamp":{"seconds":1722781910,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-04T14:31:50Z","links":[{"label":"Mastodon (@soda@defcon.social)","type":"link","url":"https://defcon.social/@soda"},{"label":"Twitter (@ShellsOnDemand)","type":"link","url":"https://twitter.com/ShellsOnDemand"}],"end":"2024-08-10T01:00:00.000-0000","id":56596,"tag_ids":[46362,46427],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-02","hotel":"","short_name":"HW4-03-02","id":46369},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-04T14:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"En este panel se abordará las oportunidades y desafíos que enfrentan los profesionales latinos en el campo de la ciberseguridad fuera de América Latina. Adicionalmente estudiaremos las estrategias para destacar en mercados internacionales, las habilidades clave necesarias y las redes de apoyo que pueden ayudar a los latinos a prosperar en esta industria en constante evolución. Además, se discutirán experiencias personales y consejos prácticos para navegar en entornos multiculturales y globales. Únete a nosotros para aprender cómo los latinos pueden hacer una diferencia significativa en el panorama global de la ciberseguridad.\n\n\n","media":[],"title":"Be Latino in Cybersecurity on markets outside LATAM","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"En este panel se abordará las oportunidades y desafíos que enfrentan los profesionales latinos en el campo de la ciberseguridad fuera de América Latina. Adicionalmente estudiaremos las estrategias para destacar en mercados internacionales, las habilidades clave necesarias y las redes de apoyo que pueden ayudar a los latinos a prosperar en esta industria en constante evolución. Además, se discutirán experiencias personales y consejos prácticos para navegar en entornos multiculturales y globales. Únete a nosotros para aprender cómo los latinos pueden hacer una diferencia significativa en el panorama global de la ciberseguridad.","updated_timestamp":{"seconds":1722700537,"nanoseconds":0},"speakers":[{"content_ids":[55290,55309,55957,55274],"conference_id":133,"event_ids":[55699,56573,55664,55680],"name":"Omar Santos","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@santosomar)","sort_order":0,"url":"https://twitter.com/santosomar"}],"media":[],"id":55860},{"content_ids":[55306,55904,55965,55957],"conference_id":133,"event_ids":[56573,56581,55696,56491],"name":"Lenin Alevski","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Security Engineer"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/alevsk/"},{"description":"","title":"Twitter (@alevsk)","sort_order":0,"url":"https://twitter.com/alevsk"},{"description":"","title":"Website","sort_order":0,"url":"https://www.alevsk.com/"}],"media":[],"id":55862,"title":"Security Engineer at Google"},{"content_ids":[55957],"conference_id":133,"event_ids":[56573],"name":"Salvador Mendonza","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56292},{"content_ids":[55957],"conference_id":133,"event_ids":[56573],"name":"Guillermo Buendia","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56315},{"content_ids":[55957],"conference_id":133,"event_ids":[56573],"name":"Alan Villaseñor","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56316}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T15:55:37Z","links":[],"end":"2024-08-09T18:00:00.000-0000","id":56573,"tag_ids":[46405,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56292},{"tag_id":46167,"sort_order":4,"person_id":55862},{"tag_id":46167,"sort_order":6,"person_id":55860},{"tag_id":46167,"sort_order":8,"person_id":56316},{"tag_id":46167,"sort_order":10,"person_id":56315}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W235","hotel":"","short_name":"W235","id":46292},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T15:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is when you can go visit our awesome vendors. \r\n\r\nWe don't know which they will be accepting cash vs cards. That's up to each organization, and we do not have a list.\r\n\r\nWe also don't know if/when vendors will sell out of anything they may be selling.\n\n\n","media":[],"title":"Vendors and Exhibitors Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"This is when you can go visit our awesome vendors. \r\n\r\nWe don't know which they will be accepting cash vs cards. That's up to each organization, and we do not have a list.\r\n\r\nWe also don't know if/when vendors will sell out of anything they may be selling.","updated_timestamp":{"seconds":1722692937,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T13:48:57Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56570,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T13:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hack a (not-so) smart safe and win prizes from TCM Security! Attendees will be guided through a hands-on lab that demonstrates common tools and techniques to unpack and analyze firmware, hunt for files of interest, and reverse engineer binaries and libraries. In addition, you will learn how to trace functionality in IoT devices to their underlying binaries and libraries and further reverse engineer these to hunt for common vulnerabilities. By using these techniques, you will be able to find the vulnerable section of code in the smart safe and craft an exploit that will allow you to access the safe and win the loot inside.\n\n\n","media":[],"title":"Safe Hacking","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Hack a (not-so) smart safe and win prizes from TCM Security! Attendees will be guided through a hands-on lab that demonstrates common tools and techniques to unpack and analyze firmware, hunt for files of interest, and reverse engineer binaries and libraries. In addition, you will learn how to trace functionality in IoT devices to their underlying binaries and libraries and further reverse engineer these to hunt for common vulnerabilities. By using these techniques, you will be able to find the vulnerable section of code in the smart safe and craft an exploit that will allow you to access the safe and win the loot inside.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56520,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Intuit R3DC0N's Phisherman's Wharf will lead beginners looking to learn how phishing campaigns are managed. This short introductory lab will give you hands on experience creating a phish test campaign from a cached email and web site using GoPhish, leverage email lists, and observe the responses when the victims interact with the phish emails in MailHog.\n\nAccompanied by our expert guide, witness live hacking demonstrations showcasing the alarming simplicity behind breaching and controlling banned xIoT devices. Embrace the excitement. Join us at the Lab and let the hacking games begin!\n\n\n","media":[],"title":"Phisherman's Wharf - Phishing for Beginners","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Intuit R3DC0N's Phisherman's Wharf will lead beginners looking to learn how phishing campaigns are managed. This short introductory lab will give you hands on experience creating a phish test campaign from a cached email and web site using GoPhish, leverage email lists, and observe the responses when the victims interact with the phish emails in MailHog.\n\nAccompanied by our expert guide, witness live hacking demonstrations showcasing the alarming simplicity behind breaching and controlling banned xIoT devices. Embrace the excitement. Join us at the Lab and let the hacking games begin!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56519,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join Drew Green, John Rodriguez, and Ken Pyle for a deep dive into identifying vulnerabilities in network devices. Explore and exploit weaknesses in a wireless mesh network and learn how advanced threats view your infrastructure.\n\n\n","media":[],"title":"Living off the Land inside your WiFi : Exploring and Exploiting Access Points and Routers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Join Drew Green, John Rodriguez, and Ken Pyle for a deep dive into identifying vulnerabilities in network devices. Explore and exploit weaknesses in a wireless mesh network and learn how advanced threats view your infrastructure.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[{"content_ids":[55300,55927],"conference_id":133,"event_ids":[56518,56535,55690,56536],"name":"John Rodriguez","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55853},{"content_ids":[55927],"conference_id":133,"event_ids":[56518,56535,56536],"name":"Drew Green","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56288},{"content_ids":[55927],"conference_id":133,"event_ids":[56518,56535,56536],"name":"Ken Pyle","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56289}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56518,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56288},{"tag_id":46167,"sort_order":4,"person_id":55853},{"tag_id":46167,"sort_order":6,"person_id":56289}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Defeat the Keysight CTF challenge for a chance to win a Riscuberry IoT hacking training kit with Riscure Academy online training. See one of the Keysight staff for details. LIGHT THE BEACONS and show us the flag!\n\n\n","media":[],"title":"Keysight CTF Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Defeat the Keysight CTF challenge for a chance to win a Riscuberry IoT hacking training kit with Riscure Academy online training. See one of the Keysight staff for details. LIGHT THE BEACONS and show us the flag!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56517,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The IoT Village Hacking Playground is a set of hands-on labs developed to teach the tools and techniques for discovering and exploiting some of the common weaknesses found in IoT devices in just a few minutes. Work at your own pace following our IoT Hacking guides and if you get stuck, our instructors are on hand to provide assistance and answer any questions.\n\n\n","media":[],"title":"IoT Village Hacking Playground","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The IoT Village Hacking Playground is a set of hands-on labs developed to teach the tools and techniques for discovering and exploiting some of the common weaknesses found in IoT devices in just a few minutes. Work at your own pace following our IoT Hacking guides and if you get stuck, our instructors are on hand to provide assistance and answer any questions.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56516,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join Finite State live on the Tech Done Different Podcast live at 2:30 on the 9th with host Ted Harrington. Finite State and ISE will be discussing all things DEF CON 32 and the state of IoT security. This will be a live recording!\n\n\n","media":[],"title":"IoT Security at DEF CON 32","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Join Finite State live on the Tech Done Different Podcast live at 2:30 on the 9th with host Ted Harrington. Finite State and ISE will be discussing all things DEF CON 32 and the state of IoT security. This will be a live recording!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56515,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn the trade secrets of elite embedded security researchers and exploit developers. This hands-on workshop equips you with the QEMU and GDB skills needed to emulate and debug embedded system processes.\n\nFriday, August 9th / Saturday, August 10th\n\n 10:00 am - QEMU Primer\n 11:00 am - QEMU Emulation\n 2:00 pm - Debugging with QEMU and GDB\n 3:00 pm - Q&A for Workshops\n\n\n","media":[],"title":"Inside the Toolkit of Elite Embedded Security Experts - Hands-On Workshop: QEMU & GDB for Embedded Systems Analysis","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Learn the trade secrets of elite embedded security researchers and exploit developers. This hands-on workshop equips you with the QEMU and GDB skills needed to emulate and debug embedded system processes.\n\nFriday, August 9th / Saturday, August 10th\n\n 10:00 am - QEMU Primer\n 11:00 am - QEMU Emulation\n 2:00 pm - Debugging with QEMU and GDB\n 3:00 pm - Q&A for Workshops","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56514,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"How to get started, two steps\n\n Download the GE Appliances SmartHQ App “SmartHQ” available on the Google Play and iOS Stores to your mobile phone\n Create your GE Appliances Account to commission the appliance, connecting the appliance to your account. The app will walk you through this step.\n\nRouter Name SSID: HackAway\nRouter Name Password: With GEA\n\nIn-Scope: Only communications between the appliance, GE Appliances SmartHQ App, and the cloud connection for the appliance\n\nPlease leave your contact information and we will be in touch! Or you may visit our security webpage by typing “GEAppliances.com/security” into your Internet browser. We have a call center and PSIRT team ready to hear your questions!\n\n\n","media":[],"title":"Hardware Hacking GE Appliances","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"How to get started, two steps\n\n Download the GE Appliances SmartHQ App “SmartHQ” available on the Google Play and iOS Stores to your mobile phone\n Create your GE Appliances Account to commission the appliance, connecting the appliance to your account. The app will walk you through this step.\n\nRouter Name SSID: HackAway\nRouter Name Password: With GEA\n\nIn-Scope: Only communications between the appliance, GE Appliances SmartHQ App, and the cloud connection for the appliance\n\nPlease leave your contact information and we will be in touch! Or you may visit our security webpage by typing “GEAppliances.com/security” into your Internet browser. We have a call center and PSIRT team ready to hear your questions!","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56513,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Rapid7 is back with more hands-on hardware hacking exercises. This year we will be guiding attendees through several exercises gaining root access for control and extraction of firmware and file system data. From TFTP kernel images over the network to single user mode access via modification of U-Boot. These exercises will guide you through the process of importing a kernel image over the network and executing it in memory for root access, along with understanding embedded device flash memory layout and how to transfer firmware images over the network for offline testing.  Also, we will walk through placing the IoT device in single user mode for root access and then rebuild the structure and needed drivers to bring the IoT embedded system out of single user mode for full access.\n\n\n","media":[],"title":"Hands-On Hardware Hacking – From Console to Root, Manipulating and Controlling a Protected System","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Rapid7 is back with more hands-on hardware hacking exercises. This year we will be guiding attendees through several exercises gaining root access for control and extraction of firmware and file system data. From TFTP kernel images over the network to single user mode access via modification of U-Boot. These exercises will guide you through the process of importing a kernel image over the network and executing it in memory for root access, along with understanding embedded device flash memory layout and how to transfer firmware images over the network for offline testing.  Also, we will walk through placing the IoT device in single user mode for root access and then rebuild the structure and needed drivers to bring the IoT embedded system out of single user mode for full access.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56512,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"With Google Cast Miracast or AirPlay smart TVs now have plenty of ways to get your favorite content on screen. But while the latest show is playing there is a complex system running underneath that is ripe for hacking. Bitdefender invites you to solve a few challenges that will get you diving into the inner workings of a smart TV.\n\n\n","media":[],"title":"Hack My TV","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"With Google Cast Miracast or AirPlay smart TVs now have plenty of ways to get your favorite content on screen. But while the latest show is playing there is a complex system running underneath that is ripe for hacking. Bitdefender invites you to solve a few challenges that will get you diving into the inner workings of a smart TV.","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56511,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this interactive exercise, you'll learn how to talk to chips on a board via SPI, extract a firmware image, and analyze it to find vulnerabilities. Take your hardware hacking skills to the next level\n\n\n","media":[],"title":"Firmware Extraction and Analysis","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"In this interactive exercise, you'll learn how to talk to chips on a board via SPI, extract a firmware image, and analyze it to find vulnerabilities. Take your hardware hacking skills to the next level","updated_timestamp":{"seconds":1722645220,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T00:33:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56510,"tag_ids":[46383,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T00:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Do you have questions about what DEF CON Groups are? Do you need help finding a group near you? Feel free to come ask. Or, just come up and hang out.\n\n\n","media":[],"title":"DEF CON Groups - Open for questions and hanging out","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Do you have questions about what DEF CON Groups are? Do you need help finding a group near you? Feel free to come ask. Or, just come up and hang out.","updated_timestamp":{"seconds":1722636477,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T22:07:57Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56505,"tag_ids":[46399,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W236","hotel":"","short_name":"W236","id":46293},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T22:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join the Recon Village GEOSINT Challenge, where your geospatial intelligence skills will be put to the ultimate test. Navigate through complex scenarios, uncover hidden clues, and outsmart your competition. Sharpen your analytical prowess and prove your mastery in this thrilling contest of wits and strategy.\n\n\n","media":[],"title":"Recon Village GE(O)SINT Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T21:00:00Z","end_timestamp":{"seconds":1723237200,"nanoseconds":0},"android_description":"Join the Recon Village GEOSINT Challenge, where your geospatial intelligence skills will be put to the ultimate test. Navigate through complex scenarios, uncover hidden clues, and outsmart your competition. Sharpen your analytical prowess and prove your mastery in this thrilling contest of wits and strategy.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T21:00:00.000-0000","id":56481,"tag_ids":[46391,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Since 2020, I have (as a BikeIndex.org cofounder) been chasing and hunting the single largest black market bike fence in modern history. This OSINT-heavy, cross-border investigation eventually blossomed into a federal court case in early 2024, so I've only able to partially share that story in public until now. By the time DEFCON happens, I'll be able to give this talk in its fullest and most unredacted form, which I haven't been able to do yet. (This talk was presented at Seattle BSIDES 2023, but even then I couldn't give 'the whole talk' because one of the key players was still being prosecuted in CA court)\n\nIn December 2021, BikeIndex.org published an article that laid out how our OSINT detective work showed residential burglars in Colorado were exporting stolen bikes to Juarez Mexico and selling them on grey-market sites there for excellent profit. This quantified a long suspected 'urban legend' in the cycling community - that high end stolen bikes went to Mexico - but also the economics of the problem, as we tracked over 1000 sales of stolen bikes and were able to capture sales data and study the black market in very great detail. (That write up is here, if you are curious:https://bikeindex.org/news/closing-the-loop-a-deep-dive-on-a-facebook-reseller-of-bikes-stolen-in ) \n\nWhat we did *not* disclose at that time was that we were infiltrating and tracking an even larger, more impressive criminal actor in the same space - one whose sales and profits reach into the millions. Through years of surveillance, OSINT work, and a lot of persistence, we eventually identified one of his US side suppliers and got them raided by law enforcement, which then snowballed into a federal prosecution in 2024.\n\nIn this talk, I'll talk about how the motivation to seek justice drives normal people to do extraordinary things with OSINT and other crafty methods to chase down bad guys and recover their stolen goods and seek justice. I'll cover some of the crazier edge cases we've run into in this space, and I'll talk about the secret shadow army of hunters and cyclists who are hunt these kinds of bad guys down online, every day.\n\nThe talk will be audience engaging, with back-and-forth and audience 'spot-the-OSINT-FAIL-here' type participation as we walk through the major breakthroughs that took this project from 'hey, that's an interesting' to names going down into a federal indictment. Specifically, I'll give an overview of how we engage with theft victims to surveil, track, identify, and take down transnational black market bike fences - who often turn out to be even crazier individuals than anybody ever expected.\n\n\n","media":[],"title":"Bastardo Grande: Hunting the Largest Black Market Bike Fence In The World","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:45:00Z","end_timestamp":{"seconds":1723225500,"nanoseconds":0},"android_description":"Since 2020, I have (as a BikeIndex.org cofounder) been chasing and hunting the single largest black market bike fence in modern history. This OSINT-heavy, cross-border investigation eventually blossomed into a federal court case in early 2024, so I've only able to partially share that story in public until now. By the time DEFCON happens, I'll be able to give this talk in its fullest and most unredacted form, which I haven't been able to do yet. (This talk was presented at Seattle BSIDES 2023, but even then I couldn't give 'the whole talk' because one of the key players was still being prosecuted in CA court)\n\nIn December 2021, BikeIndex.org published an article that laid out how our OSINT detective work showed residential burglars in Colorado were exporting stolen bikes to Juarez Mexico and selling them on grey-market sites there for excellent profit. This quantified a long suspected 'urban legend' in the cycling community - that high end stolen bikes went to Mexico - but also the economics of the problem, as we tracked over 1000 sales of stolen bikes and were able to capture sales data and study the black market in very great detail. (That write up is here, if you are curious:https://bikeindex.org/news/closing-the-loop-a-deep-dive-on-a-facebook-reseller-of-bikes-stolen-in ) \n\nWhat we did *not* disclose at that time was that we were infiltrating and tracking an even larger, more impressive criminal actor in the same space - one whose sales and profits reach into the millions. Through years of surveillance, OSINT work, and a lot of persistence, we eventually identified one of his US side suppliers and got them raided by law enforcement, which then snowballed into a federal prosecution in 2024.\n\nIn this talk, I'll talk about how the motivation to seek justice drives normal people to do extraordinary things with OSINT and other crafty methods to chase down bad guys and recover their stolen goods and seek justice. I'll cover some of the crazier edge cases we've run into in this space, and I'll talk about the secret shadow army of hunters and cyclists who are hunt these kinds of bad guys down online, every day.\n\nThe talk will be audience engaging, with back-and-forth and audience 'spot-the-OSINT-FAIL-here' type participation as we walk through the major breakthroughs that took this project from 'hey, that's an interesting' to names going down into a federal indictment. Specifically, I'll give an overview of how we engage with theft victims to surveil, track, identify, and take down transnational black market bike fences - who often turn out to be even crazier individuals than anybody ever expected.","updated_timestamp":{"seconds":1722633248,"nanoseconds":0},"speakers":[{"content_ids":[55893],"conference_id":133,"event_ids":[56480],"name":"Bryan Hance","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56262}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:14:08Z","links":[],"end":"2024-08-09T17:45:00.000-0000","id":56480,"tag_ids":[46391,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56262}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T21:14:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us at the AI Village for interactive demonstrations at the intersection of AI and security. Attempt to hijack and manipulate autonomous robots using large language models and generative AI. Fool your friends by creating deep fakes with a state-of-the-art setup from Bishop Fox, complete with DSLR camera, green screen, and props. Finally, put your social engineering awareness to the test with DARPA’s deep fake analysis system, designed to identify and attribute manipulated and synthetic media. Don’t miss this opportunity to engage with adversarial AI technologies and learn about their implications on the future, at DEF CON 32!\n\n\n","media":[],"title":"AI Village Demos","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Join us at the AI Village for interactive demonstrations at the intersection of AI and security. Attempt to hijack and manipulate autonomous robots using large language models and generative AI. Fool your friends by creating deep fakes with a state-of-the-art setup from Bishop Fox, complete with DSLR camera, green screen, and props. Finally, put your social engineering awareness to the test with DARPA’s deep fake analysis system, designed to identify and attribute manipulated and synthetic media. Don’t miss this opportunity to engage with adversarial AI technologies and learn about their implications on the future, at DEF CON 32!","updated_timestamp":{"seconds":1722626313,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:18:33Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56474,"tag_ids":[46368,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T19:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Opening remarks for events at AIV at DEFCON 32\n\n\n","media":[],"title":"Opening Remarks","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:30:00Z","end_timestamp":{"seconds":1723224600,"nanoseconds":0},"android_description":"Opening remarks for events at AIV at DEFCON 32","updated_timestamp":{"seconds":1722626320,"nanoseconds":0},"speakers":[{"content_ids":[55875,55876,55888],"conference_id":133,"event_ids":[56460,56473,56461],"name":"Sven Cattell","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"AI Village","title":"Founder"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@comathematician)","sort_order":0,"url":"https://x.com/comathematician"}],"media":[],"id":56233,"title":"Founder at AI Village"},{"content_ids":[55876],"conference_id":133,"event_ids":[56461],"name":"Lauren Putvin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"AIV Steering Committee","title":""}],"links":[],"pronouns":null,"media":[],"id":56235,"title":"AIV Steering Committee"},{"content_ids":[55876],"conference_id":133,"event_ids":[56461],"name":"Ravin Kumar","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"AIV Steering Committee","title":""}],"links":[],"pronouns":null,"media":[],"id":56236,"title":"AIV Steering Committee"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:18:40Z","links":[{"label":"More Info","type":"link","url":"https://aivillage.org/events/2024_talks"}],"end":"2024-08-09T17:30:00.000-0000","id":56461,"tag_ids":[46368,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56233},{"tag_id":46167,"sort_order":4,"person_id":56235},{"tag_id":46167,"sort_order":6,"person_id":56236}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03","hotel":"","short_name":"HW2-07-03","id":46260},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T19:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"QOLOSSUS: QUANTUM CTF CONTEST: How to get Started on The Quantum Capture The Flag","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T17:00:00Z","end_timestamp":{"seconds":1723222800,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722620437,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T17:40:37Z","links":[],"end":"2024-08-09T17:00:00.000-0000","id":56427,"tag_ids":[46389,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T17:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Use spacestudio software to work through multiple challenges and scenarios. For instance:\r\n\r\nChallenge 1: Analysis of the performance of the next GEN of satellites to size the ground segment.\r\n\r\nChallenge 2: Assessment of propulsion system capabilities for initial orbit raising\r\n\r\nChallenges for spacetower flight dynamic software will also be available.\n\n\n","media":[],"title":"spacestudio and spacetower challenges","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Use spacestudio software to work through multiple challenges and scenarios. For instance:\r\n\r\nChallenge 1: Analysis of the performance of the next GEN of satellites to size the ground segment.\r\n\r\nChallenge 2: Assessment of propulsion system capabilities for initial orbit raising\r\n\r\nChallenges for spacetower flight dynamic software will also be available.","updated_timestamp":{"seconds":1722626556,"nanoseconds":0},"speakers":[{"content_ids":[55830],"conference_id":133,"event_ids":[56380,56408,56426],"name":"Exotrail","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56205},{"content_ids":[55824,55825,55830],"conference_id":133,"event_ids":[56374,56375,56380,56402,56403,56408,56420,56421,56426],"name":"Hack-A-Sat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56207}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T19:22:36Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56380,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56205},{"tag_id":46484,"sort_order":4,"person_id":56207}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T19:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Launch into the thrilling world of cybersecurity, specifically designed for space systems! Learn the fundamentals to safeguard ground stations, communication links, and spacecrafts.\n \nEngage in an immersive and fun CTF scenario. Apply your cybersecurity skills in real-time and see the direct impact of your decisions on our Space Systems Demonstrator. In this high-stakes scenario, you'll align with the Aurora Alliance in their critical mission to thwart Count Viktor Thunderclaw and the notorious Nebula Syndicate. The Syndicate threatens to destroy historic monuments around the world with their Space Laser unless their demands are met. Do you have what it takes to dismantle their malevolent plans?\n \nOur beginner-level CTF kicks off as soon as the village opens—no pre-registration necessary. Just bring your laptop to access the CTF platform and your favorite packet decoding software (i.e. Wireshark). Expect the CTF to take you less than 1 hour to complete. Team collaboration is encouraged, and if you encounter obstacles, numerous hints are available to guide you. Excel in the challenge, and you could walk away with a CT Cubed SAO, an exclusive prize while supplies last.\n\n\n","media":[],"title":"Space Systems Security CTF – Platform Security","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Launch into the thrilling world of cybersecurity, specifically designed for space systems! Learn the fundamentals to safeguard ground stations, communication links, and spacecrafts.\n \nEngage in an immersive and fun CTF scenario. Apply your cybersecurity skills in real-time and see the direct impact of your decisions on our Space Systems Demonstrator. In this high-stakes scenario, you'll align with the Aurora Alliance in their critical mission to thwart Count Viktor Thunderclaw and the notorious Nebula Syndicate. The Syndicate threatens to destroy historic monuments around the world with their Space Laser unless their demands are met. Do you have what it takes to dismantle their malevolent plans?\n \nOur beginner-level CTF kicks off as soon as the village opens—no pre-registration necessary. Just bring your laptop to access the CTF platform and your favorite packet decoding software (i.e. Wireshark). Expect the CTF to take you less than 1 hour to complete. Team collaboration is encouraged, and if you encounter obstacles, numerous hints are available to guide you. Excel in the challenge, and you could walk away with a CT Cubed SAO, an exclusive prize while supplies last.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55829],"conference_id":133,"event_ids":[56379,56407,56425],"name":"CT Cubed","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56204}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56379,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56204}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Space Grand Challenge (SGC) Program is a free virtual game-based cybersecurity/space competition CTF for middle and high school students built by Cal Poly students—Learn by Doing in action. The game is built on the UNITY gaming engine.\n\n\n","media":[],"title":"Space Grand Challenge Luna","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The Space Grand Challenge (SGC) Program is a free virtual game-based cybersecurity/space competition CTF for middle and high school students built by Cal Poly students—Learn by Doing in action. The game is built on the UNITY gaming engine.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55827,55828],"conference_id":133,"event_ids":[56377,56378,56405,56406,56423,56424],"name":"CalPoly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56203}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56378,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56203}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come take a picture with a CubeSat. And while you're there, learn a few things about it.\n\n\n","media":[],"title":"Selfie with a CubeSat","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Come take a picture with a CubeSat. And while you're there, learn a few things about it.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55827,55828],"conference_id":133,"event_ids":[56377,56378,56405,56406,56423,56424],"name":"CalPoly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56203}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56377,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56203}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Role play what would happen (or not happen) should a plane be maliciously targeted, or (like most) try and land a A320.\n\n\n","media":[],"title":"PTP Flight Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Role play what would happen (or not happen) should a plane be maliciously targeted, or (like most) try and land a A320.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55826],"conference_id":133,"event_ids":[56376,56404,56422],"name":"Pen Test Partners","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56188}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56376,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56188}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Enjoy some space math nostalgia with challenges from the past four years of Hack-A-Sat quals! Challenges require skills in astrodynamics, satellite operations, digital signal processing, reverse engineering, exploitation, and more! If you missed the last Hack-A-Sat qualifiers or just want to try again, now is your chance!\n\n10 challenges are available with a mix of difficulty. These will be available throughout all of DEF CON so work on them anywhere (even your hotel room). No team required and no scoreboard...so no pressure!\n\nChallenge developers will be available for hints/clues on the conference floor but may not be able to help with every challenge.\n\n\n","media":[],"title":"Hack-A-Sat Quals Challenges","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Enjoy some space math nostalgia with challenges from the past four years of Hack-A-Sat quals! Challenges require skills in astrodynamics, satellite operations, digital signal processing, reverse engineering, exploitation, and more! If you missed the last Hack-A-Sat qualifiers or just want to try again, now is your chance!\n\n10 challenges are available with a mix of difficulty. These will be available throughout all of DEF CON so work on them anywhere (even your hotel room). No team required and no scoreboard...so no pressure!\n\nChallenge developers will be available for hints/clues on the conference floor but may not be able to help with every challenge.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55824,55825,55830],"conference_id":133,"event_ids":[56374,56375,56380,56402,56403,56408,56420,56421,56426],"name":"Hack-A-Sat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56207},{"content_ids":[55824,55825],"conference_id":133,"event_ids":[56374,56375,56402,56403,56420,56421],"name":"Cromulence","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56213}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56375,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56207},{"tag_id":46484,"sort_order":4,"person_id":56213}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to know what happened to the Hack-A-Sat digital twins? We're bringing back our satellites and ground stations so you can see what it was like to be a team operating during finals!\n\nEstablish uplink using a ground station. Send commands to the satellite, observe effects and telemetry. 3D Cesium visualization of satellite in orbit and ground station locations. Grafana dashboards for sim data, etc. OpenC3 satellite operator interface for C2\n\n\n","media":[],"title":"Hack-A-Sat Digital Twin","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Want to know what happened to the Hack-A-Sat digital twins? We're bringing back our satellites and ground stations so you can see what it was like to be a team operating during finals!\n\nEstablish uplink using a ground station. Send commands to the satellite, observe effects and telemetry. 3D Cesium visualization of satellite in orbit and ground station locations. Grafana dashboards for sim data, etc. OpenC3 satellite operator interface for C2","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55824,55825,55830],"conference_id":133,"event_ids":[56374,56375,56380,56402,56403,56408,56420,56421,56426],"name":"Hack-A-Sat","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56207},{"content_ids":[55824,55825],"conference_id":133,"event_ids":[56374,56375,56402,56403,56420,56421],"name":"Cromulence","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56213}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56374,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56207},{"tag_id":46484,"sort_order":4,"person_id":56213}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Dive into our interactive choose-your-own-adventure web interface and learn how to hack a drone in a fun, storyboard-based game. This graphical user interface simulates the process we use when hacking drones for the Air Force, allowing participants to make decisions and see the outcomes. It's a beginner-friendly activity that anyone can enjoy, offering insight into the steps involved in drone penetration testing.\n\n\n","media":[],"title":"Drone Hacking Choose Your Own Adventure","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Dive into our interactive choose-your-own-adventure web interface and learn how to hack a drone in a fun, storyboard-based game. This graphical user interface simulates the process we use when hacking drones for the Air Force, allowing participants to make decisions and see the outcomes. It's a beginner-friendly activity that anyone can enjoy, offering insight into the steps involved in drone penetration testing.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56373,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join our Drone Hacking Activity and get hands-on experience with hacking into drone microcontrollers. This three-step in-depth activity is designed to teach you about the vulnerabilities and security of autonomous systems. Using sample drones, participants will learn techniques used in government pen tests. This workshop is suitable for all skill levels, from beginners to advanced hackers. Come and test your skills in a real-world scenario and understand the intricacies of drone security.\n\n\n","media":[],"title":"Drone Hacking Activity","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Join our Drone Hacking Activity and get hands-on experience with hacking into drone microcontrollers. This three-step in-depth activity is designed to teach you about the vulnerabilities and security of autonomous systems. Using sample drones, participants will learn techniques used in government pen tests. This workshop is suitable for all skill levels, from beginners to advanced hackers. Come and test your skills in a real-world scenario and understand the intricacies of drone security.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56372,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Experience the thrill of flying a drone in our custom-built cage right on the showroom floor. This activity is designed for everyone to enjoy, from kids to adults. Fly mini drones around the cage and see how well you can control these agile little machines. It's a fun, interactive way to learn the basics of drone piloting in a safe environment.\n\n\n","media":[],"title":"Drone Flying Experience","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Experience the thrill of flying a drone in our custom-built cage right on the showroom floor. This activity is designed for everyone to enjoy, from kids to adults. Fly mini drones around the cage and see how well you can control these agile little machines. It's a fun, interactive way to learn the basics of drone piloting in a safe environment.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56371,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Put your drone hacking skills to the test in our Drone CTF. This advanced challenge requires participants to take over a drone mid-flight and develop a payload to hack a DJI drone. This CTF is perfect for those who have some experience in drone hacking or have participated in our Drone Hacking Workshop. It's a great opportunity to showcase your technical prowess and win some cool prizes.\n\n\n","media":[],"title":"Drone Capture the Flag (CTF)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Put your drone hacking skills to the test in our Drone CTF. This advanced challenge requires participants to take over a drone mid-flight and develop a payload to hack a DJI drone. This CTF is perfect for those who have some experience in drone hacking or have participated in our Drone Hacking Workshop. It's a great opportunity to showcase your technical prowess and win some cool prizes.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55820,55821,55822,55823],"conference_id":133,"event_ids":[56370,56371,56372,56373,56398,56399,56400,56401,56416,56417,56418,56419],"name":"Dark Wolf","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56210}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56370,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56210}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Can you spot suspicious items in packages? Try out your skills.\n\n\n","media":[],"title":"Detect a Threat","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Can you spot suspicious items in packages? Try out your skills.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55819],"conference_id":133,"event_ids":[56369,56397,56415],"name":"TSA","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56212}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56369,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56212}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"You are a new to the Airport IT staff at the IG International Airport Network Operations Center, working your first holiday travel weekend. It has been a busy day managing the network with the control tower reporting several small glitches.\n\nNo alerts have been raised in the network, and the glitches appeared to have been easily handled. While taking your last break of the day, you decide to take a short walk around the concourse to watch the sun set. Suddenly, your cell phone rings and the voice on the other end is a panicked Control Tower Operator. A short time earlier, the tower had observed the runway lights turn off, come back on, and are now randomly blinking. They also mentioned the Operator HMI (Human Machine Interface) controlling the Runway Lighting system is non-responsive and they are locked out of the Maintenance HMI to reboot the system. Time is critical – without the lights, the planes circling the airport cannot land. With limited fuel stores, the planes are unable to divert to another airport. You sit down at your terminal to pull up the maintenance manual and troubleshoot the problem only to discover you are locked out of your account. You are suddenly relieved that management would not let you deploy security updates to the network because they feared service interruptions may occur. Once you regain access to the system and have all the reference material available, you bring up the control logic for the runway lighting system on one screen and the HMIs on another and quickly realize this is not a normal system failure. An unknown hacker or hacker group has ceased and taken control of the system. They have manipulated the PLC’s (Programmable Logic Controller) and impacted the HMIs. Time is of the essence to restore operation to the Runway Lighting control system before the planes run out of fuel.\n\n\n","media":[],"title":"Defend the Airport CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"You are a new to the Airport IT staff at the IG International Airport Network Operations Center, working your first holiday travel weekend. It has been a busy day managing the network with the control tower reporting several small glitches.\n\nNo alerts have been raised in the network, and the glitches appeared to have been easily handled. While taking your last break of the day, you decide to take a short walk around the concourse to watch the sun set. Suddenly, your cell phone rings and the voice on the other end is a panicked Control Tower Operator. A short time earlier, the tower had observed the runway lights turn off, come back on, and are now randomly blinking. They also mentioned the Operator HMI (Human Machine Interface) controlling the Runway Lighting system is non-responsive and they are locked out of the Maintenance HMI to reboot the system. Time is critical – without the lights, the planes circling the airport cannot land. With limited fuel stores, the planes are unable to divert to another airport. You sit down at your terminal to pull up the maintenance manual and troubleshoot the problem only to discover you are locked out of your account. You are suddenly relieved that management would not let you deploy security updates to the network because they feared service interruptions may occur. Once you regain access to the system and have all the reference material available, you bring up the control logic for the runway lighting system on one screen and the HMIs on another and quickly realize this is not a normal system failure. An unknown hacker or hacker group has ceased and taken control of the system. They have manipulated the PLC’s (Programmable Logic Controller) and impacted the HMIs. Time is of the essence to restore operation to the Runway Lighting control system before the planes run out of fuel.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55818],"conference_id":133,"event_ids":[56368,56396,56414],"name":"IntelliGenesis and IG Labs","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56190}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56368,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56190}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Collect the clues, solve the puzzles, show off your aerospace knowledge and technical skills to win a limited edition PCB badge.\n\n\n","media":[],"title":"Darkstar Badge Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Collect the clues, solve the puzzles, show off your aerospace knowledge and technical skills to win a limited edition PCB badge.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55817],"conference_id":133,"event_ids":[56367,56395,56413],"name":"Lockheed Martin","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56189}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56367,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56189}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The AMSAT Ground Control and CubeSat simulator emulates how satellite communications are used. Ground control communicates via UHF to the cubesat.\n\n\n","media":[],"title":"CubeSat Simulator","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The AMSAT Ground Control and CubeSat simulator emulates how satellite communications are used. Ground control communicates via UHF to the cubesat.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55816],"conference_id":133,"event_ids":[56366,56394,56412],"name":"AMSAT","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56200}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56366,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56200}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Bricks in the Air is a hands-on demo to teach the basics of low level protocols seen in aviation. The demo uses the I2C protocol and does not reveal actual security vulnerabilities in avionics or other systems in aviation.\n\n\n","media":[],"title":"Bricks in the Air","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Bricks in the Air is a hands-on demo to teach the basics of low level protocols seen in aviation. The demo uses the I2C protocol and does not reveal actual security vulnerabilities in avionics or other systems in aviation.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56365,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"ARINC 664 is an extension to IP networking that adds deterministic QoS for Aircraft Systems over Ethernet. Sit down and learn about how the extensions to 802.3 is used on aircraft, how that flight critical data is transferred in a timely matter, and how to manipulate the data on these networks. This progressive difficulty CTF provides a fun and informative way of approaching ARINC 664 networking.\n\n\n","media":[],"title":"ARINC 664 CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"ARINC 664 is an extension to IP networking that adds deterministic QoS for Aircraft Systems over Ethernet. Sit down and learn about how the extensions to 802.3 is used on aircraft, how that flight critical data is transferred in a timely matter, and how to manipulate the data on these networks. This progressive difficulty CTF provides a fun and informative way of approaching ARINC 664 networking.","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55814],"conference_id":133,"event_ids":[56364,56392,56410],"name":"Boeing","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56202}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56364,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56202}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A variety of aviation infrastructure has been compromised by hackers. Immerse yourself into challenges where you are tasked as an aviation cyber defense participant to identify attacks/attackers, stop attacks, and restore normal operations. As a participant your first step is to register ahead and read the rules at: https://aisac.cyberskyline.com/events/aisac-defcon and bring your own laptop to the venue. You can participate in the virtual challenges from Friday, but the more critical in-person challenges are only available at certain times during Village open hours!\n\n\n","media":[],"title":"A-ISAC Aviation Cybersecurity Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"A variety of aviation infrastructure has been compromised by hackers. Immerse yourself into challenges where you are tasked as an aviation cyber defense participant to identify attacks/attackers, stop attacks, and restore normal operations. As a participant your first step is to register ahead and read the rules at: https://aisac.cyberskyline.com/events/aisac-defcon and bring your own laptop to the venue. You can participate in the virtual challenges from Friday, but the more critical in-person challenges are only available at certain times during Village open hours!","updated_timestamp":{"seconds":1722611046,"nanoseconds":0},"speakers":[{"content_ids":[55813],"conference_id":133,"event_ids":[56363,56391,56409],"name":"A-ISAC and Embry-Riddle Aeronautical University - Prescott","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56201}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T15:04:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56363,"tag_ids":[46366,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46484,"sort_order":2,"person_id":56201}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-02 (Aerospace)","hotel":"","short_name":"HW2-07-02 (Aerospace)","id":46259},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T15:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Although not scheduled we intend to have people in and out who can do repairs/soldering on older equipment should anything need it. If you have trouble with your vintage tech during con, we will do our best to help!\n\n\n","media":[],"title":"Retro Repair","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Although not scheduled we intend to have people in and out who can do repairs/soldering on older equipment should anything need it. If you have trouble with your vintage tech during con, we will do our best to help!","updated_timestamp":{"seconds":1722563919,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T01:58:39Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56334,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T01:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We will have several dumb terminals available for all sorts of things courtesy of SCAVHUNT!\n\n\n","media":[],"title":"Dumb Terminal fun","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"We will have several dumb terminals available for all sorts of things courtesy of SCAVHUNT!","updated_timestamp":{"seconds":1722563905,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T01:58:25Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56333,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T01:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Bring a retro artifact of your own for people to have fun with and demonstrate! (Note: Any artifact brought in for Show & Tell must also be taken back home with you, and although we will try our best to keep your artifact safe and operational, we suggest that you don't bring anything irreplaceable or that has sentimental value, as things could get destroyed or go missing.)\n\n\n","media":[],"title":"Show & Tell","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Bring a retro artifact of your own for people to have fun with and demonstrate! (Note: Any artifact brought in for Show & Tell must also be taken back home with you, and although we will try our best to keep your artifact safe and operational, we suggest that you don't bring anything irreplaceable or that has sentimental value, as things could get destroyed or go missing.)","updated_timestamp":{"seconds":1722563887,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T01:58:07Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56332,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T01:58:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Small scale LAN party - Use one of our Windows 98 laptops or BYOB and hook it up! Seating will likely be limited depending on interest.\n\n\n","media":[],"title":"Small scale LAN party","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"Small scale LAN party - Use one of our Windows 98 laptops or BYOB and hook it up! Seating will likely be limited depending on interest.","updated_timestamp":{"seconds":1722563871,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T01:57:51Z","links":[],"end":"2024-08-09T23:00:00.000-0000","id":56331,"tag_ids":[46408,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-01","hotel":"","short_name":"HW4-04-01","id":46380},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T01:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"No description provided by creator\n\n\n","media":[],"title":"FleetDm","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"No description provided by creator","updated_timestamp":{"seconds":1722476980,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T01:49:40Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56297,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T01:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Follow real world password attack steps against a mock target in order to better understand how to protect yourself and improve the security of your passwords!\n\n\n","media":[],"title":"Password lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Follow real world password attack steps against a mock target in order to better understand how to protect yourself and improve the security of your passwords!","updated_timestamp":{"seconds":1722540130,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T19:22:10Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56296,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T19:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Use machine learning with Python to detect attacks in network packets including DNS tunneling, FTP brute force, and HTTP scanning. We will be using various Python tools such as iPython notebooks, scapy, and scikit-learn. Some Python experience is recommended, but if you don't know Python, come prepared to start with our Python tutorial!\n\n\n","media":[],"title":"Python + Packet Analysis + Machine Learning","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Use machine learning with Python to detect attacks in network packets including DNS tunneling, FTP brute force, and HTTP scanning. We will be using various Python tools such as iPython notebooks, scapy, and scikit-learn. Some Python experience is recommended, but if you don't know Python, come prepared to start with our Python tutorial!","updated_timestamp":{"seconds":1722476946,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T01:49:06Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56295,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T01:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Regular Expressions or RegEX are used everywhere! If you aspire to be a Pentester, Threat Hunter, Programmer, Network Engineer, DevOps or really anything in technology today, RegEx is a skill all the greats have and the majority of the industry are terrible at. Come learn or brush up on your RegEx skills in on our live trainer.\n\n\n","media":[],"title":"Regular Expressions (RegEx) Trainer","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Regular Expressions or RegEX are used everywhere! If you aspire to be a Pentester, Threat Hunter, Programmer, Network Engineer, DevOps or really anything in technology today, RegEx is a skill all the greats have and the majority of the industry are terrible at. Come learn or brush up on your RegEx skills in on our live trainer.","updated_timestamp":{"seconds":1722476922,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T01:48:42Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56294,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Network-OS workshop will take you into the mysterious world which underpins modern computing and allows people to talk across the globe. This of course being the network itself. In this workshop you will familiarize yourself with the command line of network devices. Step by step, you will configure devices to talk to each other, share information about the computers connected to them, and relay their network information and traffic between each other. No experience needed, know how to type and copy/paste.\n\n\n","media":[],"title":"Network-OS: Be The Cloud","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The Network-OS workshop will take you into the mysterious world which underpins modern computing and allows people to talk across the globe. This of course being the network itself. In this workshop you will familiarize yourself with the command line of network devices. Step by step, you will configure devices to talk to each other, share information about the computers connected to them, and relay their network information and traffic between each other. No experience needed, know how to type and copy/paste.","updated_timestamp":{"seconds":1722476912,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T01:48:32Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56293,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Knowing how to use the Linux command line is a critical skill for any good security practitioner. This trainer will have 10+ problems covering some of the most fundamental Linux commands. This trainer is for people new to field and for those who want to hone their Linux command line-fu.\n\n\n","media":[],"title":"Linux Trainer","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Knowing how to use the Linux command line is a critical skill for any good security practitioner. This trainer will have 10+ problems covering some of the most fundamental Linux commands. This trainer is for people new to field and for those who want to hone their Linux command line-fu.","updated_timestamp":{"seconds":1722476901,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T01:48:21Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56292,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join us for an interactive workshop where we will walk you through the ins and outs of botnet deployment and operation via a command and control web server. Geared towards beginners, this workshop offers a hands-on approach to understanding how botnets function. You'll also learn an effective defense strategy against the botnet you have created. No experience needed we will give you everything you need!\n\n\n","media":[],"title":"Botnets","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Join us for an interactive workshop where we will walk you through the ins and outs of botnet deployment and operation via a command and control web server. Geared towards beginners, this workshop offers a hands-on approach to understanding how botnets function. You'll also learn an effective defense strategy against the botnet you have created. No experience needed we will give you everything you need!","updated_timestamp":{"seconds":1722476888,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T01:48:08Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56291,"tag_ids":[46385,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Looking to upgrade your skills or see how you would fare in Capture The Packet? Come check out what Packet Detective has to offer! A step up in difficulty from Packet Inspector, Packet Detective will put your network hunting abilities to the test with real-world scenarios at the intermediate level. Take the next step in your journey towards network mastery in a friendly environment still focused on learning and take another step closer to preparing yourself for the competitive environment of Capture The Packet\n\n\n","media":[],"title":"Packet Detective","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Looking to upgrade your skills or see how you would fare in Capture The Packet? Come check out what Packet Detective has to offer! A step up in difficulty from Packet Inspector, Packet Detective will put your network hunting abilities to the test with real-world scenarios at the intermediate level. Take the next step in your journey towards network mastery in a friendly environment still focused on learning and take another step closer to preparing yourself for the competitive environment of Capture The Packet","updated_timestamp":{"seconds":1722476866,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T01:47:46Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56290,"tag_ids":[46385,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T01:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The perfect introduction to network analysis, sniffing, and forensics. Do you want to understand the techniques people use to tap into a network, steal passwords and listen to conversations? Packet Inspector is the place to develop these skills! For well over a decade, the Wall of Sheep has shown people how important it is to use end-to-end encryption to keep sensitive information like passwords private. Using a license of the world famous Capture The Packet engine from Aries Security, we have created a unique way to teach hands-on skills in a controlled real-time environment.\n\n\n","media":[],"title":"Packet Inspector","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The perfect introduction to network analysis, sniffing, and forensics. Do you want to understand the techniques people use to tap into a network, steal passwords and listen to conversations? Packet Inspector is the place to develop these skills! For well over a decade, the Wall of Sheep has shown people how important it is to use end-to-end encryption to keep sensitive information like passwords private. Using a license of the world famous Capture The Packet engine from Aries Security, we have created a unique way to teach hands-on skills in a controlled real-time environment.","updated_timestamp":{"seconds":1722476832,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T01:47:12Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56289,"tag_ids":[46385,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T01:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Outline:\r\nIntro to CTI\r\n - What is CTI\r\n - Threat Intel Types\r\n - Why build a CTI\r\n\r\nMajor components for a CTI program\r\n - Data Collection/Feeds\r\n - Parsing and Storage\r\n - Enrichment\r\n - Dissemination\r\n\r\nSteps in building CTI program\r\n - Technology\r\n - People\r\n - Process\r\n\r\nLab: Step-by-step walkthrough of two CTI platforms (MISP and OpenCTI)\r\n - Install the CTI platforms\r\n - Add relevant data sources\r\n - Analyzing data sources\r\n - Effective data correlation\r\n\r\nMetrics to track the progress and success of a CTI program\r\nMaturity Model of a CTI program\n\n\nAre you eager to understand your threat actors, targets, and behaviors? Are you constrained by resources to get a cyber threat intel program up and running? Are you not sure which tools to start with for cyber threat intel? If so, then this workshop is for you! We walkthrough how you can build a cyber threat intelligence program using open-source tools at minimum cost. We discuss the major components of a cyber threat intel program and the steps (including people, process, and technology) to bring your program to existence. In this workshop, we will show you how to set up and install open-source threat intelligence tools and relevant feeds. We also demonstrate how to analyze and correlate data to produce actionable intelligence. Finally, we discuss metrics and a maturity model for your program.","media":[],"title":"Building a Cyber Threat Intelligence Program from scratch for free!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T18:30:00Z","end_timestamp":{"seconds":1723228200,"nanoseconds":0},"android_description":"Outline:\r\nIntro to CTI\r\n - What is CTI\r\n - Threat Intel Types\r\n - Why build a CTI\r\n\r\nMajor components for a CTI program\r\n - Data Collection/Feeds\r\n - Parsing and Storage\r\n - Enrichment\r\n - Dissemination\r\n\r\nSteps in building CTI program\r\n - Technology\r\n - People\r\n - Process\r\n\r\nLab: Step-by-step walkthrough of two CTI platforms (MISP and OpenCTI)\r\n - Install the CTI platforms\r\n - Add relevant data sources\r\n - Analyzing data sources\r\n - Effective data correlation\r\n\r\nMetrics to track the progress and success of a CTI program\r\nMaturity Model of a CTI program\n\n\nAre you eager to understand your threat actors, targets, and behaviors? Are you constrained by resources to get a cyber threat intel program up and running? Are you not sure which tools to start with for cyber threat intel? If so, then this workshop is for you! We walkthrough how you can build a cyber threat intelligence program using open-source tools at minimum cost. We discuss the major components of a cyber threat intel program and the steps (including people, process, and technology) to bring your program to existence. In this workshop, we will show you how to set up and install open-source threat intelligence tools and relevant feeds. We also demonstrate how to analyze and correlate data to produce actionable intelligence. Finally, we discuss metrics and a maturity model for your program.","updated_timestamp":{"seconds":1723185261,"nanoseconds":0},"speakers":[{"content_ids":[55762],"conference_id":133,"event_ids":[56286],"name":"Karan Dwivedi","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56140},{"content_ids":[55762],"conference_id":133,"event_ids":[56286],"name":"Apurv Singh Gautam","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cyble","title":"Cybercrime Researcher"}],"links":[],"pronouns":null,"media":[],"id":56158,"title":"Cybercrime Researcher at Cyble"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T06:34:21Z","links":[],"end":"2024-08-09T18:30:00.000-0000","id":56286,"tag_ids":[46373,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56158},{"tag_id":46167,"sort_order":1,"person_id":56140}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W309 (BTV Track 2 Workshops)","hotel":"","short_name":"W309 (BTV Track 2 Workshops)","id":46473},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-09T06:34:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This primer on incident response delves into its components, including the necessary procedures, lifecycles, frameworks, and playbooks. Initially, we'll explore the concept of incident response and its requisites. Then, we'll examine the stages of the IR lifecycle and explore adaptable frameworks. Finally, we'll review the strategies and playbooks employed by IR analysts to effectively address incidents.\n\n\nAn introduction to incident response that will focus on a general overview of incident response. Is a security event the same as a security incident? How will I know where to start when a security incident occurs? Although a security incident may unfold swiftly and with intensity, possessing a comprehensive grasp of the Incident Response (IR) process and utilizing frameworks and playbooks can mitigate the pressure inherent in investigating such incidents.","media":[],"title":"Incident Response 101: Part 1 (IR Overview, Lifecycles, Frameworks, and Playbooks)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:30:00Z","end_timestamp":{"seconds":1723224600,"nanoseconds":0},"android_description":"This primer on incident response delves into its components, including the necessary procedures, lifecycles, frameworks, and playbooks. Initially, we'll explore the concept of incident response and its requisites. Then, we'll examine the stages of the IR lifecycle and explore adaptable frameworks. Finally, we'll review the strategies and playbooks employed by IR analysts to effectively address incidents.\n\n\nAn introduction to incident response that will focus on a general overview of incident response. Is a security event the same as a security incident? How will I know where to start when a security incident occurs? Although a security incident may unfold swiftly and with intensity, possessing a comprehensive grasp of the Incident Response (IR) process and utilizing frameworks and playbooks can mitigate the pressure inherent in investigating such incidents.","updated_timestamp":{"seconds":1722462516,"nanoseconds":0},"speakers":[{"content_ids":[55745],"conference_id":133,"event_ids":[56268],"name":"Jason Romero","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56174}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-31T21:48:36Z","links":[],"end":"2024-08-09T17:30:00.000-0000","id":56268,"tag_ids":[46373,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56174}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W310 (BTV Track 1 Presentations)","hotel":"","short_name":"W310 (BTV Track 1 Presentations)","id":46472},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-31T21:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AppSec Village is proud to present our DEF CON Contest in partnership with SecDim.\r\n\r\nUnlike a typical CTF, this contest rewards the players who fix security vulnerabilities. You can choose between secure coding challenges or competing against other players in an Attack & Defence AppSec challenge, where you need to secure your app before being given a chance to hack other players’ apps 😈.\r\n\r\nYou can also develop your own AppSec challenge by following challenge contribution guidelines. All approved challenges will be hosted during AppSec Village @ DEF CON.\r\n\r\nThere are two categories of winners:\r\n- The player with the highest total points by the end of the event (August 11 at 12:00 PM PDT)\r\n- The best-contributed challenge submission\r\n\r\nThe Award Ceremony will be held at 12:45 PM PDT in the AppSec Village on August 11.\n\n\n","media":[],"title":"Fix the Flag Wargame","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T00:30:00Z","end_timestamp":{"seconds":1723249800,"nanoseconds":0},"android_description":"AppSec Village is proud to present our DEF CON Contest in partnership with SecDim.\r\n\r\nUnlike a typical CTF, this contest rewards the players who fix security vulnerabilities. You can choose between secure coding challenges or competing against other players in an Attack & Defence AppSec challenge, where you need to secure your app before being given a chance to hack other players’ apps 😈.\r\n\r\nYou can also develop your own AppSec challenge by following challenge contribution guidelines. All approved challenges will be hosted during AppSec Village @ DEF CON.\r\n\r\nThere are two categories of winners:\r\n- The player with the highest total points by the end of the event (August 11 at 12:00 PM PDT)\r\n- The best-contributed challenge submission\r\n\r\nThe Award Ceremony will be held at 12:45 PM PDT in the AppSec Village on August 11.","updated_timestamp":{"seconds":1722783756,"nanoseconds":0},"speakers":[{"content_ids":[55726],"conference_id":133,"event_ids":[56630,56631,56234],"name":"Harley Wilson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56118}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-04T15:02:36Z","links":[],"end":"2024-08-10T00:30:00.000-0000","id":56234,"tag_ids":[46370,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":56118}],"tags":"","conference_id":133,"location":{"parent_id":46307,"name":"LVCC - L2 - W228-W230 - ASV CTF","hotel":"","short_name":"ASV CTF","id":46471},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-04T15:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"BadVR Data Exploration through VR visualization. See RF signals, cellular signals and step into the data with a hands-on VR experience\n\n\n","media":[],"title":"Signals Are Everywhere","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"BadVR Data Exploration through VR visualization. See RF signals, cellular signals and step into the data with a hands-on VR experience","updated_timestamp":{"seconds":1722369079,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T19:51:19Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56105,"tag_ids":[46397,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-06","hotel":"","short_name":"HW4-01-06","id":46354},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T19:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Idaho National Laboratory in collaboration with the Cybersecurity & Infrastructure Security Agency (CISA) will showcase the critical importance of safeguarding Industrial Control Systems (ICS) against cyber threats. Through a mixed reality game, the interactive VR experience illustrates the impacts of a cybersecurity attack on infrastructure, and highlights the intricate engineering processes that power our communities. By emphasizing the interdependencies within our Nation’s infrastructure, the VR challenges underscore the necessity of robust cybersecurity measures to ensure the reliability and security of essential services. Come restore power back to our city, virtually! (NOTE: this gamified interactive VR experience not technical in nature, and does not require cybersecurity or infrastructure knowledge to participate\n\n\n","media":[],"title":"ICS Village + XR Village Turn the lights on!","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Idaho National Laboratory in collaboration with the Cybersecurity & Infrastructure Security Agency (CISA) will showcase the critical importance of safeguarding Industrial Control Systems (ICS) against cyber threats. Through a mixed reality game, the interactive VR experience illustrates the impacts of a cybersecurity attack on infrastructure, and highlights the intricate engineering processes that power our communities. By emphasizing the interdependencies within our Nation’s infrastructure, the VR challenges underscore the necessity of robust cybersecurity measures to ensure the reliability and security of essential services. Come restore power back to our city, virtually! (NOTE: this gamified interactive VR experience not technical in nature, and does not require cybersecurity or infrastructure knowledge to participate","updated_timestamp":{"seconds":1722917237,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-06T04:07:17Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56104,"tag_ids":[46397,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-06","hotel":"","short_name":"HW4-01-06","id":46354},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-06T04:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"# Open Events - All Days\r\n\r\n## AIxCC - Artificial Intelligence Cyber Challenge\r\n\r\nExperience a dynamic model city with illuminated buildings and projections that bring to life the Semifinals of the AI Cyber Challenge (AIxCC) - a two-year competition to safeguard the software critical to modern life. You'll experience the thrill of the game events and the critical stakes of cybersecurity in an immersive setting that also offers an inspiring educational journey.\r\n\r\n## Social Engineering Village - SE Youth Challenge\r\n\r\nThe Social Engineering Community needs your help and it’s not exactly a big deal, but without your help, the entire universe is going to implode. Fortunately, some creative beings designed a failsafe just for this specific purpose, the Def Con Social Engineering Youth Challenge at DEF CON 32!\r\n\r\n## Adversary Village - Table top adventure\r\n\r\nTabletop adversary adventure!\r\n\r\n## Biohacking Village - Learn about bio-technology and biohacking! \r\n\r\nHands on medical device hacking and village tour\r\n\r\n## Ham Radio Vilage - Find the Fox, Decode a SSTV broadcast, get your Ham Radio License!\r\n\r\nFox Hunt!: Try to find the fox radio transmitter. SSTV: Send an SSTV broadcast and see it decoded by someone else Ham Radio Exam: Get your ham radio license at DEF CON!\r\n\r\n## Crypto Privacy Village - Gold Bug Puzzle\r\n\r\nAn invitation to a house party at the home of the Mysterious Marquise. What does it mean that it’s for those with “an adventurous spirit and enjoyment of puzzles”? And how can the doorknocker reveal anything? Find out in the Junior Cryptographer’s Corner of the CPV Gold Bug Puzzle.\r\n\r\n## Data Duplication Village - Multiple: HDD Teardown, Decryption Challenge, Error detection and correction\r\n\r\n- **HDD Teardown**: Take apart and see how hard drives work.\r\n- **Decryption Challenge**: Learn how file encryption / decryption works and solve a challenge.\r\n- **Error Detection and Correction**: Use a simple binary code system, errors are introduced in the data string. Teaching basic parity checking or checksum algorithms to identify and correct the errors, demonstrating a fundamental data integrity concept.\r\n\r\n## Hardware Hacking Village - Open Soldering lessons\r\n\r\nThe folks at the Hardware Hacking Village can teach you soldering! Bring your soldering kits and learn this valuable hacker and life skill. \r\n\r\n# Friday, Saturday 13:00 - 16:00\r\n\r\n## Car Hacking Village Scavenger Hunt\r\n\r\nThe Car Hacking Village (CHV) put together a wonderland of fun for kids of all ages to explore. Stop by at our CHV Kids Booth during our hours of operation and dive into the rabbit hole of car hacking with our team. As you explore the CHV Village, you will not only learn about car hacking, but will also get to collect fun swag at every stop. Join us on this adventure through the car hacking wonderland and let your scavenger hunt begin.\n\n\n","media":[],"title":"Open Events for DCNextGen","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"# Open Events - All Days\r\n\r\n## AIxCC - Artificial Intelligence Cyber Challenge\r\n\r\nExperience a dynamic model city with illuminated buildings and projections that bring to life the Semifinals of the AI Cyber Challenge (AIxCC) - a two-year competition to safeguard the software critical to modern life. You'll experience the thrill of the game events and the critical stakes of cybersecurity in an immersive setting that also offers an inspiring educational journey.\r\n\r\n## Social Engineering Village - SE Youth Challenge\r\n\r\nThe Social Engineering Community needs your help and it’s not exactly a big deal, but without your help, the entire universe is going to implode. Fortunately, some creative beings designed a failsafe just for this specific purpose, the Def Con Social Engineering Youth Challenge at DEF CON 32!\r\n\r\n## Adversary Village - Table top adventure\r\n\r\nTabletop adversary adventure!\r\n\r\n## Biohacking Village - Learn about bio-technology and biohacking! \r\n\r\nHands on medical device hacking and village tour\r\n\r\n## Ham Radio Vilage - Find the Fox, Decode a SSTV broadcast, get your Ham Radio License!\r\n\r\nFox Hunt!: Try to find the fox radio transmitter. SSTV: Send an SSTV broadcast and see it decoded by someone else Ham Radio Exam: Get your ham radio license at DEF CON!\r\n\r\n## Crypto Privacy Village - Gold Bug Puzzle\r\n\r\nAn invitation to a house party at the home of the Mysterious Marquise. What does it mean that it’s for those with “an adventurous spirit and enjoyment of puzzles”? And how can the doorknocker reveal anything? Find out in the Junior Cryptographer’s Corner of the CPV Gold Bug Puzzle.\r\n\r\n## Data Duplication Village - Multiple: HDD Teardown, Decryption Challenge, Error detection and correction\r\n\r\n- **HDD Teardown**: Take apart and see how hard drives work.\r\n- **Decryption Challenge**: Learn how file encryption / decryption works and solve a challenge.\r\n- **Error Detection and Correction**: Use a simple binary code system, errors are introduced in the data string. Teaching basic parity checking or checksum algorithms to identify and correct the errors, demonstrating a fundamental data integrity concept.\r\n\r\n## Hardware Hacking Village - Open Soldering lessons\r\n\r\nThe folks at the Hardware Hacking Village can teach you soldering! Bring your soldering kits and learn this valuable hacker and life skill. \r\n\r\n# Friday, Saturday 13:00 - 16:00\r\n\r\n## Car Hacking Village Scavenger Hunt\r\n\r\nThe Car Hacking Village (CHV) put together a wonderland of fun for kids of all ages to explore. Stop by at our CHV Kids Booth during our hours of operation and dive into the rabbit hole of car hacking with our team. As you explore the CHV Village, you will not only learn about car hacking, but will also get to collect fun swag at every stop. Join us on this adventure through the car hacking wonderland and let your scavenger hunt begin.","updated_timestamp":{"seconds":1722363207,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T18:13:27Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":56097,"tag_ids":[46362,46398,46427],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T18:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This year we have more challenges and more prizes!\n\n\n","media":[],"title":"Payment Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T23:30:00Z","end_timestamp":{"seconds":1723246200,"nanoseconds":0},"android_description":"This year we have more challenges and more prizes!","updated_timestamp":{"seconds":1723074146,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T23:42:26Z","links":[{"label":"More Info","type":"link","url":"https://www.paymentvillage.org/challenges"}],"end":"2024-08-09T23:30:00.000-0000","id":56085,"tag_ids":[46386,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W202","hotel":"","short_name":"W202","id":46282},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-07T23:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Telecom Village Inauguration","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722351567,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T14:59:27Z","links":[{"label":"Twitter (@TelecomVillage)","type":"link","url":"https://twitter.com/TelecomVillage"}],"end":"2024-08-09T18:00:00.000-0000","id":56071,"tag_ids":[46395,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W201","hotel":"","short_name":"W201","id":46281},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T14:59:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Adversary Village proudly presents \"Adversary Wars CTF\", an official contest at DEF CON, where the participants will have to pose as adversaries and replicate adversarial actions against each element of a “target” organization. Adversary Wars would have real world simulation of CTF scenarios and challenges, where the participants can perform various attacks and learn new attack vectors, TTPs, techniques, etc. To visualize the CTF environment, the contest area will feature a miniature model of the city made using interlocking-plastic-bricks. The breached components OR organization buildings will be physically marked in the city model as the CTF progresses.\r\n\r\nWe are excited to be back at DEF CON as an official contest this year. Adversary Wars CTF will be located in the contest area for DEF CON 32.​\n\n\n","media":[{"hash_sha256":"07ddc9c91f6e59f3933f548603872f890309c05b353352836dc4896ef7fce215","filetype":"image/png","hash_md5":"cafd57b9dc99beb382a7e36477b02aad","name":"ct_adversary.png","is_logo":"Y","hash_crc32c":"b7d5aeab","filesize":104609,"asset_id":623,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_adversary.png"}],"title":"Adversary Wars CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Adversary Village proudly presents \"Adversary Wars CTF\", an official contest at DEF CON, where the participants will have to pose as adversaries and replicate adversarial actions against each element of a “target” organization. Adversary Wars would have real world simulation of CTF scenarios and challenges, where the participants can perform various attacks and learn new attack vectors, TTPs, techniques, etc. To visualize the CTF environment, the contest area will feature a miniature model of the city made using interlocking-plastic-bricks. The breached components OR organization buildings will be physically marked in the city model as the CTF progresses.\r\n\r\nWe are excited to be back at DEF CON as an official contest this year. Adversary Wars CTF will be located in the contest area for DEF CON 32.​","updated_timestamp":{"seconds":1722713515,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-03T19:31:55Z","links":[{"label":"Twitter (@AdversaryVillag)","type":"link","url":"https://twitter.com/AdversaryVillag"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249425"},{"label":"More Info","type":"link","url":"https://adversaryvillage.org/adversary-wars-ctf/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249426"}],"end":"2024-08-10T01:00:00.000-0000","id":56065,"tag_ids":[46367,46427,46439,46751],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-05","hotel":"","short_name":"HW4-03-05","id":46372},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-03T19:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The AutoDriving CTF contest focuses on the emerging security challenges in autonomous driving systems. Various levels of self-driving functionalities, such as AI-powered perception, sensor fusion and route planning, are entering the product portfolio of automobile companies. From the security perspective, these AI-powered components not only contain common security problems such as memory safety bugs, but also introduce new threats such as physical adversarial attacks and sensor manipulations. Two popular examples of physical adversarial attacks are camouflage stickers that interfere with vehicle detection systems, and road graffitis that disturb lane keeping systems. The AI-powered navigation and control relies on the fusion of multiple sensor inputs, and many of the sensor inputs can be manipulated by malicious attackers. These manipulations combined with logical bugs in autonomous driving systems pose severe threats to road safety.\r\n\r\nWe design autonomous driving CTF (AutoDriving CTF) contests around the security challenges specific to these self-driving functions and components.\r\n\r\nThe goals of the AutoDriving CTF are the followings:\r\n\r\n- Demonstrate security implications of autonomous driving system design decisions through hands-on challenges, increase the awareness of potential risks in security professionals, and encourage them to propose defense solutions and tools to detect such risks.\r\n- Provide CTF challenges that allow players to learn attack and defense practices related to autonomous driving in a well-controlled, repeatable, and visible environment.\r\n- Build a set of vulnerable autonomous driving components that can be used for security research and defense evaluation.\r\n\r\nThe contest is based on a Jeopardy style of CTF game with a set of independent challenges. A typical contest challenge includes a backend that runs autonomous driving components in simulated or real environments, and a frontend that interacts with the players. This year's contest will follow the style of last year and includes the following types of challenges:\r\n\r\n- “attack”: such as constructing adversarial patches and spoofing fake sensor inputs,\r\n- “forensics”: such as investigating a security incident related to autonomous driving,\r\n- “detection”: such as detecting spoofed sensor inputs and fake obstacles,\r\n- “crashme on road!”: such as creating dangerous traffic scenarios to expose logical errors in autonomous driving systems.\r\n- “smart planner”: such as creating intelligent path planners for dangerous tasks that are difficult for human drivers\r\n\r\nMost of these challenges will be developed using game-engine based autonomous driving simulators, such as CARLA and SVL. The following link contains some challenge videos, summaries from AutoDriving CTF at DEF CON 29 and DEF CON 30\r\nhttps://drive.google.com/drive/folders/1JSVarIaQBmseLC9XqkfrxnRQto4WM225?usp=sharing\r\nhttps://www.youtube.com/channel/UCPPsKbVpxwk-464KIzr8xKw\r\n\r\n# What's new in 2024\r\nThis year, we will unlock new traffic conflict scenarios that are observed from real-world driving logs such as Jaywalk and double parked vehicles. New difficulty levels will be added to challenges in such scenarios by integrating real downstream AI modules such as object tracking from open-source autonomous driving software like Apollo, Autoware and OpenPilot.\r\n\r\nIn order to enable the audience to experience the challenges more directly, we plan to set up a vehicle wheel controller on site and provide a driving game this year. Audiences can drive themselves to compete with the self-driving vehicle in some of the challenges. Driving game demo:\r\nhttps://drive.google.com/drive/folders/1LIzJJ1I3Eqj_e0_ntX5eFu82U9ObiEYB?usp=sharing\r\n\r\n# For players\r\n- What do players need to do to participate AutoDriving CTF?\r\nMost of the challenges do not require domain knowledge of autonomous driving software or adversarial machine learning, although knowledge of those helps. For example, the players can generate images the way they like (e.g., drawing, photoshopping) to fool the AI-components or write a short python script to control the vehicle. Some challenges, such as incident forensics likely would require players to learn domain knowledge such as sensor information format and how fusion works.\r\n\r\n- What do we expect players to learn through the CTF event?\r\nPlayers can (1) gain a deep understanding of real-world autonomous driving systems' design, implementation, and their corresponding security properties and characteristics; and (2) learn the attack and defense practices related to autonomous driving in a well-controlled, repeatable, visible, and engaging environment.\n\n\n","media":[{"hash_sha256":"375569510e5615465450cb3678a63b8069acd85e1636cca316295fc89cf599d6","filetype":"image/png","hash_md5":"06d063cea5818c71eee33a32d18b836d","name":"ct_autodriving.png","is_logo":"Y","hash_crc32c":"db78dfca","filesize":20241,"asset_id":624,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_autodriving.png"}],"title":"[CANCELED] AutoDriving CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T01:00:00Z","end_timestamp":{"seconds":1723338000,"nanoseconds":0},"android_description":"The AutoDriving CTF contest focuses on the emerging security challenges in autonomous driving systems. Various levels of self-driving functionalities, such as AI-powered perception, sensor fusion and route planning, are entering the product portfolio of automobile companies. From the security perspective, these AI-powered components not only contain common security problems such as memory safety bugs, but also introduce new threats such as physical adversarial attacks and sensor manipulations. Two popular examples of physical adversarial attacks are camouflage stickers that interfere with vehicle detection systems, and road graffitis that disturb lane keeping systems. The AI-powered navigation and control relies on the fusion of multiple sensor inputs, and many of the sensor inputs can be manipulated by malicious attackers. These manipulations combined with logical bugs in autonomous driving systems pose severe threats to road safety.\r\n\r\nWe design autonomous driving CTF (AutoDriving CTF) contests around the security challenges specific to these self-driving functions and components.\r\n\r\nThe goals of the AutoDriving CTF are the followings:\r\n\r\n- Demonstrate security implications of autonomous driving system design decisions through hands-on challenges, increase the awareness of potential risks in security professionals, and encourage them to propose defense solutions and tools to detect such risks.\r\n- Provide CTF challenges that allow players to learn attack and defense practices related to autonomous driving in a well-controlled, repeatable, and visible environment.\r\n- Build a set of vulnerable autonomous driving components that can be used for security research and defense evaluation.\r\n\r\nThe contest is based on a Jeopardy style of CTF game with a set of independent challenges. A typical contest challenge includes a backend that runs autonomous driving components in simulated or real environments, and a frontend that interacts with the players. This year's contest will follow the style of last year and includes the following types of challenges:\r\n\r\n- “attack”: such as constructing adversarial patches and spoofing fake sensor inputs,\r\n- “forensics”: such as investigating a security incident related to autonomous driving,\r\n- “detection”: such as detecting spoofed sensor inputs and fake obstacles,\r\n- “crashme on road!”: such as creating dangerous traffic scenarios to expose logical errors in autonomous driving systems.\r\n- “smart planner”: such as creating intelligent path planners for dangerous tasks that are difficult for human drivers\r\n\r\nMost of these challenges will be developed using game-engine based autonomous driving simulators, such as CARLA and SVL. The following link contains some challenge videos, summaries from AutoDriving CTF at DEF CON 29 and DEF CON 30\r\nhttps://drive.google.com/drive/folders/1JSVarIaQBmseLC9XqkfrxnRQto4WM225?usp=sharing\r\nhttps://www.youtube.com/channel/UCPPsKbVpxwk-464KIzr8xKw\r\n\r\n# What's new in 2024\r\nThis year, we will unlock new traffic conflict scenarios that are observed from real-world driving logs such as Jaywalk and double parked vehicles. New difficulty levels will be added to challenges in such scenarios by integrating real downstream AI modules such as object tracking from open-source autonomous driving software like Apollo, Autoware and OpenPilot.\r\n\r\nIn order to enable the audience to experience the challenges more directly, we plan to set up a vehicle wheel controller on site and provide a driving game this year. Audiences can drive themselves to compete with the self-driving vehicle in some of the challenges. Driving game demo:\r\nhttps://drive.google.com/drive/folders/1LIzJJ1I3Eqj_e0_ntX5eFu82U9ObiEYB?usp=sharing\r\n\r\n# For players\r\n- What do players need to do to participate AutoDriving CTF?\r\nMost of the challenges do not require domain knowledge of autonomous driving software or adversarial machine learning, although knowledge of those helps. For example, the players can generate images the way they like (e.g., drawing, photoshopping) to fool the AI-components or write a short python script to control the vehicle. Some challenges, such as incident forensics likely would require players to learn domain knowledge such as sensor information format and how fusion works.\r\n\r\n- What do we expect players to learn through the CTF event?\r\nPlayers can (1) gain a deep understanding of real-world autonomous driving systems' design, implementation, and their corresponding security properties and characteristics; and (2) learn the attack and defense practices related to autonomous driving in a well-controlled, repeatable, visible, and engaging environment.","updated_timestamp":{"seconds":1723168346,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T01:52:26Z","links":[{"label":"Twitter (@autodrivingctf)","type":"link","url":"https://twitter.com/autodrivingctf"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249420"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249419"}],"end":"2024-08-11T01:00:00.000-0000","id":56064,"tag_ids":[46426,46439,46752],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"Y","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-09T01:52:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The AutoDriving CTF contest focuses on the emerging security challenges in autonomous driving systems. Various levels of self-driving functionalities, such as AI-powered perception, sensor fusion and route planning, are entering the product portfolio of automobile companies. From the security perspective, these AI-powered components not only contain common security problems such as memory safety bugs, but also introduce new threats such as physical adversarial attacks and sensor manipulations. Two popular examples of physical adversarial attacks are camouflage stickers that interfere with vehicle detection systems, and road graffitis that disturb lane keeping systems. The AI-powered navigation and control relies on the fusion of multiple sensor inputs, and many of the sensor inputs can be manipulated by malicious attackers. These manipulations combined with logical bugs in autonomous driving systems pose severe threats to road safety.\r\n\r\nWe design autonomous driving CTF (AutoDriving CTF) contests around the security challenges specific to these self-driving functions and components.\r\n\r\nThe goals of the AutoDriving CTF are the followings:\r\n\r\n- Demonstrate security implications of autonomous driving system design decisions through hands-on challenges, increase the awareness of potential risks in security professionals, and encourage them to propose defense solutions and tools to detect such risks.\r\n- Provide CTF challenges that allow players to learn attack and defense practices related to autonomous driving in a well-controlled, repeatable, and visible environment.\r\n- Build a set of vulnerable autonomous driving components that can be used for security research and defense evaluation.\r\n\r\nThe contest is based on a Jeopardy style of CTF game with a set of independent challenges. A typical contest challenge includes a backend that runs autonomous driving components in simulated or real environments, and a frontend that interacts with the players. This year's contest will follow the style of last year and includes the following types of challenges:\r\n\r\n- “attack”: such as constructing adversarial patches and spoofing fake sensor inputs,\r\n- “forensics”: such as investigating a security incident related to autonomous driving,\r\n- “detection”: such as detecting spoofed sensor inputs and fake obstacles,\r\n- “crashme on road!”: such as creating dangerous traffic scenarios to expose logical errors in autonomous driving systems.\r\n- “smart planner”: such as creating intelligent path planners for dangerous tasks that are difficult for human drivers\r\n\r\nMost of these challenges will be developed using game-engine based autonomous driving simulators, such as CARLA and SVL. The following link contains some challenge videos, summaries from AutoDriving CTF at DEF CON 29 and DEF CON 30\r\nhttps://drive.google.com/drive/folders/1JSVarIaQBmseLC9XqkfrxnRQto4WM225?usp=sharing\r\nhttps://www.youtube.com/channel/UCPPsKbVpxwk-464KIzr8xKw\r\n\r\n# What's new in 2024\r\nThis year, we will unlock new traffic conflict scenarios that are observed from real-world driving logs such as Jaywalk and double parked vehicles. New difficulty levels will be added to challenges in such scenarios by integrating real downstream AI modules such as object tracking from open-source autonomous driving software like Apollo, Autoware and OpenPilot.\r\n\r\nIn order to enable the audience to experience the challenges more directly, we plan to set up a vehicle wheel controller on site and provide a driving game this year. Audiences can drive themselves to compete with the self-driving vehicle in some of the challenges. Driving game demo:\r\nhttps://drive.google.com/drive/folders/1LIzJJ1I3Eqj_e0_ntX5eFu82U9ObiEYB?usp=sharing\r\n\r\n# For players\r\n- What do players need to do to participate AutoDriving CTF?\r\nMost of the challenges do not require domain knowledge of autonomous driving software or adversarial machine learning, although knowledge of those helps. For example, the players can generate images the way they like (e.g., drawing, photoshopping) to fool the AI-components or write a short python script to control the vehicle. Some challenges, such as incident forensics likely would require players to learn domain knowledge such as sensor information format and how fusion works.\r\n\r\n- What do we expect players to learn through the CTF event?\r\nPlayers can (1) gain a deep understanding of real-world autonomous driving systems' design, implementation, and their corresponding security properties and characteristics; and (2) learn the attack and defense practices related to autonomous driving in a well-controlled, repeatable, visible, and engaging environment.\n\n\n","media":[{"hash_sha256":"375569510e5615465450cb3678a63b8069acd85e1636cca316295fc89cf599d6","filetype":"image/png","hash_md5":"06d063cea5818c71eee33a32d18b836d","name":"ct_autodriving.png","is_logo":"Y","hash_crc32c":"db78dfca","filesize":20241,"asset_id":624,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_autodriving.png"}],"title":"[CANCELED] AutoDriving CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The AutoDriving CTF contest focuses on the emerging security challenges in autonomous driving systems. Various levels of self-driving functionalities, such as AI-powered perception, sensor fusion and route planning, are entering the product portfolio of automobile companies. From the security perspective, these AI-powered components not only contain common security problems such as memory safety bugs, but also introduce new threats such as physical adversarial attacks and sensor manipulations. Two popular examples of physical adversarial attacks are camouflage stickers that interfere with vehicle detection systems, and road graffitis that disturb lane keeping systems. The AI-powered navigation and control relies on the fusion of multiple sensor inputs, and many of the sensor inputs can be manipulated by malicious attackers. These manipulations combined with logical bugs in autonomous driving systems pose severe threats to road safety.\r\n\r\nWe design autonomous driving CTF (AutoDriving CTF) contests around the security challenges specific to these self-driving functions and components.\r\n\r\nThe goals of the AutoDriving CTF are the followings:\r\n\r\n- Demonstrate security implications of autonomous driving system design decisions through hands-on challenges, increase the awareness of potential risks in security professionals, and encourage them to propose defense solutions and tools to detect such risks.\r\n- Provide CTF challenges that allow players to learn attack and defense practices related to autonomous driving in a well-controlled, repeatable, and visible environment.\r\n- Build a set of vulnerable autonomous driving components that can be used for security research and defense evaluation.\r\n\r\nThe contest is based on a Jeopardy style of CTF game with a set of independent challenges. A typical contest challenge includes a backend that runs autonomous driving components in simulated or real environments, and a frontend that interacts with the players. This year's contest will follow the style of last year and includes the following types of challenges:\r\n\r\n- “attack”: such as constructing adversarial patches and spoofing fake sensor inputs,\r\n- “forensics”: such as investigating a security incident related to autonomous driving,\r\n- “detection”: such as detecting spoofed sensor inputs and fake obstacles,\r\n- “crashme on road!”: such as creating dangerous traffic scenarios to expose logical errors in autonomous driving systems.\r\n- “smart planner”: such as creating intelligent path planners for dangerous tasks that are difficult for human drivers\r\n\r\nMost of these challenges will be developed using game-engine based autonomous driving simulators, such as CARLA and SVL. The following link contains some challenge videos, summaries from AutoDriving CTF at DEF CON 29 and DEF CON 30\r\nhttps://drive.google.com/drive/folders/1JSVarIaQBmseLC9XqkfrxnRQto4WM225?usp=sharing\r\nhttps://www.youtube.com/channel/UCPPsKbVpxwk-464KIzr8xKw\r\n\r\n# What's new in 2024\r\nThis year, we will unlock new traffic conflict scenarios that are observed from real-world driving logs such as Jaywalk and double parked vehicles. New difficulty levels will be added to challenges in such scenarios by integrating real downstream AI modules such as object tracking from open-source autonomous driving software like Apollo, Autoware and OpenPilot.\r\n\r\nIn order to enable the audience to experience the challenges more directly, we plan to set up a vehicle wheel controller on site and provide a driving game this year. Audiences can drive themselves to compete with the self-driving vehicle in some of the challenges. Driving game demo:\r\nhttps://drive.google.com/drive/folders/1LIzJJ1I3Eqj_e0_ntX5eFu82U9ObiEYB?usp=sharing\r\n\r\n# For players\r\n- What do players need to do to participate AutoDriving CTF?\r\nMost of the challenges do not require domain knowledge of autonomous driving software or adversarial machine learning, although knowledge of those helps. For example, the players can generate images the way they like (e.g., drawing, photoshopping) to fool the AI-components or write a short python script to control the vehicle. Some challenges, such as incident forensics likely would require players to learn domain knowledge such as sensor information format and how fusion works.\r\n\r\n- What do we expect players to learn through the CTF event?\r\nPlayers can (1) gain a deep understanding of real-world autonomous driving systems' design, implementation, and their corresponding security properties and characteristics; and (2) learn the attack and defense practices related to autonomous driving in a well-controlled, repeatable, visible, and engaging environment.","updated_timestamp":{"seconds":1723168346,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T01:52:26Z","links":[{"label":"Twitter (@autodrivingctf)","type":"link","url":"https://twitter.com/autodrivingctf"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249420"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249419"}],"end":"2024-08-10T01:00:00.000-0000","id":56062,"tag_ids":[46426,46439,46752],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-05-B","hotel":"","short_name":"HW4-01-05-B","id":46352},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-09T01:52:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Beverage Chilling Contraption Contest has been un-canceled! After a fantastic afternoon of day drinking celebrating the start of the 20th BCCC we've run out of beer. It's a disaster, a catastrophe! Fortunately, we had the wherewithal to scramble a crack beverage acquisition team to the streets of Las Vegas and found more! Don't ask where. Unfortunately, like the streets of Las Vegas, it's HOT and kinda sticky. We need you to help us fix this and get that beer as cold as the barren wasteland that is our generation's dreams of home ownership!\n\n\n","media":[],"title":"Beverage Chilling Contraption Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-09T23:00:00Z","end_timestamp":{"seconds":1723244400,"nanoseconds":0},"android_description":"The Beverage Chilling Contraption Contest has been un-canceled! After a fantastic afternoon of day drinking celebrating the start of the 20th BCCC we've run out of beer. It's a disaster, a catastrophe! Fortunately, we had the wherewithal to scramble a crack beverage acquisition team to the streets of Las Vegas and found more! Don't ask where. Unfortunately, like the streets of Las Vegas, it's HOT and kinda sticky. We need you to help us fix this and get that beer as cold as the barren wasteland that is our generation's dreams of home ownership!","updated_timestamp":{"seconds":1722311147,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:45:47Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249412"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249413"}],"end":"2024-08-09T23:00:00.000-0000","id":56060,"tag_ids":[46427,46439,46753],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-B","hotel":"","short_name":"HW4-01-04-B","id":46277},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This event was born out of the fires of DEF CON. Through years of analyzing network traffic for the Wall of Sheep and teaching others how to do the same, we built this system as a way to help the growing numbers in our community learn (fast). Then it quickly turned into the first defensive based CTF at DEF CON and is one of the longer running competitions at con with a twist... Each year we practically re-invent ourselves, bringing the latest tools & techniques along with never seen before content across 17 categories to unleash hell on the mostly-unsuspecting attendees. For ’24 we have added tons of new content, and new types of challenges never seen before.\r\n\r\nCome compete in the world's most challenging cyber defense competition based on the Aries Security Cyber Range. Tear through the challenges, traverse a hostile enterprise class network, and diligently analyze what is found in order to make it out unscathed. Not only glory, but prizes await those that emerge victorious from this upgraded labyrinth, so only the best prepared and battle hardened will escape the crucible.\n\n\n","media":[{"hash_sha256":"39238a01b06f0ddf4e2a678a63b07a1fb93094a3716dee47fac88ff443b09b2f","filetype":"image/png","hash_md5":"bb82eeecc603d6d9d05f319875161b0f","name":"ct_ctp.png","is_logo":"Y","hash_crc32c":"a13f862e","filesize":72882,"asset_id":631,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_ctp.png"}],"title":"Capture the Packet","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"This event was born out of the fires of DEF CON. Through years of analyzing network traffic for the Wall of Sheep and teaching others how to do the same, we built this system as a way to help the growing numbers in our community learn (fast). Then it quickly turned into the first defensive based CTF at DEF CON and is one of the longer running competitions at con with a twist... Each year we practically re-invent ourselves, bringing the latest tools & techniques along with never seen before content across 17 categories to unleash hell on the mostly-unsuspecting attendees. For ’24 we have added tons of new content, and new types of challenges never seen before.\r\n\r\nCome compete in the world's most challenging cyber defense competition based on the Aries Security Cyber Range. Tear through the challenges, traverse a hostile enterprise class network, and diligently analyze what is found in order to make it out unscathed. Not only glory, but prizes await those that emerge victorious from this upgraded labyrinth, so only the best prepared and battle hardened will escape the crucible.","updated_timestamp":{"seconds":1722476750,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T01:45:50Z","links":[{"label":"More Info","type":"link","url":"https://www.capturethepacket.com"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249401"},{"label":"Twitter (@capturetp)","type":"link","url":"https://twitter.com/capturetp"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249402"}],"end":"2024-08-10T01:00:00.000-0000","id":56052,"tag_ids":[46385,46427,46439,46757],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T01:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The inception of this distinctive event occurred at DEF CON 31, initiated by a fortuitous encounter with CookieT while participating in LineCon for merch. Our shared passions fostered an immediate bond, and it was amidst this camaraderie that the idea for a future challenge germinated. Having previously engaged participants with puzzle-embedded challenge coins, I (Chasse) was inspired to expand the concept beyond a mere cipher. The aim was to design a contest that would appeal across a broad spectrum of skill levels by integrating a variety of puzzles, both modern and traditional, to attract a wider audience from a complete beginner new to the hackerspace to the more seasoned and advanced hacker. Observing the collective enthusiasm as participants unraveled the first simple coin puzzle was exhilarating, yet the quick resolution of the puzzle occasionally detracted from the overall experience for more advanced puzzle solvers. Throughout DEF CON 31, CookieT and I explored the feasibility of a web-based challenge CTF, laying the foundation for what would evolve into a pioneering contest and experience. Later Raven emerged from the shadows of cyberspace to help us chisel out the contest from Zeroes and Ones\r\n\r\nWith the announcement of DEF CON 32's theme, our concept was honed, ready to blend our creative talents into this year's challenge. We crafted an innovative combination of a narrative-driven journey game, scavenger hunt, and web-based Capture The Flag (CTF) challenges, all meticulously aligned with the DEC CON 32 \"Engage\" theme. This contest emerges as a holistic platform, introducing DEF CON newcomers to core security principles through an engaging narrative. Spanning a variety of fields including OSINT, cryptography, radio, telephony, password, and web security. It promises a rich, diverse experience! Participants, automatically divided into teams, are propelled on a quest to decode puzzles and unearth flags, with challenges designed to suit everyone from novices to veterans seeking sophisticated, intricate challenges. This contest transcends the conventional competition framework, evolving into an artful endeavor that illustrates the symbiosis of storytelling and technical puzzles to create a deeply immersive learning adventure. Imagined as an interactive storybook, it invites attendees to navigate their own routes, making their own choices that lead them through a story-rich exploration of security concepts and engagement even with each other.\r\n\r\nThe technical infrastructure of this experience is built on varied technologies. The main website, https://www.chassepartie.com, is developed with Ruby on Rails 7.1 and hosted on Heroku, with CloudFlare acting as our Web Application Firewall (WAF). This site functions as the scoreboard and narrative hub of the contest. Additionally, we have set up an XCP-NG hypervisor to host approximately 10 to 15 virtual machines as targets for participant engagement. Augmented reality markers are also in place, intended for deployment in communal areas like sticker boards, to enhance the experience. These elements are interwoven with the storyline, guiding attendees through what we believe is an unprecedented adventure-style CTF challenge named Chasse Partie Systems – Dystopian Apocalypse Resistance Terminal.\r\n\r\nSo come and join us on our deviant journey, what are you waiting for?\n\n\n","media":[{"hash_sha256":"95a6fc9488a5c31ed3edb2848eb2a24498095a0de6f93552e7bc6ffe48c215cf","filetype":"image/png","hash_md5":"5ed77e41c595c690f459fe08cc26c28a","name":"ct_chasse-partie-ctf-v2.png","is_logo":"Y","hash_crc32c":"292aa419","filesize":303387,"asset_id":668,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_chasse-partie-ctf-v2.png"}],"title":"Chasse Partie Systems CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The inception of this distinctive event occurred at DEF CON 31, initiated by a fortuitous encounter with CookieT while participating in LineCon for merch. Our shared passions fostered an immediate bond, and it was amidst this camaraderie that the idea for a future challenge germinated. Having previously engaged participants with puzzle-embedded challenge coins, I (Chasse) was inspired to expand the concept beyond a mere cipher. The aim was to design a contest that would appeal across a broad spectrum of skill levels by integrating a variety of puzzles, both modern and traditional, to attract a wider audience from a complete beginner new to the hackerspace to the more seasoned and advanced hacker. Observing the collective enthusiasm as participants unraveled the first simple coin puzzle was exhilarating, yet the quick resolution of the puzzle occasionally detracted from the overall experience for more advanced puzzle solvers. Throughout DEF CON 31, CookieT and I explored the feasibility of a web-based challenge CTF, laying the foundation for what would evolve into a pioneering contest and experience. Later Raven emerged from the shadows of cyberspace to help us chisel out the contest from Zeroes and Ones\r\n\r\nWith the announcement of DEF CON 32's theme, our concept was honed, ready to blend our creative talents into this year's challenge. We crafted an innovative combination of a narrative-driven journey game, scavenger hunt, and web-based Capture The Flag (CTF) challenges, all meticulously aligned with the DEC CON 32 \"Engage\" theme. This contest emerges as a holistic platform, introducing DEF CON newcomers to core security principles through an engaging narrative. Spanning a variety of fields including OSINT, cryptography, radio, telephony, password, and web security. It promises a rich, diverse experience! Participants, automatically divided into teams, are propelled on a quest to decode puzzles and unearth flags, with challenges designed to suit everyone from novices to veterans seeking sophisticated, intricate challenges. This contest transcends the conventional competition framework, evolving into an artful endeavor that illustrates the symbiosis of storytelling and technical puzzles to create a deeply immersive learning adventure. Imagined as an interactive storybook, it invites attendees to navigate their own routes, making their own choices that lead them through a story-rich exploration of security concepts and engagement even with each other.\r\n\r\nThe technical infrastructure of this experience is built on varied technologies. The main website, https://www.chassepartie.com, is developed with Ruby on Rails 7.1 and hosted on Heroku, with CloudFlare acting as our Web Application Firewall (WAF). This site functions as the scoreboard and narrative hub of the contest. Additionally, we have set up an XCP-NG hypervisor to host approximately 10 to 15 virtual machines as targets for participant engagement. Augmented reality markers are also in place, intended for deployment in communal areas like sticker boards, to enhance the experience. These elements are interwoven with the storyline, guiding attendees through what we believe is an unprecedented adventure-style CTF challenge named Chasse Partie Systems – Dystopian Apocalypse Resistance Terminal.\r\n\r\nSo come and join us on our deviant journey, what are you waiting for?","updated_timestamp":{"seconds":1722310816,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:40:16Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249395"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249396"}],"end":"2024-08-10T01:00:00.000-0000","id":56049,"tag_ids":[46426,46439,46758],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-E","hotel":"","short_name":"HW4-01-04-E","id":46347},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you ever wanted to break stuff on the cloud, or if you like rabbit holes that take you places you did not think you would go to, follow complicated story lines to only find you could have reached to the flag without scratching your head so much - then this CTF is for you!\r\n\r\nOur CTF is a two days jeopardy style contest where we have a bunch of challenges hosted across multiple Cloud providers across multiple categories of difficulty.\r\n\r\nYou can register as teams or go solo, use hints or stay away from them, in the end it will be all for glory or nothing. Plus the prizes. Did we not mention the prizes? :D\n\n\n","media":[{"hash_sha256":"84030b2ecb5f077fa506dcc16c49a685cf98f05b8c10202c417c064233eb4829","filetype":"image/png","hash_md5":"4b19e13df1a3f66b5f8b392d76ca707e","name":"ct_cloud.png","is_logo":"Y","hash_crc32c":"45aa66f3","filesize":58121,"asset_id":669,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_cloud.png"}],"title":"Cloud Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T06:59:00Z","end_timestamp":{"seconds":1723359540,"nanoseconds":0},"android_description":"If you ever wanted to break stuff on the cloud, or if you like rabbit holes that take you places you did not think you would go to, follow complicated story lines to only find you could have reached to the flag without scratching your head so much - then this CTF is for you!\r\n\r\nOur CTF is a two days jeopardy style contest where we have a bunch of challenges hosted across multiple Cloud providers across multiple categories of difficulty.\r\n\r\nYou can register as teams or go solo, use hints or stay away from them, in the end it will be all for glory or nothing. Plus the prizes. Did we not mention the prizes? :D","updated_timestamp":{"seconds":1722310678,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:37:58Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249392"},{"label":"Twitter (@cloudvillage_dc)","type":"link","url":"https://twitter.com/cloudvillage_dc"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249393"}],"end":"2024-08-11T06:59:00.000-0000","id":56048,"tag_ids":[46376,46426,46439,46759],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"Y","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you ever wanted to break stuff on the cloud, or if you like rabbit holes that take you places you did not think you would go to, follow complicated story lines to only find you could have reached to the flag without scratching your head so much - then this CTF is for you!\r\n\r\nOur CTF is a two days jeopardy style contest where we have a bunch of challenges hosted across multiple Cloud providers across multiple categories of difficulty.\r\n\r\nYou can register as teams or go solo, use hints or stay away from them, in the end it will be all for glory or nothing. Plus the prizes. Did we not mention the prizes? :D\n\n\n","media":[{"hash_sha256":"84030b2ecb5f077fa506dcc16c49a685cf98f05b8c10202c417c064233eb4829","filetype":"image/png","hash_md5":"4b19e13df1a3f66b5f8b392d76ca707e","name":"ct_cloud.png","is_logo":"Y","hash_crc32c":"45aa66f3","filesize":58121,"asset_id":669,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_cloud.png"}],"title":"Cloud Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"If you ever wanted to break stuff on the cloud, or if you like rabbit holes that take you places you did not think you would go to, follow complicated story lines to only find you could have reached to the flag without scratching your head so much - then this CTF is for you!\r\n\r\nOur CTF is a two days jeopardy style contest where we have a bunch of challenges hosted across multiple Cloud providers across multiple categories of difficulty.\r\n\r\nYou can register as teams or go solo, use hints or stay away from them, in the end it will be all for glory or nothing. Plus the prizes. Did we not mention the prizes? :D","updated_timestamp":{"seconds":1722310678,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:37:58Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249392"},{"label":"Twitter (@cloudvillage_dc)","type":"link","url":"https://twitter.com/cloudvillage_dc"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249393"}],"end":"2024-08-10T01:00:00.000-0000","id":56046,"tag_ids":[46376,46426,46439,46759],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"CMD+CTRL Web App Hacking Challenge gives you the opportunity to showcase your red team skills by attacking real web applications. The CMD+CTRL platform is a hacking game designed to teach the fundamentals of web application security. Explore vulnerable web applications, discover security flaws, and exploit those flaws to earn points and climb up the scoreboard. After attacking an application for yourself, you'll have a better understanding of the vulnerabilities that put real world systems at risk.\r\n\r\nAt DEF CON 32: We will be replaying some of our Cyber Range Greatest Hits. We will be running 4 different Ranges with over a 150 challenges possible!\n\n\n","media":[{"hash_sha256":"9c8df8b7b1bfaa7f9a6f76d47c2ddafcb15c60bfc6ba40d764dfaf8bc3583cde","filetype":"image/png","hash_md5":"a6d499b0f825c7c532b2eaf562131129","name":"ct_cmdctrl.png","is_logo":"Y","hash_crc32c":"9670e5ce","filesize":4017,"asset_id":630,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_cmdctrl.png"}],"title":"CMD+CTRL at DEF CON 32","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"CMD+CTRL Web App Hacking Challenge gives you the opportunity to showcase your red team skills by attacking real web applications. The CMD+CTRL platform is a hacking game designed to teach the fundamentals of web application security. Explore vulnerable web applications, discover security flaws, and exploit those flaws to earn points and climb up the scoreboard. After attacking an application for yourself, you'll have a better understanding of the vulnerabilities that put real world systems at risk.\r\n\r\nAt DEF CON 32: We will be replaying some of our Cyber Range Greatest Hits. We will be running 4 different Ranges with over a 150 challenges possible!","updated_timestamp":{"seconds":1722310603,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:36:43Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249390"},{"label":"More Info","type":"link","url":"https://defcon32.cmdnctrl.net"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249389"}],"end":"2024-08-10T01:00:00.000-0000","id":56043,"tag_ids":[46427,46439,46760],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-D","hotel":"","short_name":"HW4-03-06-D","id":46377},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:36:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Zoogleta has been scheming to corporatize and enshittify the Internet through regulatory capture, squashing indy devs, and commodifying users.\r\n\r\nYou've been contacted by journalists and whistleblowers who need help sifting through some big dumps of encrypted data and password hashes.\r\n\r\nHelp them so they can publish the smoking gun, crash Zoogleta's stock price, and get their leadership and the corrupt politicians they own arrested by exposing their internal dirt, for great justice.\r\n\r\nTime is of the essence! You will have 48 hours to crack as many files and hashes as possible.\r\n\r\nOpen to all; preregistration is recommended. Compete in the Street class for individuals or small teams, or in Pro if you do not want to sleep all weekend. Check out past years' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/\n\n\n","media":[{"hash_sha256":"8c55b933bea038dc88c4628f4a2689a38cb05c0482e20738f947c7c0a6d0bd03","filetype":"image/png","hash_md5":"1747482750537af24b802702bb112b7e","name":"ct_crackmeifyoucan.png","is_logo":"Y","hash_crc32c":"398a67a5","filesize":50685,"asset_id":721,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_crackmeifyoucan.png"}],"title":"CrackMeIfYouCan","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Zoogleta has been scheming to corporatize and enshittify the Internet through regulatory capture, squashing indy devs, and commodifying users.\r\n\r\nYou've been contacted by journalists and whistleblowers who need help sifting through some big dumps of encrypted data and password hashes.\r\n\r\nHelp them so they can publish the smoking gun, crash Zoogleta's stock price, and get their leadership and the corrupt politicians they own arrested by exposing their internal dirt, for great justice.\r\n\r\nTime is of the essence! You will have 48 hours to crack as many files and hashes as possible.\r\n\r\nOpen to all; preregistration is recommended. Compete in the Street class for individuals or small teams, or in Pro if you do not want to sleep all weekend. Check out past years' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/","updated_timestamp":{"seconds":1722310455,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:34:15Z","links":[{"label":"More Info","type":"link","url":"https://www.crackmeifyoucan.com"},{"label":"Sub-Forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250053"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250054"},{"label":"Mastodon (@CrackMeIfYouCan@infosec.exchange)","type":"link","url":"https://infosec.exchange/@CrackMeIfYouCan"}],"end":"2024-08-10T01:00:00.000-0000","id":56040,"tag_ids":[46428,46439,46761],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-05","hotel":"","short_name":"HW4-01-05","id":46349},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:34:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Various cyber tools and techniques have been utilized based on information from past attacks. Game players will learn about different cyber security frameworks, cyber-attack processes, and how they can use utilised in a fun way. The game is built to teach key cyber terms, theory and apply techniques based on real-world scenarios.\r\n\r\nAs a player, you are part of a Global Cyber Protection Team (GCPT) assigned to the mission to prevent various attacks on critical infrastructure. Your task is to use the available information that your team has at your disposal to stop the adversary from achieving their objective.\r\n\r\nPlayers will find themselves in a variety of future scenarios based on a specific industry/sector focus e.g. manufacturing, utilities, defense, finance. The task will be to defend each individual network/system to govern, identify, detect, respond and recover against abnormal/suspicious activities on the network. You will be working against a global hacker network who are threatening to disrupt the overall operations of global critical infrastructure sites for their own nefarious means.\r\n\r\nYour team must protect various networks/systems as part of a global environment. If 5 or more systems are compromised and deactivated, the hacker network successfully disabled the global environment and can assume control of the entire environment. It is your mission to protect the environment and ensure the availability of the global system.\n\n\n","media":[{"hash_sha256":"590434b852585a01a647426db34529416f6624082c827bbd32d1ef45e5ef4651","filetype":"image/png","hash_md5":"1e73edab68d1da1d66c84a992554e685","name":"ct_cyberdefender.png","is_logo":"Y","hash_crc32c":"5a341827","filesize":92175,"asset_id":632,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_cyberdefender.png"}],"title":"Cyber Defender - The Game","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Various cyber tools and techniques have been utilized based on information from past attacks. Game players will learn about different cyber security frameworks, cyber-attack processes, and how they can use utilised in a fun way. The game is built to teach key cyber terms, theory and apply techniques based on real-world scenarios.\r\n\r\nAs a player, you are part of a Global Cyber Protection Team (GCPT) assigned to the mission to prevent various attacks on critical infrastructure. Your task is to use the available information that your team has at your disposal to stop the adversary from achieving their objective.\r\n\r\nPlayers will find themselves in a variety of future scenarios based on a specific industry/sector focus e.g. manufacturing, utilities, defense, finance. The task will be to defend each individual network/system to govern, identify, detect, respond and recover against abnormal/suspicious activities on the network. You will be working against a global hacker network who are threatening to disrupt the overall operations of global critical infrastructure sites for their own nefarious means.\r\n\r\nYour team must protect various networks/systems as part of a global environment. If 5 or more systems are compromised and deactivated, the hacker network successfully disabled the global environment and can assume control of the entire environment. It is your mission to protect the environment and ensure the availability of the global system.","updated_timestamp":{"seconds":1722310334,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:32:14Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249384"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249385"}],"end":"2024-08-10T01:00:00.000-0000","id":56036,"tag_ids":[46439,46762],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-C","hotel":"","short_name":"HW4-03-06-C","id":46376},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:32:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Darknet-NG is an Alternate Reality Game (ARG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The \"Learning Quests\" help the agent gather knowledge from all across the other villages at the conference, while the \"Challenge Quests\" help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year's final challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site https://darknet-ng.network and join our growing Discord Community!\n\n\n","media":[{"hash_sha256":"1b2e0f8d162af1a6bd8a463fa27176b2afd439a1dc61b7817c2c855763a600ed","filetype":"image/png","hash_md5":"e7442de5c5eb4549170a56163423cd5e","name":"ct_darknet.png","is_logo":"Y","hash_crc32c":"f77e820f","filesize":49081,"asset_id":633,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_darknet.png"}],"title":"Darknet-NG","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Darknet-NG is an Alternate Reality Game (ARG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The \"Learning Quests\" help the agent gather knowledge from all across the other villages at the conference, while the \"Challenge Quests\" help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year's final challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site https://darknet-ng.network and join our growing Discord Community!","updated_timestamp":{"seconds":1722310268,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:31:08Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249382"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249381"},{"label":"More Info","type":"link","url":"https://darknet-ng.network"},{"label":"Twitter (@DarknetNg)","type":"link","url":"https://twitter.com/DarknetNg"}],"end":"2024-08-10T01:00:00.000-0000","id":56033,"tag_ids":[46426,46439,46763],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-D","hotel":"","short_name":"HW4-02-01-D","id":46359},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DARPA and ARPA-H’s Artificial Intelligence Cyber Challenge (AIxCC) will bring together the foremost experts in AI and cybersecurity to safeguard the software critical to all Americans. AIxCC is a two-year competition that asks competitors to design novel AI systems to secure this critical code and will award a cumulative $29.5 million in prizes to Teams with the best systems. In 2024, top teams will be awarded prizes of $2 million each, and will advance to the finals at DEF CON 33. The AIxCC Experience at DEF CON 32 is an immersive and interactive competition environment and educational space to inspire people and organizations to accelerate the development of AI-enabled cyber defenses. Attendees will explore a futuristic city where they can learn all about the competition, the technology, and the power of AI to help secure the software we all depend on.\r\n\r\nRegistration for AIxCC is no longer open to new contestants. AIxCC Preliminary Events were held March – July 2024.\r\n\r\nSemifinalists will be announced here: https://aicyberchallenge.com/\n\n\n","media":[{"hash_sha256":"ff926fdb8070905e8485c17bfc79608b27202a7548f2ddcc058bbb89ea639e83","filetype":"image/png","hash_md5":"cbceb546139e5ed4e4a61a0b7fcaf58a","name":"ct_aixcc.png","is_logo":"Y","hash_crc32c":"661f6649","filesize":94474,"asset_id":625,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_aixcc.png"}],"title":"DARPA's Artificial Intelligence Cyber Challenge (AIxCC)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"DARPA and ARPA-H’s Artificial Intelligence Cyber Challenge (AIxCC) will bring together the foremost experts in AI and cybersecurity to safeguard the software critical to all Americans. AIxCC is a two-year competition that asks competitors to design novel AI systems to secure this critical code and will award a cumulative $29.5 million in prizes to Teams with the best systems. In 2024, top teams will be awarded prizes of $2 million each, and will advance to the finals at DEF CON 33. The AIxCC Experience at DEF CON 32 is an immersive and interactive competition environment and educational space to inspire people and organizations to accelerate the development of AI-enabled cyber defenses. Attendees will explore a futuristic city where they can learn all about the competition, the technology, and the power of AI to help secure the software we all depend on.\r\n\r\nRegistration for AIxCC is no longer open to new contestants. AIxCC Preliminary Events were held March – July 2024.\r\n\r\nSemifinalists will be announced here: https://aicyberchallenge.com/","updated_timestamp":{"seconds":1722310204,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:30:04Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249422"},{"label":"More Info","type":"link","url":"https://aicyberchallenge.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249423"}],"end":"2024-08-10T01:00:00.000-0000","id":56030,"tag_ids":[46427,46439,46764],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-06 (AIxCC)","hotel":"","short_name":"HW3-05-06 (AIxCC)","id":46268},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Threat Modeling is arguably the single most important activity in an application security program and if performed early can identify a wide range of potential flaws before a single line of code has been written. While being so critically important there is no single correct way to perform Threat Modeling, many techniques, methodologies and/or tools exist.\r\n\r\nAs part of our challenge we will present contestants with the exact same design and compare the outputs they produce against a number of categories in order to identify a winner and crown DEF CON’s Next Top Threat Model(er).\n\n\n","media":[{"hash_sha256":"9f1c45d1825d2b7b5cd93c07c1a6bba41550b5cc76e52275ba0f3d3e33abf1b7","filetype":"image/png","hash_md5":"a4ccc4bb2dc371a268d25b115dd92920","name":"ct_dcnttm.png","is_logo":"Y","hash_crc32c":"a36d8a48","filesize":16951,"asset_id":634,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_dcnttm.png"}],"title":"DC’s Next Top Threat Model (DCNTTM)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Threat Modeling is arguably the single most important activity in an application security program and if performed early can identify a wide range of potential flaws before a single line of code has been written. While being so critically important there is no single correct way to perform Threat Modeling, many techniques, methodologies and/or tools exist.\r\n\r\nAs part of our challenge we will present contestants with the exact same design and compare the outputs they produce against a number of categories in order to identify a winner and crown DEF CON’s Next Top Threat Model(er).","updated_timestamp":{"seconds":1722309815,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:23:35Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249371"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249372"},{"label":"More Info","type":"link","url":"https://threatmodel.us"}],"end":"2024-08-10T01:00:00.000-0000","id":56026,"tag_ids":[46426,46439,46766],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-05-A","hotel":"","short_name":"HW4-01-05-A","id":46351},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Whether you're a seasoned DEFCON veteran or a curious newcomer, the DEFCON Scavenger Hunt promises to challenge your skills, tickle your wits, and ignite your hacker spirit. Our list is a portal to mystery, mischief, and mayhem. Assemble your team of up to five members, interpret the items, and submit your findings at the booth to our esteemed judges. Go beyond the basics for bonus points. Legends are born here.\r\n\r\nCasual players will enjoy doing a handful of items, but you will need to devote your entire weekend if you want to win. It's not just about fame, glory, or boxes of swag; the true allure is the camaraderie of fellow hackers, the knowledge that you've etched your mark on DEFCON history, and the ultimate badge of honor: bragging rights. Nothing says \"I'm a hacker\" quite like being triumphant at the DEFCON Scavenger Hunt contest.\r\n\r\nSee you at the booth!\n\n\n","media":[{"hash_sha256":"0bbb61282ddf3bcc0d027a7ffb0cb2f0dc6fcf32814b48e53488203695f478b3","filetype":"image/png","hash_md5":"d8ada9124833199cadf2f291b0178024","name":"ct_scav-hunt.png","is_logo":"Y","hash_crc32c":"fa957778","filesize":20774,"asset_id":639,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_scav-hunt.png"}],"title":"DEF CON Scavenger Hunt","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Whether you're a seasoned DEFCON veteran or a curious newcomer, the DEFCON Scavenger Hunt promises to challenge your skills, tickle your wits, and ignite your hacker spirit. Our list is a portal to mystery, mischief, and mayhem. Assemble your team of up to five members, interpret the items, and submit your findings at the booth to our esteemed judges. Go beyond the basics for bonus points. Legends are born here.\r\n\r\nCasual players will enjoy doing a handful of items, but you will need to devote your entire weekend if you want to win. It's not just about fame, glory, or boxes of swag; the true allure is the camaraderie of fellow hackers, the knowledge that you've etched your mark on DEFCON history, and the ultimate badge of honor: bragging rights. Nothing says \"I'm a hacker\" quite like being triumphant at the DEFCON Scavenger Hunt contest.\r\n\r\nSee you at the booth!","updated_timestamp":{"seconds":1722309542,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:19:02Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249365"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249366"},{"label":"Twitter (@defconscavhunt)","type":"link","url":"https://twitter.com/defconscavhunt"},{"label":"More Info","type":"link","url":"https://www.defconscavhunt.com"}],"end":"2024-08-10T01:00:00.000-0000","id":56023,"tag_ids":[46427,46439,46767],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-02","hotel":"","short_name":"HW4-03-02","id":46369},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle can keep you intrigued and busy throughout DEF CON - and questioning how deep the layers of cryptography go.\r\n\r\nThe Gold Bug is an annual puzzle hunt at DEF CON, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto.\r\n\r\nThe Gold Bug is accessible to all, with some simpler puzzles for warmup or beginners (even kids!), and some that will require you to dig a little deeper. Whether you want to hack on puzzles solo or with a team, join us at https://goldbug.cryptovillage.org to get started!\n\n\n","media":[{"hash_sha256":"13b49952b47182e368d362f08a7e71f8089c9c83059a9c4c8e4808b45d4b4895","filetype":"image/png","hash_md5":"9a544e26f3417e9cf4b4d32be2f147ae","name":"ct_gold-bug.png","is_logo":"Y","hash_crc32c":"c2604e30","filesize":86951,"asset_id":642,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_gold-bug.png"}],"title":"Gold Bug Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle can keep you intrigued and busy throughout DEF CON - and questioning how deep the layers of cryptography go.\r\n\r\nThe Gold Bug is an annual puzzle hunt at DEF CON, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto.\r\n\r\nThe Gold Bug is accessible to all, with some simpler puzzles for warmup or beginners (even kids!), and some that will require you to dig a little deeper. Whether you want to hack on puzzles solo or with a team, join us at https://goldbug.cryptovillage.org to get started!","updated_timestamp":{"seconds":1722309511,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:18:31Z","links":[{"label":"More Info","type":"link","url":"https://goldbug.cryptovillage.org/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249357"},{"label":"Twitter (@CryptoVillage)","type":"link","url":"https://twitter.com/CryptoVillage"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249358"}],"end":"2024-08-11T19:00:00.000-0000","id":56022,"tag_ids":[46377,46426,46439,46768],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"Y","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle can keep you intrigued and busy throughout DEF CON - and questioning how deep the layers of cryptography go.\r\n\r\nThe Gold Bug is an annual puzzle hunt at DEF CON, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto.\r\n\r\nThe Gold Bug is accessible to all, with some simpler puzzles for warmup or beginners (even kids!), and some that will require you to dig a little deeper. Whether you want to hack on puzzles solo or with a team, join us at https://goldbug.cryptovillage.org to get started!\n\n\n","media":[{"hash_sha256":"13b49952b47182e368d362f08a7e71f8089c9c83059a9c4c8e4808b45d4b4895","filetype":"image/png","hash_md5":"9a544e26f3417e9cf4b4d32be2f147ae","name":"ct_gold-bug.png","is_logo":"Y","hash_crc32c":"c2604e30","filesize":86951,"asset_id":642,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_gold-bug.png"}],"title":"Gold Bug Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle can keep you intrigued and busy throughout DEF CON - and questioning how deep the layers of cryptography go.\r\n\r\nThe Gold Bug is an annual puzzle hunt at DEF CON, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto.\r\n\r\nThe Gold Bug is accessible to all, with some simpler puzzles for warmup or beginners (even kids!), and some that will require you to dig a little deeper. Whether you want to hack on puzzles solo or with a team, join us at https://goldbug.cryptovillage.org to get started!","updated_timestamp":{"seconds":1722309511,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:18:31Z","links":[{"label":"More Info","type":"link","url":"https://goldbug.cryptovillage.org/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249357"},{"label":"Twitter (@CryptoVillage)","type":"link","url":"https://twitter.com/CryptoVillage"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249358"}],"end":"2024-08-10T01:00:00.000-0000","id":56019,"tag_ids":[46377,46426,46439,46768],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-F","hotel":"","short_name":"HW4-01-04-F","id":46348},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hybrid Contest\r\nOn-site Hours: Friday and Saturday 10:00-18:00; Sunday: 10:00-12:00\r\nBecomes available online Thursday 12:00\r\nOnline and In-Person platforms will close Sunday 12:00\r\nPlayers will only be able to turn in scavenger hunt items during On-site Hours.\r\n\r\nThis Pac-Man themed set of challenges takes Players on a journey through learning and demonstrating hacker and information security skills to earn points. With multiple subject-matter specific challenge groups and tracks, this hacker challenge game has something for everyone. You, dear Player, are Hac-Man (or Ms. Hac-Man, or Hac-Person), making your way through various dark mazes eating pellets, fruit, and ghosts. Each ghost represents a hacker puzzle or skills challenge. Upon completing each challenge, you’ll be awarded points and can continue on to attempt further challenges. Many challenges have unlockable hints and location information, which you can unlock by spending your collected fruit.\r\n\r\nThere is a leaderboard! As you collect points, you’ll show up on this leaderboard. The top 10 Players at the end of the game will be awarded various prizes from a prize pool.\n\n\n","media":[{"hash_sha256":"cc6847194df5b5f393d21dbe7eae61dd116d6ba9425fa3ecf526ffe8e72fcd79","filetype":"image/png","hash_md5":"a8e899829eca14ba61dacae2a6508d0a","name":"ct_hac-man_v2.png","is_logo":"Y","hash_crc32c":"e972f1c8","filesize":99075,"asset_id":782,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hac-man_v2.png"}],"title":"Hac-Man","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Hybrid Contest\r\nOn-site Hours: Friday and Saturday 10:00-18:00; Sunday: 10:00-12:00\r\nBecomes available online Thursday 12:00\r\nOnline and In-Person platforms will close Sunday 12:00\r\nPlayers will only be able to turn in scavenger hunt items during On-site Hours.\r\n\r\nThis Pac-Man themed set of challenges takes Players on a journey through learning and demonstrating hacker and information security skills to earn points. With multiple subject-matter specific challenge groups and tracks, this hacker challenge game has something for everyone. You, dear Player, are Hac-Man (or Ms. Hac-Man, or Hac-Person), making your way through various dark mazes eating pellets, fruit, and ghosts. Each ghost represents a hacker puzzle or skills challenge. Upon completing each challenge, you’ll be awarded points and can continue on to attempt further challenges. Many challenges have unlockable hints and location information, which you can unlock by spending your collected fruit.\r\n\r\nThere is a leaderboard! As you collect points, you’ll show up on this leaderboard. The top 10 Players at the end of the game will be awarded various prizes from a prize pool.","updated_timestamp":{"seconds":1722309229,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:13:49Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249354"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249355"},{"label":"More Info","type":"link","url":"https://scramble.roguesignal.io/GM_HACM24"}],"end":"2024-08-10T01:00:00.000-0000","id":56015,"tag_ids":[46426,46439,46769],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-C","hotel":"","short_name":"HW4-02-01-C","id":46358},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We would like to see cancer become a thing of the past, and you can help. How? Join the Hacker Cooling Contraption Challenge, brought to you by the TeleChallenge. Here's how it works:\r\n\r\n1. Accept our Challenge. If you accept the Challenge, you're also committing to nominate three people to join you.\r\n2. Take a video of yourself dumping a bucket of ice water over your head in combination with a Contraption of your construction to lower your temperature and raise awareness of cancer. Trust us, it's way easier to do this during the summer in Vegas than at Halifax Analytica headquarters in the winter.\r\n3. Post the audio to the TeleChallenge voice BBS challenging up to three others using their phone number, or post a video to https://defcon.social or your social media of choice using the hashtag #HackerCoolingContraption and the following:\r\n - Your handle\r\n - Who challenged you\r\n - A statement of acceptance (\"I agree that I am responsible for my own hacker cooling actions, I understand that water is wet, and I promise not to sue the TeleChallenge or DEF CON\" or something to that effect)\r\n - The handles of 3 people you are nominating\r\n - A link to a nonprofit cancer research project or charity of your choice that you have chosen to support\r\n - A mention of your contribution (including cash, cryptocurrency, volunteer hours, or computing resources), if any\r\n\r\nSuggested: Make a contribution of your choice to support cancer research. You may want to check nonprofit and charity quality here: https://www.charitynavigator.org/\r\n\r\nRULES\r\n\r\n1. You can use up to 4 items obtained either from the TeleChallenge booth or at a dollar store costing no more than $5 plus tax, plus duct tape, along with a single one-gallon bucket or container full of conventional ice and water (solely H2O!) to build your Contraption.\r\n2. Only hand tools may be used.\r\n3. No hackers may be harmed in the execution of the Challenge. Contraption may cool to no colder than -3 degrees Celcius.\r\n4. You may wear no less than a bathing suit (due to dress code requirements at pools).\r\n5. Contraptions will be judged only for full participants of the Challenge, meaning you have made three nominations and at least two nominees have also participated.\r\n6. Judging criteria: Efficacy, creativity, flair, hax.\n\n\n","media":[{"hash_sha256":"1162bb14d1418b4cae3817411de665ed741ed2268a0dcc68a84b299605b611cb","filetype":"image/png","hash_md5":"a28c768a3e779e17ac17c6310bf89f1e","name":"ct_telechallenge.png","is_logo":"Y","hash_crc32c":"a0fffafe","filesize":8220,"asset_id":660,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_telechallenge.png"}],"title":"Hacker Cooling Contraption Challenge, brought to you by the TeleChallenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"We would like to see cancer become a thing of the past, and you can help. How? Join the Hacker Cooling Contraption Challenge, brought to you by the TeleChallenge. Here's how it works:\r\n\r\n1. Accept our Challenge. If you accept the Challenge, you're also committing to nominate three people to join you.\r\n2. Take a video of yourself dumping a bucket of ice water over your head in combination with a Contraption of your construction to lower your temperature and raise awareness of cancer. Trust us, it's way easier to do this during the summer in Vegas than at Halifax Analytica headquarters in the winter.\r\n3. Post the audio to the TeleChallenge voice BBS challenging up to three others using their phone number, or post a video to https://defcon.social or your social media of choice using the hashtag #HackerCoolingContraption and the following:\r\n - Your handle\r\n - Who challenged you\r\n - A statement of acceptance (\"I agree that I am responsible for my own hacker cooling actions, I understand that water is wet, and I promise not to sue the TeleChallenge or DEF CON\" or something to that effect)\r\n - The handles of 3 people you are nominating\r\n - A link to a nonprofit cancer research project or charity of your choice that you have chosen to support\r\n - A mention of your contribution (including cash, cryptocurrency, volunteer hours, or computing resources), if any\r\n\r\nSuggested: Make a contribution of your choice to support cancer research. You may want to check nonprofit and charity quality here: https://www.charitynavigator.org/\r\n\r\nRULES\r\n\r\n1. You can use up to 4 items obtained either from the TeleChallenge booth or at a dollar store costing no more than $5 plus tax, plus duct tape, along with a single one-gallon bucket or container full of conventional ice and water (solely H2O!) to build your Contraption.\r\n2. Only hand tools may be used.\r\n3. No hackers may be harmed in the execution of the Challenge. Contraption may cool to no colder than -3 degrees Celcius.\r\n4. You may wear no less than a bathing suit (due to dress code requirements at pools).\r\n5. Contraptions will be judged only for full participants of the Challenge, meaning you have made three nominations and at least two nominees have also participated.\r\n6. Judging criteria: Efficacy, creativity, flair, hax.","updated_timestamp":{"seconds":1722309155,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:12:35Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249290"},{"label":"More Info","type":"link","url":"https://www.telechallenge.org"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249289"}],"end":"2024-08-10T01:00:00.000-0000","id":56012,"tag_ids":[46426,46439,46770],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-B","hotel":"","short_name":"HW4-02-02-B","id":46363},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Friday: Free play 10:00 - 15:00, \r\nPrelim Round 1: 16:00 - 17:00, \r\nPrelim Round 2: 17:00 - 18:00, \r\nRegistration closes: 18:00\r\n\r\nSaturday: Prelim Round 3: 11:00, \r\nPrelim Round 4: 12:00,\r\nSemi Finals Round 1: 14:00,\r\nSemi Finals Round 2: 15:00,\r\nFinals: 17:00\r\n\r\nHackFortress is a unique blend of Team Fortress 2 and a computer security contest. Teams are made up of 6 TF2 players and 4 hackers. TF2 players duke it out while hackers are busy with challenges like application security, network security, social engineering, or reverse engineering. As teams start scoring they can redeem points in the hack fortress store for bonuses. Bonuses range from crits for the TF2, lighting the opposing team on fire, or preventing the other teams hackers from accessing the store. HackFortress challenges range from beginner to advanced, from serious to absurd.\n\n\n","media":[{"hash_sha256":"ce9475936b2cf60c1c9cfa45f28e7cb875f88b8c5110474733a3a061693cd6df","filetype":"image/png","hash_md5":"4203eed2fd0b606da1243ec118062eb8","name":"ct_hack_fortress2.png","is_logo":"Y","hash_crc32c":"2ee22324","filesize":7500,"asset_id":644,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hack_fortress2.png"}],"title":"HackFortress","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Friday: Free play 10:00 - 15:00, \r\nPrelim Round 1: 16:00 - 17:00, \r\nPrelim Round 2: 17:00 - 18:00, \r\nRegistration closes: 18:00\r\n\r\nSaturday: Prelim Round 3: 11:00, \r\nPrelim Round 4: 12:00,\r\nSemi Finals Round 1: 14:00,\r\nSemi Finals Round 2: 15:00,\r\nFinals: 17:00\r\n\r\nHackFortress is a unique blend of Team Fortress 2 and a computer security contest. Teams are made up of 6 TF2 players and 4 hackers. TF2 players duke it out while hackers are busy with challenges like application security, network security, social engineering, or reverse engineering. As teams start scoring they can redeem points in the hack fortress store for bonuses. Bonuses range from crits for the TF2, lighting the opposing team on fire, or preventing the other teams hackers from accessing the store. HackFortress challenges range from beginner to advanced, from serious to absurd.","updated_timestamp":{"seconds":1722308803,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:06:43Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249347"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249348"},{"label":"More Info","type":"link","url":"https://hackfortress.net"}],"end":"2024-08-10T01:00:00.000-0000","id":56010,"tag_ids":[46427,46439,46771],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-A","hotel":"","short_name":"HW4-01-04-A","id":46276},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Grab some solder and update your JTAGulator! The Hardware Hacking Village (HHV) is back with another DEF CON hardware hacking-focused Capture the Flag (CTF) competition. This is a jeopardy style CTF, designed to challenge participants in various aspects of hardware hacking. Whether you're new to hardware hacking or experienced and just looking for something to do while you wait for your fault injection to trigger, all are welcome and challenges range from beginner to advanced.\n\n\n","media":[{"hash_sha256":"f74360633c6039f39c940ac261531b9070b375ca03df7934820a6e6936b3f328","filetype":"image/png","hash_md5":"6e367f9dca843f023ac7435893d4516f","name":"ct_hhvctf.png","is_logo":"Y","hash_crc32c":"5abd42a5","filesize":24398,"asset_id":647,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hhvctf.png"}],"title":"Hardware Hacking Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Grab some solder and update your JTAGulator! The Hardware Hacking Village (HHV) is back with another DEF CON hardware hacking-focused Capture the Flag (CTF) competition. This is a jeopardy style CTF, designed to challenge participants in various aspects of hardware hacking. Whether you're new to hardware hacking or experienced and just looking for something to do while you wait for your fault injection to trigger, all are welcome and challenges range from beginner to advanced.","updated_timestamp":{"seconds":1722308581,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T03:03:01Z","links":[{"label":"More Info","type":"link","url":"https://dchhv.org/challenges/dc32"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249338"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249339"},{"label":"CTF Announcement / Prereqs","type":"link","url":"https://dchhv.org/announcement/ctf/dc32/2024/08/01/dc32-hhv-challenges.html"}],"end":"2024-08-10T01:00:00.000-0000","id":56006,"tag_ids":[46381,46427,46439,46773],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-10-01","hotel":"","short_name":"HW2-10-01","id":46264},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T03:03:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This event was born out of the desire to teach an often-overlooked hardware and networking skill, and to provide the opportunity for experienced people to mentor others as they learn. DEF CON provides the perfect environment for people with no prior training to learn something useful and new. Hardwired networks are often overlooked in today’s world of cellular connection and Wi-Fi, but they still play an important part in the backbone of information sharing. We believe that while cutting-edge technologies are thrilling, traditional skills-building still has its place, and we want to provide that opportunity to the DEF CON community.\r\n\r\nDon't know how to make a network cable and want to learn? Has it been years? Or do you think you're a pro? Come see if you can... make the best cable at con by cut/wire/crimp.\n\n\n","media":[],"title":"HardWired","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"This event was born out of the desire to teach an often-overlooked hardware and networking skill, and to provide the opportunity for experienced people to mentor others as they learn. DEF CON provides the perfect environment for people with no prior training to learn something useful and new. Hardwired networks are often overlooked in today’s world of cellular connection and Wi-Fi, but they still play an important part in the backbone of information sharing. We believe that while cutting-edge technologies are thrilling, traditional skills-building still has its place, and we want to provide that opportunity to the DEF CON community.\r\n\r\nDon't know how to make a network cable and want to learn? Has it been years? Or do you think you're a pro? Come see if you can... make the best cable at con by cut/wire/crimp.","updated_timestamp":{"seconds":1722476715,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T01:45:15Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249337"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249336"}],"end":"2024-08-10T01:00:00.000-0000","id":56003,"tag_ids":[46385,46427,46439,46774],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W216-W221","hotel":"","short_name":"W216-W221","id":46288},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T01:45:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A powerful corporation, notorious for its unethical practices, leveraged their extensive data resources gathered from users, and their psychological profiles, to subdue the population into compliance. The immune few, realizing the extent of the corporate conspiracy, band together to expose and dismantle the corporation's grip on society. These individuals must navigate a dangerous world of surveillance and betrayal. Their mission is to ignite a global awakening and reclaim freedom from corporate domination.\r\n\r\nPlayers will have to join the mission and participate in a CTF that would be beneficial for beginners and experienced players alike. The challenge categories will be Web, Cryptography, Forensics, PWN(binary exploitation) and Reverse Engineering. Various difficulty challenges from each category will be featured.\n\n\n","media":[{"hash_sha256":"f55b0da621d4ee7bcd1f6dd77fc6c800e20904a3840e9c4e47aee632f1571436","filetype":"image/png","hash_md5":"a396fd3e8349dccb4058656168c13a48","name":"ct_htbctfdatadystopia.png","is_logo":"Y","hash_crc32c":"bdc31b88","filesize":412581,"asset_id":663,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_htbctfdatadystopia.png"}],"title":"HTB CTF: Data Dystopia","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"A powerful corporation, notorious for its unethical practices, leveraged their extensive data resources gathered from users, and their psychological profiles, to subdue the population into compliance. The immune few, realizing the extent of the corporate conspiracy, band together to expose and dismantle the corporation's grip on society. These individuals must navigate a dangerous world of surveillance and betrayal. Their mission is to ignite a global awakening and reclaim freedom from corporate domination.\r\n\r\nPlayers will have to join the mission and participate in a CTF that would be beneficial for beginners and experienced players alike. The challenge categories will be Web, Cryptography, Forensics, PWN(binary exploitation) and Reverse Engineering. Various difficulty challenges from each category will be featured.","updated_timestamp":{"seconds":1722308173,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:56:13Z","links":[{"label":"Website","type":"link","url":"https://ctf.hackthebox.com/"},{"label":"Twitter (@hackthebox_eu)","type":"link","url":"https://twitter.com/hackthebox_eu"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249333"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249334"}],"end":"2024-08-10T01:00:00.000-0000","id":56000,"tag_ids":[46427,46439,46775],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06","hotel":"","short_name":"HW4-03-06","id":46373},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:56:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The ICS Village CTF offers hands-on experiences with industrial control systems, which bridge technology with physics. Attendees engage with industry experts while solving challenges like a red vs blue manufacturing network process coupled with OT-specific jeopardy-stye challenges. This contest highlights vulnerabilities in industrial equipment and OT protocols. By simulating attacks on critical infrastructure, participants develop and practice DEFCON-level skills, enhancing their understanding with critical infrastructure and the world we rely on.\n\n\n","media":[{"hash_sha256":"8f0942a63e6e9852cd8a122722da50a5f820039a33fbf629d8e0bbb0bc3c2a25","filetype":"image/png","hash_md5":"6f799941f98600f913350895408f1f4c","name":"ct_ics.png","is_logo":"Y","hash_crc32c":"765e2955","filesize":196108,"asset_id":648,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_ics.png"}],"title":"ICS CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The ICS Village CTF offers hands-on experiences with industrial control systems, which bridge technology with physics. Attendees engage with industry experts while solving challenges like a red vs blue manufacturing network process coupled with OT-specific jeopardy-stye challenges. This contest highlights vulnerabilities in industrial equipment and OT protocols. By simulating attacks on critical infrastructure, participants develop and practice DEFCON-level skills, enhancing their understanding with critical infrastructure and the world we rely on.","updated_timestamp":{"seconds":1722308131,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:55:31Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249319"},{"label":"Website","type":"link","url":"https://www.icsvillage.com/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249318"}],"end":"2024-08-10T01:00:00.000-0000","id":55997,"tag_ids":[46427,46439,46776],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:55:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The IoT village pi eating contest is a challenge where participants put their hardwear hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins.\r\n\r\nIn this brand new challenge, participants put their hardware hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins!\r\n\n\n\n","media":[],"title":"IoT Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The IoT village pi eating contest is a challenge where participants put their hardwear hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins.\r\n\r\nIn this brand new challenge, participants put their hardware hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins!","updated_timestamp":{"seconds":1722622146,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T18:09:06Z","links":[{"label":"More Info","type":"link","url":"https://scoreboard.iotvillage.org/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249449"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249448"}],"end":"2024-08-10T01:00:00.000-0000","id":55994,"tag_ids":[46427,46439,46777],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-04","hotel":"","short_name":"HW2-08-04","id":46262},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T18:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Your friend called. They had their place raided. They swear it's a setup. But now they're in jail and you're the only hope they have. Can you collect the evidence that will let them walk free? Where should you look? The evidence is everywhere, and it could be anywhere. You might be sitting on it. You might be standing near it. It might be stuck to something. It might be lying in plain sight. Find the disks and bring them to us. All they said to you before they hung up was \"It's in that place where I put that thing that time.\" Good luck.\n\n\n","media":[{"hash_sha256":"db1774578686bfa55ffe22e4d5bf679dab09062d63c06832d97909d59778ea4d","filetype":"image/png","hash_md5":"f0232799ba2c7fdc7ee2f1d7b10e849b","name":"ct_place-thing-time.png","is_logo":"Y","hash_crc32c":"657c9823","filesize":110028,"asset_id":649,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_place-thing-time.png"}],"title":"It's In That Place Where I Put That Thing That Time","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Your friend called. They had their place raided. They swear it's a setup. But now they're in jail and you're the only hope they have. Can you collect the evidence that will let them walk free? Where should you look? The evidence is everywhere, and it could be anywhere. You might be sitting on it. You might be standing near it. It might be stuck to something. It might be lying in plain sight. Find the disks and bring them to us. All they said to you before they hung up was \"It's in that place where I put that thing that time.\" Good luck.","updated_timestamp":{"seconds":1722308045,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:54:05Z","links":[{"label":"Twitter (@iitpwiptttt)","type":"link","url":"https://twitter.com/iitpwiptttt"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249330"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249331"}],"end":"2024-08-10T01:00:00.000-0000","id":55992,"tag_ids":[46427,46439,46778],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Do you fancy doing live recon on Real Organizations? Then activate Yourself. And compete in a unique HACKER challenge.\r\n\r\nThis year we are launching a new nail biting Contest, i.e Live Recon where participants will compete with each other to perform a deep osint and recon on the target organization. Here are the details:\r\n\r\nAbout the contest: \r\n\r\nJoin us for an electrifying two-day Live Reconnaissance Event. Whether you're a seasoned security expert, a curious newcomer or a bugbounty pro, this is your chance to test your skills in a high-octane environment.\r\n\r\nYour Mission\r\n\r\nGet ready to perform live reconnaissance on a curated list of companies. Dig deep and unearth critical information that could be game-changing. Use your analytical prowess and sharp instincts to explore, probe, and uncover hidden data.\r\n\r\nWhy Join the Hunt?\r\n\r\nExperience Real-World Challenges: Face off against real-world scenarios.\r\nCompete and Collaborate: Work with the best minds in the field.\r\nLearn from the Masters: Recon on a massive scale.\r\nScore Epic Prizes: Walk away with cool rewards.\r\n\r\nWho's Invited?\r\n\r\nIf you’ve got a passion for cybersecurity and Recon, this event is for you. Whether you’re a university student, a pro pentester, or a hobbyist eager to sharpen your skills, we want you! Teams are encouraged to register and bring a mix of talents to tackle these challenges head-on.\r\n\r\nGet Ready to Recon!\r\n\r\nUnleash your inner hacker and join us for a reconnaissance adventure you won’t forget!\r\n\r\nPlease note that this is an in-person event, and winners need to be at DEFCON to collect their prizes. However, once we have announced the targets, participants can play it from anywhere online (as this is Recon on public and live targets).\n\n\n","media":[{"hash_sha256":"36b1cb39348fc89252495c82a59fed87e9402509b5593fa03e8584b902578e59","filetype":"image/png","hash_md5":"654118f3f087503d0daabf099ea97615","name":"ct_recon_ctf.png","is_logo":"Y","hash_crc32c":"2011d9de","filesize":76906,"asset_id":718,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_recon_ctf.png"}],"title":"Live Recon Contest in Progress","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Do you fancy doing live recon on Real Organizations? Then activate Yourself. And compete in a unique HACKER challenge.\r\n\r\nThis year we are launching a new nail biting Contest, i.e Live Recon where participants will compete with each other to perform a deep osint and recon on the target organization. Here are the details:\r\n\r\nAbout the contest: \r\n\r\nJoin us for an electrifying two-day Live Reconnaissance Event. Whether you're a seasoned security expert, a curious newcomer or a bugbounty pro, this is your chance to test your skills in a high-octane environment.\r\n\r\nYour Mission\r\n\r\nGet ready to perform live reconnaissance on a curated list of companies. Dig deep and unearth critical information that could be game-changing. Use your analytical prowess and sharp instincts to explore, probe, and uncover hidden data.\r\n\r\nWhy Join the Hunt?\r\n\r\nExperience Real-World Challenges: Face off against real-world scenarios.\r\nCompete and Collaborate: Work with the best minds in the field.\r\nLearn from the Masters: Recon on a massive scale.\r\nScore Epic Prizes: Walk away with cool rewards.\r\n\r\nWho's Invited?\r\n\r\nIf you’ve got a passion for cybersecurity and Recon, this event is for you. Whether you’re a university student, a pro pentester, or a hobbyist eager to sharpen your skills, we want you! Teams are encouraged to register and bring a mix of talents to tackle these challenges head-on.\r\n\r\nGet Ready to Recon!\r\n\r\nUnleash your inner hacker and join us for a reconnaissance adventure you won’t forget!\r\n\r\nPlease note that this is an in-person event, and winners need to be at DEFCON to collect their prizes. However, once we have announced the targets, participants can play it from anywhere online (as this is Recon on public and live targets).","updated_timestamp":{"seconds":1722633597,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-02T21:19:57Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250009"},{"label":"More Info","type":"link","url":"https://reconvillage.org/live-recon-contest"},{"label":"Sub-Forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250008"}],"end":"2024-08-10T01:00:00.000-0000","id":55990,"tag_ids":[46391,46427,46439,46779],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-04","hotel":"","short_name":"HW4-03-04","id":46371},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-02T21:19:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"You have been randomly selected for additional security training. Be on the look out for one of our drives, USBs or surprise devices out here in Vegas, and follow along on @LonelyHardDrive for further clues to start hacking away at the puzzles. This is required for all LonelyCorp employees and Betty Pagefile is counting on you!\n\n\n","media":[{"hash_sha256":"d3413916446363608deee0d63c7e2efb8eee7c303fcaafc76eab10c25b274594","filetype":"image/png","hash_md5":"a8a23a326ef1c818a3403a1ef3e87269","name":"ct_lonelyhd.png","is_logo":"Y","hash_crc32c":"9ea33847","filesize":79993,"asset_id":650,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_lonelyhd.png"}],"title":"Lonely Hard Drive","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"You have been randomly selected for additional security training. Be on the look out for one of our drives, USBs or surprise devices out here in Vegas, and follow along on @LonelyHardDrive for further clues to start hacking away at the puzzles. This is required for all LonelyCorp employees and Betty Pagefile is counting on you!","updated_timestamp":{"seconds":1722307767,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:49:27Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249324"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249325"},{"label":"Discord","type":"link","url":"https://discord.gg/68pRuKdCpW"}],"end":"2024-08-10T01:00:00.000-0000","id":55987,"tag_ids":[46427,46439,46780],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-F","hotel":"","short_name":"HW4-02-02-F","id":46367},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"How far will you go? Or, more accurately, how far was your tag's last reported location? Pre-register your team to receive one of a dozen tags, and check out our socials (@LonelyHardDrive) to watch the tags move across the map!\n\n\n","media":[{"hash_sha256":"98201efca440cba174db564a38cc3207a4c951759d79e47ef2bb817534cbff0e","filetype":"image/png","hash_md5":"8e4dc2835c8f08abfaa5b9162b29447b","name":"ct_lonelytag.png","is_logo":"Y","hash_crc32c":"89bc5644","filesize":82759,"asset_id":651,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_lonelytag.png"}],"title":"Lonely Tag","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"How far will you go? Or, more accurately, how far was your tag's last reported location? Pre-register your team to receive one of a dozen tags, and check out our socials (@LonelyHardDrive) to watch the tags move across the map!","updated_timestamp":{"seconds":1722307717,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:48:37Z","links":[{"label":"Discord","type":"link","url":"https://discord.gg/68pRuKdCpW"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249328"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249327"},{"label":"Twitter (@LonelyHardDrive)","type":"link","url":"https://twitter.com/LonelyHardDrive"}],"end":"2024-08-10T01:00:00.000-0000","id":55984,"tag_ids":[46427,46439,46781],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-F","hotel":"","short_name":"HW4-02-02-F","id":46367},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"MARC I: Malware Analysis Report Competition I\r\n\r\nIn MARC I (Malware Analysis Report Competition I), participants collect and analyze real malware, then write an analysis report like a story, covering the entire scope of who, what, when, where, why, and how they found and analyzed the malware.\r\n\r\nMARC I was created by Lena Yu (aka LambdaMamba) to provide malware enthusiasts with an opportunity to learn and showcase their passion and skills. Mastering malware analysis means mastering language. Essentially, we take a highly technical concept and simplify it into something that many can understand, similar to how a compiler translates high-level language into low-level language that a wide range of systems can understand.\r\n\r\nWhen participants open-source and publish their work, it greatly contributes to improving the field of cyber defense. Let's make malware analysis knowledge go viral!\r\n\r\n\r\nBOMBE: Battle of Malware Bypass and EDR\r\n\r\nTry to capture malware by writing your own EDR, or become the malware to bypass detection! BOMBE (Battle of Malware Bypass and EDR) is a unique match where malware and EDR systems compete against each other inside a single VM boxing ring.\r\n\r\nOur participants can choose if they want to be malware creator or EDR developer. Malware creators aim to exfiltrate credentials and transmit them to our designated server. On the other side, EDR developers will focus on detecting the malware's activities and report its findings. Both the malware and EDR, created by our participants, will battle each other directly inside a single VM. As they face off, they’ll earn points for wins, moving up on the leaderboard. We also encourage them to keep improving their malware or EDR systems, system logs will be released after a few rounds.\r\n\r\nBOMBE was created by Wei-Chieh Chao (aka oalieno) and Tien-Chih Lin (aka Dange). It is not just a competition, it's a learning platform. Participants engage with real-world scenarios, learning the circumstances between malware and EDR, a never-ending bypass and detect game. Showcase your skills! Whether you're a wizard at weaving undetectable malware or a mastermind in sophisticated defenses, this is your stage. Demonstrate your capabilities to a global audience, including potential employers and industry leaders.\n\n\n","media":[{"hash_sha256":"6c6addafa55c0e71b8e6dc3fff0f1a9a32e4399a6b80efaece158e3fdf69dd77","filetype":"image/png","hash_md5":"ddda3a35809fc47bf728f63f829e258d","name":"ct_marcibombe.png","is_logo":"Y","hash_crc32c":"040f1340","filesize":22325,"asset_id":652,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_marcibombe.png"}],"title":"Malware Contests: MARC I & BOMBE","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"MARC I: Malware Analysis Report Competition I\r\n\r\nIn MARC I (Malware Analysis Report Competition I), participants collect and analyze real malware, then write an analysis report like a story, covering the entire scope of who, what, when, where, why, and how they found and analyzed the malware.\r\n\r\nMARC I was created by Lena Yu (aka LambdaMamba) to provide malware enthusiasts with an opportunity to learn and showcase their passion and skills. Mastering malware analysis means mastering language. Essentially, we take a highly technical concept and simplify it into something that many can understand, similar to how a compiler translates high-level language into low-level language that a wide range of systems can understand.\r\n\r\nWhen participants open-source and publish their work, it greatly contributes to improving the field of cyber defense. Let's make malware analysis knowledge go viral!\r\n\r\n\r\nBOMBE: Battle of Malware Bypass and EDR\r\n\r\nTry to capture malware by writing your own EDR, or become the malware to bypass detection! BOMBE (Battle of Malware Bypass and EDR) is a unique match where malware and EDR systems compete against each other inside a single VM boxing ring.\r\n\r\nOur participants can choose if they want to be malware creator or EDR developer. Malware creators aim to exfiltrate credentials and transmit them to our designated server. On the other side, EDR developers will focus on detecting the malware's activities and report its findings. Both the malware and EDR, created by our participants, will battle each other directly inside a single VM. As they face off, they’ll earn points for wins, moving up on the leaderboard. We also encourage them to keep improving their malware or EDR systems, system logs will be released after a few rounds.\r\n\r\nBOMBE was created by Wei-Chieh Chao (aka oalieno) and Tien-Chih Lin (aka Dange). It is not just a competition, it's a learning platform. Participants engage with real-world scenarios, learning the circumstances between malware and EDR, a never-ending bypass and detect game. Showcase your skills! Whether you're a wizard at weaving undetectable malware or a mastermind in sophisticated defenses, this is your stage. Demonstrate your capabilities to a global audience, including potential employers and industry leaders.","updated_timestamp":{"seconds":1722307667,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:47:47Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249321"},{"label":"More Info","type":"link","url":"https://digitalplaguedoctors.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249322"},{"label":"Twitter (@DigitalPlagueDr)","type":"link","url":"https://twitter.com/DigitalPlagueDr"}],"end":"2024-08-10T01:00:00.000-0000","id":55981,"tag_ids":[46427,46439,46782],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-03","hotel":"","short_name":"HW4-03-03","id":46370},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Get ready to dive into the excitement of the third annual Octopus Game at DEF CON! Octopus Game is your chance to connect with fellow attendees while exploring all the fun and fascinating aspects of DEF CON. Whether you're new to DEF CON, a beginner at code-breaking, or simply seeking a stress-free contest, this is the perfect opportunity for you. Test your skills in clue reading and code-breaking as you join in on the fun!\r\n\r\nYou and your fellow pirates will embark on an exhilarating journey, armed with clues that unveil the path to the lost treasure of a legendary pirate, now guarded by the mighty Kraken. These quests will guide you through the vibrant landscape of the Con, offering a glimpse into the myriad opportunities and experiences awaiting exploration. Designed to welcome newcomers to the hacking world, this contest fosters connections among attendees and contributors alike. Whether you choose to collaborate with a small group or brave the challenge solo, the decision is yours. Yet, amidst the excitement, remember that only one can emerge victorious. With challenges tailored for entry-level participants and a kid-friendly environment, come join us for a thrilling adventure into the depths of the Kraken's Conundrum.\n\n\n","media":[{"hash_sha256":"d965b5442c0a42e3e2532515477829fb650b66f56a09c1dc92ce7ea7b4f49215","filetype":"image/png","hash_md5":"5f9b31f3696397acc630b3f69415c627","name":"ct_octogame.png","is_logo":"Y","hash_crc32c":"a3e9435a","filesize":258126,"asset_id":653,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_octogame.png"}],"title":"Octopus Game","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Get ready to dive into the excitement of the third annual Octopus Game at DEF CON! Octopus Game is your chance to connect with fellow attendees while exploring all the fun and fascinating aspects of DEF CON. Whether you're new to DEF CON, a beginner at code-breaking, or simply seeking a stress-free contest, this is the perfect opportunity for you. Test your skills in clue reading and code-breaking as you join in on the fun!\r\n\r\nYou and your fellow pirates will embark on an exhilarating journey, armed with clues that unveil the path to the lost treasure of a legendary pirate, now guarded by the mighty Kraken. These quests will guide you through the vibrant landscape of the Con, offering a glimpse into the myriad opportunities and experiences awaiting exploration. Designed to welcome newcomers to the hacking world, this contest fosters connections among attendees and contributors alike. Whether you choose to collaborate with a small group or brave the challenge solo, the decision is yours. Yet, amidst the excitement, remember that only one can emerge victorious. With challenges tailored for entry-level participants and a kid-friendly environment, come join us for a thrilling adventure into the depths of the Kraken's Conundrum.","updated_timestamp":{"seconds":1722307468,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:44:28Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249313"},{"label":"More Info","type":"link","url":"https://www.mirolabs.info/octopus-game-dc32"},{"label":"Twitter (@OctopusGameDC)","type":"link","url":"https://twitter.com/OctopusGameDC"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249314"}],"end":"2024-08-10T01:00:00.000-0000","id":55978,"tag_ids":[46427,46439,46783],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-03-06-A","hotel":"","short_name":"HW4-03-06-A","id":46374},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:44:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The contest will be hosted on the Publicly Switched Telephone Network and will be live for access 24/7, with real world PSTN phone numbers to dial into.\r\n\r\nThe Hacked Existence team will be hosting a telecom based CTF. The CTF will be hosted on live VoIP lines routed through a modified asterisk PBX. This will allow participants to dial in to the CTF from a real world telephone routable phone number allowing them to hunt the PBX for flags. The flags will be based around utilizing historically accurate tactics, techniques, and procedures to manipulate emulated old school switching systems.\r\n\r\nThe purpose of our contest is to bring awareness around the still existing weaknesses in our telecom infrastructure and Interactive Voice Response Systems. Ideally visitors to our contest area will participate in the CTF allowing them to get a better understanding of telecom hacking in the year 2024 as well as a respect for the art of phreaking from yesteryears.\n\n\n","media":[{"hash_sha256":"a381d77389722eccd24a6d26091b74111ffeb39431dfba6ccc946470f7aa0c06","filetype":"image/png","hash_md5":"abb9c88d83bd9789b6436e200d1beba3","name":"ct_phreak-me.png","is_logo":"Y","hash_crc32c":"bce4e12c","filesize":27257,"asset_id":655,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_phreak-me.png"}],"title":"PhreakMe presented by HackedExistence","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The contest will be hosted on the Publicly Switched Telephone Network and will be live for access 24/7, with real world PSTN phone numbers to dial into.\r\n\r\nThe Hacked Existence team will be hosting a telecom based CTF. The CTF will be hosted on live VoIP lines routed through a modified asterisk PBX. This will allow participants to dial in to the CTF from a real world telephone routable phone number allowing them to hunt the PBX for flags. The flags will be based around utilizing historically accurate tactics, techniques, and procedures to manipulate emulated old school switching systems.\r\n\r\nThe purpose of our contest is to bring awareness around the still existing weaknesses in our telecom infrastructure and Interactive Voice Response Systems. Ideally visitors to our contest area will participate in the CTF allowing them to get a better understanding of telecom hacking in the year 2024 as well as a respect for the art of phreaking from yesteryears.","updated_timestamp":{"seconds":1722307355,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:42:35Z","links":[{"label":"Twitter (@mainframed767)","type":"link","url":"https://twitter.com/mainframed767"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249310"},{"label":"Twitter (@HackedExistence)","type":"link","url":"https://twitter.com/HackedExistence"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249311"}],"end":"2024-08-10T01:00:00.000-0000","id":55975,"tag_ids":[46426,46439,46784],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-C","hotel":"","short_name":"HW4-02-02-C","id":46364},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The inaugural Pinball High Score contest at DEF CON will run Friday and Saturday: 10:00-18:00, Sunday 10:00-13:00 with games available for daily High Score contests, daily challenges and open qualifying for a main tournament. The daily contests will allow any attendee to play pinball games and attempt to record a qualifying high score on each of the unique games. At 18:00 on Saturday main tournament qualifying will end and the top 8 players with the highest combined scores across all eligible machines will qualify for the Sunday finals event where they could become the first DEF CON Pinball Champion!\r\n \r\nAchieving a high score may sound simple but pinball rulesets are very complex and the skill to complete a “Wizard Mode” or achieve a high score requires research, practice, knowledge and execution. Out of the box thinking, analytical skills and pattern recognition are traits that pinball players must exhibit to be successful and some games have rule sets that can be studied and exploited to achieve a high score. Hackers are at an advantage here and while this is just a pinball contest, I expect that the community is ready for this challenge.\r\n \r\nStern Pinball has prepared an exclusive DEF CON 32 digital badge that will be available for any attendee to earn for playing in this event. Additional DEF CON specific Insider Connect badges may be unlocked during game play.\r\n \r\nPinball developers have a long history of including Easter Eggs/COWS in games. Easter eggs “may” also be available for attendees to discover during the conference. Undocumented Easter eggs found by players during the event will be documented, verified and recognized.\n\n\n","media":[{"hash_sha256":"9f1e99841fcfbdb0775e2e05980c102dddd97013cf9cc0bfce930a55d91246ec","filetype":"image/png","hash_md5":"5b36f9ed87f65efbdf841e5c77a6041f","name":"ct_Pinball.png","is_logo":"Y","hash_crc32c":"cbbfc253","filesize":614281,"asset_id":664,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_Pinball.png"}],"title":"Pinball High Score Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The inaugural Pinball High Score contest at DEF CON will run Friday and Saturday: 10:00-18:00, Sunday 10:00-13:00 with games available for daily High Score contests, daily challenges and open qualifying for a main tournament. The daily contests will allow any attendee to play pinball games and attempt to record a qualifying high score on each of the unique games. At 18:00 on Saturday main tournament qualifying will end and the top 8 players with the highest combined scores across all eligible machines will qualify for the Sunday finals event where they could become the first DEF CON Pinball Champion!\r\n \r\nAchieving a high score may sound simple but pinball rulesets are very complex and the skill to complete a “Wizard Mode” or achieve a high score requires research, practice, knowledge and execution. Out of the box thinking, analytical skills and pattern recognition are traits that pinball players must exhibit to be successful and some games have rule sets that can be studied and exploited to achieve a high score. Hackers are at an advantage here and while this is just a pinball contest, I expect that the community is ready for this challenge.\r\n \r\nStern Pinball has prepared an exclusive DEF CON 32 digital badge that will be available for any attendee to earn for playing in this event. Additional DEF CON specific Insider Connect badges may be unlocked during game play.\r\n \r\nPinball developers have a long history of including Easter Eggs/COWS in games. Easter eggs “may” also be available for attendees to discover during the conference. Undocumented Easter eggs found by players during the event will be documented, verified and recognized.","updated_timestamp":{"seconds":1722307304,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:41:44Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249307"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249308"}],"end":"2024-08-10T01:00:00.000-0000","id":55972,"tag_ids":[46427,46439,46785],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-A","hotel":"","short_name":"HW4-02-01-A","id":46356},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:41:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There’s a new emerging tech in town, and it’s name is Quantum! Following the past two years of Quantum CTF events held at the Quantum Village, we are pleased, proud, and excited to announce that our Q-CTF is indeed returning as Codename; QOLOSSUS! Pit your wits against the Atom, and come and see what devilish challenges from our Quantum Quizmasters await. Come and show your quantum prowess, and mastery of superposition and entanglement - design algorithms to break cryptography, hack our simulated quantum communications, and score points in our IRL activities. |Good Luck!〉\n\n\n","media":[{"hash_sha256":"199f4b2ea70f9102e0afb69f5030e3ee8f63e989d287fb95999ae10866455522","filetype":"image/png","hash_md5":"9b669ac9bfd767cb8376444b58c08733","name":"ct_quantum.png","is_logo":"Y","hash_crc32c":"4d94b7ec","filesize":133235,"asset_id":665,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_quantum.png"}],"title":"QOLOSSUS","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"There’s a new emerging tech in town, and it’s name is Quantum! Following the past two years of Quantum CTF events held at the Quantum Village, we are pleased, proud, and excited to announce that our Q-CTF is indeed returning as Codename; QOLOSSUS! Pit your wits against the Atom, and come and see what devilish challenges from our Quantum Quizmasters await. Come and show your quantum prowess, and mastery of superposition and entanglement - design algorithms to break cryptography, hack our simulated quantum communications, and score points in our IRL activities. |Good Luck!〉","updated_timestamp":{"seconds":1722307112,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:38:32Z","links":[{"label":"Website","type":"link","url":"https://quantumvillage.org/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249316"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249303"}],"end":"2024-08-10T01:00:00.000-0000","id":55969,"tag_ids":[46426,46439,46786],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-01","hotel":"","short_name":"HW3-06-01","id":46270},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This is going to be an interactive live game that is driven by a near future storyline in which deepfakes and forgeries are so difficult to detect that bad actors and foreign governments are fully engaged in a war over people's minds. At the same time, the world is sitting on the brink of the so-called \"singularity,\" as AI advancements have completely blurred the line between artificial and natural cognition, and the Turing test has been rendered decisively moot.\r\n\r\nTeams will join the game and follow the storyline to clues that will give them hints about who they can trust and who they can't. The clues will follow the pattern of deepfakes and forgeries, asking players to figure out what's real and what's not, focusing on hacker and defcon focus areas such as authentication, trust, social engineering, hardware and software manipulation and more. They will be given a rich story that will lead them to research the underlying issues in trust and anonymous trust systems. They will also encounter challenges and tutorials on video and image validation and cryptographically safe messaging.\n\n\n","media":[{"hash_sha256":"5623af21fb9072f5866b3488e326d3582c44c0756e9bbfa94eae7e26318a73eb","filetype":"image/png","hash_md5":"ebb531e8ad802f8d5fb24e19e23f46f4","name":"ct_reali7y-overrun.png","is_logo":"Y","hash_crc32c":"14fd2e42","filesize":577690,"asset_id":701,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_reali7y-overrun.png"}],"title":"REALI7Y OVERRUN","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"This is going to be an interactive live game that is driven by a near future storyline in which deepfakes and forgeries are so difficult to detect that bad actors and foreign governments are fully engaged in a war over people's minds. At the same time, the world is sitting on the brink of the so-called \"singularity,\" as AI advancements have completely blurred the line between artificial and natural cognition, and the Turing test has been rendered decisively moot.\r\n\r\nTeams will join the game and follow the storyline to clues that will give them hints about who they can trust and who they can't. The clues will follow the pattern of deepfakes and forgeries, asking players to figure out what's real and what's not, focusing on hacker and defcon focus areas such as authentication, trust, social engineering, hardware and software manipulation and more. They will be given a rich story that will lead them to research the underlying issues in trust and anonymous trust systems. They will also encounter challenges and tutorials on video and image validation and cryptographically safe messaging.","updated_timestamp":{"seconds":1722306602,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:30:02Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249299"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249298"}],"end":"2024-08-10T01:00:00.000-0000","id":55966,"tag_ids":[46426,46439,46787],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-E","hotel":"","short_name":"HW4-02-02-E","id":46366},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:30:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Embark on a thrilling espionage adventure with spyVspy! This contest imagines a world of spy games where contestants employ basic hacking, cryptography, and rogue skills to solve puzzles and uncover hidden caches strategically scattered throughout DEF CON (and beyond).\r\n\r\nContestants will engage in a real-world treasure hunt, where the locations of hidden caches are revealed by solving the types of puzzles you'd expect to see at DEF CON. Traditional ciphers, lockpicking, OSINT, and very basic hacking/pentesting skills may be required.\r\n\r\nspyVspy is intended for players of all skill levels. Whether you're a seasoned double-agent or just learning to be a covert operative, you will be able to compete and have fun in this event. Whatever skills you think you're missing can probably be learned on-the-job anyway.\n\n\n","media":[{"hash_sha256":"b4d44cbd1ea93b8d4beb26fc184ef1b07c25bae5cb3591d5eb6ed2201bd9c641","filetype":"image/png","hash_md5":"218e2aaa3cbe5d809d9df6088aee84e6","name":"ct_spy-v-spy.png","is_logo":"Y","hash_crc32c":"d9229745","filesize":66941,"asset_id":659,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_spy-v-spy.png"}],"title":"spyVspy","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Embark on a thrilling espionage adventure with spyVspy! This contest imagines a world of spy games where contestants employ basic hacking, cryptography, and rogue skills to solve puzzles and uncover hidden caches strategically scattered throughout DEF CON (and beyond).\r\n\r\nContestants will engage in a real-world treasure hunt, where the locations of hidden caches are revealed by solving the types of puzzles you'd expect to see at DEF CON. Traditional ciphers, lockpicking, OSINT, and very basic hacking/pentesting skills may be required.\r\n\r\nspyVspy is intended for players of all skill levels. Whether you're a seasoned double-agent or just learning to be a covert operative, you will be able to compete and have fun in this event. Whatever skills you think you're missing can probably be learned on-the-job anyway.","updated_timestamp":{"seconds":1722306255,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:24:15Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249293"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249292"},{"label":"More Info","type":"link","url":"https://www.fottr.io"}],"end":"2024-08-10T01:00:00.000-0000","id":55962,"tag_ids":[46427,46439,46790],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02-G","hotel":"","short_name":"HW4-02-02-G","id":46368},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to protect your noggin from Taylor Swift's PsyOps plot for global domination? Have you angered our new AI Overlords, and now need to hide? Or do those alien mind control rays just have you feeling down lately? Fear not, for we here at the Tin Foil Hat Contest have your back for all of these! Come find us in the contest area, and we'll have you build a tin foil hat which is guaranteed to provide top quality protection for your cerebellum . How you ask? SCIENCE!\r\n\r\nShow us your skills by building a tin foil hat to shield your subversive thoughts, then test it out for effectiveness.\r\n\r\nThere are 2 categories: stock and unlimited. The hat in each category that causes the most signal attenuation will receive the \"Substance\" award for that category. We all know that hacker culture is all about looking good though, so a single winner will be selected for \"Style\". We provide all contestants a meter of foil, but you're welcome to acquire and use as much as you want from other sources.\n\n\n","media":[{"hash_sha256":"42c96b1d2d57e4404b3a35c61c6906b58924587cd2dbbb939a132aceb42ee2f9","filetype":"image/png","hash_md5":"5a06d9fefa99c82c9e62b9913a487e95","name":"ct_tinfoilhat.png","is_logo":"Y","hash_crc32c":"b23075e1","filesize":167200,"asset_id":693,"sort_order":2,"url":"https://info.defcon.org/blobs/ct_tinfoilhat.png"}],"title":"Tinfoil Hat Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"Want to protect your noggin from Taylor Swift's PsyOps plot for global domination? Have you angered our new AI Overlords, and now need to hide? Or do those alien mind control rays just have you feeling down lately? Fear not, for we here at the Tin Foil Hat Contest have your back for all of these! Come find us in the contest area, and we'll have you build a tin foil hat which is guaranteed to provide top quality protection for your cerebellum . How you ask? SCIENCE!\r\n\r\nShow us your skills by building a tin foil hat to shield your subversive thoughts, then test it out for effectiveness.\r\n\r\nThere are 2 categories: stock and unlimited. The hat in each category that causes the most signal attenuation will receive the \"Substance\" award for that category. We all know that hacker culture is all about looking good though, so a single winner will be selected for \"Style\". We provide all contestants a meter of foil, but you're welcome to acquire and use as much as you want from other sources.","updated_timestamp":{"seconds":1722305549,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:12:29Z","links":[{"label":"Twitter (@DC_Tin_Foil_Hat)","type":"link","url":"https://twitter.com/DC_Tin_Foil_Hat"},{"label":"More Info","type":"link","url":"https://www.psychoholics.org/tfh"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249286"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249287"}],"end":"2024-08-10T00:00:00.000-0000","id":55958,"tag_ids":[46427,46439,46791],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-04-D","hotel":"","short_name":"HW4-01-04-D","id":46279},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:12:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Travel the seven seas to the seven wonders across time to test your skills across both old and new worlds. Every journey's end yields its own reward, but there is only one who can claim to be the first to the summit. Bring your entire tech arsenal or just a phone. Start at the broken compass and push forward into the known to seek the unknown. Wonders, plunder, and glory to those who test the waters and themselves.\n\n\n","media":[{"hash_sha256":"c00793a49e66e3875320bb6aa8a333a128342b9aff35ce0f359a692aa3adfcef","filetype":"image/png","hash_md5":"a764d88ab305ab55ecd270635fc1d6e7","name":"ct_venator-aurum.png","is_logo":"Y","hash_crc32c":"f705c79f","filesize":162235,"asset_id":661,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_venator-aurum.png"}],"title":"venator aurum - A Treasure Hunt","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Travel the seven seas to the seven wonders across time to test your skills across both old and new worlds. Every journey's end yields its own reward, but there is only one who can claim to be the first to the summit. Bring your entire tech arsenal or just a phone. Start at the broken compass and push forward into the known to seek the unknown. Wonders, plunder, and glory to those who test the waters and themselves.","updated_timestamp":{"seconds":1722305020,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:03:40Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249282"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249283"},{"label":"More Info","type":"link","url":"https://venatoraurum.org"}],"end":"2024-08-10T01:00:00.000-0000","id":55955,"tag_ids":[46427,46439,46792],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:03:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Red Team Capture the Flag (CTF) competition is back at DEFCON! It is a challenging and exciting event that tests the skills of participants in offensive security.\r\n\r\nThe Red Team CTF is designed to simulate real-world challenges in which attackers are put to the test. Participants are expected to use a wide range of hacking techniques, tools, and skills to identify and exploit vulnerabilities.\r\n\r\nTeams are typically composed of experienced hackers, penetration testers, and security researchers who have a deep understanding of the latest cybersecurity threats and attack techniques. They must work together to uncover and exploit vulnerabilities and solve challenges.\r\n\r\nThe Red Team CTF at DEFCON is considered one of the most challenging and prestigious CTF competitions in the world, with participants coming from all over the globe to compete. It is a high-pressure, high-stakes event that tests the limits of participants' technical and strategic abilities, and offers a unique opportunity to showcase their skills and knowledge in front of a global audience of Hackers.\n\n\n","media":[{"hash_sha256":"2bf4c805c5199cf58ff7b99c52832fc1bf226ca9687e583667a7725b361d989e","filetype":"image/png","hash_md5":"61c3a856daea14c6fd3d7d213a8048f9","name":"v_redteam2024.png","is_logo":"Y","hash_crc32c":"f14aab22","filesize":209749,"asset_id":719,"sort_order":1,"url":"https://info.defcon.org/blobs/v_redteam2024.png"}],"title":"Red Team Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"The Red Team Capture the Flag (CTF) competition is back at DEFCON! It is a challenging and exciting event that tests the skills of participants in offensive security.\r\n\r\nThe Red Team CTF is designed to simulate real-world challenges in which attackers are put to the test. Participants are expected to use a wide range of hacking techniques, tools, and skills to identify and exploit vulnerabilities.\r\n\r\nTeams are typically composed of experienced hackers, penetration testers, and security researchers who have a deep understanding of the latest cybersecurity threats and attack techniques. They must work together to uncover and exploit vulnerabilities and solve challenges.\r\n\r\nThe Red Team CTF at DEFCON is considered one of the most challenging and prestigious CTF competitions in the world, with participants coming from all over the globe to compete. It is a high-pressure, high-stakes event that tests the limits of participants' technical and strategic abilities, and offers a unique opportunity to showcase their skills and knowledge in front of a global audience of Hackers.","updated_timestamp":{"seconds":1722304921,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T02:02:01Z","links":[{"label":"Sub-Forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/250035"}],"end":"2024-08-10T00:00:00.000-0000","id":55952,"tag_ids":[46392,46427,46439,46789],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-05-C","hotel":"","short_name":"HW4-01-05-C","id":46353},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T02:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In-Person Contest\r\nFriday and Saturday: 10:00-18:00; Sunday: 10:00-12:00\r\n\r\nThe Return of ? Cube \r\n\r\n? Cube returns, weaving a tale that transcends the ordinary. This year, engagement is not just a theme—it's a journey through the multidimensional realms of hacking. Progressive Puzzles: Unlock the secrets of each compartment as you journey through progressively harder puzzles. From the Front's gentle introduction to the Top's formidable challenges, the Cube invites you to engage with the spectrum of cybersecurity domains. Physical Entry Unleashed: In a bold evolution, physical entry becomes a key component. Navigate the tangible aspects of physical entry, decoding not only in the digital realm but also as you immerse yourself physically in the enigmatic sides of ? Cube. Cryptic Narratives: As each compartment unfolds, the narrative of engagement takes shape. The puzzles, touching on encryption, penetration testing, and beyond. Silent Intricacies: Engage not only with the puzzles but also with the silent intricacies woven into the physical challenges. Decrypt messages, decipher patterns, and embrace the essence of Defcon as you navigate the unseen and the tangible. Embark on the Engage Journey: ? Cube calls upon the curious and the bold. Embark on a journey where the puzzles transcend the digital divide, demanding both mental acuity and physical prowess. H4QEG5LCMUQEAICEMVTGG33OEAZTEICSMVQWI6JAORXSAZLOM5QWOZJ7\n\n\n","media":[{"hash_sha256":"d0e2dbb822f2d701836ee0e14952d5df4b6d830bfa606ab2b50a5a1edab2dabd","filetype":"image/png","hash_md5":"c33dfe5aaced7041c948e7b2e45ba78f","name":"ct_0x3f-cube.png","is_logo":"Y","hash_crc32c":"6b1ba7fa","filesize":272722,"asset_id":622,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_0x3f-cube.png"}],"title":"? Cube","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"In-Person Contest\r\nFriday and Saturday: 10:00-18:00; Sunday: 10:00-12:00\r\n\r\nThe Return of ? Cube \r\n\r\n? Cube returns, weaving a tale that transcends the ordinary. This year, engagement is not just a theme—it's a journey through the multidimensional realms of hacking. Progressive Puzzles: Unlock the secrets of each compartment as you journey through progressively harder puzzles. From the Front's gentle introduction to the Top's formidable challenges, the Cube invites you to engage with the spectrum of cybersecurity domains. Physical Entry Unleashed: In a bold evolution, physical entry becomes a key component. Navigate the tangible aspects of physical entry, decoding not only in the digital realm but also as you immerse yourself physically in the enigmatic sides of ? Cube. Cryptic Narratives: As each compartment unfolds, the narrative of engagement takes shape. The puzzles, touching on encryption, penetration testing, and beyond. Silent Intricacies: Engage not only with the puzzles but also with the silent intricacies woven into the physical challenges. Decrypt messages, decipher patterns, and embrace the essence of Defcon as you navigate the unseen and the tangible. Embark on the Engage Journey: ? Cube calls upon the curious and the bold. Embark on a journey where the puzzles transcend the digital divide, demanding both mental acuity and physical prowess. H4QEG5LCMUQEAICEMVTGG33OEAZTEICSMVQWI6JAORXSAZLOM5QWOZJ7","updated_timestamp":{"seconds":1722304182,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T01:49:42Z","links":[{"label":"More Info","type":"link","url":"https://0x3fcube.com/"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249434"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249433"}],"end":"2024-08-10T01:00:00.000-0000","id":55949,"tag_ids":[46427,46439,46749],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-02","hotel":"","short_name":"HW4-02-02","id":46361},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T01:49:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"AND!XOR creates electronic badges filled with hacker challenges. We love doing this, especially coming up with unique ways for hackers to earn them. Introducing the newest member of our hacker-fam: 5N4CK3Y (Snackey). 5N4CK3Y is a vending machine hardware hacking project from AND!XOR. We retrofitted it into an IoT CTF based badge dispensing machine, bling and all. Find a flag on our web hosted CTF platform, you get a 5N4CK3Y dispense code, punch it in, and a badge is vended to you! There are a variety of challenges to earn a badge as well others to continue working on the badge itself once obtained. These span from hardware hacking, reverse engineering, OSINT, network security, and cryptography to name a few. There's a little bit of everything, so it's a perfect way to learn something at one of the many DEF CON villages and talking with people you meet, then attempt one of the CTF challenges to dispense a badge. Hardware hacking is our passion and we want people to learn on badges, but more importantly that there's a lot to learn at DEF CON so our CTF will hopefully serve a desire to learn something new and meet new friends while trying to earn a badge and hack it further.\n\n\n","media":[{"hash_sha256":"8ac69ab38e4119808de39c34aef0629a1bcfb5eb60ab6d7d351a3e37b5533f13","filetype":"image/png","hash_md5":"689e0fcdb0dd612c191cd25482435f76","name":"ct_5n4ck3y.png","is_logo":"Y","hash_crc32c":"dc7e4cd6","filesize":6283,"asset_id":621,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_5n4ck3y.png"}],"title":"5N4CK3Y Contest","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"AND!XOR creates electronic badges filled with hacker challenges. We love doing this, especially coming up with unique ways for hackers to earn them. Introducing the newest member of our hacker-fam: 5N4CK3Y (Snackey). 5N4CK3Y is a vending machine hardware hacking project from AND!XOR. We retrofitted it into an IoT CTF based badge dispensing machine, bling and all. Find a flag on our web hosted CTF platform, you get a 5N4CK3Y dispense code, punch it in, and a badge is vended to you! There are a variety of challenges to earn a badge as well others to continue working on the badge itself once obtained. These span from hardware hacking, reverse engineering, OSINT, network security, and cryptography to name a few. There's a little bit of everything, so it's a perfect way to learn something at one of the many DEF CON villages and talking with people you meet, then attempt one of the CTF challenges to dispense a badge. Hardware hacking is our passion and we want people to learn on badges, but more importantly that there's a lot to learn at DEF CON so our CTF will hopefully serve a desire to learn something new and meet new friends while trying to earn a badge and hack it further.","updated_timestamp":{"seconds":1722304084,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T01:48:04Z","links":[{"label":"Twitter (@ANDnXOR)","type":"link","url":"https://twitter.com/ANDnXOR"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249432"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249431"}],"end":"2024-08-10T01:00:00.000-0000","id":55946,"tag_ids":[46427,46439,46748],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-02-01-B","hotel":"","short_name":"HW4-02-01-B","id":46357},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T01:48:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Car Hacking Village CTF is a fun interactive challenge which gives contestants first hand experience to interact with automotive technologies. We work with multiple automotive OEMs and suppliers to ensure our challenges give a real-world experience to car hacking. We understand hacking cars can be expensive, so please come check out our village and flex your skills in hacking automotive technologies.\r\n\r\nWith the largest collection of hackers in one area, there's no better way to understand the security state of an industry without bringing it to security professionals to break. Over the past 10 years, the Car Hacking Village has been the focal point of interest for new hackers entering the automotive industry to learn, be a part of and actually test out automotive technologies. We plan to use this event to keep drawing attention to the automotive security industry through hands-on challenges.\n\n\n","media":[{"hash_sha256":"e781ae0757165e1901f38152e551557644051f49e9b80b6665d211c8d0436358","filetype":"image/png","hash_md5":"e839c04dbe99f926b0ae9ee3ee703da3","name":"ct_car-hacking.png","is_logo":"Y","hash_crc32c":"fbca36e3","filesize":111066,"asset_id":629,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_car-hacking.png"}],"title":"Car Hacking Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-09T23:30:00Z","end_timestamp":{"seconds":1723246200,"nanoseconds":0},"android_description":"The Car Hacking Village CTF is a fun interactive challenge which gives contestants first hand experience to interact with automotive technologies. We work with multiple automotive OEMs and suppliers to ensure our challenges give a real-world experience to car hacking. We understand hacking cars can be expensive, so please come check out our village and flex your skills in hacking automotive technologies.\r\n\r\nWith the largest collection of hackers in one area, there's no better way to understand the security state of an industry without bringing it to security professionals to break. Over the past 10 years, the Car Hacking Village has been the focal point of interest for new hackers entering the automotive industry to learn, be a part of and actually test out automotive technologies. We plan to use this event to keep drawing attention to the automotive security industry through hands-on challenges.","updated_timestamp":{"seconds":1722273461,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-29T17:17:41Z","links":[{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249399"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249398"},{"label":"Twitter (@CarHackVillage)","type":"link","url":"https://twitter.com/CarHackVillage"},{"label":"More Info","type":"link","url":"https://www.carhackingvillage.com/"}],"end":"2024-08-09T23:30:00.000-0000","id":55943,"tag_ids":[46375,46427,46439,46747],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-01","hotel":"","short_name":"HW4-01-01","id":46273},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-29T17:17:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"## CHV 101\r\n\r\nThis booth will have several reverse engineer demonstrations and an automotive threat intelligence review. \r\n\r\n- Reverse Engineering Demonstration(s)\r\n- Live vehicle communications via remote controls\r\n- EV-based Hardware-in-the-Loop (HIL) demonstrations\r\n- Automotive Threat Intelligence\r\n- How to gather threat intelligence related to the automotive industry\r\n- What the current threat landscape looks like today\r\n\r\n## CHV CTF\r\n\r\nThere will be 10-15 automotive security CTF challenges this year ranging from reverse engineering, telemetry, grand theft auto, crypto, vehicle networks, and exploitation. \r\n\r\n1st place prize is a car!\r\n\r\n## CHV Kids\r\n\r\nA fun scavenger hunt designed for DCNextGen kids to participate in and learn about the Car Hacking Village. \r\n\r\nThere will be swag items handed out to the kids as they move through the scavenger hunt. \r\n\r\n## CHV Mechanics\r\n\r\nThere will be 1 Semi-Truck and 2 Electric Vehicles on site for people to plug into. \r\n\r\nDEFCON attendees must follow the rules for each of the vehicles. There will be large ORANGE signs with the rules detailed on them.\n\n\n","media":[{"hash_sha256":"ccde738b12c7c58aff986949ac20eaf7066dfb8d710349a422699273aa0579a1","filetype":"image/png","hash_md5":"fc0eba7a6d691cdd9aa385cd0bb1eece","name":"v_CarHacking.png","is_logo":"Y","hash_crc32c":"d845a1a6","filesize":249973,"asset_id":601,"sort_order":0,"url":"https://info.defcon.org/blobs/v_CarHacking.png"}],"title":"Car Hacking Village Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"## CHV 101\r\n\r\nThis booth will have several reverse engineer demonstrations and an automotive threat intelligence review. \r\n\r\n- Reverse Engineering Demonstration(s)\r\n- Live vehicle communications via remote controls\r\n- EV-based Hardware-in-the-Loop (HIL) demonstrations\r\n- Automotive Threat Intelligence\r\n- How to gather threat intelligence related to the automotive industry\r\n- What the current threat landscape looks like today\r\n\r\n## CHV CTF\r\n\r\nThere will be 10-15 automotive security CTF challenges this year ranging from reverse engineering, telemetry, grand theft auto, crypto, vehicle networks, and exploitation. \r\n\r\n1st place prize is a car!\r\n\r\n## CHV Kids\r\n\r\nA fun scavenger hunt designed for DCNextGen kids to participate in and learn about the Car Hacking Village. \r\n\r\nThere will be swag items handed out to the kids as they move through the scavenger hunt. \r\n\r\n## CHV Mechanics\r\n\r\nThere will be 1 Semi-Truck and 2 Electric Vehicles on site for people to plug into. \r\n\r\nDEFCON attendees must follow the rules for each of the vehicles. There will be large ORANGE signs with the rules detailed on them.","updated_timestamp":{"seconds":1722273345,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-29T17:15:45Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55940,"tag_ids":[46375,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-01-01","hotel":"","short_name":"HW4-01-01","id":46273},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-29T17:15:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"A scenario-driven Capture the Flag contest, pits teams of participants against adversaries and a clock, to protect human life and public safety. Participants compete against each other on both real and simulated medical devices, integrated into the fully immersive Biohacking Village: Device Lab, laid out as a working hospital. \r\n\r\nChallenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with protocols like DICOM, HL7 and FHIR.\r\n\r\n# 2024 Capture the Flag Challenge\r\n\r\nWelcome, elite hackers and cyber sleuths, to a CTF experience like no other - the \"Code D.A.R.K. : Biohacking Village CTF Challenge\".\r\n \r\nMerge the worlds of biology and cybersecurity in an adrenaline-pumping contest that tests your skills in ways you've never imagined. Thrilling and challenging cybersecurity adventure centered around a hospital setting as a scenario where participants engage in a race against time to secure or retrieve critical medical data, navigating through various cybersecurity puzzles and challenges, where participants act as guardians of critical biological data. \r\n\r\nUnravel Biological Mysteries: Dive into a narrative where biotechnology meets cyber-warfare. Decode genetic puzzles, breach virtual lab networks, and outsmart bioinformatics security systems.\r\n\r\nElevate Your Hacking Game: Challenge yourself with unique biocybersecurity scenarios. This isn't your typical CTF - it's a fusion of biotech intrigue and hardcore hacking.\r\n\r\nCompete and Collaborate: Team up with fellow biohackers and cyber warriors. Share knowledge, strategize, and show off your skills in a community where biology and bits intersect.\r\n\r\nGear Up for a Cyber-Biotech Showdown\r\n\r\nImmersive Scenarios: Each challenge is a step into a world where safeguarding biological data is as critical as securing digital assets.\r\n\r\nSkill Diversity: Whether you're a veteran hacker or a biotech enthusiast, Code D.A.R.K. offers a range of puzzles that cater to a wide array of skills and interests.\r\n\r\n - OT/IT\r\n - Medical devices\r\n - Hospital infrastructure\r\n - Regulatory and international affairs\r\n - Robotics\r\n - Data\r\n - **Mark your calendars** and set your alarms because the action kicks off on Friday, August 9th at 1000 PDT.\r\n - **Play from anywhere in the world!** CTF open hours are as follows: \r\n - Friday, August 9th from 10am PST - 6pm PDT\r\n - Saturday, August 10th from 10am PST - 6pm PDT\r\n - Sunday, August 11th from 10am PST - 12pm PDT\r\n\r\n# RULES\r\n\r\n## REGISTRATION\r\n\r\nParticipants may only register once for this challenge. If participants register for this challenge more than once, the whole teams with a participant that registered multiple times will be disqualified.\r\n\r\nBy registering, participants agree that their accounts may be rejected or terminated and all submissions by them and/or their Team may be disqualified if any of the information in their account is incorrect.\r\n\r\nParticipants must agree to and abide by the [Code of Conduct](https://www.villageb.io/code-of-conduct) while participating in the Biohacking Village Capture the Flag. Anyone who will conduct themselves against the CoC will be eliminated from competition and banned forever.\r\n\r\n## TEAMS\r\n\r\nAfter participants register individually, they may work alone (team of one) or on one team with other challenge participants. To work on a team, they may either create a new team or join one that is pre-existing ( if a participant wishes to join a team or offer others to join, they can do so in the #ctf-st-elvis-teambuilding Discord Channel)\r\n\r\nThe maximum number of team members is five (5).\r\n\r\nAll teams must designate a Team Captain. A Team Captain serves as the official contact person for a team: this person should provide accurate and complete contact information to ensure that CTF organizers can reach their team if needed.\r\n\r\nEach member of the team must be a registered participant in the CTF.\r\n\r\nIf participants choose to join a team, then they may not simultaneously participate as an individual or another team. \r\n\r\n## CHALLENGE SUBMISSIONS\r\n\r\nAll submissions must be received during the Challenge period. Submissions posted after the posted time frame will be disqualified.\r\n\r\nParticipants may get an answer but it will forfeit their points for that challenge. Even if the flag they tried before was similar. The decision to get the answer is final for zero points.\r\n\r\n## CHALLENGE SCORING\r\n\r\nEach submission has set value known beforehand in the challenge description\r\n\r\nThe winning teams will be decided based on the number of the accumulated points during the CTF timeframe. In case two teams accumulate the same amount of points, the team that reached the amount of points in question faster will be the winner.\r\n\r\n## CHALLENGE DISQUALIFICATION\r\n\r\nWhole team gets disqualified if any of the following applies:\r\n\r\n - One or multiple team members have registered more than once\r\n - One or multiple team members will not follow [Code of Conduct](https://www.villageb.io/code-of-conduct) (applies to any of the Biohacking village platforms or social media)\r\n - Any offensive behaviour such as attacking the Biohacking Village infrastructure, denial of service, or escaping the boundaries set by the CTF or Device Lab environment\r\n\r\n## PRIVACY\r\n\r\nUnless stated otherwise on the mainsite, we do not share any information about participants with anyone. Some events or conferences might have/require other rules, in that case it will be noted on the CTFd site.\n\n\n","media":[{"hash_sha256":"b29c833000316f6b3af2c5cc50e33ccb1756f89fb27d54aba3d5a961337c91de","filetype":"image/png","hash_md5":"8209d940757db7a341e0db2b17618f70","name":"ct_bhv-ctf.png","is_logo":"Y","hash_crc32c":"2c477ed5","filesize":54217,"asset_id":627,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_bhv-ctf.png"}],"title":"Biohacking Village CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"A scenario-driven Capture the Flag contest, pits teams of participants against adversaries and a clock, to protect human life and public safety. Participants compete against each other on both real and simulated medical devices, integrated into the fully immersive Biohacking Village: Device Lab, laid out as a working hospital. \r\n\r\nChallenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with protocols like DICOM, HL7 and FHIR.\r\n\r\n# 2024 Capture the Flag Challenge\r\n\r\nWelcome, elite hackers and cyber sleuths, to a CTF experience like no other - the \"Code D.A.R.K. : Biohacking Village CTF Challenge\".\r\n \r\nMerge the worlds of biology and cybersecurity in an adrenaline-pumping contest that tests your skills in ways you've never imagined. Thrilling and challenging cybersecurity adventure centered around a hospital setting as a scenario where participants engage in a race against time to secure or retrieve critical medical data, navigating through various cybersecurity puzzles and challenges, where participants act as guardians of critical biological data. \r\n\r\nUnravel Biological Mysteries: Dive into a narrative where biotechnology meets cyber-warfare. Decode genetic puzzles, breach virtual lab networks, and outsmart bioinformatics security systems.\r\n\r\nElevate Your Hacking Game: Challenge yourself with unique biocybersecurity scenarios. This isn't your typical CTF - it's a fusion of biotech intrigue and hardcore hacking.\r\n\r\nCompete and Collaborate: Team up with fellow biohackers and cyber warriors. Share knowledge, strategize, and show off your skills in a community where biology and bits intersect.\r\n\r\nGear Up for a Cyber-Biotech Showdown\r\n\r\nImmersive Scenarios: Each challenge is a step into a world where safeguarding biological data is as critical as securing digital assets.\r\n\r\nSkill Diversity: Whether you're a veteran hacker or a biotech enthusiast, Code D.A.R.K. offers a range of puzzles that cater to a wide array of skills and interests.\r\n\r\n - OT/IT\r\n - Medical devices\r\n - Hospital infrastructure\r\n - Regulatory and international affairs\r\n - Robotics\r\n - Data\r\n - **Mark your calendars** and set your alarms because the action kicks off on Friday, August 9th at 1000 PDT.\r\n - **Play from anywhere in the world!** CTF open hours are as follows: \r\n - Friday, August 9th from 10am PST - 6pm PDT\r\n - Saturday, August 10th from 10am PST - 6pm PDT\r\n - Sunday, August 11th from 10am PST - 12pm PDT\r\n\r\n# RULES\r\n\r\n## REGISTRATION\r\n\r\nParticipants may only register once for this challenge. If participants register for this challenge more than once, the whole teams with a participant that registered multiple times will be disqualified.\r\n\r\nBy registering, participants agree that their accounts may be rejected or terminated and all submissions by them and/or their Team may be disqualified if any of the information in their account is incorrect.\r\n\r\nParticipants must agree to and abide by the [Code of Conduct](https://www.villageb.io/code-of-conduct) while participating in the Biohacking Village Capture the Flag. Anyone who will conduct themselves against the CoC will be eliminated from competition and banned forever.\r\n\r\n## TEAMS\r\n\r\nAfter participants register individually, they may work alone (team of one) or on one team with other challenge participants. To work on a team, they may either create a new team or join one that is pre-existing ( if a participant wishes to join a team or offer others to join, they can do so in the #ctf-st-elvis-teambuilding Discord Channel)\r\n\r\nThe maximum number of team members is five (5).\r\n\r\nAll teams must designate a Team Captain. A Team Captain serves as the official contact person for a team: this person should provide accurate and complete contact information to ensure that CTF organizers can reach their team if needed.\r\n\r\nEach member of the team must be a registered participant in the CTF.\r\n\r\nIf participants choose to join a team, then they may not simultaneously participate as an individual or another team. \r\n\r\n## CHALLENGE SUBMISSIONS\r\n\r\nAll submissions must be received during the Challenge period. Submissions posted after the posted time frame will be disqualified.\r\n\r\nParticipants may get an answer but it will forfeit their points for that challenge. Even if the flag they tried before was similar. The decision to get the answer is final for zero points.\r\n\r\n## CHALLENGE SCORING\r\n\r\nEach submission has set value known beforehand in the challenge description\r\n\r\nThe winning teams will be decided based on the number of the accumulated points during the CTF timeframe. In case two teams accumulate the same amount of points, the team that reached the amount of points in question faster will be the winner.\r\n\r\n## CHALLENGE DISQUALIFICATION\r\n\r\nWhole team gets disqualified if any of the following applies:\r\n\r\n - One or multiple team members have registered more than once\r\n - One or multiple team members will not follow [Code of Conduct](https://www.villageb.io/code-of-conduct) (applies to any of the Biohacking village platforms or social media)\r\n - Any offensive behaviour such as attacking the Biohacking Village infrastructure, denial of service, or escaping the boundaries set by the CTF or Device Lab environment\r\n\r\n## PRIVACY\r\n\r\nUnless stated otherwise on the mainsite, we do not share any information about participants with anyone. Some events or conferences might have/require other rules, in that case it will be noted on the CTFd site.","updated_timestamp":{"seconds":1722215343,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-29T01:09:03Z","links":[{"label":"More Info","type":"link","url":"https://www.villageb.io/capture-the-flag"}],"end":"2024-08-10T01:00:00.000-0000","id":55935,"tag_ids":[46371,46427,46439,46746],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-07","hotel":"","short_name":"HW3-05-07","id":46269},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-29T01:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Device Lab is highly-collaborative environment where security researchers test medical instruments, applications, and devices in real-time from participating Medical Device Manufacturers. Any potential issues are reported directly to the manufacturer, and coordinated vulnerability disclosures are produced.\r\n\r\nAs part of their product security programs, their proactive initiatives to test their products, and to enhance the cybersecurity of their medical technologies, select medical device makers are teaming up with the Biohacking Village.\r\n\r\nThese manufacturers are inviting security researchers to learn and to test their products in dedicated spaces set aside for them. Their staff will answer questions, educate researchers, and triage any potential security issues. Researchers who perform testing should expect to follow the manufacturers’ published coordinated vulnerability disclosure policy and report any potential issues found so they can be addressed. Security researchers must sign the Hippocratic Oath for Hackers and agree to the framework of boundaries and rules of engagement during and post conference engagement.\r\n\r\nWe have 10 manufacturers with 21 devices. You can find more information about the devices and each manufacturer's Vulnerability Disclosure Policy [here](https://www.villageb.io/device-lab).\n\n\n","media":[{"hash_sha256":"b57047f46800afe2ff021580e4f9e39ea7252a7f51b0f0fb3ba1a9f748a50de9","filetype":"image/png","hash_md5":"aa9ea400be95b7313ae2d044541cb9b4","name":"v_biohacking_village.png","is_logo":"Y","hash_crc32c":"83f838d1","filesize":47901,"asset_id":581,"sort_order":0,"url":"https://info.defcon.org/blobs/v_biohacking_village.png"}],"title":"Biohacking Village: Device Lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The Device Lab is highly-collaborative environment where security researchers test medical instruments, applications, and devices in real-time from participating Medical Device Manufacturers. Any potential issues are reported directly to the manufacturer, and coordinated vulnerability disclosures are produced.\r\n\r\nAs part of their product security programs, their proactive initiatives to test their products, and to enhance the cybersecurity of their medical technologies, select medical device makers are teaming up with the Biohacking Village.\r\n\r\nThese manufacturers are inviting security researchers to learn and to test their products in dedicated spaces set aside for them. Their staff will answer questions, educate researchers, and triage any potential security issues. Researchers who perform testing should expect to follow the manufacturers’ published coordinated vulnerability disclosure policy and report any potential issues found so they can be addressed. Security researchers must sign the Hippocratic Oath for Hackers and agree to the framework of boundaries and rules of engagement during and post conference engagement.\r\n\r\nWe have 10 manufacturers with 21 devices. You can find more information about the devices and each manufacturer's Vulnerability Disclosure Policy [here](https://www.villageb.io/device-lab).","updated_timestamp":{"seconds":1722214645,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-29T00:57:25Z","links":[{"label":"More Info","type":"link","url":"https://www.villageb.io/device-lab"},{"label":"Hippocractic Oath for Hackers","type":"link","url":"https://www.villageb.io/hippocractic-oath"}],"end":"2024-08-10T01:00:00.000-0000","id":55934,"tag_ids":[46371,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-07","hotel":"","short_name":"HW3-05-07","id":46269},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-29T00:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Opening Note","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:10:00Z","end_timestamp":{"seconds":1723223400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722207958,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T23:05:58Z","links":[],"end":"2024-08-09T17:10:00.000-0000","id":55905,"tag_ids":[46376,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-09-01","hotel":"","short_name":"HW2-09-01","id":46343},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-28T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Chill out space to relax with us in a safe place. Grab a non-alcoholic drink, unleash your creativity and unwind with our art therapy, and connect with women and underrepresented communities working in security and privacy.\n\n\n","media":[],"title":"WISP Community & Inclusion Room","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Chill out space to relax with us in a safe place. Grab a non-alcoholic drink, unleash your creativity and unwind with our art therapy, and connect with women and underrepresented communities working in security and privacy.","updated_timestamp":{"seconds":1722206838,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T22:47:18Z","links":[{"label":"Website","type":"link","url":"https://www.wisporg.com/"}],"end":"2024-08-10T01:00:00.000-0000","id":55898,"tag_ids":[46410,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-04","hotel":"","short_name":"HW3-05-04","id":46266},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-28T22:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"All content areas generally open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1722141200,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T04:33:20Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55849,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-28T04:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this game capture the flag you will be presented with real configurations of real wireless and radio technologies to attack. Practice your skill and learn new ones from Radio Frequency IDentification (RFID) through Software Defined Radio (SDR) and up to Bluetooth and WiFi. There may even be Infrared, if you have the eye for it.\r\n\r\nRF Hackers Sanctuary is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 32. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\r\n\r\nWe cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\r\n\r\nThis game doesn’t let you sit still either, as there are numerous fox hunts, testing your skill in tracking various signals. If running around the conference looking for WiFi, Bluetooth, or even a Tire Pressure Monitoring System (TPMS) device sounds like fun, we are your source of a higher step count.\r\n\r\nThere will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.\n\n\n","media":[{"hash_sha256":"5f981ba5433d67bf2f8834a45bb258444769b295ae92186f2f68a4af3895f9c6","filetype":"image/png","hash_md5":"72e07d62ad0bbc2e291d84f343f14ae7","name":"ct_rfhs.png","is_logo":"Y","hash_crc32c":"5c2623fd","filesize":55723,"asset_id":657,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_rfhs.png"}],"title":"Radio Frequency Capture the Flag","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"In this game capture the flag you will be presented with real configurations of real wireless and radio technologies to attack. Practice your skill and learn new ones from Radio Frequency IDentification (RFID) through Software Defined Radio (SDR) and up to Bluetooth and WiFi. There may even be Infrared, if you have the eye for it.\r\n\r\nRF Hackers Sanctuary is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 32. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\r\n\r\nWe cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\r\n\r\nThis game doesn’t let you sit still either, as there are numerous fox hunts, testing your skill in tracking various signals. If running around the conference looking for WiFi, Bluetooth, or even a Tire Pressure Monitoring System (TPMS) device sounds like fun, we are your source of a higher step count.\r\n\r\nThere will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.","updated_timestamp":{"seconds":1722114431,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-27T21:07:11Z","links":[{"label":"Website","type":"link","url":"https://rfhackers.com"},{"label":"Scoreboard","type":"link","url":"https://scoreboard.rfhackers.com/"}],"end":"2024-08-10T01:00:00.000-0000","id":55844,"tag_ids":[46390,46439,46742],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-03","hotel":"","short_name":"HW3-05-03","id":46265},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-27T21:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Want to tinker with locks and tools the likes of which you've only seen in movies featuring secret agents, daring heists, or covert entry teams?\r\n\r\nThen come on by the Lockpick Village, run by The Open Organization Of Lockpickers, where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised.\r\n\r\nThe Lockpick Village is a physical security demonstration and participation area. Visitors can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficultly to try it themselves.\r\n\r\nExperts will be on hand to demonstrate and plenty of trial locks, pick tools, and other devices will be available for you to handle. By exploring the faults and flaws in many popular lock designs, you can not only learn about the fun hobby of sport-picking, but also gain a much stronger knowledge about the best methods and practices for protecting your own property.\r\n\r\nA popular spot for new lock pickers! Highly recommended you stop by. The Lockpick Village is always kid friendly and welcomes folks of all ages. We do require that the parents stay with the kids.\n\n\n","media":[],"title":"Lockpicking Activities","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Want to tinker with locks and tools the likes of which you've only seen in movies featuring secret agents, daring heists, or covert entry teams?\r\n\r\nThen come on by the Lockpick Village, run by The Open Organization Of Lockpickers, where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised.\r\n\r\nThe Lockpick Village is a physical security demonstration and participation area. Visitors can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficultly to try it themselves.\r\n\r\nExperts will be on hand to demonstrate and plenty of trial locks, pick tools, and other devices will be available for you to handle. By exploring the faults and flaws in many popular lock designs, you can not only learn about the fun hobby of sport-picking, but also gain a much stronger knowledge about the best methods and practices for protecting your own property.\r\n\r\nA popular spot for new lock pickers! Highly recommended you stop by. The Lockpick Village is always kid friendly and welcomes folks of all ages. We do require that the parents stay with the kids.","updated_timestamp":{"seconds":1722093520,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-27T15:18:40Z","links":[{"label":"Website","type":"link","url":"https://www.toool.us/"},{"label":"Twitter (@toool)","type":"link","url":"https://twitter.com/toool"}],"end":"2024-08-10T01:00:00.000-0000","id":55819,"tag_ids":[46384,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-03-A","hotel":"","short_name":"HW2-07-03-A","id":46383},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-27T15:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Embedded systems are everywhere in our daily lives, from the smart devices in our homes to the systems that control critical infrastructure. These systems exist at the intersection of hardware and software, built to accomplish a specific task. However, unlike general-purpose computers, embedded systems are typically designed for a particular case of use and have limited resources. This makes them both challenging and fascinating to work with, especially from a security perspective. Often these disciplines are dealt with individually, but understanding the custom relationships between hardware and software is vital to performing security research on these devices.\r\n\r\nThe embedded device CTF contest is an exciting opportunity to explore the intricacies of these systems and test your skills in a competitive environment. Contestants are challenged to find vulnerabilities in the firmware or hardware and exploit them to gain access or control over the device. The contest offers a unique opportunity to explore embedded devices' inner workings and understand their design's security implications.\r\n\r\nNew devices will be dramatically introduced at set intervals throughout the competition, and point values will decrease over time. This keeps contestants guessing and on their toes, forcing them to adapt and use their skills to tackle new challenges. It also offers a chance to learn about different types of devices and how they function, broadening participants' knowledge and experience.\r\n\r\nBy participating in the contest, contestants can develop a deep understanding of how these systems operate and how to secure them against potential attacks. Additionally, the contest encourages participants to think outside the box and approach problems creatively, honing their problem-solving skills. The competition provides a valuable opportunity to network with like-minded individuals and a chance to learn from others in the field hands-on.\r\n\r\nOverall, the embedded device CTF contest is an exciting and educational experience that showcases the unique challenges and rewards of working with embedded devices. With the rise of the Internet of Things and the increasing integration of technology in our daily lives, embedded devices are becoming more ubiquitous, making this contest relevant and worth checking out. Whether you're a seasoned security professional or just starting in the field, the contest offers a chance to learn, test your skills, and have fun in a dynamic and competitive environment.\r\n\r\nThis is the main event at Embedded Systems Village. Come and show off your skills at hacking our collection of vulnerable embedded devices and find flags to score points! New this year we have a 101 track where each team will have their own set of emulated devices, as well as embedded challenges from the MITRE eCTF and some boss-level embedded challenges from Toyota Tsusho Systems US!\n\n\n","media":[{"hash_sha256":"a696b6f750fbe91d74ff91917f95bfe709d70e794beab35ff900219f1c87bdb9","filetype":"image/png","hash_md5":"173fb1fa87976ebc72de68fcb9171698","name":"ct_embedded.png","is_logo":"Y","hash_crc32c":"85767de7","filesize":121480,"asset_id":641,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_embedded.png"}],"title":"Embedded CTF","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Embedded systems are everywhere in our daily lives, from the smart devices in our homes to the systems that control critical infrastructure. These systems exist at the intersection of hardware and software, built to accomplish a specific task. However, unlike general-purpose computers, embedded systems are typically designed for a particular case of use and have limited resources. This makes them both challenging and fascinating to work with, especially from a security perspective. Often these disciplines are dealt with individually, but understanding the custom relationships between hardware and software is vital to performing security research on these devices.\r\n\r\nThe embedded device CTF contest is an exciting opportunity to explore the intricacies of these systems and test your skills in a competitive environment. Contestants are challenged to find vulnerabilities in the firmware or hardware and exploit them to gain access or control over the device. The contest offers a unique opportunity to explore embedded devices' inner workings and understand their design's security implications.\r\n\r\nNew devices will be dramatically introduced at set intervals throughout the competition, and point values will decrease over time. This keeps contestants guessing and on their toes, forcing them to adapt and use their skills to tackle new challenges. It also offers a chance to learn about different types of devices and how they function, broadening participants' knowledge and experience.\r\n\r\nBy participating in the contest, contestants can develop a deep understanding of how these systems operate and how to secure them against potential attacks. Additionally, the contest encourages participants to think outside the box and approach problems creatively, honing their problem-solving skills. The competition provides a valuable opportunity to network with like-minded individuals and a chance to learn from others in the field hands-on.\r\n\r\nOverall, the embedded device CTF contest is an exciting and educational experience that showcases the unique challenges and rewards of working with embedded devices. With the rise of the Internet of Things and the increasing integration of technology in our daily lives, embedded devices are becoming more ubiquitous, making this contest relevant and worth checking out. Whether you're a seasoned security professional or just starting in the field, the contest offers a chance to learn, test your skills, and have fun in a dynamic and competitive environment.\r\n\r\nThis is the main event at Embedded Systems Village. Come and show off your skills at hacking our collection of vulnerable embedded devices and find flags to score points! New this year we have a 101 track where each team will have their own set of emulated devices, as well as embedded challenges from the MITRE eCTF and some boss-level embedded challenges from Toyota Tsusho Systems US!","updated_timestamp":{"seconds":1722037378,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-26T23:42:58Z","links":[{"label":"Twitter (@EmbeddedVillage)","type":"link","url":"https://twitter.com/EmbeddedVillage"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249361"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249360"},{"label":"More Info","type":"link","url":"https://www.embeddedvillage.org"}],"end":"2024-08-10T01:00:00.000-0000","id":55803,"tag_ids":[46379,46439,46739],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-26T23:42:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come and explore embedded communication by sniffing wireless traffic, exploring embedded servers, and finding flags hidden within.\n\n\n","media":[],"title":"Wireless & Networking workshop","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Come and explore embedded communication by sniffing wireless traffic, exploring embedded servers, and finding flags hidden within.","updated_timestamp":{"seconds":1722303624,"nanoseconds":0},"speakers":[{"content_ids":[55408],"conference_id":133,"event_ids":[55802,55809,55817],"name":"Alex Kelly","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56029}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-30T01:40:24Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55802,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":56029}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-30T01:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hack your first embedded system! Sit down at our provided laptops and be guided through exploiting an IP camera, then learn how you can set up the emulated camera (and other devices) at home with Ludus!\n\n\n","media":[],"title":"Emulating (and Hacking) Embedded Devices","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Hack your first embedded system! Sit down at our provided laptops and be guided through exploiting an IP camera, then learn how you can set up the emulated camera (and other devices) at home with Ludus!","updated_timestamp":{"seconds":1722037241,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-26T23:40:41Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55801,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-26T23:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come try a hands-on workshop on embedded computing using the new RP2350 processor from Raspberry Pi.  Lean about the security architecture in modern embedded microprocessors and tinker with it in person! Think you have what it takes to break our stuff? Come learn, say hi and give it a try!\n\n\n","media":[],"title":"Secure Microcontroller Workshop","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Come try a hands-on workshop on embedded computing using the new RP2350 processor from Raspberry Pi.  Lean about the security architecture in modern embedded microprocessors and tinker with it in person! Think you have what it takes to break our stuff? Come learn, say hi and give it a try!","updated_timestamp":{"seconds":1723217513,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-09T15:31:53Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55800,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-09T15:31:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This series of self-guided labs will introduce even the most novice hacker to the world of embedded device firmware and software exploitation. First-come first-served, don't miss a chance try out these labs and get started with embedded device hacking.\n\n\n","media":[],"title":"101 Labs: Firmware and Software exploitation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"This series of self-guided labs will introduce even the most novice hacker to the world of embedded device firmware and software exploitation. First-come first-served, don't miss a chance try out these labs and get started with embedded device hacking.","updated_timestamp":{"seconds":1722037224,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-26T23:40:24Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55799,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-26T23:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you've never popped open an embedded device and tried to get a simple shell, this is the lab for you. This is a first-come first-served workshop where you can walk through the step by step instructions to finding and connecting to a debug interface on an embedded device.\n\n\n","media":[],"title":"101 Labs: Hardware Lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"If you've never popped open an embedded device and tried to get a simple shell, this is the lab for you. This is a first-come first-served workshop where you can walk through the step by step instructions to finding and connecting to a debug interface on an embedded device.","updated_timestamp":{"seconds":1722037214,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-26T23:40:14Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55798,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-26T23:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Curious about hacking chips using fault-injection? Take your first steps in our (free) glitching workshops! We provide you with hardware & guidance to conduct your first fault-injection attacks, all you need is a laptop running Python & OpenOCD: Reproduce the nRF52 \"AirTag\" glitch or learn how to glitch one of the chips used in crypto-wallets to store millions of dollars.\r\n\r\nWe will also have a secret challenge announced on site!\r\n\r\nLab provided by hextree.io\n\n\n","media":[],"title":"Hardware Hacking: Glitching Lab","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Curious about hacking chips using fault-injection? Take your first steps in our (free) glitching workshops! We provide you with hardware & guidance to conduct your first fault-injection attacks, all you need is a laptop running Python & OpenOCD: Reproduce the nRF52 \"AirTag\" glitch or learn how to glitch one of the chips used in crypto-wallets to store millions of dollars.\r\n\r\nWe will also have a secret challenge announced on site!\r\n\r\nLab provided by hextree.io","updated_timestamp":{"seconds":1722037194,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-26T23:39:54Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55797,"tag_ids":[46379,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-05-05","hotel":"","short_name":"HW3-05-05","id":46267},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-26T23:39:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Ever see someone walking around DEF CON and wonder “what is up with the hard hats?”\r\n\r\nThe Hard Hat Brigade brings hackers together in the spirit of endless curiosity and tinkering. We use a common platform (hats) to combine art (bling) and hacker functionality (warez) to inspire others to explore outside of their comfort zones in a safe and welcoming community.\r\n\r\nWe encourage everyone to explore their creativity using art, electronics, mechanical design, or any other medium that piques their interest. Hats are inexpensive, widely available, and easy to modify to suit your needs. We started with hard hats but are not limited to any type of hat, so you have the freedom to choose whatever hat suits your fancy.\r\n\r\nDespite everyone using a common platform, every creation is unique and embodies the personality of the creator. Walking around DEF CON, you can display your creation for all to see, and many will stop to ask you about what you have created. This allows you to talk about your experience, as well as inspire others to explore new ideas of their own.\r\n\r\nOne of the challenges at hacker summer camp has been finding people to connect with. By leveraging hard hats as a canvas, HHB has solved this challenge with something that is incredibly accessible while also offering a ton of variety. Gazing upon these creations, they reflect back the uniqueness of all the awesome hackers that we’ve been able to meet. In years past, we’ve had the opportunity to see how so many talented and creative hackers tackle the challenge of using the venerable hard hat as their muse. Just as fun, charming and skilled as so many attendees are, the hard hat has been a great vessel to carry their awesome projects. \r\n\r\nStop by our community space and make your trip memorable by trying on a hat, learning and sharing building techniques, networking with other hat loving hackers, and expressing yourself in your own hacker way. Keep on hacking!\n\n\n","media":[],"title":"Hard Hat Brigade - Community Space Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Ever see someone walking around DEF CON and wonder “what is up with the hard hats?”\r\n\r\nThe Hard Hat Brigade brings hackers together in the spirit of endless curiosity and tinkering. We use a common platform (hats) to combine art (bling) and hacker functionality (warez) to inspire others to explore outside of their comfort zones in a safe and welcoming community.\r\n\r\nWe encourage everyone to explore their creativity using art, electronics, mechanical design, or any other medium that piques their interest. Hats are inexpensive, widely available, and easy to modify to suit your needs. We started with hard hats but are not limited to any type of hat, so you have the freedom to choose whatever hat suits your fancy.\r\n\r\nDespite everyone using a common platform, every creation is unique and embodies the personality of the creator. Walking around DEF CON, you can display your creation for all to see, and many will stop to ask you about what you have created. This allows you to talk about your experience, as well as inspire others to explore new ideas of their own.\r\n\r\nOne of the challenges at hacker summer camp has been finding people to connect with. By leveraging hard hats as a canvas, HHB has solved this challenge with something that is incredibly accessible while also offering a ton of variety. Gazing upon these creations, they reflect back the uniqueness of all the awesome hackers that we’ve been able to meet. In years past, we’ve had the opportunity to see how so many talented and creative hackers tackle the challenge of using the venerable hard hat as their muse. Just as fun, charming and skilled as so many attendees are, the hard hat has been a great vessel to carry their awesome projects. \r\n\r\nStop by our community space and make your trip memorable by trying on a hat, learning and sharing building techniques, networking with other hat loving hackers, and expressing yourself in your own hacker way. Keep on hacking!","updated_timestamp":{"seconds":1721968701,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-26T04:38:21Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55794,"tag_ids":[46403,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-08-02","hotel":"","short_name":"HW2-08-02","id":46261},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-26T04:38:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Pick up your DCNextGen badge and other swag. We will also have an overview of DCNextGen activities and adventures!\n\n\n","media":[],"title":"Welcome / Badge & Swag Pick Up","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"Pick up your DCNextGen badge and other swag. We will also have an overview of DCNextGen activities and adventures!","updated_timestamp":{"seconds":1721785023,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T01:37:03Z","links":[],"end":"2024-08-09T18:00:00.000-0000","id":55754,"tag_ids":[46398,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-03","hotel":"","short_name":"HW3-06-03","id":46271},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-24T01:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"During the work on my SANS Master's thesis, I realized two things: I am not a developer and ChatGPT makes a pretty good one. Using ChatGPT to write the Python scripts for my research, I started to branch out and use it to write defensive tools such as for identifying unknown assets on the network as a listening service or offensively such as when taking a PLC out of Run mode remotely. If you can think through the process, ChatGPT (or other GenAI) can help you make it a reality. Want to Live off the Land and don't want to download a Python script which might be spotted? Use ChatGPT to convert it to PowerShell on the spot! Receiving error messages from the code it wrote for you? Don't worry - it can fix those issues too! The presentation will walk attendees through prompt creation for two sample coding projects - both with offensive/defensive capabilities, tools that attendees would be able to use back on the job. And, with inspiration, go out and create their own tools!\n\n\n","media":[],"title":"Using ChatGPT to Write Defensive & Offensive Tools for ICS/OT","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:50:00Z","end_timestamp":{"seconds":1723225800,"nanoseconds":0},"android_description":"During the work on my SANS Master's thesis, I realized two things: I am not a developer and ChatGPT makes a pretty good one. Using ChatGPT to write the Python scripts for my research, I started to branch out and use it to write defensive tools such as for identifying unknown assets on the network as a listening service or offensively such as when taking a PLC out of Run mode remotely. If you can think through the process, ChatGPT (or other GenAI) can help you make it a reality. Want to Live off the Land and don't want to download a Python script which might be spotted? Use ChatGPT to convert it to PowerShell on the spot! Receiving error messages from the code it wrote for you? Don't worry - it can fix those issues too! The presentation will walk attendees through prompt creation for two sample coding projects - both with offensive/defensive capabilities, tools that attendees would be able to use back on the job. And, with inspiration, go out and create their own tools!","updated_timestamp":{"seconds":1721781457,"nanoseconds":0},"speakers":[{"content_ids":[55339,55357],"conference_id":133,"event_ids":[55731,55749],"name":"Mike Holcomb","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Fluor","title":"Fellow of Cybersecurity and ICS/OT Cybersecurity Global Lead"}],"links":[],"pronouns":null,"media":[],"id":55961,"title":"Fellow of Cybersecurity and ICS/OT Cybersecurity Global Lead at Fluor"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-24T00:37:37Z","links":[],"end":"2024-08-09T17:50:00.000-0000","id":55731,"tag_ids":[46382,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55961}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-05","hotel":"","short_name":"HW3-06-05","id":46272},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-24T00:37:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The session will provide an overview of the current themes and topics being explored by US and International policymakers. It will help provide clarity into the landscape of cyber public policy, highlighting the need for governments around the world to align on policy development and intervention. It will help establish a baseline of knowledge on what's happening in global cyber policy for those wanting to get up to speed, and will help set the scene for many of the policy discussions to come throughout DEF CON.\n\n\n","media":[],"title":"US and International Public Cyber Policy 101","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:45:00Z","end_timestamp":{"seconds":1723229100,"nanoseconds":0},"android_description":"The session will provide an overview of the current themes and topics being explored by US and International policymakers. It will help provide clarity into the landscape of cyber public policy, highlighting the need for governments around the world to align on policy development and intervention. It will help establish a baseline of knowledge on what's happening in global cyber policy for those wanting to get up to speed, and will help set the scene for many of the policy discussions to come throughout DEF CON.","updated_timestamp":{"seconds":1722279963,"nanoseconds":0},"speakers":[{"content_ids":[55329],"conference_id":133,"event_ids":[55721],"name":"Adam Dobell","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55917},{"content_ids":[55329],"conference_id":133,"event_ids":[55721],"name":"Harley Geiger","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Venable","title":""}],"links":[],"pronouns":null,"media":[],"id":55927,"title":"Venable"},{"content_ids":[55715,55329],"conference_id":133,"event_ids":[55721,56233],"name":"Cassie Crossley","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Schneider Electric","title":"Vice President, Supply Chain Security, Cybersecurity & Product Security Office"}],"links":[],"pronouns":null,"media":[],"id":56107,"title":"Vice President, Supply Chain Security, Cybersecurity & Product Security Office at Schneider Electric"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-29T19:06:03Z","links":[],"end":"2024-08-09T18:45:00.000-0000","id":55721,"tag_ids":[46388,46419,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55927},{"tag_id":46167,"sort_order":4,"person_id":55917},{"tag_id":46167,"sort_order":6,"person_id":56107}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W237","hotel":"","short_name":"W237","id":46294},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-29T19:06:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cybersecurity threats are increasingly sophisticated and pervasive. This talk provides a overview of the current threat landscape, highlighting key trends like ransomware, state-sponsored attacks, and supply chain threats. We will explore how law enforcement combats cybercrime through innovative investigation techniques, international collaboration and evolving legal frameworks. Gain actionable insights to strengthen your cybersecurity posture and understand the critical role of law enforcement in maintaining digital security.\n\n\n","media":[],"title":"BIC Village Keynote: Cyber Threat Landscape And Law Enforcement","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"Cybersecurity threats are increasingly sophisticated and pervasive. This talk provides a overview of the current threat landscape, highlighting key trends like ransomware, state-sponsored attacks, and supply chain threats. We will explore how law enforcement combats cybercrime through innovative investigation techniques, international collaboration and evolving legal frameworks. Gain actionable insights to strengthen your cybersecurity posture and understand the critical role of law enforcement in maintaining digital security.","updated_timestamp":{"seconds":1721495141,"nanoseconds":0},"speakers":[{"content_ids":[55191],"conference_id":133,"event_ids":[55581],"name":"Kevin Parker","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Blacksuit Consulting","title":"Cybersecurity and Privacy Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/blacksuit/"},{"description":"","title":"Website","sort_order":0,"url":"https://blacksuitconsulting.com"}],"media":[],"id":55797,"title":"Cybersecurity and Privacy Researcher at Blacksuit Consulting"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T17:05:41Z","links":[],"end":"2024-08-09T18:00:00.000-0000","id":55581,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55797}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-20T17:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Get a deep-dive into the more complex and powerful parts of Caido by its creators. We will cover various topics ranging from:\r\n- Using HttpQL at its full potential\r\n- Creating complex workflows and leveraging them in your day-to-day\r\n- Using the Caido GraphQL API to extend the tool\r\n- Building frontend plugins\r\n- And more!\r\n\r\nWe will also be there to answer all your complex technical questions.\r\n\r\nPre-Requisites:\r\n- Install Caido if you want to follow along.\n\n\n","media":[],"title":"Caido Internals Deep-Dive","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"Get a deep-dive into the more complex and powerful parts of Caido by its creators. We will cover various topics ranging from:\r\n- Using HttpQL at its full potential\r\n- Creating complex workflows and leveraging them in your day-to-day\r\n- Using the Caido GraphQL API to extend the tool\r\n- Building frontend plugins\r\n- And more!\r\n\r\nWe will also be there to answer all your complex technical questions.\r\n\r\nPre-Requisites:\r\n- Install Caido if you want to follow along.","updated_timestamp":{"seconds":1721437997,"nanoseconds":0},"speakers":[{"content_ids":[55174],"conference_id":133,"event_ids":[55562],"name":"Emile Fugulin","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Caido","title":""}],"pronouns":null,"links":[{"description":"","title":"@TheSytten","sort_order":0,"url":"https://twitter.com/TheSytten"}],"media":[],"id":54814,"title":"Caido"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T01:13:17Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#caido-internals-deep-dive"}],"end":"2024-08-09T18:00:00.000-0000","id":55562,"tag_ids":[46374,46427,46734],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":54814}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W215","hotel":"","short_name":"W215","id":46287},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-20T01:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Resume Reviews offer attendees the opportunity to have their resumes critiqued by industry professionals. This activity provides personalized feedback and tips on how to improve resumes to stand out in the cybersecurity job market. It's a great way for participants to enhance their professional profiles and increase their chances of landing their desired roles.\n\n\n","media":[],"title":"Resume Reviews","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Resume Reviews offer attendees the opportunity to have their resumes critiqued by industry professionals. This activity provides personalized feedback and tips on how to improve resumes to stand out in the cybersecurity job market. It's a great way for participants to enhance their professional profiles and increase their chances of landing their desired roles.","updated_timestamp":{"seconds":1721487270,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T14:54:30Z","links":[],"end":"2024-08-09T20:00:00.000-0000","id":55411,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Lonely Hackers Club Community Room Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1721276328,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-18T04:18:48Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55408,"tag_ids":[46406,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-18T04:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The Unofficial Sticker Swap is a casual and engaging activity where attendees can trade and collect unique stickers. This event fosters a sense of community and allows participants to showcase their creativity and personal style. \n\n\n","media":[],"title":"LHC's Unofficial Sticker Swap Table","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"The Unofficial Sticker Swap is a casual and engaging activity where attendees can trade and collect unique stickers. This event fosters a sense of community and allows participants to showcase their creativity and personal style.","updated_timestamp":{"seconds":1721487294,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T14:54:54Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55405,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Keyboard Corner hosts typing challenges that test the speed and accuracy of attendees' typing skills on various keyboards. Participants can compete for high scores and bragging rights in a friendly and competitive setting. This activity adds an element of fun and excitement to the conference while highlighting the importance of efficient typing in cybersecurity.\n\n\n","media":[],"title":"Egor's Keyboard Corner","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Keyboard Corner hosts typing challenges that test the speed and accuracy of attendees' typing skills on various keyboards. Participants can compete for high scores and bragging rights in a friendly and competitive setting. This activity adds an element of fun and excitement to the conference while highlighting the importance of efficient typing in cybersecurity.","updated_timestamp":{"seconds":1721487260,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T14:54:20Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55402,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W208","hotel":"","short_name":"W208","id":46284},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-20T14:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We reopen at 10:00am and accept drives until we reach capacity (usually late Friday or early Saturday).  Then we copy and copy all the things until we just can't copy any more - first come, first served.  Don't forget - some require 8TB drives now. We run around the clock until we run out of time on Sunday morning with the last possible pickup being before 11:00am on Sunday.\r\n\r\n# About Us\r\n\r\nThe Data Duplication Village has all the updated bits and bytes available from infocon.org packed up into nice, neat packages. If you're looking for a copy of all the things, we've got what you need to fill up all your storage including a few nice hash tables and all of the DefCon talks. Add to that just about every other security con talk known to hacker-kind! Our village provides a \"free-to-you\" service of direct access to terabytes of useful data to help build those hacking skills and talk with other storage enthusiasts.\r\n\r\nCheck the schedule and/or dcddv.org for the most up-to-date information.\r\n\r\n## How It Works\r\n\r\nThe DDV provides a core set of drive duplicators and data content options. We accept 8TB and larger drives on a first come, first served basis and duplicate 'till we can no longer see straight. Bring in your blank SATA3 drives - check them in early - to get the data you want. Come back in about 24 hours to pick up your data-packed drive. Space allowing, we'll accept drives all the way through until Saturday morning - but remember, it's FIFO - get those drives in early!\r\n\r\n## What You Get\r\n\r\nWe're working on more content right up until the last minute so keep checking on dcddv.org for the latest. This year, we're adding new data to duplicate! Humans will be able to choose from the following data sources for duplication:\r\n\r\n- A) Infocon.org Archive - 6TB archive of all the past hacking convention videos that DT could find, built on last years collection and always adding more for your data consuming appetite.\r\n- B) Rainbow tables 1 of 3 - 6TB from freerainbowtables.com, the Lanman, MSQLSHA1, and NTLM hash tables plus freerainbowtables.com tools\r\n- C) Rainbow tables 2 of 3 - 6TB from freerainbowtables.com, the A5/1 GSM, and MD5 tables plus freerainbowtables.com tools\r\n- D) Vx Underground Archive - 8TB archive of the latest papers, samples, and code from Vx Underground\r\n- E) Rainbow tables 3 of 3 - 8TB of New NTLM-9 hash tables and a copy of the Infocon.org mirrors\r\n\n\n\n","media":[],"title":"DDV open and accepting drives for duplication","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"We reopen at 10:00am and accept drives until we reach capacity (usually late Friday or early Saturday).  Then we copy and copy all the things until we just can't copy any more - first come, first served.  Don't forget - some require 8TB drives now. We run around the clock until we run out of time on Sunday morning with the last possible pickup being before 11:00am on Sunday.\r\n\r\n# About Us\r\n\r\nThe Data Duplication Village has all the updated bits and bytes available from infocon.org packed up into nice, neat packages. If you're looking for a copy of all the things, we've got what you need to fill up all your storage including a few nice hash tables and all of the DefCon talks. Add to that just about every other security con talk known to hacker-kind! Our village provides a \"free-to-you\" service of direct access to terabytes of useful data to help build those hacking skills and talk with other storage enthusiasts.\r\n\r\nCheck the schedule and/or dcddv.org for the most up-to-date information.\r\n\r\n## How It Works\r\n\r\nThe DDV provides a core set of drive duplicators and data content options. We accept 8TB and larger drives on a first come, first served basis and duplicate 'till we can no longer see straight. Bring in your blank SATA3 drives - check them in early - to get the data you want. Come back in about 24 hours to pick up your data-packed drive. Space allowing, we'll accept drives all the way through until Saturday morning - but remember, it's FIFO - get those drives in early!\r\n\r\n## What You Get\r\n\r\nWe're working on more content right up until the last minute so keep checking on dcddv.org for the latest. This year, we're adding new data to duplicate! Humans will be able to choose from the following data sources for duplication:\r\n\r\n- A) Infocon.org Archive - 6TB archive of all the past hacking convention videos that DT could find, built on last years collection and always adding more for your data consuming appetite.\r\n- B) Rainbow tables 1 of 3 - 6TB from freerainbowtables.com, the Lanman, MSQLSHA1, and NTLM hash tables plus freerainbowtables.com tools\r\n- C) Rainbow tables 2 of 3 - 6TB from freerainbowtables.com, the A5/1 GSM, and MD5 tables plus freerainbowtables.com tools\r\n- D) Vx Underground Archive - 8TB archive of the latest papers, samples, and code from Vx Underground\r\n- E) Rainbow tables 3 of 3 - 8TB of New NTLM-9 hash tables and a copy of the Infocon.org mirrors","updated_timestamp":{"seconds":1722478167,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T02:09:27Z","links":[{"label":"More Info","type":"link","url":"https://dcddv.org"}],"end":"2024-08-10T00:00:00.000-0000","id":55187,"tag_ids":[46378,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W225","hotel":"","short_name":"W225","id":46291},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-08-01T02:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"This talk covers how to approach vulnerability research against Meta Quest headsets and VR applications.\n\nWe explore how to approach discovering bugs in the Meta Quest through the third-party app attack surface. This emulates what potentially malicious apps could achieve once installed and the unique attacks available in comparison to general mobile malware. This research culminates in a demonstration of triggering a novel vulnerability discovered in the OpenXR client implementation of the Quest.\n\nBeyond this, we cover the unique remote attack surface exposed via the Horizons and first-party social app of the Quest - in particular we focus on attacking the rendering of user avatars. These bugs are possible to be triggered whenever within the same virtual space as a malicious user and represent a new attack surface not previously available. This research culminates in triggering a novel vulnerability in libovravatar2p.so which allows remote memory corruption and represents the building blocks for RCE across the metaverse.\n\n\n","media":[],"title":"Pwning through the Metaverse - Quest Headset Vulnerability Research","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"This talk covers how to approach vulnerability research against Meta Quest headsets and VR applications.\n\nWe explore how to approach discovering bugs in the Meta Quest through the third-party app attack surface. This emulates what potentially malicious apps could achieve once installed and the unique attacks available in comparison to general mobile malware. This research culminates in a demonstration of triggering a novel vulnerability discovered in the OpenXR client implementation of the Quest.\n\nBeyond this, we cover the unique remote attack surface exposed via the Horizons and first-party social app of the Quest - in particular we focus on attacking the rendering of user avatars. These bugs are possible to be triggered whenever within the same virtual space as a malicious user and represent a new attack surface not previously available. This research culminates in triggering a novel vulnerability in libovravatar2p.so which allows remote memory corruption and represents the building blocks for RCE across the metaverse.","updated_timestamp":{"seconds":1720331869,"nanoseconds":0},"speakers":[{"content_ids":[54548],"conference_id":133,"event_ids":[54923],"name":"Luke McLaren","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Signal 11 Research Ltd","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":54268,"title":"Founder at Signal 11 Research Ltd"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:49Z","links":[],"end":"2024-08-09T18:00:00.000-0000","id":54923,"tag_ids":[46397,46419,46437,46511,46736,46885],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54268}],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - L1 - HW4-04-02 (Creator Stage 3)","hotel":"","short_name":"HW4-04-02 (Creator Stage 3)","id":46381},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The talk \"Practical Exploitation of DoS in Bug Bounty\" explains methods for identifying and exploiting Denial of Service (DoS) vulnerabilities in bug bounty programs. Starting with an overview of DoS attacks and their impact, we will highlight how these attacks disrupt services by overwhelming resources or exploiting flaws. The talk covers various DoS attack types, including N+1 errors, in-depth GraphQL crashing, and Cache Poisoning, with real-world examples demonstrating their effects.\n\nWe will then detail practical techniques for discovering DoS vulnerabilities. This includes automated scanning tools, manual testing methods, and understanding the target system's architecture.\n\nN+1 errors occur when an application makes redundant database queries, significantly impacting performance. Attackers can exploit this by triggering numerous unnecessary queries, causing severe slowdowns or crashes. GraphQL, a query language for APIs, can be vulnerable to complex queries that consume excessive resources, leading to server crashes. We will show how to craft such queries and the resulting impact. Cache Poisoning involves manipulating cached data to serve malicious or incorrect content, which can disrupt services or degrade performance. We will explore techniques to poison caches and demonstrate the potential consequences.\n\nAdditionally, the talk emphasizes the importance of responsibly reporting discovered vulnerabilities to bug bounty programs. Best practices are shared for effectively communicating findings and ensuring timely mitigation. Of course, there are some fails during this path, and those are going to be covered too.\n\nThe session wraps up by stressing the need for continuous learning and staying updated on the latest trends in DoS attack vectors and mitigation strategies\n\n\n","media":[],"title":"Practical Exploitation of DoS in Bug Bounty","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"The talk \"Practical Exploitation of DoS in Bug Bounty\" explains methods for identifying and exploiting Denial of Service (DoS) vulnerabilities in bug bounty programs. Starting with an overview of DoS attacks and their impact, we will highlight how these attacks disrupt services by overwhelming resources or exploiting flaws. The talk covers various DoS attack types, including N+1 errors, in-depth GraphQL crashing, and Cache Poisoning, with real-world examples demonstrating their effects.\n\nWe will then detail practical techniques for discovering DoS vulnerabilities. This includes automated scanning tools, manual testing methods, and understanding the target system's architecture.\n\nN+1 errors occur when an application makes redundant database queries, significantly impacting performance. Attackers can exploit this by triggering numerous unnecessary queries, causing severe slowdowns or crashes. GraphQL, a query language for APIs, can be vulnerable to complex queries that consume excessive resources, leading to server crashes. We will show how to craft such queries and the resulting impact. Cache Poisoning involves manipulating cached data to serve malicious or incorrect content, which can disrupt services or degrade performance. We will explore techniques to poison caches and demonstrate the potential consequences.\n\nAdditionally, the talk emphasizes the importance of responsibly reporting discovered vulnerabilities to bug bounty programs. Best practices are shared for effectively communicating findings and ensuring timely mitigation. Of course, there are some fails during this path, and those are going to be covered too.\n\nThe session wraps up by stressing the need for continuous learning and staying updated on the latest trends in DoS attack vectors and mitigation strategies","updated_timestamp":{"seconds":1720331869,"nanoseconds":0},"speakers":[{"content_ids":[54547,55172],"conference_id":133,"event_ids":[55560,54922],"name":"Roni \"Lupin\" Carta","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Lupin & Holmes","title":"Co-Founder"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@0xlupin)","sort_order":0,"url":"https://twitter.com/0xlupin"}],"media":[],"id":54285,"title":"Co-Founder at Lupin & Holmes"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:49Z","links":[{"label":"More Info","type":"link","url":"https://www.bugbountydefcon.com/presentations#practical-exploitation-of-dos-in-bug-bounty"}],"end":"2024-08-09T18:00:00.000-0000","id":54922,"tag_ids":[46374,46419,46511,46736,46886],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54285}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W222 (Creator Stage 4)","hotel":"","short_name":"W222 (Creator Stage 4)","id":46313},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"With all the various threat model frameworks available, STRIDE, Trike, PASTA, VAST, etc., does the world need another one?\r\n\r\nThat was the question that shaped the creation of EMB3D, a threat model framework built around embedded systems (specifically in critical infrastructure) that addresses all phases of a threat to them: from the theorical/academic, proof of concept and exploit, to observed adversarial behavior.\r\n\r\nBut the goal was greater than just the threat framework, it was to bring a common language to the global community to discuss weaknesses and threats while striving to bring transparency to what are considered “black box” electronic systems.\r\n\r\nIn this presentation, we take you on the journey of how we went from venting about needing more transparency and accountability in the OT/ICS space to developing a new global threat model for embedded systems.\n\n\n","media":[],"title":"Does the World Need Another Threat Model, the Road to EMB3D","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:30:00Z","end_timestamp":{"seconds":1723224600,"nanoseconds":0},"android_description":"With all the various threat model frameworks available, STRIDE, Trike, PASTA, VAST, etc., does the world need another one?\r\n\r\nThat was the question that shaped the creation of EMB3D, a threat model framework built around embedded systems (specifically in critical infrastructure) that addresses all phases of a threat to them: from the theorical/academic, proof of concept and exploit, to observed adversarial behavior.\r\n\r\nBut the goal was greater than just the threat framework, it was to bring a common language to the global community to discuss weaknesses and threats while striving to bring transparency to what are considered “black box” electronic systems.\r\n\r\nIn this presentation, we take you on the journey of how we went from venting about needing more transparency and accountability in the OT/ICS space to developing a new global threat model for embedded systems.","updated_timestamp":{"seconds":1720393535,"nanoseconds":0},"speakers":[{"content_ids":[54546],"conference_id":133,"event_ids":[54921],"name":"Niyo Little Thunder Pearson","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54308},{"content_ids":[54546],"conference_id":133,"event_ids":[54921],"name":"Jack Cyprus","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":56025},{"content_ids":[54546],"conference_id":133,"event_ids":[54921],"name":"Wyatt Ford","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Red Balloon Security","title":"Senior Software Engineer and Engineering Manager"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@whyitfor)","sort_order":0,"url":"https://twitter.com/whyitfor"}],"media":[],"id":56026,"title":"Senior Software Engineer and Engineering Manager at Red Balloon Security"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T23:05:35Z","links":[],"end":"2024-08-09T17:30:00.000-0000","id":54921,"tag_ids":[46382,46419,46438,46511,46736,46884],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"Tool 🛠","people":[{"tag_id":46167,"sort_order":2,"person_id":54308},{"tag_id":46167,"sort_order":4,"person_id":56025},{"tag_id":46167,"sort_order":6,"person_id":56026}],"tags":"","conference_id":133,"location":{"parent_id":46256,"name":"LVCC - L1 - HW3-06-02 (Creator Stage 2)","hotel":"","short_name":"HW3-06-02 (Creator Stage 2)","id":46346},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-07T23:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Differential privacy (DP) has been hailed as the gold standard of privacy-preserving data analysis, by providing strong privacy guarantees while still enabling use of potentially sensitive data. Formally, DP gives a mathematically rigorous worst-case bound on the maximum amount of information that can be learned about an individual's data from the output of a computation. In the past two decades, the privacy community has developed DP algorithms that satisfy this privacy guarantee and allow for accurate data analysis for a wide variety of computational problems and application domains. We have also begun to see a number of high-profile deployments of DP systems in practice, both at large technology companies and government entities. Despite the promise and success of DP thus far, there are a number of critical challenges left to be addressed before DP can be easily deployed in practice, including: mapping the mathematical privacy guarantees onto protection against real-world threats, developing explanations of its guarantees and tradeoffs for non-technical users, integration with other privacy & security tools, preventing misuse, and more.\n\n\n","media":[],"title":"Differential privacy beyond algorithms: Challenges for successful deployment","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T18:00:00Z","end_timestamp":{"seconds":1723226400,"nanoseconds":0},"android_description":"Differential privacy (DP) has been hailed as the gold standard of privacy-preserving data analysis, by providing strong privacy guarantees while still enabling use of potentially sensitive data. Formally, DP gives a mathematically rigorous worst-case bound on the maximum amount of information that can be learned about an individual's data from the output of a computation. In the past two decades, the privacy community has developed DP algorithms that satisfy this privacy guarantee and allow for accurate data analysis for a wide variety of computational problems and application domains. We have also begun to see a number of high-profile deployments of DP systems in practice, both at large technology companies and government entities. Despite the promise and success of DP thus far, there are a number of critical challenges left to be addressed before DP can be easily deployed in practice, including: mapping the mathematical privacy guarantees onto protection against real-world threats, developing explanations of its guarantees and tradeoffs for non-technical users, integration with other privacy & security tools, preventing misuse, and more.","updated_timestamp":{"seconds":1720331869,"nanoseconds":0},"speakers":[{"content_ids":[54545,56160],"conference_id":133,"event_ids":[56804,54920],"name":"Rachel Cummings","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Columbia University","title":"Associate Professor of Industrial Engineering and Operations Research"}],"links":[],"pronouns":null,"media":[],"id":54353,"title":"Associate Professor of Industrial Engineering and Operations Research at Columbia University"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T05:57:49Z","links":[],"end":"2024-08-09T18:00:00.000-0000","id":54920,"tag_ids":[46377,46419,46511,46736,46883],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54353}],"tags":"","conference_id":133,"location":{"parent_id":46255,"name":"LVCC - L1 - HW2-07-04 (Creator Stage 1)","hotel":"","short_name":"HW2-07-04 (Creator Stage 1)","id":46340},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-07T05:57:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Holding upwards of $400,000, ATMs continue to be a target of opportunity and have seen over a 600% increase in crime in just the last few years. During this time, I led security research with another colleague into the enterprise ATM industry resulting in the discovery of 6 zero-day vulnerabilities affecting Diebold Nixdorf’s Vynamic Security Suite (VSS), the most prolific ATM security solution in the market. 10 minutes or less is all that a malicious actor would need to gain full control of any system running VSS via offline code injection and decryption of the primary Windows OS. Diebold Nixdorf is one of three major North American enterprise class ATM manufacturers with a global presence in the financial, casino/gaming, and point-of-sale markets. Similar attack surfaces are currently being used in the wild and impact millions of systems across the globe. Furthermore, VSS is known to be present throughout the US gaming industry, including most of the ATM/cash-out systems across Vegas.\r\n\r\nIn this session, I will publicly disclose this research, review the discovery process, and dive into the technical intricacies of each vulnerability. The Full Disk Encryption module of VSS conducts a complex integrity validation process to ensure a trusted system state, performed as a layered approach during system initialization. Examination of the workflow will highlight various deficiencies that I will demonstrate through PoC exploitation.\r\n\r\nEach vulnerability presented in this session has been observed to have a recursive impact across all major versions of VSS and represents a systemic ongoing risk. We will explore the root-cause, vendor remediation steps, and short-comings thereof – perpetuating the attack narrative. In conclusion, proper mitigation techniques and procedures will be covered, providing valuable insights into defending against potential compromise.\r\n\r\n* Vynamic Security Suite - Vynamic Security Hard Disk Encryption Secure Sensitive Consumer Data: [link](https://www.dieboldnixdorf.com/-/media/diebold/files/banking/software/dn_product-card_vynamic-security-hard-disk-encryption.pdf)\r\n* SEC Consult - Manipulation of pre-boot authentication in CryptWare CryptoPro Secure Disk for Bitlocker: [link](https://sec-consult.com/vulnerability-lab/advisory/manipulation-of-pre-boot-authentication/)\r\n* Diebold Nixdorf - EULA for Vynamic Security Suite 3.0: [link](https://dnlegalterms.com/wp-content/uploads/2020/03/2020026_Diebold_Nixdorf_EULA_for_VYNAMIC_SECURITY_3_0_December_19_2018_022249.pdf)\r\n* Diebold Nixdorf - Product Legal Terms Website: [link](https://dnlegalterms.com/products/)\r\n* CryptWare Website: [link](https://cryptware-it-security.de/)\r\n* Secure Disk for BitLocker Website: [link](https://secure-disk-for-bitlocker.com/about/)\r\n* CPSD Website: [link](https://www.cpsd.at/)\r\n* O'Reilly - Essential System Administration, 3rd Edition by Æleen Frisch: [link](https://www.oreilly.com/library/view/essential-system-administration/0596003439/ch04s02.html)\r\n* Flowblok's Blog - Shell Startup Scripts: [link](https://blog.flowblok.id.au/2013-02/shell-startup-scripts.html)\r\n* Red Hat Customer Portal - Enhancing Security with the Kernel Integrity Subsystem: [link](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/managing_monitoring_and_updating_the_kernel/enhancing-security-with-the-kernel-integrity-subsystem_managing-monitoring-and-updating-the-kernel?extIdCarryOver=true&sc_cid=701f2000001OH7EAAW)\r\n* OpenSUSE Wiki - SDB:Ima evm: [link](https://en.opensuse.org/SDB:Ima_evm)\r\n* ATMIA - ATM Operator Training: [link](https://www.atmia.com/training/atm-operators/)\r\n* 3SI Systems - Stop Criminals from Cashing in at the ATM: [link](https://www.atmia.com/files/whitepapers/2024-atm-crime-trends.pdf)\r\n* Diebold Nixdorf - Vynamic Security Intrusion Protection Product Card: [link](https://www.dieboldnixdorf.com/-/media/diebold/files/banking/software/vynamic-security-intrusion-protectionproduct-card.pdf)\r\n* Diebold Nixdorf - DN Product Card - Vynamic Security Hard Disk Encryption: [link](https://www.dieboldnixdorf.com/-/media/diebold/files/banking/software/dn_product-card_vynamic-security-harddisk-encryption.pdf)\r\n* Everi - Everi to Showcase \"Digital Neighborhood\" Connecting Guest Loyalty, Cash Access Experiences, and Casino Solutions Made Possible by Industry-Leading Financial Technology Portfolio at 2019 Global Gaming Expo: [link](https://s1.q4cdn.com/401000259/files/doc_news/Everi-to-Showcase-Digital-Neighborhood-Connecting-Guest-Loyalty-Cash-Access-Experiences-and-Casino-Solutions-Made-Possible-by-Industr-SW9PO.pdf)\r\n* GlobeNewswire - NRT Accelerates Growth through Acquisition of Casino ATM Portfolio: [link](https://finance.yahoo.com/news/nrt-accelerates-growth-acquisition-casino-160700070.html)\r\n* Northox - How does the TPM perform integrity measurements on a system?: [link](https://security.stackexchange.com/questions/39329/how-does-the-tpm-perform-integrity-measurementson-a-system)\r\n\r\n\r\n\r\n\n\n\n","media":[],"title":"Where’s the Money: Defeating ATM Disk Encryption","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T17:45:00Z","end_timestamp":{"seconds":1723225500,"nanoseconds":0},"android_description":"Holding upwards of $400,000, ATMs continue to be a target of opportunity and have seen over a 600% increase in crime in just the last few years. During this time, I led security research with another colleague into the enterprise ATM industry resulting in the discovery of 6 zero-day vulnerabilities affecting Diebold Nixdorf’s Vynamic Security Suite (VSS), the most prolific ATM security solution in the market. 10 minutes or less is all that a malicious actor would need to gain full control of any system running VSS via offline code injection and decryption of the primary Windows OS. Diebold Nixdorf is one of three major North American enterprise class ATM manufacturers with a global presence in the financial, casino/gaming, and point-of-sale markets. Similar attack surfaces are currently being used in the wild and impact millions of systems across the globe. Furthermore, VSS is known to be present throughout the US gaming industry, including most of the ATM/cash-out systems across Vegas.\r\n\r\nIn this session, I will publicly disclose this research, review the discovery process, and dive into the technical intricacies of each vulnerability. The Full Disk Encryption module of VSS conducts a complex integrity validation process to ensure a trusted system state, performed as a layered approach during system initialization. Examination of the workflow will highlight various deficiencies that I will demonstrate through PoC exploitation.\r\n\r\nEach vulnerability presented in this session has been observed to have a recursive impact across all major versions of VSS and represents a systemic ongoing risk. We will explore the root-cause, vendor remediation steps, and short-comings thereof – perpetuating the attack narrative. In conclusion, proper mitigation techniques and procedures will be covered, providing valuable insights into defending against potential compromise.\r\n\r\n* Vynamic Security Suite - Vynamic Security Hard Disk Encryption Secure Sensitive Consumer Data: [link](https://www.dieboldnixdorf.com/-/media/diebold/files/banking/software/dn_product-card_vynamic-security-hard-disk-encryption.pdf)\r\n* SEC Consult - Manipulation of pre-boot authentication in CryptWare CryptoPro Secure Disk for Bitlocker: [link](https://sec-consult.com/vulnerability-lab/advisory/manipulation-of-pre-boot-authentication/)\r\n* Diebold Nixdorf - EULA for Vynamic Security Suite 3.0: [link](https://dnlegalterms.com/wp-content/uploads/2020/03/2020026_Diebold_Nixdorf_EULA_for_VYNAMIC_SECURITY_3_0_December_19_2018_022249.pdf)\r\n* Diebold Nixdorf - Product Legal Terms Website: [link](https://dnlegalterms.com/products/)\r\n* CryptWare Website: [link](https://cryptware-it-security.de/)\r\n* Secure Disk for BitLocker Website: [link](https://secure-disk-for-bitlocker.com/about/)\r\n* CPSD Website: [link](https://www.cpsd.at/)\r\n* O'Reilly - Essential System Administration, 3rd Edition by Æleen Frisch: [link](https://www.oreilly.com/library/view/essential-system-administration/0596003439/ch04s02.html)\r\n* Flowblok's Blog - Shell Startup Scripts: [link](https://blog.flowblok.id.au/2013-02/shell-startup-scripts.html)\r\n* Red Hat Customer Portal - Enhancing Security with the Kernel Integrity Subsystem: [link](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/managing_monitoring_and_updating_the_kernel/enhancing-security-with-the-kernel-integrity-subsystem_managing-monitoring-and-updating-the-kernel?extIdCarryOver=true&sc_cid=701f2000001OH7EAAW)\r\n* OpenSUSE Wiki - SDB:Ima evm: [link](https://en.opensuse.org/SDB:Ima_evm)\r\n* ATMIA - ATM Operator Training: [link](https://www.atmia.com/training/atm-operators/)\r\n* 3SI Systems - Stop Criminals from Cashing in at the ATM: [link](https://www.atmia.com/files/whitepapers/2024-atm-crime-trends.pdf)\r\n* Diebold Nixdorf - Vynamic Security Intrusion Protection Product Card: [link](https://www.dieboldnixdorf.com/-/media/diebold/files/banking/software/vynamic-security-intrusion-protectionproduct-card.pdf)\r\n* Diebold Nixdorf - DN Product Card - Vynamic Security Hard Disk Encryption: [link](https://www.dieboldnixdorf.com/-/media/diebold/files/banking/software/dn_product-card_vynamic-security-harddisk-encryption.pdf)\r\n* Everi - Everi to Showcase \"Digital Neighborhood\" Connecting Guest Loyalty, Cash Access Experiences, and Casino Solutions Made Possible by Industry-Leading Financial Technology Portfolio at 2019 Global Gaming Expo: [link](https://s1.q4cdn.com/401000259/files/doc_news/Everi-to-Showcase-Digital-Neighborhood-Connecting-Guest-Loyalty-Cash-Access-Experiences-and-Casino-Solutions-Made-Possible-by-Industr-SW9PO.pdf)\r\n* GlobeNewswire - NRT Accelerates Growth through Acquisition of Casino ATM Portfolio: [link](https://finance.yahoo.com/news/nrt-accelerates-growth-acquisition-casino-160700070.html)\r\n* Northox - How does the TPM perform integrity measurements on a system?: [link](https://security.stackexchange.com/questions/39329/how-does-the-tpm-perform-integrity-measurementson-a-system)","updated_timestamp":{"seconds":1720740822,"nanoseconds":0},"speakers":[{"content_ids":[54580,54437],"conference_id":133,"event_ids":[54810,54955],"name":"Matt Burch","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Independent Vulnerability Researcher"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@emptynebuli)","sort_order":0,"url":"https://twitter.com/emptynebuli"}],"media":[],"id":54049,"title":"Independent Vulnerability Researcher"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-11T23:33:42Z","links":[],"end":"2024-08-09T17:45:00.000-0000","id":54810,"tag_ids":[46166,46419,46437,46880],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"Exploit 🪲","people":[{"tag_id":46167,"sort_order":1,"person_id":54049}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-03 (Track 3)","hotel":"","short_name":"HW1-11-03 (Track 3)","id":46302},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-11T23:33:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"","media":[],"title":"Welcome to DEF CON","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T17:20:00Z","end_timestamp":{"seconds":1723224000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1720307458,"nanoseconds":0},"speakers":[{"content_ids":[54523,54446,54436,54542,54574],"conference_id":133,"event_ids":[54809,54819,54896,54949,54915],"name":"Jeff \"The Dark Tangent\" Moss","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"DEF CON Communications","title":""}],"pronouns":null,"links":[{"description":"","title":"Mastodon (@thedarktangent@defcon.social)","sort_order":0,"url":"https://defcon.social/@thedarktangent"},{"description":"","title":"Twitter (@thedarktangent)","sort_order":0,"url":"https://twitter.com/thedarktangent"}],"media":[{"hash_sha256":"f53ed4086958b3703d597c50fe74eef1800cf474aa3d17c0895bf89d6c05716f","filetype":"image/jpeg","hash_md5":"8104a1f4b82a4241208b7f6b9112ebf2","name":"thedarktangent_avatar.jpeg","hash_crc32c":"4ae7af86","asset_id":689,"filesize":2064,"sort_order":1,"url":"https://info.defcon.org/blobs/thedarktangent_avatar.jpeg","person_id":52629}],"id":52629,"title":"DEF CON Communications"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-06T23:10:58Z","links":[],"end":"2024-08-09T17:20:00.000-0000","id":54809,"tag_ids":[46166,46419,46878],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":52629}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-01 (Track 1)","hotel":"","short_name":"HW1-11-01 (Track 1)","id":46300},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-06T23:10:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In recent years, CCTV footage has been integrated in systems to observe areas and detect traversing malicious actors (e.g., criminals, terrorists). However, this footage has \"blind spots\", areas where objects are detected with lower confidence due to their angle/distance from the camera.\r\n\r\nIn this talk, we investigate a novel side effect of object detection in CCTV footage; location-based confidence weakness.\r\n\r\nWe demonstrate that a pedestrian's position (distance, angle, height) in footage impacts an object detector's confidence.\r\n\r\nWe analyze this phenomenon in four lighting conditions (lab, morning, afternoon, night) using five object detectors (YOLOv3, Faster R-CNN, SSD, DiffusionDet, RTMDet).\r\n\r\nWe then demonstrate this in footage of pedestrian traffic from three locations (Broadway, Shibuya Crossing, Castro Street), showing they contain \"blind spots\" where pedestrians are detected with low confidence. This persists across various locations, object detectors, and times of day. A malicious actor could take advantage of this to avoid detection.\r\n\r\nWe propose TipToe, a novel evasion attack leveraging \"blind spots\" to construct a minimum confidence path between two points in a CCTV-recorded area.\r\nWe demonstrate its performance on footage of Broadway, Shibuya Crossing, and Castro Street, observed by YOLOv3, Faster R-CNN, SSD, DiffusionDet, and RTMDet.\r\n\r\nTipToe reduces max/average confidence by 0.10 and 0.16, respectively, on paths in Shibuya Crossing observed by YOLOv3, with similar performance for other locations and object detectors.\r\n\r\n1. Artificial intelligence in medicine: A comprehensive survey of medical doctor’s perspectives in Portugal [link](https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10484446/), (Accessed 09-10-2023).\r\n2. The impact of artificial intelligence along the insurance value chain and on the insurability of risks - The Geneva Papers on Risk and Insurance - Issues and Practice [link](https://link.springer.com/article/10.1057/s41288-020-00201-7#citeas), (Accessed 09-10-2023).\r\n3. R. Chopra and G. D. Sharma, “Application of artificial intelligence in stock market forecasting: A critique, review, and research agenda,” Journal of Risk and Financial Management, vol. 14, no. 11, 2021.[link](https://www.mdpi.com/1911-8074/14/11/526)\r\n4. [B. B. Elallid, N. Benamar, A. S. Hafid, T. Rachidi, and N. Mrani, “A comprehensive survey on the application of deep and reinforcement learning approaches in autonomous driving,” Journal of King Saud University - Computer and Information Sciences, vol. 34, no. 9, pp. 7366–7390, 2022. (Online). Available: [link](https://www.sciencedirect.com/science/article/pii/S1319157822000970)\r\n5. I. J. Goodfellow, J. Pouget-Abadie, M. Mirza, B. Xu, D. Warde-Farley, S. Ozair, A. Courville, and Y. Bengio, “Generative adversarial networks,” 2014.\r\n6. I. J. Goodfellow, J. Shlens, and C. Szegedy, “Explaining and harnessing adversarial examples,” 2015.\r\n7. A. Kurakin, I. Goodfellow, and S. Bengio, “Adversarial examples in the physical world,” 2017.\r\n8. A. Chakraborty, M. Alam, V. Dey, A. Chattopadhyay, and D. Mukhopadhyay, “Adversarial attacks and defences: A survey,” 2018.\r\n9. A. Athalye, L. Engstrom, A. Ilyas, and K. Kwok, “Synthesizing robust adversarial examples,” 2018.\r\n10. M. Sharif, S. Bhagavatula, L. Bauer, and M. K. Reiter, “Accessorize to a crime: Real and stealthy attacks on state-of-the-art face recognition,” in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’16. New York, NY, USA: Association for Computing Machinery, 2016, p. 1528–1540. (Online). Available: [link](https://doi.org/10.1145/2976749.2978392)\r\n11. Z. Zhou, D. Tang, X. Wang, W. Han, X. Liu, and K. Zhang, “Invisible mask: Practical attacks on face recognition with infrared,” 2018.\r\n12. S. Komkov and A. Petiushko, “AdvHat: Real-world adversarial attack on ArcFace face ID system,” in 2020 25th International Conference on Pattern Recognition (ICPR). IEEE, jan 2021. (Online). Available: [link](https://doi.org/10.1109%2Ficpr48806.2021.9412236)\r\n13. B. Yin, W. Wang, T. Yao, J. Guo, Z. Kong, S. Ding, J. Li, and C. Liu, “Adv-makeup: A new imperceptible and transferable attack on face recognition,” in Proceedings of the Thirtieth International Joint Conference on Artificial Intelligence, IJCAI-21, Z.- H. Zhou, Ed. International Joint Conferences on Artificial Intelligence Organization, 8 2021, pp. 1252–1258, main Track. (Online). Available: [link](https://doi.org/10.24963/ijcai.2021/173)\r\n14. A. Zolfi, S. Avidan, Y. Elovici, and A. Shabtai, “Adversarial mask: Real-world universal adversarial attack on face recognition model,” 2022.\r\n15. C. Sitawarin, A. N. Bhagoji, A. Mosenia, M. Chiang, and P. Mittal, “Darts: Deceiving autonomous cars with toxic signs,” 2018.\r\n16. Y. Zhao, H. Zhu, R. Liang, Q. Shen, S. Zhang, and K. Chen, “Seeing isn’t believing: Towards more robust adversarial attack against real world object detectors,”Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019. (Online). Available: [link](https://api.semanticscholar.org/CorpusID:207947087)\r\n17. G. Lovisotto, H. Turner, I. Sluganovic, M. Strohmeier, and I. Martinovic, “SLAP: Improving physical adversarial examples with Short-Lived adversarial perturbations,” in 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, Aug. 2021, pp. 1865–1882. (Online). Available: [link](https://www.usenix.org/conference/usenixsecurity21/presentation/lovisotto)\r\n18. T. Sato, J. Shen, N. Wang, Y. Jia, X. Lin, and Q. A. Chen, “Dirty road can attack: Security of deep learning based automated lane centering under Physical-World attack,” in 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, Aug. 2021, pp. 3309–3326. (Online). Available: [link](https://www.usenix.org/conference/usenixsecurity21/presentation/sato)\r\n19. W. Wang, Y. Yao, X. Liu, X. Li, P. Hao, and T. Zhu, “I can see the light: Attacks on autonomous vehicles using invisible lights,” in Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’21. New York, NY, USA: Association for Computing Machinery, 2021, p. 1930–1944. (Online). Available: [link](https://doi.org/10.1145/3460120.3484766)\r\n20. S.-T. Chen, C. Cornelius, J. Martin, and D. H. Chau, “ShapeShifter: Robust physical adversarial attack on faster r-CNN object detector,” in Machine Learning and Knowledge Discovery in Databases. Springer International Publishing, 2019, pp. 52–68. (Online). Available: [link](https://doi.org/10.1007%2F978-3-030-10925-7_4)\r\n21. K. Eykholt, I. Evtimov, E. Fernandes, B. Li, A. Rahmati, C. Xiao, A. Prakash, T. Kohno, and D. Song, “Robust physical-world attacks on deep learning models,” 2018.\r\n22. S. Thys, W. V. Ranst, and T. Goedemé, “Fooling automated surveillance cameras: adversarial patches to attack person detection,” 2019.\r\n23. Z. Wu, S.-N. Lim, L. Davis, and T. Goldstein, “Making an invisibility cloak: Real world adversarial attacks on object detectors,” 2020.\r\n24. R. M. Oza, A. Geisen, and T. Wang, “Traffic sign detection and recognition using deep learning,” in 2021 4th International Conference on Artificial Intelligence for Industries (AI4I), 2021, pp. 16–20.\n\n\n","media":[],"title":"Securing CCTV Cameras Against Blind Spots","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T17:20:00Z","end_timestamp":{"seconds":1723224000,"nanoseconds":0},"android_description":"In recent years, CCTV footage has been integrated in systems to observe areas and detect traversing malicious actors (e.g., criminals, terrorists). However, this footage has \"blind spots\", areas where objects are detected with lower confidence due to their angle/distance from the camera.\r\n\r\nIn this talk, we investigate a novel side effect of object detection in CCTV footage; location-based confidence weakness.\r\n\r\nWe demonstrate that a pedestrian's position (distance, angle, height) in footage impacts an object detector's confidence.\r\n\r\nWe analyze this phenomenon in four lighting conditions (lab, morning, afternoon, night) using five object detectors (YOLOv3, Faster R-CNN, SSD, DiffusionDet, RTMDet).\r\n\r\nWe then demonstrate this in footage of pedestrian traffic from three locations (Broadway, Shibuya Crossing, Castro Street), showing they contain \"blind spots\" where pedestrians are detected with low confidence. This persists across various locations, object detectors, and times of day. A malicious actor could take advantage of this to avoid detection.\r\n\r\nWe propose TipToe, a novel evasion attack leveraging \"blind spots\" to construct a minimum confidence path between two points in a CCTV-recorded area.\r\nWe demonstrate its performance on footage of Broadway, Shibuya Crossing, and Castro Street, observed by YOLOv3, Faster R-CNN, SSD, DiffusionDet, and RTMDet.\r\n\r\nTipToe reduces max/average confidence by 0.10 and 0.16, respectively, on paths in Shibuya Crossing observed by YOLOv3, with similar performance for other locations and object detectors.\r\n\r\n1. Artificial intelligence in medicine: A comprehensive survey of medical doctor’s perspectives in Portugal [link](https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10484446/), (Accessed 09-10-2023).\r\n2. The impact of artificial intelligence along the insurance value chain and on the insurability of risks - The Geneva Papers on Risk and Insurance - Issues and Practice [link](https://link.springer.com/article/10.1057/s41288-020-00201-7#citeas), (Accessed 09-10-2023).\r\n3. R. Chopra and G. D. Sharma, “Application of artificial intelligence in stock market forecasting: A critique, review, and research agenda,” Journal of Risk and Financial Management, vol. 14, no. 11, 2021.[link](https://www.mdpi.com/1911-8074/14/11/526)\r\n4. [B. B. Elallid, N. Benamar, A. S. Hafid, T. Rachidi, and N. Mrani, “A comprehensive survey on the application of deep and reinforcement learning approaches in autonomous driving,” Journal of King Saud University - Computer and Information Sciences, vol. 34, no. 9, pp. 7366–7390, 2022. (Online). Available: [link](https://www.sciencedirect.com/science/article/pii/S1319157822000970)\r\n5. I. J. Goodfellow, J. Pouget-Abadie, M. Mirza, B. Xu, D. Warde-Farley, S. Ozair, A. Courville, and Y. Bengio, “Generative adversarial networks,” 2014.\r\n6. I. J. Goodfellow, J. Shlens, and C. Szegedy, “Explaining and harnessing adversarial examples,” 2015.\r\n7. A. Kurakin, I. Goodfellow, and S. Bengio, “Adversarial examples in the physical world,” 2017.\r\n8. A. Chakraborty, M. Alam, V. Dey, A. Chattopadhyay, and D. Mukhopadhyay, “Adversarial attacks and defences: A survey,” 2018.\r\n9. A. Athalye, L. Engstrom, A. Ilyas, and K. Kwok, “Synthesizing robust adversarial examples,” 2018.\r\n10. M. Sharif, S. Bhagavatula, L. Bauer, and M. K. Reiter, “Accessorize to a crime: Real and stealthy attacks on state-of-the-art face recognition,” in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’16. New York, NY, USA: Association for Computing Machinery, 2016, p. 1528–1540. (Online). Available: [link](https://doi.org/10.1145/2976749.2978392)\r\n11. Z. Zhou, D. Tang, X. Wang, W. Han, X. Liu, and K. Zhang, “Invisible mask: Practical attacks on face recognition with infrared,” 2018.\r\n12. S. Komkov and A. Petiushko, “AdvHat: Real-world adversarial attack on ArcFace face ID system,” in 2020 25th International Conference on Pattern Recognition (ICPR). IEEE, jan 2021. (Online). Available: [link](https://doi.org/10.1109%2Ficpr48806.2021.9412236)\r\n13. B. Yin, W. Wang, T. Yao, J. Guo, Z. Kong, S. Ding, J. Li, and C. Liu, “Adv-makeup: A new imperceptible and transferable attack on face recognition,” in Proceedings of the Thirtieth International Joint Conference on Artificial Intelligence, IJCAI-21, Z.- H. Zhou, Ed. International Joint Conferences on Artificial Intelligence Organization, 8 2021, pp. 1252–1258, main Track. (Online). Available: [link](https://doi.org/10.24963/ijcai.2021/173)\r\n14. A. Zolfi, S. Avidan, Y. Elovici, and A. Shabtai, “Adversarial mask: Real-world universal adversarial attack on face recognition model,” 2022.\r\n15. C. Sitawarin, A. N. Bhagoji, A. Mosenia, M. Chiang, and P. Mittal, “Darts: Deceiving autonomous cars with toxic signs,” 2018.\r\n16. Y. Zhao, H. Zhu, R. Liang, Q. Shen, S. Zhang, and K. Chen, “Seeing isn’t believing: Towards more robust adversarial attack against real world object detectors,”Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019. (Online). Available: [link](https://api.semanticscholar.org/CorpusID:207947087)\r\n17. G. Lovisotto, H. Turner, I. Sluganovic, M. Strohmeier, and I. Martinovic, “SLAP: Improving physical adversarial examples with Short-Lived adversarial perturbations,” in 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, Aug. 2021, pp. 1865–1882. (Online). Available: [link](https://www.usenix.org/conference/usenixsecurity21/presentation/lovisotto)\r\n18. T. Sato, J. Shen, N. Wang, Y. Jia, X. Lin, and Q. A. Chen, “Dirty road can attack: Security of deep learning based automated lane centering under Physical-World attack,” in 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, Aug. 2021, pp. 3309–3326. (Online). Available: [link](https://www.usenix.org/conference/usenixsecurity21/presentation/sato)\r\n19. W. Wang, Y. Yao, X. Liu, X. Li, P. Hao, and T. Zhu, “I can see the light: Attacks on autonomous vehicles using invisible lights,” in Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’21. New York, NY, USA: Association for Computing Machinery, 2021, p. 1930–1944. (Online). Available: [link](https://doi.org/10.1145/3460120.3484766)\r\n20. S.-T. Chen, C. Cornelius, J. Martin, and D. H. Chau, “ShapeShifter: Robust physical adversarial attack on faster r-CNN object detector,” in Machine Learning and Knowledge Discovery in Databases. Springer International Publishing, 2019, pp. 52–68. (Online). Available: [link](https://doi.org/10.1007%2F978-3-030-10925-7_4)\r\n21. K. Eykholt, I. Evtimov, E. Fernandes, B. Li, A. Rahmati, C. Xiao, A. Prakash, T. Kohno, and D. Song, “Robust physical-world attacks on deep learning models,” 2018.\r\n22. S. Thys, W. V. Ranst, and T. Goedemé, “Fooling automated surveillance cameras: adversarial patches to attack person detection,” 2019.\r\n23. Z. Wu, S.-N. Lim, L. Davis, and T. Goldstein, “Making an invisibility cloak: Real world adversarial attacks on object detectors,” 2020.\r\n24. R. M. Oza, A. Geisen, and T. Wang, “Traffic sign detection and recognition using deep learning,” in 2021 4th International Conference on Artificial Intelligence for Industries (AI4I), 2021, pp. 16–20.","updated_timestamp":{"seconds":1720464426,"nanoseconds":0},"speakers":[{"content_ids":[54435],"conference_id":133,"event_ids":[54808],"name":"Jacob Shams","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Cyber@Ben-Gurion University","title":"Ph.D. Researcher"}],"links":[],"pronouns":"he/him","media":[],"id":54182,"title":"Ph.D. Researcher at Cyber@Ben-Gurion University"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-08T18:47:06Z","links":[],"end":"2024-08-09T17:20:00.000-0000","id":54808,"tag_ids":[46166,46419,46881],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54182}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-04 (Track 4)","hotel":"","short_name":"HW1-11-04 (Track 4)","id":46319},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-08T18:47:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"False sense of security in devices that guarantee security is worse than no security at all. One device used by personnel who require communication security is goTenna Pro radio that creates an \"off-the-grid\" encrypted mobile mesh network.This network does not require any traditional cellular or satellite infrastructure and they may be found locally in your community. The datasheet says it is using AES-256 encryption. Has anyone bothered to verify that it is being implemented in the most secure manner? We examined this device and found that it was possible to fingerprint and track every off-the-grid message regardless of encryption. We also identified vulnerabilities that result in interception and decryption of the most secure encryption algorithm AES-256 as well as injection of messages into the existing mesh network. We don’t just trust what datasheets say, we verify it for you. We will explain our testing methodologies and demonstrate exploitation in a live demo. We will discuss the operational implications of these vulnerabilities and safe ways of using these devices that decrease the chance of a compromise. The tools developed as part of this research will be released open-source to inform what was possible to inspire future research against similar devices. We will discuss how we worked with goTenna to remedy these issues.\n\n\n","media":[],"title":"Mobile Mesh RF Network Exploitation: Getting the Tea from goTenna","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T17:45:00Z","end_timestamp":{"seconds":1723225500,"nanoseconds":0},"android_description":"False sense of security in devices that guarantee security is worse than no security at all. One device used by personnel who require communication security is goTenna Pro radio that creates an \"off-the-grid\" encrypted mobile mesh network.This network does not require any traditional cellular or satellite infrastructure and they may be found locally in your community. The datasheet says it is using AES-256 encryption. Has anyone bothered to verify that it is being implemented in the most secure manner? We examined this device and found that it was possible to fingerprint and track every off-the-grid message regardless of encryption. We also identified vulnerabilities that result in interception and decryption of the most secure encryption algorithm AES-256 as well as injection of messages into the existing mesh network. We don’t just trust what datasheets say, we verify it for you. We will explain our testing methodologies and demonstrate exploitation in a live demo. We will discuss the operational implications of these vulnerabilities and safe ways of using these devices that decrease the chance of a compromise. The tools developed as part of this research will be released open-source to inform what was possible to inspire future research against similar devices. We will discuss how we worked with goTenna to remedy these issues.","updated_timestamp":{"seconds":1720805256,"nanoseconds":0},"speakers":[{"content_ids":[54434],"conference_id":133,"event_ids":[54807],"name":"Woody","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":54060},{"content_ids":[54434],"conference_id":133,"event_ids":[54807],"name":"Erwin Karincic","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":"he/him","links":[{"description":"","title":"Twitter (@tb69rr)","sort_order":0,"url":"https://twitter.com/tb69rr"}],"media":[],"id":54164}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-12T17:27:36Z","links":[],"end":"2024-08-09T17:45:00.000-0000","id":54807,"tag_ids":[46166,46169,46419,46437,46438,46879],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"Tool 🛠, Demo 💻, Exploit 🪲","people":[{"tag_id":46167,"sort_order":2,"person_id":54164},{"tag_id":46167,"sort_order":4,"person_id":54060}],"tags":"","conference_id":133,"location":{"parent_id":46254,"name":"LVCC - L1 - HW1-11-02 (Track 2)","hotel":"","short_name":"HW1-11-02 (Track 2)","id":46301},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-12T17:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Delve into the clandestine world of the LockBit ransomware gang! In this revealing presentation, I will recount my two-year journey spent infiltrating the inner ranks of the LockBit crime syndicate. Learn about the strategies employed to earn the trust of key individuals within the syndicate, including the gang's leader, LockBitSupp.\r\n\r\nYou will see firsthand accounts of these exchanges, and I will detail the intricacies of my relationship with LockBit's leadership and its network of affiliate hackers. You will also gain insight into the unintended consequences of my actions, including how my perceived breach of their infrastructure impacted the syndicate's operations. More importantly, I will share how I assisted in unmasking the real-world person behind the mask of LockBitSupp.\r\n\r\nJoin me as I illustrate the pivotal role of human intelligence in tandem with cyber threat intelligence to combat ransomware threats. This talk offers a compelling narrative of real-world efforts to thwart ransomware activities and safeguard organizations from LockBit ransomware attacks.\r\n\r\n- 60 min (full episode): 4/14/2024: Scattered Spider; Knife; Tasmanian Tiger - CBS News\r\n- 60 Min Overtime (additional footage from my interview about LockBit): Infiltrating ransomware gangs on the dark web - CBS News\r\n- Ransomware Diaries\r\n- Ransomware Diaries: Volume 1 | Analyst1\r\n- Ransomware Diaries V. 2: A Ransomware Hacker Origin Story (analyst1.com)\r\n- Ransomware Diaries V. 3: LockBit's Secrets (analyst1.com)\r\n- Ransomware Diaries Volume 5: Unmasking LockBit (analyst1.com)\r\n\n\n\n","media":[],"title":"Behind Enemy Lines: Going undercover to breach the LockBit Ransomware Operation","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-03T00:10+0000","color":"#69814C","name":"DEF CON Official Talk","updated_tsz":"2024-08-03T00:10:26Z","id":46166},"end_tsz":"2024-08-09T17:45:00Z","end_timestamp":{"seconds":1723225500,"nanoseconds":0},"android_description":"Delve into the clandestine world of the LockBit ransomware gang! In this revealing presentation, I will recount my two-year journey spent infiltrating the inner ranks of the LockBit crime syndicate. Learn about the strategies employed to earn the trust of key individuals within the syndicate, including the gang's leader, LockBitSupp.\r\n\r\nYou will see firsthand accounts of these exchanges, and I will detail the intricacies of my relationship with LockBit's leadership and its network of affiliate hackers. You will also gain insight into the unintended consequences of my actions, including how my perceived breach of their infrastructure impacted the syndicate's operations. More importantly, I will share how I assisted in unmasking the real-world person behind the mask of LockBitSupp.\r\n\r\nJoin me as I illustrate the pivotal role of human intelligence in tandem with cyber threat intelligence to combat ransomware threats. This talk offers a compelling narrative of real-world efforts to thwart ransomware activities and safeguard organizations from LockBit ransomware attacks.\r\n\r\n- 60 min (full episode): 4/14/2024: Scattered Spider; Knife; Tasmanian Tiger - CBS News\r\n- 60 Min Overtime (additional footage from my interview about LockBit): Infiltrating ransomware gangs on the dark web - CBS News\r\n- Ransomware Diaries\r\n- Ransomware Diaries: Volume 1 | Analyst1\r\n- Ransomware Diaries V. 2: A Ransomware Hacker Origin Story (analyst1.com)\r\n- Ransomware Diaries V. 3: LockBit's Secrets (analyst1.com)\r\n- Ransomware Diaries Volume 5: Unmasking LockBit (analyst1.com)","updated_timestamp":{"seconds":1720386448,"nanoseconds":0},"speakers":[{"content_ids":[54433],"conference_id":133,"event_ids":[54806],"name":"Jon DiMaggio","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Analyst1","title":"Chief Security Strategist"}],"pronouns":"he/him","links":[{"description":"","title":"Twitter (@Jon__DiMaggio)","sort_order":0,"url":"https://twitter.com/Jon__DiMaggio"}],"media":[],"id":54191,"title":"Chief Security Strategist at Analyst1"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-07T21:07:28Z","links":[],"end":"2024-08-09T17:45:00.000-0000","id":54806,"tag_ids":[46166,46419,46882],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":54191}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W322-W327 (Warstories Track)","hotel":"","short_name":"W322-W327 (Warstories Track)","id":46314},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-07T21:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"What happens when you take an ACM style programming contest, smash it head long into a drinking game, throw in a mix of our most distracting helpers, then shove the resulting chaos incarnate onto a stage? You get the contest known as Crash and Compile.\r\n\r\nTeams are given programming challenges and have to solve them with code. If your code fails to compile? Take a drink. Segfault? Take a drink. Did your code fail to produce the correct answer when you ran it? Take a drink. We set you against the clock and the other teams. And because our \"Team Distraction\" think watching people simply code is boring, they have taken it upon themselves to be creative in hindering you from programming, much to the enjoyment of the audience. At the end of the night, one team will have proven their ability, and walk away with the coveted Crash and Compile trophy.\r\n\r\nCrash and Compile is looking for the top programmers to test their skills in our contest. Do you have the problem solving and programming ability to complete our challenges? More importantly can you do so with style that sets your team ahead of the others? We encourage you to try your hand at the Crash and Compile qualifiers. Gather your team and see if you have the coding chops to secure your place as one of the top teams to move on to the main contest event.\r\n\r\nQualifications for Crash and Compile will take place 10:00 to 15:00. Come see us in contest area West Hall 4, or if you are excited to get started, qualifying can be completed from anywhere, as it takes place online at https://crashandcompile.org. You need a two hour block of time to complete the qualifying round. Points are awarded based on time to complete and problem difficulty.\n\n\n","media":[],"title":"Crash and Compile - Qualifications","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-09T22:00:00Z","end_timestamp":{"seconds":1723240800,"nanoseconds":0},"android_description":"What happens when you take an ACM style programming contest, smash it head long into a drinking game, throw in a mix of our most distracting helpers, then shove the resulting chaos incarnate onto a stage? You get the contest known as Crash and Compile.\r\n\r\nTeams are given programming challenges and have to solve them with code. If your code fails to compile? Take a drink. Segfault? Take a drink. Did your code fail to produce the correct answer when you ran it? Take a drink. We set you against the clock and the other teams. And because our \"Team Distraction\" think watching people simply code is boring, they have taken it upon themselves to be creative in hindering you from programming, much to the enjoyment of the audience. At the end of the night, one team will have proven their ability, and walk away with the coveted Crash and Compile trophy.\r\n\r\nCrash and Compile is looking for the top programmers to test their skills in our contest. Do you have the problem solving and programming ability to complete our challenges? More importantly can you do so with style that sets your team ahead of the others? We encourage you to try your hand at the Crash and Compile qualifiers. Gather your team and see if you have the coding chops to secure your place as one of the top teams to move on to the main contest event.\r\n\r\nQualifications for Crash and Compile will take place 10:00 to 15:00. Come see us in contest area West Hall 4, or if you are excited to get started, qualifying can be completed from anywhere, as it takes place online at https://crashandcompile.org. You need a two hour block of time to complete the qualifying round. Points are awarded based on time to complete and problem difficulty.","updated_timestamp":{"seconds":1719554875,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T06:07:55Z","links":[{"label":"Website","type":"link","url":"https://crashandcompile.org"}],"end":"2024-08-09T22:00:00.000-0000","id":54614,"tag_ids":[46426,46439,46494],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46257,"name":"LVCC - WH4 - Contest Area","hotel":"","short_name":"Contest Area","id":46333},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-06-28T06:07:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DEF CON has made HDA a community, and we now have a community room! This room will be dedicated to the attendees with ADA needs, their friends, helpers, and anyone who wants to hang out and be social! So far we plan on providing charging stations, chill out sessions, an open call for a modular synth jam session, and more to come! Let's all work together to make DEFCON Awesomely Accessible!\r\n\r\n(Please note that on Thursday, we will be open only to provide assistance to those in need. Regular community programming will begin on Friday.)\r\n\r\nHang out, chill out deck out your mobility device and more!\n\n\n","media":[],"title":"HDA Community - Open for Accessibility Questions/Help","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-10T07:00:00Z","end_timestamp":{"seconds":1723273200,"nanoseconds":0},"android_description":"DEF CON has made HDA a community, and we now have a community room! This room will be dedicated to the attendees with ADA needs, their friends, helpers, and anyone who wants to hang out and be social! So far we plan on providing charging stations, chill out sessions, an open call for a modular synth jam session, and more to come! Let's all work together to make DEFCON Awesomely Accessible!\r\n\r\n(Please note that on Thursday, we will be open only to provide assistance to those in need. Regular community programming will begin on Friday.)\r\n\r\nHang out, chill out deck out your mobility device and more!","updated_timestamp":{"seconds":1722140938,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T04:28:58Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/242670"},{"label":"Official HDA Policy","type":"link","url":"https://defcon.org/html/links/dc-hda.html"}],"end":"2024-08-10T07:00:00.000-0000","id":54571,"tag_ids":[46362,46404],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46251,"name":"LVCC - L1 - W110 (HDA)","hotel":"","short_name":"W110 (HDA)","id":46280},"spans_timebands":"Y","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-07-28T04:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cloud Offensive Breach and Risk Assessment (COBRA) is an open-source tool designed to empower users to simulate attacks within multi-cloud environments, offering a comprehensive evaluation of security controls. By automating the testing of various threat vectors including external and insider threats, lateral movement, and data exfiltration, CNBAS enables organizations to gain insights into their security posture vulnerabilities. CNBAS is designed to conduct simulated attacks to assess an organization's ability to detect and respond to security threats effectively.\n\n\n","media":[],"title":"Cloud Offensive Breach and Risk Assessment (COBRA)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T18:45:00Z","end_timestamp":{"seconds":1723229100,"nanoseconds":0},"android_description":"Cloud Offensive Breach and Risk Assessment (COBRA) is an open-source tool designed to empower users to simulate attacks within multi-cloud environments, offering a comprehensive evaluation of security controls. By automating the testing of various threat vectors including external and insider threats, lateral movement, and data exfiltration, CNBAS enables organizations to gain insights into their security posture vulnerabilities. CNBAS is designed to conduct simulated attacks to assess an organization's ability to detect and respond to security threats effectively.","updated_timestamp":{"seconds":1718922446,"nanoseconds":0},"speakers":[{"content_ids":[55481,54179],"conference_id":133,"event_ids":[55910,54548],"name":"Anand Tiwari","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@anandtiwarics)","sort_order":0,"url":"https://twitter.com/anandtiwarics"}],"media":[],"id":53722},{"content_ids":[55481,54179],"conference_id":133,"event_ids":[55910,54548],"name":"Harsha Koushik","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@0xlcheetah)","sort_order":0,"url":"https://twitter.com/0xlcheetah"}],"media":[],"id":53739}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:27:26Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249608"},{"label":"Project","type":"link","url":"https://github.com/PaloAltoNetworks/cnbas-tool"}],"end":"2024-08-09T18:45:00.000-0000","id":54548,"tag_ids":[46169,46441,46444,46445,46453],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53722},{"tag_id":46167,"sort_order":4,"person_id":53739}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W308","hotel":"","short_name":"W308","id":46321},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-06-20T22:27:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Cloud Penetration Testing has become a hot topic in the offensive community, as the cloud based infrastructures have been slowly taking the place on-prem ones used to have. This requires a tool to help with it. Nebula is a cloud Pentest Framework, which offers reconnaissance, enumeration, exploitation, post exploitation on AWS, Azure, DigitalOcean and above all opportunity to extend even more. It is built modulary for each provider and each attack, allowing for a diversity in attack surface. This coupled with the client-server architecture, allows for a collaborated team assessment of a hybrid cloud environment.\n\n\n","media":[],"title":"Nebula - 3 Years of Kicking *aaS and Taking Usernames","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T18:45:00Z","end_timestamp":{"seconds":1723229100,"nanoseconds":0},"android_description":"Cloud Penetration Testing has become a hot topic in the offensive community, as the cloud based infrastructures have been slowly taking the place on-prem ones used to have. This requires a tool to help with it. Nebula is a cloud Pentest Framework, which offers reconnaissance, enumeration, exploitation, post exploitation on AWS, Azure, DigitalOcean and above all opportunity to extend even more. It is built modulary for each provider and each attack, allowing for a diversity in attack surface. This coupled with the client-server architecture, allows for a collaborated team assessment of a hybrid cloud environment.","updated_timestamp":{"seconds":1718922395,"nanoseconds":0},"speakers":[{"content_ids":[54176],"conference_id":133,"event_ids":[54545],"name":"Bleon Proko","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53726}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:26:35Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249607"},{"label":"Project","type":"link","url":"https://github.com/gl4ssesbo1/Nebula"}],"end":"2024-08-09T18:45:00.000-0000","id":54545,"tag_ids":[46169,46441,46444,46445,46453],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53726}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W307","hotel":"","short_name":"W307","id":46322},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-06-20T22:26:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The purpose of the tool platform is to provide both novice and experienced Bluetooth researchers a “swiss-army knife” for device exploration and enumeration. The Bluetooth Landscape Exploration & Enumeration Platform (BLEEP) is capable of discovering Bluetooth Low Energy (BLE) devices, connecting to them, and enumerating the device as well. BLEEP leverages Python3, BlueZ, and the Linux D-Bus to provide a terminal user interface for identifying and interacting with BLE implements. The I/O capabilities of the toolset include read I/O, performing writes, and capturing of notification signals. The purpose of using these low-level libraries is to maintain small granularity control over the interactivity between BLEEP and the BLE environment.\n\n\n","media":[],"title":"Bluetooth Landscape Exploration & Enumeration Platform (BLEEP)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T18:45:00Z","end_timestamp":{"seconds":1723229100,"nanoseconds":0},"android_description":"The purpose of the tool platform is to provide both novice and experienced Bluetooth researchers a “swiss-army knife” for device exploration and enumeration. The Bluetooth Landscape Exploration & Enumeration Platform (BLEEP) is capable of discovering Bluetooth Low Energy (BLE) devices, connecting to them, and enumerating the device as well. BLEEP leverages Python3, BlueZ, and the Linux D-Bus to provide a terminal user interface for identifying and interacting with BLE implements. The I/O capabilities of the toolset include read I/O, performing writes, and capturing of notification signals. The purpose of using these low-level libraries is to maintain small granularity control over the interactivity between BLEEP and the BLE environment.","updated_timestamp":{"seconds":1718922338,"nanoseconds":0},"speakers":[{"content_ids":[54173],"conference_id":133,"event_ids":[54542],"name":"Paul Wortman","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53767}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:25:38Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249606"},{"label":"Project","type":"link","url":"https://github.com/Mauddib28/bleep-tool"}],"end":"2024-08-09T18:45:00.000-0000","id":54542,"tag_ids":[46169,46441,46453,46466],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53767}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W306","hotel":"","short_name":"W306","id":46323},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-06-20T22:25:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In red team operations, selecting the right tools for data exfiltration is critical, yet comes with obstacles such as triggering Data Exfiltration Prevention (DEP) systems. We present \"Volatile Vault\" as a solution, a custom-built platform tailored to evade DEP detection. Our tool encrypts the data on the client-side and then provides a modular approach for uploading said data. Some of the currently implemented upload strategies are chunked HTTP uploads to multiple domain fronted endpoints (AWS) or QUIC as an alternative protocol.\n\n\n","media":[],"title":"Volatile Vault - Data Exfiltration in 2024","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T18:45:00Z","end_timestamp":{"seconds":1723229100,"nanoseconds":0},"android_description":"In red team operations, selecting the right tools for data exfiltration is critical, yet comes with obstacles such as triggering Data Exfiltration Prevention (DEP) systems. We present \"Volatile Vault\" as a solution, a custom-built platform tailored to evade DEP detection. Our tool encrypts the data on the client-side and then provides a modular approach for uploading said data. Some of the currently implemented upload strategies are chunked HTTP uploads to multiple domain fronted endpoints (AWS) or QUIC as an alternative protocol.","updated_timestamp":{"seconds":1718922282,"nanoseconds":0},"speakers":[{"content_ids":[54170,54189],"conference_id":133,"event_ids":[54539,54558],"name":"Moritz Laurin Thomas","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NVISO ARES","title":"Senior Red Team Security Consultant"}],"links":[],"pronouns":null,"media":[],"id":53762,"title":"Senior Red Team Security Consultant at NVISO ARES"},{"content_ids":[54170],"conference_id":133,"event_ids":[54539],"name":"Patrick Eisenschmidt","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"NVISO ARES","title":"Red Team Lead"}],"links":[],"pronouns":null,"media":[],"id":53765,"title":"Red Team Lead at NVISO ARES"}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:24:42Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249605"},{"label":"Project","type":"link","url":"https://github.com/molatho/VolatileVault"}],"end":"2024-08-09T18:45:00.000-0000","id":54539,"tag_ids":[46169,46441,46443,46445,46453],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53762},{"tag_id":46167,"sort_order":4,"person_id":53765}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W305","hotel":"","short_name":"W305","id":46324},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-06-20T22:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"apkInspector is a tool designed to tackle Android APKs, helping to uncover and decode the evasive tactics used by malware. It can decompress APK entries and extract detailed information such as entry names and sizes, making it easy to analyze the contents of an app. The tool also processes and decodes Android XML (AXML) files into a human-readable format, all while considering the sneaky evasion tactics that malware might employ. apkInspector is able to also identify specific evasion techniques used by malware to bypass static analysis, providing crucial insights for security analysis. It is built to function both as a standalone command-line interface (CLI) for direct operations and as a library that can be integrated into other security tools, enhancing its utility and adaptability in various cybersecurity environments.\n\n\n","media":[],"title":"Zip It Up, Sneak It In - Introduction of apkInspector","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T18:45:00Z","end_timestamp":{"seconds":1723229100,"nanoseconds":0},"android_description":"apkInspector is a tool designed to tackle Android APKs, helping to uncover and decode the evasive tactics used by malware. It can decompress APK entries and extract detailed information such as entry names and sizes, making it easy to analyze the contents of an app. The tool also processes and decodes Android XML (AXML) files into a human-readable format, all while considering the sneaky evasion tactics that malware might employ. apkInspector is able to also identify specific evasion techniques used by malware to bypass static analysis, providing crucial insights for security analysis. It is built to function both as a standalone command-line interface (CLI) for direct operations and as a library that can be integrated into other security tools, enhancing its utility and adaptability in various cybersecurity environments.","updated_timestamp":{"seconds":1718922216,"nanoseconds":0},"speakers":[{"content_ids":[54167],"conference_id":133,"event_ids":[54536],"name":"Kaloyan Velikov","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53747},{"content_ids":[54167],"conference_id":133,"event_ids":[54536],"name":"Leonidas Vasileiadis","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53751}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:23:36Z","links":[{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249604"},{"label":"Project","type":"link","url":"https://github.com/erev0s/apkInspector"}],"end":"2024-08-09T18:45:00.000-0000","id":54536,"tag_ids":[46169,46441,46443,46445,46448,46452,46453,46460],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53747},{"tag_id":46167,"sort_order":4,"person_id":53751}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W304","hotel":"","short_name":"W304","id":46325},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-06-20T22:23:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Docker Exploitation Framework is a cross-platform framework that is focused on attacking container environments (think Kubernetes, docker, etc). It can identify vulnerabilities, misconfigurations, and potential attack vectors. It also helps to automate different stages of a successful kill-chain through features such as:\r\n\r\n- Vulnerability scanning\r\n- Container breakouts\r\n- Pod2pod lateral movement\r\n- File layers deep inspection and extraction\r\n- Attack surface discovery and mapping\r\n- Privilege escalation, etc\n\n\n","media":[],"title":"Docker Exploitation Framework","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#adc2dc","name":"Demo Lab","updated_tsz":"2024-07-21T19:20:45Z","id":46441},"end_tsz":"2024-08-09T18:45:00Z","end_timestamp":{"seconds":1723229100,"nanoseconds":0},"android_description":"Docker Exploitation Framework is a cross-platform framework that is focused on attacking container environments (think Kubernetes, docker, etc). It can identify vulnerabilities, misconfigurations, and potential attack vectors. It also helps to automate different stages of a successful kill-chain through features such as:\r\n\r\n- Vulnerability scanning\r\n- Container breakouts\r\n- Pod2pod lateral movement\r\n- File layers deep inspection and extraction\r\n- Attack surface discovery and mapping\r\n- Privilege escalation, etc","updated_timestamp":{"seconds":1718922123,"nanoseconds":0},"speakers":[{"content_ids":[54164],"conference_id":133,"event_ids":[54533],"name":"Emmanuel Law","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Senior Staff Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@libnex)","sort_order":0,"url":"https://twitter.com/libnex"}],"media":[],"id":53734,"title":"Senior Staff Security Engineer"},{"content_ids":[54164],"conference_id":133,"event_ids":[54533],"name":"Rohit Pitke","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53772}],"begin_tsz":"2024-08-09T17:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-20T22:22:03Z","links":[{"label":"Project","type":"link","url":"https://dockerexploitationframework.github.io/"},{"label":"DEF CON Forums","type":"link","url":"https://forum.defcon.org/node/249603"}],"end":"2024-08-09T18:45:00.000-0000","id":54533,"tag_ids":[46169,46441,46443,46453],"village_id":null,"begin_timestamp":{"seconds":1723222800,"nanoseconds":0},"includes":"Demo 💻","people":[{"tag_id":46167,"sort_order":2,"person_id":53734},{"tag_id":46167,"sort_order":4,"person_id":53772}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W303","hotel":"","short_name":"W303","id":46326},"spans_timebands":"N","begin":"2024-08-09T17:00:00.000-0000","updated":"2024-06-20T22:22:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In this Q&A session featuring a malware engineer, the BIC community will engage with insights and inquiries!\n\n\n","media":[],"title":"BIC Village Opening Q&A with Marcus Hutchins","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T17:00:00Z","end_timestamp":{"seconds":1723222800,"nanoseconds":0},"android_description":"In this Q&A session featuring a malware engineer, the BIC community will engage with insights and inquiries!","updated_timestamp":{"seconds":1721495125,"nanoseconds":0},"speakers":[{"content_ids":[55190],"conference_id":133,"event_ids":[55580],"name":"Marcus Hutchins","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Cybersecurity Speaker"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/malwaretech?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=ios_app"},{"description":"","title":"Mastodon (@malwaretech@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@malwaretech"},{"description":"","title":"Website","sort_order":0,"url":"https://marcushutchins.com/"}],"media":[],"id":55806,"title":"Cybersecurity Speaker"},{"content_ids":[55190],"conference_id":133,"event_ids":[55580],"name":"Michaela Barnett","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Red Team Operator & Cybersecurity Researcher"}],"pronouns":"she/her","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/michaela-barnett-a4103285/"},{"description":"","title":"Mastodon (@mk48@defcon.social)","sort_order":0,"url":"https://defcon.social/@mk48"},{"description":"","title":"Mastodon (@mk48@infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@mk48"},{"description":"","title":"Twitter (@MK4TY8)","sort_order":0,"url":"https://x.com/MK4TY8"}],"media":[],"id":55807,"title":"Red Team Operator & Cybersecurity Researcher"}],"begin_tsz":"2024-08-09T16:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T17:05:25Z","links":[],"end":"2024-08-09T17:00:00.000-0000","id":55580,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723221000,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55807},{"tag_id":46167,"sort_order":4,"person_id":55806}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-09T16:30:00.000-0000","updated":"2024-07-20T17:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the Social Engineering Community’s Vishing Competition (#SECVC), teams and individuals go toe to toe, placing live phone calls in front of the SEC audience at DEF CON, showcasing the duality of ease and complexity of the craft against the various levels of preparedness and defenses by actual companies.\n\n\n","media":[{"hash_sha256":"7d0d9b649fab8d275e1ecbedd38ccde599c877fa0814429a982f2d2c1530c04a","filetype":"image/png","hash_md5":"4668261e876ee373cf550d860652abbb","name":"ct_secv_vishing.png","is_logo":"Y","hash_crc32c":"58ded2e9","filesize":159478,"asset_id":691,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_secv_vishing.png"}],"title":"Social Engineering Community Vishing Competition (SECVC)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T00:00:00Z","end_timestamp":{"seconds":1723248000,"nanoseconds":0},"android_description":"In the Social Engineering Community’s Vishing Competition (#SECVC), teams and individuals go toe to toe, placing live phone calls in front of the SEC audience at DEF CON, showcasing the duality of ease and complexity of the craft against the various levels of preparedness and defenses by actual companies.","updated_timestamp":{"seconds":1722103441,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T16:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-27T18:04:01Z","links":[{"label":"More Info","type":"link","url":"https://www.se.community/vishing-competition/"}],"end":"2024-08-10T00:00:00.000-0000","id":55843,"tag_ids":[46393,46439,46741],"village_id":null,"begin_timestamp":{"seconds":1723219200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-09T16:00:00.000-0000","updated":"2024-07-27T18:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Don’t Panic! The Social Engineering Community needs your help save the galaxy! We need brave and creative minds for our Youth Challenge to help us solve a series of challenges that will trigger the implosion failsafe.\n\n\n","media":[{"hash_sha256":"644e222049d8075294958387f5d1fe445f0b2475478877de25e0b67fa14294fb","filetype":"image/png","hash_md5":"c853babc9f241a502510097ea15bda71","name":"ct_secv_youth.png","is_logo":"Y","hash_crc32c":"8a3466fb","filesize":167278,"asset_id":690,"sort_order":0,"url":"https://info.defcon.org/blobs/ct_secv_youth.png"}],"title":"Social Engineering Community Youth Challenge","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Don’t Panic! The Social Engineering Community needs your help save the galaxy! We need brave and creative minds for our Youth Challenge to help us solve a series of challenges that will trigger the implosion failsafe.","updated_timestamp":{"seconds":1722103348,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T16:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-27T18:02:28Z","links":[{"label":"More Info","type":"link","url":"https://www.se.community/youth-challenge/"}],"end":"2024-08-10T01:00:00.000-0000","id":55841,"tag_ids":[46393,46439,46740],"village_id":null,"begin_timestamp":{"seconds":1723219200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-09T16:00:00.000-0000","updated":"2024-07-27T18:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Meet BIC @ UK! The U.K. Chapter of Blacks In Cybersecurity is dedicated to empowering Black professionals in the United Kingdom. This session will introduce you to the regional leaders and their vision for their local chapter and members.\n\n\n","media":[],"title":"BIC United Kingdom Chapter Informational Virtual Opening Session","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#069622","name":"Creator Talk/Panel","updated_tsz":"2024-07-21T19:20:45Z","id":46511},"end_tsz":"2024-08-09T16:30:00Z","end_timestamp":{"seconds":1723221000,"nanoseconds":0},"android_description":"Meet BIC @ UK! The U.K. Chapter of Blacks In Cybersecurity is dedicated to empowering Black professionals in the United Kingdom. This session will introduce you to the regional leaders and their vision for their local chapter and members.","updated_timestamp":{"seconds":1721495102,"nanoseconds":0},"speakers":[{"content_ids":[55189],"conference_id":133,"event_ids":[55579],"name":"Ike Marizu","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"BIC U.K. Ambassador"}],"pronouns":"he/him","links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/o-ike-m-2b09261a7?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=ios_app"}],"media":[],"id":55790,"title":"BIC U.K. Ambassador"}],"begin_tsz":"2024-08-09T16:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-20T17:05:02Z","links":[],"end":"2024-08-09T16:30:00.000-0000","id":55579,"tag_ids":[46372,46427,46511],"village_id":null,"begin_timestamp":{"seconds":1723219200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":55790}],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W314-W316","hotel":"","short_name":"W314-W316","id":46297},"spans_timebands":"N","begin":"2024-08-09T16:00:00.000-0000","updated":"2024-07-20T17:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Gain experience popping root shells on real world web applications and taking your hacking skills to the next level. Students will learn accessible and powerful vulnerability discovery techniques to identify, exploit and chain vulnerabilities for root shells. Getting hands-on experience using free and widely available Linux utilities to debug and dynamically monitor applications, to more effectively discover and exploit vulnerabilities. Using a whitebox approach students will rapidly discover and exploit non-trivial bugs. A progressive hint system will be used during the labs to incrementally reveal step-by-step progressions of each exploit exercise in case students are stuck or fall behind.\nCourse Objectives:\n--Students will gain hands-on experience analyzing and developing exploits for real world application vulnerabilities.\n--Students will learn how to discover vulnerabilities and subsequently weaponize them in an exploit chain to spawn remote shells on application servers.\n--Students will gain experience using open source linux tools like strace and tcpdump to analyze application behavior and isolate vulnerabilities.\n--Students will gain experience weaponizing web application vulnerabilities and writing exploits\nUpon Completion of this training, attendees will know:\n--How to identify situations where openbox application vulnerability assessments are appropriate and how to leverage this powerful context.\n--How to utilize openbox penetration testing methodologies to achieve more thorough and effective assessments.\n--How to leverage vulnerability chaining to assemble multiple medium criticality findings into a single remote root exploit.\n\n\n","media":[],"title":"Whitebox Web Exploit Development","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Gain experience popping root shells on real world web applications and taking your hacking skills to the next level. Students will learn accessible and powerful vulnerability discovery techniques to identify, exploit and chain vulnerabilities for root shells. Getting hands-on experience using free and widely available Linux utilities to debug and dynamically monitor applications, to more effectively discover and exploit vulnerabilities. Using a whitebox approach students will rapidly discover and exploit non-trivial bugs. A progressive hint system will be used during the labs to incrementally reveal step-by-step progressions of each exploit exercise in case students are stuck or fall behind.\nCourse Objectives:\n--Students will gain hands-on experience analyzing and developing exploits for real world application vulnerabilities.\n--Students will learn how to discover vulnerabilities and subsequently weaponize them in an exploit chain to spawn remote shells on application servers.\n--Students will gain experience using open source linux tools like strace and tcpdump to analyze application behavior and isolate vulnerabilities.\n--Students will gain experience weaponizing web application vulnerabilities and writing exploits\nUpon Completion of this training, attendees will know:\n--How to identify situations where openbox application vulnerability assessments are appropriate and how to leverage this powerful context.\n--How to utilize openbox penetration testing methodologies to achieve more thorough and effective assessments.\n--How to leverage vulnerability chaining to assemble multiple medium criticality findings into a single remote root exploit.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54221],"conference_id":133,"event_ids":[54594],"name":"Cale Smith","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Amazon","title":""}],"pronouns":null,"links":[{"description":"","title":"Twitter (@calebreeeh)","sort_order":0,"url":"https://twitter.com/calebreeeh"}],"media":[],"id":53836,"title":"Amazon"},{"content_ids":[54221],"conference_id":133,"event_ids":[54594],"name":"Priyanka Joshi","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Amazon","title":"Security Engineer, Ring AppSec"}],"links":[],"pronouns":null,"media":[],"id":53861,"title":"Security Engineer, Ring AppSec at Amazon"}],"begin_tsz":"2024-08-09T16:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Joshi_DC32.eventbrite.com"}],"end":"2024-08-09T20:00:00.000-0000","id":54594,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723219200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53836},{"tag_id":46167,"sort_order":1,"person_id":53861}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dunes","hotel":"","short_name":"Dunes","id":46329},"spans_timebands":"N","begin":"2024-08-09T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DLL Loading is one of the most important parts of the Windows system. When you install, run, use, or hack a system, you will always use DLL. This DLL mechanism has been exploited for several years for malware development through several techniques : DLL injection, DLL sideloading, Reflective DLL but do you really know how Windows is loading a DLL ? Do you know how it links all sections ? Which structures are used to store internally ? How does it resolve dependencies ? And are you able to design your own Perfect DLL Loader that fully integrate with the WIN32API? \nIn this workshop, you will lose you sanity and dive into the Windows DLL mechanism. Armed with your decompiler and your brain, step by step, you will build your own (almost) Perfect DLL loader.\nYou will try to load from the simple AMSI.DLL to the most complexe WINHTTP.DLL. At each step, you will dive deeper into the Windows DLL Loader and the Windows Internals.\nMalware developers, you will be able to use this code as a PE loader that never failed me for the last years and a DLL loader that does not raise the LoadImage kernel callback you can use on your own C2 beacon.\nWARNING: while this is a windows internal DISCOVERY discovery course, it is still a HIGHLY TECHNICAL workshop. You should have some entry-level knowledge on Windows systems, C programing and reverse engineering to fully enjoy the workshop.\nIt is expected from the student to bring a laptop with either a Windows 10 or Windows 10 VM, a C compiler (Mingw or MSVC), a decompiler (IDA Free or Ghidra), the WinDBG debugger and the Sysinternals suite. I will personally use the following toolchain : WIN10, MSVC, IDA, WinDBG Preview.\n\n\n","media":[],"title":"Traumatic Library Loading : If you want to use it, you have to implement it...","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"DLL Loading is one of the most important parts of the Windows system. When you install, run, use, or hack a system, you will always use DLL. This DLL mechanism has been exploited for several years for malware development through several techniques : DLL injection, DLL sideloading, Reflective DLL but do you really know how Windows is loading a DLL ? Do you know how it links all sections ? Which structures are used to store internally ? How does it resolve dependencies ? And are you able to design your own Perfect DLL Loader that fully integrate with the WIN32API? \nIn this workshop, you will lose you sanity and dive into the Windows DLL mechanism. Armed with your decompiler and your brain, step by step, you will build your own (almost) Perfect DLL loader.\nYou will try to load from the simple AMSI.DLL to the most complexe WINHTTP.DLL. At each step, you will dive deeper into the Windows DLL Loader and the Windows Internals.\nMalware developers, you will be able to use this code as a PE loader that never failed me for the last years and a DLL loader that does not raise the LoadImage kernel callback you can use on your own C2 beacon.\nWARNING: while this is a windows internal DISCOVERY discovery course, it is still a HIGHLY TECHNICAL workshop. You should have some entry-level knowledge on Windows systems, C programing and reverse engineering to fully enjoy the workshop.\nIt is expected from the student to bring a laptop with either a Windows 10 or Windows 10 VM, a C compiler (Mingw or MSVC), a decompiler (IDA Free or Ghidra), the WinDBG debugger and the Sysinternals suite. I will personally use the following toolchain : WIN10, MSVC, IDA, WinDBG Preview.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54220],"conference_id":133,"event_ids":[54593],"name":"Yoann Dequeker","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Wavestone","title":"Red Team Operator"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@OtterHacker)","sort_order":0,"url":"https://twitter.com/OtterHacker"}],"media":[],"id":53876,"title":"Red Team Operator at Wavestone"}],"begin_tsz":"2024-08-09T16:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Dequeker_DC32.eventbrite.com"}],"end":"2024-08-09T20:00:00.000-0000","id":54593,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723219200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53876}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dean Martin","hotel":"","short_name":"Dean Martin","id":46327},"spans_timebands":"N","begin":"2024-08-09T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the unpredictable world of healthcare, the ability to respond effectively to emergencies and technology failures is paramount to ensuring patient safety and continuity of care. As hospitals and emergency rooms increasingly rely on technology to deliver critical services, it's essential for all personnel to understand the complex interplay between technology, emergency response, and the potential cascading effects of failures. This immersive workshop is designed to equip participants with the knowledge and skills needed to navigate emergencies and technology failures in healthcare environments. Through a series of simulated scenarios encompassing various emergency situations and technology breakdowns, participants will explore the intricate challenges of maintaining operational resilience in the face of adversity.\nFrom power outages to cyberattacks, participants will learn how to identify, assess, and respond to emergencies with a focus on mitigating second and third-order consequences. Leveraging real-time data and insights from tools and techniques, participants will gain practical experience in detecting anomalies, coordinating response efforts, and minimizing disruption to patient care.\nKey Learning Objectives:\nUnderstand the complex interplay between technology, emergency response, and the potential cascading effects of failures in healthcare environments.\nExplore various emergency scenarios and technology failures, including power outages, cyberattacks, and system malfunctions.\nGain practical experience in assessing the impact of emergencies and technology failures on patient care and operational continuity.\nLearn how to use the available tools for real-time monitoring, detection, and response to security incidents and technology failures.\nDiscuss strategies for mitigating second and third-order consequences of emergencies and technology failures, including communication, collaboration, and contingency planning.\n\n\n","media":[],"title":"Small Choices, Global Repercussions: A Tabletop Exercise about Decision-Making in Healthcare Cybersecurity","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"In the unpredictable world of healthcare, the ability to respond effectively to emergencies and technology failures is paramount to ensuring patient safety and continuity of care. As hospitals and emergency rooms increasingly rely on technology to deliver critical services, it's essential for all personnel to understand the complex interplay between technology, emergency response, and the potential cascading effects of failures. This immersive workshop is designed to equip participants with the knowledge and skills needed to navigate emergencies and technology failures in healthcare environments. Through a series of simulated scenarios encompassing various emergency situations and technology breakdowns, participants will explore the intricate challenges of maintaining operational resilience in the face of adversity.\nFrom power outages to cyberattacks, participants will learn how to identify, assess, and respond to emergencies with a focus on mitigating second and third-order consequences. Leveraging real-time data and insights from tools and techniques, participants will gain practical experience in detecting anomalies, coordinating response efforts, and minimizing disruption to patient care.\nKey Learning Objectives:\nUnderstand the complex interplay between technology, emergency response, and the potential cascading effects of failures in healthcare environments.\nExplore various emergency scenarios and technology failures, including power outages, cyberattacks, and system malfunctions.\nGain practical experience in assessing the impact of emergencies and technology failures on patient care and operational continuity.\nLearn how to use the available tools for real-time monitoring, detection, and response to security incidents and technology failures.\nDiscuss strategies for mitigating second and third-order consequences of emergencies and technology failures, including communication, collaboration, and contingency planning.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54219],"conference_id":133,"event_ids":[54592],"name":"Isabel Straw, MD","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@IsabelStrawMD)","sort_order":0,"url":"https://twitter.com/IsabelStrawMD"}],"media":[],"id":53845},{"content_ids":[54219],"conference_id":133,"event_ids":[54592],"name":"Jorge Acevedo Canabal, MD","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"University of Puerto Rico","title":"Adjunct Professor"}],"links":[],"pronouns":null,"media":[],"id":53848,"title":"Adjunct Professor at University of Puerto Rico"},{"content_ids":[54219],"conference_id":133,"event_ids":[54592],"name":"Nathan Case","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@karmichand)","sort_order":0,"url":"https://twitter.com/karmichand"}],"media":[],"id":53859}],"begin_tsz":"2024-08-09T16:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"More Info","type":"link","url":"https://www.villageb.io/table-top-exercises"},{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Case_DC32.eventbrite.com"}],"end":"2024-08-09T20:00:00.000-0000","id":54592,"tag_ids":[46371,46427,46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723219200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53845},{"tag_id":46167,"sort_order":1,"person_id":53848},{"tag_id":46167,"sort_order":1,"person_id":53859}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Frontier","hotel":"","short_name":"Frontier","id":46330},"spans_timebands":"N","begin":"2024-08-09T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Every technical product is now incorporating machine learning at an explosive rate. But most people, even those with strong technical skills, don't understand how it works, what its capabilities are, and what security risks come with it. In this workshop, we'll make machine learning models using simple Python scripts, train them, and evaluate their worth. Projects include computer vision, breaking a CAPTCHA, deblurring images, regression, and classification tasks. We will perform poisoning and evasion attacks on machine learning systems, and implement deep neural rejection to block such attacks.\nNo experience with programming or machine learning is required, and the only software required is a Web browser. We will use TensorFlow on free Google Colab cloud systems. \nAll materials and challenges are freely available at samsclass.info, and will remain available after the workshop ends.\n\n\n","media":[],"title":"Machine Learning for N00bs","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"Every technical product is now incorporating machine learning at an explosive rate. But most people, even those with strong technical skills, don't understand how it works, what its capabilities are, and what security risks come with it. In this workshop, we'll make machine learning models using simple Python scripts, train them, and evaluate their worth. Projects include computer vision, breaking a CAPTCHA, deblurring images, regression, and classification tasks. We will perform poisoning and evasion attacks on machine learning systems, and implement deep neural rejection to block such attacks.\nNo experience with programming or machine learning is required, and the only software required is a Web browser. We will use TensorFlow on free Google Colab cloud systems. \nAll materials and challenges are freely available at samsclass.info, and will remain available after the workshop ends.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54218],"conference_id":133,"event_ids":[54591],"name":"Elizabeth Biddlecome","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":53840},{"content_ids":[54218],"conference_id":133,"event_ids":[54591],"name":"Irvin Lemus","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"By Light IT Professional Services","title":"Cyber Range Engineer"}],"links":[],"pronouns":null,"media":[],"id":53844,"title":"Cyber Range Engineer at By Light IT Professional Services"},{"content_ids":[54218],"conference_id":133,"event_ids":[54591],"name":"Kaitlyn Handelman","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Amazon","title":"Offensive Security Engineer"}],"links":[],"pronouns":null,"media":[],"id":53851,"title":"Offensive Security Engineer at Amazon"},{"content_ids":[54218],"conference_id":133,"event_ids":[54591],"name":"Sam Bowne","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Infosec Decoded, Inc","title":"Founder"},{"organization":"City College San Francisco","title":"Instructor"}],"links":[],"pronouns":null,"media":[],"id":53867,"title":"Instructor at City College San Francisco"}],"begin_tsz":"2024-08-09T16:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Bowne_DC32.eventbrite.com"}],"end":"2024-08-09T20:00:00.000-0000","id":54591,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723219200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53840},{"tag_id":46167,"sort_order":1,"person_id":53844},{"tag_id":46167,"sort_order":1,"person_id":53851},{"tag_id":46167,"sort_order":1,"person_id":53867}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Sands","hotel":"","short_name":"Sands","id":46331},"spans_timebands":"N","begin":"2024-08-09T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"As defenders, we are always outnumbered, but we are by no means outmaneuvered. Attackers may hide in the haystack of haystacks, but with scalable detection logic, efficient coding practices, a thorough investigation methodology, and a reasonable corpus of computing, we can still determine which haystack to look within, and subsequently find the needle.\r\n\r\nThis is often made possible by a detection pipeline. And knowing how detection pipelines work, and the role each component plays, can help us write more efficient, more accurate detections to make life hard for the attacker. By reducing the attacker's window of opportunity, whilst making the subsequent investigation easier for the would-be analyst, we can maintain a strong defensive position, forcing the attacker to burn significantly more resources in an attempt to make progress.\r\n\r\nThis workshop will run attendees through implementing a simple detection pipeline in code, and some basic detection rules, to understand how to:\r\n- Ingest and normalize arbitrary log data, and make such data available for downstream detection rules;\r\n- Implement detection logic, to isolate potentially malicious behaviour;\r\n- Enrich log data with more context, aiding investigation; and\r\n- Draw relationships from individual log entries, to reduce investigative noise.\r\n\r\nAttendees should be comfortable with either Python 3 or Golang, including core language syntax and the execution environment of their preferred language.\n\n\n","media":[],"title":"Finding the Needle: An Introduction to Detection Engineering","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-09T20:00:00Z","end_timestamp":{"seconds":1723233600,"nanoseconds":0},"android_description":"As defenders, we are always outnumbered, but we are by no means outmaneuvered. Attackers may hide in the haystack of haystacks, but with scalable detection logic, efficient coding practices, a thorough investigation methodology, and a reasonable corpus of computing, we can still determine which haystack to look within, and subsequently find the needle.\r\n\r\nThis is often made possible by a detection pipeline. And knowing how detection pipelines work, and the role each component plays, can help us write more efficient, more accurate detections to make life hard for the attacker. By reducing the attacker's window of opportunity, whilst making the subsequent investigation easier for the would-be analyst, we can maintain a strong defensive position, forcing the attacker to burn significantly more resources in an attempt to make progress.\r\n\r\nThis workshop will run attendees through implementing a simple detection pipeline in code, and some basic detection rules, to understand how to:\r\n- Ingest and normalize arbitrary log data, and make such data available for downstream detection rules;\r\n- Implement detection logic, to isolate potentially malicious behaviour;\r\n- Enrich log data with more context, aiding investigation; and\r\n- Draw relationships from individual log entries, to reduce investigative noise.\r\n\r\nAttendees should be comfortable with either Python 3 or Golang, including core language syntax and the execution environment of their preferred language.","updated_timestamp":{"seconds":1719543292,"nanoseconds":0},"speakers":[{"content_ids":[54217],"conference_id":133,"event_ids":[54590],"name":"Kathy Zhu","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Security Engineering Tech Lead"}],"links":[],"pronouns":null,"media":[],"id":53852,"title":"Security Engineering Tech Lead at Google"},{"content_ids":[54214,54217],"conference_id":133,"event_ids":[54587,54590],"name":"Troy Defty","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Security Engineering Manager"}],"links":[],"pronouns":null,"media":[],"id":53872,"title":"Security Engineering Manager"}],"begin_tsz":"2024-08-09T16:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-28T02:54:52Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Defty_DC32.eventbrite.com"}],"end":"2024-08-09T20:00:00.000-0000","id":54590,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723219200,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53852},{"tag_id":46167,"sort_order":1,"person_id":53872}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Desert Inn","hotel":"","short_name":"Desert Inn","id":46328},"spans_timebands":"N","begin":"2024-08-09T16:00:00.000-0000","updated":"2024-06-28T02:54:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come check out the Social Engineering Community Village!\n\n\n","media":[],"title":"Social Engineering Community Village Hours","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"Come check out the Social Engineering Community Village!","updated_timestamp":{"seconds":1722102714,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T15:30:00Z","timeband_id":1147,"updated_tsz":"2024-07-27T17:51:54Z","links":[{"label":"More Info","type":"link","url":"https://www.se.community/schedule/"}],"end":"2024-08-10T01:00:00.000-0000","id":55829,"tag_ids":[46393,46641],"village_id":null,"begin_timestamp":{"seconds":1723217400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W317-W319","hotel":"","short_name":"W317-W319","id":46305},"spans_timebands":"N","begin":"2024-08-09T15:30:00.000-0000","updated":"2024-07-27T17:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Let’s Boop the ISS! Join the Lonely Hackers Club for an extraordinary experience where we’ll use our ham radios to attempt communication with astronauts aboard the International Space Station! We have tracked the orbital passes of the space station and calculated our best chance.\n\n\n","media":[],"title":"️ISSCON","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T17:30:00Z","end_timestamp":{"seconds":1723224600,"nanoseconds":0},"android_description":"Let’s Boop the ISS! Join the Lonely Hackers Club for an extraordinary experience where we’ll use our ham radios to attempt communication with astronauts aboard the International Space Station! We have tracked the orbital passes of the space station and calculated our best chance.","updated_timestamp":{"seconds":1722482898,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T15:15:00Z","timeband_id":1147,"updated_tsz":"2024-08-01T03:28:18Z","links":[],"end":"2024-08-09T17:30:00.000-0000","id":56317,"tag_ids":[46406,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723216500,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 (Floor 3) - Terrace","hotel":"","short_name":"Terrace","id":46475},"spans_timebands":"N","begin":"2024-08-09T15:15:00.000-0000","updated":"2024-08-01T03:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you find something that seems to have been lost, please take that item to the nearest NFO Node. The item will enter the DEF CON Lost & Found system. \r\n\r\nIf you've lost something, the only way to check on it (or reclaim it) is by going to the Lost & Found department yourself. The Lost & Found department is in room LVCC - L2 - W238. You may also call Lost & Found at [+1 (725) 377-5045](tel:+17253775045).\r\n\r\nThe Lost & Found department plans to be open Thursday - Saturday, during all hours that the conference operates. On Sunday, the Lost & Found department will open with the venue at 08:00, but will close at the beginning of DEF CON 32 Closing Ceremonies (15:00). Shortly thereafter, all remaining lost items will be transferred to the LVCC West Lobby Security Office. If you need to reach LVCC's West Lobby Security Office, you may call [+1 (702) 943-3532](tel:+17029433532).\n\n\n","media":[],"title":"Lost & Found","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-10T09:00:00Z","end_timestamp":{"seconds":1723280400,"nanoseconds":0},"android_description":"If you find something that seems to have been lost, please take that item to the nearest NFO Node. The item will enter the DEF CON Lost & Found system. \r\n\r\nIf you've lost something, the only way to check on it (or reclaim it) is by going to the Lost & Found department yourself. The Lost & Found department is in room LVCC - L2 - W238. You may also call Lost & Found at [+1 (725) 377-5045](tel:+17253775045).\r\n\r\nThe Lost & Found department plans to be open Thursday - Saturday, during all hours that the conference operates. On Sunday, the Lost & Found department will open with the venue at 08:00, but will close at the beginning of DEF CON 32 Closing Ceremonies (15:00). Shortly thereafter, all remaining lost items will be transferred to the LVCC West Lobby Security Office. If you need to reach LVCC's West Lobby Security Office, you may call [+1 (702) 943-3532](tel:+17029433532).","updated_timestamp":{"seconds":1722195318,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T15:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T19:35:18Z","links":[],"end":"2024-08-10T09:00:00.000-0000","id":55887,"tag_ids":[46362,46744],"village_id":null,"begin_timestamp":{"seconds":1723215600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W238 (Lost & Found)","hotel":"","short_name":"W238 (Lost & Found)","id":46338},"spans_timebands":"Y","begin":"2024-08-09T15:00:00.000-0000","updated":"2024-07-28T19:35:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"All merch sales are USD CASH ONLY. No cards will be accepted.\r\n\r\nThe published hours for the merch area are only an approximation: supplies are limited, and when merch is sold out, the merch area will close for the year. (We intend to update this schedule to reflect their true operating status, but this is strictly best-effort.) \r\n\r\nNote that the closing hours here are **when sales must have ended**. For example, if sales must end by 18:00, and we estimate that it will take 2 hours to clear the queue, doors are likely to close around 16:00. Because of this dynamic nature, we can't predict the length of the line or when doors will be closed.\n\n\n","media":[],"title":"Merch (formerly swag) Area Open -- README","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-10T01:00:00Z","end_timestamp":{"seconds":1723251600,"nanoseconds":0},"android_description":"All merch sales are USD CASH ONLY. No cards will be accepted.\r\n\r\nThe published hours for the merch area are only an approximation: supplies are limited, and when merch is sold out, the merch area will close for the year. (We intend to update this schedule to reflect their true operating status, but this is strictly best-effort.) \r\n\r\nNote that the closing hours here are **when sales must have ended**. For example, if sales must end by 18:00, and we estimate that it will take 2 hours to clear the queue, doors are likely to close around 16:00. Because of this dynamic nature, we can't predict the length of the line or when doors will be closed.","updated_timestamp":{"seconds":1722140898,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T15:00:00Z","timeband_id":1147,"updated_tsz":"2024-07-28T04:28:18Z","links":[],"end":"2024-08-10T01:00:00.000-0000","id":55853,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723215600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W212 (DEF CON Merch)","hotel":"","short_name":"W212 (DEF CON Merch)","id":46285},"spans_timebands":"N","begin":"2024-08-09T15:00:00.000-0000","updated":"2024-07-28T04:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Our human registration process this year will be very similar to previous years. Please be patient. All of the times listed here are **approximate**. \r\n\r\n# Basics\r\n\r\n### Who needs a badge?\r\n\r\nA badge is required for each human age 8 and older.\r\n\r\n### Human?\r\n\r\nYou are a human if you do not know otherwise. People that are not humans include goons, official speaker, village/community/contest/creator staff, press, black badge holders, or similar. If you are not a human, you need to register separately. If you don't know how, see an NFO goon (NFO Node, formerly known as an infobooth, is where you can get help). The remainder of this message applies only to humans.\r\n\r\n### Lines? Linecon?\r\n\r\nLinecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)\r\n\r\nOnline badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales. \r\n\r\nPlease help us make this a great experience for everyone by **following directions given by goons**. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join. \r\n\r\n# Ways to buy a badge\r\n\r\n- $480 [online purchase](https://shop.defcon.org/products/def-con-32-las-vegas-convention-center) until August 1, 2024. Tickets are transferable. Please read the details on the linked page.\r\n- $460 cash purchase on-site.\r\n- As part of a BlackHat registration.\r\n\r\n### Online Purchase\r\n\r\nYou will be emailed a QR code to the email address provided when you bought your badge. Please guard that QR code as though it is cash -- it can only be redeemed once, and anyone can redeem it if they have it (including a photo of it). Badges are picked-up on-site -- they will not be mailed or shipped.\r\n\r\nWe can scan the QR code either from your phone's display or from a printed copy. You **must** have the QR code with you in order to obtain your badge. As you approach the front of the line, if you are going to show your QR code on an electronic device, please ensure that your display is set to maximum brightness. \r\n\r\nIf you pre-registered, but ultimately are unable to attend DEF CON and want to cancel your purchase, the **only** way to get a refund is from the original online source. We are unable to provide any refunds on-site at DEF CON. There is a fee to have your badge canceled: $34 until July 15, and $84 on and after July 15.\r\n\r\nOnline purchases are provided a receipt via email when the purchase is made.\r\n\r\nOnline purchase -- often referred to as pre-registration -- does not allow you to skip any line/queue to pick up your badge. Once you arrive on-site, you will need to join the existing line for human registration. There may or may not be a dedicated line for pre-registration badge pickup, depending on when you arrive, how long the line is, available staff, etc.\r\n\r\n### Cash Purchase\r\n\r\nBadges will be available for purchase on-site at DEF CON. All badge sales are **cash only**. No checks, money orders, credit cards, etc., will be accepted. In order to keep the registration line moving as quickly as possible, please have **exact change** ready as you near the front of the line.\r\n\r\nThere are no refunds given for cash sales. If you have any doubt about your desire to buy a badge, please refrain from doing so.\r\n\r\nWe are unable to provide printed receipts at the time of the sale. A generic receipt for the cash sale of a badge will be made available on media.defcon.org after the conference. You are welcome to print your own copy of the receipt on plain paper.\r\n\r\n### Via BlackHat \r\n\r\nIf you attend BlackHat, it is possible to purchase a DEF CON badge with your BlackHat registration. If you did so, please get your DEF CON badge from BlackHat before they close. \r\n\r\nBlackHat should send you an email with instructions for how to obtain your DEF CON badge. In case you missed it, you can go to the second floor, at the concierge desk, halfway down Black Hat Blvd.\r\n\r\n# Misc\r\n\r\nWant to buy multiple badges? No problem! We're happy to sell you however many badges you want to pay for.\r\n\r\nIf you lose your badge, there is unfortunately no way for us to replace it. You'll have to buy a replacement at full price. Please don't lose your badge. :( \r\n\r\nIf you are being accompanied by a full-time caretaker (such as someone who will push your wheelchair, and will accompany you at all times), please ask to speak to a Registration Goon. Your caretaker will receive a paper badge that will permit them to accompany you everywhere you go.\r\n\r\n# Still need help?\r\n\r\nIf you have questions about anything regarding human registration that are not addressed here, please ask to speak to a Registration Goon.\n\n\n","media":[{"hash_sha256":"8a300e1ae98ec2a54a4a5b4a5378f42ca3196613b8cfeec201265c89f74bada7","filetype":"image/webp","hash_md5":"d5dca56d644276270ebb606349e06742","name":"defcon32preregistrationartc.webp","is_logo":"Y","hash_crc32c":"4ef042a8","filesize":249642,"asset_id":815,"sort_order":1,"url":"https://info.defcon.org/blobs/defcon32preregistrationartc.webp"}],"title":"Human Registration Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-10T03:00:00Z","end_timestamp":{"seconds":1723258800,"nanoseconds":0},"android_description":"Our human registration process this year will be very similar to previous years. Please be patient. All of the times listed here are **approximate**. \r\n\r\n# Basics\r\n\r\n### Who needs a badge?\r\n\r\nA badge is required for each human age 8 and older.\r\n\r\n### Human?\r\n\r\nYou are a human if you do not know otherwise. People that are not humans include goons, official speaker, village/community/contest/creator staff, press, black badge holders, or similar. If you are not a human, you need to register separately. If you don't know how, see an NFO goon (NFO Node, formerly known as an infobooth, is where you can get help). The remainder of this message applies only to humans.\r\n\r\n### Lines? Linecon?\r\n\r\nLinecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)\r\n\r\nOnline badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales. \r\n\r\nPlease help us make this a great experience for everyone by **following directions given by goons**. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join. \r\n\r\n# Ways to buy a badge\r\n\r\n- $480 [online purchase](https://shop.defcon.org/products/def-con-32-las-vegas-convention-center) until August 1, 2024. Tickets are transferable. Please read the details on the linked page.\r\n- $460 cash purchase on-site.\r\n- As part of a BlackHat registration.\r\n\r\n### Online Purchase\r\n\r\nYou will be emailed a QR code to the email address provided when you bought your badge. Please guard that QR code as though it is cash -- it can only be redeemed once, and anyone can redeem it if they have it (including a photo of it). Badges are picked-up on-site -- they will not be mailed or shipped.\r\n\r\nWe can scan the QR code either from your phone's display or from a printed copy. You **must** have the QR code with you in order to obtain your badge. As you approach the front of the line, if you are going to show your QR code on an electronic device, please ensure that your display is set to maximum brightness. \r\n\r\nIf you pre-registered, but ultimately are unable to attend DEF CON and want to cancel your purchase, the **only** way to get a refund is from the original online source. We are unable to provide any refunds on-site at DEF CON. There is a fee to have your badge canceled: $34 until July 15, and $84 on and after July 15.\r\n\r\nOnline purchases are provided a receipt via email when the purchase is made.\r\n\r\nOnline purchase -- often referred to as pre-registration -- does not allow you to skip any line/queue to pick up your badge. Once you arrive on-site, you will need to join the existing line for human registration. There may or may not be a dedicated line for pre-registration badge pickup, depending on when you arrive, how long the line is, available staff, etc.\r\n\r\n### Cash Purchase\r\n\r\nBadges will be available for purchase on-site at DEF CON. All badge sales are **cash only**. No checks, money orders, credit cards, etc., will be accepted. In order to keep the registration line moving as quickly as possible, please have **exact change** ready as you near the front of the line.\r\n\r\nThere are no refunds given for cash sales. If you have any doubt about your desire to buy a badge, please refrain from doing so.\r\n\r\nWe are unable to provide printed receipts at the time of the sale. A generic receipt for the cash sale of a badge will be made available on media.defcon.org after the conference. You are welcome to print your own copy of the receipt on plain paper.\r\n\r\n### Via BlackHat \r\n\r\nIf you attend BlackHat, it is possible to purchase a DEF CON badge with your BlackHat registration. If you did so, please get your DEF CON badge from BlackHat before they close. \r\n\r\nBlackHat should send you an email with instructions for how to obtain your DEF CON badge. In case you missed it, you can go to the second floor, at the concierge desk, halfway down Black Hat Blvd.\r\n\r\n# Misc\r\n\r\nWant to buy multiple badges? No problem! We're happy to sell you however many badges you want to pay for.\r\n\r\nIf you lose your badge, there is unfortunately no way for us to replace it. You'll have to buy a replacement at full price. Please don't lose your badge. :( \r\n\r\nIf you are being accompanied by a full-time caretaker (such as someone who will push your wheelchair, and will accompany you at all times), please ask to speak to a Registration Goon. Your caretaker will receive a paper badge that will permit them to accompany you everywhere you go.\r\n\r\n# Still need help?\r\n\r\nIf you have questions about anything regarding human registration that are not addressed here, please ask to speak to a Registration Goon.","updated_timestamp":{"seconds":1722991207,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T15:00:00Z","timeband_id":1147,"updated_tsz":"2024-08-07T00:40:07Z","links":[],"end":"2024-08-10T03:00:00.000-0000","id":54479,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723215600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"N","begin":"2024-08-09T15:00:00.000-0000","updated":"2024-08-07T00:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"At 6am on Friday, the @cycle_override crew will be hosting the 13th DEF CON Bikeride. We'll meet at a local bikeshop, get some rental bicycles, and about 7am will make the ride out to Red Rocks. It's about a 15 mile ride, all downhill on the return journey. So, if you are crazy enough to join us, get some water, and head over to cycleoverride.org for more info. See you at 6am Friday! @jp_bourget @gdead @heidishmoo.\n\n\n","media":[{"hash_sha256":"a3c9ea8716e99fd193aba0df0d895d86fa73d56fc43a6d8881f61429f7f7f723","filetype":"image/png","hash_md5":"92f33c53a49c8f11659bada4d73e1353","name":"pme_CycleOverride.png","is_logo":"Y","hash_crc32c":"8db54d64","filesize":126309,"asset_id":704,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_CycleOverride.png"}],"title":"CycleOverride DEF CON Bike Ride","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-09T13:00:00Z","end_timestamp":{"seconds":1723208400,"nanoseconds":0},"android_description":"At 6am on Friday, the @cycle_override crew will be hosting the 13th DEF CON Bikeride. We'll meet at a local bikeshop, get some rental bicycles, and about 7am will make the ride out to Red Rocks. It's about a 15 mile ride, all downhill on the return journey. So, if you are crazy enough to join us, get some water, and head over to cycleoverride.org for more info. See you at 6am Friday! @jp_bourget @gdead @heidishmoo.","updated_timestamp":{"seconds":1718994031,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T13:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-21T18:20:31Z","links":[{"label":"Twitter (@cycle_override)","type":"link","url":"https://twitter.com/cycle_override"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249645"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249644"},{"label":"More Info","type":"link","url":"https://cycleoverride.org"}],"end":"2024-08-09T13:00:00.000-0000","id":54568,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723208400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-09T13:00:00.000-0000","updated":"2024-06-21T18:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Thursday, Friday, Saturday and Sunday: 05:00 to 08:00, with random pop up meetings throughout the day in the con space.\r\n\r\nDefcon.run is an evolution of the now long running DEF CON 4x5K running event. Due to stupendous growth, we’ve been forced to change up the format. This year's activity will look to match up folks for fun runs, and rucks (!), in small distributed groups around Las Vegas. It’s the same old event but at a distributed scale!\r\n\r\nShow up in the morning, go for a run with folks, have a good time!\r\n\r\nWe’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances. Full Information at https://defcon.run\n\n\n","media":[],"title":"Defcon.run","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-09T15:00:00Z","end_timestamp":{"seconds":1723215600,"nanoseconds":0},"android_description":"Thursday, Friday, Saturday and Sunday: 05:00 to 08:00, with random pop up meetings throughout the day in the con space.\r\n\r\nDefcon.run is an evolution of the now long running DEF CON 4x5K running event. Due to stupendous growth, we’ve been forced to change up the format. This year's activity will look to match up folks for fun runs, and rucks (!), in small distributed groups around Las Vegas. It’s the same old event but at a distributed scale!\r\n\r\nShow up in the morning, go for a run with folks, have a good time!\r\n\r\nWe’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances. Full Information at https://defcon.run","updated_timestamp":{"seconds":1718813049,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T12:00:00Z","timeband_id":1147,"updated_tsz":"2024-06-19T16:04:09Z","links":[{"label":"More Info","type":"link","url":"https://defcon.run"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249585"}],"end":"2024-08-09T15:00:00.000-0000","id":54513,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723204800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-09T12:00:00.000-0000","updated":"2024-06-19T16:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"- 20:00 - 21:00 - Stitcharoo\r\n- 21:00 - 22:00 - Talk Sinn\r\n- 22:00 - 23:00 - deaddoll\r\n- 23:00 - 00:00 - CaptHz\r\n- 00:00 - 01:00 - Relay\r\n- 01:00 - 02:00 - Acid-T\n\n\n","media":[{"hash_sha256":"05600af1cc79ce88b1baa92a9bf09a687e1521d888c0de77ce0b7773b5f78678","filetype":"image/png","hash_md5":"d8e195f7aebdaec57129e4edba5c8c33","name":"dc32_ae_flyer_thursday.png","is_logo":"Y","hash_crc32c":"95465452","filesize":591174,"asset_id":817,"sort_order":1,"url":"https://info.defcon.org/blobs/dc32_ae_flyer_thursday.png"}],"title":"Music Set / Entertainment (Cyberpunk Bar Thursday, ACK Stage)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#2d40ff","name":"Entertainment","updated_tsz":"2024-08-04T15:14:13Z","id":46737},"end_tsz":"2024-08-09T09:00:00Z","end_timestamp":{"seconds":1723194000,"nanoseconds":0},"android_description":"- 20:00 - 21:00 - Stitcharoo\r\n- 21:00 - 22:00 - Talk Sinn\r\n- 22:00 - 23:00 - deaddoll\r\n- 23:00 - 00:00 - CaptHz\r\n- 00:00 - 01:00 - Relay\r\n- 01:00 - 02:00 - Acid-T","updated_timestamp":{"seconds":1721791227,"nanoseconds":0},"speakers":[{"content_ids":[55328],"conference_id":133,"event_ids":[55720],"name":"Acid-T","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55880},{"content_ids":[55328],"conference_id":133,"event_ids":[55720],"name":"CaptHz","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55883},{"content_ids":[55328],"conference_id":133,"event_ids":[55720],"name":"deaddoll","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55887},{"content_ids":[55328],"conference_id":133,"event_ids":[55720],"name":"Relay","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55908},{"content_ids":[55328],"conference_id":133,"event_ids":[55720],"name":"Stitcharoo","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55911},{"content_ids":[55328],"conference_id":133,"event_ids":[55720],"name":"Talk Sinn","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55913}],"begin_tsz":"2024-08-09T03:00:00Z","timeband_id":1146,"updated_tsz":"2024-07-24T03:20:27Z","links":[{"label":"Twitter (@defcon_music)","type":"link","url":"https://twitter.com/defcon_music"},{"label":"DEF CON Music Website","type":"link","url":"https://defconmusic.org"},{"label":"Instagram","type":"link","url":"https://www.instagram.com/defcon_music/"},{"label":"Mastodon (@Defcon_Music@defcon.social)","type":"link","url":"https://defcon.social/@Defcon_Music"}],"end":"2024-08-09T09:00:00.000-0000","id":55720,"tag_ids":[46737],"village_id":null,"begin_timestamp":{"seconds":1723172400,"nanoseconds":0},"includes":"","people":[{"tag_id":46486,"sort_order":2,"person_id":55913},{"tag_id":46486,"sort_order":4,"person_id":55911},{"tag_id":46486,"sort_order":6,"person_id":55908},{"tag_id":46486,"sort_order":8,"person_id":55887},{"tag_id":46486,"sort_order":10,"person_id":55883},{"tag_id":46486,"sort_order":12,"person_id":55880}],"tags":"","conference_id":133,"location":{"parent_id":46334,"name":"LVCC - L1 - North Lobby Contests/ACK Stage","hotel":"","short_name":"North Lobby Contests/ACK Stage","id":46332},"spans_timebands":"Y","begin":"2024-08-09T03:00:00.000-0000","updated":"2024-07-24T03:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"- 20:00 - 21:00 - Daemon Chadeau\r\n- 21:00 - 22:00 - DotOrNot\r\n- 22:00 - 23:00 - PatAttack\r\n- 23:00 - 00:00 - DJ Vulp\r\n- 00:00 - 01:00 - CTRL / rsm\r\n- 01:00 - 02:00 - Grind613\n\n\n","media":[{"hash_sha256":"05600af1cc79ce88b1baa92a9bf09a687e1521d888c0de77ce0b7773b5f78678","filetype":"image/png","hash_md5":"d8e195f7aebdaec57129e4edba5c8c33","name":"dc32_ae_flyer_thursday.png","is_logo":"Y","hash_crc32c":"95465452","filesize":591174,"asset_id":817,"sort_order":0,"url":"https://info.defcon.org/blobs/dc32_ae_flyer_thursday.png"}],"title":"Music Set / Entertainment (Thursday, SYN Stage)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-08-04T15:14+0000","color":"#2d40ff","name":"Entertainment","updated_tsz":"2024-08-04T15:14:13Z","id":46737},"end_tsz":"2024-08-09T09:00:00Z","end_timestamp":{"seconds":1723194000,"nanoseconds":0},"android_description":"- 20:00 - 21:00 - Daemon Chadeau\r\n- 21:00 - 22:00 - DotOrNot\r\n- 22:00 - 23:00 - PatAttack\r\n- 23:00 - 00:00 - DJ Vulp\r\n- 00:00 - 01:00 - CTRL / rsm\r\n- 01:00 - 02:00 - Grind613","updated_timestamp":{"seconds":1721791223,"nanoseconds":0},"speakers":[{"content_ids":[55323],"conference_id":133,"event_ids":[55715],"name":"CTRL / rsm","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55885},{"content_ids":[55323],"conference_id":133,"event_ids":[55715],"name":"Daemon Chadeau","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55886},{"content_ids":[55323],"conference_id":133,"event_ids":[55715],"name":"DJ Vulp","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55891},{"content_ids":[55323],"conference_id":133,"event_ids":[55715],"name":"DotOrNot","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55892},{"content_ids":[55323],"conference_id":133,"event_ids":[55715],"name":"Grind613","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55894},{"content_ids":[55323],"conference_id":133,"event_ids":[55715],"name":"PatAttack","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","links":[],"pronouns":null,"media":[],"id":55907}],"begin_tsz":"2024-08-09T03:00:00Z","timeband_id":1146,"updated_tsz":"2024-07-24T03:20:23Z","links":[{"label":"DEF CON Music Website","type":"link","url":"https://defconmusic.org"},{"label":"Twitter (@defcon_music)","type":"link","url":"https://twitter.com/defcon_music"},{"label":"Instagram","type":"link","url":"https://www.instagram.com/defcon_music/"},{"label":"Mastodon (@Defcon_Music@defcon.social)","type":"link","url":"https://defcon.social/@Defcon_Music"}],"end":"2024-08-09T09:00:00.000-0000","id":55715,"tag_ids":[46737],"village_id":null,"begin_timestamp":{"seconds":1723172400,"nanoseconds":0},"includes":"","people":[{"tag_id":46486,"sort_order":2,"person_id":55907},{"tag_id":46486,"sort_order":4,"person_id":55894},{"tag_id":46486,"sort_order":6,"person_id":55892},{"tag_id":46486,"sort_order":8,"person_id":55891},{"tag_id":46486,"sort_order":10,"person_id":55886},{"tag_id":46486,"sort_order":12,"person_id":55885}],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W231-W233 (Chillout 2)","hotel":"","short_name":"W231-W233 (Chillout 2)","id":46316},"spans_timebands":"Y","begin":"2024-08-09T03:00:00.000-0000","updated":"2024-07-24T03:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Join the local DC702 Group in this year's official DEF CON Meetup! The meetup will be casual and include typical meetup activities (e.g., socializing, \"challenges,\" lockpicking, etc.) and maybe a few little surprises. To stay up-to-date, check out dc702.space/dc32-meetup.\n\n\n","media":[{"hash_sha256":"0a2ec8b43317591c8e34ca3ad440567270db9db2937204aa2fe15864e75394a2","filetype":"image/png","hash_md5":"d5e1cf3f7e09b6c7bc6a396fac911630","name":"pme_dc702.png","is_logo":"Y","hash_crc32c":"61276d0f","filesize":111166,"asset_id":674,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_dc702.png"}],"title":"DC702","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-09T04:00:00Z","end_timestamp":{"seconds":1723176000,"nanoseconds":0},"android_description":"Join the local DC702 Group in this year's official DEF CON Meetup! The meetup will be casual and include typical meetup activities (e.g., socializing, \"challenges,\" lockpicking, etc.) and maybe a few little surprises. To stay up-to-date, check out dc702.space/dc32-meetup.","updated_timestamp":{"seconds":1718813292,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T02:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-19T16:08:12Z","links":[{"label":"Discord","type":"link","url":"https://discord.gg/dc702"},{"label":"Twitter (@its_dc702)","type":"link","url":"https://twitter.com/its_dc702"},{"label":"More Info","type":"link","url":"https://dc702.space"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249577"}],"end":"2024-08-09T04:00:00.000-0000","id":54519,"tag_ids":[46364],"village_id":null,"begin_timestamp":{"seconds":1723168800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W236","hotel":"","short_name":"W236","id":46293},"spans_timebands":"N","begin":"2024-08-09T02:00:00.000-0000","updated":"2024-06-19T16:08:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00\n\n\n","media":[],"title":"Friends of Bill W","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-09T01:00:00Z","end_timestamp":{"seconds":1723165200,"nanoseconds":0},"android_description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00","updated_timestamp":{"seconds":1718771079,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-09T00:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-19T04:24:39Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249486"}],"end":"2024-08-09T01:00:00.000-0000","id":54488,"tag_ids":[46364,46401],"village_id":null,"begin_timestamp":{"seconds":1723161600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W301","hotel":"","short_name":"W301","id":46295},"spans_timebands":"N","begin":"2024-08-09T00:00:00.000-0000","updated":"2024-06-19T04:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We start taking drives at 4:00pm local time on Thursday - possibly a little earlier. We'll keep accepting drives until we reach capacity (usually late Friday or early Saturday).  Then we copy and copy all the things until we just can't copy any more - first come, first served. Don't forget - some require 8TB drives now.  We run around the clock until we run out of time on Sunday morning with the last possible pickup being before 11:00am on Sunday.\r\n\r\n# About Us\r\n\r\nThe Data Duplication Village has all the updated bits and bytes available from infocon.org packed up into nice, neat packages. If you're looking for a copy of all the things, we've got what you need to fill up all your storage including a few nice hash tables and all of the DefCon talks. Add to that just about every other security con talk known to hacker-kind! Our village provides a \"free-to-you\" service of direct access to terabytes of useful data to help build those hacking skills and talk with other storage enthusiasts.\r\n\r\nCheck the schedule and/or dcddv.org for the most up-to-date information.\r\n\r\n## How It Works\r\n\r\nThe DDV provides a core set of drive duplicators and data content options. We accept 8TB and larger drives on a first come, first served basis and duplicate 'till we can no longer see straight. Bring in your blank SATA3 drives - check them in early - to get the data you want. Come back in about 24 hours to pick up your data-packed drive. Space allowing, we'll accept drives all the way through until Saturday morning - but remember, it's FIFO - get those drives in early!\r\n\r\n## What You Get\r\n\r\nWe're working on more content right up until the last minute so keep checking on dcddv.org for the latest. This year, we're adding new data to duplicate! Humans will be able to choose from the following data sources for duplication:\r\n\r\n- A) Infocon.org Archive - 6TB archive of all the past hacking convention videos that DT could find, built on last years collection and always adding more for your data consuming appetite.\r\n- B) Rainbow tables 1 of 3 - 6TB from freerainbowtables.com, the Lanman, MSQLSHA1, and NTLM hash tables plus freerainbowtables.com tools\r\n- C) Rainbow tables 2 of 3 - 6TB from freerainbowtables.com, the A5/1 GSM, and MD5 tables plus freerainbowtables.com tools\r\n- D) Vx Underground Archive - 8TB archive of the latest papers, samples, and code from Vx Underground\r\n- E) Rainbow tables 3 of 3 - 8TB of New NTLM-9 hash tables and a copy of the Infocon.org mirrors\r\n\n\n\n","media":[],"title":"DDV starts accepting drives for duplication","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#24B932","name":"Creator Event","updated_tsz":"2024-07-21T19:20:45Z","id":46641},"end_tsz":"2024-08-09T03:00:00Z","end_timestamp":{"seconds":1723172400,"nanoseconds":0},"android_description":"We start taking drives at 4:00pm local time on Thursday - possibly a little earlier. We'll keep accepting drives until we reach capacity (usually late Friday or early Saturday).  Then we copy and copy all the things until we just can't copy any more - first come, first served. Don't forget - some require 8TB drives now.  We run around the clock until we run out of time on Sunday morning with the last possible pickup being before 11:00am on Sunday.\r\n\r\n# About Us\r\n\r\nThe Data Duplication Village has all the updated bits and bytes available from infocon.org packed up into nice, neat packages. If you're looking for a copy of all the things, we've got what you need to fill up all your storage including a few nice hash tables and all of the DefCon talks. Add to that just about every other security con talk known to hacker-kind! Our village provides a \"free-to-you\" service of direct access to terabytes of useful data to help build those hacking skills and talk with other storage enthusiasts.\r\n\r\nCheck the schedule and/or dcddv.org for the most up-to-date information.\r\n\r\n## How It Works\r\n\r\nThe DDV provides a core set of drive duplicators and data content options. We accept 8TB and larger drives on a first come, first served basis and duplicate 'till we can no longer see straight. Bring in your blank SATA3 drives - check them in early - to get the data you want. Come back in about 24 hours to pick up your data-packed drive. Space allowing, we'll accept drives all the way through until Saturday morning - but remember, it's FIFO - get those drives in early!\r\n\r\n## What You Get\r\n\r\nWe're working on more content right up until the last minute so keep checking on dcddv.org for the latest. This year, we're adding new data to duplicate! Humans will be able to choose from the following data sources for duplication:\r\n\r\n- A) Infocon.org Archive - 6TB archive of all the past hacking convention videos that DT could find, built on last years collection and always adding more for your data consuming appetite.\r\n- B) Rainbow tables 1 of 3 - 6TB from freerainbowtables.com, the Lanman, MSQLSHA1, and NTLM hash tables plus freerainbowtables.com tools\r\n- C) Rainbow tables 2 of 3 - 6TB from freerainbowtables.com, the A5/1 GSM, and MD5 tables plus freerainbowtables.com tools\r\n- D) Vx Underground Archive - 8TB archive of the latest papers, samples, and code from Vx Underground\r\n- E) Rainbow tables 3 of 3 - 8TB of New NTLM-9 hash tables and a copy of the Infocon.org mirrors","updated_timestamp":{"seconds":1722478157,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T23:00:00Z","timeband_id":1146,"updated_tsz":"2024-08-01T02:09:17Z","links":[{"label":"More Info","type":"link","url":"https://dcddv.org/"}],"end":"2024-08-09T03:00:00.000-0000","id":55186,"tag_ids":[46378,46427,46641],"village_id":null,"begin_timestamp":{"seconds":1723158000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W225","hotel":"","short_name":"W225","id":46291},"spans_timebands":"N","begin":"2024-08-08T23:00:00.000-0000","updated":"2024-08-01T02:09:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Come by this informal mixer to meet others in the lgbtqia+ community who are a part of this wonderful world that is InfoSec. This is a safe and inclusive space to meet and talk to others with your shared experience and is a nice environment to network and unwind with a drink.\n\n\n","media":[{"hash_sha256":"2656c5ebc25f87c2aace541797f643642da570a63fff5f24da518c3d6d472944","filetype":"image/png","hash_md5":"ed87e0dc24f65f5259a7bdff54921872","name":"pme_queercon-mixer.png","is_logo":"Y","hash_crc32c":"f9440803","filesize":140037,"asset_id":682,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_queercon-mixer.png"}],"title":"QueerCon Mixer","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-09T01:00:00Z","end_timestamp":{"seconds":1723165200,"nanoseconds":0},"android_description":"Come by this informal mixer to meet others in the lgbtqia+ community who are a part of this wonderful world that is InfoSec. This is a safe and inclusive space to meet and talk to others with your shared experience and is a nice environment to network and unwind with a drink.","updated_timestamp":{"seconds":1718813154,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T23:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-19T16:05:54Z","links":[{"label":"Twitter (@queercon)","type":"link","url":"https://twitter.com/queercon"},{"label":"Discord","type":"link","url":"https://queercon.lgbt/discord"},{"label":"Website","type":"link","url":"https://queercon.org"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249580"}],"end":"2024-08-09T01:00:00.000-0000","id":54516,"tag_ids":[46364],"village_id":null,"begin_timestamp":{"seconds":1723158000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W231-W233 (Chillout 2)","hotel":"","short_name":"W231-W233 (Chillout 2)","id":46316},"spans_timebands":"N","begin":"2024-08-08T23:00:00.000-0000","updated":"2024-06-19T16:05:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The humans of Vegas invite you to our unofficial welcome party. Whether it's your 1st or 18th time, we're still in the EXACT SAME PLACE. Join us off-Strip in the shade for a volunteer-run grill and chill.\r\n\r\nWe stock the larder with the basics: burgers, dogs, meatless delights, and all the fixin's. You procure your favorite food, drinks, and sides to keep the party going. Volunteer for setup, grill-up, or clean-up. Most of all, show up and become a part of what makes Toxic BBQ the best place to start your con.\r\n\r\nCheck out https://www.toxicbbq.org for more news, and watch #ToxicBBQ for the latest info.\r\n\r\nOff-site at Sunset Park, Foxtail Pavilion\r\n\n\n\n","media":[{"hash_sha256":"d82a3aaff537d8eb0c4090fd1b2785b8f88de57da832f530214f47c8730836bf","filetype":"image/png","hash_md5":"8a573faae0261f1884a621629c635034","name":"pme_toxicbbq.png","is_logo":"Y","hash_crc32c":"e430b22b","filesize":123934,"asset_id":686,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_toxicbbq.png"}],"title":"Toxic BBQ","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-09T04:00:00Z","end_timestamp":{"seconds":1723176000,"nanoseconds":0},"android_description":"The humans of Vegas invite you to our unofficial welcome party. Whether it's your 1st or 18th time, we're still in the EXACT SAME PLACE. Join us off-Strip in the shade for a volunteer-run grill and chill.\r\n\r\nWe stock the larder with the basics: burgers, dogs, meatless delights, and all the fixin's. You procure your favorite food, drinks, and sides to keep the party going. Volunteer for setup, grill-up, or clean-up. Most of all, show up and become a part of what makes Toxic BBQ the best place to start your con.\r\n\r\nCheck out https://www.toxicbbq.org for more news, and watch #ToxicBBQ for the latest info.\r\n\r\nOff-site at Sunset Park, Foxtail Pavilion","updated_timestamp":{"seconds":1718812960,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T22:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-19T16:02:40Z","links":[{"label":"More Info","type":"link","url":"https://www.toxicbbq.org/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249587"}],"end":"2024-08-09T04:00:00.000-0000","id":54511,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723154400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-08T22:00:00.000-0000","updated":"2024-06-19T16:02:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Command and Control (C2) play a crucial role for Red Teams and Advanced Persistent Threats (APTs), establishing persistent access and control over targeted networks. This workshop offers an in-depth exploration of the C2 frameworks, with a specific focus on the open-source Empire framework. Participants will gain valuable insights into the deployment, features, and real-world application of C2 in offensive security. Attendees will learn how to leverage Empire to create, customize, and execute advanced attack scenarios, honing their skills as red team operators. \nThrough practical exercises, attendees will learn to navigate the Empire framework, from basic setup to deploying sophisticated C2 infrastructures. The workshop covers key aspects such as listener configurations, agent management, and the utilization of Empire's diverse modules for effective post-exploitation. A unique feature of this training is the inclusion of a mini Capture-The-Flag (CTF) challenge, offering participants a hands-on opportunity to apply their skills in a controlled, competitive environment. \nBy the conclusion of this workshop, participants will be equipped with the knowledge and skills to leverage the Empire framework effectively in their red team operations, enhancing their capabilities in conducting advanced cyber attacks and navigating the complexities of modern cybersecurity landscapes. \nKey Workshop Highlights: \nComprehensive Introduction to Empire: Gain a solid understanding of Empire's capabilities, setup procedures, and its role in modern offensive operations. \nHands-On Deployment and Configuration: Learn through doing, with exercises designed to build proficiency in configuring Empire, managing agents, and customizing listeners. \nAdvanced Attack Scenarios: Delve into sophisticated techniques for post-exploitation, credential harvesting, and evasion, enhancing your arsenal as a red team operator. \nReal-World Application: Translate workshop learnings into actionable skills through a mini CTF challenge, simulating real-world offensive scenarios in a cloud-hosted environment. \n\n\n","media":[],"title":"Long Live Empire: A C2 Workshop for Modern Red Teaming","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-09T01:00:00Z","end_timestamp":{"seconds":1723165200,"nanoseconds":0},"android_description":"Command and Control (C2) play a crucial role for Red Teams and Advanced Persistent Threats (APTs), establishing persistent access and control over targeted networks. This workshop offers an in-depth exploration of the C2 frameworks, with a specific focus on the open-source Empire framework. Participants will gain valuable insights into the deployment, features, and real-world application of C2 in offensive security. Attendees will learn how to leverage Empire to create, customize, and execute advanced attack scenarios, honing their skills as red team operators. \nThrough practical exercises, attendees will learn to navigate the Empire framework, from basic setup to deploying sophisticated C2 infrastructures. The workshop covers key aspects such as listener configurations, agent management, and the utilization of Empire's diverse modules for effective post-exploitation. A unique feature of this training is the inclusion of a mini Capture-The-Flag (CTF) challenge, offering participants a hands-on opportunity to apply their skills in a controlled, competitive environment. \nBy the conclusion of this workshop, participants will be equipped with the knowledge and skills to leverage the Empire framework effectively in their red team operations, enhancing their capabilities in conducting advanced cyber attacks and navigating the complexities of modern cybersecurity landscapes. \nKey Workshop Highlights: \nComprehensive Introduction to Empire: Gain a solid understanding of Empire's capabilities, setup procedures, and its role in modern offensive operations. \nHands-On Deployment and Configuration: Learn through doing, with exercises designed to build proficiency in configuring Empire, managing agents, and customizing listeners. \nAdvanced Attack Scenarios: Delve into sophisticated techniques for post-exploitation, credential harvesting, and evasion, enhancing your arsenal as a red team operator. \nReal-World Application: Translate workshop learnings into actionable skills through a mini CTF challenge, simulating real-world offensive scenarios in a cloud-hosted environment.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54216,54196],"conference_id":133,"event_ids":[54565,54589],"name":"Jake “Hubble” Krasnov","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"BC Security","title":"Red Team Operations Lead and Chief Executive Officer"}],"pronouns":null,"links":[{"description":"","title":"Blog","sort_order":0,"url":"https://www.bc-security.org/blog/"}],"media":[],"id":53742,"title":"Red Team Operations Lead and Chief Executive Officer at BC Security"},{"content_ids":[54216,55274],"conference_id":133,"event_ids":[55664,54589],"name":"Kevin \"Kent\" Clark","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"BC Security","title":"Red Team Instructor"},{"organization":"TrustedSec","title":"Security Consultant"}],"pronouns":null,"links":[{"description":"","title":"Blog","sort_order":0,"url":"https://henpeebin.com/kevin/blog"}],"media":[],"id":53853,"title":"Security Consultant at TrustedSec"},{"content_ids":[54216],"conference_id":133,"event_ids":[54589],"name":"Rey \"Privesc\" Bango","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":"Principal Cloud Advocate"}],"links":[],"pronouns":null,"media":[],"id":53863,"title":"Principal Cloud Advocate at Microsoft"}],"begin_tsz":"2024-08-08T21:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Krasnov_DC32.eventbrite.com"}],"end":"2024-08-09T01:00:00.000-0000","id":54589,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723150800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":53742},{"tag_id":46167,"sort_order":6,"person_id":53853},{"tag_id":46167,"sort_order":8,"person_id":53863}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Desert Inn","hotel":"","short_name":"Desert Inn","id":46328},"spans_timebands":"N","begin":"2024-08-08T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"In the 201 version of Hide your kids, turn off your Wi-Fi, they Rogue APing up in here, we will launch the next level of attacks using Rogue APs and other wireless tools. We will look into different ways to attack wireless networks and leverage credentials harvested to gain a foothold, PITM, deliver payloads, and demonstrate impact to the client. During the workshop we will walk through different attacks against OPEN, WPA2, and 802.1X networks. During the CTF participants will have the chance to attack a simulated client network to leverage the attacks learned during the workshop. We will be using EAPHAMMER, BERATE_AP, WIFIPUMPKIN3, BETTERCAP, and RESPONDER. This workshop will be at the Intermediate level(all skill levels welcome), participants should have a solid knowledge of Linux, 802.11, networking, and using virtual machines. It is recommended that all students use the provided VM.\n\n\n","media":[],"title":"Hide your kids, turn off your Wi-Fi, they Rogue APing up in here; 201","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-09T01:00:00Z","end_timestamp":{"seconds":1723165200,"nanoseconds":0},"android_description":"In the 201 version of Hide your kids, turn off your Wi-Fi, they Rogue APing up in here, we will launch the next level of attacks using Rogue APs and other wireless tools. We will look into different ways to attack wireless networks and leverage credentials harvested to gain a foothold, PITM, deliver payloads, and demonstrate impact to the client. During the workshop we will walk through different attacks against OPEN, WPA2, and 802.1X networks. During the CTF participants will have the chance to attack a simulated client network to leverage the attacks learned during the workshop. We will be using EAPHAMMER, BERATE_AP, WIFIPUMPKIN3, BETTERCAP, and RESPONDER. This workshop will be at the Intermediate level(all skill levels welcome), participants should have a solid knowledge of Linux, 802.11, networking, and using virtual machines. It is recommended that all students use the provided VM.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54215],"conference_id":133,"event_ids":[54588],"name":"James Hawk","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google Public Sector","title":"Senior Consultant, Proactive Services"}],"links":[],"pronouns":"he/him","media":[],"id":53847,"title":"Senior Consultant, Proactive Services at Google Public Sector"}],"begin_tsz":"2024-08-08T21:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Hawk_DC32.eventbrite.com"}],"end":"2024-08-09T01:00:00.000-0000","id":54588,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723150800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53847}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Sands","hotel":"","short_name":"Sands","id":46331},"spans_timebands":"N","begin":"2024-08-08T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Red and blue are two sides of the same coin. Offensive and defensive teams deliver the best results when working together; sharing knowledge, ideas, and understanding with each other. And a core part of this information exchange is understanding each respective perspective. This is the overarching theme of the workshop; attackers thinking like defenders, and defenders thinking like attackers.\r\n\r\nThis workshop is the second version of Flipping the Coin and features upgraded attack paths, and lab environments.\r\n\r\nBy the end of the workshop, attendees will:\r\n\r\n1. Understand and perform common offensive attacks (supported by the Metasploit Framework) against Windows Domains, including:\r\n- Pass the Hash attacks;\r\n- gMSA Golden Attack;\r\n- ADCS abuse;\r\n- Common tunnelling techniques;\r\n- PrintSpoofer exploits;\r\n- LSASS exploitation (using Mimikatz);\r\n- AD enumeration (using BloodHound);\r\n- DACL abuse;\r\n- Kerberos golden tickets; and\r\n- DLL hijacking.\r\n\r\n2. Understand the process of detecting attacks against Windows infrastructure, including how to design and implement their own detection rules based on attendees’ previous attacks, using:\r\n- Sigma/Yara rules.\r\n- Log ingestion/normalisation platforms, and query engines (e.g. ELK).\r\n\r\n3. Understand and appreciate how the actions and processes of red and blue teams are interlinked, for the greater collective good.\r\n\r\nRecommended (but not required) prior reading:\r\n- https://nooblinux.com/metasploit-tutorial/\r\n- https://posts.specterops.io/introducing-bloodhound-enterprise-attack-path-management-for-everyone-39cfd8d6eb7c\r\n- https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview\r\n- https://socprime.com/blog/sigma-rules-the-beginners-guide/\r\n- https://github.com/socprime/SigmaUI\r\n- https://blog.netwrix.com/2021/11/30/how-to-detect-pass-the-hash-attacks/\r\n- https://posts.specterops.io/certified-pre-owned-d95910965cd2\r\n- https://www.elastic.co/guide/en/security/current/suspicious-print-spooler-point-and-print-dll.html\r\n\r\nMuch of the material and core concepts of the workshop remain the same from the DEF CON 31 workshop with some updated topics for DEF CON 32, including an updated environment, and gMSA attacks within the lab.\r\n\n\n\n","media":[],"title":"Flipping the Coin: Red and Blue Teaming in Windows Environments (++)","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-09T01:00:00Z","end_timestamp":{"seconds":1723165200,"nanoseconds":0},"android_description":"Red and blue are two sides of the same coin. Offensive and defensive teams deliver the best results when working together; sharing knowledge, ideas, and understanding with each other. And a core part of this information exchange is understanding each respective perspective. This is the overarching theme of the workshop; attackers thinking like defenders, and defenders thinking like attackers.\r\n\r\nThis workshop is the second version of Flipping the Coin and features upgraded attack paths, and lab environments.\r\n\r\nBy the end of the workshop, attendees will:\r\n\r\n1. Understand and perform common offensive attacks (supported by the Metasploit Framework) against Windows Domains, including:\r\n- Pass the Hash attacks;\r\n- gMSA Golden Attack;\r\n- ADCS abuse;\r\n- Common tunnelling techniques;\r\n- PrintSpoofer exploits;\r\n- LSASS exploitation (using Mimikatz);\r\n- AD enumeration (using BloodHound);\r\n- DACL abuse;\r\n- Kerberos golden tickets; and\r\n- DLL hijacking.\r\n\r\n2. Understand the process of detecting attacks against Windows infrastructure, including how to design and implement their own detection rules based on attendees’ previous attacks, using:\r\n- Sigma/Yara rules.\r\n- Log ingestion/normalisation platforms, and query engines (e.g. ELK).\r\n\r\n3. Understand and appreciate how the actions and processes of red and blue teams are interlinked, for the greater collective good.\r\n\r\nRecommended (but not required) prior reading:\r\n- https://nooblinux.com/metasploit-tutorial/\r\n- https://posts.specterops.io/introducing-bloodhound-enterprise-attack-path-management-for-everyone-39cfd8d6eb7c\r\n- https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview\r\n- https://socprime.com/blog/sigma-rules-the-beginners-guide/\r\n- https://github.com/socprime/SigmaUI\r\n- https://blog.netwrix.com/2021/11/30/how-to-detect-pass-the-hash-attacks/\r\n- https://posts.specterops.io/certified-pre-owned-d95910965cd2\r\n- https://www.elastic.co/guide/en/security/current/suspicious-print-spooler-point-and-print-dll.html\r\n\r\nMuch of the material and core concepts of the workshop remain the same from the DEF CON 31 workshop with some updated topics for DEF CON 32, including an updated environment, and gMSA attacks within the lab.","updated_timestamp":{"seconds":1719543170,"nanoseconds":0},"speakers":[{"content_ids":[54214],"conference_id":133,"event_ids":[54587],"name":"Angus Strom","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Senior Security Engineer"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@0x10f2c_)","sort_order":0,"url":"https://twitter.com/0x10f2c_"}],"media":[],"id":53833,"title":"Senior Security Engineer"},{"content_ids":[54214,54217],"conference_id":133,"event_ids":[54587,54590],"name":"Troy Defty","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"","title":"Security Engineering Manager"}],"links":[],"pronouns":null,"media":[],"id":53872,"title":"Security Engineering Manager"}],"begin_tsz":"2024-08-08T21:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-28T02:52:50Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Strom_DC32.eventbrite.com"}],"end":"2024-08-09T01:00:00.000-0000","id":54587,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723150800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53833},{"tag_id":46167,"sort_order":1,"person_id":53872}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dean Martin","hotel":"","short_name":"Dean Martin","id":46327},"spans_timebands":"N","begin":"2024-08-08T21:00:00.000-0000","updated":"2024-06-28T02:52:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"The workshop will walk through a number of state of the art techniques used for detection and will show the process of thinking used to research and develop cutting-edge evasion techniques. We will dive deep into interesting aspects of Windows and AV internals with respect to malware development.\nThe focus will be on the mindset used to defeat security products starting with the analysis of a variety of detection mechanisms and ending with the final development of countermeasures. Moreover, the training will contain a number of live demonstrations to practically show how to apply those concepts and how to integrate them, showing how to develop evasive implants and post-exploitation tools.\nBy altering the fundamental rules of engagement, we can confound EDR systems and reshape their perception of the digital environment.\nThe workshop will dig deep into the internals of certain aspects of AV/EDRs and the Windows operating system to identify the area to exploit to lower the detection rate, it will involve the usage of Visual Studio and debuggers.\n\n\n","media":[],"title":"Dodging the EDR Bullet: A Workshop on Malware Stealth Tactics","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-09T01:00:00Z","end_timestamp":{"seconds":1723165200,"nanoseconds":0},"android_description":"The workshop will walk through a number of state of the art techniques used for detection and will show the process of thinking used to research and develop cutting-edge evasion techniques. We will dive deep into interesting aspects of Windows and AV internals with respect to malware development.\nThe focus will be on the mindset used to defeat security products starting with the analysis of a variety of detection mechanisms and ending with the final development of countermeasures. Moreover, the training will contain a number of live demonstrations to practically show how to apply those concepts and how to integrate them, showing how to develop evasive implants and post-exploitation tools.\nBy altering the fundamental rules of engagement, we can confound EDR systems and reshape their perception of the digital environment.\nThe workshop will dig deep into the internals of certain aspects of AV/EDRs and the Windows operating system to identify the area to exploit to lower the detection rate, it will involve the usage of Visual Studio and debuggers.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54213],"conference_id":133,"event_ids":[54586],"name":"Dimitri Di Cristofaro","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SECFORCE LTD","title":"Senior Security Consultant and Researcher"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@d_glenx)","sort_order":0,"url":"https://twitter.com/d_glenx"}],"media":[],"id":53837,"title":"Senior Security Consultant and Researcher at SECFORCE LTD"},{"content_ids":[54213],"conference_id":133,"event_ids":[54586],"name":"Giorgio \"gbyolo\" Bernardinetti","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"CNIT","title":"Lead Researcher, System Securitiy Division"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@gbyolo)","sort_order":0,"url":"https://twitter.com/gbyolo"}],"media":[],"id":53843,"title":"Lead Researcher, System Securitiy Division at CNIT"}],"begin_tsz":"2024-08-08T21:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Cristofaro_DC32.eventbrite.com"}],"end":"2024-08-09T01:00:00.000-0000","id":54586,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723150800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53837},{"tag_id":46167,"sort_order":1,"person_id":53843}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Frontier","hotel":"","short_name":"Frontier","id":46330},"spans_timebands":"N","begin":"2024-08-08T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Assembly language has a reputation for being intimidating, but once\nyou learn the basics--and know how to read the documentation for the\nrest--there's nothing you can't follow. There are many interesting\nfields of study in computer security that depend on the \"\"closer to the\nmetal\"\" knowledge you'll gain from learning to code in assembly:\n- Software reverse engineering\n- Vulnerability and exploit research\n- Malware/implant development\n- Digital forensics\n...among others. There is no substitute for the confidence that you\ngain from being able to research and understand computer systems at\nlower levels of abstraction.\nThe purpose of this workshop is to introduce Intel x64 assembly language to the attendees. We will be using the Microsoft Macro Assembler, and we will be examining our code step-by-step in the x64dbg debugger. No prior programming experience is required--we will be working on things from first principles. There will be few slides.\nConcepts will be presented primarily within the x64dbg environment, with a focus on experimentation and using primary documentation. Attendees can follow along with their own laptops and programming environments.\nWe will cover the following topics:\n- Assembling and linking code\n- The execution environment of x64 programs\n- Memory\n- Registers\n- A wide variety of instructions\n- Addressing modes\n- How to read instruction documentation in the Intel manuals\n- Moving data around\n- Stack operations\n- x64 ABI and calling conventions\n- Representing data\n- Integer math\n- Program flow: conditional execution, loops\n- Leveraging the Windows API\n- How to read MSDN articles on Windows API functions\n- Resources for reference and future learning\n\n\n","media":[],"title":"64-bit Intel Assembly Language Programming for Hackers","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-09T01:00:00Z","end_timestamp":{"seconds":1723165200,"nanoseconds":0},"android_description":"Assembly language has a reputation for being intimidating, but once\nyou learn the basics--and know how to read the documentation for the\nrest--there's nothing you can't follow. There are many interesting\nfields of study in computer security that depend on the \"\"closer to the\nmetal\"\" knowledge you'll gain from learning to code in assembly:\n- Software reverse engineering\n- Vulnerability and exploit research\n- Malware/implant development\n- Digital forensics\n...among others. There is no substitute for the confidence that you\ngain from being able to research and understand computer systems at\nlower levels of abstraction.\nThe purpose of this workshop is to introduce Intel x64 assembly language to the attendees. We will be using the Microsoft Macro Assembler, and we will be examining our code step-by-step in the x64dbg debugger. No prior programming experience is required--we will be working on things from first principles. There will be few slides.\nConcepts will be presented primarily within the x64dbg environment, with a focus on experimentation and using primary documentation. Attendees can follow along with their own laptops and programming environments.\nWe will cover the following topics:\n- Assembling and linking code\n- The execution environment of x64 programs\n- Memory\n- Registers\n- A wide variety of instructions\n- Addressing modes\n- How to read instruction documentation in the Intel manuals\n- Moving data around\n- Stack operations\n- x64 ABI and calling conventions\n- Representing data\n- Integer math\n- Program flow: conditional execution, loops\n- Leveraging the Windows API\n- How to read MSDN articles on Windows API functions\n- Resources for reference and future learning","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[55326,54479,54212],"conference_id":133,"event_ids":[55718,54585,54852],"name":"Wesley McGrew","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"MartinFederal","title":"Senior Cybersecurity Fellow"}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@mcgrew@defcon.social)","sort_order":0,"url":"https://defcon.social/@mcgrew"},{"description":"","title":"MixCloud","sort_order":0,"url":"https://www.mixcloud.com/wesmcgrew/stream/"},{"description":"","title":"Twitter (@McGrewSecurity)","sort_order":0,"url":"https://twitter.com/McGrewSecurity"}],"media":[],"id":54044,"title":"Senior Cybersecurity Fellow at MartinFederal"}],"begin_tsz":"2024-08-08T21:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://McGrew_DC32.eventbrite.com"}],"end":"2024-08-09T01:00:00.000-0000","id":54585,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723150800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":4,"person_id":54044}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dunes","hotel":"","short_name":"Dunes","id":46329},"spans_timebands":"N","begin":"2024-08-08T21:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Hybrid Contest\r\nOn-site Hours: Friday and Saturday 10:00-18:00; Sunday: 10:00-12:00\r\nBecomes available online Thursday 12:00\r\nOnline and In-Person platforms will close Sunday 12:00\r\nPlayers will only be able to turn in scavenger hunt items during On-site Hours.\r\n\r\nThis Pac-Man themed set of challenges takes Players on a journey through learning and demonstrating hacker and information security skills to earn points. With multiple subject-matter specific challenge groups and tracks, this hacker challenge game has something for everyone. You, dear Player, are Hac-Man (or Ms. Hac-Man, or Hac-Person), making your way through various dark mazes eating pellets, fruit, and ghosts. Each ghost represents a hacker puzzle or skills challenge. Upon completing each challenge, you’ll be awarded points and can continue on to attempt further challenges. Many challenges have unlockable hints and location information, which you can unlock by spending your collected fruit.\r\n\r\nThere is a leaderboard! As you collect points, you’ll show up on this leaderboard. The top 10 Players at the end of the game will be awarded various prizes from a prize pool.\n\n\n","media":[{"hash_sha256":"cc6847194df5b5f393d21dbe7eae61dd116d6ba9425fa3ecf526ffe8e72fcd79","filetype":"image/png","hash_md5":"a8e899829eca14ba61dacae2a6508d0a","name":"ct_hac-man_v2.png","is_logo":"Y","hash_crc32c":"e972f1c8","filesize":99075,"asset_id":782,"sort_order":1,"url":"https://info.defcon.org/blobs/ct_hac-man_v2.png"}],"title":"Hac-Man","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#904807","name":"Contest","updated_tsz":"2024-07-21T19:20:45Z","id":46439},"end_tsz":"2024-08-11T19:00:00Z","end_timestamp":{"seconds":1723402800,"nanoseconds":0},"android_description":"Hybrid Contest\r\nOn-site Hours: Friday and Saturday 10:00-18:00; Sunday: 10:00-12:00\r\nBecomes available online Thursday 12:00\r\nOnline and In-Person platforms will close Sunday 12:00\r\nPlayers will only be able to turn in scavenger hunt items during On-site Hours.\r\n\r\nThis Pac-Man themed set of challenges takes Players on a journey through learning and demonstrating hacker and information security skills to earn points. With multiple subject-matter specific challenge groups and tracks, this hacker challenge game has something for everyone. You, dear Player, are Hac-Man (or Ms. Hac-Man, or Hac-Person), making your way through various dark mazes eating pellets, fruit, and ghosts. Each ghost represents a hacker puzzle or skills challenge. Upon completing each challenge, you’ll be awarded points and can continue on to attempt further challenges. Many challenges have unlockable hints and location information, which you can unlock by spending your collected fruit.\r\n\r\nThere is a leaderboard! As you collect points, you’ll show up on this leaderboard. The top 10 Players at the end of the game will be awarded various prizes from a prize pool.","updated_timestamp":{"seconds":1722309229,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T19:00:00Z","timeband_id":1146,"updated_tsz":"2024-07-30T03:13:49Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249354"},{"label":"Discuss (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249355"},{"label":"More Info","type":"link","url":"https://scramble.roguesignal.io/GM_HACM24"}],"end":"2024-08-11T19:00:00.000-0000","id":56018,"tag_ids":[46426,46439,46769],"village_id":null,"begin_timestamp":{"seconds":1723143600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Virtual","hotel":"","short_name":"Virtual","id":46250},"spans_timebands":"Y","begin":"2024-08-08T19:00:00.000-0000","updated":"2024-07-30T03:13:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00\n\n\n","media":[],"title":"Friends of Bill W","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#b32f2c","name":"Meetup","updated_tsz":"2024-07-21T19:20:45Z","id":46364},"end_tsz":"2024-08-08T20:00:00Z","end_timestamp":{"seconds":1723147200,"nanoseconds":0},"android_description":"We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00","updated_timestamp":{"seconds":1718771079,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T19:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-19T04:24:39Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249486"}],"end":"2024-08-08T20:00:00.000-0000","id":54484,"tag_ids":[46364,46401],"village_id":null,"begin_timestamp":{"seconds":1723143600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46253,"name":"LVCC - L3 - W301","hotel":"","short_name":"W301","id":46295},"spans_timebands":"N","begin":"2024-08-08T19:00:00.000-0000","updated":"2024-06-19T04:24:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Learn and earn your Amateur (Ham) License @ DEF CON 32 with this free class offered by Dan KB6NU and the Ham Radio Village!\r\n\r\nAlways been interested in getting your ham license but never had the time to study? Now's your chance! The Ham Radio Village is offering a one-day class where you can learn all the required knowledge to pass the exam. \r\n\r\nTopics include:\r\n- Electrical Principles\r\n- Electronic principles and components\r\n- Radio and electromagnetic wave properties\r\n- Antennas and Feedlines\r\n- Amateur Radio Signals\r\n- Safety\r\n- Station Setup and Operation\r\n- Operating Procedures\r\n- Rules and Regulations\r\n\r\nAfter the class, you can earn your license by taking the exam (for free) at DEF CON on your choice of Friday, Saturday, or Sunday. (Online testing is also available post-conference)\r\n\r\nThe class will run from 10 A.M. to 5 P.M. on Thursday, August 8th at the Clark County Library** located nearby to the LVCC at 1401 E Flamingo Rd. A lunch break will be provided.\r\n\r\nBest of all, this class is completely free, thanks to a grant from the Amateur Radio Digital Communications. \r\n\r\nLast year, we sold out of capacity and had to turn folks away. We highly recommend placing a deposit to reserve your seat. The deposit will be refunded upon attendance of the class. \r\n\r\nNote: this event is not located at the Las Vegas Convention Center but at the nearby Clark County Library. If you're planning on taking public transit, it is directly served by bus routes CX, 109, 202. Free parking (with EV charging) is available onsite.\r\n\r\nClark County Library, 1401 E Flamingo Rd, Las Vegas, NV 89119 [Google Maps](https://maps.app.goo.gl/A4gvBNZFHKb7jpJT8) [Apple Maps](https://maps.apple.com/?address=1401%20E%20Flamingo%20Rd,%20Las%20Vegas,%20NV%20%2089119,%20United%20States&ll=36.113761,-115.134870&q=Clark%20County%20Library)\r\n\r\n**This program is not a Library District event. The views expressed and other information presented are solely those of the producing entity.**\r\n\n\n\n","media":[],"title":"Ham in a Day Class","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#752A1D","name":"Creator Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46734},"end_tsz":"2024-08-09T00:00:00Z","end_timestamp":{"seconds":1723161600,"nanoseconds":0},"android_description":"Learn and earn your Amateur (Ham) License @ DEF CON 32 with this free class offered by Dan KB6NU and the Ham Radio Village!\r\n\r\nAlways been interested in getting your ham license but never had the time to study? Now's your chance! The Ham Radio Village is offering a one-day class where you can learn all the required knowledge to pass the exam. \r\n\r\nTopics include:\r\n- Electrical Principles\r\n- Electronic principles and components\r\n- Radio and electromagnetic wave properties\r\n- Antennas and Feedlines\r\n- Amateur Radio Signals\r\n- Safety\r\n- Station Setup and Operation\r\n- Operating Procedures\r\n- Rules and Regulations\r\n\r\nAfter the class, you can earn your license by taking the exam (for free) at DEF CON on your choice of Friday, Saturday, or Sunday. (Online testing is also available post-conference)\r\n\r\nThe class will run from 10 A.M. to 5 P.M. on Thursday, August 8th at the Clark County Library** located nearby to the LVCC at 1401 E Flamingo Rd. A lunch break will be provided.\r\n\r\nBest of all, this class is completely free, thanks to a grant from the Amateur Radio Digital Communications. \r\n\r\nLast year, we sold out of capacity and had to turn folks away. We highly recommend placing a deposit to reserve your seat. The deposit will be refunded upon attendance of the class. \r\n\r\nNote: this event is not located at the Las Vegas Convention Center but at the nearby Clark County Library. If you're planning on taking public transit, it is directly served by bus routes CX, 109, 202. Free parking (with EV charging) is available onsite.\r\n\r\nClark County Library, 1401 E Flamingo Rd, Las Vegas, NV 89119 [Google Maps](https://maps.app.goo.gl/A4gvBNZFHKb7jpJT8) [Apple Maps](https://maps.apple.com/?address=1401%20E%20Flamingo%20Rd,%20Las%20Vegas,%20NV%20%2089119,%20United%20States&ll=36.113761,-115.134870&q=Clark%20County%20Library)\r\n\r\n**This program is not a Library District event. The views expressed and other information presented are solely those of the producing entity.**","updated_timestamp":{"seconds":1722185179,"nanoseconds":0},"speakers":[{"content_ids":[55433,55436],"conference_id":133,"event_ids":[55858,55861],"name":"Dan \"dan_kb6nu\" Romanchik","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Ham Radio Village","title":""}],"pronouns":"he/him","links":[{"description":"","title":"Mastodon (@kb6nu@mastodon.radio)","sort_order":0,"url":"https://mastodon.radio/@kb6nu"},{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/@kb6nu"},{"description":"","title":"Website","sort_order":0,"url":"https://www.kb6nu.com/"}],"media":[],"id":55974,"title":"Ham Radio Village"}],"begin_tsz":"2024-08-08T17:00:00Z","timeband_id":1146,"updated_tsz":"2024-07-28T16:46:19Z","links":[{"label":"More Info","type":"link","url":"https://hamvillage.org/dc32-hiad"}],"end":"2024-08-09T00:00:00.000-0000","id":55858,"tag_ids":[46380,46734],"village_id":null,"begin_timestamp":{"seconds":1723136400,"nanoseconds":0},"includes":"","people":[{"tag_id":46485,"sort_order":2,"person_id":55974}],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-08T17:00:00.000-0000","updated":"2024-07-28T16:46:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"DEF CON has made HDA a community, and we now have a community room! This room will be dedicated to the attendees with ADA needs, their friends, helpers, and anyone who wants to hang out and be social! So far we plan on providing charging stations, chill out sessions, an open call for a modular synth jam session, and more to come! Let's all work together to make DEFCON Awesomely Accessible!\r\n\r\n(Please note that on Thursday, we will be open only to provide assistance to those in need. Regular community programming will begin on Friday.)\r\n\r\nHang out, chill out deck out your mobility device and more!\n\n\n","media":[],"title":"HDA Community - Open for Accessibility Questions/Help","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-09T01:00:00Z","end_timestamp":{"seconds":1723165200,"nanoseconds":0},"android_description":"DEF CON has made HDA a community, and we now have a community room! This room will be dedicated to the attendees with ADA needs, their friends, helpers, and anyone who wants to hang out and be social! So far we plan on providing charging stations, chill out sessions, an open call for a modular synth jam session, and more to come! Let's all work together to make DEFCON Awesomely Accessible!\r\n\r\n(Please note that on Thursday, we will be open only to provide assistance to those in need. Regular community programming will begin on Friday.)\r\n\r\nHang out, chill out deck out your mobility device and more!","updated_timestamp":{"seconds":1722140938,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T17:00:00Z","timeband_id":1146,"updated_tsz":"2024-07-28T04:28:58Z","links":[{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/242670"},{"label":"Official HDA Policy","type":"link","url":"https://defcon.org/html/links/dc-hda.html"}],"end":"2024-08-09T01:00:00.000-0000","id":54570,"tag_ids":[46362,46404],"village_id":null,"begin_timestamp":{"seconds":1723136400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46251,"name":"LVCC - L1 - W110 (HDA)","hotel":"","short_name":"W110 (HDA)","id":46280},"spans_timebands":"N","begin":"2024-08-08T17:00:00.000-0000","updated":"2024-07-28T04:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Code obfuscation is fast becoming a normal part of modern Windows malware. Pioneered by Emotet and popularized by the Conti ransomware leaks, we now see even simple credential stealers using commercial grade code virtualization! The solution… if you can’t reverse it, just run it!\nIn this workshop we will cover different tracing techniques that can be used to bypass and extract information from protected code. The workshop is divided into modules covering tracing with x64dbg, dynamic binary instrumentation with PIN, and API tracing with DTrace. A challenge binary is provided with each module for students to practice and the final challenge is a real world malware sample that has been virtualized.\nThis workshop is aimed at reverse engineers and malware analysts who have experience analyzing malware and are comfortable with debugging in userland. If you don’t have experience with malware but you do have a few hours behind the debugger you should have no problem completing the workshop. \nStudents must bring a laptop/workstation capable of running a Windows Virtual Machine (VM) and a preinstalled Windows 10 (64bit) 20H1(or later) VM with at least 50G of free space. You will be provided with detailed tools installation and setup instructions prior to the workshop\n\n\n","media":[],"title":"Tracing The Pain Away - Practical Binary Tracing Techniques For Defeating Modern Malware Protections","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-08T20:00:00Z","end_timestamp":{"seconds":1723147200,"nanoseconds":0},"android_description":"Code obfuscation is fast becoming a normal part of modern Windows malware. Pioneered by Emotet and popularized by the Conti ransomware leaks, we now see even simple credential stealers using commercial grade code virtualization! The solution… if you can’t reverse it, just run it!\nIn this workshop we will cover different tracing techniques that can be used to bypass and extract information from protected code. The workshop is divided into modules covering tracing with x64dbg, dynamic binary instrumentation with PIN, and API tracing with DTrace. A challenge binary is provided with each module for students to practice and the final challenge is a real world malware sample that has been virtualized.\nThis workshop is aimed at reverse engineers and malware analysts who have experience analyzing malware and are comfortable with debugging in userland. If you don’t have experience with malware but you do have a few hours behind the debugger you should have no problem completing the workshop. \nStudents must bring a laptop/workstation capable of running a Windows Virtual Machine (VM) and a preinstalled Windows 10 (64bit) 20H1(or later) VM with at least 50G of free space. You will be provided with detailed tools installation and setup instructions prior to the workshop","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54211],"conference_id":133,"event_ids":[54584],"name":"Sean ","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"OpenAnalysis","title":"Co-founder"}],"links":[],"pronouns":null,"media":[],"id":53868,"title":"Co-founder at OpenAnalysis"},{"content_ids":[54211],"conference_id":133,"event_ids":[54584],"name":"Serrgei Frankoff","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"OpenAnalysis","title":"Co-founder"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@herrcore)","sort_order":0,"url":"https://twitter.com/herrcore"}],"media":[],"id":53870,"title":"Co-founder at OpenAnalysis"}],"begin_tsz":"2024-08-08T16:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Frankoff_DC32.eventbrite.com"}],"end":"2024-08-08T20:00:00.000-0000","id":54584,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723132800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53868},{"tag_id":46167,"sort_order":1,"person_id":53870}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Sands","hotel":"","short_name":"Sands","id":46331},"spans_timebands":"N","begin":"2024-08-08T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Supercharge SAST: Semgrep Strategies for Secure Software\" is a meticulously designed workshop aimed at introducing participants to the world of Static Application Security Testing (SAST) through the lens of Semgrep, a cutting-edge tool that combines the simplicity of syntax with the power of complex analysis. \nBefore the Training: Attendees are expected to have a basic understanding of programming concepts and syntax in a programming language such as JavaScript, Python, Go, or C#/Java. While familiarity with common security vulnerabilities (e.g., OWASP Top 10) is beneficial, it is not a prerequisite.To ensure a smooth and productive experience, participants should come equipped with a laptop that has administrative access for software installation. A pre-training checklist, including software installation guides (Semgrep and a preferred text editor/IDE), will be provided to all registered attendees to prepare them for the workshop. \nWhat You Will Learn: This workshop is structured to guide attendees from the foundational concepts of SAST and application security to the practical application of Semgrep for identifying and mitigating security risks in codebases.\nParticipants will: - Gain an understanding of SAST and its importance in the AppSec ecosystem. - Learn to navigate Semgrep’s rule syntax and create custom rules tailored to their specific security needs. - Engage in hands-on exercises to apply Semgrep on real-world code snippets and projects, enhancing their learning through practical application. - Explore the Semgrep Playground for testing and refining rules in an interactive environment. - Delve into advanced Semgrep features and techniques for a comprehensive security strategy. - Understand how Semgrep findings can be leveraged for LLM-based code analysis, taking code security to the next level. \nTechnical Level and Tools Used: This workshop is tailored for beginner to intermediate skill levels, focusing on practical, actionable insights that participants can immediately apply to their projects. The primary tool used will be Semgrep, supplemented by the Semgrep Playground for online rule testing. Instructions for installing necessary software and accessing online resources will be provided ahead of the workshop.\n\n\n","media":[],"title":"Supercharge SAST: Semgrep Strategies for Secure Software","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-08T20:00:00Z","end_timestamp":{"seconds":1723147200,"nanoseconds":0},"android_description":"Supercharge SAST: Semgrep Strategies for Secure Software\" is a meticulously designed workshop aimed at introducing participants to the world of Static Application Security Testing (SAST) through the lens of Semgrep, a cutting-edge tool that combines the simplicity of syntax with the power of complex analysis. \nBefore the Training: Attendees are expected to have a basic understanding of programming concepts and syntax in a programming language such as JavaScript, Python, Go, or C#/Java. While familiarity with common security vulnerabilities (e.g., OWASP Top 10) is beneficial, it is not a prerequisite.To ensure a smooth and productive experience, participants should come equipped with a laptop that has administrative access for software installation. A pre-training checklist, including software installation guides (Semgrep and a preferred text editor/IDE), will be provided to all registered attendees to prepare them for the workshop. \nWhat You Will Learn: This workshop is structured to guide attendees from the foundational concepts of SAST and application security to the practical application of Semgrep for identifying and mitigating security risks in codebases.\nParticipants will: - Gain an understanding of SAST and its importance in the AppSec ecosystem. - Learn to navigate Semgrep’s rule syntax and create custom rules tailored to their specific security needs. - Engage in hands-on exercises to apply Semgrep on real-world code snippets and projects, enhancing their learning through practical application. - Explore the Semgrep Playground for testing and refining rules in an interactive environment. - Delve into advanced Semgrep features and techniques for a comprehensive security strategy. - Understand how Semgrep findings can be leveraged for LLM-based code analysis, taking code security to the next level. \nTechnical Level and Tools Used: This workshop is tailored for beginner to intermediate skill levels, focusing on practical, actionable insights that participants can immediately apply to their projects. The primary tool used will be Semgrep, supplemented by the Semgrep Playground for online rule testing. Instructions for installing necessary software and accessing online resources will be provided ahead of the workshop.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54210],"conference_id":133,"event_ids":[54583],"name":"Arjun Gopalakrishna","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":"Senior Software Security Engineering Manager, Azure Security"}],"links":[],"pronouns":null,"media":[],"id":53834,"title":"Senior Software Security Engineering Manager, Azure Security at Microsoft"},{"content_ids":[54210],"conference_id":133,"event_ids":[54583],"name":"Gautam Peri","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":"Senior Security Engineer, EPSF SERPENT Team"}],"links":[],"pronouns":null,"media":[],"id":53842,"title":"Senior Security Engineer, EPSF SERPENT Team at Microsoft"},{"content_ids":[54210],"conference_id":133,"event_ids":[54583],"name":"Marcelo Ribeiro","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Microsoft","title":"Senior Offensive Security Engineer in Azure Security"}],"links":[],"pronouns":null,"media":[],"id":53855,"title":"Senior Offensive Security Engineer in Azure Security at Microsoft"}],"begin_tsz":"2024-08-08T16:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Gopalakrishna_DC32.eventbrite.com"}],"end":"2024-08-08T20:00:00.000-0000","id":54583,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723132800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53834},{"tag_id":46167,"sort_order":1,"person_id":53842},{"tag_id":46167,"sort_order":1,"person_id":53855}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dunes","hotel":"","short_name":"Dunes","id":46329},"spans_timebands":"N","begin":"2024-08-08T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Microsoft Configuration Manager, formerly SCCM (System Center Configuration Manager), is a powerful technology that has been used to deploy software to Windows systems in the majority of enterprise environments since it was released by Microsoft in 1994. Although SCCM has a high potential for abuse due to its privileged access to entire fleets of servers and workstations, it has not been heavily researched or leveraged by security professionals until recently, presumably due to the time-consuming installation process and learning curve. In this workshop, students will be provided access to a live environment that reflects an enterprise SCCM deployment, gain an understanding of how the different components of SCCM interact, and learn how to execute recently discovered attack primitives that can be used compromise SCCM clients, servers, and entire hierarchies. By completing both guided exercises and optional CTF challenges in this lab environment, students will learn how to demonstrate the impact of attack paths involving SCCM.\r\n\r\nBy the end of this workshop, participants will be able to:\r\n - understand the foundational concepts needed to attack and defend SCCM\r\n - understand SCCM defaults and configurations that can be abused\r\n - use SCCM to complete a realistic attack chain, including recon, privilege escalation, credential gathering, site takeover, and lateral movement\r\n - understand how to use offensive security tools to interact with SCCM, such as SCCMHunter, SharpSCCM, sccmwtf, PXEThief, and ntlmrelayx\r\n \r\nTo get the most out of this training, participants will benefit from reviewing the following resources, although they are not required:\r\n - Misconfiguration Manager (misconfigurationmanager.com)\r\n - System Center Configuration Manager Current Branch Unleashed, by Kerrie Meyler\r\n - Configuration Manager Terminology\r\n - Looking Inside Configuration Manager\r\n - Network Design\r\n - Client Management\r\n\r\nThis workshop is the second version of Flipping the Coin and features upgraded attack paths, and lab environments.\r\n\r\nBy the end of the workshop, attendees will:\r\n\r\n1. Understand and perform common offensive attacks (supported by the Metasploit Framework) against Windows Domains, including:\r\n - Pass the Hash attacks;\r\n - gMSA Golden Attack;\r\n - ADCS abuse;\r\n - Common tunnelling techniques;\r\n - PrintSpoofer exploits;\r\n - LSASS exploitation (using Mimikatz);\r\n - AD enumeration (using BloodHound);\r\n - DACL abuse;\r\n - Kerberos golden tickets; and\r\n - DLL hijacking.\r\n\r\n2. Understand the process of detecting attacks against Windows infrastructure, including how to design and implement their own detection rules based on attendees’ previous attacks, using:\r\n - Sigma/Yara rules.\r\n - Log ingestion/normalisation platforms, and query engines (e.g. ELK).\r\n\r\n3. Understand and appreciate how the actions and processes of red and blue teams are interlinked, for the greater collective good.\r\n\r\nRecommended (but not required) prior reading:\r\n\r\n - https://nooblinux.com/metasploit-tutorial/\r\n - https://posts.specterops.io/introducing-bloodhound-enterprise-attack-path-management-for-everyone-39cfd8d6eb7c\r\n - https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview\r\n - https://socprime.com/blog/sigma-rules-the-beginners-guide/\r\n - https://github.com/socprime/SigmaUI\r\n - https://blog.netwrix.com/2021/11/30/how-to-detect-pass-the-hash-attacks/\r\n - https://posts.specterops.io/certified-pre-owned-d95910965cd2\r\n - https://www.elastic.co/guide/en/security/current/suspicious-print-spooler-point-and-print-dll.html\r\n\r\nMuch of the material and core concepts of the workshop remain the same from the DEF CON 31 workshop with some updated topics for DEF CON 32, including an updated environment, and gMSA attacks within the lab.\r\n\r\nSince 2022, Chris, Duane, and Garrett have released a combined 8 blog posts and authored 3 tools (SharpSCCM, SCCMHunter, and Misconfiguration Manager) that demonstrate novel offensive techniques to abuse SCCM functionality.\r\n\n\n\n","media":[],"title":"Offensive SCCM: Abusing Microsoft's C2 Framework","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-08T20:00:00Z","end_timestamp":{"seconds":1723147200,"nanoseconds":0},"android_description":"Microsoft Configuration Manager, formerly SCCM (System Center Configuration Manager), is a powerful technology that has been used to deploy software to Windows systems in the majority of enterprise environments since it was released by Microsoft in 1994. Although SCCM has a high potential for abuse due to its privileged access to entire fleets of servers and workstations, it has not been heavily researched or leveraged by security professionals until recently, presumably due to the time-consuming installation process and learning curve. In this workshop, students will be provided access to a live environment that reflects an enterprise SCCM deployment, gain an understanding of how the different components of SCCM interact, and learn how to execute recently discovered attack primitives that can be used compromise SCCM clients, servers, and entire hierarchies. By completing both guided exercises and optional CTF challenges in this lab environment, students will learn how to demonstrate the impact of attack paths involving SCCM.\r\n\r\nBy the end of this workshop, participants will be able to:\r\n - understand the foundational concepts needed to attack and defend SCCM\r\n - understand SCCM defaults and configurations that can be abused\r\n - use SCCM to complete a realistic attack chain, including recon, privilege escalation, credential gathering, site takeover, and lateral movement\r\n - understand how to use offensive security tools to interact with SCCM, such as SCCMHunter, SharpSCCM, sccmwtf, PXEThief, and ntlmrelayx\r\n \r\nTo get the most out of this training, participants will benefit from reviewing the following resources, although they are not required:\r\n - Misconfiguration Manager (misconfigurationmanager.com)\r\n - System Center Configuration Manager Current Branch Unleashed, by Kerrie Meyler\r\n - Configuration Manager Terminology\r\n - Looking Inside Configuration Manager\r\n - Network Design\r\n - Client Management\r\n\r\nThis workshop is the second version of Flipping the Coin and features upgraded attack paths, and lab environments.\r\n\r\nBy the end of the workshop, attendees will:\r\n\r\n1. Understand and perform common offensive attacks (supported by the Metasploit Framework) against Windows Domains, including:\r\n - Pass the Hash attacks;\r\n - gMSA Golden Attack;\r\n - ADCS abuse;\r\n - Common tunnelling techniques;\r\n - PrintSpoofer exploits;\r\n - LSASS exploitation (using Mimikatz);\r\n - AD enumeration (using BloodHound);\r\n - DACL abuse;\r\n - Kerberos golden tickets; and\r\n - DLL hijacking.\r\n\r\n2. Understand the process of detecting attacks against Windows infrastructure, including how to design and implement their own detection rules based on attendees’ previous attacks, using:\r\n - Sigma/Yara rules.\r\n - Log ingestion/normalisation platforms, and query engines (e.g. ELK).\r\n\r\n3. Understand and appreciate how the actions and processes of red and blue teams are interlinked, for the greater collective good.\r\n\r\nRecommended (but not required) prior reading:\r\n\r\n - https://nooblinux.com/metasploit-tutorial/\r\n - https://posts.specterops.io/introducing-bloodhound-enterprise-attack-path-management-for-everyone-39cfd8d6eb7c\r\n - https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview\r\n - https://socprime.com/blog/sigma-rules-the-beginners-guide/\r\n - https://github.com/socprime/SigmaUI\r\n - https://blog.netwrix.com/2021/11/30/how-to-detect-pass-the-hash-attacks/\r\n - https://posts.specterops.io/certified-pre-owned-d95910965cd2\r\n - https://www.elastic.co/guide/en/security/current/suspicious-print-spooler-point-and-print-dll.html\r\n\r\nMuch of the material and core concepts of the workshop remain the same from the DEF CON 31 workshop with some updated topics for DEF CON 32, including an updated environment, and gMSA attacks within the lab.\r\n\r\nSince 2022, Chris, Duane, and Garrett have released a combined 8 blog posts and authored 3 tools (SharpSCCM, SCCMHunter, and Misconfiguration Manager) that demonstrate novel offensive techniques to abuse SCCM functionality.","updated_timestamp":{"seconds":1719546625,"nanoseconds":0},"speakers":[{"content_ids":[54209,54182],"conference_id":133,"event_ids":[54551,54582],"name":"Chris Thompson","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SpecterOps","title":"Principal Consultant"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@_Mayyhem)","sort_order":0,"url":"https://twitter.com/_Mayyhem"}],"media":[],"id":53730,"title":"Principal Consultant at SpecterOps"},{"content_ids":[54209],"conference_id":133,"event_ids":[54582],"name":"Duane Michael","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SpecterOps","title":"Managing Consultant"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@subat0mik)","sort_order":0,"url":"https://twitter.com/subat0mik"}],"media":[],"id":53838,"title":"Managing Consultant at SpecterOps"},{"content_ids":[54209,55299],"conference_id":133,"event_ids":[55689,54582],"name":"Garrett Foster","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"SpecterOps","title":"Senior Consultant"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@garrfoster)","sort_order":0,"url":"https://twitter.com/garrfoster"}],"media":[],"id":53878,"title":"Senior Consultant at SpecterOps"}],"begin_tsz":"2024-08-08T16:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-28T03:50:25Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Michael_DC32.eventbrite.com"}],"end":"2024-08-08T20:00:00.000-0000","id":54582,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723132800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":2,"person_id":53730},{"tag_id":46167,"sort_order":6,"person_id":53838},{"tag_id":46167,"sort_order":8,"person_id":53878}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Dean Martin","hotel":"","short_name":"Dean Martin","id":46327},"spans_timebands":"N","begin":"2024-08-08T16:00:00.000-0000","updated":"2024-06-28T03:50:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Connected medical device and medical device security assessments utilize a varying and wide range of practices, from reverse engineering to hardware exploitation. If you have ever been curious about how to get started, this is the class for you. We will be covering how to get started in Adversarial Medical Device testing, tooling, tactics, exploits and certain bypasses to restrictions you may encounter during testing these devices. Use the tactics learned to exploit devices within\nthe Device Lab!\n\n\n","media":[],"title":"Med Team vs Red Team: Intro into Medical Device Hacking","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-08T20:00:00Z","end_timestamp":{"seconds":1723147200,"nanoseconds":0},"android_description":"Connected medical device and medical device security assessments utilize a varying and wide range of practices, from reverse engineering to hardware exploitation. If you have ever been curious about how to get started, this is the class for you. We will be covering how to get started in Adversarial Medical Device testing, tooling, tactics, exploits and certain bypasses to restrictions you may encounter during testing these devices. Use the tactics learned to exploit devices within\nthe Device Lab!","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54208],"conference_id":133,"event_ids":[54581],"name":"Alex Delifer","affiliations":[],"updated_tsz":"2024-07-21T18:01:02Z","pronouns":null,"links":[{"description":"","title":"Twitter (@cheet)","sort_order":0,"url":"https://twitter.com/cheet"}],"media":[],"id":53830},{"content_ids":[54208,54577],"conference_id":133,"event_ids":[54581,54952],"name":"Michael \"v3ga\" Aguilar","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Secureworks Adversary Group","title":"Principle Consultant"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://linkedin.com/in/v3gahax"},{"description":"","title":"Twitter (@v3ga_hax )","sort_order":0,"url":"https://twitter.com/v3ga_hax "}],"media":[],"id":53858,"title":"Principle Consultant at Secureworks Adversary Group"}],"begin_tsz":"2024-08-08T16:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"More Info","type":"link","url":"https://www.villageb.io/catalyst-lab"},{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Aguilar_DC32.eventbrite.com"}],"end":"2024-08-08T20:00:00.000-0000","id":54581,"tag_ids":[46371,46427,46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723132800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53830},{"tag_id":46167,"sort_order":1,"person_id":53858}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Desert Inn","hotel":"","short_name":"Desert Inn","id":46328},"spans_timebands":"N","begin":"2024-08-08T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Threat actors skillfully deploy malware to evade detection, outmaneuvering traditional security tools. In this workshop, \"Dissecting Malware for Defense - Crafting Custom Yara Rules\", you'll harness the power of malware analysis and crowdsourced intelligence to build tailored Yara rules. These rules will supercharge your security systems, enabling you to detect emerging threats, enhance threat hunting, and accurately pinpoint malicious activity. This fast-paced course will guide you in mastering static and behavioral detections, empowering you to safeguard your organization. By the end, you'll expertly translate malware analysis insights into high-quality Yara rules, bolstering your defensive arsenal.\n\n\n","media":[],"title":"Dissecting Malware for Defense - Crafting Custom Yara Rules","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#86426F","name":"DEF CON Workshop","updated_tsz":"2024-07-21T19:20:45Z","id":46489},"end_tsz":"2024-08-08T20:00:00Z","end_timestamp":{"seconds":1723147200,"nanoseconds":0},"android_description":"Threat actors skillfully deploy malware to evade detection, outmaneuvering traditional security tools. In this workshop, \"Dissecting Malware for Defense - Crafting Custom Yara Rules\", you'll harness the power of malware analysis and crowdsourced intelligence to build tailored Yara rules. These rules will supercharge your security systems, enabling you to detect emerging threats, enhance threat hunting, and accurately pinpoint malicious activity. This fast-paced course will guide you in mastering static and behavioral detections, empowering you to safeguard your organization. By the end, you'll expertly translate malware analysis insights into high-quality Yara rules, bolstering your defensive arsenal.","updated_timestamp":{"seconds":1719533890,"nanoseconds":0},"speakers":[{"content_ids":[54207],"conference_id":133,"event_ids":[54580],"name":"Francisco Perdomo","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Security Engineer, VirusTotal Research Team"}],"links":[],"pronouns":null,"media":[],"id":53841,"title":"Security Engineer, VirusTotal Research Team at Google"},{"content_ids":[54207,54222],"conference_id":133,"event_ids":[54580,54595],"name":"Josh Stroschein","updated_tsz":"2024-07-21T18:01:02Z","affiliations":[{"organization":"Google","title":"Reverse Engineer, FLARE team"}],"pronouns":null,"links":[{"description":"","title":"Twitter (@jstrosch)","sort_order":0,"url":"https://twitter.com/jstrosch"}],"media":[],"id":53850,"title":"Reverse Engineer, FLARE team at Google"}],"begin_tsz":"2024-08-08T16:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-28T00:18:10Z","links":[{"label":"Eventbrite Registration - 2024-07-07 12:00 US/Pacific","type":"link","url":"https://Stroschein_DC32.eventbrite.com"}],"end":"2024-08-08T20:00:00.000-0000","id":54580,"tag_ids":[46429,46489],"village_id":null,"begin_timestamp":{"seconds":1723132800,"nanoseconds":0},"includes":"","people":[{"tag_id":46167,"sort_order":1,"person_id":53841},{"tag_id":46167,"sort_order":1,"person_id":53850}],"tags":"","conference_id":133,"location":{"parent_id":46303,"name":"Springhill Suites - Frontier","hotel":"","short_name":"Frontier","id":46330},"spans_timebands":"N","begin":"2024-08-08T16:00:00.000-0000","updated":"2024-06-28T00:18:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"All merch sales are USD CASH ONLY. No cards will be accepted.\r\n\r\nThe published hours for the merch area are only an approximation: supplies are limited, and when merch is sold out, the merch area will close for the year. (We intend to update this schedule to reflect their true operating status, but this is strictly best-effort.) \r\n\r\nNote that the closing hours here are **when sales must have ended**. For example, if sales must end by 18:00, and we estimate that it will take 2 hours to clear the queue, doors are likely to close around 16:00. Because of this dynamic nature, we can't predict the length of the line or when doors will be closed.\n\n\n","media":[],"title":"Merch (formerly swag) Area Open -- README","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-09T01:00:00Z","end_timestamp":{"seconds":1723165200,"nanoseconds":0},"android_description":"All merch sales are USD CASH ONLY. No cards will be accepted.\r\n\r\nThe published hours for the merch area are only an approximation: supplies are limited, and when merch is sold out, the merch area will close for the year. (We intend to update this schedule to reflect their true operating status, but this is strictly best-effort.) \r\n\r\nNote that the closing hours here are **when sales must have ended**. For example, if sales must end by 18:00, and we estimate that it will take 2 hours to clear the queue, doors are likely to close around 16:00. Because of this dynamic nature, we can't predict the length of the line or when doors will be closed.","updated_timestamp":{"seconds":1722140898,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T15:00:00Z","timeband_id":1146,"updated_tsz":"2024-07-28T04:28:18Z","links":[],"end":"2024-08-09T01:00:00.000-0000","id":55848,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723129200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W212 (DEF CON Merch)","hotel":"","short_name":"W212 (DEF CON Merch)","id":46285},"spans_timebands":"N","begin":"2024-08-08T15:00:00.000-0000","updated":"2024-07-28T04:28:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Our human registration process this year will be very similar to previous years. Please be patient. All of the times listed here are **approximate**. \r\n\r\n# Basics\r\n\r\n### Who needs a badge?\r\n\r\nA badge is required for each human age 8 and older.\r\n\r\n### Human?\r\n\r\nYou are a human if you do not know otherwise. People that are not humans include goons, official speaker, village/community/contest/creator staff, press, black badge holders, or similar. If you are not a human, you need to register separately. If you don't know how, see an NFO goon (NFO Node, formerly known as an infobooth, is where you can get help). The remainder of this message applies only to humans.\r\n\r\n### Lines? Linecon?\r\n\r\nLinecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)\r\n\r\nOnline badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales. \r\n\r\nPlease help us make this a great experience for everyone by **following directions given by goons**. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join. \r\n\r\n# Ways to buy a badge\r\n\r\n- $480 [online purchase](https://shop.defcon.org/products/def-con-32-las-vegas-convention-center) until August 1, 2024. Tickets are transferable. Please read the details on the linked page.\r\n- $460 cash purchase on-site.\r\n- As part of a BlackHat registration.\r\n\r\n### Online Purchase\r\n\r\nYou will be emailed a QR code to the email address provided when you bought your badge. Please guard that QR code as though it is cash -- it can only be redeemed once, and anyone can redeem it if they have it (including a photo of it). Badges are picked-up on-site -- they will not be mailed or shipped.\r\n\r\nWe can scan the QR code either from your phone's display or from a printed copy. You **must** have the QR code with you in order to obtain your badge. As you approach the front of the line, if you are going to show your QR code on an electronic device, please ensure that your display is set to maximum brightness. \r\n\r\nIf you pre-registered, but ultimately are unable to attend DEF CON and want to cancel your purchase, the **only** way to get a refund is from the original online source. We are unable to provide any refunds on-site at DEF CON. There is a fee to have your badge canceled: $34 until July 15, and $84 on and after July 15.\r\n\r\nOnline purchases are provided a receipt via email when the purchase is made.\r\n\r\nOnline purchase -- often referred to as pre-registration -- does not allow you to skip any line/queue to pick up your badge. Once you arrive on-site, you will need to join the existing line for human registration. There may or may not be a dedicated line for pre-registration badge pickup, depending on when you arrive, how long the line is, available staff, etc.\r\n\r\n### Cash Purchase\r\n\r\nBadges will be available for purchase on-site at DEF CON. All badge sales are **cash only**. No checks, money orders, credit cards, etc., will be accepted. In order to keep the registration line moving as quickly as possible, please have **exact change** ready as you near the front of the line.\r\n\r\nThere are no refunds given for cash sales. If you have any doubt about your desire to buy a badge, please refrain from doing so.\r\n\r\nWe are unable to provide printed receipts at the time of the sale. A generic receipt for the cash sale of a badge will be made available on media.defcon.org after the conference. You are welcome to print your own copy of the receipt on plain paper.\r\n\r\n### Via BlackHat \r\n\r\nIf you attend BlackHat, it is possible to purchase a DEF CON badge with your BlackHat registration. If you did so, please get your DEF CON badge from BlackHat before they close. \r\n\r\nBlackHat should send you an email with instructions for how to obtain your DEF CON badge. In case you missed it, you can go to the second floor, at the concierge desk, halfway down Black Hat Blvd.\r\n\r\n# Misc\r\n\r\nWant to buy multiple badges? No problem! We're happy to sell you however many badges you want to pay for.\r\n\r\nIf you lose your badge, there is unfortunately no way for us to replace it. You'll have to buy a replacement at full price. Please don't lose your badge. :( \r\n\r\nIf you are being accompanied by a full-time caretaker (such as someone who will push your wheelchair, and will accompany you at all times), please ask to speak to a Registration Goon. Your caretaker will receive a paper badge that will permit them to accompany you everywhere you go.\r\n\r\n# Still need help?\r\n\r\nIf you have questions about anything regarding human registration that are not addressed here, please ask to speak to a Registration Goon.\n\n\n","media":[{"hash_sha256":"8a300e1ae98ec2a54a4a5b4a5378f42ca3196613b8cfeec201265c89f74bada7","filetype":"image/webp","hash_md5":"d5dca56d644276270ebb606349e06742","name":"defcon32preregistrationartc.webp","is_logo":"Y","hash_crc32c":"4ef042a8","filesize":249642,"asset_id":815,"sort_order":1,"url":"https://info.defcon.org/blobs/defcon32preregistrationartc.webp"}],"title":"Human Registration Open","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-09T03:00:00Z","end_timestamp":{"seconds":1723172400,"nanoseconds":0},"android_description":"Our human registration process this year will be very similar to previous years. Please be patient. All of the times listed here are **approximate**. \r\n\r\n# Basics\r\n\r\n### Who needs a badge?\r\n\r\nA badge is required for each human age 8 and older.\r\n\r\n### Human?\r\n\r\nYou are a human if you do not know otherwise. People that are not humans include goons, official speaker, village/community/contest/creator staff, press, black badge holders, or similar. If you are not a human, you need to register separately. If you don't know how, see an NFO goon (NFO Node, formerly known as an infobooth, is where you can get help). The remainder of this message applies only to humans.\r\n\r\n### Lines? Linecon?\r\n\r\nLinecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)\r\n\r\nOnline badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales. \r\n\r\nPlease help us make this a great experience for everyone by **following directions given by goons**. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join. \r\n\r\n# Ways to buy a badge\r\n\r\n- $480 [online purchase](https://shop.defcon.org/products/def-con-32-las-vegas-convention-center) until August 1, 2024. Tickets are transferable. Please read the details on the linked page.\r\n- $460 cash purchase on-site.\r\n- As part of a BlackHat registration.\r\n\r\n### Online Purchase\r\n\r\nYou will be emailed a QR code to the email address provided when you bought your badge. Please guard that QR code as though it is cash -- it can only be redeemed once, and anyone can redeem it if they have it (including a photo of it). Badges are picked-up on-site -- they will not be mailed or shipped.\r\n\r\nWe can scan the QR code either from your phone's display or from a printed copy. You **must** have the QR code with you in order to obtain your badge. As you approach the front of the line, if you are going to show your QR code on an electronic device, please ensure that your display is set to maximum brightness. \r\n\r\nIf you pre-registered, but ultimately are unable to attend DEF CON and want to cancel your purchase, the **only** way to get a refund is from the original online source. We are unable to provide any refunds on-site at DEF CON. There is a fee to have your badge canceled: $34 until July 15, and $84 on and after July 15.\r\n\r\nOnline purchases are provided a receipt via email when the purchase is made.\r\n\r\nOnline purchase -- often referred to as pre-registration -- does not allow you to skip any line/queue to pick up your badge. Once you arrive on-site, you will need to join the existing line for human registration. There may or may not be a dedicated line for pre-registration badge pickup, depending on when you arrive, how long the line is, available staff, etc.\r\n\r\n### Cash Purchase\r\n\r\nBadges will be available for purchase on-site at DEF CON. All badge sales are **cash only**. No checks, money orders, credit cards, etc., will be accepted. In order to keep the registration line moving as quickly as possible, please have **exact change** ready as you near the front of the line.\r\n\r\nThere are no refunds given for cash sales. If you have any doubt about your desire to buy a badge, please refrain from doing so.\r\n\r\nWe are unable to provide printed receipts at the time of the sale. A generic receipt for the cash sale of a badge will be made available on media.defcon.org after the conference. You are welcome to print your own copy of the receipt on plain paper.\r\n\r\n### Via BlackHat \r\n\r\nIf you attend BlackHat, it is possible to purchase a DEF CON badge with your BlackHat registration. If you did so, please get your DEF CON badge from BlackHat before they close. \r\n\r\nBlackHat should send you an email with instructions for how to obtain your DEF CON badge. In case you missed it, you can go to the second floor, at the concierge desk, halfway down Black Hat Blvd.\r\n\r\n# Misc\r\n\r\nWant to buy multiple badges? No problem! We're happy to sell you however many badges you want to pay for.\r\n\r\nIf you lose your badge, there is unfortunately no way for us to replace it. You'll have to buy a replacement at full price. Please don't lose your badge. :( \r\n\r\nIf you are being accompanied by a full-time caretaker (such as someone who will push your wheelchair, and will accompany you at all times), please ask to speak to a Registration Goon. Your caretaker will receive a paper badge that will permit them to accompany you everywhere you go.\r\n\r\n# Still need help?\r\n\r\nIf you have questions about anything regarding human registration that are not addressed here, please ask to speak to a Registration Goon.","updated_timestamp":{"seconds":1722991207,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T15:00:00Z","timeband_id":1146,"updated_tsz":"2024-08-07T00:40:07Z","links":[],"end":"2024-08-09T03:00:00.000-0000","id":54478,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723129200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"N","begin":"2024-08-08T15:00:00.000-0000","updated":"2024-08-07T00:40:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"If you find something that seems to have been lost, please take that item to the nearest NFO Node. The item will enter the DEF CON Lost & Found system. \r\n\r\nIf you've lost something, the only way to check on it (or reclaim it) is by going to the Lost & Found department yourself. The Lost & Found department is in room LVCC - L2 - W238. You may also call Lost & Found at [+1 (725) 377-5045](tel:+17253775045).\r\n\r\nThe Lost & Found department plans to be open Thursday - Saturday, during all hours that the conference operates. On Sunday, the Lost & Found department will open with the venue at 08:00, but will close at the beginning of DEF CON 32 Closing Ceremonies (15:00). Shortly thereafter, all remaining lost items will be transferred to the LVCC West Lobby Security Office. If you need to reach LVCC's West Lobby Security Office, you may call [+1 (702) 943-3532](tel:+17029433532).\n\n\n","media":[],"title":"Lost & Found","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-09T09:00:00Z","end_timestamp":{"seconds":1723194000,"nanoseconds":0},"android_description":"If you find something that seems to have been lost, please take that item to the nearest NFO Node. The item will enter the DEF CON Lost & Found system. \r\n\r\nIf you've lost something, the only way to check on it (or reclaim it) is by going to the Lost & Found department yourself. The Lost & Found department is in room LVCC - L2 - W238. You may also call Lost & Found at [+1 (725) 377-5045](tel:+17253775045).\r\n\r\nThe Lost & Found department plans to be open Thursday - Saturday, during all hours that the conference operates. On Sunday, the Lost & Found department will open with the venue at 08:00, but will close at the beginning of DEF CON 32 Closing Ceremonies (15:00). Shortly thereafter, all remaining lost items will be transferred to the LVCC West Lobby Security Office. If you need to reach LVCC's West Lobby Security Office, you may call [+1 (702) 943-3532](tel:+17029433532).","updated_timestamp":{"seconds":1722195318,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T14:00:00Z","timeband_id":1146,"updated_tsz":"2024-07-28T19:35:18Z","links":[],"end":"2024-08-09T09:00:00.000-0000","id":55852,"tag_ids":[46362,46744],"village_id":null,"begin_timestamp":{"seconds":1723125600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":46252,"name":"LVCC - L2 - W238 (Lost & Found)","hotel":"","short_name":"W238 (Lost & Found)","id":46338},"spans_timebands":"Y","begin":"2024-08-08T14:00:00.000-0000","updated":"2024-07-28T19:35:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Thursday, Friday, Saturday and Sunday: 05:00 to 08:00, with random pop up meetings throughout the day in the con space.\r\n\r\nDefcon.run is an evolution of the now long running DEF CON 4x5K running event. Due to stupendous growth, we’ve been forced to change up the format. This year's activity will look to match up folks for fun runs, and rucks (!), in small distributed groups around Las Vegas. It’s the same old event but at a distributed scale!\r\n\r\nShow up in the morning, go for a run with folks, have a good time!\r\n\r\nWe’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances. Full Information at https://defcon.run\n\n\n","media":[],"title":"Defcon.run","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-08T15:00:00Z","end_timestamp":{"seconds":1723129200,"nanoseconds":0},"android_description":"Thursday, Friday, Saturday and Sunday: 05:00 to 08:00, with random pop up meetings throughout the day in the con space.\r\n\r\nDefcon.run is an evolution of the now long running DEF CON 4x5K running event. Due to stupendous growth, we’ve been forced to change up the format. This year's activity will look to match up folks for fun runs, and rucks (!), in small distributed groups around Las Vegas. It’s the same old event but at a distributed scale!\r\n\r\nShow up in the morning, go for a run with folks, have a good time!\r\n\r\nWe’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances. Full Information at https://defcon.run","updated_timestamp":{"seconds":1718813049,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T12:00:00Z","timeband_id":1146,"updated_tsz":"2024-06-19T16:04:09Z","links":[{"label":"More Info","type":"link","url":"https://defcon.run"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249585"}],"end":"2024-08-08T15:00:00.000-0000","id":54512,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723118400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-08T12:00:00.000-0000","updated":"2024-06-19T16:04:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Linecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)\r\n\r\nOnline badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales. \r\n\r\nPlease help us make this a great experience for everyone by **following directions given by goons**. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join. \r\n\r\nPlease also review the \"Human Registration Open\" event, and familiarize yourself with the **important notes** therein. \n\n\n","media":[],"title":"Linecon","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-08T13:00:00Z","end_timestamp":{"seconds":1723122000,"nanoseconds":0},"android_description":"Linecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)\r\n\r\nOnline badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales. \r\n\r\nPlease help us make this a great experience for everyone by **following directions given by goons**. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join. \r\n\r\nPlease also review the \"Human Registration Open\" event, and familiarize yourself with the **important notes** therein.","updated_timestamp":{"seconds":1719359470,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-08T00:00:00Z","timeband_id":1176,"updated_tsz":"2024-06-25T23:51:10Z","links":[],"end":"2024-08-08T13:00:00.000-0000","id":54482,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723075200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"LVCC West Hall","hotel":"","short_name":"LVCC West","id":46180},"spans_timebands":"Y","begin":"2024-08-08T00:00:00.000-0000","updated":"2024-06-25T23:51:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"Wednesday August 7th Registration usually opens at 11am\r\n\r\nOFFSITE: Pro Gun Vegas Address: 12801 US 95 South Boulder City, NV 89005\n\n\n","media":[{"hash_sha256":"7e4ee571a08a4b871cf596caafcfbd5b154fb5c0791b0b7e6a0cdd51ad48aea6","filetype":"image/png","hash_md5":"f4d625bd81e140c7cda3eb9872744bd3","name":"pme_defconshoot.png","is_logo":"Y","hash_crc32c":"df4beba2","filesize":23093,"asset_id":676,"sort_order":1,"url":"https://info.defcon.org/blobs/pme_defconshoot.png"}],"title":"The Unofficial DEF CON Shoot","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#3d5891","name":"Event","updated_tsz":"2024-07-21T19:20:45Z","id":46365},"end_tsz":"2024-08-07T18:00:00Z","end_timestamp":{"seconds":1723053600,"nanoseconds":0},"android_description":"Wednesday August 7th Registration usually opens at 11am\r\n\r\nOFFSITE: Pro Gun Vegas Address: 12801 US 95 South Boulder City, NV 89005","updated_timestamp":{"seconds":1718814051,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-07T18:00:00Z","timeband_id":1176,"updated_tsz":"2024-06-19T16:20:51Z","links":[{"label":"Website","type":"link","url":"https://deviating.net/firearms/defcon_shoot/"},{"label":"Sub-forum (DEF CON Forums)","type":"link","url":"https://forum.defcon.org/node/249552"}],"end":"2024-08-07T18:00:00.000-0000","id":54523,"tag_ids":[46365],"village_id":null,"begin_timestamp":{"seconds":1723053600,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-07T18:00:00.000-0000","updated":"2024-06-19T16:20:00.000-0000"},{"conference":"DEFCON32","timezone":"America/Los_Angeles","link":"","description":"There are a few things that we would like everyone to be aware of, leading up to DEF CON 32.\r\n\r\n## Sticker Policy\r\n\r\nWe have a beautiful culture of #stickerlife at DEF CON, and we hope that it can continue well into the future. Refer to the conference schedule for \"sticker swaps\". We're also putting up multiple sticker walls this year -- it was a hit last year, and we hope that having a couple of them will be even more awesome this year. \r\n\r\nThe LVCVA (Las Vegas Convention and Visitors Authority, owners of the LVCC) has a zero-tolerance policy with regard to adhering anything at all to their property, including stickers. Please DFIU. If you are caught adhering anything to LVCC property, you will likely be trespassed from the property by Las Vegas Police. Beyond stickers, you may also not use tape, sticky putty, tacks, or even non-stick clings. \r\n\r\n## Admission inspections and searches\r\n\r\nThe LVCC will not be searching or scanning people or bags entering the facility.\r\n\r\n## Money\r\n\r\nAs always, human badges (that were not pre-purchased) are exclusively sold using **cash (US currency)**. Merch is the same. No credit cards, debit cards, mobile payments, cryptocurrency, or any means other than USD cash will be accepted at either human registration or DEF CON Merch. We recommend bringing cash with you: there are only two ATMs inside the LVCC.\r\n\r\nFood and beverage operations inside the LVCC, including the food court and bars, only accept cards and mobile payments. **You cannot use cash to purchase food or beverage inside the LVCC.**\r\n\r\nVendors are permitted to conduct transactions via whatever means they choose. We do not have a list of which vendors are accepting cash vs card.\r\n\r\n## Water\r\n\r\nThe LVCC has many modern water-bottle filling stations, so free water will be readily available for those who bring their own reusable water bottles.\r\n\r\n## DCTV\r\n\r\nDCTV will exclusively be streaming online this year, and will not be available on any hotel TV channels.\r\n\r\n## Outside food and beverage\r\n\r\nLVCC prohibits attendees from bringing outside food and beverage into the convention center, except in cases of medical or dietary necessity.\r\n\r\n## Photography policy\r\n\r\nPublic photography is allowed*. It’s okay to take photos of your friends if they’re cool with it. We’ve setup several “selfie spots” that are amazing art pieces created specifically for the yearly theme where you can take cool photos.\r\n\r\nWe want you to take consenting photos of each other and we want others to see the wide range of attendees we have at DEF CON having a good time. What we don’t want to see are group shots taken without consent/warning, images taken by the press, video of people standing in lines, etc.\r\n\r\n**Official Press & DEF CON Policy Village rules may differ, please refer to them.** At DEF CON you may see our official photography goons capturing the uniqueness that is to be expected at DEF CON; they adhere to our photo policy.\r\n\r\nGroups & individuals participating in public on stage (events, contests, or activities) are allowed* to be photographed.\r\n\r\nPhotography in the CTF room is NOT permitted without consent of the individuals to be photographed.\r\n\r\n**Crowd shots are VERY discouraged**, if so desired you must alert the crowd to give them time to opt out. For example: \" Hey, I'm taking a photo, if you don't want to be in it hide your face\" .\r\n\r\nTaking photos of people in hallways, lines, hanging out, at random, is not allowed without consent. Respect the rights of the individual not to be photographed. Deletion of photos can be requested by staff.\r\n\r\nWhen taking pictures of your friends please use “portrait mode” because this will blur the picture background, respecting the privacy of those inadvertently captured.\r\n\r\nNOTE: It is permissible to record violations of the DEF CON CoC to share with our safety team (link) to help us investigate and take action.\r\n\r\n* We reserve the right to revoke an individual's permission to photograph, at any time, on a case by case basis. Failure to comply can result in revocation of admission without refund.\n\n\n","media":[],"title":"Important Message","type":{"conference_id":133,"conference":"DEFCON32","updated_at":"2024-07-21T19:20+0000","color":"#9e33ca","name":"Misc","updated_tsz":"2024-07-21T19:20:45Z","id":46362},"end_tsz":"2024-08-07T07:00:00Z","end_timestamp":{"seconds":1723014000,"nanoseconds":0},"android_description":"There are a few things that we would like everyone to be aware of, leading up to DEF CON 32.\r\n\r\n## Sticker Policy\r\n\r\nWe have a beautiful culture of #stickerlife at DEF CON, and we hope that it can continue well into the future. Refer to the conference schedule for \"sticker swaps\". We're also putting up multiple sticker walls this year -- it was a hit last year, and we hope that having a couple of them will be even more awesome this year. \r\n\r\nThe LVCVA (Las Vegas Convention and Visitors Authority, owners of the LVCC) has a zero-tolerance policy with regard to adhering anything at all to their property, including stickers. Please DFIU. If you are caught adhering anything to LVCC property, you will likely be trespassed from the property by Las Vegas Police. Beyond stickers, you may also not use tape, sticky putty, tacks, or even non-stick clings. \r\n\r\n## Admission inspections and searches\r\n\r\nThe LVCC will not be searching or scanning people or bags entering the facility.\r\n\r\n## Money\r\n\r\nAs always, human badges (that were not pre-purchased) are exclusively sold using **cash (US currency)**. Merch is the same. No credit cards, debit cards, mobile payments, cryptocurrency, or any means other than USD cash will be accepted at either human registration or DEF CON Merch. We recommend bringing cash with you: there are only two ATMs inside the LVCC.\r\n\r\nFood and beverage operations inside the LVCC, including the food court and bars, only accept cards and mobile payments. **You cannot use cash to purchase food or beverage inside the LVCC.**\r\n\r\nVendors are permitted to conduct transactions via whatever means they choose. We do not have a list of which vendors are accepting cash vs card.\r\n\r\n## Water\r\n\r\nThe LVCC has many modern water-bottle filling stations, so free water will be readily available for those who bring their own reusable water bottles.\r\n\r\n## DCTV\r\n\r\nDCTV will exclusively be streaming online this year, and will not be available on any hotel TV channels.\r\n\r\n## Outside food and beverage\r\n\r\nLVCC prohibits attendees from bringing outside food and beverage into the convention center, except in cases of medical or dietary necessity.\r\n\r\n## Photography policy\r\n\r\nPublic photography is allowed*. It’s okay to take photos of your friends if they’re cool with it. We’ve setup several “selfie spots” that are amazing art pieces created specifically for the yearly theme where you can take cool photos.\r\n\r\nWe want you to take consenting photos of each other and we want others to see the wide range of attendees we have at DEF CON having a good time. What we don’t want to see are group shots taken without consent/warning, images taken by the press, video of people standing in lines, etc.\r\n\r\n**Official Press & DEF CON Policy Village rules may differ, please refer to them.** At DEF CON you may see our official photography goons capturing the uniqueness that is to be expected at DEF CON; they adhere to our photo policy.\r\n\r\nGroups & individuals participating in public on stage (events, contests, or activities) are allowed* to be photographed.\r\n\r\nPhotography in the CTF room is NOT permitted without consent of the individuals to be photographed.\r\n\r\n**Crowd shots are VERY discouraged**, if so desired you must alert the crowd to give them time to opt out. For example: \" Hey, I'm taking a photo, if you don't want to be in it hide your face\" .\r\n\r\nTaking photos of people in hallways, lines, hanging out, at random, is not allowed without consent. Respect the rights of the individual not to be photographed. Deletion of photos can be requested by staff.\r\n\r\nWhen taking pictures of your friends please use “portrait mode” because this will blur the picture background, respecting the privacy of those inadvertently captured.\r\n\r\nNOTE: It is permissible to record violations of the DEF CON CoC to share with our safety team (link) to help us investigate and take action.\r\n\r\n* We reserve the right to revoke an individual's permission to photograph, at any time, on a case by case basis. Failure to comply can result in revocation of admission without refund.","updated_timestamp":{"seconds":1723249717,"nanoseconds":0},"speakers":[],"begin_tsz":"2024-08-07T07:00:00Z","timeband_id":1176,"updated_tsz":"2024-08-10T00:28:37Z","links":[],"end":"2024-08-07T07:00:00.000-0000","id":56569,"tag_ids":[46362],"village_id":null,"begin_timestamp":{"seconds":1723014000,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":133,"location":{"parent_id":0,"name":"Other / See Description","hotel":"","short_name":"Other / See Description","id":46315},"spans_timebands":"N","begin":"2024-08-07T07:00:00.000-0000","updated":"2024-08-10T00:28:00.000-0000"}] \ No newline at end of file diff --git a/docs/ht/index.json b/docs/ht/index.json index a36f96a..0d59df8 100644 --- a/docs/ht/index.json +++ b/docs/ht/index.json @@ -1 +1 @@ -[{"end_timestamp_str":"2024-08-12T06:59:59+00:00","end_date":"2024-08-11","supportdoc":"","code":"DEFCON32","start_timestamp":{"seconds":1723100400,"nanoseconds":0},"timezone":"America/Los_Angeles","link":"","description":"","conference_id":133,"end_timestamp":{"seconds":1723445999,"nanoseconds":0},"start_timestamp_str":"2024-08-08T07:00:00+00:00","home_menu_id":117,"codeofconduct":"","name":"DEF CON 32","id":133,"start_date":"2024-08-08","hidden":false,"kickoff_timestamp":{"seconds":1723222800,"nanoseconds":0},"kickoff_timestamp_str":"2024-08-09T17:00:00+00:00","feedbackform_ratelimit_seconds":60,"kickoff_tsz":"2024-08-09T17:00:00Z","begin_tsz":"2024-08-08T07:00:00Z","end_tsz":"2024-08-12T06:59:59Z","tagline_text":"Welcome to DEF CON - the largest hacker conference in the world.","merch_mandatory_acknowledgement":"All sales are **CASH ONLY**. Prices include Nevada State Sales Tax.","merch_tax_statement":"Prices include Nevada State Sales Tax.","enable_merch_cart":true,"enable_merch":true,"maps":[{"file":"dc-32-map-public-v3.pdf","filename":"dc-32-map-public-v3.pdf","name":"LVCC","description":"LVCC","name_text":"LVCC","id":100,"sort_order":3,"url":"https://info.defcon.org/blobs/dc-32-map-public-v3.pdf"},{"file":"vegas_loop_map.pdf","filename":"vegas_loop_map.pdf","name":"Loop Map","description":"Loop Map","name_text":"Loop Map","id":103,"sort_order":4,"url":"https://firebasestorage.googleapis.com/v0/b/junctor-hackertracker.appspot.com/o/DEFCON32%2Fvegas_loop_map.pdf?alt=media"}],"updated_at":{"seconds":1723400501,"nanoseconds":90560000}},{"end_timestamp_str":"2024-08-08T06:59:59+00:00","end_date":"2024-08-07","supportdoc":"","kickoff_timestamp":{"seconds":1722960000,"nanoseconds":0},"enable_merch":false,"code":"BSIDESLV2024","start_timestamp":{"seconds":1722927600,"nanoseconds":0},"timezone":"America/Los_Angeles","link":"","description":"","kickoff_timestamp_str":"2024-08-06T16:00:00+00:00","enable_merch_cart":false,"conference_id":150,"end_timestamp":{"seconds":1723100399,"nanoseconds":0},"start_timestamp_str":"2024-08-06T07:00:00+00:00","home_menu_id":135,"codeofconduct":"","name":"BSidesLV 2024","feedbackform_ratelimit_seconds":60,"tagline_text":null,"id":150,"start_date":"2024-08-06","hidden":false,"kickoff_tsz":"2024-08-06T16:00:00Z","begin_tsz":"2024-08-06T07:00:00Z","end_tsz":"2024-08-08T06:59:59Z","merch_mandatory_acknowledgement":"","merch_tax_statement":"","maps":[{"filename":"bsideslv.map.tuscany.2024.pdf","file":"bsideslv.map.tuscany.2024.pdf","name":"Tuscany","description":"Tuscany","name_text":"Tuscany","id":101,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/junctor-hackertracker.appspot.com/o/BSIDESLV2024%2Fbsideslv.map.tuscany.2024.pdf?alt=media"},{"filename":"bsideslv.map.platinum.2024.pdf","file":"bsideslv.map.platinum.2024.pdf","name":"Platinum","description":"Platinum","name_text":"Platinum","id":102,"sort_order":2,"url":"https://firebasestorage.googleapis.com/v0/b/junctor-hackertracker.appspot.com/o/BSIDESLV2024%2Fbsideslv.map.platinum.2024.pdf?alt=media"}],"updated_at":{"seconds":1722974807,"nanoseconds":274977000}},{"end_timestamp_str":"2024-08-12T06:59:59+00:00","end_date":"2024-08-11","supportdoc":"","kickoff_timestamp":{"seconds":1722841200,"nanoseconds":0},"enable_merch":false,"code":"HSCPARTIES2024","maps":[],"start_timestamp":{"seconds":1722841200,"nanoseconds":0},"timezone":"America/Los_Angeles","link":"","description":"","kickoff_timestamp_str":"2024-08-05T07:00:00+00:00","enable_merch_cart":false,"conference_id":149,"end_timestamp":{"seconds":1723445999,"nanoseconds":0},"start_timestamp_str":"2024-08-05T07:00:00+00:00","home_menu_id":134,"codeofconduct":"","name":"Hacker Summer Camp Parties","tagline_text":null,"id":149,"start_date":"2024-08-05","hidden":false,"kickoff_tsz":"2024-08-05T07:00:00Z","begin_tsz":"2024-08-05T07:00:00Z","feedbackform_ratelimit_seconds":60,"end_tsz":"2024-08-12T06:59:59Z","merch_mandatory_acknowledgement":"","merch_tax_statement":"","updated_at":{"seconds":1722658230,"nanoseconds":638201000}},{"end_timestamp_str":"2024-08-06T06:59:59+00:00","end_date":"2024-08-05","supportdoc":"","kickoff_timestamp":{"seconds":1722870000,"nanoseconds":0},"enable_merch":false,"code":"TDI2024","start_timestamp":{"seconds":1722841200,"nanoseconds":0},"timezone":"America/Los_Angeles","link":"","description":"","kickoff_timestamp_str":"2024-08-05T15:00:00+00:00","enable_merch_cart":false,"conference_id":151,"end_timestamp":{"seconds":1722927599,"nanoseconds":0},"start_timestamp_str":"2024-08-05T07:00:00+00:00","home_menu_id":136,"codeofconduct":"","name":"The Diana Initiative 2024","tagline_text":null,"id":151,"start_date":"2024-08-05","hidden":false,"kickoff_tsz":"2024-08-05T15:00:00Z","begin_tsz":"2024-08-05T07:00:00Z","feedbackform_ratelimit_seconds":60,"end_tsz":"2024-08-06T06:59:59Z","merch_mandatory_acknowledgement":"","maps":[{"filename":"TDI2024-Map2.pdf","file":"TDI2024-Map2.pdf","name":"2nd Floor","description":"2nd Floor","name_text":"2nd Floor","id":98,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/junctor-hackertracker.appspot.com/o/TDI2024%2FTDI2024-Map2.pdf?alt=media"}],"merch_tax_statement":"","updated_at":{"seconds":1722634043,"nanoseconds":312970000}},{"end_timestamp_str":"2024-07-15T03:59:59+00:00","end_date":"2024-07-14","supportdoc":"","kickoff_timestamp":{"seconds":1720792200,"nanoseconds":0},"enable_merch":false,"code":"HOPE2024","maps":[{"filename":"hope_xv_map.pdf","file":"hope_xv_map.pdf","name":"map","description":"map","name_text":"map","id":87,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/junctor-hackertracker.appspot.com/o/HOPE2024%2Fhope_xv_map.pdf?alt=media"}],"start_timestamp":{"seconds":1720756800,"nanoseconds":0},"timezone":"America/New_York","link":"","description":"","kickoff_timestamp_str":"2024-07-12T13:50:00+00:00","enable_merch_cart":false,"conference_id":145,"end_timestamp":{"seconds":1721015999,"nanoseconds":0},"start_timestamp_str":"2024-07-12T04:00:00+00:00","home_menu_id":130,"codeofconduct":"","name":"HOPE 2024","tagline_text":null,"id":145,"start_date":"2024-07-12","hidden":false,"feedbackform_ratelimit_seconds":60,"kickoff_tsz":"2024-07-12T13:50:00Z","begin_tsz":"2024-07-12T04:00:00Z","end_tsz":"2024-07-15T03:59:59Z","merch_mandatory_acknowledgement":"","merch_tax_statement":"","updated_at":{"seconds":1722382106,"nanoseconds":812140000}},{"end_timestamp_str":"2024-08-05T00:00:00+00:00","end_date":"2024-08-05","enable_merch":false,"code":"TEST","start_timestamp":{"seconds":1722211200,"nanoseconds":0},"timezone":"America/New_York","link":"","description":"","end_tsz":"2024-08-05T00:00:00Z","end_timestamp":{"seconds":1722816000,"nanoseconds":0},"home_menu_id":35,"codeofconduct":"","begin_tsz":"2024-07-29T00:00:00Z","tagline_text":null,"id":101,"start_date":"2024-07-29","merch_mandatory_acknowledgement":"","supportdoc":"","kickoff_timestamp":{"seconds":1722229200,"nanoseconds":0},"maps":[],"merch_tax_statement":"","kickoff_timestamp_str":"2024-07-29T05:00:00+00:00","enable_merch_cart":false,"conference_id":101,"kickoff_tsz":"2024-07-29T05:00:00Z","start_timestamp_str":"2024-07-29T00:00:00+00:00","feedbackform_ratelimit_seconds":60,"updated_at":{"seconds":1722375817,"nanoseconds":890311000},"hidden":false,"name":"Test Conference!"},{"end_timestamp_str":"2024-06-02T21:59:59+00:00","end_date":"2024-06-02","enable_merch":false,"code":"GPN22","hidden":true,"start_timestamp":{"seconds":1717020000,"nanoseconds":0},"timezone":"Europe/Berlin","link":"","description":"","end_tsz":"2024-06-02T21:59:59Z","end_timestamp":{"seconds":1717365599,"nanoseconds":0},"home_menu_id":138,"codeofconduct":"","begin_tsz":"2024-05-29T22:00:00Z","tagline_text":null,"id":153,"start_date":"2024-05-30","merch_mandatory_acknowledgement":"","supportdoc":"","kickoff_timestamp":{"seconds":1717020000,"nanoseconds":0},"maps":[],"merch_tax_statement":"","kickoff_timestamp_str":"2024-05-29T22:00:00+00:00","enable_merch_cart":false,"conference_id":153,"kickoff_tsz":"2024-05-29T22:00:00Z","start_timestamp_str":"2024-05-29T22:00:00+00:00","name":"GPN22","feedbackform_ratelimit_seconds":60,"updated_at":{"seconds":1721617160,"nanoseconds":639951000}},{"end_timestamp_str":"2024-11-16T02:59:59+00:00","end_date":"2024-11-15","supportdoc":"","kickoff_timestamp":{"seconds":1731499200,"nanoseconds":0},"enable_merch":false,"code":"EKOPARTY2024","maps":[],"start_timestamp":{"seconds":1731466800,"nanoseconds":0},"timezone":"America/Argentina/Buenos_Aires","link":"","description":"","kickoff_timestamp_str":"2024-11-13T12:00:00+00:00","enable_merch_cart":false,"conference_id":142,"end_timestamp":{"seconds":1731725999,"nanoseconds":0},"start_timestamp_str":"2024-11-13T03:00:00+00:00","home_menu_id":126,"codeofconduct":"","name":"Ekoparty 2024","tagline_text":null,"id":142,"start_date":"2024-11-13","hidden":false,"kickoff_tsz":"2024-11-13T12:00:00Z","begin_tsz":"2024-11-13T03:00:00Z","feedbackform_ratelimit_seconds":60,"end_tsz":"2024-11-16T02:59:59Z","updated_at":{"seconds":1721600770,"nanoseconds":452410000}},{"end_timestamp_str":"2024-07-21T05:59:59+00:00","end_date":"2024-07-20","supportdoc":"","kickoff_timestamp":{"seconds":1721401200,"nanoseconds":0},"enable_merch":false,"code":"BSIDESABQ2024","start_timestamp":{"seconds":1721368800,"nanoseconds":0},"timezone":"America/Denver","link":"","description":"","kickoff_timestamp_str":"2024-07-19T15:00:00+00:00","enable_merch_cart":false,"conference_id":152,"end_timestamp":{"seconds":1721541599,"nanoseconds":0},"start_timestamp_str":"2024-07-19T06:00:00+00:00","home_menu_id":137,"codeofconduct":"","name":"BSidesABQ 2024","feedbackform_ratelimit_seconds":60,"tagline_text":null,"id":152,"start_date":"2024-07-19","hidden":false,"maps":[{"filename":"BSidesABQ_Map.pdf","file":"BSidesABQ_Map.pdf","name":"Map","description":"Map","name_text":"Map","id":89,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/junctor-hackertracker.appspot.com/o/BSIDESABQ2024%2FBSidesABQ_Map.pdf?alt=media"}],"kickoff_tsz":"2024-07-19T15:00:00Z","begin_tsz":"2024-07-19T06:00:00Z","end_tsz":"2024-07-21T05:59:59Z","updated_at":{"seconds":1721600642,"nanoseconds":727774000}},{"end_timestamp_str":"2024-07-19T22:59:59+00:00","end_date":"2024-07-19","supportdoc":"","kickoff_timestamp":{"seconds":1721379600,"nanoseconds":0},"enable_merch":false,"code":"BSIDESBASINGSTOKE2024","maps":[],"start_timestamp":{"seconds":1721343600,"nanoseconds":0},"timezone":"Europe/London","link":"","description":"","kickoff_timestamp_str":"2024-07-19T09:00:00+00:00","enable_merch_cart":false,"conference_id":148,"end_timestamp":{"seconds":1721429999,"nanoseconds":0},"start_timestamp_str":"2024-07-18T23:00:00+00:00","home_menu_id":133,"codeofconduct":"","name":"BSides Basingstoke 2024","tagline_text":null,"id":148,"start_date":"2024-07-19","hidden":false,"kickoff_tsz":"2024-07-19T09:00:00Z","begin_tsz":"2024-07-18T23:00:00Z","feedbackform_ratelimit_seconds":60,"end_tsz":"2024-07-19T22:59:59Z","updated_at":{"seconds":1721600608,"nanoseconds":582711000}},{"end_timestamp_str":"2024-07-20T05:59:59+00:00","end_date":"2024-07-19","supportdoc":"","kickoff_timestamp":{"seconds":1721401200,"nanoseconds":0},"enable_merch":false,"code":"BSIDESCDMX2024","start_timestamp":{"seconds":1721368800,"nanoseconds":0},"timezone":"America/Mexico_City","link":"","description":"","kickoff_timestamp_str":"2024-07-19T15:00:00+00:00","enable_merch_cart":false,"conference_id":146,"end_timestamp":{"seconds":1721455199,"nanoseconds":0},"start_timestamp_str":"2024-07-19T06:00:00+00:00","home_menu_id":131,"codeofconduct":"","name":"BSides CDMX 2024","tagline_text":null,"id":146,"start_date":"2024-07-19","hidden":false,"feedbackform_ratelimit_seconds":60,"maps":[{"filename":"Auditorio.pdf","file":"Auditorio.pdf","name":"Auditorio","description":"Auditorio","name_text":"Auditorio","id":95,"sort_order":3,"url":"https://firebasestorage.googleapis.com/v0/b/junctor-hackertracker.appspot.com/o/BSIDESCDMX2024%2FAuditorio.pdf?alt=media"},{"filename":"Mapa_Piso_07.pdf","file":"Mapa_Piso_07.pdf","name":"Piso 07","description":"Piso 07","name_text":"Piso 07","id":96,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/junctor-hackertracker.appspot.com/o/BSIDESCDMX2024%2FMapa_Piso_07.pdf?alt=media"},{"filename":"Mapa_Piso_08.pdf","file":"Mapa_Piso_08.pdf","name":"Piso 08","description":"Piso 08","name_text":"Piso 08","id":97,"sort_order":2,"url":"https://firebasestorage.googleapis.com/v0/b/junctor-hackertracker.appspot.com/o/BSIDESCDMX2024%2FMapa_Piso_08.pdf?alt=media"}],"kickoff_tsz":"2024-07-19T15:00:00Z","begin_tsz":"2024-07-19T06:00:00Z","end_tsz":"2024-07-20T05:59:59Z","updated_at":{"seconds":1721600585,"nanoseconds":782842000}},{"end_timestamp_str":"2023-08-14T06:59:00+00:00","end_date":"2023-08-13","supportdoc":"","kickoff_timestamp":{"seconds":1691737200,"nanoseconds":0},"enable_merch":false,"code":"DCFURS2023","maps":[],"start_timestamp":{"seconds":1691650800,"nanoseconds":0},"timezone":"America/Los_Angeles","link":"","description":"","kickoff_timestamp_str":"2023-08-11T07:00:00+00:00","enable_merch_cart":false,"conference_id":112,"end_timestamp":{"seconds":1691996340,"nanoseconds":0},"start_timestamp_str":"2023-08-10T07:00:00+00:00","home_menu_id":95,"codeofconduct":"","name":"DC Furs 2023","tagline_text":null,"id":112,"start_date":"2023-08-10","updated_at":{"seconds":1720139147,"nanoseconds":703807000},"hidden":true}] \ No newline at end of file +[{"end_timestamp_str":"2024-08-12T06:59:59+00:00","end_date":"2024-08-11","supportdoc":"","code":"DEFCON32","start_timestamp":{"seconds":1723100400,"nanoseconds":0},"timezone":"America/Los_Angeles","link":"","description":"","conference_id":133,"end_timestamp":{"seconds":1723445999,"nanoseconds":0},"start_timestamp_str":"2024-08-08T07:00:00+00:00","home_menu_id":117,"codeofconduct":"","name":"DEF CON 32","id":133,"start_date":"2024-08-08","hidden":false,"kickoff_timestamp":{"seconds":1723222800,"nanoseconds":0},"kickoff_timestamp_str":"2024-08-09T17:00:00+00:00","feedbackform_ratelimit_seconds":60,"kickoff_tsz":"2024-08-09T17:00:00Z","begin_tsz":"2024-08-08T07:00:00Z","end_tsz":"2024-08-12T06:59:59Z","tagline_text":"Welcome to DEF CON - the largest hacker conference in the world.","merch_mandatory_acknowledgement":"All sales are **CASH ONLY**. Prices include Nevada State Sales Tax.","merch_tax_statement":"Prices include Nevada State Sales Tax.","enable_merch_cart":true,"enable_merch":true,"maps":[{"file":"dc-32-map-public-v3.pdf","filename":"dc-32-map-public-v3.pdf","name":"LVCC","description":"LVCC","name_text":"LVCC","id":100,"sort_order":3,"url":"https://info.defcon.org/blobs/dc-32-map-public-v3.pdf"},{"file":"vegas_loop_map.pdf","filename":"vegas_loop_map.pdf","name":"Loop Map","description":"Loop Map","name_text":"Loop Map","id":103,"sort_order":4,"url":"https://firebasestorage.googleapis.com/v0/b/junctor-hackertracker.appspot.com/o/DEFCON32%2Fvegas_loop_map.pdf?alt=media"}],"updated_at":{"seconds":1723419585,"nanoseconds":219050000}},{"end_timestamp_str":"2024-08-08T06:59:59+00:00","end_date":"2024-08-07","supportdoc":"","kickoff_timestamp":{"seconds":1722960000,"nanoseconds":0},"enable_merch":false,"code":"BSIDESLV2024","start_timestamp":{"seconds":1722927600,"nanoseconds":0},"timezone":"America/Los_Angeles","link":"","description":"","kickoff_timestamp_str":"2024-08-06T16:00:00+00:00","enable_merch_cart":false,"conference_id":150,"end_timestamp":{"seconds":1723100399,"nanoseconds":0},"start_timestamp_str":"2024-08-06T07:00:00+00:00","home_menu_id":135,"codeofconduct":"","name":"BSidesLV 2024","feedbackform_ratelimit_seconds":60,"tagline_text":null,"id":150,"start_date":"2024-08-06","hidden":false,"kickoff_tsz":"2024-08-06T16:00:00Z","begin_tsz":"2024-08-06T07:00:00Z","end_tsz":"2024-08-08T06:59:59Z","merch_mandatory_acknowledgement":"","merch_tax_statement":"","maps":[{"filename":"bsideslv.map.tuscany.2024.pdf","file":"bsideslv.map.tuscany.2024.pdf","name":"Tuscany","description":"Tuscany","name_text":"Tuscany","id":101,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/junctor-hackertracker.appspot.com/o/BSIDESLV2024%2Fbsideslv.map.tuscany.2024.pdf?alt=media"},{"filename":"bsideslv.map.platinum.2024.pdf","file":"bsideslv.map.platinum.2024.pdf","name":"Platinum","description":"Platinum","name_text":"Platinum","id":102,"sort_order":2,"url":"https://firebasestorage.googleapis.com/v0/b/junctor-hackertracker.appspot.com/o/BSIDESLV2024%2Fbsideslv.map.platinum.2024.pdf?alt=media"}],"updated_at":{"seconds":1722974807,"nanoseconds":274977000}},{"end_timestamp_str":"2024-08-12T06:59:59+00:00","end_date":"2024-08-11","supportdoc":"","kickoff_timestamp":{"seconds":1722841200,"nanoseconds":0},"enable_merch":false,"code":"HSCPARTIES2024","maps":[],"start_timestamp":{"seconds":1722841200,"nanoseconds":0},"timezone":"America/Los_Angeles","link":"","description":"","kickoff_timestamp_str":"2024-08-05T07:00:00+00:00","enable_merch_cart":false,"conference_id":149,"end_timestamp":{"seconds":1723445999,"nanoseconds":0},"start_timestamp_str":"2024-08-05T07:00:00+00:00","home_menu_id":134,"codeofconduct":"","name":"Hacker Summer Camp Parties","tagline_text":null,"id":149,"start_date":"2024-08-05","hidden":false,"kickoff_tsz":"2024-08-05T07:00:00Z","begin_tsz":"2024-08-05T07:00:00Z","feedbackform_ratelimit_seconds":60,"end_tsz":"2024-08-12T06:59:59Z","merch_mandatory_acknowledgement":"","merch_tax_statement":"","updated_at":{"seconds":1722658230,"nanoseconds":638201000}},{"end_timestamp_str":"2024-08-06T06:59:59+00:00","end_date":"2024-08-05","supportdoc":"","kickoff_timestamp":{"seconds":1722870000,"nanoseconds":0},"enable_merch":false,"code":"TDI2024","start_timestamp":{"seconds":1722841200,"nanoseconds":0},"timezone":"America/Los_Angeles","link":"","description":"","kickoff_timestamp_str":"2024-08-05T15:00:00+00:00","enable_merch_cart":false,"conference_id":151,"end_timestamp":{"seconds":1722927599,"nanoseconds":0},"start_timestamp_str":"2024-08-05T07:00:00+00:00","home_menu_id":136,"codeofconduct":"","name":"The Diana Initiative 2024","tagline_text":null,"id":151,"start_date":"2024-08-05","hidden":false,"kickoff_tsz":"2024-08-05T15:00:00Z","begin_tsz":"2024-08-05T07:00:00Z","feedbackform_ratelimit_seconds":60,"end_tsz":"2024-08-06T06:59:59Z","merch_mandatory_acknowledgement":"","maps":[{"filename":"TDI2024-Map2.pdf","file":"TDI2024-Map2.pdf","name":"2nd Floor","description":"2nd Floor","name_text":"2nd Floor","id":98,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/junctor-hackertracker.appspot.com/o/TDI2024%2FTDI2024-Map2.pdf?alt=media"}],"merch_tax_statement":"","updated_at":{"seconds":1722634043,"nanoseconds":312970000}},{"end_timestamp_str":"2024-07-15T03:59:59+00:00","end_date":"2024-07-14","supportdoc":"","kickoff_timestamp":{"seconds":1720792200,"nanoseconds":0},"enable_merch":false,"code":"HOPE2024","maps":[{"filename":"hope_xv_map.pdf","file":"hope_xv_map.pdf","name":"map","description":"map","name_text":"map","id":87,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/junctor-hackertracker.appspot.com/o/HOPE2024%2Fhope_xv_map.pdf?alt=media"}],"start_timestamp":{"seconds":1720756800,"nanoseconds":0},"timezone":"America/New_York","link":"","description":"","kickoff_timestamp_str":"2024-07-12T13:50:00+00:00","enable_merch_cart":false,"conference_id":145,"end_timestamp":{"seconds":1721015999,"nanoseconds":0},"start_timestamp_str":"2024-07-12T04:00:00+00:00","home_menu_id":130,"codeofconduct":"","name":"HOPE 2024","tagline_text":null,"id":145,"start_date":"2024-07-12","hidden":false,"feedbackform_ratelimit_seconds":60,"kickoff_tsz":"2024-07-12T13:50:00Z","begin_tsz":"2024-07-12T04:00:00Z","end_tsz":"2024-07-15T03:59:59Z","merch_mandatory_acknowledgement":"","merch_tax_statement":"","updated_at":{"seconds":1722382106,"nanoseconds":812140000}},{"end_timestamp_str":"2024-08-05T00:00:00+00:00","end_date":"2024-08-05","enable_merch":false,"code":"TEST","start_timestamp":{"seconds":1722211200,"nanoseconds":0},"timezone":"America/New_York","link":"","description":"","end_tsz":"2024-08-05T00:00:00Z","end_timestamp":{"seconds":1722816000,"nanoseconds":0},"home_menu_id":35,"codeofconduct":"","begin_tsz":"2024-07-29T00:00:00Z","tagline_text":null,"id":101,"start_date":"2024-07-29","merch_mandatory_acknowledgement":"","supportdoc":"","kickoff_timestamp":{"seconds":1722229200,"nanoseconds":0},"maps":[],"merch_tax_statement":"","kickoff_timestamp_str":"2024-07-29T05:00:00+00:00","enable_merch_cart":false,"conference_id":101,"kickoff_tsz":"2024-07-29T05:00:00Z","start_timestamp_str":"2024-07-29T00:00:00+00:00","feedbackform_ratelimit_seconds":60,"updated_at":{"seconds":1722375817,"nanoseconds":890311000},"hidden":false,"name":"Test Conference!"},{"end_timestamp_str":"2024-06-02T21:59:59+00:00","end_date":"2024-06-02","enable_merch":false,"code":"GPN22","hidden":true,"start_timestamp":{"seconds":1717020000,"nanoseconds":0},"timezone":"Europe/Berlin","link":"","description":"","end_tsz":"2024-06-02T21:59:59Z","end_timestamp":{"seconds":1717365599,"nanoseconds":0},"home_menu_id":138,"codeofconduct":"","begin_tsz":"2024-05-29T22:00:00Z","tagline_text":null,"id":153,"start_date":"2024-05-30","merch_mandatory_acknowledgement":"","supportdoc":"","kickoff_timestamp":{"seconds":1717020000,"nanoseconds":0},"maps":[],"merch_tax_statement":"","kickoff_timestamp_str":"2024-05-29T22:00:00+00:00","enable_merch_cart":false,"conference_id":153,"kickoff_tsz":"2024-05-29T22:00:00Z","start_timestamp_str":"2024-05-29T22:00:00+00:00","name":"GPN22","feedbackform_ratelimit_seconds":60,"updated_at":{"seconds":1721617160,"nanoseconds":639951000}},{"end_timestamp_str":"2024-11-16T02:59:59+00:00","end_date":"2024-11-15","supportdoc":"","kickoff_timestamp":{"seconds":1731499200,"nanoseconds":0},"enable_merch":false,"code":"EKOPARTY2024","maps":[],"start_timestamp":{"seconds":1731466800,"nanoseconds":0},"timezone":"America/Argentina/Buenos_Aires","link":"","description":"","kickoff_timestamp_str":"2024-11-13T12:00:00+00:00","enable_merch_cart":false,"conference_id":142,"end_timestamp":{"seconds":1731725999,"nanoseconds":0},"start_timestamp_str":"2024-11-13T03:00:00+00:00","home_menu_id":126,"codeofconduct":"","name":"Ekoparty 2024","tagline_text":null,"id":142,"start_date":"2024-11-13","hidden":false,"kickoff_tsz":"2024-11-13T12:00:00Z","begin_tsz":"2024-11-13T03:00:00Z","feedbackform_ratelimit_seconds":60,"end_tsz":"2024-11-16T02:59:59Z","updated_at":{"seconds":1721600770,"nanoseconds":452410000}},{"end_timestamp_str":"2024-07-21T05:59:59+00:00","end_date":"2024-07-20","supportdoc":"","kickoff_timestamp":{"seconds":1721401200,"nanoseconds":0},"enable_merch":false,"code":"BSIDESABQ2024","start_timestamp":{"seconds":1721368800,"nanoseconds":0},"timezone":"America/Denver","link":"","description":"","kickoff_timestamp_str":"2024-07-19T15:00:00+00:00","enable_merch_cart":false,"conference_id":152,"end_timestamp":{"seconds":1721541599,"nanoseconds":0},"start_timestamp_str":"2024-07-19T06:00:00+00:00","home_menu_id":137,"codeofconduct":"","name":"BSidesABQ 2024","feedbackform_ratelimit_seconds":60,"tagline_text":null,"id":152,"start_date":"2024-07-19","hidden":false,"maps":[{"filename":"BSidesABQ_Map.pdf","file":"BSidesABQ_Map.pdf","name":"Map","description":"Map","name_text":"Map","id":89,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/junctor-hackertracker.appspot.com/o/BSIDESABQ2024%2FBSidesABQ_Map.pdf?alt=media"}],"kickoff_tsz":"2024-07-19T15:00:00Z","begin_tsz":"2024-07-19T06:00:00Z","end_tsz":"2024-07-21T05:59:59Z","updated_at":{"seconds":1721600642,"nanoseconds":727774000}},{"end_timestamp_str":"2024-07-19T22:59:59+00:00","end_date":"2024-07-19","supportdoc":"","kickoff_timestamp":{"seconds":1721379600,"nanoseconds":0},"enable_merch":false,"code":"BSIDESBASINGSTOKE2024","maps":[],"start_timestamp":{"seconds":1721343600,"nanoseconds":0},"timezone":"Europe/London","link":"","description":"","kickoff_timestamp_str":"2024-07-19T09:00:00+00:00","enable_merch_cart":false,"conference_id":148,"end_timestamp":{"seconds":1721429999,"nanoseconds":0},"start_timestamp_str":"2024-07-18T23:00:00+00:00","home_menu_id":133,"codeofconduct":"","name":"BSides Basingstoke 2024","tagline_text":null,"id":148,"start_date":"2024-07-19","hidden":false,"kickoff_tsz":"2024-07-19T09:00:00Z","begin_tsz":"2024-07-18T23:00:00Z","feedbackform_ratelimit_seconds":60,"end_tsz":"2024-07-19T22:59:59Z","updated_at":{"seconds":1721600608,"nanoseconds":582711000}},{"end_timestamp_str":"2024-07-20T05:59:59+00:00","end_date":"2024-07-19","supportdoc":"","kickoff_timestamp":{"seconds":1721401200,"nanoseconds":0},"enable_merch":false,"code":"BSIDESCDMX2024","start_timestamp":{"seconds":1721368800,"nanoseconds":0},"timezone":"America/Mexico_City","link":"","description":"","kickoff_timestamp_str":"2024-07-19T15:00:00+00:00","enable_merch_cart":false,"conference_id":146,"end_timestamp":{"seconds":1721455199,"nanoseconds":0},"start_timestamp_str":"2024-07-19T06:00:00+00:00","home_menu_id":131,"codeofconduct":"","name":"BSides CDMX 2024","tagline_text":null,"id":146,"start_date":"2024-07-19","hidden":false,"feedbackform_ratelimit_seconds":60,"maps":[{"filename":"Auditorio.pdf","file":"Auditorio.pdf","name":"Auditorio","description":"Auditorio","name_text":"Auditorio","id":95,"sort_order":3,"url":"https://firebasestorage.googleapis.com/v0/b/junctor-hackertracker.appspot.com/o/BSIDESCDMX2024%2FAuditorio.pdf?alt=media"},{"filename":"Mapa_Piso_07.pdf","file":"Mapa_Piso_07.pdf","name":"Piso 07","description":"Piso 07","name_text":"Piso 07","id":96,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/junctor-hackertracker.appspot.com/o/BSIDESCDMX2024%2FMapa_Piso_07.pdf?alt=media"},{"filename":"Mapa_Piso_08.pdf","file":"Mapa_Piso_08.pdf","name":"Piso 08","description":"Piso 08","name_text":"Piso 08","id":97,"sort_order":2,"url":"https://firebasestorage.googleapis.com/v0/b/junctor-hackertracker.appspot.com/o/BSIDESCDMX2024%2FMapa_Piso_08.pdf?alt=media"}],"kickoff_tsz":"2024-07-19T15:00:00Z","begin_tsz":"2024-07-19T06:00:00Z","end_tsz":"2024-07-20T05:59:59Z","updated_at":{"seconds":1721600585,"nanoseconds":782842000}},{"end_timestamp_str":"2023-08-14T06:59:00+00:00","end_date":"2023-08-13","supportdoc":"","kickoff_timestamp":{"seconds":1691737200,"nanoseconds":0},"enable_merch":false,"code":"DCFURS2023","maps":[],"start_timestamp":{"seconds":1691650800,"nanoseconds":0},"timezone":"America/Los_Angeles","link":"","description":"","kickoff_timestamp_str":"2023-08-11T07:00:00+00:00","enable_merch_cart":false,"conference_id":112,"end_timestamp":{"seconds":1691996340,"nanoseconds":0},"start_timestamp_str":"2023-08-10T07:00:00+00:00","home_menu_id":95,"codeofconduct":"","name":"DC Furs 2023","tagline_text":null,"id":112,"start_date":"2023-08-10","updated_at":{"seconds":1720139147,"nanoseconds":703807000},"hidden":true}] \ No newline at end of file